Instituto Superior de Engenharia do Porto

Mestrado em Engenharia Eletrotécnica e de Computadores

Arquitetura de Computadores Working with multiple virtual machines

In what follows, we will create an isolated network with two virtual machines connected to it.
The network will be created using the Linux ethernet bridge mechanism. The virtual storage
Virtualization with KVM and libvirt
devices will be created using the QEMU qcow2 format. This format will be used because it
provides the mechanism of backing file, i.e., the same image can be used as a base for several
Introduction
virtual machines.
The KVM mechanism is best described in its own main web page1:
Table 1 – Raw and qcow2 QEMU disk image types
Raw Qcow2
KVM (for Kernel-based Virtual Machine) is a full virtualization solution for Linux on x86
hardware containing virtualization extensions (Intel VT or AMD-V). It consists of a loadable Raw is default format if no specific format is Qcow2 is an open-source format developed
kernel module, kvm.ko, that provides the core virtualization infrastructure and a processor specified while creating disk images. Raw as an alternative to the VMWare vmdk and
specific module, kvm-intel.ko or kvm-amd.ko. disk images do not have special features like Oracle Virtualbox vdi formats. Qcow2
compression, snapshot, etc. On the other provides features like compression, snapshot
Using KVM, one can run multiple virtual machines running unmodified Linux or Windows hand, raw disk images are faster than other and backing file.
images. Each virtual machine has private virtualized hardware: a network card, disk, disk image types.
graphics adapter, etc.

Exercises 2) Create a directory named after your student number under /opt and grant full access
permission to it for all system users:
1) KVM can be used by simply passing the --enable-kvm command line parameter to # mkdir /opt/student number
QEMU. In this first exercise, we will compare the performance between the execution of a # chmod 777 /opt/student_number
program in an emulated machine and its execution on a fully virtualized machine.
Move all files to that directory and, from now on, keep working on that directory:
1.1) Download the arcom_vm.img and launch the distribution using QEMU in emulation # mv * /opt/student_number
mode: # cd /opt/student_number
$ qemu-system-x86_64 arcom_vm.img
3) Create the arcom-vm1.qcow2 and arcom-vm2.qcow2 volumes (both backed by the
1.2) In the emulated machine, run /root/stress 100, where 100 is the number of arcom-vm.qcow2 volume) to be used by the virtual machines:
iterations executed by the program, and measure its execution time using a clock (host # qemu-img convert -O qcow2 arcom-vm.img arcom-vm.qcow2
application, smartphone, etc.). Note that this is the advisable procedure since time # qemu-img create -f qcow2 -o backing_file=arcom-vm.qcow2 arcom-vm1.qcow2
measurements in emulators and virtual machines (VMs) may be very inaccurate in several # qemu-img create -f qcow2 -o backing_file=arcom-vm.qcow2 arcom-vm2.qcow2
situations. # qemu-img info arcom-vm1.qcow2

Execution time:________________________________ The following script will be used to create a bridge with two virtual interfaces (vnet1 and
1.3) Shut down the virtual machine and relaunch QEMU with --enable-kvm parameter: vnet2) connected to it:
$ qemu-system-x86_64 –enable-kvm arcom_vm.img #!/bin/sh
set -x
Determine, by trial and error, the number of iterations to obtain an execution time ip tuntap add vnet1 mode tap
approximately equal to the one obtained before ip tuntap add vnet2 mode tap

# Bring up the tap devices

Number of iterations with KVM:________________________________ ip link set vnet1 up
ip link set vnet2 up

# Create the bridge to link the tap devices

ip link add kbr0 type bridge
1
https://www.linux-kvm.org/page/Main_Page

Virtualization with KVM and libvirt 1/14 Virtualization with KVM and libvirt 2/14
ARCOM – MEEC – ISEP – 2018/2019 ARCOM – MEEC – ISEP – 2018/2019
# Adding the interface into the bridge is
# done by setting its master to bridge_name
ip link set vnet1 master kbr0
ip link set vnet2 master kbr0

# Bring up the bridge

ip link set kbr0 up

# Show existing bridges

ip link show

Save the above script as ifup and enable execution permission for its owner (chmod u+x
ifup).

The following script will be used to delete all interfaces created by the ifup script:
#!/bin/sh
set -x

# Bring down the bridge

ip link set kbr0 down

# Delete the bridge

ip link del kbr0 Perform the static configuration of the ethernet card on each virtual machine using private IP
addresses, and test the connectivity using the ping command. For instance:
# Delete the tap devices
ip tuntap del vnet1 mode tap # ip a add 192.168.0.2/24 dev eth0
ip tuntap del vnet2 mode tap # ip link set eth0 up
# ping 192.168.0.1
Save the above script as ifdown and enable execution permission for its owner (chmod u+x
After the connectivity test, shutdown both virtual machines an run ./ifdown.
ifdown).
Libvirt
Create the isolated network by running ifup as root:
# ./ifup KVM can be more easily used via the libvirt API and tools. Libvirt provides an API to create,
modify, and control virtual machines. Some examples of libvirt tools are virt-install
Launch the first virtual machine, using vnet1 as ethernet adapter: (command line based, used only to create a virtual machine), virsh (command line based),
# qemu-kvm arcom-vm1.qcow2 -name arcom-kvm1 -m 64 \ and virt-manager (graphical interface). In this context, a virtual machine is called a “guest
-netdev tap,id=hostnet0,script=no,downscript=no,ifname=vnet1 \ domain”. Each VM has an associated XML file with all its settings.
-device virtio-net-pci,netdev=hostnet0,mac=00:50:56:00:00:01
In this exercise, similarly to the previous exercise, we will configure and test two virtual
Note that, to enable connectivity between virtual machines, it is necessary to specify a different machines connected through an isolated virtual network. However, this time the tasks will be
MAC address for each interface on the same ethernet network. carried out using the libvirt tools.
Open a new terminal to launch the second virtual machine. In this case, the virtual machine
will be launched as a daemon (in background and detached from the terminal, -daemonize Create the following XML file:
parameter), and it will use the Virtual Network Computing (VNC) system for video output (-
display vnc:0). # cat mynet1.xml
<network ipv6='yes'>
# qemu-kvm arcom-vm2.qcow2 -name arcom-kvm2 -m 64 \ <name>mynet1</name>
-netdev tap,id=hostnet0,script=no,downscript=no,ifname=vnet2 \ </network>
-device virtio-net-pci,netdev=hostnet0,mac=00:50:56:00:00:02 \
-daemonize -display vnc=:0 Create an isolated virtual network, named mynet1, using virsh:
VNC is a graphical desktop sharing system where the system sharing its display acts as a # virsh net-define mynet1.xml
# virsh net-dumpxml mynet1
server, providing the access through ports 5900 (for display :0), 5901 (for display :1) and so # virsh net-start mynet1
on. To access the remote display, a VNC client is required, such vinagre or reminna:

Virtualization with KVM and libvirt 3/14 Virtualization with KVM and libvirt 4/14
ARCOM – MEEC – ISEP – 2018/2019 ARCOM – MEEC – ISEP – 2018/2019
 # virt-manager
Create the first virtual machine using the command line tool virt-install2:
You should be presented with a graphical window, with a list of virtual machines. You should
virt-install --name arcom-kvm1 --ram 64 --graphics vnc --disk path=arcom-vm1.qcow2
be able to find the previously created VM:
--import --network network=mynet1,model=virtio

The virtual machine is started and the virt-install command blocks until the machine is
powered off. In order to power off the machine, you must connect to it (using the VNC client)
and execute the poweroff command (still in the virtual machine).

Afterward, the machine can be restarted, stopped and powered off using the virsh tool.
To list all virtual machines managed through libvirt:
# virsh list --all

To start the virtual machine:

# virsh start arcom-kvm1
# virsh list --all

To suspend a running a virtual machine:

# virsh suspend arcom-kvm1
# virsh list --all

The VM is kept in memory but it won't be scheduled for execution. If you try to use the VM’s
terminal, you will get no response from it. To resume execution of the virtual machine:
# virsh resume arcom-kvm1
# virsh list --all

The VM should become responsive again.

To power off your virtual machine (i.e., the equivalent to pressing the power off button on a
real machine):
# virsh destroy arcom-kvm1
# virsh list --all

If the guest operating system supports the Advanced Configuration and Power Interface
(ACPI), a software shutdown can be requested:
# virsh shutdown arcom-kvm1

To display the machine configuration in XML format:

# virsh dumpxml arcom-kvm1

The same information can be obtained directly from the corresponding XML file:
cat /etc/libvirt/qemu/arcom-kvm1.xml

The virsh and virt-install utilities are particularly useful for scripting and for quick
checks. On the other hand, the virt-manager utility provides a more user-friendly
environment. Create the second VM using the virt-manager utility:

2
The –import parameter is used to build a guest around an existing disk image (the default is to install from a
given installation source). The device used for booting is the first device specified via "--disk" or "--filesystem".

Virtualization with KVM and libvirt 5/14 Virtualization with KVM and libvirt 6/14
ARCOM – MEEC – ISEP – 2018/2019 ARCOM – MEEC – ISEP – 2018/2019
Virtualization with KVM and libvirt 7/14 Virtualization with KVM and libvirt 8/14
ARCOM – MEEC – ISEP – 2018/2019 ARCOM – MEEC – ISEP – 2018/2019
 Appendix – Virtualization packages for fedora
(from https://docs.fedoraproject.org/en-US/quick-docs/getting-started-with-virtualization/)

Run the following command to install the mandatory and default packages in the
virtualization group:

# dnf install @virtualization

After the packages install, start the libvirtd service:

# systemctl start libvirtd

To start the service on boot, run:

# systemctl enable libvirtd

To verify that the KVM kernel modules are properly loaded:

$ lsmod | grep kvm

kvm_amd 55563 0
kvm 419458 1 kvm_amd

If this command lists kvm_intel or kvm_amd, KVM is properly configured.

Complete the VM creation by pressing “Begin Installation”. The arcom-kvm2 VM will be
started. Go to the Virtual Manager main window and start the arcom-kvm1 VM.
$ dnf group info "Virtualization"
Follow the same procedure of the first exercise to manually configure the network interface
cards of both VMs, and to test the connectivity between them.

To finish the exercise, power off and delete your virtual machines:
# virsh list --all
# virsh destroy arcom-kvm1
# virsh destroy arcom-kvm2
# virsh list --all
# virsh undefine arcom-kvm1
# virsh undefine arcom-kvm2
# virsh list --all

Virtualization with KVM and libvirt 9/14 Virtualization with KVM and libvirt 10/14
ARCOM – MEEC – ISEP – 2018/2019 ARCOM – MEEC – ISEP – 2018/2019
Appendix - Creation of the system image
Finally, unmount the file system and detach the network block device:
Obtain the kernel and root file system archive files: # umount m
# qemu-nbd -d /dev/nbd0
$ wget http://www.dee.isep.ipp.pt/~jes/arcom/Lab8-KVM/bzImage
$ wget http://www.dee.isep.ipp.pt/~jes/arcom/Lab8-KVM/rootfs.tar.xz

The provided bzImage and rootfs.tar.xz were built with Buildroot, using the configurations in
qemu_x86_64_defconfig.

$ mkdir rootfs
$ tar xvf rootfs.tar.xz -C rootfs
$ dd if=/dev/zero of=arcom-vm.img bs=1M count=16
# modprobe nbd
# qemu-nbd --format=raw --connect=/dev/nbd0 arcom-vm.img

Use fdisk to create a single partition on /dev/ndb0, marked as bootable (‘a’ command),
using all disk space. After that operation, the output of ls -l /dev/ndb0* should present a
new device, /dev/nbd0p1.

Create an ext4 file system on/dev/nbd0p1, containing the files in rootfs/ 3:

# mkfs.ext4 /dev/nbd0p1 -d rootfs/ -O \^64bit

Copy the Linux kernel to the /boot directory in the first partition:
# mkdir m
# mount /dev/nbd0p1 m
# mkdir -p m/boot/extlinux
# cp bzImage m/boot

Create the m/boot/extlinux.conf file with the following contents:

DEFAULT linux
SAY Now booting the kernel from SYSLINUX...
LABEL linux
KERNEL ../bzImage
APPEND root=/dev/sda1

The file above will be used by the Extlinux bootloader. The bootloader is installed by the
following command:
# extlinux --install m/boot/extlinux
# dd if=/usr/share/syslinux/mbr.bin of=/dev/nbd0

3
As of Syslinux 6.03, "pure 64-bits", compression and/or encryption are not supported
(https://www.syslinux.org/wiki/index.php?title=Filesystem#ext)

Virtualization with KVM and libvirt 11/14 Virtualization with KVM and libvirt 12/14
ARCOM – MEEC – ISEP – 2018/2019 ARCOM – MEEC – ISEP – 2018/2019
Appendix –Additional virt-install examples Bibliography
• Chirammal, Humble Devassy, Mastering KVM Virtualization, Packt Publishing, 2016
Creation of a VM based on a external kernel image (kernel=…), specification of kernel • USE LLC, Virtualization Guide, openSUSE Leap 15.0, 2018
parameters (kernel_args=…), and with no graphical output (--graphics none).

virt-install --name vm1 --disk path=rootfs.ext4 --import --boot Document history

kernel=bzImage,kernel_args="root=/dev/sda" --graphics none • 2018-11-19 – created by Jorge Estrela da Silva ([email protected])

The --boot parameter can also be used to create a virtual machine that is started each time
the host starts.

Virtualization with KVM and libvirt 13/14 Virtualization with KVM and libvirt 14/14
ARCOM – MEEC – ISEP – 2018/2019 ARCOM – MEEC – ISEP – 2018/2019