© 2013 IBM Corporation
KVM简介
张军利
2014年5月16日
© 2013 IBM Corporation
KVM(Kernel-based Virtual Machine)
2 IBM Confidential
apps
Linuxkvm
qemu qemu
Linux
apps apps
VM
Lin...
© 2013 IBM Corporation
QEMU(Quick EMUlator)
3 IBM Confidential
© 2013 IBM Corporation
libvirt
4 IBM Confidential
http://www.libvirt.org/
© 2013 IBM Corporation
KVM支持特征概览
5 IBM Confidential
© 2013 IBM Corporation
采用cgroup控制实例资源配比
6 IBM Confidential
© 2013 IBM Corporation
KVM支持的网卡模式
7 IBM Confidential
Direct Device Assignment SR-IOVEmulated Devices(Virtio) Vhost-net Dev...
© 2013 IBM Corporation
KVM下的各种网卡模式性能表现
8 IBM Confidential
Emulated Devices(Virtio)
Vhost-net Devices
SR-IOV
Direct Device ...
© 2013 IBM Corporation
KVM中的存储池
9 IBM Confidential
Ref: http://wiki.libvirt.org/page/NPIV_in_libvirt
© 2013 IBM Corporation
Virtual Reliability, Availability, Serviceability
10 IBM Confidential
Virtual CPU/Mem
Hot-Plug
Live...
© 2013 IBM Corporation
KVM中的安全和隔离
11 IBM Confidential
Attacks on guests are isolated from the host kernel, any associated ...
© 2013 IBM Corporation
基于libvirt库的KVM管理工具Virt-manager
12 IBM Confidential
© 2013 IBM Corporation
Power8服务器上的KVM管理架构概览
13 IBM Confidential
© 2013 IBM Corporation
Sapphire技术细节
14 IBM Confidential
© 2013 IBM Corporation
切换Power8服务器至KVM模式
15 IBM Confidential
 机器上电;
 待服务器面板显示“01 N V=N”时,
连线服务器的HMC端口;
 通过浏览器登录ASM界面,其中...
© 2013 IBM Corporation
切换Power8服务器至KVM模式(续)
16 IBM Confidential
 成功登录之后,修改admin的密码。
本例admin密码依旧保持admin不变。
© 2013 IBM Corporation
切换Power8服务器至KVM模式(续)
17 IBM Confidential
 切换至开关机界面,确保机器处于关
机状态,以便后续修改固件中的
PowerVM和PowerKVM选项。
© 2013 IBM Corporation
切换Power8服务器至KVM模式(续)
18 IBM Confidential
 切换至系统信息中的虚拟化层配置,
在虚拟化模式中有PowerVM和KVM
两种选项,切换至KVM选项以便后续
安...
© 2013 IBM Corporation
切换Power8服务器至KVM模式(续)
19 IBM Confidential
 切换至开关机界面,选择保存和开机。
© 2013 IBM Corporation
切换Power8服务器至KVM模式(续)
20 IBM Confidential
 切换至系统信息中的实时进度查询,弹出界面显示系统进度码,该码与前面板显示一致。待面板显示为CB010008时,可...
© 2013 IBM Corporation
Sapphire中的Petiboot引导器
21 IBM Confidential
● Essentially the user interface for the OPAL firmware
● ...
© 2013 IBM Corporation
采用光驱模式安装PowerKVM
22 IBM Confidential
1 2
3 4
Kernel A
Sapphire
Kernel B
Linux Host
kexec
© 2013 IBM Corporation
采用光驱模式安装PowerKVM(续)
23 IBM Confidential
5 6
7 8
© 2013 IBM Corporation
采用光驱模式安装PowerKVM(续)
24 IBM Confidential
9 10
11
12
© 2013 IBM Corporation
采用IPMI工具远程管理Power8服务器
25 IBM Confidential
Command options Description
ipmitool -I lanplus -H FSP_IP...
© 2013 IBM Corporation
大端和小端简介
26 IBM Confidential
Definition: Endianness
 Endianness refers to how a data element and it...
© 2013 IBM Corporation
采用virt-install命令安装虚拟机示例
27 IBM Confidential
 通过网络安装RHEL7.0 (大端)
[root@powerkvm ~]# virt-install 
-...
© 2013 IBM Corporation
采用virt-install命令安装虚拟机示例(续)
28 IBM Confidential
 通过本地ISO镜像安装Ubuntu14.04(小端)
[root@powerkvm ~]# virt...
© 2013 IBM Corporation
采用virsh管理虚拟机
29 IBM Confidential
Command option Description
virsh list --all List guests
virsh star...
© 2013 IBM Corporation
采用virt-clone克隆虚拟机
30 IBM Confidential
挂起虚拟机
• virsh suspend guest_name
克隆虚拟机
• virt-clone --origina...
© 2013 IBM Corporation
在线迁移KVM虚拟机:共享存储类型
31 IBM Confidential
Requirements
● Storage must be remote and accessible on both ...
© 2013 IBM Corporation
在线迁移KVM虚拟机:独立存储类型
32 IBM Confidential
Requirements
● Storage sparse file must be existed on the des...
© 2013 IBM Corporation33 IBM Confidential
Upcoming SlideShare
Loading in...5
×

Kvm简介

586

Published on

KVM on Power overview

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
586
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
45
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Kvm简介

  1. 1. © 2013 IBM Corporation KVM简介 张军利 2014年5月16日
  2. 2. © 2013 IBM Corporation KVM(Kernel-based Virtual Machine) 2 IBM Confidential apps Linuxkvm qemu qemu Linux apps apps VM Linux apps apps VM libvirt apps apps openstack, ovirt
  3. 3. © 2013 IBM Corporation QEMU(Quick EMUlator) 3 IBM Confidential
  4. 4. © 2013 IBM Corporation libvirt 4 IBM Confidential http://www.libvirt.org/
  5. 5. © 2013 IBM Corporation KVM支持特征概览 5 IBM Confidential
  6. 6. © 2013 IBM Corporation 采用cgroup控制实例资源配比 6 IBM Confidential
  7. 7. © 2013 IBM Corporation KVM支持的网卡模式 7 IBM Confidential Direct Device Assignment SR-IOVEmulated Devices(Virtio) Vhost-net Devices
  8. 8. © 2013 IBM Corporation KVM下的各种网卡模式性能表现 8 IBM Confidential Emulated Devices(Virtio) Vhost-net Devices SR-IOV Direct Device Assignment
  9. 9. © 2013 IBM Corporation KVM中的存储池 9 IBM Confidential Ref: http://wiki.libvirt.org/page/NPIV_in_libvirt
  10. 10. © 2013 IBM Corporation Virtual Reliability, Availability, Serviceability 10 IBM Confidential Virtual CPU/Mem Hot-Plug Live Snapshots Live Snapshots Merge and Delete Live Storage Migration vRAS R A S
  11. 11. © 2013 IBM Corporation KVM中的安全和隔离 11 IBM Confidential Attacks on guests are isolated from the host kernel, any associated storage, as well as other virtual machines
  12. 12. © 2013 IBM Corporation 基于libvirt库的KVM管理工具Virt-manager 12 IBM Confidential
  13. 13. © 2013 IBM Corporation Power8服务器上的KVM管理架构概览 13 IBM Confidential
  14. 14. © 2013 IBM Corporation Sapphire技术细节 14 IBM Confidential
  15. 15. © 2013 IBM Corporation 切换Power8服务器至KVM模式 15 IBM Confidential  机器上电;  待服务器面板显示“01 N V=N”时, 连线服务器的HMC端口;  通过浏览器登录ASM界面,其中默认 情况下,端口1地址为169.254.2.147; 端口2地址为169.254.2.147。用户名 和密码均为admin。
  16. 16. © 2013 IBM Corporation 切换Power8服务器至KVM模式(续) 16 IBM Confidential  成功登录之后,修改admin的密码。 本例admin密码依旧保持admin不变。
  17. 17. © 2013 IBM Corporation 切换Power8服务器至KVM模式(续) 17 IBM Confidential  切换至开关机界面,确保机器处于关 机状态,以便后续修改固件中的 PowerVM和PowerKVM选项。
  18. 18. © 2013 IBM Corporation 切换Power8服务器至KVM模式(续) 18 IBM Confidential  切换至系统信息中的虚拟化层配置, 在虚拟化模式中有PowerVM和KVM 两种选项,切换至KVM选项以便后续 安装PowerKVM介质。  配置admin用户的IPMI密码,本例密 码为admin。
  19. 19. © 2013 IBM Corporation 切换Power8服务器至KVM模式(续) 19 IBM Confidential  切换至开关机界面,选择保存和开机。
  20. 20. © 2013 IBM Corporation 切换Power8服务器至KVM模式(续) 20 IBM Confidential  切换至系统信息中的实时进度查询,弹出界面显示系统进度码,该码与前面板显示一致。待面板显示为CB010008时,可以通过显示器或 ipmitool连线服务器终端显示,终端中将显示出Petiboot界面。
  21. 21. © 2013 IBM Corporation Sapphire中的Petiboot引导器 21 IBM Confidential ● Essentially the user interface for the OPAL firmware ● Looks like a menu based boot loader ● Has advanced function ● Menu items generated at boot time ● Automatically searches for bootable entities on local drives and network ● Menu items editable at boot time; new entries can be added ● System can drop to a Linux command prompt ● busybox ● System settings can be edited/updated, including network ● System information can be listed ● Local storage devices ● Network settings and MAC IDs ● Default 10 second timeout before default item is loaded
  22. 22. © 2013 IBM Corporation 采用光驱模式安装PowerKVM 22 IBM Confidential 1 2 3 4 Kernel A Sapphire Kernel B Linux Host kexec
  23. 23. © 2013 IBM Corporation 采用光驱模式安装PowerKVM(续) 23 IBM Confidential 5 6 7 8
  24. 24. © 2013 IBM Corporation 采用光驱模式安装PowerKVM(续) 24 IBM Confidential 9 10 11 12
  25. 25. © 2013 IBM Corporation 采用IPMI工具远程管理Power8服务器 25 IBM Confidential Command options Description ipmitool -I lanplus -H FSP_IP -P mypass chassis power on Power on server ipmitool -I lanplus -H FSP_IP -P mypass chassis power off Power off server ipmitool -I lanplus -H FSP_IP -P mypass chassis status Check server status ipmitool -I lanplus -H FSP_IP -P mypass chassis power soft Gracefully shut down the server ipmitool -I lanplus -H FSP_IP -P mypass chassis power reset Immediately shuts down the server ipmitool -I lanplus -H FSP_IP -P mypass sol activate Activate SOL system console ipmitool -I lanplus -H FSP_IP -P mypass sol deactivate Deactivate SOL system console ipmitool -I lanplus -H FSP_IP -P mypass sel list Get error log ipmitool -I lanplus -H FSP_IP -P mypass sdr list List status of all sensor IPMI命令中的密码为在ASM中设置的IPMI密码,通过IPMI可以远程对主机上下点、软重启、统计资产信息和连线控制台等操作。
  26. 26. © 2013 IBM Corporation 大端和小端简介 26 IBM Confidential Definition: Endianness  Endianness refers to how a data element and its individual bytes are stored and addressed in memory.  When a word is placed in memory, starting from the lowest address, there are only two options: – Little endian: Place the least significant byte first – Big endian: Place the most significant byte first Examples for big endian systems:  IBM Power systems  most RISC-based computers – SUN Sparc systems – HP PA-RISC systems (HP-UX) – HP Itanium systems (HP-UX) – etc.  Internet protocol (IP) Examples for little endian systems:  Intel x86 and x86-64 systems  Intel Itanium with Linux  Compaq Alpha processors  some networking hardware Sources of endianness problems:  Nonuniform data referencing – It is often featured by data type mismatches resulting from either data element casting, use of a union data structure, or the use and manipulation of bit fields.  Sharing data across platforms – For example, a big-endian system retrieves database data stored by a little-endian system.  Exchanging of data between devices of different endianness and devices on a network – For example, AIX on Power systems uses the big-endian model, but the PCI bus uses the little-endian model. – TCP/IP protocols requires data to be sent in network byte order, which is the big-endian model.
  27. 27. © 2013 IBM Corporation 采用virt-install命令安装虚拟机示例 27 IBM Confidential  通过网络安装RHEL7.0 (大端) [root@powerkvm ~]# virt-install --name rhel7BE01--os-type=linux --os-variant=rhel7 --virt-type=kvm --memballoon=virtio --vcpus 4 --ram 8196 --network bridge=brenp160s0f0,model=virtio --graphics none --location ftp://172.16.15.29/os/rhel/7.0/os --extra-args "console=ttyS0 ip=172.16.51.246::172.16.51.1:255.255.255.0:rhel7BE:eth0:none inst.text" --disk /var/lib/libvirt/images/rhel7BE01.img,bus=virtio,size=60,cache=none,format=qcow2  参数简介: --name:虚拟机名称; --os-type:系统类型,支持持Linux,Windows,BSD和Soloris等, PowerKVM只支持Linux选项; --os-variant:系统具体版本; --virt-type:虚拟化层,支持KVM全虚拟化、Xen半虚拟化和LXC容器,PowerKVM只支持KVM模式; --memballoon:开启虚拟机内存随宿主机负载自动调节内存; --vcpus:虚拟处理器个数; --ram:虚拟内存容量(MB); --network:网卡配置及网卡配置参数; --graphics:显示配置,是否采用VNC,spice还是禁用; --location:安装介质存放位置,支持FTP、NFS和HTTP协议; --extra-args:仅当与--location配合使用,传递给内核的参数; --disk:虚拟机硬盘存放路径及硬盘配置参数,其中--size指定磁盘容量(GB)。
  28. 28. © 2013 IBM Corporation 采用virt-install命令安装虚拟机示例(续) 28 IBM Confidential  通过本地ISO镜像安装Ubuntu14.04(小端) [root@powerkvm ~]# virt-install --name u1404LE --vcpus 4 --ram 8196 --virt-type=kvm --memballoon=virtio --disk /var/lib/libvirt/images/u1404LE.img,bus=virtio,size=60,cache=none,format=qcow2 --network bridge=brenp160s0f0,model=e1000 --graphics vnc,listen=0.0.0.0 --video vga --cdrom /var/lib/libvirt/images/iso/trusty-server-ppc64el.iso [root@powerkvm ~]# virsh vncdisplay u1404LE #查询监听端口  参数简介: --name:虚拟机名称; --vcpus:虚拟处理器个数; --ram:虚拟内存容量(MB); --virt-type:虚拟化层,支持KVM全虚拟化、Xen半虚拟化和LXC容器,PowerKVM只支持KVM模式; --memballoon:开启虚拟机内存随宿主机负载自动调节内存; --disk:虚拟机硬盘存放路径及硬盘配置参数,其中--size指定磁盘容量(GB); --network:网卡配置及网卡配置参数; --graphics:采用VNC显示,且在宿主机所有网络接口上启动监听(默认仅监听127.0.0.1); --video:显卡类型,PowerKVM仅支持vga模式; --cdrom:安装介质存放位置,支持FTP、NFS和HTTP协议。
  29. 29. © 2013 IBM Corporation 采用virsh管理虚拟机 29 IBM Confidential Command option Description virsh list --all List guests virsh start guest_name Start virsh shutdown guest_name Graceful shutdown virsh destroy guest_name Force shutdown virsh reboot guest_name Reboot virsh suspend guest_name Pauses the gues virsh resume guest_name Resumes a guest that was paused virsh save guest_name fileName Save the state of the guest to a file virsh restore fileName Restores a guest from a saved file Command option Description virsh autostart guest_name Turn on autostart virsh autostart --disable guest_name Turn off autostart virsh console guest_name Log into the guest's console virsh dominfo guest_name Displays information about a guest virsh dumpxml guest_name Dump guest's configuration in XML format virsh undefine guest_name Deletes the guest, but not the image file virsh define xmlfile.xml Creates a guest from an XML configuration file virsh undefine guest_name --remove-all- storage Deletes the guest and all the associated storage virsh nodeinfo Displays information about the host 关于virsh针对虚拟机的管理可以参见man手册
  30. 30. © 2013 IBM Corporation 采用virt-clone克隆虚拟机 30 IBM Confidential 挂起虚拟机 • virsh suspend guest_name 克隆虚拟机 • virt-clone --original=guest_name --name=new_guest_name --file=/var/lib/libvirt/images/new_guest_name.img 继续虚拟机 • virsh resume guest_name
  31. 31. © 2013 IBM Corporation 在线迁移KVM虚拟机:共享存储类型 31 IBM Confidential Requirements ● Storage must be remote and accessible on both hosts (NFS, iSCSI, FCoE) ● Virtio busses must be used for storage volumes ● Firewalls on hosts must allow remote connections ● Within same subnet so target guest network can stay up ● No guests with same name on target host ● No virtFS use ● URL of target host must be resolvable (or in /etc/hosts) from the source host # virsh migrate --live -–persistent –-undefinesource GUEST DestinationURL Parameters: --live: Does a live migration (--suspend for offline) --persistent: assign the target host as this guest new “home”. --transient is default, which means the migrated guest will disappear on target host reboot. --undefinesource: delete the guest from the source Host GUEST: Name of the guest to migrate DestinationURL: Location of the destination host Ex: qemu+ssh://host2.example.com/system
  32. 32. © 2013 IBM Corporation 在线迁移KVM虚拟机:独立存储类型 32 IBM Confidential Requirements ● Storage sparse file must be existed on the destination host ● Virtio busses must be used for storage volumes ● Firewalls on hosts must allow remote connections ● Within same subnet so target guest network can stay up ● No guests with same name on target host ● No virtFS use ● URL of target host must be resolvable (or in /etc/hosts) from the source host # virsh migrate --live --persistent --undefinesource --copy-storage-all --verbose --desturi DestinationUR GUEST Parameters: --live: Does a live migration (--suspend for offline) --persistent: assign the target host as this guest new “home”. --transient is default, which means the migrated guest will disappear on target host reboot. --undefinesource: delete the guest from the source Host GUEST: Name of the guest to migrate DestinationURL: Location of the destination host Ex: qemu+ssh://host2.example.com/system
  33. 33. © 2013 IBM Corporation33 IBM Confidential
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×