wiki:TipAndDoc/VM/KVM

Version 24 (modified by mitty, 12 years ago) (diff)

--

KVM

  • KVM自体にはIntel-VT or AMD-V が必須
    egrep '(vmx|svm)' --color=always /proc/cpuinfo
    
  • QEMUはVT/AMD-vが無くても動く(ただし非常に遅い)

Client

Windows Guest

drivers

  • デバイスマネージャ

virbr0

  • libvirtdによって自動で作られる「default」のNAT
    • ps aux | grep dns
      nobody    2684  0.0  0.0  21264   792 ?        S    Feb07   0:01 dnsmasq --strict-order --bind-interfaces --pid-file=/var/run/libvirt/network/default.pid --conf-file=  --listen-address 192.168.122.1 --except-interface lo --dhcp-range 192.168.122.2,192.168.122.254 --dhcp-lease-max=253
      
    • lease file => /var/lib/misc/dnsmasq.leases

iptables

  • sudo iptables-save
    # Generated by iptables-save v1.4.8 on Thu Feb 16 10:31:29 2012
    *nat
    :PREROUTING ACCEPT [743892:129452770]
    :POSTROUTING ACCEPT [1179:112796]
    :OUTPUT ACCEPT [1215:115607]
    -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535 
    -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE --to-ports 1024-65535 
    -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE 
    COMMIT
    # Completed on Thu Feb 16 10:31:29 2012
    # Generated by iptables-save v1.4.8 on Thu Feb 16 10:31:29 2012
    *filter
    :INPUT ACCEPT [4957020:3457557240]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [3323525:4327643495]
    -A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT 
    -A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT 
    -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT 
    -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT 
    -A FORWARD -d 192.168.122.0/24 -o virbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT 
    -A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT 
    -A FORWARD -i virbr0 -o virbr0 -j ACCEPT 
    -A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable 
    -A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable 
    COMMIT
    # Completed on Thu Feb 16 10:31:29 2012
    

port forwarding

Live Migration

kvm-spice

  • Ubuntu 12.04でqemu-kvm-spiceをインストールすると、デフォルトのemulatorが/usr/bin/kvm-spiceになって以下の様な問題が起きる
  • kern.logにAppArmorからDENIEDとエラーが出る
    Oct 13 22:45:08 HOSTNAME kernel: [507466.445098] type=1400 audit(1350135908.372:69): apparmor="DENIED" operation="open" parent=1 profile="libvirt-52d08545-a490-c890-654a-260caf35d27d" name="/proc/17685/auxv" pid=17685 comm="kvm-spice" requested_mask="r" denied_mask="r" fsuid=104 ouid=104
    
  • Video modelをcirrus以外にすると、画面が表示されなくなる(真っ黒のまま)

Attachments (17)

Download all attachments as: .zip