防火墙技术 配置主机名 节点配置主机名: [root@localhost ~]# hostnamectl set-hostname user1 //退出并重新连接虚拟机 [root@user1 ~]# hostnamectl Static hostname: user1 Icon name: computer-vm Chassis: vm Machine ID: 17d24d21f1c34b699c19d5e84762b3fe Boot ID: 6ea800f863564e11afc5d91d65fafb3f Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-327.el7.x86_64 Architecture: x86-64redis2节点配置主机名: [root@localhost ~]# hostnamectl set-hostname user2 //退出并重新连接虚拟机 [root@user2 ~]# hostnamectl Static hostname: user2 Icon name: computer-vm Chassis: vm Machine ID: 17d24d21f1c34b699c19d5e84762b3fe Boot ID: d6c808d94d6b4501b5ad740429e23aa4 Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-327.el7.x86_64 Architecture: x86-64 将centos镜像上传并挂载,所有节点配置yum源 所有节点配置本地yum源。 [root@user1 ~]# mkdir /opt/centos [root@user1 ~]# mount CentOS-7-x86_64-DVD-1511.iso /opt/centos mount: /dev/loop0 is write-protected, mounting read-only [root@user1 ~]# rm -rf /etc/yum.repos.d/* [root@user1 ~]# cat /etc/yum.repos.d/local.repo [centos] name=centos baseurl=file:///opt/centos gpgcheck=0 enabled=1 在两个节点安装并启动httpd和mariadb服务,并在user2上新建一个网页。 [root@user1 ~]# yum install mariadb-server httpd -y [root@user1 ~]# systemctl start httpd [root@user1 ~]# systemctl start mariadb [root@user2 ~]# yum install mariadb-server httpd -y [root@user2 ~]# systemctl start httpd [root@user2 ~]# systemctl start mariadb [root@user2 ~]# echo welcome to beijing > /var/www/html/index.html 此时user2主机进行控制其他机器访问。 [root@user2 ~]# iptables -A INPUT -s 192.168.20.1,127.0.0.1 -j ACCEPT //允许本地windows系统访问 [root@user2 ~]# iptables -A INPUT -j REJECT //拒绝其他所有主机访问本机 [root@user2 ~]# iptables -vnL --line-numbers Chain INPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 8 560 ACCEPT all – * * 192.168.20.1 0.0.0.0/0 2 0 0 ACCEPT all – * * 127.0.0.1 0.0.0.0/0 3 0 0 REJECT all – * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 3 packets, 308 bytes) num pkts bytes target prot opt in out source destination [root@user2 html]# iptables -vnL --line-numbers Chain INPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 15 1012 ACCEPT all – * * 192.168.20.1 0.0.0.0/0 2 0 0 ACCEPT all – * * 127.0.0.1 0.0.0.0/0 3 0 0 REJECT all – * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 8 packets, 1568 bytes) num pkts bytes target prot opt in out source destination 此时user1主机无法访问user2主机。 [root@user1 ~]# curl 192.168.20.20 curl: (7) Failed connect to 192.168.20.20:80; Connection refused 此时只允许user1用户访问本机的httpd服务。 [root@user2 ~]# iptables -I INPUT 3 -s 192.168.20.10 -p tcp --dport 80 -j ACCEPT [root@user2 ~]# iptables -vnL --line-numbers Chain INPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 126 9352 ACCEPT all – * * 192.168.20.1 0.0.0.0/0 2 0 0 ACCEPT all – * * 127.0.0.1 0.0.0.0/0 3 0 0 ACCEPT tcp – * * 192.168.20.10 0.0.0.0/0 tcp dpt:80 4 1 60 REJECT all – * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 7 packets, 772 bytes) num pkts bytes target prot opt in out source destination 此时user1主机通过TCP协议就可以访问user2主机的httpd服务内容。 [root@user1 ~]# curl 192.168.20.20 welcome to beijing 在user2主机将mysql数据库允许user1主机访问。 [root@user2 ~]# iptables -I INPUT 3 -s 192.168.20.10 -p tcp --dport 3306 -j ACCEPT [root@user2 ~]# iptables -vnL --line-numbers Chain INPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 220 16328 ACCEPT all – * * 192.168.20.1 0.0.0.0/0 2 0 0 ACCEPT all – * * 127.0.0.1 0.0.0.0/0 3 0 0 ACCEPT tcp – * * 192.168.20.10 0.0.0.0/0 tcp dpt:3306 4 6 397 ACCEPT tcp – * * 192.168.20.10 0.0.0.0/0 tcp dpt:80 5 1 60 REJECT all – * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 13 packets, 1580 bytes) num pkts bytes target prot opt in out source destination 在user2主机将mysql数据库允许user1主机访问,并验证。 [root@user2 ~]# mysql -e “grant all on . to test@‘192.168.20.%’ identified by ‘centos’” [root@user1 ~]# mysql -utest -pcentos -h192.168.20.20 //在user1节点验证 Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 6 Server version: 5.5.44-MariaDB MariaDB Server
Copyright © 2000, 2015, Oracle, MariaDB Corporation Ab and others.
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.
MariaDB [(none)]>
Zabbix监控 环境软件包 节点名称 ip地址 组件 controller 192.168.100.10 mysql,php,nginx,zabbix-server,zabbix-agent compute 192.168.100.20 mysql,php,nginx,zabbix-agent
2台服务器,1台zabbix_server,1台zabbix_agent 2台服务器配置50G硬盘,内存2G以上,cpu2个 软件包zabbix-4.0.3.tar, zabbix-agent-4.0.3-1.el7.x86_64.rpm, lnmp1.6-full.tar Zabbix server机器装载mysql,php,nginx,zabbix-server,zabbix-agent Zabbix agent机器装载mysql,php,nginx,zabbix-agent
1.lnmp环境配置 导入lnmp1.6-full.tar,并解压出来,里面存放的是lnmp环境一键部署脚本;
修改脚本环境变量配置文件:
MySQL_Data_Dir=’/data/mysql/’
执行脚本:./install.sh lnmp
目前提供了较多的MySQL、MariaDB版本和不安装数据库的选项,需要注意的是MySQL 5.6,5.7及MariaDB 10必须在1G以上内存的更高配置上才能选择! 输入对应MySQL或MariaDB版本前面的序号,回车进入下一步
设置MySQL的root密码,输入后回车进入下一步,如下图所示:
询问是否需要启用MySQL InnoDB,InnoDB引擎默认为开启,一般建议开启!直接回车或输入 y ,输入完成,回车进入下一步。
注意:选择PHP 7+版本时需要自行确认PHP版本是否与自己的程序兼容。 输入要选择的PHP版本的序号,回车进入下一步,选择是否安装内存优化:
安装完成 如果显示Nginx: OK,MySQL: OK,PHP: OK
2.zabbix安装部署 Zabbix Server编译安装 安装依赖 yum install -y libevent-devel wget tar gcc gcc-c++ make net-snmp-devel libxml2-devel libcurl-devel 创建zabbix用户 useradd -s /sbin/nologin zabbix 下载zabbix源码包 cd /usr/local/src/ rz zabbix-4.0.3.tar.gz 解压编译 tar -zxvf zabbix-4.0.3.tar.gz cd zabbix-4.0.3 mv /usr/local/src/zabbix-4.0.3/* /usr/local/zabbix ./configure --prefix=/usr/local/zabbix --enable-server --enable-agent --with-mysql=/usr/local/mysql/bin/mysql_config --with-net-snmp --with-libcurl --with-libxml2 make && make install 选项说明 1) --prefix指定安装目录 2) --enable-server安装zabbix server 3) --enable-agent安装zabbix agent 4) --with-mysql用mysql来存储 环境变量设置: vim /etc/profile export PATH=$PATH:/usr/local/zabbix/sbin/:/usr/local/zabbix/bin/ source /etc/profile echo KaTeX parse error: Expected 'EOF', got '#' at position 174: …e utf8_bin; #̲#创建zabbix库和设置格式…) { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /data/nginx/zabbix$fastcgi_script_name; include fastcgi_params; } } mkdir /data/nginx/zabbix ##创建zabbix web 的文件目录 /etc/init.d/nginx reload cp -rf /usr/local/zabbix/frontends/php/* /data/nginx/zabbix ##把源码安装包路径下的文件cp到zabbix web文件目录当中 到浏览器通过http://192.168.100.10/setup.php 配置zabbix的初始化设置; 注:这里zabbix初始化设置会有报错,需要提前修改php.ini的配置文件; vim /usr/local/php/etc/php.ini post_max_size = 32M max_execution_time = 350 max_input_time = 350 date.timezone = Asia/Shanghai always_populate_raw_post_data = -1 重启php-fpm服务 /etc/init.d/php-fpm restart Zabbix web界面部署:
测试登录: 登陆账户是Admin 密码是zabbix
设置中文
监控报警提示:Zabbix agent on Zabbix server is unreachable for 5 minutes 此提示为zabbix agent未启动导致的! 查看端口10051是否有启动: [root@controller frontends]# netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:10051 0.0.0.0:* LISTEN 25409/zabbix_server tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 23148/php-fpm: mast tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 25395/nginx: master tcp 0 0 0.0.0.0:8081 0.0.0.0:* LISTEN 25395/nginx: master tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 25395/nginx: master tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1145/sshd tcp6 0 0 :::3306 ::😗 LISTEN 12591/mysqld tcp6 0 0 :::22 ::😗 LISTEN 1145/sshd 3.zabbix agent客户端安装部署 下载源码包: wget http://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-agent-4.0.3-1.el7.x86_64.rpm rpm -ivh zabbix-agent-4.0.3-1.el7.x86_64.rpm 安装完后我们后面经常使用的文件如路径如下 /etc/zabbix/zabbix_agentd.conf ##zabbix_agentd配置文件 /etc/zabbix/zabbix_agentd.d ##zabbix_agentd进程文件 /var/run/zabbix/zabbix_agentd.pid ##zabbix_agentd pid文件路径 /var/log/zabbix/zabbix_agentd.log ##zabbix_agentd日志文件路径 修改配置文件mv /etc/zabbix/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.confbak ##备份配置 cat /etc/zabbix/zabbix_agentd.confbak | egrep -v ‘^$|#’> zabbix_agentd.conf ##过滤一下空白行和注释 PidFile=/var/run/zabbix/zabbix_agentd.pid LogFile=/var/log/zabbix/zabbix_agentd.log LogFileSize=0 ListenPort=10050 StartAgents=3 ListenIP=0.0.0.0 Server=192.168.100.10 Hostname=Api1Bearead Include=/etc/zabbix/zabbix_agentd.d/.conf ###Server和ServerActive上配置的是zabbix server的ip Hostname建议为客户端主机名 systemctl restart zabbix-agent.service ###重启zabbix_agentd systemctl status zabbix-agent.service ###查看zabbix_agentd状态 systemctl enable zabbix-agent.service ###设置开机自启 查看日志:tail -f /var/log/zabbix/zabbix_agentd.log 1097:20190621:011903.883 IPv6 support: YES 1097:20190621:011903.883 TLS support: YES 1097:20190621:011903.883 ************************** 1097:20190621:011903.883 using configuration file: /etc/zabbix/zabbix_agentd.conf 1097:20190621:011903.884 agent #0 started [main process] 1111:20190621:011903.886 agent #1 started [collector] 1120:201906a8521:011903.886 agent #5 started [active checks #1] 1119:20190621:011903.887 agent #4 started [listener #3] 1113:20190621:011903.889 agent #2 started [listener #1] 1115:20190621:011903.891 agent #3 started [listener #2] 查看端口10050是否启动:[root@compute ~]# netstat -lntp | grep zabbix tcp 0 0 0.0.0.0:10050 0.0.0.0: LISTEN 1064/zabbix_agentd 创建客户端监控主机:
解决中文乱码无法显示问题:
修改配置文件:
4.自定义监控脚本 修改agent配置文件/etc/zabbix/zabbix_agentd.conf UnsafeUserParameters=1 UserParameter=users, /bin/bash /scripts/user.sh 配置脚本: mkdir /scripts vi /scripts/user.sh #!/bin/bash ur=$(who |wc -l) if [ $ur -gt 3 ];then echo ‘1’ else echo ‘2’ fi 添加权限: chown -R zabbix.zabbix /scripts/ chmod 777 user.sh 测试脚本: ./user.sh 如果返回值为1说明在线用户超过3个,如果返回值为2,说明在线用户不超过3个; 生效配置 systemctl restart zabbix-agent systemctl status zabbix-agent netstat -lntp ##查看端口是否都启动了 服务端测试: [root@controller fonts]# zabbix_get -s 192.168.100.20 -k users 2 通过zabbix_get去测试获取脚本数据; 进入ZABBIX WEB配置 流程:配置—>主机->监控项->创建监控项 配置—>主机->触发器>创建触发器 具体配置参数如图所示: 验证: 客户端主机开多于三个用户,看是否会触发报警!
5.报警警邮件通知 安装mail服务 yum -y install sendmail mailx 邮件发送配置/etc/mail.rc set from=****@qq.com set smtp=smtp.qq.com set smtp-auth-user=@qq.com set smtp-auth-password= //smtp授权码 set smtp-auth=login 编写邮件发送脚本 [root@controller ~]# vi /scripts/mail.sh #!/bin/bash #send mail messages=echo $3 | tr '\r\n' '\n' subject=echo $2 | tr '\r\n' '\n' echo “ m e s s a g e s " ∣ m a i l − s " {messages}" | mail -s " messages"∣mail−s"{subject}” $1 >>/tmp/mailx.log 2>&1 对脚本以及日志输出文件授权: touch /tmp/mailx.log chown -R zabbix.zabbix /tmp/mailx.log chown -R zabbix.zabbix /scripts/ chmod +x /scripts/mail.sh 测试发送邮件是否成功: /scripts/mail.sh 972808939@qq.com “hello” “safsaf”
配置告警脚本所在位置/usr/local/zabbix/etc/zabbix_server.conf AlertScriptsPath=/scripts 到zabbix web界面设置告警媒介:管理-报警媒介类型-创建报警媒介 脚本参数: {ALERT.SENDTO} 收件人 {ALERT.SUBJECT} 邮件标题 {ALERT.MESSAGE} 邮件内容 配置告警接收用户,选择告警等级 创建邮件发送动作 告警标题 Problem: {EVENT.NAME}故障{TRIGGER.STATUS},服务器:{HOSTNAME1}发生: {TRIGGER.NAME}故障! 告警内容 告警主机:{HOSTNAME1} 告警时间:{EVENT.DATE} {EVENT.TIME} 告警等级:{TRIGGER.SEVERITY} 告警信息: {TRIGGER.NAME} 告警项目:{TRIGGER.KEY1} 问题详情:{ITEM.NAME}:{ITEM.VALUE} 当前状态:{TRIGGER.STATUS}:{ITEM.VALUE1} 事件ID:{EVENT.ID} 在操作中勾选Pause operations for suppressed problems–>新的 添加一下内容:选择添加! 恢复操作与操作那边一样: 恢复标题 恢复{TRIGGER.STATUS}, 服务器:{HOSTNAME1}: {TRIGGER.NAME}已恢复! 恢复内容 恢复告警设备: {HOSTNAME1} 触发名称: {TRIGGER.NAME} 告警时间:{EVENT.DATE} {EVENT.TIME} 告警等级:{TRIGGER.SEVERITY} 恢复详情: {ITEM.NAME}:{ITEM.VALUE} 恢复当前状态为:{TRIGGER.STATUS} 事件ID:{EVENT.ID} 测试停掉nginx服务:
恢复服务:
KVM技术 虚拟化(KVM) 任务1 虚拟化介绍
简介 虚拟化,是指通过虚拟化技术将一台计算机虚拟为多台逻辑计算机。在一台计算机上同时运行多个逻辑计算机,每个逻辑计算机可运行不同的操作系统,并且应用程序都可以在相互独立的空间内运行而互不影响,从而显著提高计算机的工作效率 虚拟化使用软件的方法重新定义划分IT资源,可以实现IT资源的动态分配、灵活调度、跨域共享,提高IT资源利用率,使IT资源能够真正成为社会基础设施,服务于各行各业中灵活多变的应用需求。虚拟化分类 虚拟化技术可分为:全虚拟化和半虚拟化。 全虚拟化:最流行的虚拟化方法使用名为Hypervisor的一种软件,在虚拟服务器和底层硬件之间建立一个抽象层。VMware和微软的VirtualPC是代表该方法的两个商用产品,而基于核心的虚拟机(KVM)是面向Linux系统的开源产品。Hypervisor可以捕获CPU指令,为指令访问硬件控制器和外设充当中介。因而,完全虚拟化技术几乎能让任何一款操作系统不用改动就能安装到虚拟服务器上,而它们不知道自己运行在虚拟化环境下。主要缺点是,Hypervisor 给处理器带来的负荷会很大。 半虚拟化:完全虚拟化是处理器密集型技术,因为它要求Hypervisor管理各个虚拟服务器,并让它们彼此独立。减轻这种负担的一种方法就是,改动客户端操作系统,让它以为自己运行在虚拟环境下,能够与Hypervisor 协同工作。这种方法就叫准虚拟化(para-virtualization)Xen。它是开源准虚拟化技术的一个例子。操作系统作为虚拟服务器在Xen hypervisor上运行之前,它必须在核心层面进行某些改变。因此,Xen适用于BSD、Linux、Solaris及其他开源操作系统,但不适合像Windows这些专有的操作系统进行虚拟化处理,因为它们无法改动。准虚拟化技术的优点是性能高,经过准虚拟化处理的服务器可与Hypervisor协同工作,其响应能力几乎不亚于未经过虚拟化处理的服务器。准虚拟化与完全虚拟化相比优点明显,以至于微软和VMware都在开发这项技术,以完善各自的产品。虚拟化架构 Type-I型Hypervisor直接安装在物理机上,多个虚拟机在 Hypervisor 上运行。Hypervisor 实现方式一般是一个特殊定制的Linux系统。Xen和VMWare的ESXi 都属于这个类型。 Type-II型
物理机上首先安装常规的操作系统,比如 RedHat、Ubuntu和Windows。Hypervisor作为OS上的一个程序模块运行,并对管理虚拟机进行管理。KVM、VirtualBox和 VMWare Workstation 都属于这个类型。 任务2 KVM介绍
简介 KVM(Kernel-Based Virtual Machines)是一个基于Linux内核的虚拟化技术, 可以直接将Linux内核转换为Hypervisor(系统管理程序)从而使得Linux内核能够直接管理虚拟机, 直接调用Linux内核中的内存管理、进程管理子系统来管理虚拟机。 KVM的虚拟化需要硬件支持(如Intel VT技术或者AMD V技术)。是基于硬件的完全虚拟化。而Xen早期则是基于软件模拟的Para-Virtualization,新版本则是基于硬件支持的完全虚拟化。但Xen本身有自己的进程调度器、存储管理模块等,所以代码较为庞大。广为流传的商业系统虚拟化软件VMware ESX系列是基于软件模拟的Full-Virtualization。架构KVM架构图 任务3 安装KVM
调整虚拟机 修改虚拟机内存,至少设置成2 GB,双击“编辑虚拟机设置”按钮,如下图所示:将虚拟机的内存修改为“2048”,如图所示:
在“硬件”选项卡中单击“处理器”, 在虚拟化引擎中勾选如红框内所示选项,如下图所示:
接下来,我们添加硬盘,单击“添加”,如下图所示:
然后选择硬盘,单击“下一步”按钮,如下图所示:
选择“SCSI”,单击“下一步”按钮,如下图所示:
选中“创建新虚拟磁盘”选项,单击“下一步”按钮,如下图所示:
将最大磁盘大小修改为“50”,然后点击“下一步”按钮,如下图所示:
单击“完成”按钮,磁盘添加完成。如下图所示:
单击“确定”按钮,如下图所示:
至此,虚拟机设置完成。如图所示:
配置完成,我们启动虚拟机。 2. 检查CPU参数 启动虚拟机,我们查看以下,内存是否更改成功,命令如下: [root@kvm ~]# free total used free shared buff/cache available Mem: 1868688 125360 1582372 8752 160956 1584208 Swap: 097148 0 2097148 检查CPU是否开启虚拟化支持,命令如下: [root@kvm ~]# grep -Ei ‘vmx|svm’ /proc/cpuinfo //vmx为英特尔的cpu;svm为AMD的cpu。 flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon nopl xtopology tsc_reliable nonstop_tsc eagerfpu pni pclmulqdq vmx ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch arat tpr_shadow vnmi ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid mpx rdseed adx smap clflushopt xsaveopt xsavec xsaves flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon nopl xtopology tsc_reliable nonstop_tsc eagerfpu pni pclmulqdq vmx ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch arat tpr_shadow vnmi ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid mpx rdseed adx smap clflushopt xsaveopt xsavec xsaves 如果显示为空,就要检查你虚拟机设置,是否打“√”,如图:
挂载新磁盘 使用lsblk命令,检查虚拟机是否新增一块50 GB的磁盘,命令如下: [root@kvm ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 20G 0 disk ├─sda1 8:1 0 500M 0 part /boot └─sda2 8:2 0 19.5G 0 part ├─centos-root 253:0 0 17.5G 0 lvm / └─centos-swap 253:1 0 2G 0 lvm [SWAP] sdb 8:16 0 50G 0 disk sr0 11:0 1 4G 0 rom 我们可以看到确实新增了一块磁盘名为sdb。 接下来格式化这块磁盘,格式化成ext4格式,命令如下: [root@kvm ~]# mkfs.ext4 /dev/sdb mke2fs 1.42.9 (28-Dec-2013) /dev/sdb is entire device, not just one partition! Proceed anyway? (y,n) y Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) Stride=0 blocks, Stripe width=0 blocks 3276800 inodes, 13107200 blocks 655360 blocks (5.00%) reserved for the super user First data block=0 Maximum filesystem blocks=2162163712 400 block groups 32768 blocks per group, 32768 fragments per group 8192 inodes per group Superblock backups stored on blocks: 32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 4096000, 7962624, 11239424Allocating group tables: done Writing inode tables: done Creating journal (32768 blocks): done Writing superblocks and filesystem accounting information: done
[root@kvm ~]# blkid /dev/sdb //blkid+磁盘:查看磁盘信息 /dev/sdb: UUID=“dab6d659-e334-41ed-a15a-96ce05b48c1a” TYPE=“ext4” 格式化完成后,我们挂载磁盘,先创建挂载目录/kvm_data,然后进行挂载,命令如下: [root@kvm ~]# mkdir /kvm_data [root@kvm ~]# mount /dev/sdb /kvm_data/ 这种方式挂载,重启虚拟机后,需要再次重新挂载,我们为了方便开机后可以自动挂载,编写/etc/fstab文件,添加文件最末一行,命令如下: [root@kvm ~]# vi /etc/fstab [root@kvm ~]# cat /etc/fstab
/dev/mapper/centos-root / xfs defaults 0 0 UUID=34f3cd91-b7f0-44dd-9334-2bb66e939898 /boot xfs defaults 0 0 /dev/mapper/centos-swap swap swap defaults 0 0 /dev/sdb /kvm_data ext4 defaults 0 0 4. 关闭防火墙和selinux 关闭防火墙并设置开机不自启,命令如下: [root@kvm ~]# systemctl stop firewalld [root@kvm ~]# systemctl disable firewalld Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service. 关闭SELinux,编辑/etc/selinux/config,将enforcing修改为disabled,命令如下: [root@kvm ~]# vi /etc/selinux/config [root@kvm ~]# cat /etc/selinux/config
SELINUX=disabled //修改这一位置的内容
SELINUXTYPE=targeted 修改完成后,重启虚拟机,使其生效,使用getenforce查看,命令如下: [root@kvm ~]# getenforce Disabled 5. 安装KVM 上述操作完成后,我们使用Yum进行安装KVM,命令如下: [root@kvm ~]# yum install -y virt-* libvirt bridge-utils qemu-img ………… Complete! 任务4 启动KVM
配置网卡 增加桥接网卡ifcfg-br0,命令如下: [root@kvm ~]# cd /etc/sysconfig/network-scripts/ [root@kvm network-scripts]# cp ifcfg-eno16777736 ifcfg-br0 //ifcfg-eno16777736为配置IP的网卡,你的网卡可能与我的不同 修改桥接网卡ifcfg-br0的内容,命令如下: [root@kvm network-scripts]# vi ifcfg-br0 [root@kvm network-scripts]# cat ifcfg-br0 TYPE=Bridge BOOTPROTO=none NAME=br0 DEVICE=br0 ONBOOT=yes IPADDR=192.168.16.5 NETMASK=255.255.255.0 GATEWAY=192.168.16.2 DNS1=114.114.114.114 DNS2=8.8.8.8 修改NAT网卡ifcfg-eno16777736,内容如下: [root@kvm network-scripts]# vi ifcfg-eno16777736 [root@kvm network-scripts]# cat ifcfg-eno16777736 TYPE=Ethernet BOOTPROTO=none NAME=eno16777736 DEVICE=eno16777736 ONBOOT=yes BRIDGE=br0 修改完成网卡内容后,重新启动网卡服务并查看网卡信息,命令如下: [root@kvm network-scripts]# service network restart Restarting network (via systemctl): [ OK ] [root@kvm network-scripts]# ifconfig br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.16.5 netmask 255.255.255.0 broadcast 192.168.16.255 inet6 fe80::20c:29ff:fe8d:1f90 prefixlen 64 scopeid 0x20 ether 00:0c:29:8d:1f:90 txqueuelen 0 (Ethernet) RX packets 90 bytes 7092 (6.9 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 38 bytes 3604 (3.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 ether 00:0c:29:8d:1f:90 txqueuelen 1000 (Ethernet) RX packets 126287 bytes 182444678 (173.9 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 32532 bytes 2953477 (2.8 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 0 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 可以清楚的看到br0网卡出现并且带有IP,而以前的eno16777736网卡则没有IP。网卡配置完成 2. 启动libvirtd服务 首先检查KVM模块是否加载,命令如下: [root@kvm network-scripts]# lsmod|grep kvm kvm_intel 162153 0 kvm 525259 1 kvm_intel 启动libvirtd并检查是否成功启动,命令如下: [root@kvm network-scripts]# systemctl start libvirtd [root@kvm network-scripts]# ps -ef |grep libvirt root 17270 1 1 04:36 ? 00:00:00 /usr/sbin/libvirtd nobody 17383 1 0 04:36 ? 00:00:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper root 17384 17383 0 04:36 ? 00:00:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper root 17416 2264 0 04:36 pts/0 00:00:00 grep --color=auto libvirt 启动成功后,使用brctl命令可以看到两个网卡,如下代码所示: [root@kvm ~]# cd [root@kvm ~]# brctl show bridge name bridge id STP enabled interfaces br0 8000.000c298d1f90 no eno16777736 virbr0 8000.525400c7e229 yes virbr0-nic 3. 命令行安装CentOS 7 CentOS7镜像下载地址: http://mirrors.163.com/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-2003.iso 首先,通过SCRT上传CentOS 7镜像到/tmp目录下,如果没有镜像的可以自行下载。上传后,使用ll命令查看/tmp目录下是否存在CentOS 7镜像文件,命令如下: [root@kvm ~]# ll /tmp/ total 4228096 -rw-r–r-- 1 root root 4329570304 Apr 15 2016 CentOS-7-x86_64-DVD-1511.iso 镜像存在,接下来使用virt-install进行CentOS 7的安装,命令如下: [root@kvm ~]# virt-install --name=test --memory=512,maxmemory=1024 –vcpus=1,maxvcpus=2 --os-type=linux --os-variant=rhel7 –location=/tmp/CentOS-7-x86_64-DVD-1511.iso –disk path=/kvm_data/test.img,size=10 –bridge=br0 –graphics=none –console=pty,target_type=serial –extra-args=“console=tty0 console=ttyS0” 命令解释: --name:指定虚拟机的名称。 --memory:指定分配给虚拟机的内存资源大小。 maxmemory:指定可调节的最大内存资源大小,因为KVM支持热调整虚拟机的资源。 --vcpus:指定分配给虚拟机的CPU核心数量。 maxvcpus:指定可调节的最大CPU核心数量。 --os-type:指定虚拟机安装的操作系统类型。 --os-variant:指定系统的发行版本。 --location:指定ISO镜像文件所在的路径,支持使用网络资源路径,也就是说可以使用URL。 --disk path:指定虚拟硬盘所存放的路径及名称,size则是指定该硬盘的可用大小,单位是G。 --bridge:指定使用哪一个桥接网卡,也就是说使用桥接的网络模式。 --graphics:指定是否开启图形。 --console:定义终端的属性,target_type 则是定义终端的类型。 --extra-args:定义终端额外的参数。 打完上面那条命令后,等一会,就可以看见下面这段命令,这是系统基础设置,带[!]基本都是需要配置的,接下来我们开始配置“Timezone settings”,输入“2”,按Enter键,命令如下: Starting installer, one moment… anaconda 21.48.22.56-1 for CentOS 7 started.
installation log files are stored in /tmp during the installationshell is available on TTY2when reporting a bug add logs from /tmp as separate text/plain attachments 17:01:51 Not asking for VNC because we don’t have a network ================================================================================ ================================================================================ Installation Language settings 2) [!] Timezone settings (English (United States)) (Timezone is not set.)[!] Installation source 4) [!] Software selection (Processing…) (Processing…)[!] Installation Destination 6) [x] Kdump (No disks selected) (Kdump is enabled) Network configuration 8) [!] Root password (Not connected) (Password is not set.)[!] User creation (No user will be created) Please make your choice from above [‘q’ to quit | ‘b’ to begin installation | ‘r’ to refresh]: 2 ===================================================================== “Timezone settings”时区设置选择 5) Asia亚洲,再选择城市 62) Shanghai上海,命令如下: Timezone settingsAvailable regions
Africa 6) Atlantic 10) PacificAmerica 7) Australia 11) USAntarctica 8) Europe 12) EtcArctic 9) IndianAsia Please select the timezone. Use numbers or type names directly [b to region list, q to quit]: 5 ================================================================================ ================================================================================ Timezone settingsAvailable timezones in region Asia
Aden 28) Irkutsk 54) Pyongyang
Almaty 29) Jakarta 55) Qatar
Amman 30) Jayapura 56) Qyzylorda
Anadyr 31) Jerusalem 57) Rangoon
Aqtau 32) Kabul 58) Riyadh
Aqtobe 33) Kamchatka 59) Sakhalin
Ashgabat 34) Karachi 60) Samarkand
Baghdad 35) Kathmandu 61) Seoul
Bahrain 36) Khandyga 62) Shanghai
Baku 37) Kolkata 63) Singapore
Bangkok 38)Krasnoyarsk 64) Srednekolymsk
Beirut 39) Kuala_Lumpur 65) Taipei
Bishkek 40) Kuching 66) Tashkent
Brunei 41) Kuwait 67) Tbilisi
Chita 42) Macau 68) Tehran
Choibalsan 43) Magadan 69) Thimphu
Colombo 44) Makassar 70) Tokyo
Damascus 45) Manila 71) Ulaanbaatar
Dhaka 46) Muscat 72) Urumqi
Dili 47) Nicosia 73) Ust-Nera
Dubai 48) Novokuznetsk 74) Vientiane
Dushanbe 49) Novosibirsk 75) Vladivostok Press ENTER to continue
Gaza 50) Omsk 76) Yakutsk
Hebron 51) Oral 77) Yekaterinburg
Ho_Chi_Minh 52) Phnom_Penh 78) Yerevan
Hong_Kong 53) Pontianak
Hovd Please select the timezone. Use numbers or type names directly [b to region list, q to quit]: 62 ================================================================================ 输入完毕后,可以发现2的[!]变成了[x],证明配置完毕。 接下来我们配置“Software selection”,选择“4”,在选择“c”,因为默认就是minimalinstall,按Enter键,命令如下: Installation
Language settings 2) [x] Timezone settings (English (United States)) (Asia/Shanghai timezone)
Installation source 4) [!] Software selection (Local media) (Minimal Install)
[!] Installation Destination 6) [x] Kdump (No disks selected) (Kdump is enabled)
Network configuration 8) [!] Root password (Not connected) (Password is not set.)
[!] User creation (No user will be created) Please make your choice from above [‘q’ to quit | ‘b’ to begin installation | ‘r’ to refresh]: 4 ================================================================================ ================================================================================ Base environment Software selection
Base environment
Minimal Install 7) [ ] Server with GUI
Compute Node 8) [ ] GNOME Desktop
Infrastructure Server 9) [ ] KDE Plasma Workspaces
File and Print Server 10) [ ] Development and Creative Work
Basic Web Server station
Virtualization Host Please make your choice from above [‘q’ to quit | ‘c’ to continue | ‘r’ to refresh]: c 接下来我们配置“Installation Destination”,选择“5”,其余的依次选择“c”,按Enter键,命令如下: Installation
Language settings 2) [x] Timezone settings (English (United States)) (Asia/Shanghai timezone)
[!] Installation source 4) [!] Software selection (Processing…) (Processing…)
[!] Installation Destination 6) [x] Kdump (No disks selected) (Kdump is enabled)
Network configuration 8) [!] Root password (Not connected) (Password is not set.)
[!] User creation (No user will be created) Please make your choice from above [‘q’ to quit | ‘b’ to begin installation | ‘r’ to refresh]: 5 ================================================================================ ================================================================================ Probing storage… Installation Destination
[x] 1) : 10 GiB (vda)
1 disk selected; 10 GiB capacity; 10 GiB free …
================================================================================ Autopartitioning Options
[ ] 1) Replace Existing Linux system(s)
[x] 2) Use All Space
[ ] 3) Use Free Space
Installation requires partitioning of your hard drive. Select what space to use for the install target.
================================================================================ Partition Scheme Options
[ ] 1) Standard Partition
[ ] 2) Btrfs
[x] 3) LVM
[ ] 4) LVM Thin Provisioning
Select a partition scheme configuration.
================================================================================ 接下来配置“Root password”,选择8,按Enter键,命令如下: Installation
Language settings 2) [x] Timezone settings (English (United States)) (Asia/Shanghai timezone) Installation source 4) [x] Software selection (Local media) (Minimal Install) Installation Destination 6) [x] Kdump (Automatic partitioning selecte (Kdump is enabled) d) 8) [!] Root password Network configuration (Password is not set.) (Not connected)[!] User creation (No user will be created) Please make your choice from above [‘q’ to quit | ‘b’ to begin installation | ‘r’ to refresh]: 8 ================================================================================ ================================================================================ Please select new root password. You will have to type it twice. 依次输入两次密码,密码相同,我设置的为123456,命令如下: Password: 123456 //密码为密文,不显示。 Password (confirm): 123456 ================================================================================ ================================================================================ Question========================================================= 配置完成,选择“b”,按Enter键后,开始安装,命令如下: Installation
Language settings 2) [x] Timezone settings (English (United States)) (Asia/Shanghai timezone)
Installation source 4) [x] Software selection (Local media) (Minimal Install)
Installation Destination 6) [x] Kdump (Automatic partitioning selecte (Kdump is enabled) d) 8) [x] Root password
Network configuration (Password is set.) (Not connected)
User creation (No user will be created) Please make your choice from above [‘q’ to quit | ‘b’ to begin installation | ‘r’ to refresh]: b ================================================================================ ================================================================================ Progress Setting up the installation environment . Creating disklabel on /dev/vda . Creating xfs on /dev/vda1 . Creating lvmpv on /dev/vda2 . Creating swap on /dev/mapper/centos-swap . …………………… Installing readline (34/297) Installing gawk (35/297) Installing elfutils-libelf (36/297) Installing libgpg-error (37/297) Installing libffi (38/297) Installing libattr (39/297) Installing libacl (40/297) Installing libcap (41/297) Installing libgcrypt (42/297) Installing cpio (43/297) Installing libxml2 (44/297) Installing libnl3 (45/297) Installing expat (46/297) Installing p11-kit (47/297) …………………… . Performing post-installation setup tasks . Configuring installed system . Writing network configuration . Creating users . Configuring addons . Generating initramfs . Running post-installation scripts . Use of this product is subject to the license agreement found at /usr/share/centos-release/EULA
Installation complete. Press return to quit//按回车 …………………… CentOS Linux 7 (Core) Kernel 3.10.0-327.el7.x86_64 on an x86_64 localhost login: root Password: 123456 [root@localhost ~]# //按“Ctrl+]”键,退出终端,回到宿主机。 [root@kvm ~]# CentOS 7安装完成。 任务5 虚拟机管理
KVM基本管理 完成虚拟机安装,已经退回到宿主机,接下来我们来通过宿主机virsh命令进行管理刚才安装的CentOS 7虚拟机。 查看虚拟机列表,命令如下: [root@kvm ~]# virsh list //查看虚拟机列表,只能看到正在运行的虚拟机 Id Name State2 test running 进入指定的虚拟,命令如下: [root@kvm ~]# virsh console test Connected to domain test Escape character is ^] //如果迟迟未动敲下回车就ok,下面就是正常登录时需要输入的用户名密码 CentOS Linux 7 (Core) Kernel 3.10.0-327.el7.x86_64 on an x86_64
1588485687 2020-05-03 14:01:27 +0800 shutoff 查看当前快照版本,命令如下: [root@kvm ~]# virsh snapshot-current test 1588485687 shutoff 1588485687 test 49d7cb9c-20dc-42dd-a260-01532b5132e5 1048576 524288 2 hvm Broadwell-noTSX-IBRS <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> /usr/libexec/qemu-kvm
/dev/urandom 查看所有快照配置文件,命令如下: [root@kvm ~]# ls /var/lib/libvirt/qemu/snapshot/test/ 1588485687.xml 恢复指定快照,命令如下: [root@kvm ~]# virsh snapshot-revert test 1588485687 删除指定快照,命令如下: [root@kvm ~]# virsh snapshot-delete test 1588485687 Domain snapshot 1588485687 deleted 4. 磁盘格式 查看虚拟磁盘格式,命令如下: [root@kvm ~]# qemu-img info /kvm_data/test.img image: /kvm_data/test.img file format: qcow2 virtual size: 10G (10737418240 bytes) disk size: 1.1G cluster_size: 65536 Format specific information: compat: 1.1 lazy refcounts: true 创建2 GB的RAW格式磁盘,命令如下: [root@kvm ~]# qemu-img create -f raw /kvm_data/test_1.img 2G Formatting ‘/kvm_data/test_1.img’, fmt=raw size=2147483648 RAW格式的磁盘转换为qcow2格式,命令如下: [root@kvm ~]# qemu-img convert -O qcow2 /kvm_data/test_1.img /kvm_data/test_1.qcow2 查看test1.img大小,命令如下: [root@kvm ~]# ls -lh /kvm_data/test_1.img -rw-r–r-- 1 root root 2.0G May 3 15:11 /kvm_data/test_1.img [root@kvm ~]# ls -lh /kvm_data/test_1.qcow2 -rw-r–r-- 1 root root 193K May 3 15:38 /kvm_data/test_1.qcow2 //可以看到qcow2文件比较小,raw文件大小和我们指定空间大小一样是2G //raw格式的磁盘性能比qcow2要好,但是raw格式的磁盘无法做快照 将test02转成raw格式,命令如下: [root@kvm ~]# qemu-img convert -O raw /kvm_data/test02.img /kvm_data/test02_2.raw 更改磁盘格式和文件路径,然后启动test02虚拟机,命令如下: [root@kvm ~]# virsh edit test02 ………… //找到上面这部分将qcow修改为raw,/kvm_data/test02.img改为/kvm_data/test02_2.raw ……………… 查看磁盘所属用户和组,命令如下: [root@kvm ~]# ls -l /kvm_data/ total 3310628 drwx------ 2 root root 16384 Apr 29 00:20 lost+found -rw-r–r-- 1 root root 10737418240 May 3 16:14 test02_2.raw -rw------- 1 root root 1133772800 May 3 16:02 test02.img -rw-r–r-- 1 root root 2147483648 May 3 15:11 test_1.img -rw-r–r-- 1 root root 197120 May 3 16:05 test_1.qcow2 -rw------- 1 root root 10739384832 May 3 14:14 test.img 启动虚拟机test02,然后再次查看磁盘所属用户和组,命令如下: [root@kvm ~]# virsh start test02 Domain test02 started [root@kvm ~]# ls -l /kvm_data/ total 3310628 drwx------ 2 root root 16384 Apr 29 00:20 lost+found -rw-r–r-- 1 qemu qemu 10737418240 May 3 16:14 test02_2.raw -rw------- 1 root root 1133772800 May 3 16:02 test02.img -rw-r–r-- 1 root root 2147483648 May 3 15:11 test_1.img -rw-r–r-- 1 root root 197120 May 3 16:05 test_1.qcow2 -rw------- 1 root root 10739384832 May 3 14:14 test.img //启动后所属组变化成qemu的是test02_2.raw,证明这个磁盘正在被使用 5. 磁盘扩容 我们知道,在这里磁盘一共有两种格式,一种是RAW格式,一种是qcow2格式,接下来我们分别给这两种磁盘格式进行扩容。 首先扩容RAW格式,命令如下: [root@kvm ~]# qemu-img resize /kvm_data/test02_2.raw +2G Image resized. 查看test02_2.raw信息,命令如下: [root@kvm ~]# qemu-img info /kvm_data/test02_2.raw image: /kvm_data/test02_2.raw file format: raw virtual size: 12G (12884901888 bytes) disk size: 1.0G 进入虚拟机test02,使用fdisk -l查看磁盘,命令如下: [root@kvm ~]# virsh console test02 [root@localhost ~]# fdisk -l Disk /dev/vda: 10.7 GB, 10737418240 bytes, 20971520 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x0005b865 Device Boot Start End Blocks Id System /dev/vda1 * 2048 1026047 512000 83 Linux /dev/vda2 1026048 20971519 9972736 8e Linux LVMDisk /dev/mapper/centos-root: 9093 MB, 9093251072 bytes, 17760256 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/mapper/centos-swap: 1073 MB, 1073741824 bytes, 2097152 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes //可以看到磁盘还是10 GB 退出终端,关闭test02虚拟机,重新启动,然后再次进入虚拟机test02,使用fdisk -l查看磁盘,命令如下: [root@kvm ~]# virsh destroy test02 Domain test02 destroyed
[root@kvm ~]# virsh start test02 Domain test02 started
[root@kvm ~]# virsh console test02 [root@localhost ~]# fdisk -l Disk /dev/vda: 12.9 GB, 12884901888 bytes, 25165824 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x0005b865 Device Boot Start End Blocks Id System /dev/vda1 * 2048 1026047 512000 83 Linux /dev/vda2 1026048 20971519 9972736 8e Linux LVM
Disk /dev/mapper/centos-root: 9093 MB, 9093251072 bytes, 17760256 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/mapper/centos-swap: 1073 MB, 1073741824 bytes, 2097152 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes 可以看到已经变成12 GB了。 接下来,我们怎么使用新增加的这2 GB磁盘,那就是分区,命令如下: [root@localhost ~]# fdisk /dev/vda Welcome to fdisk (util-linux 2.23.2).
Changes will remain in memory only, until you decide to write them. Be careful before using the write command.
Command (m for help): n //新建分区 Partition type: p primary (2 primary, 0 extended, 2 free) e extended Select (default p): p Partition number (3,4, default 3): //按Enter键 First sector (20971520-25165823, default 20971520): //按Enter键 Using default value 20971520 Last sector, +sectors or +size{K,M,G} (20971520-25165823, default 25165823): //按Enter键 Using default value 25165823 Partition 3 of type Linux and of size 2 GiB is set Command (m for help): p //查看分区列表 Disk /dev/vda: 12.9 GB, 12884901888 bytes, 25165824 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x0005b865
Device Boot Start End Blocks Id System /dev/vda1 * 2048 1026047 512000 83 Linux /dev/vda2 1026048 20971519 9972736 8e Linux LVM /dev/vda3 20971520 25165823 2097152 83 Linux
Command (m for help): w //保存退出并退出终端 除了对已有磁盘扩容外,还可以额外增加磁盘,命令如下: [root@kvm ~]# qemu-img create -f raw /kvm_data/test02_3.raw 5G Formatting ‘/kvm_data/test02_3.raw’, fmt=raw size=5368709120 使用virsh edit编辑test02虚拟机,将新磁盘增加到test02虚拟机,命令如下 [root@kvm ~]# virsh edit test02 ………………
//找到这一部分内容,在下面增加以下内容 ………………关闭test02虚拟机,重新启动,然后进入该虚拟机,使用fdisk -l查看磁盘,命令如下: [root@kvm ~]# virsh destroy test02 Domain test02 destroyed
[root@kvm ~]# virsh start test02 Domain test02 started [root@kvm ~]# virsh console test02 [root@localhost ~]# fdisk -l
Disk /dev/vda: 12.9 GB, 12884901888 bytes, 25165824 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x0005b865
Device Boot Start End Blocks Id System /dev/vda1 * 2048 1026047 512000 83 Linux /dev/vda2 1026048 20971519 9972736 8e Linux LVM /dev/vda3 20971520 25165823 2097152 83 Linux
Disk /dev/vdb: 5368 MB, 5368709120 bytes, 10485760 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/mapper/centos-root: 9093 MB, 9093251072 bytes, 17760256 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/mapper/centos-swap: 1073 MB, 1073741824 bytes, 2097152 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes 可以看到多了一块5 GB的磁盘,退出终端。 接下来,我们扩容qcow2格式的磁盘,命令如下: [root@kvm ~]# qemu-img resize /kvm_data/test.img +2G Image resized. //若提示qemu-img: Can’t resize an image which has snapshots,需要删除快照 查看test.img信息,命令如下: [root@kvm ~]# qemu-img info /kvm_data/test.img image: /kvm_data/test.img file format: qcow2 virtual size: 12G (12884901888 bytes) disk size: 1.1G cluster_size: 65536 Format specific information: compat: 1.1 lazy refcounts: true 关闭test虚拟机,重新启动,然后再次进入虚拟机test02,使用fdisk -l查看磁盘,命令如下: [root@kvm ~]# virsh destroy test Domain test destroyed
[root@kvm ~]# virsh start test Domain test started
[root@kvm ~]# virsh console test [root@localhost ~]# fdisk -l Disk /dev/vda: 12.9 GB, 12884901888 bytes, 25165824 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x0005b865
Device Boot Start End Blocks Id System /dev/vda1 * 2048 1026047 512000 83 Linux /dev/vda2 1026048 20971519 9972736 8e Linux LVM
Disk /dev/mapper/centos-root: 9093 MB, 9093251072 bytes, 17760256 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/mapper/centos-swap: 1073 MB, 1073741824 bytes, 2097152 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes 分区新增加的2 GB磁盘,命令如下: [root@localhost ~]# fdisk /dev/vda Welcome to fdisk (util-linux 2.23.2).
Changes will remain in memory only, until you decide to write them. Be careful before using the write command.
Command (m for help): n Partition type: p primary (2 primary, 0 extended, 2 free) e extended Select (default p): p Partition number (3,4, default 3): First sector (20971520-25165823, default 20971520): Using default value 20971520 Last sector, +sectors or +size{K,M,G} (20971520-25165823, default 25165823): Using default value 25165823 Partition 3 of type Linux and of size 2 GiB is set
Command (m for help): w /保存并退出终端 新增一块qcow2格式的磁盘,命令如下: [root@kvm ~]# qemu-img create -f qcow2 /kvm_data/test_2.img 5G Formatting ‘/kvm_data/test_2.img’, fmt=qcow2 size=5368709120 encryption=off cluster_size=65536 lazy_refcounts=off 使用virsh edit编辑test虚拟机,将新磁盘增加到test虚拟机,命令如下: [root@kvm ~]# virsh edit test ………………
//找到这一部分内容,在下面增加以下内容 ……………… 关闭test虚拟机,重新启动,然后进入该虚拟机,使用fdisk -l查看磁盘,命令如下: [root@kvm ~]# virsh destroy test Domain test destroyed[root@kvm ~]# virsh start test Domain test started
[root@kvm ~]# virsh console test [root@localhost ~]# fdisk -l
Disk /dev/vda: 12.9 GB, 12884901888 bytes, 25165824 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x0005b865
Device Boot Start End Blocks Id System /dev/vda1 * 2048 1026047 512000 83 Linux /dev/vda2 1026048 20971519 9972736 8e Linux LVM /dev/vda3 20971520 25165823 2097152 83 Linux
Disk /dev/vdb: 5368 MB, 5368709120 bytes, 10485760 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/mapper/centos-root: 9093 MB, 9093251072 bytes, 17760256 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/mapper/centos-swap: 1073 MB, 1073741824 bytes, 2097152 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes 退出终端 6. 调整CPU内存、网卡 查看虚拟机配置信息,命令如下: [root@kvm ~]# virsh dominfo test Id: 8 Name: test UUID: 49d7cb9c-20dc-42dd-a260-01532b5132e5 OS Type: hvm State: running CPU(s): 1 CPU time: 20.8s Max memory: 1048576 KiB Used memory: 524288 KiB Persistent: yes Autostart: disable Managed save: no Security model: none Security DOI: 0 编辑虚拟机内存,命令如下: [root@kvm ~]# virsh edit test ………… 1048576 //最大内存 524288 //可用内存 2 //最大cpu ……………… //将以上内容修改为如下内容 ………… 1048576 624288 2 ………… 关闭虚拟机,重启动虚拟机,命令如下: [root@kvm ~]# virsh destroy test Domain test destroyed [root@kvm ~]# virsh start test Domain test started 查看虚拟机配置信息,看是否修改成功,命令如下: [root@kvm ~]# virsh dominfo test Id: 10 Name: test UUID: 49d7cb9c-20dc-42dd-a260-01532b5132e5 OS Type: hvm State: running CPU(s): 1 CPU time: 21.4s Max memory: 1048576 KiB Used memory: 624288 KiB Persistent: yes Autostart: disable Managed save: no Security model: none Security DOI: 0 除了这种修改方式之外,还有一种动态修改,命令如下: [root@kvm ~]# virsh setmem test 800m //动态修改内存 [root@kvm ~]# virsh setvcpus test 2 //动态修改cpu,只可以增加不可以减少 查看配置信息,看是否修改成功,命令如下: [root@kvm ~]# virsh dominfo test Id: 10 Name: test UUID: 49d7cb9c-20dc-42dd-a260-01532b5132e5 OS Type: hvm State: running CPU(s): 2 CPU time: 22.8s Max memory: 1048576 KiB Used memory: 819200 KiB Persistent: yes Autostart: disable Managed save: no Security model: none Security DOI: 0
vnet1 bridge br0 virtio 52:54:00:93:bf:07 vnet2 bridge virbr0 rtl8139 52:54:00:29:ed:8b [root@kvm ~]# virsh dumpxml test > /etc/libvirt/qemu/test.xml 进入test虚拟机,查看网卡信息,命令如下: [root@kvm ~]# virsh console test [root@localhost ~]# ifconfig ens10: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.122.8 netmask 255.255.255.0 broadcast 192.168.122.255 inet6 fe80::5054:ff:fe29:ed8b prefixlen 64 scopeid 0x20 ether 52:54:00:29:ed:8b txqueuelen 1000 (Ethernet) RX packets 5186 bytes 7413267 (7.0 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1480 bytes 84889 (82.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens11: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.16.129 netmask 255.255.255.0 broadcast 192.168.16.255 inet6 fe80::5054:ff:fe15:abbd prefixlen 64 scopeid 0x20 ether 52:54:00:15🆎bd txqueuelen 1000 (Ethernet) RX packets 13 bytes 1328 (1.2 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 16 bytes 1668 (1.6 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 ether 52:54:00:93:bf:07 txqueuelen 1000 (Ethernet) RX packets 55 bytes 8520 (8.3 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
6 test02 running
test shut off test03 shut off