Fedora 18 Virtualization Getting Started Guide - Docs

Fedora 18

Virtualization GettingStarted GuideVirtualization Documentation

Edition 1.0

Fedora Documentation Pro ject

Legal NoticeCopyright © 2012 Red Hat, Inc. and o thers..

The text o f and illustrations in this document are licensed by Red Hatunder a Creative Commons Attribution–Share Alike 3.0 Unportedlicense ("CC-BY-SA"). An explanation o f CC-BY-SA is available athttp://creativecommons.org/licenses/by-sa/3.0/. The original authors o fthis document, and Red Hat, designate the Fedora Pro ject as the"Attribution Party" fo r purposes o f CC-BY-SA. In accordance with CC-BY-SA, if you distribute this document or an adaptation o f it, you mustprovide the URL for the original version.

Red Hat, as the licensor o f this document, waives the right to enforce,and agrees not to assert, Section 4d o f CC-BY-SA to the fullest extentpermitted by applicable law.

Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss,MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks o f RedHat, Inc., registered in the United States and o ther countries.

For guidelines on the permitted uses o f the Fedora trademarks, refer tohttps://fedorapro ject.org/wiki/Legal:Trademark_guidelines.

Linux® is the registered trademark o f Linus Torvalds in the UnitedStates and o ther countries.

Java® is a registered trademark o f Oracle and/or its affiliates.

Fedora 18 Virtualization Getting Started Guide 1

http://www.fedoraproject.org

http://docs.fedoraproject.org

http://creativecommons.org/licenses/by-sa/3.0/

https://fedoraproject.org/wiki/Legal:Trademark_guidelines

XFS® is a trademark o f Silicon Graphics International Corp. or itssubsidiaries in the United States and/or o ther countries.

MySQL® is a registered trademark o f MySQL AB in the United States,the European Union and o ther countries.

All o ther trademarks are the property o f their respective owners.

AbstractThe Fedora Virtualization Getting Started Guide describes the basics o fvirtualization and the virtualization products and techno logies that areavailable with Fedora.

Preface

1. Document Conventions

1.1. Typographic Conventions1.2. Pull-quote Conventions1.3. Notes and Warnings

2. We Need Feedback!

1. Introduction

1.1. Who should read this guide?1.2. Virtualization resources

2. What is virtualization and migration?

2.1. What is virtualization?2.2. Migration

2.2.1. Benefits o f migrating virtual machines

3. Advantages and misconceptions o f virtualization

3.1. Virtualization costs3.2. Virtualization learning curve3.3. Performance3.4. Flexibility3.5. Disaster recovery3.6. Security

3.6.1. Virtualization security features

3.7. Virtualization for servers and individuals

4. Introduction to Fedora virtualization products

4.1. KVM and virtualization in Fedora4.2. libvirt and libvirt too ls4.3. Virtualized hardware devices

4.3.1. Virtualized and emulated devices4.3.2. Para-virtualized devices4.3.3. Physical host devices4.3.4. Guest CPU models

4.4. Storage

4.4.1. Storage poo ls4.4.2. Storage Vo lumes

2 Virtualization Getting Started Guide

5. Virtualization Too ls

5.1. virsh5.2. virt-manager5.3. virt-install5.4. guestfish5.5. Other useful too ls

A. Revision History


Preface1. Document ConventionsThis manual uses several conventions to highlight certain words andphrases and draw attention to specific pieces o f information.

In PDF and paper editions, this manual uses typefaces drawn from theLiberation Fonts set. The Liberation Fonts set is also used in HTMLeditions if the set is installed on your system. If no t, alternative butequivalent typefaces are displayed. Note: Red Hat Enterprise Linux 5and later includes the Liberation Fonts set by default.

1.1. Typographic ConventionsFour typographic conventions are used to call attention to specificwords and phrases. These conventions, and the circumstances theyapply to , are as fo llows.

Mono-spaced Bold

Used to highlight system input, including shell commands, file namesand paths. Also used to highlight keycaps and key combinations. Forexample:

To see the contents o f the file my_next_bestselling_novel in your current workingdirectory, enter the cat my_next_bestselling_novelcommand at the shell prompt and press Enter to executethe command.

The above includes a file name, a shell command and a keycap, allpresented in mono-spaced bo ld and all distinguishable thanks tocontext.

Key combinations can be distinguished from keycaps by the hyphenconnecting each part o f a key combination. For example:

Press Enter to execute the command.

Press Ctrl+Alt+F2 to switch to the first virtual terminal.Press Ctrl+Alt+F1 to return to your X-Windowssession.

The first paragraph highlights the particular keycap to press. The secondhighlights two key combinations (each a set o f three keycaps with eachset pressed simultaneously).

If source code is discussed, class names, methods, functions, variablenames and returned values mentioned within a paragraph will bepresented as above, in mono-spaced bold. For example:

File-related classes include filesystem fo r file systems, file fo r files, and dir fo r directories. Each class has itsown associated set o f permissions.

Pro po rt io nal Bo ld

This denotes words or phrases encountered on a system, includingapplication names; dialog box text; labeled buttons; check-box andradio button labels; menu titles and sub-menu titles. For example:

Choose Syst em → Preferences → Mo use from themain menu bar to launch Mo use Preferences. In the

4 Preface

https://fedorahosted.org/liberation-fonts/

main menu bar to launch Mo use Preferences. In theButtons tab, click the Left-handed mouse check boxand click Close to switch the primary mouse button fromthe left to the right (making the mouse suitable for use inthe left hand).

To insert a special character into a gedit file, chooseApplicat io ns → Accesso ries → Charact er Map fromthe main menu bar. Next, choose Search → Find… fromthe Charact er Map menu bar, type the name of thecharacter in the Search field and click Next. The characteryou sought will be highlighted in the Character Table.Double-click this highlighted character to place it in theText to copy field and then click the Copy button. Nowswitch back to your document and choose Edit → Past efrom the gedit menu bar.

The above text includes application names; system-wide menu namesand items; application-specific menu names; and buttons and text foundwithin a GUI interface, all presented in proportional bo ld and alldistinguishable by context.

Mono-spaced Bold Italic o r Proportional Bold Italic

Whether mono-spaced bo ld or proportional bo ld, the addition o f italicsindicates replaceable or variable text. Italics denotes text you do notinput literally or displayed text that changes depending on circumstance.For example:

To connect to a remote machine using ssh, type ssh [email protected] at a shell prompt. If the remotemachine is example.com and your username on thatmachine is john, type ssh [email protected].

The mount -o remount file-system commandremounts the named file system. For example, toremount the /home file system, the command is mount -o remount /home.

To see the version o f a currently installed package, usethe rpm -q package command. It will return a result asfo llows: package-version-release.

Note the words in bo ld italics above — username, domain.name, file-system, package, version and release. Each word is a placeho lder,either fo r text you enter when issuing a command or fo r text displayedby the system.

Aside from standard usage for presenting the title o f a work, italicsdenotes the first use o f a new and important term. For example:

Publican is a DocBook publishing system.

1.2. Pull-quote ConventionsTerminal output and source code listings are set o ff visually from thesurrounding text.

Output sent to a terminal is set in mono-spaced roman and presentedthus:

books Desktop documentation drafts mss photos stuff svnbooks_tests Desktop1 downloads images notes scripts svgs

Source-code listings are also set in mono-spaced roman but addsyntax highlighting as fo llows:


package org.jboss.book.jca.ex1;

import javax.naming.InitialContext;

public class ExClient{ public static void main(String args[]) throws Exception { InitialContext iniCtx = new InitialContext(); Object ref = iniCtx.lookup("EchoBean"); EchoHome home = (EchoHome) ref; Echo echo = home.create();

System.out.println("Created Echo");

System.out.println("Echo.echo('Hello') = " + echo.echo("Hello")); }}

1.3. Notes and WarningsFinally, we use three visual styles to draw attention to information thatmight o therwise be overlooked.

Note

Notes are tips, shortcuts or alternative approaches to the task athand. Ignoring a note should have no negative consequences,but you might miss out on a trick that makes your life easier.

Important

Important boxes detail things that are easily missed:configuration changes that only apply to the current session, orservices that need restarting before an update will apply. Ignoringa box labeled 'Important' will no t cause data loss but may causeirritation and frustration.

Warning

Warnings should not be ignored. Ignoring warnings will mostlikely cause data loss.

2. We Need Feedback!If you find a typographical error in this manual, o r if you have thought o fa way to make this manual better, we would love to hear from you!Please submit a report in Bugzilla: http://bugzilla.redhat.com/bugzilla/against the product Fedo ra 18.

When submitting a bug report, be sure to mention the manual'sidentifier: virtualization-getting-started-guide

If you have a suggestion for improving the documentation, try to be asspecific as possible when describing it. If you have found an error,please include the section number and some of the surrounding text sowe can find it easily.

6 Preface

http://bugzilla.redhat.com/bugzilla/

Chapter 1. Introduction1.1. Who should read this guide?

1.2. Virtualization resources

The Virtualization Getting Started Guide introduces the basics o fvirtualization and assists with the navigation o f o ther virtualizationdocumentation and products that Fedora provides.

This guide also explains the advantages o f virtualization and dispelssome common myths that exist regarding virtualization.

1.1. Who should read this guide?This guide is designed for anyone wishing to understand the basics o fvirtualization, but may be o f particular interest to :

Those who are new to virtualization and seeking knowledge aboutthe benefits o ffered.

Those considering deployment o f virtualized machines in theirenvironment.

Those looking for an overview of the virtualization techno logies thatFedora produces and supports.

1.2. Virtualization resourcesFedora contains packages and too ls to support a variety o f virtualizedenvironments. Fedora virtualization provides the upstreamdevelopment fo r virtualization in Red Hat Enterprise Linux. Refer toChapter 4, Introduction to Fedora virtualization products fo r moreinformation about the virtualization products available in Fedora.

In addition to this guide, the fo llowing books cover virtualization withFedora:

Virtualization Deployment Guide: This guide provides information onsystem requirements and restrictions, package details, hostconfiguration and detailed instructions for installing different types o fguests.

Virtualization Administration Guide: This guide provides informationon servers, security, KVM, remote management o f guests, KSM,administration tasks, storage, vo lumes, virt -manager, guest diskaccess with o ffline too ls, virtual networking, and troubleshooting.

Virtualization Security Guide: This guide provides information onvirtualization security techno logies including sVirt, configuration andrecommendations for host and guest security, and network security.

Red Hat Enterprise Virtualization (RHEV) is another virtualization optionfor servers and desktops. Red Hat Enterprise Virtualization provides anend-to-end datacenter virtualization so lution developed from theupstream oVirt pro ject. Visit https://fedorahosted.org/ovirt/ fo r moreinformation about oVirt.

Documentation for Red Hat Enterprise Virtualization and virtualizationwith Red Hat Enterprise Linux can be found at http://docs.redhat.com/.


https://fedorahosted.org/ovirt/

http://docs.redhat.com/

Chapter 2. What is virtualization andmigration?2.1. What is virtualization?

2.2. Migration

2.2.1. Benefits o f migrating virtual machines

This chapter discusses terms related to virtualization and migration.

2.1. What is virtualization?Virtualization is a broad computing term used for running software,usually multiple operating systems, concurrently and in iso lation fromother programs on a single system. Most existing implementations o fvirtualization use a hypervisor, a so ftware layer or subsystem thatcontro ls hardware and provides guest operating systems with access tounderlying hardware. The hypervisor allows multiple operating systems,called guests, to run on the same physical system by o ffering virtualizedhardware to the guest operating system. There are various methods forvirtualizing operating systems:

Full virt ualizat io nFull virtualization uses the hardware features o f the processor toprovide guests with to tal abstraction o f the underlying physicalsystem. This creates a new virtual system, called a virtual machine,that allows guest operating systems to run without modifications.The guest operating system and any applications on the guest areunaware o f their virtualized environment and run normally.Hardware-assisted virtualization is the technique used for fullvirtualization with KVM (Kernel-based Virtual Machine) in Fedora.

Para-virt ualizat io nPara-virtualization employs a co llection o f so ftware and datastructures that are presented to the virtualized guest, requiringsoftware modifications in the guest to use the para-virtualizedenvironment. Para-virtualization can encompass the entire kernel,as is the case for Xen para-virtualized guests, or drivers thatvirtualize I/O devices.

So ft ware virt ualizat io n (o r emulat io n)Software virtualization uses slower binary translation and o theremulation techniques to run unmodified operating systems.

Note

For more information and detailed instructions on guestinstallation, refer to the Fedora Virtualization Deployment Guide.

2.2. MigrationMigration describes the process o f moving a virtual machine from onehost to another. This is possible because guests are running in avirtualized environment instead o f directly on the hardware. There aretwo ways to migrate a virtual machine: live and o ffline.

Migrat io n T ypes

Offline migrat io n

8 Preface

An offline migration suspends the guest, and then moves an imageof the guest's memory to the destination host. The guest is thenresumed on the destination host and the memory used by the gueston the source host is freed.

Live migrat io nLive migration is the process o f migrating an active guest from onephysical host to another.

2.2.1. Benefits of migrat ing virtual machinesMigration is useful fo r:

Lo ad balancingWhen a host machine is overloaded, one or many o f its virtualmachines could be migrated to o ther hosts.

Upgrading o r making changes t o t he ho stWhen the need arises to upgrade, add, or remove hardware deviceson one host, virtual machines can be safely relocated to o therhosts. This means that guests do not experience any downtime dueto changes that are made to any o f the hosts.

Energy savingVirtual machines can be redistributed to o ther hosts and theunloaded host systems can be powered o ff to save energy and cutcosts in low usage periods.

Geo graphic migrat io nVirtual machines can be moved to another physical location forlower latency or fo r o ther special circumstances.

It is important to understand that the migration process moves thevirtual machine's memory. This process is done using live migration.

Shared, networked storage must be used for storing guest images to bemigrated. Without shared storage, migration is not possible. It isrecommended to use libvirt -managed storage poo ls fo r sharedstorage.

Note

For more information on migration, refer to the FedoraVirtualization Administration Guide.


Chapter 3. Advantages andmisconceptions of virtualization3.1. Virtualization costs

3.2. Virtualization learning curve

3.3. Performance

3.4. Flexibility

3.5. Disaster recovery

3.6. Security

3.6.1. Virtualization security features

3.7. Virtualization for servers and individuals

There are many advantages to virtualization and perhaps an equalamount o f misconceptions surrounding it. This chapter explores thesepoints.

3.1. Virtualization costsA common misconception is that virtualization is too expensive tojustify the change. Virtualization can be expensive to introduce but o ftenit saves money in the long term. It is important to perform a Return onInvestment (ROI) analysis to determine the best use o f virtualization inyour environment. Consider the fo llowing benefits:

Less po werUsing virtualization negates much o f the need for multiple physicalplatforms. This equates to less power being drawn for machineoperation and coo ling, resulting in reduced energy costs. The initialcost o f purchasing multiple physical platforms, combined with themachines' power consumption and required coo ling, is drasticallycut by using virtualization.

Less maint enanceProvided adequate planning is performed before migrating physicalsystems to virtualized ones, less time is spent maintaining them.This means less money being spent on parts and labor.

Ext ended life fo r inst alled so ft wareOlder versions o f so ftware may not run on newer, bare metalmachines directly. However, by running the o lder so ftware virtuallyon a larger, faster system, the life o f the software may be extendedwhile taking advantage o f the performance from the newer system.

Smaller fo o t printConsolidating servers onto fewer machines means less physicalspace is required. This means the space normally occupied byserver hardware can be used for o ther purposes.

3.2. Virtualization learning curveA misconception exists that virtualization is difficult to learn. In truth,virtualization is no more difficult o r easy to learn than any new process.The skills required for managing and supporting a physical environmentare easily transferable to a virtual one. Virtual environments functionsimilarly to their physical counterparts, ensuring the learning curve

10 Preface

remains a slight one.

3.3. PerformanceOn o lder virtualization versions that supported only a single CPU, virtualmachines experienced noticeable performance limitations. This createda long-lasting misconception that virtualization so lutions are slow. Thisis no longer the case; advances in techno logy allow virtual machines torun at much faster speeds than previously.

3.4. FlexibilityVirtualization provides greater flexibility fo r managing systems. Virtualmachines can be copied or moved to test so ftware updates and validateconfiguration changes, without impacting o ther systems. Because eachof the virtualized systems are completely separate to each o ther, onesystem's downtime will no t affect any o thers.

3.5. Disaster recoveryDisaster recovery is quicker and easier when the systems arevirtualized. On a physical system, if something serious goes wrong, acomplete re-install o f the operating system is usually required, resultingin hours o f recovery time. However, if the systems are virtualized this ismuch faster due to migration ability. If the requirements for live migrationare fo llowed, virtual machines can be restarted on another host, and thelongest possible delay would be in restoring guest data.

3.6. SecurityA virtual machine uses SELinux and sVirt to improve security invirtualization. This section includes an overview of the security optionsavailable.

3.6.1. Virtualizat ion security features

SELinux

SELinux was developed by the US National Security Agency and o thersto provide Mandatory Access Contro l (MAC) for Linux. Under contro l o fSELinux, all processes and files are given what is known as a type, andaccess is limited by fine-grained contro ls. SELinux limits the abilities o fan attacker and works to prevent many common security explo its suchas buffer overflow attacks and privilege escalation.

SELinux strengthens the security model o f Fedora hosts and virtualizedFedora guests. SELinux is configured and tested to work, by default, withall virtualization too ls shipped with Fedora.

sVirt

sVirt is a techno logy included in Fedora that integrates SELinux andvirtualization. It applies Mandatory Access Contro l (MAC) to improvesecurity when using virtual machines, and improves security andhardens the system against bugs in the hypervisor that might be usedas an attack vector fo r the host or to another virtual machine.

Note

For more information on sVirt, refer to the Fedora VirtualizationAdministration Guide.


3.7. Virtualization for servers andindividualsVirtualization is not just fo r servers; it can be useful fo r individuals aswell. Desktop virtualization o ffers centralized management, animproved desktop so lution, and better disaster recovery. By usingconnection software, it is possible to connect to a desktop remotely.

For servers, virtualization is not only fo r larger networks, but fo r anysituation with two or more servers. It provides live migration, highavailability, fault to lerance, and streamlined backups.

12 Preface

Chapter 4. Introduction to Fedoravirtualization products4.1. KVM and virtualization in Fedora

4.2. libvirt and libvirt too ls

4.3. Virtualized hardware devices

4.3.1. Virtualized and emulated devices4.3.2. Para-virtualized devices4.3.3. Physical host devices4.3.4. Guest CPU models

4.4. Storage

4.4.1. Storage poo ls4.4.2. Storage Vo lumes

This chapter introduces the various virtualization products available inFedora.

4.1. KVM and virtualization in FedoraWhat is KVM?

KVM (Kernel-based Virtual Machine) is a full virtualization so lutionfor Linux on AMD64 and Intel 64 hardware that is built into thestandard Fedora kernel. It can run multiple, unmodified Windowsand Linux guest operating systems. The KVM hypervisor in Fedorais managed with the libvirt API and too ls built fo r libvirt (such as virt-manager and virsh). Virtual machines are executed and runas multi-threaded Linux processes contro lled by these too ls.

Overco mmit t ingKVM hypervisor supports overcommitting o f system resources.Overcommitting means allocating more virtualized CPUs ormemory than the available resources on the system. Memoryovercommitting allows hosts to utilize memory and virtual memoryto increase guest densities.

Important

Overcommitting invo lves possible risks to system stability.For more information on overcommitting with KVM, and theprecautions that should be taken, refer to the FedoraVirtualization Administration Guide.

T hin pro visio ningThin provisioning allows the allocation o f flexible storage andoptimizes the available space for every guest. It gives theappearance that there is more physical storage on the guest than isactually available. This is not the same as overcommitting as thisonly pertains to storage and not CPUs or memory allocations.However, like overcommitting, the same warning applies.


Important

Thin provisioning invo lves possible risks to system stability.For more information on thin provisioning with KVM, and theprecautions that should be taken, refer to the FedoraVirtualization Administration Guide.

KSMKernel SamePage Merging (KSM), used by the KVM hypervisor,allows KVM guests to share identical memory pages. These sharedpages are usually common libraries or o ther identical, high-usedata. KSM allows for greater guest density o f identical o r similarguest operating systems by avo iding memory duplication.

Note

For more information on KSM, refer to the FedoraVirtualization Administration Guide.

KVM Guest VM Co mpat ibilit yTo verify whether your processor supports the virtualizationextensions and for information on enabling the virtualizationextensions if they are disabled, refer to the Fedora VirtualizationAdministration Guide.

4.2. libvirt and libvirt toolsThe libvirt package is a hypervisor-independent virtualization API that isable to interact with the virtualization capabilities o f a range o f operatingsystems.

The libvirt package provides:

A common, generic, and stable layer to securely manage virtualmachines on a host.

A common interface for managing local systems and networkedhosts.

All o f the APIs required to provision, create, modify, monitor, contro l,migrate, and stop virtual machines, but only if the hypervisorsupports these operations. Although multiple hosts may beaccessed with libvirt simultaneously, the APIs are limited to singlenode operations.

The libvirt package is designed as a building block for higher levelmanagement too ls and applications, fo r example, virt-manager andthe virsh command-line management too ls. With the exception o fmigration capabilities, libvirt focuses on managing single hosts andprovides APIs to enumerate, monitor and use the resources availableon the managed node, including CPUs, memory, storage, networkingand Non-Uniform Memory Access (NUMA) partitions. The managementtoo ls can be located on separate physical machines from the hostusing secure pro toco ls.

Fedora supports libvirt and included libvirt -based too ls as its defaultmethod for virtualization management.

The libvirt package is available as free software under the GNU LesserGeneral Public License. The libvirt pro ject aims to provide a long termstable C API to virtualization management too ls, running on top o f

14 Preface

varying hypervisor techno logies.

virshThe virsh command-line too l is built on the libvirt managementAPI and operates as an alternative to the graphical virt-managerapplication. The virsh command can be used in read-only modeby unprivileged users or, with root access, full administrationfunctionality. The virsh command is ideal fo r scripting virtualizationadministration.

virt -managervirt-manager is a graphical desktop too l fo r managing virtualmachines. It allows access to graphical guest conso les and can beused to perform virtualization administration, virtual machinecreation, migration, and configuration tasks. The ability to viewvirtual machines, host statistics, device information andperformance graphs is also provided. The local hypervisor andremote hypervisors can be managed through a single interface.

Note

For more information on virsh and virt -manager, refer to theFedora Virtualization Administration Guide.

4.3. Virtualized hardware devicesVirtualization on Fedora presents three distinct types o f system devicesto virtual machines. The three types include:

Virtualized and emulated devices

Para-virtualized devices

Physically shared devices

These hardware devices all appear as being physically attached to thevirtual machine but the device drivers work in different ways.

4.3.1. Virtualized and emulated devicesKVM implements many core devices for virtual machines in so ftware.These emulated hardware devices are crucial fo r virtualizing operatingsystems.

Emulated devices are virtual devices which exist entirely in so ftware.

Emulated drivers may use either a physical device or a virtual so ftwaredevice. Emulated drivers are a translation layer between the virtualmachine and the Linux kernel (which manages the source device). Thedevice level instructions are completely translated by the KVMhypervisor. Any device, o f the same type (storage, network, keyboard,and mouse) and recognized by the Linux kernel, may be used as thebacking source device for the emulated drivers.

Virt ual CPUs (vCPUs)A host system can have up to 160 virtual CPUs (vCPUs) that can bepresented to guests for their use, regardless o f the number o f hostCPUs.

Emulat ed graphics devicesTwo emulated graphics devices are provided. These devices can beconnected to with the SPICE (Simple Pro toco l fo r IndependentComputing Environments) pro toco l or with VNC:


A Cirrus CLGD 5446 PCI VGA card (using the cirrus device)

A standard VGA graphics card with Bochs VESA extensions(hardware level, including all non-standard modes)

Emulat ed syst em co mpo nent sThe fo llowing core system components are emulated to providebasic system functions:

Intel i440FX host PCI bridge

PIIX3 PCI to ISA bridge

PS/2 mouse and keyboard

EvTouch USB Graphics Tablet

PCI UHCI USB contro ller and a virtualized USB hub

Emulated serial ports

EHCI contro ller, virtualized USB storage and a USB mouse

Emulat ed so und devicesFedora 18 provides an emulated (Intel) HDA sound device, intel-hda.

The fo llowing two emulated sound devices are also available, butare not recommended due to compatibility issues with certain guestoperating systems:

ac97, an emulated Intel 82801AA AC97 Audio compatible soundcard

es1370, an emulated ENSONIQ AudioPCI ES1370 sound card

Emulat ed wat chdo g devicesFedora 18 provides two emulated watchdog devices. A watchdogcan be used to automatically reboot a virtual machine when itbecomes overloaded or unresponsive.

The watchdog package must be installed on the guest.

The two devices available are:

i6300esb, an emulated Intel 6300 ESB PCI watchdog device.

ib700, an emulated iBase 700 ISA watchdog device.

Emulat ed net wo rk devicesThere are two emulated network devices available:

The e1000 device emulates an Intel E1000 network adapter (Intel82540EM, 82573L, 82544GC).

The rtl8139 device emulates a Realtek 8139 network adapter.

Emulat ed st o rage driversStorage devices and storage poo ls can use these emulateddevices to attach storage devices to virtual machines. The guestuses an emulated storage driver to access the storage poo l.

Note that like all virtual devices, the storage drivers are not storagedevices. The drivers are used to attach a backing storage device, fileor storage poo l vo lume to a virtual machine. The backing storagedevice can be any supported type o f storage device, file, o r storagepool vo lume.

T he emulat ed IDE driverKVM provides two emulated PCI IDE interfaces. An emulated

16 Preface

IDE driver can be used to attach any combination o f up to fourvirtualized IDE hard disks or virtualized IDE CD-ROM drives toeach virtual machine. The emulated IDE driver is also used forvirtualized CD-ROM and DVD-ROM drives.

T he emulat ed flo ppy disk drive driverThe emulated floppy disk drive driver is used for creatingvirtualized floppy drives.

4.3.2. Para-virtualized devicesPara-virtualized devices are drivers for virtual devices that increase theI/O performance o f virtual machines.

Para-virtualized devices decrease I/O latency and increase I/Othroughput to near bare-metal levels. It is recommended to use thepara-virtualized drivers for virtual machines running I/O intensiveapplications.

The para-virtualized devices must be installed on the guest operatingsystem. The para-virtualized drivers must be manually installed onWindows guests.

Note

For more information on using the para-virtualized drivers, referto the Fedora Virtualization Deployment Guide.

T he para-virt ualized net wo rk driver (virt io -net )The para-virtualized network driver can be used as the driver fo rexisting network devices or new network devices for virtualmachines.

T he para-virt ualized blo ck driver (virt io -blk)The para-virtualized block driver is a driver fo r all storage devices,is supported by the hypervisor, and is attached to the virtualmachine (except fo r floppy disk drives, which must be emulated).

T he para-virt ualized co nt ro ller device (virt io -scsi)The para-virtualized SCSI contro ller device provides a more flexibleand scalable alternative to virtio -blk. A virtio -scsi guest is capable o finheriting the feature set o f the target device, and can handlehundreds o f devices compared to virtio -blk, which can only handle28 devices.

T he para-virt ualized clo ckGuests using the Time Stamp Counter (TSC) as a clock source maysuffer timing issues. KVM works around hosts that do not have aconstant Time Stamp Counter by providing guests with a para-virtualized clock.

T he para-virt ualized serial driver (virt io -serial)The para-virtualized serial driver is a bytestream-oriented, characterstream driver, and provides a simple communication interfacebetween the host's user space and the guest's user space.

T he ballo o n driver (virt io -ballo o n)


The balloon driver can designate part o f a virtual machine's RAM asnot being used (a process known as balloon inflation), so that thememory can be freed for the host (or fo r o ther virtual machines onthat host) to use. When the virtual machine needs the memoryagain, the balloon can be deflated and the host can distribute theRAM back to the virtual machine.

4.3.3. Physical host devicesCertain hardware platforms allow virtual machines to directly accessvarious hardware devices and components. This process invirtualization is known as device assignment. Device assignment is alsoknown as passthrough.

PCI device assignmentThe KVM hypervisor supports attaching PCI devices on the hostsystem to virtual machines. PCI device assignment allows gueststo have exclusive access to PCI devices for a range o f tasks. Itallows PCI devices to appear and behave as if they were physicallyattached to the guest virtual machine.

Device assignment is supported on PCI Express devices, with theexception o f graphics cards. Parallel PCI devices may be supportedas assigned devices, but they have severe limitations due tosecurity and system configuration conflicts.

Note

For more information on device assignment, refer to theFedora Virtualization Deployment Guide.

USB passt hro ughThe KVM hypervisor supports attaching USB devices on the hostsystem to virtual machines. USB device assignment allows gueststo have exclusive access to USB devices for a range o f tasks. Itallows USB devices to appear and behave as if they were physicallyattached to the virtual machine.

Note

For more information on USB passthrough, refer to theFedora Virtualization Administration Guide.

SR-IOVSR-IOV (Single Root I/O Virtualization) is a PCI Express standardthat extends a single physical PCI function to share its PCIresources as separate, virtual functions (VFs). Each function iscapable o f being used by a different virtual machine via PCI deviceassignment.

An SR-IOV capable PCI-e device, provides a Single Root Function(for example, a single Ethernet port) and presents multiple, separatevirtual devices as unique PCI device functions. Each virtual devicemay have its own unique PCI configuration space, memory-mapped registers, and individual MSI-based interrupts.

18 Preface

Note

For more information on SR-IOV, refer to the FedoraVirtualization Deployment Guide.

NPIVN_Port ID Virtualization (NPIV) is a functionality available with someFibre Channel devices. NPIV shares a single physical N_Port asmultiple N_Port IDs. NPIV provides similar functionality fo r FibreChannel Host Bus Adapters (HBAs) that SR-IOV provides for PCIeinterfaces. With NPIV, virtual machines can be provided with a virtualFibre Channel initiator to Storage Area Networks (SANs).

NPIV can provide high density virtualized environments withenterprise-level storage so lutions.

Note

For more information on NPIV, refer to the FedoraVirtualization Administration Guide.

4.3.4. Guest CPU modelsHistorically, CPU model definitions were hard-coded in qemu. Thismethod o f defining CPU models was inflexible, and made it difficult tocreate virtual CPUs with feature sets that matched existing physicalCPUs. Typically, users modified a basic CPU model definition withfeature flags in order to provide the CPU characteristics required by avirtual machine. Unless these feature sets were carefully contro lled, safemigration — which requires feature sets between current andprospective hosts to match — was difficult to support.

qemu-kvm has now replaced most hard-wired definitions withconfiguration file based CPU model definitions. Definitions for a numberof current processor models are now included by default, allowingusers to specify features more accurately and migrate more safely.

Note

For more information on guest CPU models, refer to the FedoraVirtualization Deployment Guide.

4.4. StorageStorage for virtual machines is abstracted from the physical storageused by the virtual machine. It is attached to the virtual machine usingthe para-virtualized or emulated block device drivers.

4.4.1. Storage poolsA storage pool is a file, directory, or storage device managed by libvirtfo r the purpose o f providing storage to virtual machines. Storage poo lsare divided into storage volumes that store virtual machine images orare attached to virtual machines as additional storage. Multiple guestscan share the same storage poo l, allowing for better allocation o fstorage resources.

Lo cal st o rage po o lsLocal storage poo ls are directly attached to the host server. They


Local storage poo ls are directly attached to the host server. Theyinclude local directories, directly attached disks, physical partitions,and LVM vo lume groups on local devices. Local storage poo ls areuseful fo r development, testing and small deployments that do notrequire migration or large numbers o f virtual machines. Localstorage poo ls may not be suitable for many productionenvironments as they do not support live migration.

Net wo rked (shared) st o rage po o lsNetworked storage poo ls include storage devices shared over anetwork using standard pro toco ls. Networked storage is requiredfor migrating virtual machines between hosts. Networked storagepools are managed by libvirt .

4.4.2. Storage VolumesStorage poo ls are further divided into storage vo lumes. Storagevo lumes are an abstraction o f physical partitions, LVM logical vo lumes,file-based disk images and o ther storage types handled by libvirt .Storage vo lumes are presented to virtual machines as local storagedevices regardless o f the underlying hardware.

Note

For more information on storage and virtualization, refer to theFedora Virtualization Administration Guide.

20 Preface

Chapter 5. Virtualization Tools5.1. virsh

5.2. virt-manager

5.3. virt-install

5.4. guestfish

5.5. Other useful too ls

This chapter provides an introduction to the many too ls available toassist with virtualization.

5.1. virshvirsh is a command line interface (CLI) too l fo r managing guests and thehypervisor. The virsh command line too l is built on the libvirtmanagement API and operates as an alternative to the qemu-kvmcommand and the graphical virt -manager application. The virshcommand can be used in read-only mode by unprivileged users or, withroot access, full administration functionality. The virsh command isideal fo r scripting virtualization administration. In addition the virsh too lis a main management interface for virsh guest domains and can beused to create, pause, and shut down domains, as well as list currentdomains. This too l is installed as part o f the libvirt-client package.

Note

Refer to the Fedora Virtualization Administration Guide fo r moreinformation about managing virtual machines with virsh.

5.2. virt-managervirt-manager is a lightweight graphical too l fo r managing virtualmachines. It provides the ability to contro l the life cycle o f existingmachines, provision new machines, manage virtual networks, accessthe graphical conso le o f virtual machines, and view performancestatistics. This too l ships in its own package called virt-manager.

Note

Refer to the Fedora Virtualization Administration Guide fo r moreinformation about managing virtual machines with virt-manager.

5.3. virt-installvirt-install is a command line too l to provision new virtual machines. Itsupports both text-based and graphical installations, using serialconso le, SDL, SPICE, or VNC client/server pair graphics. Installationmedia can be local, o r exist remotely on an NFS, HTTP, or FTP server.The too l can also be configured to run unattended and kickstart theguest when installation is complete, allowing for easy automation o finstallation. This too l is installed as part o f the python-virtinst package.


Note

Refer to the Fedora Virtualization Deployment Guide fo r moreinformation about virt-install.

5.4. guestfishguestfish is a command line too l fo r examining and modifying the filesystems o f the host. This too l uses libguestfs and exposes allfunctionality provided by the guestfs API. This too l ships in its ownpackage entitled guestfish.

Note

Refer to the Fedora Virtualization Administration Guide fo r moreinformation about guestfish.

Warning

Using guestfish on running virtual machines can cause disk-image corruption. Use the guestfish command with the --ro(read-only) option if the disk image is being used by a runningvirtual machine.

5.5. Other useful toolsThe fo llowing too ls are used to access a virtual machine's disk via thehost. The guest's disk is usually accessed directly via the disk-imagefile located on the host. However it is sometimes possible to gainaccess via the libvirt domain. The commands that fo llow are part o f thelibvirt domain and are used to gain access to the guest's disk image.

guestmount

A command line too l used to mount virtual machine file systemsand disk images on the host machine. This too l is installed as parto f the libguestfs-mount package.

Warning

Using guestmount in --r/w (read/write) mode to access adisk that is currently being used by a guest can cause thedisk to become corrupted. Do not use guestmount in --r/w(read/write) mode on live virtual machines. Use the guestmount command with the --ro (read-only) option ifthe disk image is being used.

virt-cat

A command line too l that can be used to quickly view the contentsof one or more files in a specified virtual machine's disk or diskimage. This too l is installed as part o f the libguestfs-tools package.

virt-df

A command line too l used to show the actual physical disk usageof virtual machines. Similar to the command line too l df. Note thatthis too l does not work across remote connections. It is installedas part o f the libguestfs-tools package.

22 Preface

virt-edit

A command line too l used to edit files that exist on a specifiedvirtual machine. This too l is installed as part o f the libguestfs-toolspackage.

Warning

Using virt-edit on live virtual machines can cause diskcorruption in the virtual machine. Although the virt-editcommand will try to prevent users from editing files on livevirtual machines, it is not guaranteed to catch all instances.Do not use virt-edit on a live virtual machine.

virt-filesystems

A command line too l used to discover file systems, partitions,logical vo lumes and their sizes in a disk image or virtual machine.One common use is in shell scripts, to iterate over all file systemsin a disk image. This too l is installed as part o f the libguestfs-toolspackage.

This too l replaces virt-list-filesystems and virt-list-partitions.

virt-inspector

A command line too l that can examine a virtual machine or diskimage to determine the version o f its operating system and o therinformation. It can also produce XML output, which can be pipedinto o ther programs. Note that virt-inspector can only inspectone domain at a time. This too l is installed as part o f the libguestfs-tools package.

virt-ls

A command line too l that lists files and directories inside a virtualmachine. This too l is installed as part o f the libguestfs-toolspackage.

virt-make-fs

A command line too l fo r creating a file system based on a tararchive or files in a directory. It is similar to too ls like mkisofs and mksquashfs, but it can create common file system types such asext2, ext3 and NTFS, and the size o f the file system created can beequal to or greater than the size o f the files it is based on. This too lis provided as part o f the libguestfs-tools package.

virt-rescue

A command line too l that provides a rescue shell and some simplerecovery too ls fo r unbootable virtual machines and disk images. Itcan be run on any virtual machine known to libvirt , o r directly ondisk images. This too l is installed as part o f the libguestfs-toolspackage.


Warning

Using virt-rescue on running virtual machines can causedisk corruption in the virtual machine. virt-rescue attemptsto prevent its own use on running virtual machines, butcannot catch all cases.Using the command with the --ro (read-only) option will no tcause disk corruption, but may give strange or inconsistentresults. It is better to avo id using virt-rescue on a runningvirtual machine.

virt-resize

A command line too l to resize virtual machine disks, and resize ordelete any partitions on a virtual machine disk. It works by copyingthe guest image and leaving the original disk image untouched.This too l is installed as part o f the libguestfs-tools package.

Important

Using virt-resize on running virtual machines can giveinconsistent results. It is best to shut down virtual machinesbefore attempting to resize them.

virt-top

A command line utility similar to top, which shows stats related tovirtualized domains. This too l ships in its own package: virt-top.

virt-v2v

A graphical too l to convert virtual machines from Xen and VMwarehypervisors to run on KVM. This too l ships in its own package: virt-v2v.

virt-viewer

A minimal too l fo r displaying the graphical conso le o f a virtualmachine via the VNC and SPICE pro toco ls. This too l ships in itsown package: virt-viewer.

virt-what

A shell script that detects whether a program is running in a virtualmachine. This too l ships in its own package: virt-what.

virt-who

The virt-who package is a Fedora host agent that queries libvirt fo rguest UUIDs. It then passes that data to the local entitlement serverfor the purposes o f issuing certificates. This too l ships in its ownpackage: virt-who.

virt-win-reg

A command line too l to export and merge Windows Registry entriesfrom a Windows guest, and perform simple Registry operations.This too l is installed as part o f the libguestfs-tools package.

24 Preface

Warning

Using virt-win-reg on running virtual machines will causeirreversible disk corruption in the virtual machine. virt-win-reg attempts to prevent its own use on running virtualmachines, but cannot catch all cases.

Warning

Modifying the Windows Registry is an inherently riskyoperation, as the format is deliberately obscure andundocumented. Changes to the registry can leave thesystem unbootable, so ensure you have a reliable backupbefore you use the --merge option.

virt-xml-validate

A command line too l to validate libvirt XML files for compliancewith the published schema. This too l is installed as part o f thelibvirt-client package.

Revision HistoryRevisio n 1.0-05 Mo nday Oct o ber 22, 2012 Dayle Parker

Branch for Fedora 18 Beta.

Revisio n 1.0-04 Mo nday Oct o ber 22, 2012 Dayle ParkerAdded virtio -scsi feature description to 4.3.2. Para-virtualized devices.

Revisio n 1.0-03 T hursday Sept ember 6, 2012 Dayle ParkerIn Chapter 3: Advantages, added Flexibility po int fo r (BZ#853826).

Revisio n 1.0-02 T hursday August 23 2012 Dayle ParkerIn Too ls: deleted virt- inspector2, virt-cat warning, clarified --r/w warningas per feedback.

Revisio n 1.0-01 T uesday August 14 2012 Dayle ParkerInitial creation o f book for Fedora.


https://bugzilla.redhat.com/show_bug.cgi?id=853826

Documents

Fedora 18 Virtualization Getting Started Guide - Docs