文件: xen 虚拟化操作笔记(无理论版)——基本安装配置以及基本网络配置(第二次修改).pdf 大小: 309KB 下载: 下载

xen虚拟化操作笔记(无理论版)

——基本安装配置以及基本网络配置

版权

GNU

作者信息

Alin Fang (Fang Yunlin)

MSN: cst05001@hotmail.com

G Talk: cst05001@gmail.com

Blog: http://www.alinblog.cn/

修改日期

21 Oct, 2008

第二次修改

声明

本人实验笔记，非权威文档。如有错误请告知。十分感谢！

预科班

虽说是物理论版，为了保险，基础的东西还是提一点吧。

上图是xen的简易框架图。有不少哥们以为说xen虚拟机是启动了Domain0（宿主机）后，在宿主机上启动了DomainU。

其实不是这样的。

Domain0只是一个具有控制Hypervisor特权的Domain，而所有的Domain都是由Hypervisor调度运行的！也就是从某种意义上来说，所有的Domain都是平行的。

你眼睛所看到的操作系统，也是运行在由Hypervisor调度的Domain0这个环境里面的虚拟机。

安装xen虚拟套件以及配置Domain0

这个是我的本地yum源配置

[root@dhcp-0-122 ~]# cat /etc/yum.repos.d/custom.repo

[VT]

name=VT

baseurl=file:/misc/cd/VT

enabled=1

gpgcheck=0

[Client]

name=Client

baseurl=file:/misc/cd/Client

enabled=1

gpgcheck=0

[Workstation]

name=Workstation

baseurl=file:/misc/cd/Workstation

enabled=1

gpgcheck=0

[root@dhcp-0-122 ~]#

先安装虚拟化组件

[root@dhcp-0-122 ~]# yum grouplist

Loading "rhnplugin" plugin

Loading "security" plugin

This system is not registered with RHN.

RHN support will be disabled.

Setting up Group Process

Installed Groups:

Office/Productivity

Administration Tools

Editors

System Tools

Text-based Internet

Games and Entertainment

Legacy Software Development

Network Servers

Legacy Software Support

X Window System

Web Server

Printing Support

Mail Server

Server Configuration Tools

Graphical Internet

Available Groups:

Engineering and Scientific

MySQL Database

GNOME Software Development

X Software Development

Virtualization

Legacy Network Server

DNS Name Server

Authoring and Publishing

FTP Server

Java Development

OpenFabrics Enterprise Distribution

Graphics

Windows File Server

Eclipse

KDE Software Development

KDE (K Desktop Environment)

Sound and Video

PostgreSQL Database

Development Libraries

News Server

Development Tools

Done

[root@dhcp-0-122 ~]# yum groupinstall Virtualization

Loading "rhnplugin" plugin

Loading "security" plugin

This system is not registered with RHN.

RHN support will be disabled.

Setting up Group Process

Package Virtualization-en-US - 5.2-9.noarch already installed and latest version

Resolving Dependencies

--> Running transaction check

---> Package gnome-applet-vm.i386 0:0.1.2-1.el5 set to be updated

--> Processing Dependency: libxenstore.so.3.0 for package: gnome-applet-vm

---> Package xen.i386 0:3.0.3-64.el5 set to be updated

--> Processing Dependency: python-virtinst for package: xen

--> Processing Dependency: bridge-utils for package: xen

---> Package kernel-xen.i686 0:2.6.18-92.el5 set to be installed

---> Package libvirt.i386 0:0.3.3-7.el5 set to be updated

--> Processing Dependency: dnsmasq for package: libvirt

---> Package virt-manager.i386 0:0.5.3-8.el5 set to be updated

--> Processing Dependency: libvirt-python >= 0.3.3 for package: virt-manager

--> Processing Dependency: gtk-vnc-python for package: virt-manager

--> Processing Dependency: gnome-python2-gnomekeyring >= 2.15.4 for package: virt-manager

---> Package virt-viewer.i386 0:0.0.2-2.el5 set to be updated

--> Processing Dependency: libgtk-vnc-1.0.so.0 for package: virt-viewer

--> Running transaction check

---> Package libvirt-python.i386 0:0.3.3-7.el5 set to be updated

---> Package python-virtinst.noarch 0:0.300.2-8.el5 set to be updated

---> Package gtk-vnc.i386 0:0.3.2-3.el5 set to be updated

---> Package bridge-utils.i386 0:1.1-2 set to be updated

---> Package gtk-vnc-python.i386 0:0.3.2-3.el5 set to be updated

---> Package xen-libs.i386 0:3.0.3-64.el5 set to be updated

---> Package dnsmasq.i386 0:2.39-2.el5 set to be updated

---> Package gnome-python2-gnomekeyring.i386 0:2.16.0-2.el5 set to be updated

--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================

Package Arch Version Repository Size

=============================================================================

Installing:

gnome-applet-vm i386 0.1.2-1.el5 VT 75 k

Installing for dependencies:

bridge-utils i386 1.1-2 Client 28 k

dnsmasq i386 2.39-2.el5 Client 151 k

gnome-python2-gnomekeyring i386 2.16.0-2.el5 Client 15 k

gtk-vnc i386 0.3.2-3.el5 Client 51 k

gtk-vnc-python i386 0.3.2-3.el5 Client 9.8 k

kernel-xen i686 2.6.18-92.el5 Client 15 M

libvirt i386 0.3.3-7.el5 VT 917 k

libvirt-python i386 0.3.3-7.el5 VT 74 k

python-virtinst noarch 0.300.2-8.el5 VT 161 k

virt-manager i386 0.5.3-8.el5 VT 1.2 M

virt-viewer i386 0.0.2-2.el5 VT 24 k

xen i386 3.0.3-64.el5 VT 1.8 M

xen-libs i386 3.0.3-64.el5 Client 141 k

Transaction Summary

=============================================================================

Install 14 Package(s)

Update 0 Package(s)

Remove 0 Package(s)

Total download size: 20 M

Is this ok [y/N]: y

Downloading Packages:

Running rpm_check_debug

Running Transaction Test

Finished Transaction Test

Transaction Test Succeeded

Running Transaction

Installing: xen-libs ####################### [ 1/14]

Installing: bridge-utils ####################### [ 2/14]

Installing: gtk-vnc ####################### [ 3/14]

Installing: gtk-vnc-python ####################### [ 4/14]

Installing: gnome-python2-gnomekeyring ####################### [ 5/14]

Installing: dnsmasq ####################### [ 6/14]

Installing: libvirt ####################### [ 7/14]

Installing: libvirt-python ####################### [ 8/14]

Installing: virt-viewer ####################### [ 9/14]

Installing: python-virtinst ####################### [10/14]

Installing: virt-manager ####################### [11/14]

Installing: kernel-xen ####################### [12/14]

Installing: xen ####################### [13/14]

Installing: gnome-applet-vm ####################### [14/14]

Installed: gnome-applet-vm.i386 0:0.1.2-1.el5

Dependency Installed: bridge-utils.i386 0:1.1-2 dnsmasq.i386 0:2.39-2.el5 gnome-python2-gnomekeyring.i386 0:2.16.0-2.el5 gtk-vnc.i386 0:0.3.2-3.el5 gtk-vnc-python.i386 0:0.3.2-3.el5 kernel-xen.i686 0:2.6.18-92.el5 libvirt.i386 0:0.3.3-7.el5 libvirt-python.i386 0:0.3.3-7.el5 python-virtinst.noarch 0:0.300.2-8.el5 virt-manager.i386 0:0.5.3-8.el5 virt-viewer.i386 0:0.0.2-2.el5 xen.i386 0:3.0.3-64.el5 xen-libs.i386 0:3.0.3-64.el5

Complete!

[root@dhcp-0-122 ~]#

修改grub配置，使其默认引导hypervisor，而不是普通kernel。

这个是我修改后的grub配置

[root@dhcp-0-122 ~]# cat /boot/grub/grub.conf

# grub.conf generated by anaconda

#

# Note that you do not have to rerun grub after making changes to this file

# NOTICE: You have a /boot partition. This means that

# all kernel and initrd paths are relative to /boot/, eg.

# root (hd0,0)

# kernel /vmlinuz-version ro root=/dev/vg0/LogVol00

# initrd /initrd-version.img

#boot=/dev/sda

default=0

timeout=5

splashimage=(hd0,0)/grub/splash.xpm.gz

hiddenmenu

title Red Hat Enterprise Linux Client (2.6.18-92.el5xen)

root (hd0,0)

kernel /xen.gz-2.6.18-92.el5

module /vmlinuz-2.6.18-92.el5xen ro root=/dev/vg0/LogVol00 rhgb quiet

module /initrd-2.6.18-92.el5xen.img

title Red Hat Enterprise Linux Client (2.6.18-92.el5)

root (hd0,0)

kernel /vmlinuz-2.6.18-92.el5 ro root=/dev/vg0/LogVol00 rhgb quiet

initrd /initrd-2.6.18-92.el5.img

[root@dhcp-0-122 ~]#

重启加载hypervisor，启动Dom0。

[root@dhcp-0-122 ~]# reboot

确认Dom0启动。

[root@dhcp-0-122 ~]# uname -r

2.6.18-92.el5xen

[root@dhcp-0-122 ~]#

安装基于LVM存储的虚拟机

我打算安装一台装有Red Hat Enterprise Linux update 2 Server的虚拟机。

搭建安装树

[root@dhcp-0-122 public]# pwd

/public

[root@dhcp-0-122 public]# tree

.

|-- install

`-- iso

`-- rhel-5.2-server-i386-dvd.iso

2 directories, 1 file

[root@dhcp-0-122 public]#

编辑fstab，使得系统开机自动能自动挂载光盘镜像作为安装树

这个是我fstab的配置

[root@dhcp-0-122 public]# cat /etc/fstab

/dev/vg0/LogVol00 / ext3 defaults 1 1

LABEL=/boot1 /boot ext3 defaults 1 2

tmpfs /dev/shm tmpfs defaults 0 0

devpts /dev/pts devpts gid=5,mode=620 0 0

sysfs /sys sysfs defaults 0 0

proc /proc proc defaults 0 0

LABEL=SWAP-sda2 swap swap defaults 0 0

/public/iso/rhel-5.2-server-i386-dvd.iso /public/install iso9660 loop,ro0 0

让fstab配置生效

[root@dhcp-0-122 public]# mount -a

[root@dhcp-0-122 public]#

搭建ftp服务器使得DomainU可以远程使用安装树

[root@dhcp-0-122 misc]# yum install vsftpd

Loading "rhnplugin" plugin

Loading "security" plugin

This system is not registered with RHN.

RHN support will be disabled.

Setting up Install Process

Parsing package install arguments

Resolving Dependencies

--> Running transaction check

---> Package vsftpd.i386 0:2.0.5-12.el5 set to be updated

filelists.xml.gz 100% |=========================| 762 kB 00:00

filelists.xml.gz 100% |=========================| 1.7 MB 00:00

filelists.xml.gz 100% |=========================| 31 kB 00:00

--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================

Package Arch Version Repository Size

=============================================================================

Installing:

vsftpd i386 2.0.5-12.el5 Workstation 138 k

Transaction Summary

=============================================================================

Install 1 Package(s)

Update 0 Package(s)

Remove 0 Package(s)

Total download size: 138 k

Is this ok [y/N]: y

Downloading Packages:

Running rpm_check_debug

Running Transaction Test

Finished Transaction Test

Transaction Test Succeeded

Running Transaction

Installing: vsftpd ######################### [1/1]

Installed: vsftpd.i386 0:2.0.5-12.el5

Complete!

[root@dhcp-0-122 misc]# vim /etc/vsftpd/vsftpd.conf

在里面添加一行

anon_root=/public

重启ftp服务器

[root@dhcp-0-122 misc]# service vsftpd restart

Shutting down vsftpd: [FAILED]

Starting vsftpd for vsftpd: [ OK ]

[root@dhcp-0-122 misc]# chkconfig vsftpd --level 35 on

[root@dhcp-0-122 misc]#

检测ftp服务器是否正常工作

[root@dhcp-0-122 misc]# lftp 127.0.0.1

lftp 127.0.0.1:~> ls

drwxr-xr-x 8 0 0 16384 Apr 30 23:23 install

drwxr-xr-x 2 0 0 4096 Oct 21 09:24 iso

lftp 127.0.0.1:/> exit

[root@dhcp-0-122 misc]#

安装虚拟机

Red Hat Enterprise Linux 5 update 2提供了两种常规情况下的虚拟机安装工具，一个是GUI的virt-manager，一个是CLI的virt-install。

我这里选择virt-install。

查看下帮助

[root@dhcp-0-122 misc]# virt-install --help

usage: virt-install [options]

options:

-h, --help show this help message and exit

-n NAME, --name=NAME Name of the guest instance

-r MEMORY, --ram=MEMORY

Memory to allocate for guest instance in megabytes

-u UUID, --uuid=UUID UUID for the guest; if none is given a random UUID

will be generated. If you specify UUID, you should use

a 32-digit hexadecimal number.

--vcpus=VCPUS Number of vcpus to configure for your guest

--check-cpu Check that vcpus do not exceed physical CPUs and warn

if they do.

--cpuset=CPUSET Set which physical CPUs Domain can use.

-f DISKFILE, --file=DISKFILE

File to use as the disk image

-s DISKSIZE, --file-size=DISKSIZE

Size of the disk image (if it doesn't exist) in

gigabytes

--nonsparse Don't use sparse files for disks. Note that this will

be significantly slower for guest creation

--nodisks Don't set up any disks for the guest.

-m MAC, --mac=MAC Fixed MAC address for the guest; if none or RANDOM is

given a random address will be used

-b BRIDGE, --bridge=BRIDGE

Bridge to connect guest NIC to; if none given, will

try to determine the default

-w NETWORK, --network=NETWORK

Connect the guest to a virtual network, forwarding to

the physical network with NAT

--vnc Use VNC for graphics support

--vncport=VNCPORT Port to use for VNC

--sdl Use SDL for graphics support

--nographics Don't set up a graphical console for the guest.

--noautoconsole Don't automatically try to connect to the guest

console

-k KEYMAP, --keymap=KEYMAP

set up keymap for a graphical console

--accelerate Use kernel acceleration capabilities

--connect=CONNECT Connect to hypervisor with URI

--livecd Specify the CDROM media is a LiveCD

-v, --hvm This guest should be a fully virtualized guest

-c CDROM, --cdrom=CDROM

File to use a virtual CD-ROM device for fully

virtualized guests

--pxe Boot an installer from the network using the PXE boot

protocol

--os-type=OS_TYPE The OS type for fully virtualized guests, e.g.

'linux', 'unix', 'windows'

--os-variant=OS_VARIANT

The OS variant for fully virtualized guests, e.g.

'fedora6', 'rhel5', 'solaris10', 'win2k', 'vista'

--noapic Disables APIC for fully virtualized guest (overrides

value in os-type/os-variant db)

--noacpi Disables ACPI for fully virtualized guest (overrides

value in os-type/os-variant db)

--arch=ARCH The CPU architecture to simulate

-p, --paravirt This guest should be a paravirtualized guest

-l LOCATION, --location=LOCATION

Installation source for paravirtualized guest (eg,

nfs:host:/path, ftp://host/path)

-x EXTRA, --extra-args=EXTRA

Additional arguments to pass to the installer with

paravirt guests

-d, --debug Print debugging information

--noreboot Disables the automatic rebooting when the installation

is complete.

--force Do not prompt for input. Answers yes where applicable,

terminates for all other prompts

[root@dhcp-0-122 misc]#

创建存储

我磁盘上已经搭建好了LVM，搭建方法不在本篇讨论反问之内。

这个是我的LVM结构

[root@dhcp-0-122 misc]# pvdisplay

--- Physical volume ---

PV Name /dev/sda3

VG Name vg0

PV Size 146.91 GB / not usable 4.80 MB

Allocatable yes

PE Size (KByte) 32768

Total PE 4701

Free PE 4233

Allocated PE 468

PV UUID K0uQRz-cdSh-SnqZ-Ut15-Qjvu-LjVb-Dmh7m4

[root@dhcp-0-122 misc]# vgdisplay

--- Volume group ---

VG Name vg0

System ID

Format lvm2

Metadata Areas 1

Metadata Sequence No 2

VG Access read/write

VG Status resizable

MAX LV 0

Cur LV 1

Open LV 1

Max PV 0

Cur PV 1

Act PV 1

VG Size 146.91 GB

PE Size 32.00 MB

Total PE 4701

Alloc PE / Size 468 / 14.62 GB

Free PE / Size 4233 / 132.28 GB

VG UUID A6IMDs-QhHl-E3Fy-HZim-R8GS-jKhm-TDxGSE

[root@dhcp-0-122 misc]# lvdisplay

--- Logical volume ---

LV Name /dev/vg0/LogVol00

VG Name vg0

LV UUID m23mY9-gdBv-kHmy-T4X3-AbWb-bYof-0PiWEz

LV Write Access read/write

LV Status available

# open 1

LV Size 14.62 GB

Current LE 468

Segments 1

Allocation inherit

Read ahead sectors auto

- currently set to 256

Block device 253:0

[root@dhcp-0-122 misc]#

为即将安装的虚拟机创建存储

[root@dhcp-0-122 misc]# lvcreate -n vm1 -L 8G vg0

/dev/cdrom: open failed: Read-only file system

Logical volume "vm1" created

[root@dhcp-0-122 misc]# lvdisplay

--- Logical volume ---

LV Name /dev/vg0/LogVol00

VG Name vg0

LV UUID m23mY9-gdBv-kHmy-T4X3-AbWb-bYof-0PiWEz

LV Write Access read/write

LV Status available

# open 1

LV Size 14.62 GB

Current LE 468

Segments 1

Allocation inherit

Read ahead sectors auto

- currently set to 256

Block device 253:0

--- Logical volume ---

LV Name /dev/vg0/vm1

VG Name vg0

LV UUID 5wYSoW-1Atl-o7fT-PUKs-xGUA-RjyW-mNEF1h

LV Write Access read/write

LV Status available

# open 0

LV Size 8.00 GB

Current LE 256

Segments 1

Allocation inherit

Read ahead sectors auto

- currently set to 256

Block device 253:1

[root@dhcp-0-122 misc]#

这个是当前的网络环境

[root@dhcp-0-122 misc]# ifconfig

eth0 Link encap:Ethernet HWaddr 00:18:8B:0E:32:24

inet addr:10.66.0.122 Bcast:10.66.1.255 Mask:255.255.254.0

inet6 addr: fe80::218:8bff:fe0e:3224/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:2188964 errors:0 dropped:0 overruns:0 frame:0

TX packets:1136096 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:3235426395 (3.0 GiB) TX bytes:89795414 (85.6 MiB)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:1837 errors:0 dropped:0 overruns:0 frame:0

TX packets:1837 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:4732456 (4.5 MiB) TX bytes:4732456 (4.5 MiB)

peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link

UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

RX packets:2188962 errors:0 dropped:0 overruns:0 frame:0

TX packets:1136096 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:3244181923 (3.0 GiB) TX bytes:94339990 (89.9 MiB)

Interrupt:16

vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link

UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

RX packets:1136096 errors:0 dropped:0 overruns:0 frame:0

TX packets:2188964 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:89795414 (85.6 MiB) TX bytes:3235426395 (3.0 GiB)

virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00

inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0

inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:45 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 b) TX bytes:9984 (9.7 KiB)

xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

RX packets:15304 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:2090964 (1.9 MiB) TX bytes:0 (0.0 b)

[root@dhcp-0-122 misc]#

安装虚拟机

[root@dhcp-0-122 misc]# virt-install --name=vm1 --file=/dev/vg0/vm1 --ram=512 --nographics --location=ftp://192.168.122.1/install --brdge=virbr0

然后就开始安装了

如何在文本界面下安装一个linux的具体细节不在本篇讨论范围之内。

配置私有网络

由于种种原因，你的DomainU需要加入一个私有网络，不能连入共有网络，比如当你无聊做个DHCP服务器的时候。

Xen常用的管理工具有xm和virsh。其子命令以及参数繁多，可看manpage参考。

这里有几条常用命令：

xm list

列出所有domain

xm create [domain-name | domain-id]

从配置文件创建domain，配置文件的位置默认在/etc/xen/目录下。

xm shutdown [domain-name | domain-id]

关闭domain

xm destroy [domain-name | domain-id]

摧毁domain，相当于直接拉机器的电闸

xm console [domain-name | domain-id]

连接到domain的 串口，可和xm create结合使用：xm craete [domain-name | domain-id] -c

这是目前的网络状况：

[root@dhcp-0-122 misc]# ifconfig

eth0 Link encap:Ethernet HWaddr 00:18:8B:0E:32:24

inet addr:10.66.0.122 Bcast:10.66.1.255 Mask:255.255.254.0

inet6 addr: fe80::218:8bff:fe0e:3224/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:2219611 errors:0 dropped:0 overruns:0 frame:0

TX packets:1139993 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:3239956666 (3.0 GiB) TX bytes:90397038 (86.2 MiB)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:4405 errors:0 dropped:0 overruns:0 frame:0

TX packets:4405 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:20662633 (19.7 MiB) TX bytes:20662633 (19.7 MiB)

peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link

UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

RX packets:2219609 errors:0 dropped:0 overruns:0 frame:0

TX packets:1140011 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:3248834948 (3.0 GiB) TX bytes:94959471 (90.5 MiB)

Interrupt:16

vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link

UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

RX packets:1139993 errors:0 dropped:0 overruns:0 frame:0

TX packets:2219611 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:90397038 (86.2 MiB) TX bytes:3239956666 (3.0 GiB)

vif4.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link

UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

RX packets:48 errors:0 dropped:0 overruns:0 frame:0

TX packets:35 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:32

RX bytes:9236 (9.0 KiB) TX bytes:2400 (2.3 KiB)

virbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0

inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:186944 errors:0 dropped:0 overruns:0 frame:0

TX packets:406219 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:9946768 (9.4 MiB) TX bytes:557860551 (532.0 MiB)

xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

RX packets:38089 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:5234164 (4.9 MiB) TX bytes:0 (0.0 b)

[root@dhcp-0-122 misc]# xm list

Name ID Mem(MiB) VCPUs State Time(s)

Domain-0 0 1508 2 r----- 976.0

vm1 4 511 1 -b---- 17.0

[root@dhcp-0-122 misc]# brctl show

bridge name bridge id STP enabled interfaces

virbr0 8000.feffffffffff yes vif4.0

xenbr0 8000.feffffffffff no peth0

vif0.0

[root@dhcp-0-122 misc]#

Domain vm1是连接到virbr0这个桥的。

在配置文件里面我们也可以看到

[root@dhcp-0-122 misc]# cat /etc/xen/vm1

name = "vm1"

uuid = "93a47e55-6844-f3fb-a1f0-5eff07a80478"

maxmem = 512

memory = 512

vcpus = 1

bootloader = "/usr/bin/pygrub"

on_poweroff = "destroy"

on_reboot = "restart"

on_crash = "restart"

vfb = [ ]

disk = [ "phy:/dev/vg0/vm1,xvda,w" ]

vif = [ "mac=00:16:3e:5c:d2:70,bridge=virbr0" ]

[root@dhcp-0-122 misc]#

我们可以通过vif参数的bridge属性选择Domain U桥接到哪个桥。

创建一个私有桥

[root@dhcp-0-122 misc]# brctl

Usage: brctl [commands]

commands:

addbr add bridge

delbr delete bridge

addif add interface to bridge

delif delete interface from bridge

setageing set ageing time

setbridgeprio set bridge priority

setfd set bridge forward delay

sethello set hello time

setmaxage set max message age

setpathcost set path cost

setportprio set port priority

show show a list of bridges

showmacs show a list of mac addrs

showstp show bridge stp info

stp {on|off} turn stp on/off

[root@dhcp-0-122 misc]# brctl addbr mybr0

[root@dhcp-0-122 misc]# ifconfig mybr0 up

[root@dhcp-0-122 misc]# ifconfig mybr0 192.168.0.1

[root@dhcp-0-122 misc]# ifconfig

eth0 Link encap:Ethernet HWaddr 00:18:8B:0E:32:24

inet addr:10.66.0.122 Bcast:10.66.1.255 Mask:255.255.254.0

inet6 addr: fe80::218:8bff:fe0e:3224/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:2221957 errors:0 dropped:0 overruns:0 frame:0

TX packets:1140296 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:3240314113 (3.0 GiB) TX bytes:90443364 (86.2 MiB)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:4429 errors:0 dropped:0 overruns:0 frame:0

TX packets:4429 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:20665225 (19.7 MiB) TX bytes:20665225 (19.7 MiB)

mybr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00

inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0

inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:27 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 b) TX bytes:9632 (9.4 KiB)

peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link

UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

RX packets:2221953 errors:0 dropped:0 overruns:0 frame:0

TX packets:1140314 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:3249201451 (3.0 GiB) TX bytes:95007027 (90.6 MiB)

Interrupt:16

vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link

UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

RX packets:1140296 errors:0 dropped:0 overruns:0 frame:0

TX packets:2221957 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:90443364 (86.2 MiB) TX bytes:3240314113 (3.0 GiB)

vif4.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link

UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

RX packets:48 errors:0 dropped:0 overruns:0 frame:0

TX packets:201 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:32

RX bytes:9236 (9.0 KiB) TX bytes:11032 (10.7 KiB)

virbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0

inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:186944 errors:0 dropped:0 overruns:0 frame:0

TX packets:406219 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:9946768 (9.4 MiB) TX bytes:557860551 (532.0 MiB)

xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

RX packets:39981 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:5501810 (5.2 MiB) TX bytes:0 (0.0 b)

[root@dhcp-0-122 misc]#

大家可以看到一个桥就做出来了。

现在我们把虚拟机桥接到mybr0

修改Domain vm1的配置文件

[root@dhcp-0-122 misc]# cat /etc/xen/vm1

name = "vm1"

uuid = "93a47e55-6844-f3fb-a1f0-5eff07a80478"

maxmem = 512

memory = 512

vcpus = 1

bootloader = "/usr/bin/pygrub"

on_poweroff = "destroy"

on_reboot = "restart"

on_crash = "restart"

vfb = [ ]

disk = [ "phy:/dev/vg0/vm1,xvda,w" ]

vif = [ "mac=00:16:3e:5c:d2:70,bridge=mybr0" ]

[root@dhcp-0-122 misc]#

重新启动虚拟机使其读取新配置

[root@dhcp-0-122 misc]# xm list

Name ID Mem(MiB) VCPUs State Time(s)

Domain-0 0 1508 2 r----- 1022.0

vm1 7 512 1 -b---- 0.5

[root@dhcp-0-122 misc]# xm destroy vm1

[root@dhcp-0-122 misc]# xm create vm1 -c

在虚拟机vm1里面配置网络

[root@vm1 ~]# ifconfig

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:8 errors:0 dropped:0 overruns:0 frame:0

TX packets:8 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:560 (560.0 b) TX bytes:560 (560.0 b)

[root@vm1 ~]# system-config-network-tui

[root@vm1 ~]# service network restart

Shutting down loopback interface: [ OK ]

Bringing up loopback interface: [ OK ]

Bringing up interface eth0: [ OK ]

[root@vm1 ~]# ifconfig

eth0 Link encap:Ethernet HWaddr 00:16:3E:5C:D2:70

inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0

inet6 addr: fe80::216:3eff:fe5c:d270/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:27 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:0 (0.0 b) TX bytes:6262 (6.1 KiB)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:8 errors:0 dropped:0 overruns:0 frame:0

TX packets:8 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:560 (560.0 b) TX bytes:560 (560.0 b)

[root@vm1 ~]#

我们检查一下配置是否正确

在虚拟机vm1里面操作

[root@vm1 ~]# ping 192.168.0.1 -c 4

PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.

64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=1.31 ms

64 bytes from 192.168.0.1: icmp_seq=2 ttl=64 time=0.104 ms

64 bytes from 192.168.0.1: icmp_seq=3 ttl=64 time=0.107 ms

64 bytes from 192.168.0.1: icmp_seq=4 ttl=64 time=0.108 ms

--- 192.168.0.1 ping statistics ---

4 packets transmitted, 4 received, 0% packet loss, time 3001ms

rtt min/avg/max/mdev = 0.104/0.408/1.314/0.523 ms

[root@vm1 ~]# route

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

192.168.0.0 * 255.255.255.0 U 0 0 0 eth0

169.254.0.0 * 255.255.0.0 U 0 0 0 eth0

default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0

[root@vm1 ~]#

在domain0里操作

[root@dhcp-0-122 misc]# ping 192.168.0.2 -c 4

PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.

64 bytes from 192.168.0.2: icmp_seq=1 ttl=64 time=0.246 ms

64 bytes from 192.168.0.2: icmp_seq=2 ttl=64 time=0.127 ms

64 bytes from 192.168.0.2: icmp_seq=3 ttl=64 time=0.129 ms

64 bytes from 192.168.0.2: icmp_seq=4 ttl=64 time=0.115 ms

--- 192.168.0.2 ping statistics ---

4 packets transmitted, 4 received, 0% packet loss, time 3000ms

rtt min/avg/max/mdev = 0.115/0.154/0.246/0.053 ms

[root@dhcp-0-122 misc]# route

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

192.168.0.0 * 255.255.255.0 U 0 0 0 mybr0

192.168.122.0 * 255.255.255.0 U 0 0 0 virbr0

10.66.0.0 * 255.255.254.0 U 0 0 0 eth0

169.254.0.0 * 255.255.0.0 U 0 0 0 eth0

default 10.66.1.254 0.0.0.0 UG 0 0 0 eth0

[root@dhcp-0-122 misc]# brctl show

bridge name bridge id STP enabled interfaces

mybr0 8000.feffffffffff no vif8.0

virbr0 8000.000000000000 yes

xenbr0 8000.feffffffffff no peth0

vif0.0

[root@dhcp-0-122 misc]# xm list

Name ID Mem(MiB) VCPUs State Time(s)

Domain-0 0 1508 2 r----- 1048.8

vm1 8 511 1 -b---- 18.5

[root@dhcp-0-122 misc]#

可以看到Domain Id为8的Domain是加入桥mybr0了。

但是这样有一个不足。

brctl添加的桥是动态的。只要重启物理机，桥就会失效。

所以我要把添加桥的操作写到配置脚本里面。

配置在虚拟机启动时自动搭建桥

我们在Domain0里面操作

[root@dhcp-0-122 misc]# cd /etc/xen/

[root@dhcp-0-122 xen]# pwd

/etc/xen

[root@dhcp-0-122 xen]# tree

.

|-- auto

|-- qemu-ifup

|-- scripts

| |-- blktap

| |-- block

| |-- block-common.sh

| |-- block-enbd

| |-- block-nbd

| |-- external-device-migrate

| |-- locking.sh

| |-- logging.sh

| |-- network-bridge

| |-- network-nat

| |-- network-route

| |-- vif-bridge

| |-- vif-common.sh

| |-- vif-nat

| |-- vif-route

| |-- vtpm

| |-- vtpm-common.sh

| |-- vtpm-delete

| |-- vtpm-hotplug-common.sh

| |-- vtpm-impl

| |-- vtpm-migration.sh

| |-- xen-hotplug-cleanup

| |-- xen-hotplug-common.sh

| |-- xen-network-common.sh

| `-- xen-script-common.sh

|-- vm1

|-- xend-config.sxp

|-- xend-pci-permissive.sxp

|-- xend-pci-quirks.sxp

|-- xmexample.hvm

|-- xmexample.vti

|-- xmexample1

`-- xmexample2

2 directories, 34 files

[root@dhcp-0-122 xen]#

xend-config.sxp是xend的主要配置文件。

scripts是xen的脚本存放目录，里面也存放了xen的网络初始化脚本。

Red Hat Enterprise Linux 5 update如果安装了xen包，便自带了这几个网络初始化脚本供用户选择

[root@dhcp-0-122 xen]# ls scripts/network-*

scripts/network-bridge scripts/network-nat scripts/network-route

[root@dhcp-0-122 xen]#

我们看下xend-config.sxp这个配置文件

[root@dhcp-0-122 xen]# cat xend-config.sxp | grep -v "#"

(xend-unix-server yes)

(xend-unix-path /var/lib/xend/xend-socket)

(xend-relocation-hosts-allow '^localhost$ ^localhost\\.localdomain$')

(network-script network-bridge)

(vif-script vif-bridge)

(dom0-min-mem 256)

(dom0-cpus 0)

(vncpasswd '')

[root@dhcp-0-122 xen]#

脚本调用了network-bridge这个脚本。

我们要做的就是改成调用我们自己写的初始化脚本。

我们创建一个新脚本

[root@dhcp-0-122 xen]# vim /etc/xen/scripts/network-custom

内容如下

#!/bin/bash

brctl addbr mybr0

ifconfig mybr0 up

ifconfig mybr0 192.168.0.1

添加脚本可执行的权限

[root@dhcp-0-122 xen]# chmod 755 /etc/xen/scripts/network-custom.sh

[root@dhcp-0-122 xen]#

修改xend-config.sxp

(network-script network-bridge) 为 (network-script network-custom)

这样自己做的私有桥就不会因为物理机重启而消失了。

但是这样有一个不足：

大家重启物理机后，查看下网络情况：

[root@dhcp-0-122 ~]# ifconfig

eth0 Link encap:Ethernet HWaddr 00:18:8B:0E:32:24

inet addr:10.66.0.122 Bcast:10.66.1.255 Mask:255.255.254.0

inet6 addr: fe80::218:8bff:fe0e:3224/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:182 errors:0 dropped:0 overruns:0 frame:0

TX packets:222 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:32794 (32.0 KiB) TX bytes:35161 (34.3 KiB)

Interrupt:16

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:1534 errors:0 dropped:0 overruns:0 frame:0

TX packets:1534 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:4559456 (4.3 MiB) TX bytes:4559456 (4.3 MiB)

mybr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00

inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0

inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:27 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 b) TX bytes:10130 (9.8 KiB)

virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00

inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0

inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:45 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 b) TX bytes:10084 (9.8 KiB)

[root@dhcp-0-122 ~]#

xenbr0这个桥接到物理网卡peth0的桥不见了！

怎么办？

在xend-config.sxp里面多加一个(network-script network-bridge)吗？

这样是没用的。xend只会读取第一个解析到的network-script。

但是，我们可以这么做，使得我们的network-custom脚本既创建一个私有桥，又保留了network-bridge脚本的功能。

我们重新编辑/etc/xen/scripts/network-custom

修改成

#!/bin/bash

. /etc/xen/scripts/network-bridge

brctl addbr mybr0

ifconfig mybr0 up

ifconfig mybr0 192.168.0.1

这样就可以了。