在Linux上安装KVM(Kernel-based Virtual Machine,内核虚拟机),并提供环境需求清单、安装和安装是否成功检查
环境需求
- 推荐使用
Ubuntu 20.04
- 检查是否支持 VT
首先要确认CPU硬件是否支持虚拟化。Intel CPU的虚拟化技术叫 vmx (Virtual Machine eXtension,就是一串虚拟机指令集) ,AMD CPU的虚拟化技术叫 svm。开机进BIOS, 可以设置开启虚拟化,具体方法咨询硬件厂商。使用命令检测 CPU 是否支持硬件虚拟化:
$ cat /proc/cpuinfo | egrep 'vmx|svm'
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon nopl xtopology tsc_reliable nonstop_tsc cpuid pni pclmulqdq vmx ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch cpuid_fault invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid rdseed adx smap clflushopt xsaveopt xsavec xgetbv1 xsaves arat md_clear flush_l1d arch_capabilities
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon nopl xtopology tsc_reliable nonstop_tsc cpuid pni pclmulqdq vmx ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch cpuid_fault invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid rdseed adx smap clflushopt xsaveopt xsavec xgetbv1 xsaves arat md_clear flush_l1d arch_capabilities
- 关闭 Selinux,将
/etc/sysconfig/selinux 中的 SELinux=enforcing 修改为 SELinux=disabled
- 重启
安装
安装包说明:
qemu-kvm 提供KVM用户空间服务libvirt 提供API服务libvirt-client 为虚拟客户机提供的C语言工具包virt-manager 虚拟机管理GUI工具virt-top 虚拟机统计命令virt-install 基于 libvirt 服务的虚拟机创建命令virt-viewer GUI连接程序,连接虚拟机python-virtinst 创建虚拟机所需要的命令行工具和程序库bridge-utils 创建和管理桥接设备的工具(provides a bridge from your network to the virtual machines)
CentOS
sudo yum -y install qemu-kvm libvirt libvirt-client libvirt-python virt-manager virt-top virt-install virt-viewer bridge-utils libguestfs-tools
ln -sf /usr/libexec/qemu-kvm /usr/bin/kvm
Ubuntu
sudo apt-get update
sudo apt install -y qemu qemu-kvm qemu-system libvirt-clients libvirt-daemon-system bridge-utils virt-manager libguestfs-tools
# 使用 kvm 命令创建
启动 libvirt,加载 kvm 模块到内核
sudo systemctl enable --now libvirtd
sudo systemctl enable --now virtlogd
# 加载 kvm 模块
sudo modprobe kvm
# 查看是否加载
sudo lsmod | grep kvm
查看是否安装成功
$ kvm-ok
INFO: /dev/kvm exists
KVM acceleration can be used
如果输出如下,表示不支持虚拟化:
INFO: Your CPU does not support KVM extensions
KVM acceleration can NOT be used
FaQ
KVM cannot access storage file (as uid:107, gid:107)permission denied
Changing /etc/libvirt/qemu.conf make working things, Uncomment user/group to work as root.
# The user for QEMU processes run by the system instance. It can be
# specified as a user name or as a user id. The qemu driver will try to
# parse this value first as a name and then, if the name doesn't exist,
# as a user id.
#
# Since a sequence of digits is a valid user name, a leading plus sign
# can be used to ensure that a user id will not be interpreted as a user
# name.
#
# Some examples of valid values are:
#
# user = "qemu" # A user named "qemu"
# user = "+0" # Super user (uid=0)
# user = "100" # A user named "100" or a user with uid=100
#
user = "root"
# The group for QEMU processes run by the system instance. It can be
# specified in a similar way to user.
group = "root"
# Whether libvirt should dynamically change file ownership
# to match the configured user/group above. Defaults to 1.
# Set to 0 to disable file ownership changes.
#dynamic_ownership = 1
然后重启服务:
systemctl restart libvirtd.service
qemu-kvm: error: failed to set MSR 0x48d to 0x5600000016
$ kvm -m 1024 -vnc :0 -hda ./test.qcow2 -cdrom CentOS-7-x86_64-DVD-1908.iso # -cpu host
qemu-kvm: error: failed to set MSR 0x48d to 0x5600000016
qemu-kvm: ../../target/i386/kvm.c:2701: kvm_buf_set_msrs: Assertion `ret == cpu->kvm_msr_buf->nmsrs' failed.
Aborted (core dumped)
sudo tee /etc/modprobe.d/qemu-system-x86_64.conf << EOF
options kvm_intel nested=1
options kvm_intel emulate_invalid_guest_state=0
options kvm ignore_msrs=1 report_ignored_msrs=0
EOF
之后 reboot
qemu-system-x86_64: warning: host doesn’t support requested feature
$ qemu-system-x86_64 -enable-kvm
Unable to init server: Could not connect: Connection refused
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.80000001H:ECX.svm [bit 2]
gtk initialization failed
不用处理,在桌面环境运行不会有这个问题
IOMMU 不支持
$ virt-host-validate
QEMU: Checking for hardware virtualization : PASS
QEMU: Checking if device /dev/kvm exists : PASS
QEMU: Checking if device /dev/kvm is accessible : PASS
QEMU: Checking if device /dev/vhost-net exists : PASS
QEMU: Checking if device /dev/net/tun exists : PASS
QEMU: Checking for cgroup 'cpu' controller support : PASS
QEMU: Checking for cgroup 'cpuacct' controller support : PASS
QEMU: Checking for cgroup 'cpuset' controller support : PASS
QEMU: Checking for cgroup 'memory' controller support : PASS
QEMU: Checking for cgroup 'devices' controller support : PASS
QEMU: Checking for cgroup 'blkio' controller support : PASS
QEMU: Checking for device assignment IOMMU support : WARN (No ACPI DMAR table found, IOMMU either disabled in BIOS or not supported by this hardware platform)
QEMU: Checking for secure guest support : WARN (Unknown if this platform has Secure Guest support)
LXC: Checking for Linux >= 2.6.26 : PASS
LXC: Checking for namespace ipc : PASS
LXC: Checking for namespace mnt : PASS
LXC: Checking for namespace pid : PASS
LXC: Checking for namespace uts : PASS
LXC: Checking for namespace net : PASS
LXC: Checking for namespace user : PASS
LXC: Checking for cgroup 'cpu' controller support : PASS
LXC: Checking for cgroup 'cpuacct' controller support : PASS
LXC: Checking for cgroup 'cpuset' controller support : PASS
LXC: Checking for cgroup 'memory' controller support : PASS
LXC: Checking for cgroup 'devices' controller support : PASS
LXC: Checking for cgroup 'freezer' controller support : PASS
LXC: Checking for cgroup 'blkio' controller support : PASS
LXC: Checking if device /sys/fs/fuse/connections exists : PASS
在虚拟器启用 IOMMU,配置参考Linux IOMMU 介绍