Book - KVM en PDF
Book - KVM en PDF
Book - KVM en PDF
11.4
December19,2011
Contents
About This Manual Part I Requirements, Limitations, and Support Status 1 KVM Installation and Requirements
1.1 1.2 1.3 1.4 Hardware Requirements . . . . . . Supported Guest Operating Systems The kvm package . . . . . . . . Installing KVM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
vii 1 3
3 4 7 8
2 KVM Limitations
2.1 2.2 2.3 General Limitations . . . . . . . . . . . . . . . . . . . . . . . . . Hardware Limitations . . . . . . . . . . . . . . . . . . . . . . . Performance Limitations . . . . . . . . . . . . . . . . . . . . . .
9
9 10 10
13
13 15
17 19 23
23 29 35
37
37 38 40 42 44
. . . . . . . . . . . .
45
45 55 63
8 Managing Storage
8.1 Managing Storage with Virtual Machine Manager . . . . . . . . . . .
67
69
77
Adding a CD/DVD-ROM Device with Virtual Machine Manager . . . . . . 77 Adding a Floppy Device with Virtual Machine Manager . . . . . . . . . 78 Ejecting and Changing Floppy or CD/DVD-ROM Media with Virtual Machine Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Clock Settings . . . . . . . . . . . . . . . . . . . . . . . . . . 80
1 0 Administrating VM Guests
10.1 10.2 Migrating VM Guests . . . . . . . . . . . . . . . . . . . . . . . Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . .
83
83 86
Part III Managing Virtual Machines with QEMU 1 1 Overview 1 2 Guest Installation
12.1 12.2 Basic Installation with qemu-kvm . . . . . . . . . . . . . . . . . . Managing Disk Images with qemu-img . . . . . . . . . . . . . . . .
89 91 93
94 96
109
109 110 114 121 126
133
133 133 136 137 137 138 138 139 141 141
A Appendix
A.1 A.2 A.3 Installing Para-Virtualized Drivers . . . . . . . . . . . . . . . . . . Generating x509 Client/Server Certificates . . . . . . . . . . . . . . QEMU Command Line Options . . . . . . . . . . . . . . . . . . .
143
143 149 150
B GNU Licenses
B.1 B.2 GNU General Public License . . . . . . . . . . . . . . . . . . . . GNU Free Documentation License . . . . . . . . . . . . . . . . .
157
157 160
1 Available Documentation
We provide HTML and PDF versions of our books in different languages. The following manuals for users and administrators are available on this product: Start-Up (Start-Up) Guides you step-by-step through the installation of openSUSE from DVD, or from an ISO image, gives short introductions to the GNOME and KDE desktops including some key applications running on it. Also gives an overview of LibreOffice and its modules for writing texts, working with spreadsheets, or creating graphics and presentations. Reference (Reference) Gives you a general understanding of openSUSE and covers advanced system administration tasks. It is intended mainly for system administrators and home users with basic system administration knowledge. It provides detailed information about advanced deployment scenarios, administration of your system, the interaction of key system components and the set-up of various network and file services openSUSE offers. Security Guide (Security Guide) Introduces basic concepts of system security, covering both local and network security aspects. Shows how to make use of the product inherent security software
like Novell AppArmor (which lets you specify per program which files the program may read, write, and execute) or the auditing system that reliably collects information about any security-relevant events. System Analysis and Tuning Guide (System Analysis and Tuning Guide) An administrator's guide for problem detection, resolution and optimization. Find how to inspect and optimize your system by means of monitoring tools and how to efficiently manage resources. Also contains an overview of common problems and solutions and of additional help and documentation resources. Virtualization with KVM (page 1) This manual offers an introduction to setting up and managing virtualization with KVM (Kernel-based Virtual Machine) on openSUSE. Also shows how to manage VM Guests with libvirt and QEMU. Find HTML versions of most product manuals in your installed system under /usr/ share/doc/manual or in the help centers of your desktop. Find the latest documentation updates at http://www.novell.com/documentation where you can download PDF or HTML versions of the manuals for your product.
2 Feedback
Several feedback channels are available: Bugs and Enhancement Requests To report bugs for a product component, or to submit enhancement requests, please use https://bugzilla.novell.com/. For documentation bugs, submit a bug against the component Documentation for the respective product. If you are new to Bugzilla, you might find the following articles helpful: http://en.opensuse.org/openSUSE:Submitting_bug_reports http://en.opensuse.org/openSUSE:Bug_reporting_FAQ User Comments We want to hear your comments and suggestions about this manual and the other documentation included with this product. Use the User Comments feature at the
viii
bottom of each page in the online documentation or go to http://www.novell .com/documentation/feedback.html and enter your comments there.
3 Documentation Conventions
The following typographical conventions are used in this manual: /etc/passwd: directory names and filenames placeholder: replace placeholder with the actual value PATH: the environment variable PATH ls, --help: commands, options, and parameters user: users or groups Alt, Alt + F1: a key to press or a key combination; keys are shown in uppercase as on a keyboard File, File > Save As: menu items, buttons Dancing Penguins (Chapter Penguins, Another Manual): This is a reference to a chapter in another manual.
ix
5 Source Code
The source code of openSUSE is publicly available. To download the source code, proceed as outlined under http://en.opensuse.org/Portal: Distribution/Features. If requested we send you the source code on a DVD. We need to charge a $15 or 15 fee for creation, handling and postage. To request a DVD of the source code, send an e-mail to [email protected] [mailto: [email protected]] or mail the request to:
SUSE Linux Products GmbH Product Management openSUSE Maxfeldstr. 5 D-90409 Nrnberg Germany
6 Acknowledgments
With a lot of voluntary commitment, the developers of Linux cooperate on a global scale to promote the development of Linux. We thank them for their effortsthis distribution would not exist without them. Furthermore, we thank Frank Zappa and Pawar. Special thanks, of course, goes to Linus Torvalds. Have a lot of fun! Your SUSE Team
If this command returns no output, your processor either does not support hardware virtualization, or this feature has been disabled in the BIOS. The following websites identify processors which support hardware virtualization: http://wiki.xensource.com/xenwiki/HVM_Compatible_Processors http://en.wikipedia.org/wiki/X86_virtualization NOTE The KVM Kernel modules will not load if the CPU does not support hardware virtualization or if this feature is not enabled in the BIOS. The general minimum hardware requirements for the VM Host Server are the same as outlined in . However, additional RAM for each virtualized guest is needed. It should at least be the same amount that is needed for a physical installation. It is also strongly recommended to have at least one processor core or hyper-thread for each running guest.
openSUSE 11.4 Virtualization Type: PV drivers: Support Status: openSUSE 10 SP3 Virtualization Type: PV drivers: Support Status: openSUSE 9 SP4 Virtualization Type: Support Status: Note: Fully virtualized Fully virtualized Fully virtualized
Fully Supported 32-bit Kernel: specify clock=pmtmr on Linux boot line 64-bit Kernel: specify ignore_lost_ticks on Linux boot line
SUSE Linux Enterprise Desktop 11 SP1 Virtualization Type: PV drivers: Fully virtualized
Support Status:
Tech Preview
RedHat Enterprise Linux 4.x / 5.x Virtualization Type: PV drivers: Support Status: Note: Fully Virtualized
See http://www.redhat.com/ Best Effort Refer to the RHEL Virtualization guide for more information.
Windows XP SP3+ / Windows Server 2003 SP2+ / Windows Server 2008+ / Windows Vista SP1+ / Windows 7 Virtualization Type: PV drivers: Support Status: IMPORTANT Guest images created under a previous SUSE Linux Enterprise version are not supported. Best Effort
SUSE Linux Enterprise Server 10 SP3 Available from http://drivers.suse.com/novell/Novell-virtio -drivers-2.6.27/sle10-sp3/install-readme.html. Refer to Section 5.3.1, Adding para-virtualized Drivers During the Installation (page 35) or Section A.1.1, Installing Para-Virtualized Drivers for SUSE Linux Enterprise Server 10 SP3 (page 143) for installation instructions. SUSE Linux Enterprise Server 9 SP4 not available RedHat available in RedHat Enterprise Linux 5.4 and newer Windows Available from /usr/share/qemu-kvm/win-virtio-drivers.iso. Refer to Section A.1.2, Installing virtio Drivers for Microsoft Windows* (page 144) for installation instructions.
vm-install: Define a VM Guest and install its operating system. virt-viewer: An X viewer client for VM Guests which supports TLS/SSL encryption of x509 certificate authentication and SASL authentication. Support for creating and manipulating file-based virtual disk images is provided by qemu-img. qemu-img is provided by the package virt-utils.
KVM Limitations
Although virtualized machines behave almost like physical machines, some limitations apply. These affect both, the VM Guest as well as the VM Host Server system.
KVM Limitations
MAC address. It is recommended to always assure a unique MAC address has been assigned for each NIC. Live Migration Live Migration is only possible between VM Host Servers with a processor from the same vendor. Guest storage has to be accessible from both VM Host Servers. User Permissions The management tools (Virtual Machine Manager, virsh, vm-install) need to authenticate with libvirtsee Chapter 7, Connecting and Authorizing (page 45) for details. In order to invoke qemu-kvm from the command line, a user has to be a member of the group kvm. Suspending/Hibernating the VM Host Server Suspending or hibernating the VM Host Server system while guests are running is not supported.
10
at the cost of a slight to moderate performance impact. You should always test your workload with the maximum anticipated CPU and I/O load to verify if it is suited for being virtualized. Although every reasonable effort is made to provide a broad virtualization solution to meet disparate needs, there will be cases where the workload itself is unsuited for KVM virtualization. We therefore propose the following performance expectations for guests performance to be used as a guideline. The given percentage values are a comparison of performance achieved with the same workload under non-virtualized conditions. The values are rough approximations and cannot be guaranteed. Category CPU, MMU Fully Virtualized Paravirtualized Host-Passthrough 7% not applicable 97% (Hardware Virtualization with Extended Page Tables(Intel) or Nested Page Tables (AMD) 85% (Hardware Virtualization with shadow page tables)
20% (Realtek em- 75% 95% ulated NIC) (virtio-net) 40% (IDE emula- 85% 95% tion) (virtio-blk) 50% (VGA or Cirrus) 95% - 105% (where 100% = accurate) not applicable not applicable
Graphics (non-accelerated) Time accuracy (worst case, using recommended settings without NTP)
100% (kvm-clock)
not applicable
KVM Limitations
11
13
virsh Manage guests via the command line. Restrictions: Requires XML descriptions as created by vm-install or virt-manager. Altering these descriptions via virsh edit is not supported. The supported virsh functionality is restricted to life cycle functions. qemu-kvm Manage guests via the command line. Although managing via Virtual Machine Manager should be the preferred option, qemu-kvm may be used for greater flexibility. See Section A.3.1, Supported qemu-kvm Command Line Options (page 150) for a list of supported options. Restrictions: See Section A.3.2, Unsupported qemu-kvm Command Line Options (page 152) for a list of not supported options. kvm_stat Debugging and monitoring tool. Restrictions: none. Kernel Samepage Merging (KSM) When enabled on the VM Host Server Kernel, KSM allows for automatic sharing of identical memory pages between guests to save host memory. Restrictions: none. PCI Passthrough PCI Passthrough improves performance of PCI devices. It requires a AMD CPU with IOMMU (I/O Memory Mapping Unit) or an Intel CPU with VT-d (Virtualization Technology for Directed I/O). VT-d requires the Kernel parameter "intel_iommu=on". Many PCIe cards from major vendors should be supportable. Refer to system level certifications for specific details, or contact the vendor for support statements. Non-Uniform Memory Access (NUMA) NUMA machines are supported. Using numactl to pin qemu-kvm processes to specific nodes is recommended.
14
15
Overview
libvirt is a library that provides a common API for managing popular virtualization solutions, among them KVM and Xen. The library provides a normalized management API for these virtualization solutions, allowing a stable, cross-hypervisor interface for higher-level management tools. The library also provides APIs for management of virtual networks and storage on the VM Host Server. The configuration of each VM Guest is stored in an XML file. With libvirt you can also manage your VM Guests remotely. It supports TLS encryption and x509 certificates as well as authentication with SASL. The communication between the virtualization solutions and libvirt is managed by the daemon libvirtd. It is also used by the management tools. libvirtd needs to run on the VM Host Server and on any remote machine on which the libvirt-based tools are started. Use the following commands to start, stop it or check its status:
~ # rclibvirtd start Starting libvirtd ~ # rclibvirtd status Checking status of libvirtd ~ # rclibvirtd stop Shutting down libvirtd ~ # rclibvirtd status Checking status of libvirtd done running done unused
To automatically start libvirtd at boot time, either activate it using the YaST System Services (Runlevel) module or by entering the following command:
insserv libvirtd
Virtual Machine Manager (virt-manager) The Virtual Machine Manager is a desktop tool for managing VM Guests. It provides the ability to control the life cycle of existing machines (bootup/shutdown, pause/resume, suspend/restore). It lets you create new VM Guests and various types of storage, and manage virtual networks. Access the graphical console of VM Guests with the built-in VNC viewer, and view performance statistics, all done locally or remotely.
The Virtual Machine Manager does not need to run on the VM Host Server, it also lets you control VM Guests via remote connections. This enables you to manage VM Guests centrally from a single workstation without having to log in on the VM Host Server. To start the Virtual Machine Manager, enter virt-manager at the command prompt. virt-viewer A viewer for the graphical console of a VM Guest. It uses the VNC protocol and supports TLS and x509 certificates. VM Guests can be accessed by name, ID, or UUID. If the guest is not already running, the viewer can be told to wait until the guest starts, before attempting to connect to the console.
20
vm-install A tool to set up a VM Guest, configure its devices and start the operating system installation. Starts a GUI wizard when called from a graphical user interface. When invoked on a terminal, starts the wizard in command-line mode. vm-install is also started when creating a new virtual machine in the Virtual Machine Manager. virsh A command line tool to manage VM Guests with similar functionality as the Virtual Machine Manager. Allows you to change a VM Guest's status (start, stop, pause, etc.) to set up new guests and devices and to edit existing configurations. virsh is also useful to script VM Guest management operations. virsh basically works like Subversion's svn command or zypper: it takes the first arguments as a command and further arguments as options to this command:
virsh [-c URI] command domain-id [OPTIONS]
Just like zypper, virsh can also be called without a command. In this case it starts a shell waiting for your commands. This mode is useful when having to run subsequent commands:
~> virsh -c qemu+ssh://[email protected]/system Enter passphrase for key '/home/wilber/.ssh/id_rsa': Welcome to virsh, the virtualization interactive terminal. Type: 'help' for help with commands 'quit' to quit
Overview
21
22
Guest Installation
A VM Guest is comprised of an image containing an operating system and data files and a configuration file describing the VM Guest's virtual hardware resources. VM Guests are hosted on and controlled by the VM Host Server.
Guest Installation
23
24
5.1.1.2 Hardware
Change memory and CPU assignments in this screen. It is recommended not to specify values larger than the resources the VM Host Server can provide (overcommit), since it may result in fatal errors or performance penalties. The Advanced Settings let you activate or deactivate ACPI, APIC, and PAE. It is recommended not to change the default settings. You can also enable or disable para-virtualization with virtio here. IMPORTANT: Enabling virtio (Para-Virtualization) If you enable para-virtualization by activating virtio, all hard disks you create will be configured as virtio disks. If your operating system does not have appropriate drivers, the installation will fail. A Windows operating system installation even fails if providing a driver. By default, this feature is only activated for operating systems known to ship with virtio drivers. Overwriting the default by activating para-virtualization for non-supported operating system currently only makes sense for SUSE Linux Enterprise Server SP3, if you plan to add the para-virtualized drivers during the installation (see Section 5.3.1, Adding para-virtualized Drivers During the Installation (page 35) for installation instructions).
Guest Installation
25
5.1.1.4 Disks
Disks: Manage virtual hard disks and CD/DVD drives in this dialog. A VM Guest must have at least one virtual diskeither an existing one or a newly created disk. Virtual disks can be: a single file with a fixed size a single file that grows on demand (Sparse Image File) IMPORTANT: Sufficient Space for Sparse Image Files When creating sparse image files, the partition on which you create them always needs sufficient free space. The VM Guest has no means to check the VM Host Server disk space. Having no space left on the host partition causes write errors and loss of data on the guest system. a block device, such as an entire disk, partition, or a network volume. For best performance, create each virtual disk from an entire disk or a partition. For the next best performance, create an image file but do not create it as a sparse image file. A virtual disk based on a sparse image file delivers the most disk space flexibility but slows installation and disk access speeds. TIP: Live Migration If you need to be able to migrate your VM Guest to another host without shutting it down (live migration), all disks must reside on a network resource (network file system or iSCSI volume) that is accessible from both hosts. By default, a single, file-backed virtual disk is created as a sparse image file in /var/ lib/kvm/images/VM_NAME/ where VM_NAME is the name of the virtual machine. NOTE: Supported Disk format Currently, only the raw disk format is supported by Novell.
26
Procedure 5.1 Creating a Virtual Disk 1 Click Hard disk. 2 Enter a Source. If creating a file-backed disk, either enter the path directly or click New. When creating a disk from a device, enter the device node, for example /dev/ disk/by-path/path. It is strongly recommended not to use the simple device paths such as /dev/sdb or /dev/sda5, since they may change (by adding a disk or by changing the disk order in the BIOS). 3 Specify the Protocol. Choose file for file-backed virtual disks and phy for devicebacked disks. Choosing those protocols will create the disk in raw format. 4 Enter a Size in GB. This option is only available for file-backed disks. 5 Choose whether to create a Sparse Image File. This option is only available for filebacked disks. If you want to disable write-access to the disk, choose Read-Only Access. If you want to install from DVD or CD-ROM, add the drive to the list of available hard disks. To learn about device nodes of the available optical drives, run:
hwinfo --cdrom | egrep "(Device File:|Model:)"
Instead of the real DVD or CD-ROM drive, you can also add the ISO image of an installation medium. Note that each CD-Rom drive or ISO image can only be used by one guest at the same time. To add a CD/DVD-ROM device or an ISO image, proceed as follows: 1 Click CD-ROM. 2 Enter a Source. If adding a device, enter its node. If adding an ISO image, either enter the path directly or click Browse to open a file browser. 3 Specify the Protocol. Choose file for an ISO image and phy for a device. The disks are listed in the order in which they have been created. This order also represents the boot order. Use the Up and Down arrows to change the disk order.
Guest Installation
27
28
Also use this dialog to configure the behavior of the VM Guest when the operating system is powered off, rebooted or if it crashes. The following options are available destroy normal cleanup restart a new VM Guest is started in place of the old one preserve no cleanup, do not delete temporary, configuration and image files rename-restart the VM Guest is not cleaned up but is renamed and a new domain started in its place coredump-destroy a crashed machine's core is dumped before a normal cleanup is performed coredump-restart a crashed machine's core is dumped before a normal restart is performed
Guest Installation
29
time. Refer to Section 5.2.1, Defining a VM Guest without Starting the Installation (page 34) for instructions. To start the wizard, just type vm-install to start. For a lot of parameters, the installation wizard already provides reasonable defaults which you can confirm by just pressing Enter. Here is a log of an interactive setup for a SUSE Linux Enterprise Server 11 installation:
30
Guest Installation
31
Please specify the type of virtualized graphics hardware. 1: Cirrus Logic GD5446 VGA 2: No Graphics Support 3: VESA VGA [1] > Virtual Disks: (None) Do you want to add another virtual disk? (Y / N) [Y] > Create a virtual disk based on a device (CD or other block device), an existing image file (ISO), or a new file. Specify a device by its device node, such as /dev/cdrom, not its mount point. What type of virtual disk do you want to add? 1: CD-ROM or DVD 2: Floppy 3: Hard Disk [3] > 3 Where will the virtual disk physically reside? [/var/lib/kvm/images/sles11/hda] > Size (GB) [4.0] > 8.0 Create a sparse image file for the virtual disk? (Y / N) [Y] > Virtual Disks: 8.0 GB Hard Disk (file:/var/lib/kvm/images/sles11/hda) Do you want to add another virtual disk? (Y / N) [N] > y Create a virtual disk based on a device (CD or other block device), an existing image file (ISO), or a new file. Specify a device by its device node, such as /dev/cdrom, not its mount point. What type of virtual disk do you want to add? 1: CD-ROM or DVD 2: Floppy 3: Hard Disk [3] > 1 Where will the virtual disk physically reside? [/var/lib/kvm/images/sles11/hdb] > /isos/SLES-11-SP1-CD-i386-GM-CD1.iso Virtual Disks: 8.0 GB Hard Disk (file:/var/lib/kvm/images/sles11/hda) 2.9 GB CD-ROM or DVD (file:/isos/SLES-11-SP1-DVD-x86_64-GM-DVD1.iso) Do you want to add another virtual disk? (Y / N) [N] > Network Adapters (None) Do you want to add another virtual network adapter? (Y / N) [Y] >
32
What type of virtual network adapter do you want to add? 1: Fully Virtualized AMD PCnet 32 2: Fully Virtualized Intel e100 3: Fully Virtualized Intel e1000 4: Fully Virtualized NE2000 (ISA Bus) 5: Fully Virtualized NE2000 (PCI Bus) 6: Fully Virtualized Realtek 8139 7: Paravirtualized [6] > 7 Network Adapters Paravirtualized; Randomly generated MAC address Do you want to add another virtual network adapter? (Y / N) [N] > Preparing to start the installation... Installing...
You may also provide parameters on the command line. The wizard will then prompt you for any missing parameters. In the following all parameters from Example 5.1, Interactive Setup on the Command Line Using vm-install (page 31) for which a command line switch exists, are specified. See man 8 vm-install for a full list of parameters. Example 5.2 vm-install command line switches
vm-install --os-type sles11 --name "sles11_test" \ --vcpus 2 --memory 512 --max-memory 768 \ --disk /var/lib/kvm/images/sles11/hda,0,disk,w,8000,sparse=1 \ --disk /iso/SLES-11-SP1-DVD-x86_64-GM-DVD1.iso,1,cdrom \ --nic mac=52:54:00:05:11:11,model=virtio \ --graphics cirrus --config-dir "/etc/libvirt/qemu"
Specifies the guest operating system to define suitable defaults. A list of valid values can be obtained with vm-install -O. Name of the VM Guest. This name must be unique. Number of virtual processors. Initial amount of memory. Maximum amount of memory. Requires an operating system with a para-virtualized virtio-balloon driver. Defines a virtual hard disk. The file is located at /var/lib/kvm/images/ sles11/hda. It is configured as the first (0) hard disk (disk). It is writable
Guest Installation
33
(w) with a size of 8 GB (8000). The file on the VM Host Server is a sparse file (sparse=1). Defines an ISO image for a CD-ROM as the second (1) block device. Configures a para-virtualized network device with the MAC address 52:54:00:05:11:11. Specifies the graphics card. The directory in which the XML configuration file for the virtual machine will be stored. It is strongly recommended to use the default directory /etc/ libvirt/qemu.
IMPORTANT: No Automated and Non-Interactive Setup An automated installation in the background utilizing, for example, AutoYaST or a NetWare Response File with vm-install --os-settings is currently not supported with KVM (it only works for Xen PV guests). The non-interactive setup of a VM Guest with vm-install --vm-settings is currently not supported with KVM, as well.
34
Guest Installation
35
1 Download the ISO image containing the para-virtualized drivers from http:// drivers.suse.com/novell/Novell-virtio-drivers-2.6.27/ sle10-sp3/novell-virtio-drivers-2.6.27-sle10sp3.iso. 2 When setting up the VM Guest, specify the ISO image containing the para-virtualized drivers as CDROM device. If you are installing from CDROM or from an ISO image, make sure to configure the para-virtualized driver image as the second CDROM device. 3 Finish the guest setup and start the installation. Enter
dud=1
at the boot prompt and boot into the installation. 4 After the installation system has loaded, a pop-up window opens and asks for the device from which to install the drivers. Choose the CDROM device containing the drivers.
36
37
38
39
40
41
WARNING After using the save operation, do not boot, start, or run the saved VM Guest. Doing so would cause the machine's virtual disk and the saved memory state getting out of sync and can result in critical errors when restoring the guest.
42
43
44
7.1 Authentication
The power to manage VM Guests and to access their graphical console obviously is something that should be restricted to a well defined circle of persons. In order to achieve this goal, you can use the following authentication techniques on the VM Host Server: Access control for UNIX sockets with permissions and group ownership. This method is available for libvirtd connections only. Access control for UNIX sockets with PolicyKit. This method is available for local libvirtd connections only. Username and password authentication with SASL (Simple Authentication and Security Layer). This method is available for both, libvirtd and VNC connections. Using SASL does not require real user accounts on the server, since it uses its own database to store usernames and passwords.
45
Kerberos authentication. This method, available for libvirtd connections only, is not covered in this manual. Please refer to http://libvirt.org/auth.html #ACL_server_kerberos for details. Single password authentication. This method is available for VNC connections only. IMPORTANT: Authentication for libvirtd and VNC need to be configured separately Access to the VM Guest management functions (via libvirtd) on the one hand and to their graphical console on the other hand, always needs to be configured separately. When restricting the access to the management tools, these restrictions do not automatically apply to VNC connections! When accessing VM Guests from remote via TLS/SSL connections, access can be indirectly controlled on each client by restricting read permissions to the certificate's key file to a certain group. See Section 7.2.2.5, Restricting Access (Security Considerations) (page 60) for details.
46
NOTE: Default Authentication Settings on openSUSE The default authorization method on openSUSE is access control for UNIX sockets with PolicyKit. Every user accessing the read-write socket, has to provide the root password once and is granted access for the current and for future sessions. Recommended Authorization Methods Local Connections Section 7.1.1.2, Access Control for UNIX Sockets with PolicyKit (page 48) Section 7.1.1.1, Access Control for UNIX Sockets with Permissions and Group Ownership (page 47) Remote Tunnel over SSH Section 7.1.1.1, Access Control for UNIX Sockets with Permissions and Group Ownership (page 47) Remote TLS/SSL Connection Section 7.1.1.3, Username and Password Authentication with SASL (page 49) none (access controlled on the client side by restricting access to the certificates)
7.1.1.1 Access Control for UNIX Sockets with Permissions and Group Ownership
In order to grant access for non-root accounts, configure the sockets to be owned and accessible by a certain group (libvirt in the following example). This authentication method can be used for local and remote SSH connections. 1 In case it does not exist, create the group which should own the socket:
groupadd libvirt
IMPORTANT: Group Needs to Exist The group must exist prior to restarting libvirtd. If not, the restart will fail.
47
Group ownership will be set to group libvirt. Sets the access permissions for the socket (srwxrwx---). Disables other authentication methods (PolicyKit or SASL). Access is solely controlled by the socket permissions.
4 Restart libvirtd:
rclibvirtd restart
48
In order to grant users access to the read-write socket without having to provide the root password, there are two possibilities: 1. Using the polkit-auth command, you can grant the privilege without any restrictions:
polkit-auth --user tux --grant org.libvirt.unix.manage polkit-auth --user tux --revoke org.libvirt.unix.manage # grant privilege # revoke privilege
2. Editing /etc/PolicyKit/PolicyKit.conf offers more advanced options. Add the following XML snippet in between the existing <config version="0.1"> and </config> tags:
<match action="org.libvirt.unix.manage"> <match user="tux"> <return result="yes"/> </match> </match>
The name of the policy; org.libvirt.unix.manage stands for accessing the read-write socket. The username(s) which to grant the privilege. Use the | symbol to separate entries (user="tux|wilber"). The privilege that is granted. The following options exist: yes (no restrictions), no (block access completely), auth_self or auth_admin (authenticate with own password/root password every time the privilege is requested), auth_self_keep_session or auth_admin_keep_session (authenticate with own password/root password once per session) and auth_self_keep_always or auth_admin_keep_always (authenticate only once with own password/root password).
49
IMPORTANT: Plain TCP and SASL with digest-md5 Encryption Using digest-md5 encryption on an otherwise unencrypted TCP connection does not provide enough security for production environments. It is recommended to only use it in testing environments. TIP: SASL Authentication on Top of TLS/SSL Access from remote TLS/SSL connections can be indirectly controlled on the client side by restricting access to the certificate's key file. However, this might prove error-prone when dealing with a large number of clients. Utilizing SASL with TLS adds security by additionally controlling access on the server side. To configure SASL authentication, proceed as follows: 1 Change the configuration in /etc/libvirt/libvirtd.conf as follows: 1a To enable SASL for TCP connections:
auth_tcp = "sasl"
2 Restart libvirtd:
rclibvirtd restart
3 The libvirt SASL configuration file is located at /etc/sasl2/libvirtd.conf. Normally, there is no need to change the defaults. However, if using SASL on top of TLS, you may turn off session encryption to avoid additional overhead TLS connections are already encrypted by commenting the mech_list. For TCP connections this parameter must be set to digest-md5:
mech_list: digest-md5 #mech_list: digest-md5 # mandatory for TCP connections # apply default (username+password) TLS/SSL only!
4 By default, no SASL users are configured, so no logins are possible. Use the following commands to add, list, and delete users:
50
mercury:~ # saslpasswd2 -a libvirt tux Password: Again (for verification): mercury:~ # sasldblistusers2 -f /etc/libvirt/passwd.db [email protected]: userPassword mercury:~ # saslpasswd2 -a libvirt -d tux
TIP: virsh and SASL Authentication When using SASL authentication you will be prompted for a username and password every time you issue a virsh command. Avoid this by using virsh in shell mode.
51
To configure SASL authentication for VNC, proceed as follows: 1 Create a SASL configuration file. It is recommended to use the existing libvirt file. If you have already configured SASL for libvirt and are planning to use the same settings including the same username/password database, a simple link is suitable:
ln -s /etc/sasl2/libvirt.conf /etc/sasl2/qemu.conf
In case you are setting up SASL for VNC only or planning to use a different configuration than for libvirt, copy the existing file to use as a template and edit it according to your needs:
cp /etc/sasl2/libvirt.conf /etc/sasl2/qemu.conf
2 By default, no SASL users are configured, so no logins are possible. Use the following commands to add, list, and delete users:
mercury:~ # saslpasswd2 -a libvirt tux Password: Again (for verification): mercury:~ # sasldblistusers2 -f /etc/libvirt/passwd.db [email protected]: userPassword mercury:~ # saslpasswd2 -a libvirt -d tux # add user tux
The first parameter enables VNC to listen on all public interfaces (rather than to the local host only), and the second parameter enables SASL authentication. 4 Restart libvirtd:
rclibvirtd restart
5 Restart all VM Guests that have been running prior to changing the configuration. VM Guests that have not been restarted will not use SASL authentication for VNC connects.
52
NOTE: Supported VNC Viewers Currently only the same VNC viewers that also support TLS/SSL connections, support SASL authentication, namely Virtual Machine Manager, virt-viewer, and vinagre.
The first parameter enables VNC to listen on all public interfaces (rather than to the local host only), and the second parameter sets the password. The maximum length of the password is eight characters. 2 Restart libvirtd:
rclibvirtd restart
3 Restart all VM Guests that have been running prior to changing the configuration. VM Guests that have not been restarted will not use password authentication for VNC connects.
53
Procedure 7.2 Setting a VM Guest Specific VNC Password 1 Change the configuration in /etc/libvirt/qemu.conf as follows to enable VNC to listen on all public interfaces (rather than to the local host only).
vnc_listen = "0.0.0.0"
2 Open the VM Guest's XML configuration file in an editor. Replace VM NAME in the following example with the name of the VM Guest. The editor that is used defaults to $EDITOR. If that variable is not set, vi is used.
virsh edit VM NAME
3 Search for the element <graphics> with the attribute type='vnc', for example:
<graphics type='vnc' port='-1' autoport='yes'/>
4 Add the passwd=PASSWORD attribute, save the file and leave the editor. The maximum length of the password is eight characters.
<graphics type='vnc' port='-1' autoport='yes' passwd='PASSWORD'/>
5 Restart libvirtd:
rclibvirtd restart
6 Restart all VM Guests that have been running prior to changing the configuration. VM Guests that have not been restarted will not use password authentication for VNC connects. WARNING: Security The VNC protocol is not considered to be safe. Although the password is sent encrypted, it might be vulnerable, when an attacker is able to sniff both, the encrypted password and the encryption key. Therefore, it is recommended to use VNC with TLS/SSL or tunneled over SSH. virt-viewer, as well as the Virtual Machine Manager and vinagre from version 2.30 on, support both methods.
54
55
Each x509 certificate has a matching private key file. Only the combination of certificate and private key file is able to identify itself correctly. In order to assure that a certificate was issued by the assumed owner, it is signed and issued by a central certificate called certification authority (CA). Both the client and the server certificates must be issued by the same CA. IMPORTANT: User Authentication Using a remote TLS/SSL connection basically only ensures that two computers are allowed to communicate in a certain direction. Restricting access to certain users can indirectly be achieved on the client side by restricting access to the certificates. Refer to Section 7.2.2.5, Restricting Access (Security Considerations) (page 60) for details. libvirt also supports user authentication on the server with SASL. Read more in Section 7.2.2.6, Central User Authentication with SASL for TLS Sockets (page 62).
IMPORTANT: Restrict Access to Certificates Make sure to restrict access to certificates as explained in Section 7.2.2.5, Restricting Access (Security Considerations) (page 60).
56
3 Enable TLS support by editing /etc/libvirt/libvirtd.conf and setting listen_tls = 1. Restart libvirtd:
rclibvirtd restart
4 By default, libvirt uses the TCP port 16514 for accepting secure TLS connections. Open this port in the firewall. IMPORTANT: Restarting libvirtd with TLS enabled If you enable TLS for libvirt, the server certificates need to be in place, otherwise restarting libvirtd will fail. You also need to restart libvirtd in case you change the certificates.
IMPORTANT: Restrict Access to Certificates Make sure to restrict access to certificates as explained in Section 7.2.2.5, Restricting Access (Security Considerations) (page 60). 3 Test the client/server setup by issuing the following command. Replace mercury.example.com with the name of your VM Host Server. Specify the same full qualified hostname as used when creating the server certificate.
virsh -c qemu+tls://mercury.example.com/system list --all
57
If your setup is correct, you will see a list of all VM Guests registered with libvirt on the VM Host Server.
IMPORTANT: VM Guests Need to be Restarted The VNC TLS setting is only set when starting a VM Guest. Therefore, you need to restart all machines that have been running prior to making the configuration change.
58
Per user location $HOME/.pki/CA/cacert.pem ~/.pki/vinagre/clientcert.pem ~/.pki/vinagre/private/clientkey.pem IMPORTANT: Restrict Access to Certificates Make sure to restrict access to certificates as explained in Section 7.2.2.5, Restricting Access (Security Considerations) (page 60).
If you change the ownership for QEMU processes in /etc/libvirt/qemu .conf, you also need to adjust the ownership of the key file. System Wide Client Certificates To control access to a key file that is available system wide, restrict read access a certain group, so that only members of that group can read the key file. In the following example, a group libvirt is created and the group ownership of the clientkey.pem and its parent directory is set to libvirt. Afterwards, the access permissions are restricted to owner and group. Finally the user tux is added to the group libvirt, so he will be able to access the key file.
60
CERTPATH="/etc/pki/libvirt/" # create group libvirt groupadd libvirt # change ownership to user root and group libvirt chown root.libvirt $CERTPATH/private $CERTPATH/clientkey.pem # restrict permissions chmod 750 $CERTPATH/private chmod 640 $CERTPATH/private/clientkey.pem # add user tux to group libvirt usermod -A libvirt tux
Per User Certificates User specific client certificates for accessing the graphical console of a VM Guest via VNC need to be placed in the users home directory in ~/.pki. Contrary to, for example, the VNC viewer using these certificates do not check the access permissions of the private key file. Therefore, it is solely on the user's responsibility to make sure the key file is not readable by others.
61
7.2.2.7 Troubleshooting
Virtual Machine Manager/virsh Cannot Connect to Server
Check the following in the given order: Is it a firewall issue (TCP port 16514 needs to be open on the server)? Is the client certificate (certificate and key) readable by the user that has started Virtual Machine Manager/virsh? Has the same full qualified hostname as in the server certificate been specified with the connection? Is TLS enabled on the server (listen_tls = 1)? Has libvirtd been restarted on the server?
If the output does not begin with a string similar to the following, the machine has not been started with TLS support and must be restarted.
-vnc 0.0.0.0:0,tls,x509verify=/etc/pki/libvirt
62
Specify the hypervisor. openSUSE currently supports the following hypervisors: test (dummy for testing), qemu (KVM), and xen (Xen). This parameter is mandatory. When connecting to a remote host, specify the protocol here. Can be one of: ssh (connection via SSH tunnel), tcp (TCP connection with SASL/Kerberos authentication), tls (TLS/SSL encrypted connection with authentication via x509 certificates). When connecting to a remote host, specify the user and the remote hostname. If no user is specified, the username that has called the command ($USER) is used. Please see below for more information. For TLS connections the hostname has to be specified exactly as in the x509 certificate. When connecting to QEMU hypervisor, two connections types are accepted: system for full access rights, or session for restricted access. Since session access is not supported on openSUSE, this documentation focuses on system access.
Example Hypervisor Connection URIs test:///default Connect to the local dummy hypervisor. Useful for testing. qemu:///system Connect to the QEMU hypervisor on the local host having full access (type system). This usually requires that the command is issued by the user root.
63
qemu+ssh://[email protected]/system Connect to the QEMU hypervisor on the remote host mercury.example.com. The connection is established via an SSH tunnel. qemu+tls://saturn.example.com/system Connect to the QEMU hypervisor on the remote host mercury.example.com. The connection is established TLS/SSL. For more details and examples, refer to the libvirt documentation at http:// libvirt.org/uri.html. NOTE: Usernames in URIs A username needs to be specified when using Unix socket authentication (regardless whether using the username/password authentication scheme or PolicyKit). This applies to all SSH and local connections. There is no need to specify a username when using SASL authentication (for TCP or TLS connections) or when doing no additional server side authentication for TLS connections. With SASL the username will not be evaluatedyou will be prompted for a SASL user/password combination in any case.
64
NOTE: Editing Existing Connections It is not possible to edit an existing connection. In order to change a connection, create a new one with the desired parameters and delete the old one. To add a new connection in the Virtual Machine Manager, proceed as follows: 1 Choose File > Add Connection 2 Choose the host's Hypervisor (Xen or QEMU/KVM) 3 Choose a Connection typeeither Local for connecting to the host the Virtual Machine Manager was started on, or one of the remote connections (see Section 7.2, Configuring Remote Connections (page 55) for more information). 4 In case of a remote connection, enter the Hostname of the remote machine as USERNAME@REMOTE_HOST. Usernames must be specified for local connections as well as for SSH IMPORTANT: Specifying a Username There is no need to specify a username for TCP and TLS connections; it will not be evaluated anyway. A username must be specified for local connections as well as for SSH connectionsif not, the default user root will be used. 5 If you do not want the connection to be automatically activated when starting the Virtual Machine Manager, remove the tick from Autoconnect. 6 Finish the configuration by clicking Connect.
65
Managing Storage
When managing a VM Guest on the VM Host Server itself, it is possible to access the complete file system of the VM Host Server in order to attach disks or images to the VM Guest. However, this is not possible when managing VM Guests from a remote host. For this reason, libvirt supports so called Storage Pools which can be accessed from remote machines. libvirt knows two different types of storage: volumes and pools. Storage Volume A storage volume is a storage device that can be assigned to a guesta virtual disk or a CD/DVD/floppy image. Physically (on the VM Host Server) it can be a block device (a partition, a logical volume, etc.) or a file. Storage Pool A storage pool basically is a storage resource on the VM Host Server that can be used for storing volumes, similar to network storage for a desktop machine. Physically it can be one of the following types: File System Directory (dir) A directory for hosting image files. The files can be fully allocated raw files, sparsely allocated raw files, or ISO images. Physical Disk Device (disk) Use a complete physical disk as storage. A partition is created for each volume that is added to the pool. It is recommended to use a device name from /dev/ disk/by-* rather than the simple /dev/sdX, since the latter may change.
Managing Storage
67
Pre-Formatted Block Device (fs) Specify a partition to be used in the same way as a file system directory pool (a directory for hosting image files). The only difference to using a file system directory is the fact that libvirt takes care of mounting the device. iSCSI Target (iscsi) Set up a pool on an iSCSI target. You need to have been logged into the volume once before, in order to use it with libvirt (use the YaST iSCSI Initiator to detect and log into a volume. It is recommended to use a device name from /dev/disk/by-id rather than the simple /dev/sdX, since the latter may change. Volume creation on iSCSI pools is not supported, instead each existing Logical Unit Number (LUN) represents a volume. Each volume/LUN also needs a valid (empty) partition table or disk label before you can use it. If missing, use for example, fdisk to add it:
~ # fdisk -cu /dev/disk/by-path/ip-192.168.2.100:3260-iscsi-iqn.2010-10.com.example:[...]-lun-2 Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel Building a new DOS disklabel with disk identifier 0xc15cdc4e. Changes will remain in memory only, until you decide to write them. After that, of course, the previous content won't be recoverable. Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite) Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. Syncing disks.
LVM Volume Group (logical) Use a LVM volume group as a pool. You may either use a pre-defined volume group, or create a group by specifying the devices to use. Storage volumes are created as partitions on the volume. WARNING: Deleting the LVM Based Pool When the LVM based pool is deleted in the Storage Manager, the volume group is deleted as well. This results in a non-recoverable loss of all data stored on the pool!
68
Network Exported Directory (netfs) Specify a network directory to be used in the same way as a file system directory pool (a directory for hosting image files). The only difference to using a file system directory is the fact that libvirt takes care of mounting the directory. Supported protocols are NFS and glusterfs. SCSI Host Adapter (scsi) Use an SCSI host adapter in almost the same way a an iSCSI target. It is recommended to use a device name from /dev/disk/by-id rather than the simple /dev/sdX, since the latter may change. Volume creation on iSCSI pools is not supported, instead each existing LUN (Logical Unit Number) represents a volume. WARNING: Security Considerations In order to avoid data loss or data corruption, do not attempt to use resources such as LVM volume groups, iSCSI targets, etc. that are used to build storage pools on the VM Host Server, as well. There is no need to connect to these resources from the VM Host Server or to mount them on the VM Host Serverlibvirt takes care of this. Do not mount partitions on the VM Host Server by label. Under certain circumstances it is possible that a partition is labeled from within a VM Guest with a name already existing on the VM Host Server. When managing VM Guests from remote, a volume can only be accessed if it is located in a storage pool. On the other hand, creating new volumes is only possible within an existing storage pool. Although remote installation of a guest is currently not supported on openSUSE, there are other use cases for storage pools, such as adding an additional virtual disk. If VM Guests should be able to access CDROM or DVDROM images, they also need to be in a storage pool.
Managing Storage
69
and choose Details, or highlight a connection and choose Edit > Connection Details. Select the Storage tab.
70
3 Specify the needed details in the following window. The data that needs to be entered depends on the type of pool you are creating.
Type dir: Target Path: Specify an existing directory. Type disk: Target Path: The directory which hosts the devices. It is recommended to use a directory from /dev/disk/by-* rather than from /dev, since device names in the latter directory may change. Format: Format of the device's partition table. Using auto should work in most cases. If not, get the needed format by running parted -l. Source Path: The device, for example sda. Build Pool: Activating this option formats the device. Use with care all data on the device will be lost! Type fs: target Path: Mount point on the VM Host Server file system. Format: File system format of the device. the default value auto should work.
Managing Storage
71
Source Path: Path to the device file. It is recommended to use a device name from /dev/disk/by-* rather than the simple /dev/sdX, since the latter may change. Type iscsi: Get the necessary data by running the following command on the VM Host Server:
iscsiadm --mode node
It will return a list of iSCSI volumes with the following format. The elements highlighted with a bold font are the ones needed:
IP_ADDRESS:PORT,TPGT TARGET_NAME_(IQN)
Target Path: The directory containing the device file. Do not change the default /dev/disk/by-path. Host Name: Host name or IP address of the iSCSI server. Source Path: The iSCSI target name (IQN). Type logical: Target Path: In case you use an existing volume group, specify the existing device path. In case of building a new LVM volume group, specify a device name in the /dev directory that does not already exist. Source Path: Leave empty when using an existing volume group. When creating a new one, specify its devices here. Build Pool: Only activate when creating a new volume group. Type netfs: target Path: Mount point on the VM Host Server file system. Format: Network file system protocol Host Name: IP address or hostname of the server exporting the network file system. Source Path: Directory on the server that is being exported.
72
Type scsi: Target Path: The directory containing the device file. Do not change the default /dev/disk/by-path. Source Path: Name of the SCSI adapter. NOTE: File Browsing Using the file browser by clicking on Browse is not possible when operating from remote. 4 Click Finish to add the storage pool.
Managing Storage
73
To permanently make a pool inaccessible, you can Delete it by clicking on the shredder symbol in the bottom left corner of the Storage Manager. You may only delete inactive pools. Deleting a pool does not physically erase its contents on VM Host Serverit only deletes the pool configuration. However, you need to be extra careful when deleting pools, especially when deleting LVM volume group-based tools: WARNING: Deleting Storage Pools Deleting storage pools based on local file system directories, local partitions or disks has no effect on the availability of volumes from these pools currently attached to VM Guests. Volumes located in pools of type iSCSI, SCSI, LVM group or Network Exported Directory will become inaccessible from the VM Guest in case the pool will be deleted. Although the volumes themselves will not be deleted, the VM Host Server will no longer have access to the resources. Volumes on iSCSI/SCSI targets or Network Exported Directory will be accessible again when creating an adequate new pool or when mounting/accessing these resources directly from the host system. When deleting an LVM group-based storage pool, the LVM group definition will be erased and the LVM group will no longer exist on the host system. The configuration is not recoverable and all volumes from this pool are lost.
74
Specify a Max Capacity and the amount of space that should initially be allocated. If both values differ, a sparse image file, growing on demand, will be created. 3 Start the volume creation by clicking Finish.
2 Run the following commands in a shell. It is assumed that the guest's XML definitions are all stored in the default location (/etc/libvirt/qemu). xsltproc is provided by the package libxslt.
Managing Storage
75
SSHEET="$HOME/libvirt/guest_storage_list.xsl" cd /etc/libvirt/qemu for FILE in *.xml; do basename $FILE .xml xsltproc $SSHEET $FILE done
76
To add a CD/DVD-ROM device to your VM Guest proceed as follows: 1 Double-click a VM Guest entry in the Virtual Machine Manager to open its console and switch to the configuration screen with View > Details. 2 Click Add Hardware and choose Storage in the pop-up window. Proceed with Forward. 3 Change the Device Type to IDE CDROM. 4 Select Select Managed or Other Existing Storage. 4a To assign the device to a physical medium, enter the path to the VM Host Server's CD/DVD-ROM device (for example, /dev/cdrom) next to the Browse button. Alternatively you may use the Browse button to open a file browser and then click Browse Local to select the device. Assigning the device
77
to a physical medium is only possible, when the Virtual Machine Manager was started on the VM Host Server. 4b To assign the device to an existing image, click Browse to choose an image from a storage pool. If the Virtual Machine Manager was started on the VM Host Server, you may alternatively choose an image from another location on the file system by clicking Browse Local. Select an image and close the file browser with Choose Volume. 5 Proceed with Forward to review the settings. Apply them with Finish, Yes, and Apply. 6 Reboot the VM Guest to make the new device available. For further information also see Section 9.3, Ejecting and Changing Floppy or CD/DVD-ROM Media with Virtual Machine Manager (page 79).
To create an empty floppy disk image use one of the following commands:
# raw image dd if=/dev/zero of=/var/lib/libvirt/images/floppy.img bs=512 count=2880 # FAT formatted image mkfs.msdos -C /var/lib/libvirt/images/floppy.img 1440
To add a floppy device to your VM Guest proceed as follows: 1 Double-click a VM Guest entry in the Virtual Machine Manager to open its console and switch to the configuration screen with View > Details. 2 Click Add Hardware and choose Storage in the pop-up window. Proceed with Forward. 3 Change the Device Type to Floppy Disk. 78 Virtualization with KVM
4 Choose Select Managed or Other Existing Storage and click Browse to choose an existing image from a storage pool. If Virtual Machine Manager was started on the VM Host Server, you may alternatively choose an image from another location on the file system by clicking Browse Local. Select an image and close the file browser with Choose Volume. 5 Proceed with Forward to review the settings. Apply them with Finish, Yes, and Apply. 6 Reboot the VM Guest to make the new device available. For further information also see Section 9.3, Ejecting and Changing Floppy or CD/DVD-ROM Media with Virtual Machine Manager (page 79).
9.3 Ejecting and Changing Floppy or CD/DVD-ROM Media with Virtual Machine Manager
Regardless whether you are using the VM Host Server's physical CD/DVD-ROM device or an ISO image: before you can change the media or image of an existing device in the VM Guest, you first need to disconnect the media from the guest. 1 Double-click a VM Guest entry in the Virtual Machine Manager to open its console and switch to the configuration screen with View > Details. 2 Choose the Floppy or CD/DVD-ROM device and eject the media by clicking Disconnect. 3 To insert a new media, click Connect. 3a If using the VM Host Server's physical CD/DVD-ROM device, first change the media in the device (this may require to unmount it before it can be ejected). Then choose CD-ROM or DVD and select the device from the dropdown list. 3b If using an ISO image, choose ISO image Location and select an image by clicking Browse. When connecting from a remote host, you may only choose images from existing storage pools.
79
4 Click OK to finish. The new media can now be accessed in the VM Guest.
To check which clock source is currently used, run the following command in the VM Guest. It should output kvm-clock:
echo /sys/devices/system/clocksource/clocksource0/current_clocksource
IMPORTANT: kvm-clock and NTP When using kvm-clock, it is not recommended to use NTP in the VM Guest, as well. Using NTP on the VM Host Server, however, is still recommended.
80
81
Administrating VM Guests
10.1 Migrating VM Guests
10
One of the major advantages of virtualization is the fact that VM Guests are portable. When a VM Host Server needs to go down for maintenance, or when the host gets overloaded, the guests can easily be moved to another VM Host Server. KVM and Xen even support live migrations during which the VM Guest is constantly available (live migrations). In order to successfully migrate a VM Guest to another VM Host Server, the following requirements need to be met: Host and target must have same processor manufacturer (Intel or AMD). VM Guests running a 64-bit operating system can only be migrated to a 64-bit host (whereas 32-bit VM Guests can be moved to a 64 or 32-bit host). Storage devices must be accessible from both machines (for example, via NFS or iSCSI) and must be configured as a storage pool on both machines (see Chapter 8, Managing Storage (page 67) for more information). This is also true for CD-ROM or floppy images that are connected during the move (however, you may disconnect them prior to the move as described in Section 9.3, Ejecting and Changing Floppy or CD/DVD-ROM Media with Virtual Machine Manager (page 79)).
Administrating VM Guests
83
libvirtd needs to run on both VM Host Servers and you must be able to open a remote libvirt connection between the target and the source host (or vice versa). Refer to Section 7.2, Configuring Remote Connections (page 55) for details. If a firewall is running on the target host ports need to be opened to allow the migration. If you do not specify a port during the migration process, libvirt chooses one from the range 49152:49215. Make sure that either this range (recommended) or a dedicated port of your choice is opened in the firewall on the target host. Host and target machine should be in the same subnet on the network, otherwise networking will not work after the migration. No running or paused VM Guest with the same name must exist on the target host. If a shut down machine with the same name exists, its configuration will be overwritten.
address or hostname), a port and the bandwidth in megabit per second (Mbps). If you specify a Port, you must also specify an Address; the Bandwidth is optional. 5 Once the migration is complete, the Migrate window closes and the VM Guest is now listed on the new host in the Virtual Machine Manager Window. The original VM Guest will still be available on the target host (in state shut off).
The most important options are listed below. See virsh help migrate for a full list. --live Does a live migration. If not specified, an offline migration where the VM Guest is paused during the migration, will be performed. --suspend Does an offline migration and does not restart the VM Guest on the target host. --persistent By default a migrated VM Guest will be migrated transient, so its configuration is automatically deleted on the target host if it is shut down. Use this switch to make the migration persistent. --undefinesource When specified, the VM Guest definition on the source host will be deleted after a successful migration. WARNING It is recommended to use --persistent when specifying --undefinesource, otherwise the VM Guest configuration will be lost on both hosts when the guest is shut down on the target host.
Administrating VM Guests
85
The following examples use mercury.example.com as the source system and jupiter.example.com as the target system, the VM Guest's name is opensuse11 with Id 37.
# offline migration with default parameters virsh migrate 37 qemu+ssh://[email protected]/system # transient live migration with default parameters virsh migrate --live opensuse11 qemu+ssh://[email protected]/system # persistent live migration; delete VM definition on source virsh migrate --live --persistent --undefinesource 37 \ qemu+tls://[email protected]/system # offline migration using port 49152 virsh migrate opensuse11 qemu+ssh://[email protected]/system \ --migrateuri tcp://@jupiter.example.com:49152
10.2 Monitoring
10.2.1 Monitoring with Virtual Machine Manager
After starting Virtual Machine Manager and connecting to the VM Host Server, a CPU usage graph of all the running guests is displayed. It is also possible to get information about disk and network usage with this tool, however, you must first activate this in the Preferences: 1 Run virt-manager. 2 Select Edit > Preferences. 3 Change the tab from General to Stats. 4 Activate the check boxes for Disk I/O and Network I/O. 5 If desired, also change the update interval or the number of samples that are kept in the history.
86
6 Close the Preferences dialog. 7 Activate the graphs that should be displayed under View > Graph. Afterwards, the disk and network statistics are also displayed in the main window of the Virtual Machine Manager. More precise data is available from the VNC window. Open a VNC window as described in Section 6.2, Opening a Graphical Console (page 38). Choose Details from the toolbar or the View menu. The statistics are displayed from the Performance entry of the left-hand tree menu.
Administrating VM Guests
87
See http://clalance.blogspot.com/2009/01/kvm-performance -tools.html for further information on how to interpret these values.
88
Overview
11
QEMU is a fast, cross-platform Open Source machine emulator which can emulate a huge number of hardware architectures for you. QEMU supports two basic operation modes: with a full system virtualization you can run a complete unmodified operating system (VM Guest) on top of your existing system (VM Host Server), while user mode emulation lets you run a single Linux process compiled for a certain CPU on another CPU. You can also use QEMU for debugging purposes - you can easily stop your running virtual machine, inspect its state and save and restore it later. QEMU consists of the following parts: processor emulator (x86, PowerPC, Sparc ...) emulated devices (graphic card, network card, hard drives, mice ...) generic devices used to connect the emulated devices to the related host devices descriptions of the emulated machines (PC, Power Mac ...) debugger user interface used to interact with the emulator As a virtualization solution, QEMU can be run together with the KVM kernel module. If the VM Guest hardware architecture is the same as the architecture of VM Host Server, QEMU can take advantage of the KVM acceleration.
Overview
91
Guest Installation
12
A virtual machine is comprised of data and operating system files that define the virtual environment. Virtual machines are hosted and controlled by the VM Host Server. This chapter provides generalized instructions for installing virtual machines. Before creating a virtual machine, consider the following: If you want to use an automated installation file (AutoYaST, NetWare Response File, or RedHat Kickstart), you should create and download it to a directory on the host machine server or make it available on the network. When creating sparse image files, make sure the partition on which you create them always has sufficient free space. The guest system has no means to check the host's disk space. Having no space left on the host partition causes write errors and loss of data on the guest system. NetWare and OES Linux virtual machines need a static IP address for each virtual machine you create. If you are installing Open Enterprise Server (OES) 2 Linux, you need a network installation source for OES 2 Linux software. For further prerequisites, consult the manuals of the respective operating system to install.
Guest Installation
93
The subcommand create tells qemu-img to create a new image. Specify the disk's format with the -f parameter. Currently, only the raw disk format is supported by Novell. The full path to the image file. The size of the image8 GB in this case. The image is created as a sparse file that grows when the disk is filled with data. The specified size defines the maximum size to which the image file can grow.
After at least one hard disk image is created, you can set up a virtual machine with qemu-kvm that will boot into the installation system:
qemu-kvm -name "sles11" -M pc-0.12 -m 768 \ -smp 2 -boot d \
94
-drive file=/images/sles11/hda,if=virtio,index=0,media=disk,format=raw \ -drive file=/isos/SLES-11-SP1-DVD-x86_64-GM-DVD1.iso,index=1,media=cdrom \ -net nic,model=virtio,macaddr=52:54:00:05:11:11 \ -vga cirrus -balloon virtio
Name of the virtual machine that will be displayed in the window caption and also used for the VNC server. This name must be unique. Specifies the machine type (Standard PC, ISA-only PC, or Intel-Mac). Use qemu-kvm -M ? to display a list of valid parameters. pc-0.12 is the default Standard PC. Maximum amount of memory for the virtual machine. Defines an SMP system with two processors. Specifies the boot order. Valid values are a, b (floppy 1 and 2), c (first harddisk), d (first CDROM), or n to p (Ether-boot from network adapter 1-3). Defaults to c. Defines the first (index=0) hard disk. It will be accessed as a paravirtualized (if=virtio) drive in raw format. The second (index=1) image drive will act as a CD-ROM. Defines a paravirtualized (model=virtio) network adapter with the MAC address 52:54:00:05:11:11. Be sure to specify a unique MAC address, otherwise a network conflict may occur. Specifies the graphic card. If you specify none, the graphic card will be disabled and it is then possible to connect and view the graphical output through VNC. Defines the paravirtualized balloon device that allows to dynamically change the amount of memory (up to the maximum value specified with the parameter -m).
After the installation of the guest operating system finishes, you can easily start the related virtual machine without the need to specify the CD-ROM device:
qemu-kvm -name "sles11" -M pc-0.12 -m 768 \ -smp 2 -boot c \ -drive file=/images/sles11/hda,if=virtio,index=0,media=disk,format=raw \ -net nic,model=virtio,macaddr=52:54:00:05:11:11 \ -vga cirrus -balloon virtio
Guest Installation
95
and supports the following subcommands: create Creates a new disk image on the filesystem. check Checks an existing disk image for errors. convert Converts an existing disk image to a new one in a different format. info Displays information about the relevant disk image. snapshot Manages snapshots of an existing disk images.
96
commit Applies changes made to an existing disk image. rebase Creates a new base image based on an existing image.
The format of the target image. To get a complete list of image formats supported by QEMU, run qemu-img -h and look at the last line of the output. Currently, Novell only supports the raw image format. It is a plain binary image with no advanced features, and, therefore, very portable from and to other emulators. Moreover, if your filesystem supports sparse files (most UNIX modern filesystems or NTFS do), the image occupies only the space actually used by its data. Some of the image formats support additional options to be passed on the command line. You can specify them here with the -o option. The raw image format supports only the size option, so it is possible to insert -o size=8G instead of adding the size option at the end of the command. Path to the target disk image to be created. Size of the target disk image (if not already specified with the -o size=<image_size> option. Optional suffixes for the image size are K (kilobyte), M (megabyte), G (gigabyte), or T (terabyte).
Guest Installation
97
To create a new disk image sles11sp1.raw in the directory /images growing up to a maximum size of 4 GB, run the following command:
tux@venus:~> qemu-img create -f raw -o size=4G /images/sles11sp1.raw Formatting '/images/sles11sp1.raw', fmt=raw size=4294967296 tux@venus:~> ls -l /images/sles11sp1.raw -rw-r--r-- 1 tux users 4294967296 Nov 15 15:56 /images/sles11sp1.raw tux@venus:~> qemu-img info /images/sles11sp1.raw image: /images/sles11sp1.raw file format: raw virtual size: 4.0G (4294967296 bytes) disk size: 0
As you can see, the virtual size of the newly created image is 4 GB, but the actual reported disk size is 0 as no data has been written to the image yet.
Applies compression on the target disk image. Only qcow and qcow2 formats support compression. The format of the source disk image. It is autodetected in most cases and can therefore be omitted. The format of the target disk image. Specify additional options relevant for the target image format. Use -o ? to view the list of options supported by the target image format: Path to the source disk image to be converted. Path to the converted target disk image.
tux@venus:~> qemu-img convert -O vmdk /images/sles11sp1.raw \ /images/sles11sp1.vmdk tux@venus:~> ls -l /images/ -rw-r--r-- 1 tux users 4294967296 16. lis 10.50 sles11sp1.raw -rw-r--r-- 1 tux users 2574450688 16. lis 14.18 sles11sp1.vmdk
98
To see a list of options relevant for the selected target image format, run the following command (replace with your image fomrmat):
tux@venus:~> qemu-img convert /images/sles11sp1.vmdk -o ? Supported options: size Virtual disk backing_file File name of compat6 VMDK version -O vmdk /images/sles11sp1.raw \
The format of the source disk image. It is autodetected in most cases and can therefore be omitted. Path to the source disk image to be converted.
If no error is found, the command returns no output. Otherwise, the type and number of errors found is shown.
tux@venus:~> qemu-img check -f qcow2 /images/sles11sp1.qcow2 ERROR: invalid cluster offset=0x2af0000 [...] ERROR: invalid cluster offset=0x34ab0000 378 errors were found on the image.
Guest Installation
99
2 Convert your existing disk image from your native format into the raw one. If your disk image format already is raw, skip this step.
tux@venus:~> qemu-img convert -f vmdk -O raw /images/sles11sp1.vmdk \ /images/original.raw
3 Append the newly created disk image /images/additional.raw to your converted existing one /images/original.raw.
tux@venus:~> cat /images/additional.raw >> /images/original.raw
4 If the format of your existing image was not raw, convert it back to its original format.
tux@venus:~> qemu-img convert -f raw /images/original.raw -O vmdk \ /images/expanded.vmdk
The /images/expanded.vmdk image now contains an empty space of 2 GB after the final partition. You can resize the existing partitions or add new ones.
100
Guest Installation
101
NOTE Currently, only the raw disk image format is supported by Novell. Virtual machine snapshots are created with the savevm command in the interactive QEMU monitor. You can assign a 'tag' to each snapshot which makes its identification easier. For more information on QEMU monitor, see Chapter 14, Administrating Virtual Machines with QEMU Monitor (page 133). Once your qcow2 disk image contains saved snapshots, you can inspect them with the qemu-img snapshot command. WARNING Do not create or delete virtual machine snapshots with the qemu-img snapshot command while the virtual machine is running. Otherwise, you can damage the disk image with the state of the virtual machine saved.
Unique identification number of the snapshot. Usually auto-incremented. Unique description string of the snapshot. It is meant as a human readable version of the ID. The disk space occupied by the snapshot. Note that the more memory is consumed by running applications, the bigger the snapshot is. Time and date the snapshot was created. The current state of the virtual machine's clock.
102
Once something breaks in your VM Guest and you need to restore the state of the saved snapshot (id 5 in our example), power off your VM Guest and do the following:
tux@venus:~> qemu-img snapshot -a 5 /images/sles11sp1.qcow2
Next time you run the virtual machine with qemu-kvm, it will be in the state of snapshot number 5. NOTE The qemu-img snapshot -c command is not related to the savevm command of QEMU monitor (see Chapter 14, Administrating Virtual Machines with QEMU Monitor (page 133). For example, you cannot apply a snapshot with qemu-img snapshot -a on a snapshot created with savevm in QEMU's monitor.
Guest Installation
103
104
While you can use the raw format for base images, you cannot use it for derived images because the raw format does not support the backing_file option. Use the qcow2 format for the derived images. For example, /images/sles11sp1_base.raw is the base image holding a freshly installed system.
tux@venus:~> qemu-img info /images/sles11sp1_base.raw image: /images/sles11sp1_base.raw file format: raw virtual size: 4.0G (4294967296 bytes) disk size: 2.4G
The image's reserved size is 4 GB, the actual size is 2.4 GB, and its format is raw. Create an image derived from the /images/sles11sp1_base.raw base image with:
tux@venus:~> qemu-img create -f qcow2 /images/sles11sp1_derived.qcow2 \ -o backing_file=/images/sles11sp1_base.raw Formatting '/images/sles11sp1_derived.qcow2', fmt=qcow2 size=4294967296 \ backing_file='/images/sles11sp1_base.raw' encryption=off cluster_size=0
Although the reserved size of the derived image is the same as the size of the base image (4 GB), the actual size is 140 kB only. The reason is that only changes made to the system inside the derived image are saved and the new image is in fact empty. Run the derived virtual machine, register it if needed, and apply the latest patches. Do any other changes in the system such as removing unneeded or installing new software packages. Then shut the VM Guest down and examine its details once more:
tux@venus:~> qemu-img info /images/sles11sp1_derived.qcow2 image: /images/sles11sp1_derived.qcow2 file format: qcow2 virtual size: 4.0G (4294967296 bytes) disk size: 1.1G cluster_size: 65536 backing file: /images/sles11sp1_base.raw \ (actual path: /images/sles11sp1_base.raw)
Guest Installation
105
The disk size value has grown to 1.1 GB, which is the disk space occupied by the changes on the filesystem compared to the base image.
This command created the new base image /images/sles11sp1_base2.raw using the raw format.
tux@venus:~> qemu-img info /images/sles11sp1_base2.raw image: /images/sles11sp1_base2.raw file format: raw virtual size: 4.0G (4294967296 bytes) disk size: 2.8G
The new image is 0.4 gigabytes bigger than the original base image. It uses no backing file, which means it is independent and therefore a base image. You can create new derived images based upon it. This lets you create a sophisticated hierarchy of virtual disk images for your organization, saving a lot of time and work.
106
Linux systems can mount an internal partition of a raw disk image using a 'loopback' device. The first example procedure is more complex but more illustrative, while the second one is straightforward: Procedure 12.1 Mounting Disk Image by Calculating Partition Offset 1 Set a loop device on the disk image whose partition you want to mount.
tux@venus:~> losetup /dev/loop0 /images/sles11sp1_base.raw
2 Find the sector size and the starting sector number of the partition you want to mount.
tux@venus:~> fdisk -lu /dev/loop0 Disk /dev/loop0: 4294 MB, 4294967296 bytes 255 heads, 63 sectors/track, 522 cylinders, total 8388608 sectors Units = sectors of 1 * 512 = 512 bytes Disk identifier: 0x000ceca8 Device Boot /dev/loop0p1 /dev/loop0p2 * Start 63 1542240 End 1542239 8385929 Blocks 771088+ 3421845 Id System 82 Linux swap 83 Linux
3 Calculate the partition start offset: sector_size * sector_start = 512 * 1542240 = 789626880 4 Delete the loop and mount the partition inside the disk image with the calculated offset on a prepared directory.
tux@venus:~> losetup -d /dev/loop0 tux@venus:~> mount -o loop,offset=789626880 /images/sles11sp1_base.raw /mnt/sles11sp1/ tux@venus:~> ls -l /mnt/sles11sp1/ total 112 drwxr-xr-x 2 root root 4096 Nov 16 10:02 drwxr-xr-x 3 root root 4096 Nov 16 10:27 drwxr-xr-x 5 root root 4096 Nov 16 09:11 [...] drwxrwxrwt 14 root root 4096 Nov 24 09:50 drwxr-xr-x 12 root root 4096 Nov 16 09:16 drwxr-xr-x 15 root root 4096 Nov 16 09:22 \
Guest Installation
107
5 Copy a file or files on the mounted partition and unmount it when finished.
tux@venus:~> cp /etc/X11/xorg.conf /mnt/sles11sp1/root/tmp tux@venus:~> ls -l /mnt/sles11sp1/root/tmp tux@venus:~> umount /mnt/sles11sp1/
Procedure 12.2 Mounting Disk Image while Utilizing kpartx 1 Set a loop device on the disk image whose partition you want to mount.
tux@venus:~> losetup /dev/loop0 /images/sles11sp1_base.raw
You can replace loop0p1 with the number of the partition you want to mount, for example loop0p3 to mount the third partition on the disk image. 4 Copy or move files or directories to and from the mounted partition as you like. Once you finish, unmount the partition and delete the loop.
tux@venus:~> umount /mnt/p1 tux@venus:~> losetup -d /dev/loop0
WARNING Never mount a partition of an image of a running virtual machine. This could corrupt the partition and break the whole VM Guest.
108
13
Once you have a virtual disk image ready (for more information on disk images, see Section 12.2, Managing Disk Images with qemu-img (page 96)), it is time to start the related virtual machine. Section 12.1, Basic Installation with qemu-kvm (page 94) introduced simple commands to install and run VM Guest. This chapter focuses on a more detailed explanation of qemu-kvm usage, and shows solutions of more specific tasks. For a complete list of qemu-kvm's options, see its manual page (man 1 qemu-kvm).
qemu-kvm understands a large number of options. Most of them define parameters of the emulated hardware, while others affect more general emulator behavior. If you do not supply any options, default values are used, and you need to supply the path to a disk image to be run. Path to the disk image holding the guest system you want to virtualize. qemu-kvm supports a large number of image formats. Use qemu-img --help to list them. If you do not supply the path to a disk image as a separate argument, you have to use the -drive file= option.
109
110
NOTE Currently, Novell supports only the default pc-0.12 machine type. -m megabytes Specifies how many megabytes are used for the virtual RAM size. Default is 128 MB. -balloon virtio Specifies a paravirtualized device to dynamically change the amount of virtual RAM memory assigned to VM Guest. The top limit is the amount of memory specified with -m. -cpu cpu_model Specifies the type of the processor (CPU) model. Run qemu-kvm -cpu ? to view a list of supported CPU models.
tux@venus:~> qemu-kvm -cpu ? x86 qemu64 x86 phenom x86 core2duo x86 kvm64 x86 qemu32 x86 coreduo x86 486 x86 pentium x86 pentium2 x86 pentium3 x86 athlon x86 n270
111
NOTE Currently, Novell supports only the kvm64 CPU model. -smp number_of_cpus Specifies how many CPUs will be emulated. QEMU supports up to 255 CPUs on the PC platform. This option also takes other CPU-related parameters, such as number of sockets, number of cores per socket, or number of threads per core. Following is an example of a working qemu-kvm command line:
qemu-kvm -name "SLES 11 SP1" -M pc-0.12 -m 512 -cpu kvm64 \ -smp 2 /images/sles11sp1.raw
-no-acpi Disables ACPI support. Try to use it if VM Guest reports problems with ACPI interface. -S QEMU starts with CPU stopped. To start CPU, enter c in QEMU monitor. For more information, see Chapter 14, Administrating Virtual Machines with QEMU Monitor (page 133). 112 Virtualization with KVM
This way you can effectively manage the configuration of your virtual machines' devices in a well-arranged way.
113
Instead of a timestamp, you can specify utc or localtime. The former instructs VM Guest to start at UTC (Coordinated Universal Time, see http://en .wikipedia.org/wiki/Utc), while the latter applies the local time setting.
114
index=index_of_connector Specifies the index number of a connector on the disk interface (see the if option) where the drive is connected. If not specified, the index is automatically incremented. media=type Specifies the type of the media. Can be disk for hard disks, or cdrom for removable CD-ROM drives. format=img_fmt Specifies the format of the connected disk image. If not specified, the format is autodetected. Currently, Novell supports only the raw format. boot='on' or 'off' Specifies whether booting from 'uncommon' devices (such as virtio) is allowed. If not specified, disks connected via virtio interface will refuse to boot. cache=method Specifies the caching method for the drive. Possible values are unsafe, writethrough, writeback, or none. For the qcow2 image format, choose writeback if you care about performance. none disables the host page cache and, therefore, is the safest option. Default is writethrough. TIP To simplify defining of block devices, QEMU understands several shortcuts which you may find handy when entering the qemu-kvm command line. You can use
qemu-kvm -cdrom /images/cdrom.iso
instead of
qemu-kvm -drive file=/images/cdrom.iso,index=2,media=cdrom
and
qemu-kvm -hda /images/imagei1.raw -hdb /images/image2.raw -hdc \ /images/image3.raw -hdd /images/image4.raw
instead of
115
TIP: Using Host Drives Instead of Images Normally you will use disk images (see Section 12.2, Managing Disk Images with qemu-img (page 96)) as disk drives of the virtual machine. However, you can also use existing VM Host Server disks, connect them as drives, and access them from VM Guest. Use the host disk device directly instead of disk image filenames. To access the host CD-ROM drive, use
qemu-kvm [...] -drive file=/dev/cdrom,media=cdrom
When accessing the host hard drive from VM Guest, always make sure the access is read-only. You can do so by modifying the host device permissions.
116
std Emulates a standard VESA 2.0 VBE video card. Use it if you intend to use high display resolution on VM Guest. cirrus Emulates Cirrus Logic GD5446 video card. Good choice if you insist on high compatibility of the emulated video hardware. Most operating systems (even Windows 95) recognize this type of card. TIP For best video performance with the cirrus type, use 16-bit color depth both on VM Guest and VM Host Server.
-no-frame Disables decorations for the QEMU window. Convenient for dedicated desktop workspace. Running Virtual Machines with qemu-kvm 117
-full-screen Starts QEMU graphical output in full screen mode. -no-quit Disables the 'close' button of QEMU window and prevents it from being closed by force. -alt-grab, -ctrl-grab By default QEMU window releases the 'captured' mouse after Ctrl + Alt is pressed. You can change the key combination to either Ctrl + Alt + Shift (-alt-grab), or Right Ctrl (-ctrl-grab).
tablet Emulates a pointer device that uses absolute coordinates (such as touchscreen). This option overrides the default PS/2 mouse emulation. The tablet device is useful
118
if you are viewing VM Guest via the VNC protocol. See Section 13.5, Viewing VM Guest with VNC (page 126) for more information.
where backend_type can be one of null, socket, udp, msmouse, vc, file, pipe, console, serial, pty, stdio, braille, tty, or parport. All character devices must have a unique identification string up to 127 characters long. It is used to identify the device in other related directives. For the complete description of all backend's suboptions, see the man page (man 1 qemu-kvm). A brief description of the available backends follows: null Creates an empty device which outputs no data and drops any data it receives. stdio Connects to QEMU's process standard input and standard output. socket Creates a two-way stream socket. If path is specified, a Unix socket is created:
qemu-kvm [...] -chardev \ socket,id=unix_socket1,path=/tmp/unix_socket1,server
The server suboption specifies that the socket is a listening socket. If port is specified, a TCP socket is created:
qemu-kvm [...] -chardev \ socket,id=tcp_socket1,host=localhost,port=7777,server,nowait
The command creates a local listening (server) TCP socket on port 7777. QEMU will not block waiting for a client to connect to the listening port (nowait). udp Sends all network traffic from VM Guest to a remote host over the UDP protocol.
119
The command binds port 7777 on the remote host mercury.example.com and sends VM Guest network traffic there. vc Creates a new QEMU text console. You can optionally specify the dimensions of the virtual console:
qemu-kvm [...] -chardev vc,id=vc1,width=640,height=480 -mon chardev=vc1
The command creates a new virtual console called vc1 of the specified size, and connects the QEMU monitor to it. file Logs all traffic from VM Guest to a file on VM Host Server. The path is required and will be created if it does not exist.
qemu-kvm [...] -chardev file,id=qemu_log1,path=/var/log/qemu/guest1.log
By default QEMU creates a set of character devices for serial and parallel ports, and a special console for QEMU monitor. You can, however, create your own character devices and use them for just mentioned purposes. The following options will help you: -serial char_dev Redirects the VM Guest's virtual serial port to a character device char_dev on VM Host Server. By default, it is a virtual console (vc) in graphical mode, and stdio in non-graphical mode. The -serial understands many suboptions. See the manual page man 1 qemu-kvm for their complete list. You can emulate up to 4 serial ports. Use -serial none to disable all serial ports. -parallel device Redirects the VM Guest's parallel port to a device. This option supports the same devices as -serial. TIP If your VM Host Server is Linux, you can directly use the hardware parallel port devices /dev/parportN where N is the number of the port.
120
You can emulate up to 3 parallel ports. Use -parallel none to disable all parallel ports. -monitor char_dev Redirects the QEMU monitor to a character device char_dev on VM Host Server. This option supports the same devices as -serial. By default, it is a virtual console (vc) in a graphical mode, and stdio in non-graphical mode.
Connects the network interface to VLAN number 1. You can specify your own number, it is mainly useful for identification purpose. If you omit this suboption, QEMU uses the default 0. Specifies the Media Access Control (MAC) address for the network card. It is a unique identifier and you are advised to always specify it. If not, QEMU supplies its own default MAC address and creates a possible MAC address conflict within the related VLAN. Specifies the model of the network card. Use -net nic,model=? to get the list of all network card models supported by QEMU on your platform: Currently, Novell supports the models rtl8139 and virtio.
This mode is useful if you want to allow VM Guest to access the external network resources, such as Internet. By default, no incoming traffic is permitted and therefore, VM Guest is not visible to other machines on the network. No administrator privileges are required in this networking mode. The user-mode is also useful to do a 'networkbooting' on your VM Guest from a local directory on VM Host Server. The VM Guest allocates an IP address from a virtual DHCP server. VM Host Server (the DHCP server) is reachable at 10.0.2.2, while the IP address range for allocation starts from 10.0.2.15. You can use ssh to connect to VM Host Server at 10.0.2.2, and scp to copy files back and forth.
122
Specifies user-mode networking. Connect to VLAN number 1. If omitted, defaults to 0. Specifies a human readable name of the network stack. Useful when identifying it in the QEMU monitor. Isolates VM Guest. It will not be able to communicate with VM Host Server and no network packets will be routed to the external network.
Specifies the IP address of the network that VM Guest sees and optionally the netmask. Default is 10.0.2.0/8. Specifies the VM Host Server IP address that VM Guest sees. Default is 10.0.2.2. Specifies the first of the 16 IP addresses that the built-in DHCP server can assign to VM Guest. Default is 10.0.2.15. Specifies the hostname that the built-in DHCP server will assign to VM Guest.
Activates a built-in TFTP (a file transfer protocol with the functionality of a very basic FTP) server. The files in the specified directory will be visible to VM Guest as the root of a TFTP server. Broadcasts the specified file as a BOOTP (a network protocol which offers an IP address and a network location of a boot image, often used in diskless workstations) file. When used together with tftp, VM Guest can boot from network from the local directory on the host. Running Virtual Machines with qemu-kvm 123
Forwards incoming TCP connections to the port 2222 on the host to the port 22 (SSH) on VM Guest. If sshd is running on VM Guest, enter
ssh qemu_host -p 2222
where qemu_host is the hostname or IP address of the host system, to get a SSH prompt from VM Guest.
124
Click Next. If asked about adapting already configured device, click Continue. 5 Click OK to apply the changes. Check if the bridge is created:
tux@venus:~> brctl show bridge name bridge id br0 8000.001676d670e4 STP enabled no interfaces eth0
Use the following example script to connect VM Guest to the newly created bridge interface br0. Several commands in the script are run via the sudo mechanism because they require root privileges. NOTE Make sure the tunctl and bridge-utils packages are installed on VM Host Server. If not, install them with zypper in tunctl bridge-utils.
#!/bin/bash bridge=br0 tap=$(/usr/bin/sudo /bin/tunctl -u $(/usr/bin/whoami) -b)
125
/usr/bin/sudo /sbin/ip link set $tap up sleep 1s /usr/bin/sudo /sbin/brctl addif $bridge $tap qemu-kvm -m 512 -hda /images/sles11sp1_base.raw \ -net nic,vlan=0,model=virtio,macaddr=00:16:35:AF:94:4B \ -net tap,vlan=0,ifname=$tap,script=no,downscript=no /usr/bin/sudo /sbin/brctl delif $bridge $tap /usr/bin/sudo /sbin/ip link set $tap down /usr/bin/sudo /bin/tunctl -d $tap
Name of the bridge device. Prepare a new TAP device and assign it to the user who runs the script. TAP devices are virtual network devices often used for virtualization and emulation setups. Bring up the newly created TAP network interface. Make a 1 second pause to make sure the new TAP network interface is really up. Add the new TAP device to the network bridge br0. The ifname= suboption specifies the name of the TAP network interface used for bridging. Before qemu-kvm connects to a network bridge, it checks the script and downscript values. If it finds the specified scripts on the VM Host Server filesystem, it runs the script before it connects to the network bridge and downscript after it exits the network environment. You can use these scripts to first set up and bring up the bridged network devices, and then to deconfigure them. By default, /etc/qemu-ifup and /etc/qemu-ifdown are examined. If script=no and downscript=no are specified, the script execution is disabled and you have to take care manually. Deletes the TAP interface from a network bridge br0. Sets the state of the TAP device to 'down'. Deconfigures the TAP device.
TIP When working with QEMU's virtual machine via VNC session, it is useful to work with the -usbdevice tablet option. Moreover, if you need to use another keyboard layout than the default en-us, specify it with the -k option. The first suboption of -vnc must be a display value. The -vnc option understands the following display specifications: host:display Only connections from host on the display number display will be accepted. The TCP port on which the VNC session is then running is normally a 5900 + display number. If you do not specify host, connections will be accepted from any host. unix:path The VNC server listens for connections on Unix domain sockets. The path option specifies the location of the related Unix socket. none The VNC server functionality is initialized, but the server itself is not started. You can start the VNC server later with the QEMU monitor. For more information, see Chapter 14, Administrating Virtual Machines with QEMU Monitor (page 133).
tux@venus:~> qemu-kvm [...] -vnc :5 (on the client:) wilber@jupiter:~> vinagre venus:5905 &
127
128
The Vinagre VNC viewer supports advanced authentication mechanisms. Therefore, it will be used to view the graphical output of VM Guest in the following examples. For this example, lets assume that the server x509 certificates ca-cert.pem, server -cert.pem, and server-key.pem are located in the /etc/pki/qemu directory on the host, while the client's certificates are distributed in the following locations on the client: /etc/pki/CA/cacert.pem /etc/pki/libvirt-vnc/clientcert.pem /etc/pki/libvirt-vnc/private/clientkey.pem Example 13.5 Password Authentication
qemu-kvm [...] -vnc :5,password -monitor stdio
Starts the VM Guest graphical output on VNC display number 5 (usually port 5905). The password suboption initializes a simple password-based authentication method. There is no password set by default and you have to set one with the change vnc password command in QEMU monitor:
QEMU 0.12.5 monitor - type 'help' for more information (qemu) change vnc password Password: ****
You need the -monitor stdio option here, because you would not be able to manage the QEMU monitor without redirecting its input/output.
129
Example 13.6 x509 Certificate Authentication The QEMU VNC server can use TLS encryption for the session and x509 certificates for authentication. The server asks the client for a certificate and validates it against the CA certificate. Use this authentication type if your company provides an internal certificate authority.
qemu-kvm [...] -vnc :5,tls,x509verify=/etc/pki/qemu
Example 13.7 x509 Certificate and Password Authentication You can combine the password authentication with TSL encryption and x509 certificate authentication to create a two-layer authentication model for clients. Remember to set the password in the QEMU monitor after you run the following command:
qemu-kvm [...] -vnc :5,password,tls,x509verify=/etc/pki/qemu -monitor stdio
130
Example 13.8 SASL Authentication Simple Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet protocols. It integrates several authentication mechanisms, like PAM, Kerberos, LDAP and more. SASL keeps its own user database, so the connecting user accounts do not need to exist on VM Host Server. For security reasons, you are advised to combine SASL authentication with TLS encryption and x509 certificates:
qemu-kvm [...] -vnc :5,tls,x509,sasl -monitor stdio
131
14
When QEMU is running, a monitor console is provided for performing interaction with the user. Using the commands available in the monitor console, it is possible to inspect the running operating system, change removable media, take screenshots or audio grabs and control several other aspects of the virtual machine.
133
info commands Lists available QMP commands info network Shows the network state info chardev Shows the character devices info block Information about block devices, such as hard drives, floppy drives, or CD-ROMs info blockstats Read and write statistics on block devices info registers Shows the CPU registers info cpus Shows information about available CPUs info history Shows the command line history info irq Shows the interrupts statistics info pic Shows the i8259 (PIC) state info pci Shows the PCI information info tlb Shows virtual to physical memory mappings info mem Shows the active virtual memory mappings
134
info hpet Shows state of HPET info jit Shows dynamic compiler information info kvm Shows the KVM information info numa Shows the NUMA information info usb Shows the guest USB devices info usbhost Shows the host USB devices info profile Shows the profiling information info capture Shows the capture (audio grab) information info snapshots Shows the currently saved virtual machine snapshots info status Shows the current virtual machine status info pcmcia Shows the guest PCMCIA status info mice Shows which guest mice is receiving events info vnc Shows the VNC server status
135
info name Shows the current virtual machine name info uuid Shows the current virtual machine UUID info usernet Shows the user network stack connection states info migrate Shows the migration status info balloon Shows the balloon device information info qtree Shows the device tree info qdm Shows the qdev device model list info roms Shows the ROMs
136
To list the key names used in the keys option, enter sendkey and press Tab. To control the mouse, the following commands can be used: mouse_move dxdy [dz] Move the active mouse pointer to the specified coordinates dx, dy with the optional scroll axis dz. mouse_button val Change the state of the mouse buttons (1=left, 2=middle, 4=right). mouse_set index Set which mouse device receives events. Device index numbers can be obtained with the info mice command.
137
If the balloon device is enabled, use the balloon memory_in_MB command to set the requested amount of memory:
(qemu) balloon 400
138
The format can be x (hex), d (signed decimal), u (unsigned decimal), o (octal), c (char) or i (assembly instruction). The size parameter can be b (8 bits), h (16 bits), w (32 bits) or g (64 bits). On x86, h or w can be specified with the i format to respectively select 16 or 32-bit code instruction size. is the number of the items to be dumped. xp /fmtaddr Makes a physical memory dump starting at address addr and formatted according to the fmt string. The fmt string consists of three parameters countformatsize: The count parameter is the number of the items to be dumped. The format can be x (hex), d (signed decimal), u (unsigned decimal), o (octal), c (char) or i (asm instruction). The size parameter can be b (8 bits), h (16 bits), w (32 bits) or g (64 bits). On x86, h or w can be specified with thei format to respectively select 16 or 32-bit code instruction size. is the number of the items to be dumped.
139
also create a snapshot after the virtual machine has been powered off to create a backup state before you try something experimental and possibly make VM Guest unstable. This section introduces the former case, while the latter is described in Section 12.2.3, Managing Snapshots of Virtual Machines with qemu-img Snapshot (page 101). The following commands are available for managing snapshosts in QEMU monitor: savevm name Creates a new virtual machine snapshot under the tag name or replaces an existing snapshot. loadvm name Loads a virtual machine snapshot tagged name. delvm Deletes a virtual machine snapshot. info snapshots Prints information about available snapshots.
(qemu) info snapshots Snapshot list: ID TAG VM SIZE DATE 1 booting 4.4M 2010-11-22 10:51:10 2 booted 184M 2010-11-22 10:53:03 3 logged_in 273M 2010-11-22 11:00:25 4 ff_and_term_running 372M 2010-11-22 11:12:27
Unique identification number of the snapshot. Usually auto-incremented. Unique description string of the snapshot. It is meant as a human readable version of the ID. The disk space occupied by the snapshot. Note that the more memory is consumed by running applications, the bigger the snapshot is. Time and date the snapshot was created. The current state of the virtual machine's clock.
140
141
Both hosts must be located in the same subnet. The guest on the source and destination hosts must be started in the same way. The live migration process has the following steps: 1 The virtual machine instance is running on the source host. 2 The virtual machine is started on the destination host in the frozen listening mode. The parameters used are the same as on the source host plus the -incoming tcp:ip:port parameter, where ip specifies the IP address and port specifies the port for listening to the incoming migration. If 0 is set as IP address, the virtual machine listens on all interfaces. 3 On the source host, switch to the monitor console and use the migrate -d tcp:destination_ip:port command to initiate the migration. 4 To determine the state of the migration, use the info migrate command in the monitor console on the source host. 5 To cancel the migration, use the migrate_cancel command in the monitor console on the source host. 6 To set the maximum tolerable downtime for migration in seconds, use the migrate_set_downtime number_of_seconds command. 7 To set the maximum speed for migration in bytes per second, use the migrate_set_speed bytes_per_second command.
142
Appendix
A.1 Installing Para-Virtualized Drivers
A.1.1 Installing Para-Virtualized Drivers for SUSE Linux Enterprise Server 10 SP3
Support for para-virtualized drivers is already built into all SUSE Linux Enterprise Server 11 SP1 Kernels, so virtio devices are supported out of the box. Para-virtualized drivers for SUSE Linux Enterprise Server 10 SP3 are not shipped with the product and need to be installed from a repository provided by Novell. It is recommended to install para-virtualized drivers during the installation as described in Section 5.3.1, Adding para-virtualized Drivers During the Installation (page 35). If you need to install the drivers on an existing virtual machine, follow the instructions below. 1 Add the para-virtualized drivers repository and the corresponding drivers update repositories with either the YaST Software Repositories module or with zypper ar. 2 Determine the flavor of the installed Kernel by running uname -r. The output string has the form Version-Flavor (for example 2.6.32.24-0.2-default). 3 Search for packages matching the string novell-virtio-drivers in the YaST Software Management module or with zypper se.
144
Storage: viostor\install\Win2003\x86\viostor.inf Windows Server 2003 64-bit Memory Ballooning: balloon\install\Win2003\amd64\balloon.inf Network: NetKVM\install\XP_Win2003\amd64\netkvm.inf Storage: viostor\install\XP\amd64\viostor.inf Windows Vista/Server 2008 32-bit Memory Ballooning: balloon\install\Vista_Win2008\x86\balloon .inf Network: NetKVM\install\Vista_Win2008\x86\netkvm.inf Storage: viostor\install\Vista_Win2008\x86\viostor.inf Windows Vista/Server 2008 64-bit Memory Ballooning: balloon\install\Vista_Win2008\amd64 \balloon.inf Network: NetKVM\install\Vista_Win2008\amd64\netkvm.inf Storage: viostor\install\Vista_Win2008\amd64\viostor.inf Windows 7 32-bit Memory Ballooning: balloon\install\Win7\x86\balloon.inf Network: NetKVM\install\Win7\x86\netkvm.inf Storage: viostor\install\Win7\x86\viostor.inf Windows 7 64-bit Memory Ballooning: balloon\install\Win7\amd64\balloon.inf Network: NetKVM\install\Win7\amd64\netkvm.inf Storage: viostor\install\Win7\amd64\viostor.inf
A.1.2.1 Windows 7
The following instructions show how to install para-virtualized storage an network drivers for Windows 7. Please make sure to exactly follow the instructions for installing
Appendix
145
the storage drivers, otherwise your system will either completely refuse to boot or will boot into a blue screen! IMPORTANT: Technical Support The following instructions require to use virsh edit. Using this command in principle is not supported by the Novell Technical Support. However, this special context (Installing Para-Virtualized Storage Drivers for Windows) is an exception from this rule. It will be supported with reasonable effort. Procedure A.1 Installing Para-Virtualized Storage Drivers for Windows 7 32-bit 1 Shut down the Windows 7 VM Guest and use Virtual Machine Manager to add an additional hard disk of type virtio (a para-virtualized hard disk). This disk is only temporarily needed and will be removed again from the VM Guest. 2 If necessary, use Virtual Machine Manager to adjust the Boot Device Order. It must start with Hard Disk, otherwise the system will not boot once the system disk is para-virtualized. You need to confirm your changes with Apply, otherwise they will not be written to the configuration. 3 Reboot the VM Guest. Once it has booted, open the Device Manager, for example, by opening the main menu and entering devmgmt.msc followed by Enter into the Start programs and files field. 4 Search for the entry Other devices > SCSI Controller. The entry is marked with an exclamation mark as being problematic. Right-click this entry and choose Update Driver Software. 5 Install the driver. Choose to Browse my computer for driver software. Use the Browse button to select the directory on the driver CD containing the storage drivers for your operating system and architecture (viostor\install\Win7\x86\). Confirm the security exception by clicking Install. 6 Once the driver installation is finished, a new Storage Controller named Novell VirtIO SCSI Adapater is listed in the Device Manager. Additionally, the entry Disk Drives now contains the temporary para-virtualized disk. It is listed as Novell VirtIO SCSI Disk Device.
146
7 Shut down the Windows 7 VM Guest and use Virtual Machine Manager to remove the temporary para-virtualized disk added earlier. 8 Changing the type of a virtual hard disk is currently not supported by Virtual Machine Managertherefore the XML configuration needs to be changed directly. Open a terminal and enter the following command (replace NAME with the name of you Windows 7 VM Guest). If operating from a remote host, also specify a connection URL with the -c parameter.
virsh edit NAME
An editor (vi by default) opens. Search for a block similar to the following:
<disk type='block' device='disk'> <driver name='qemu' type='raw'/> <source file='/var/lib/libvirt/images/win7.raw'/> <target dev='hda' bus='ide'/> <address type='drive' controller='0' bus='0' unit='0'/> </disk>
Remove the <address> tag. Change the attributes of the <target> tag to dev='vda' and bus='virtio':
<disk type='block' device='disk'> <driver name='qemu' type='raw'/> <source dev='/dev/Virtual/win7'/> <target dev='vda' bus='virtio'/> </disk>
Save the file. A successful save results in Domain NAME XML configuration edited. In case an error is reported (for example, when having produced invalid XML), the configuration has not been changed. 9 Restart the VM Guest. If starting it via Virtual Machine Manager, make sure the hardware change is visible in the Details screen before you start (this may take a few seconds after you have saved the configuration changes from virsh). Otherwise your changes will be overwritten with the configuration last used by Virtual Machine Manager. Your Windows 7 VM Guest now uses a para-virtualized system disk. Installing para-virtualized network drivers is very similar to installing the storage drivers:
Appendix
147
Procedure A.2 Installing Para-Virtualized Network Drivers for Windows 7 1 Shut down the Windows 7 VM Guest and use Virtual Machine Manager to add an additional network adapter of type virtio (a para-virtualized network adapter). This ensures that you still have network connectivity while installing the drivers. 2 Reboot the VM Guest and install the driver via the Device Manager as described above. The new network adapter can be found under Other devices > Ethernet controller. After a successful driver installation, a Novell VirtIO Ethernet Adapter is listed in the Device Manager under Network Adapters. 3 Shut down the VM Guest and remove the original, non-para-virtualized network adapter from the guest configuration using Virtual Machine Manager. Reboot the guestnow it uses a para-virtualized network adapter.
148
Appendix
149
2d Repeat the procedure for each client and server certificate you would like to export. 3 Finally export the CA certificate by performing the following steps: 3a Switch to the Description tab. 3b ChooseAdvanced > Export to File > Only the Certificate in PEM Format and enter the full path and the filename under File Name, for example, /tmp/ x509/cacert.pem.
150
-enable-kvm -fda/-fdb ... -full-screen -gdb ... -global ... -h -hda/-hdb/-hdc/-hdd ... -help -incoming ... -initrd ... -k ... -kernel ... -loadvm ... -m ... -mem-path ... -mem-prealloc -mon ... -monitor ... -M [pc|pc-0.12] -name ... -netdev ... -net [nic|user|tap|none] mode=[rtl8139|virtio] -no-acpi -nodefaults -no-frame -nographic -no-hpet -no-quit -no-reboot -no-shutdown -parallel ... -pcidevice ... -pidfile ... -readconfig ... -rtc ... -runas ...
Appendix
151
-s -S -sdl -serial ... -smbios ... -smp ... -tdf -usb -usbdevice [tablet|mouse] -uuid .. -version -vga [std|cirrus|none] -vnc ... -watchdog ... -watchdog-action ... -writeconfig ...
152
-icount ... -kvm-shadow-memory ... -L ... -M [pc-0.11|pc-0.10|isapc|mac] -mtdblock ... -net dump ... -net socket ... -no-fd-bootchk -no-kvm -no-kvm-irqchip -no-kvm-pit -no-kvm-pit-reinjection -numa ... -nvram ... -option-rom ... -osk -pflash ... -portrait -qmp ... -sd ... -set ... -show-cursor -singlestep -snapshot -soundhw ... -tb-size ... -usbdevice [disk|host|serial|braille|net] -vga [vmware|xenfb] -virtioconsole ... -win2k-hack
Appendix
153
? balloon target ... [c|cont] change device ... cpu ... eject ... gdbserver ... help info ... logfile ... logitem ... mce ... memsave ... migrate ... migrate_set_downtime ... migrate_set_speed ... mouse_button ... mouse_move ... mouse_set ... pmemsave ... [p|print] ... q sendkey ... stop system_powerdown watchdog_action ... x ... xp ...
154
acl_add ... acl_policy ... acl_remove ... acl_reset ... acl_show ... block_passwd ... boot_set close_fd ... commit ... cpu_set ... delvm ... device_add ... device_del ... drive_add ... hostfwd_add ... hostfwd_remove ... host_net_add ... host_net_remove ... i ... loadvm ... migrate_cancel nmi ... o ... pci_add ... pci_del... savevm ... screendump ... set_link ... singlestep ... stopcapture ... sum ... system_reset usb_add ... watchdog_action ... wavcapture ...
Appendix
155
GNU Licenses
This appendix contains the GNU General Public License version 2 and the GNU Free Documentation License version 1.2. GNU General Public License
Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundations software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each authors protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyones free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow.
GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The Program, below, refers to any such program or work, and a work based on the Program means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term modification.) Each licensee is addressed as you. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Programs source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the
158
Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and any later version, you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the copyright line and a pointer to where the full notice is found. one line to give the programs name and an idea of what it does. Copyright (C) yyyy name of author
GNU Licenses
159
free software; you can redistribute it and/or the terms of the GNU General Public License the Free Software Foundation; either version 2 or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w. This is free software, and you are welcome to redistribute it under certain conditions; type `show c for details. The hypothetical commands `show w and `show c should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w and `show c; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a copyright disclaimer for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision (which makes passes at compilers) written by James Hacker.
signature of Ty Coon, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License [http://www.fsf.org/licenses/lgpl.html] instead of this License.
PREAMBLE
The purpose of this License is to make a manual, textbook, or other functional and useful document free in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of copyleft, which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software.
160
We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference.
VERBATIM COPYING
You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies.
COPYING IN QUANTITY
If you publish printed copies (or copies in media that commonly have printed covers) of the Document, numbering more than 100, and the Documents license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects.
GNU Licenses
161
If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a computer-network location from which the general network-using public has access to download using public-standard network protocols a complete Transparent copy of the Document, free of added material. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document.
MODIFICATIONS
You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has fewer than five), unless they release you from this requirement. C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Documents license notice. H. Include an unaltered copy of this License. I. Preserve the section Entitled History, Preserve its Title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section Entitled History in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the History section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. For any section Entitled Acknowledgements or Dedications, Preserve the Title of the section, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section Entitled Endorsements. Such a section may not be included in the Modified Version. N. Do not retitle any existing section to be Entitled Endorsements or to conflict in title with any Invariant Section. O. Preserve any Warranty Disclaimers. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Versions license notice. These titles must be distinct from any other section titles. You may add a section Entitled Endorsements, provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one.
162
The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version.
COMBINING DOCUMENTS
You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice, and that you preserve all their Warranty Disclaimers. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections Entitled History in the various original documents, forming one section Entitled History; likewise combine any sections Entitled Acknowledgements, and any sections Entitled Dedications. You must delete all sections Entitled Endorsements.
COLLECTIONS OF DOCUMENTS
You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document.
TRANSLATION
Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License, and all the license notices in the Document, and any Warranty Disclaimers, provided that you also include the original English version of this License and the original versions of those notices and disclaimers. In case of a disagreement between the translation and the original version of this License or a notice or disclaimer, the original version will prevail. If a section in the Document is Entitled Acknowledgements, Dedications, or History, the requirement (section 4) to Preserve its Title (section 1) will typically require changing the actual title.
TERMINATION
You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance.
GNU Licenses
163
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled GNU Free Documentation License. If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts, replace the with...Texts. line with this: with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. If you have Invariant Sections without Cover Texts, or some other combination of the three, merge those two alternatives to suit the situation. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software.
164