Agenda: lab-libvirt-basic.en.htm

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <meta http-equiv="Content-Style-Type" content="text/css" />
  <meta name="generator" content="pandoc" />
  <title>libvirt and vmbuilder exercise</title>
  <style type="text/css">code{white-space: pre;}</style>
  <link rel="stylesheet" href="../../style.css" type="text/css" />
</head>
<body>
<div id="header">
<h1 class="title">libvirt and vmbuilder exercise</h1>
</div>
<div id="TOC">
<ul>
<li><a href="#objective"><span class="toc-section-number">1</span> Objective</a></li>
<li><a href="#using-vmbuilder"><span class="toc-section-number">2</span> Using vmbuilder</a><ul>
<li><a href="#check-the-configuration"><span class="toc-section-number">2.1</span> Check the configuration</a></li>
<li><a href="#build-a-vm"><span class="toc-section-number">2.2</span> Build a VM</a></li>
</ul></li>
<li><a href="#managing-your-vm"><span class="toc-section-number">3</span> Managing your VM</a><ul>
<li><a href="#start"><span class="toc-section-number">3.1</span> Start</a></li>
<li><a href="#attach-to-the-console"><span class="toc-section-number">3.2</span> Attach to the console</a></li>
<li><a href="#set-up-networking"><span class="toc-section-number">3.3</span> Set up networking</a></li>
<li><a href="#shutdown-and-restart"><span class="toc-section-number">3.4</span> Shutdown and restart</a></li>
<li><a href="#ssh-directly-into-the-vm"><span class="toc-section-number">3.5</span> ssh directly into the VM</a></li>
<li><a href="#changing-vm-parameters"><span class="toc-section-number">3.6</span> Changing VM parameters</a></li>
<li><a href="#set-up-ssh-key-access"><span class="toc-section-number">3.7</span> Set up ssh key access</a></li>
</ul></li>
<li><a href="#optional-exercises"><span class="toc-section-number">4</span> OPTIONAL EXERCISES</a><ul>
<li><a href="#virt-manager-and-vnc"><span class="toc-section-number">4.1</span> virt-manager and VNC</a></li>
<li><a href="#graphical-vnc-console-onto-your-vm"><span class="toc-section-number">4.2</span> Graphical VNC console onto your VM</a></li>
<li><a href="#discarding-a-virtual-machine"><span class="toc-section-number">4.3</span> Discarding a virtual machine</a></li>
</ul></li>
</ul>
</div>
<h1 id="objective"><a href="#objective"><span class="header-section-number">1</span> Objective</a></h1>
<p>You are going to use vmbuilder to build an Ubuntu VM image automatically, and manage it using the &quot;virsh&quot; component of libvirt.</p>
<h1 id="using-vmbuilder"><a href="#using-vmbuilder"><span class="header-section-number">2</span> Using vmbuilder</a></h1>
<h2 id="check-the-configuration"><a href="#check-the-configuration"><span class="header-section-number">2.1</span> Check the configuration</a></h2>
<p>The package &quot;python-vmbuilder&quot; should already be installed on your machine. Have a look at its top-level configuration file:</p>
<pre><code>cat /etc/vmbuilder.cfg</code></pre>
<p>This defines how the VM will be built:</p>
<ul>
<li>what architecture we are building (i386 = 32-bit, x86_64 = 64-bit)</li>
<li>where to download packages from (mirror, security-mirror). Note that we are pointing to apt.ws.nsrc.org:3142 which is the apt-cacher running on your server.</li>
<li>which version of Ubuntu we are building (suite, flavour)</li>
<li>which extra packages to include</li>
<li>ssh key to include</li>
<li>initial username and password. Notice that these are different to the credentials you use to login to your server. Generally, the host server password is private and not known to the users of the VMs.</li>
</ul>
<p>There are also file snippets and templates under <code>/etc/vmbuilder/</code> which are used during the build. You normally do not need to change these.</p>
<h2 id="build-a-vm"><a href="#build-a-vm"><span class="header-section-number">2.2</span> Build a VM</a></h2>
<p>Everyone in your group will ssh into the server and build a VM; it's fine for you to do them at the same time. Use the following name for your VM:</p>
<ul>
<li>1st person in the group: noc.ws.nsrc.org</li>
<li>2nd person in the group: noc2.ws.nsrc.org</li>
<li>3rd person in the group: noc3.ws.nsrc.org</li>
<li>...etc</li>
</ul>
<p>To build your VM, run the following command. If you are not the first person in the group then modify the two places where &quot;noc.ws.nsrc.org&quot; appears.</p>
<pre><code>sudo vmbuilder kvm ubuntu --hostname noc.ws.nsrc.org --mem 512 --debug \
    --rootsize 20480 --dest /var/lib/libvirt/images/noc.ws.nsrc.org</code></pre>
<p>This builds a VM which will initially have 512MB RAM allocated when it runs, and a root disk which can grow up to 20GB.</p>
<p>You should see progress messages scrolling up the screen. The first build may be slow as the packages are being downloaded for the first time.</p>
<blockquote>
<p>If you want to confirm that your apt-cacher is being used, you can do <code>tail -f /var/log/apt-cacher-ng/apt-cacher.log</code> in another session (ctrl-C to stop)</p>
<p>If vmbuilder is running very slowly, you can do the &quot;virt-manager and VNC&quot; exercise at the end of the handout while you wait.</p>
</blockquote>
<p>Check that no errors are shown at the end of the build. You should see something like:</p>
<pre><code>...
2013-11-11 10:30:21,390 DEBUG   : Calling deploy method in VMBuilder.plugins.ubuntu.distro plugin.
2013-11-11 10:30:21,391 DEBUG   : No such method
2013-11-11 10:30:21,391 DEBUG   : Calling deploy method in context plugin VMBuilder.plugins.kvm.vm.
2013-11-11 10:30:21,391 DEBUG   : [&#39;rm&#39;, &#39;-rf&#39;, &#39;--one-file-system&#39;, &#39;/tmp/tmpjC8QLO&#39;]</code></pre>
<p>If there is a problem, try to work out what is wrong from the error message, and ask for help if you need it.</p>
<h1 id="managing-your-vm"><a href="#managing-your-vm"><span class="header-section-number">3</span> Managing your VM</a></h1>
<h2 id="start"><a href="#start"><span class="header-section-number">3.1</span> Start</a></h2>
<p>Try the following commands</p>
<pre><code>virsh list         # shows running VMs (should be empty)
virsh list --all   # shows all VMs, including stopped ones</code></pre>
<p>Now start the VM that you built. Remember to change &quot;noc.ws.nsrc.org&quot; to the name of your VM.</p>
<pre><code>virsh start noc.ws.nsrc.org
virsh list         # show running VMs</code></pre>
<p>Is your virtual machine running? A low-level way of checking is to see if libvirt has started a &quot;kvm&quot; process</p>
<pre><code>ps auxwww | grep kvm     # look for your KVM process</code></pre>
<h2 id="attach-to-the-console"><a href="#attach-to-the-console"><span class="header-section-number">3.2</span> Attach to the console</a></h2>
<p>Since you don't know what IP address your VM has got (if any), you need another way to connect to it. KVM provides two different ways:</p>
<ul>
<li>an emulated serial port</li>
<li>an emulated VGA screen</li>
</ul>
<p>We are going to use the serial port, since you can easily do this using your ssh session.</p>
<pre><code>virsh console noc.ws.nsrc.org</code></pre>
<p>Hit Enter a few times. You should get a login prompt. Login using the username and password which the VM was built with.</p>
<p>Type &quot;ifconfig eth0&quot; to see what IP address has been picked up by the VM.</p>
<h2 id="set-up-networking"><a href="#set-up-networking"><span class="header-section-number">3.3</span> Set up networking</a></h2>
<p>While you are still attached to the console, edit <code>/etc/network/interfaces</code> to replace DHCP with a static IP address.</p>
<pre><code>auto eth0
iface eth0 inet static
        address 10.10.0.XXX
        netmask 255.255.255.0
        gateway 10.10.0.254
        dns-nameservers 10.10.0.241
        # Disable UDP checksum offloading on virtio; it breaks when
        # packets traverse Dynamips
        post-up ethtool --offload eth0 tx off</code></pre>
<p>Choose your IP address as follows:</p>
<ul>
<li>noc.ws.nsrc.org: 10.10.0.250</li>
<li>noc2.ws.nsrc.org: 10.10.0.249</li>
<li>noc3.ws.nsrc.org: 10.10.0.248</li>
<li>...etc</li>
</ul>
<p>Note that the cursor keys in the editor may not work exactly as expected over a serial console - try to manage. Alternatively, since you know the machine's temporary (DHCP-assigned) IP address, you can ssh to that.</p>
<h2 id="shutdown-and-restart"><a href="#shutdown-and-restart"><span class="header-section-number">3.4</span> Shutdown and restart</a></h2>
<p>One way to shutdown the VM is to type <code>halt -p</code> within the VM. But you need to be very sure you are typing this in the VM and not the host server!</p>
<p>A safer way is to send a shutdown signal from the host.</p>
<ul>
<li><p>If you are still attached to the virtual console, disconnect by pressing <code>ctrl</code> and <code>]</code></p></li>
<li><p>Now issue the shutdown command to your VM</p>
<pre><code>virsh shutdown noc.ws.nsrc.org
virsh list  # keep repeating this until your VM is no longer shown as running</code></pre></li>
<li><p>Now restart your VM</p>
<pre><code>virsh start noc.ws.nsrc.org</code></pre></li>
</ul>
<p>Check you can ping your VM on the static IP address you configured. It will probably take around 10-15 seconds before it starts to respond.</p>
<p>If your machine does not respond, then go back in using the virtual console and correct the problem.</p>
<h2 id="ssh-directly-into-the-vm"><a href="#ssh-directly-into-the-vm"><span class="header-section-number">3.5</span> ssh directly into the VM</a></h2>
<p>Now you can confirm that you have ssh access into your VM. You should be able to ssh directly from your laptop to 10.10.0.XXX, where this is the IP address you assigned to your VM.</p>
<p>Once logged in, you are going to do some basic system administration on the VM.</p>
<pre><code>sudo apt-get update
sudo apt-get install apache2</code></pre>
<p>Edit <code>/var/www/index.html</code> and put your own &quot;hello world&quot; type message in it.</p>
<p>Now point your laptop's web browser at http://10.10.0.XXX/ and check you can view this page. Check the pages for the other users in your group too.</p>
<p>Congratulations, you have installed a complete Ubuntu virtual machine with webserver!</p>
<h2 id="changing-vm-parameters"><a href="#changing-vm-parameters"><span class="header-section-number">3.6</span> Changing VM parameters</a></h2>
<p>Let's say you decided that your noc.ws.nsrc.org needs more than 512MB of RAM to run. You can change the memory allocation in libvirt's XML configuration file for that VM.</p>
<p>First, have a look at the existing XML:</p>
<pre><code>virsh dumpxml noc.ws.nsrc.org</code></pre>
<p>Now use the command to edit it:</p>
<pre><code>virsh edit noc.ws.nsrc.org</code></pre>
<p>Look for this section near the top:</p>
<pre><code>  &lt;memory unit=&#39;KiB&#39;&gt;524288&lt;/memory&gt;
  &lt;currentMemory unit=&#39;KiB&#39;&gt;524288&lt;/currentMemory&gt;</code></pre>
<p>The first number is the <em>maximum</em> amount of memory which this VM can use, and the second is the <em>current</em> amount of memory allocated to this VM.</p>
<p>Change both these numbers to 1048576 (1GB), then shutdown and restart the VM.</p>
<p>ssh into the VM and type &quot;free&quot; to see how much memory is visible.</p>
<p>You can even change the memory used by a VM while it is running - this is called &quot;hot-plug memory&quot; - up to the maximum configured. The command is:</p>
<pre><code>virsh setmem noc.ws.nsrc.org --size 400000</code></pre>
<p>Type &quot;free&quot; again within the VM to see the change. It happens immediately.</p>
<h2 id="set-up-ssh-key-access"><a href="#set-up-ssh-key-access"><span class="header-section-number">3.7</span> Set up ssh key access</a></h2>
<p>Of course, you don't want to type your password every time you connect to the VM using ssh.</p>
<p>To prevent this, you can put your public key into <code>/home/sysadm/.ssh/authorized_keys</code> in the VM. You'll have to create the .ssh directory if it doesn't already exist.</p>
<p>You can also allow root login by putting your public key into <code>/root/.ssh/authorized_keys</code> in the VM. This is very convenient for managing the VM, especially using automated scripts. Then try ssh'ing in as root.</p>
<p>To make this easier in future, put your public key into <code>/etc/vmbuilder/misc/authorized_keys</code> on the host. Then vmbuilder will include it in every VM it builds from now on.</p>
<h1 id="optional-exercises"><a href="#optional-exercises"><span class="header-section-number">4</span> OPTIONAL EXERCISES</a></h1>
<h2 id="virt-manager-and-vnc"><a href="#virt-manager-and-vnc"><span class="header-section-number">4.1</span> virt-manager and VNC</a></h2>
<p>You can try out the graphical interface which virt-manager provides.</p>
<ul>
<li>Login to your server as the &quot;nsrc&quot; user</li>
<li>Type &quot;vncserver&quot;. If you have never run this before, you will be prompted to choose a password to protect your desktop. Use the instructor password.</li>
<li>On your laptop, download and run a vnc viewer application.
<ul>
<li>For Windows: <a href="http://www.realvnc.com/download/viewer/">real VNC</a></li>
<li>For Mac: <a href="http://sourceforge.net/projects/chicken/files/">chicken VNC</a></li>
<li>For Linux desktop: gvncviewer</li>
</ul></li>
<li>Using vnc viewer, connect to your server (10.10.0.241) on port 5901. You should get a desktop with a terminal window.</li>
<li>Type &quot;virt-manager&quot; into the terminal window. This should start the manager which shows your VMs and allows you to control them. Move and resize it to fit better.</li>
<li>Disconnect your VNC session and reconnect; you should get the desktop exactly as you left it.</li>
</ul>
<h2 id="graphical-vnc-console-onto-your-vm"><a href="#graphical-vnc-console-onto-your-vm"><span class="header-section-number">4.2</span> Graphical VNC console onto your VM</a></h2>
<p>For some VMs, like Windows VMs, a serial console may not be sufficient.</p>
<p>You can get a graphical console indirectly by using virt-manager. Alternatively, you can expose the VM's graphical console directly to the network. You need to configure libvirt to allow VNC to listen on external interfaces, not just the loopback interface.</p>
<p>To do this:</p>
<ul>
<li>virsh shutdown VNMAME</li>
<li>wait for it to stop running (virsh list)</li>
<li>virsh edit VMNAME</li>
</ul>
<p>This will open up the XML definition. Find this section:</p>
<p>Find this section:</p>
<pre><code>    &lt;graphics type=&#39;vnc&#39; port=&#39;-1&#39; autoport=&#39;yes&#39; listen=&#39;127.0.0.1&#39;&gt;
      &lt;listen type=&#39;address&#39; address=&#39;127.0.0.1&#39;/&gt;
    &lt;/graphics&gt;</code></pre>
<p>Change &quot;127.0.0.1&quot; to &quot;0.0.0.0&quot; and set a password, e.g.</p>
<pre><code>    &lt;graphics type=&#39;vnc&#39; port=&#39;-1&#39; autoport=&#39;yes&#39; listen=&#39;0.0.0.0&#39; passwd=&#39;secret&#39;&gt;
      &lt;listen type=&#39;address&#39; address=&#39;0.0.0.0&#39;/&gt;
    &lt;/graphics&gt;</code></pre>
<ul>
<li>virsh start VMNAME</li>
<li>virsh vncdisplay VMNAME</li>
</ul>
<p>This will return colon and a number, e.g. &quot;:0&quot;. Add 5900 to this number to get the VNC port number.</p>
<ul>
<li>Use your laptop VNC client to connect to your server (10.10.0.241) on the port you have calculated. Enter the VNC password.</li>
</ul>
<h2 id="discarding-a-virtual-machine"><a href="#discarding-a-virtual-machine"><span class="header-section-number">4.3</span> Discarding a virtual machine</a></h2>
<p>For reference: if you wanted to discard a virtual machine permanently, these are the steps you would have to take.</p>
<pre><code>virsh destroy VMNAME                          # (if it&#39;s currently running)
virsh undefine VMNAME                         # delete the XML
sudo rm -rf /var/lib/libvirt/images/VMNAME    # delete the disk image</code></pre>
</body>
</html>