Page not found – ShopingServer Wiki

RHEL / CentOS 6.x KVM Virtualization Installation and Configuration Guide

msrxp — Sat, 06 Jan 2018 09:08:49 +0000

ow do I setup and manage a virtualized environment with Kernel based Virtual Machine (KVM) in CentOS or Red Hat Enterpise Linux version 6 server on IBM server? Can you provide step-by-step commands of how to install and manage Virtual Machines (VMs) on a physical server using KVM for RHEL/CentOS version 6.4?

KVM is part of RHEL and CentOS Linux. You can easily install the same using the following commands. Please note that only the package names have changed in RHEL/CentOS 6.x. If you are using RHEL / CentOS 5.x, read our previous CentOS / Redhat (RHEL) v.5.x KVM Virtulization guide for more information.

Install required KVM RPMs/packages

Type the following yum command

# yum groupinstall Virtualisation Tools Virtualization Platform

# yum install python-virtinst

# yum install kvm qemu-kvm python-virtinst libvirt libvirt-python virt-manager libguestfs-tools

Sample outputs:

Loaded plugins: product-id, protectbase, rhnplugin

This system is receiving updates from RHN Classic or RHN Satellite.

0 packages excluded due to repository protections

Setting up Install Process

Package libvirt-0.10.2-18.el6_4.15.x86_64 already installed and latest version

Resolving Dependencies

–> Running transaction check

—> Package libguestfs-tools.x86_64 1:1.16.34-2.el6 will be installed

–> Processing Dependency: libguestfs-tools-c = 1:1.16.34-2.el6 for package: 1:libguestfs-tools-1.16.34-2.el6.x86_64

….

spice-glib.x86_64 0:0.14-7.el6_4.3

spice-gtk.x86_64 0:0.14-7.el6_4.3

spice-gtk-python.x86_64 0:0.14-7.el6_4.3

spice-server.x86_64 0:0.12.0-12.el6_4.5

vgabios.noarch 0:0.6b-3.7.el6

vte.x86_64 0:0.25.1-8.el6_4

Complete!

Turn on libvirtd service

The libvirtd program is the server side daemon component of the libvirt virtualization management system. Type the following chkconfig command to turn it on:

# chkconfig libvirtd on

Start the libvirtd service by typing the following service command:

# service libvirtd start

Sample outputs:

Starting libvirtd daemon: [ OK ]

You can verify the libvirtd service by tying the following commands:

# service libvirtd status

libvirtd (pid 31128) is running…

# virsh -c qemu:///system list

Id Name State

Sample setup

+————-+

| CentOS/RHEL | |—–|

–>ISP router—+ Box Host w/ +— eth0 –>-+ br0 + Private IP

| KVM | | |

+————-+— eth1 –>-+ br1 | Public IP

|—–|

vm1-+—vm2—-vm3—vm4

*** NOTE: each VMs will have two interface i.e. Private and Public *****

Where,

eth0 – KVM servers’ LAN interface.

eth1 – KVM servers’ WAN/Internet interface.

br0 – KVM servers’ bridge interface to give VM direct access to all the resources on the LAN.

br1 – KVM servers’ bridge interface to give VM direct access to all the resources on the WAN/Internet. Users can ssh into VMs or you can host HTTPD/SMTPD using this interface.

obsd-vm1 (vm1) – OpenBSD VM name.

rhel-vm1 (vm2) – RHEL VM name.

Install and configure a network bridge

All VMs will only have network access to host and other VMs on same physical server via private network. You need to crate a network bridge so that the VMs can access your LAN and possible the Internet/WAN from outside. Type the following yum command to install bridge-utils package:

# yum install bridge-utils

Setup a default gateway

Edit /etc/sysconfig/network as follows

# cat /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=kvm-42.cyberciti.biz

I am routing internet traffic via br1 ##

GATEWAYDEV=br1

Configure bridging

Update /etc/sysconfig/network-scripts/ifcfg-eth0 (private) as follows:

# cat /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

ONBOOT=yes

HWADDR=00:30:48:C6:0A:D8

BRIDGE=br0

Update /etc/sysconfig/network-scripts/ifcfg-eth1 (public) as follows:

# cat /etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE=eth1

ONBOOT=yes

HWADDR=00:30:48:C6:0A:D9

BRIDGE=br1

Create/edit the /etc/sysconfig/network-scripts/ifcfg-br0 file to setup private/lan ip address for br0:

# cat /etc/sysconfig/network-scripts/ifcfg-br0

DEVICE=br0

TYPE=Bridge

BOOTPROTO=static

ONBOOT=yes

setup LAN/VLAN ips as per your needs ##

IPADDR=10.10.29.66

NETMASK=255.255.255.192

DELAY=0

Create/edit the /etc/sysconfig/network-scripts/ifcfg-br1 file to setup public/wan/internet ip address for br1:

# cat /etc/sysconfig/network-scripts/ifcfg-br1

DEVICE=br1

TYPE=Bridge

BOOTPROTO=static

ONBOOT=yes

setup INTERNET ips as per your needs ##

IPADDR=74.ww.xx.yy

NETMASK=255.255.255.248

GATEWAY=74.ww.xx.yy

DELAY=0

I need to route all lan traffic (subnet 10.0.0.0/8) via 10.10.29.65 gateway. Create/edit file /etc/sysconfig/network-scripts/route-br0 as follows:

# cat /etc/sysconfig/network-scripts/route-br0

10.0.0.0/8 via 10.10.29.65

Warning: Restarting network service over the ssh session may result into total loss of the connectivity to the server. So make sure br0 and br1 configuration including routing set correctly.

A note about SELinux

I have not disabled SELinux on CentOS / RHEL. I do not recommend disabling SELinux. So make sure the config file has correct SELinux permissions:

# ls -Z /etc/sysconfig/network-scripts/{route-br0,ifcfg-eth?,ifcfg-br?}

Sample outputs:

-rw-r–r–. root root system_u:object_r:net_conf_t:s0 /etc/sysconfig/network-scripts/ifcfg-br0

-rw-r–r–. root root system_u:object_r:net_conf_t:s0 /etc/sysconfig/network-scripts/ifcfg-br1

-rw-r–r–. root root system_u:object_r:net_conf_t:s0 /etc/sysconfig/network-scripts/ifcfg-eth0

-rw-r–r–. root root system_u:object_r:net_conf_t:s0 /etc/sysconfig/network-scripts/ifcfg-eth1

-rw-r–r–. root root system_u:object_r:net_conf_t:s0 /etc/sysconfig/network-scripts/route-br0

Use restorecon command to set or restore file(s) default SELinux security contexts:

# restorecon -Rv /etc/sysconfig/

If you are going to reboot the SELinux enabled server, make sure you type the following command:

# touch /.autorelabel

# reboot

Restart the networking service

Type the following command to restart networking on RHEL/CentOS/SL:

# service network restart

Verify br0/br1 settings

Type the following commands:

# brctl show

# ip addr show br0

# ip addr show br1

# ip route

# ping cyberciti.biz

Creating VMs

You need to use virt-install command.

Example: Create OpenBSD VM

Grab, installation media:

# cd /var/lib/libvirt/boot/

# wget http://ftp.openbsd.org/pub/OpenBSD/5.4/amd64/install54.iso

In this example, I am using virt-install to create a OpenBSD 5.4_amd64 VM named obsd-vm1 with one virtual CPU, 1 GB memory and 10 GB of disk space:

# virt-install \

-n obsd-vm1 \

–description cyberciti.biz OpenBSD 5.4 64 bit VM1 \

–ram=1024 \

–vcpus=1 \

–cpu host \

–os-variant=openbsd4 \

–accelerate \

–hvm \

–cdrom /var/lib/libvirt/boot/install54.iso \

–network bridge:br0,model=virtio –network bridge:br1,model=virtio \

–graphics vnc \

–disk path=/var/lib/libvirt/images/openbsd-vm1-cyberciti.biz.img,bus=virtio,size=10

VIRT-INSTALL OPTIONS

-n obsd-vm1 : The name of the VM.

–description cyberciti.biz OpenBSD 5.4 64 bit VM1 : The long description of the VM.

–ram=1024 : 1024MB is the amount of memory allocated to the VM.

–vcpus=1 : The number of virtual CPU(s) for the VM.

–cpu host : Optimize CPU properties for the VM.

–os-variant=openbsd4 : This is the VM OS type.

–accelerate : Prefer KVM or KQEMU (in that order) if installing a QEMU guest. This option is no longer required.

–hvm : Request the use of full virtualization.

–cdrom /var/lib/libvirt/boot/install54.iso : Install OpeBSD v5.4 from an iso the location parameter.

–network bridge:br0,model=virtio –network bridge:br1,model=virtio : Create a network bridge using br0 and br1 i.e. the VM will have two network interface for LAN and Internet.

–graphics vnc : Use VNC to access installation using vnc server/viewer from your local Linux/OSX/Unix/Windows desktop.

–disk path=/var/lib/libvirt/images/openbsd-vm1-cyberciti.biz.img,bus=virtio,size=10 : This is is the image file for the VM, the size is specified in GBs and I am forcing vio driver. The virtio driver provides support service for paravirtualized devices using the VirtIO protocol.

How do I connect to OpenBSD installer from my local desktop?

Type the following command on your local desktop:

# ssh -L 5900:127.0.0.1:5900 root@KVM-Server-IP-Here

# ssh -L 5900:127.0.0.1:5900 -N -f -l root kvm-42.cyberciti.biz

Use VNC client to connect to 127.0.0.1:5900. Now, just follow on-screen instructions:

Fig.01: OpenBSD installation started over the VNC session

Before rebooting the installer make sure you setup com0 console for the VM. For example, for a OpenBSD VM, append the following parameters to the file /etc/boot.conf and then reboot the VM:

stty com0 115200

set tty com0

See how to stup SSH to tunnel VNC traffic though the Internets for more information.

How do I start my VM after OpenBSD install is finished?

The virt-install will create a config file for VM at /etc/libvirt/qemu/obsd-vm1.xml. To start VM called obsd-vm1, enter:

# virsh start obsd-vm1

How do I access a VMs console?

# virsh console obsd-vm1

Sample outputs:

Fig.02: Getting access to a OpenBSD VM console when networking is down

Final example: Create RHEL VM using DVD

Type the following command:

# virt-install \

–name RHEL-vm1 \

–description cyberciti.biz RHEL 6.4 64 bit VM1 \

–ram=2048 \

–vcpus=2 \

–disk path=/var/lib/libvirt/images/rhel-vm1-cyberciti.biz.img,size=20 \

–cdrom /var/lib/libvirt/boot/RHEL.6.4.Server-DVD1.iso \

–network bridge:br0 –network bridge:br1 \

–graphics vnc

Before rebooting the installer make sure you setup com0 console for the VM. For example, for a RHEL/CentOS VM, append the following parameters to the kernel boot line in /boot/grub.conf file and then reboot the VM:

console=tty0 console=ttyS1,19200n8

Stay tuned for the following advanced topics in RHEL/CentOS v6.x KVM (rss) series:

Firewall, kVM & VMs security configuration.

Attaching storage device to a VM.

Changing VM parameters such as RAM, CPU, Disk and more.

Managing and cloning VMs and more.

How To Patch and Protect Linux Server Against the VENOM Vulnerability # CVE-2015-3456

msrxp — Fri, 05 Jan 2018 15:17:24 +0000

very serious security problem has been found in the virtual floppy drive QEMU’s code used by many computer virtualization platforms including Xen, KVM, VirtualBox, and the native QEMU client. It is called VENOM vulnerability. How can I fix VENOM vulnerability and protect my Linux server against the attack? How do I verify that my server has been fixed against the VENOM vulnerability?

This is tagged as high severity security bug and it was announced on 13th May 2015. The VENOM vulnerability has existed since 2004, when the virtual Floppy Disk Controller was first added to the QEMU codebase. Since the VENOM vulnerability exists in the hypervisorâ€s codebase, the vulnerability is agnostic of the host operating system (Linux, Windows, Mac OS, etc.).

What is the VENOM security bug (CVE-2015-3456)?

From the RHEL bugzilla:

An out-of-bounds memory access flaw was found in the way QEMU’s virtual Floppy Disk Controller (FDC) handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileges of the hosting QEMU process.

Fig.01 Venom bug

This issue affects the versions of the kvm, xen, and QEMU packages while VMware, Hyper-V, and Bochs are unaffected. This issue affects all x86 and x86-64 based HVM Xen and QEMU/KVM guests, regardless of their machine type.

A list of affected Linux distros

RHEL (Red Hat Enterprise Linux) version 5.x, 6.x and 7.x

CentOS Linux version 5.x, 6.x and 7.x

OpenStack 5 for RHEL 6

OpenStack 4 for RHEL 6

OpenStack 5 for RHEL 7

OpenStack 6 for RHEL 7

Red Hat Enterprise Virtualization 3

Debian Linux code named stretch, sid, jessie, squeeze, and wheezy [and all other distro based on Debian]

SUSE Linux Enterprise Server 10 Service Pack 4 (SLES 10 SP3)

SUSE Linux Enterprise Server 10 Service Pack 4 (SLES 10 SP4)

SUSE Linux Enterprise Server 11 Service Pack 1 (SLES 11 SP1)

SUSE Linux Enterprise Server 11 Service Pack 2 (SLES 11 SP2)

SUSE Linux Enterprise Server 11 Service Pack 3 (SLES 11 SP3)

SUSE Linux Enterprise Server 12

SUSE Linux Enterprise Expanded Support 5, 6 and 7

Ubuntu 12.04

Ubuntu 14.04

Ubuntu 14.10

Ubuntu 15.04

Fix the VENOM vulnerability on a CentOS/RHEL/Fedora/Scientific Linux

Type the following yum command as the root user:

sudo yum clean all

sudo yum update

Reboot all your virtual machines on those hypervisors.

Fix the VENOM vulnerability on a Debian Linux

Type the following apt-get command as the root user:

sudo apt-get clean

sudo apt-get update

sudo apt-get upgrade

Reboot all your virtual machines on those hypervisors.

Fix the VENOM vulnerability on a Ubuntu Linux

Type the following apt-get command as the root user:

sudo apt-get clean

sudo apt-get update

sudo apt-get upgrade

Reboot all your virtual machines on those hypervisors.

Fix the VENOM vulnerability for Oracle VirtualBox on a Linux/OSX/MS-Windows/Solaris Unix

You need to download and update a VirtualBox 4.3 maintenance release by visiting this page.

Do I need to reboot my host server?

No need to reboot the host server. But, you need to reboot all your virtual machines on those hypervisors. This cannot be avoided. Sample commands to get list, stop, and start KVM,QEMU are as follows:

Following the update, the guests (virtual machines) ##

need to be powered off and started up again for the update to take effect. ##

Reboot a vm will not work ##

List all running vms ##

virsh list –all

Stop vm called db1 ##

virsh shutdown db1

Again start vm called db1 ##

virsh start db1

See “KVM: Starting / Stopping Guest Operating Systems With virsh Command” for more info.

General workaround (may not work at all so patch ASAP)

The emulated floppy seems to be loaded by default in qemu and kvm. You can disable the floopy support and start qemu without floppy emulation but vga enabled (or any other option as required):

qemu -nodefaults -vga std …

Another workaround on CentOS/SUSE/Red hat Linux Enterprise Server is to manage the virtual machines by libvirt. See libvirt and qemu man pages for more info.

More info

See the following external links for more info on this bug:

Debian Linux security tracker

RHEL security tracker

Original CrowdStrike announcement

Xen security tracker

qemu/KVM/Xen: floppy driver allows VM escape (“VENOM” vulnerability, CVE-2015-3456)

How to update Debian or Ubuntu Linux containers (lxc) VM

msrxp — Fri, 05 Jan 2018 15:02:40 +0000

‘m using LXC (Linux Containers) a virtualization system running on a Ubuntu LTS. How can I update all my Ubuntu or Debian Linux based guests containers VM from host operating system?

Container is not new technology. A large number of Unix-like system already have developed powerful container based virtualization solutions such as FreeBSD jails, OpenVZ, Solaris Zones and more. The LXC is very fast efficient virtualization. An OS kernel (host) gives different views of the system to different running processes. This is also know as sandboxing or compartmentalization of CPU, and other resources. This is useful to increase server and application security and efficiency.

Fig. 01: Sample Linux Containers

Security 101: Keep Linux kernel and software up to date

Applying security patches is an important part of maintaining Linux server. Linux provides all necessary tools to keep your system updated, and also allows for easy upgrades between versions. You can use the RPM package manager such as yum command and/or apt-get command to apply all security updates:

[www-container]# yum update

[www-container]# apt-get update && apt-get upgrade

List the containers existing on the system

Type the following command on host:

# lxc-ls -1

# lxc-ls

Sample outputs:

dnsvm wwwvm mysqlvm memcache

Applying update from host to Linux containers using lxc-attach command

The syntax is as follows for Debian/Ubuntu based LXC guest vm:

[hostOS]# lxc-attach -n VM-NAME-HERE apt-get update

[hostOS]# lxc-attach -n VM-NAME-HERE apt-get -y upgrade

To run command on mysqlvm, type:

[hostOS]# lxc-attach -n mysqlvm apt-get update

[hostOS]# lxc-attach -n mysqlvm apt-get -y upgrade

The syntax is as follows for CentOS/RHEL/Fedora Linux based LXC guest vm:

[hostOS]# lxc-attach -n VM-NAME-HERE yum update -y

To run command on wwwvm vm, run:

[hostOS]# lxc-attach -n wwwvm yum update -y

A sample shell script to update all Debian/Ubuntu LXC vms

#!/bin/bash

# Purpose: Update all lxc vms

# Note: Tested on Ubuntu LTS only

# Author: Vivek Gite , under GPL v2+

# ——————————————————-

# Get the vm list

vms= $(lxc-ls –active)

# Update each vm

update_vm(){

local vm= $1

echo *** [VM: $vm [$(hostname) @ $(date)] ] ***

/usr/bin/lxc-attach -n $vm apt-get — -qq update

/usr/bin/lxc-attach -n $vm apt-get — -qq -y upgrade

/usr/bin/lxc-attach -n $vm apt-get — -qq -y clean

/usr/bin/lxc-attach -n $vm apt-get — -qq -y autoclean

# Note for RHEL/CentOS/Fedora Linux comment above two line and uncomment the following line #

# lxc-attach -n $vm yum -y update

echo —————————————————————–

}

# Do it

for v in $vms

update_vm $v

done

Run it as follows:

# ~/bin/lxc-update-vm.sh

Sample outputs:

*** [VM: wwwvm [server1 @ Wed Jul 22 12:31:12 CDT 2015] ] ***

(Reading database … 20514 files and directories currently installed.)

Preparing to unpack …/mysql-common_5.5.44-0ubuntu0.14.04.1_all.deb …

Unpacking mysql-common (5.5.44-0ubuntu0.14.04.1) over (5.5.43-0ubuntu0.14.04.1) …

Preparing to unpack …/libmysqlclient18_5.5.44-0ubuntu0.14.04.1_amd64.deb …

Unpacking libmysqlclient18:amd64 (5.5.44-0ubuntu0.14.04.1) over (5.5.43-0ubuntu0.14.04.1) …

Preparing to unpack …/linux-libc-dev_3.13.0-58.97_amd64.deb …

Unpacking linux-libc-dev:amd64 (3.13.0-58.97) over (3.13.0-57.95) …

Preparing to unpack …/mysql-client_5.5.44-0ubuntu0.14.04.1_all.deb …

Unpacking mysql-client (5.5.44-0ubuntu0.14.04.1) over (5.5.43-0ubuntu0.14.04.1) …

Preparing to unpack …/mysql-client-5.5_5.5.44-0ubuntu0.14.04.1_amd64.deb …

Unpacking mysql-client-5.5 (5.5.44-0ubuntu0.14.04.1) over (5.5.43-0ubuntu0.14.04.1) …

Preparing to unpack …/mysql-client-core-5.5_5.5.44-0ubuntu0.14.04.1_amd64.deb …

Unpacking mysql-client-core-5.5 (5.5.44-0ubuntu0.14.04.1) over (5.5.43-0ubuntu0.14.04.1) …

Setting up mysql-common (5.5.44-0ubuntu0.14.04.1) …

Setting up libmysqlclient18:amd64 (5.5.44-0ubuntu0.14.04.1) …

Setting up linux-libc-dev:amd64 (3.13.0-58.97) …

Setting up mysql-client-core-5.5 (5.5.44-0ubuntu0.14.04.1) …

Setting up mysql-client-5.5 (5.5.44-0ubuntu0.14.04.1) …

Setting up mysql-client (5.5.44-0ubuntu0.14.04.1) …

Processing triggers for libc-bin (2.19-0ubuntu6.6) …

*** [VM: memcachevm [server1 @ Wed Jul 22 12:31:23 CDT 2015] ] ***

*** [VM: nixcraftvm [server1 @ Wed Jul 22 12:31:28 CDT 2015] ] ***

*** [VM: dbvm [server1 @ Wed Jul 22 12:31:34 CDT 2015] ] ***

(Reading database … 15085 files and directories currently installed.)

Preparing to unpack …/mysql-common_5.5.44-0ubuntu0.14.04.1_all.deb …

Unpacking mysql-common (5.5.44-0ubuntu0.14.04.1) over (5.5.43-0ubuntu0.14.04.1) …

Preparing to unpack …/libmysqlclient18_5.5.44-0ubuntu0.14.04.1_amd64.deb …

Unpacking libmysqlclient18:amd64 (5.5.44-0ubuntu0.14.04.1) over (5.5.43-0ubuntu0.14.04.1) …

Setting up mysql-common (5.5.44-0ubuntu0.14.04.1) …

Setting up libmysqlclient18:amd64 (5.5.44-0ubuntu0.14.04.1) …

Processing triggers for libc-bin (2.19-0ubuntu6.6) …

*** [VM: testingvm [server1 @ Wed Jul 22 12:31:44 CDT 2015] ] ***

How to install KVM on Ubuntu 14.04 LTS Headless Server

msrxp — Fri, 05 Jan 2018 12:12:29 +0000

ernel-based Virtual Machine (KVM) is a virtualization module for the Linux kernel that turns it into a hypervisor. How can I install KVM, setup guest operating system as the back-end virtualization technology for non-graphic Ubuntu Linux 14.04 LTS server?

You can use KVM to run multiple operating systems such as Windows, *BSD, Linux distro using virtual machines. Each virtual machine has its private disk, graphics card, a network card and more.

What is a hypervisor?

KVM is a hypervisor that creates and run virtual machines. A server on which a hypervisor is running is called as a host machine. Each virtual machine is referred to as a guest machine. Using KVM, you can run multiple operating systems such as CentOS, OpenBSD, FreeBSD, MS-Windows running unmodified.

Fig.01: What is KVM hypervisor?

Steps for installing KVM on Ubuntu Linux 14.04 LTS

The host server located in the remote data center and it is a headless server.

All commands in this tutorial typed over the ssh based session.

You need a vnc client to install the guest operating system.

In this tutorial, you will learn how to install KVM software on Ubuntu and use KVM to setup your first guest VM.

Find out if server is capable of running hardware accelerated KVM vm

You need to use the kvm-ok command to determine if the server can host hardware accelerated KVM virtual machines. First install cpu-checker package using the following apt-get command:

$ sudo apt-get install cpu-checker

Sample outputs:

Fig.02: Installing cpu-checker on Ubuntu Linux

Next, run the following command:

$ sudo kvm-ok

Sample outputs:

INFO: /dev/kvm exists

KVM acceleration can be used

Install kvm on Ubuntu Linux

Type the following apt-get command to install kvm and related software:

$ sudo apt-get install qemu-kvm libvirt-bin virtinst bridge-utils

Sample outputs:

Fig.03: Installing kvm on Ubuntu Linux using apt-get

Default configuration locations

Default directory: /var/lib/libvirt/

ISO images for installation: /var/lib/libvirt/boot/

VM installation directory: /var/lib/libvirt/images/

Libvirt configuration directory for LVM/LXC/qemu: /etc/libvirt/

More about the default networking for VM

The default networking is called ‘default’. To list networks, enter:

$ sudo virsh net-list

Sample outputs:

Name State Autostart Persistent

default active yes yes

For network information, enter:

$ sudo virsh net-info default

Sample outputs:

Name: default

UUID: 1c0abaa3-8d17-45b5-85e9-c0d48cec94f9

Active: yes

Persistent: yes

Autostart: yes

Bridge: virbr0

To dump network information in XML format, enter:

$ sudo virsh net-dumpxml default

Sample outputs:

default

1c0abaa3-8d17-45b5-85e9-c0d48cec94f9

Create a CentOS Linux VM

First, grab the CentOS Linux 7.x DVD ISO file:

$ cd /var/lib/libvirt/boot/

$ sudo wget http://mirrors.kernel.org/centos/7/isos/x86_64/CentOS-7-x86_64-Minimal-1511.iso

$ ls

Sample outputs:

CentOS-7-x86_64-Minimal-1511.iso install58.iso

To provision new virtual machines use virt-install command. In this example, I’m creating a CentOS 7.x VM with 1GB RAM, 1 CPU core, and 20GB disk space, enter:

$ sudo virt-install \

–virt-type=kvm \

–name centos7 \

–ram 1024 \

–vcpus=1 \

–os-variant=rhel7 \

–hvm \

–cdrom=/var/lib/libvirt/boot/CentOS-7-x86_64-Minimal-1511.iso \

–network network=default,model=virtio \

–graphics vnc \

–disk path=/var/lib/libvirt/images/centos7.img,size=20,bus=virtio

Sample outputs:

Starting install…

Allocating centos7.img | 20 GB 00:00

Creating domain… | 0 B 00:00

WARNING Unable to connect to graphical console: virt-viewer not installed. Please install the virt-viewer package.

Domain installation still in progress. You can reconnect to

the console to complete the installation process.

Understanding virt-install options

–virt-type=kvm : Use kvm as the hypervisor to install CentOS7 guest.

–name centos7 : Name of the new guest virtual machine instance.

–ram 1024 : Memory to allocate for guest instance in megabytes.

–vcpus=1 : Number of virtual cpus to configure for the guest.

–os-variant=rhel7 : Optimize the guest configuration for a specific operating system variant. Use ‘virt-install –os-variant list‘ to see the full OS list.

–hvm : Request the use of full virtualization.

–cdrom=/var/lib/libvirt/boot/CentOS-7-x86_64-Minimal-1511.iso : File or device use as a virtual CD-ROM device for fully virtualized guests. It can be path to an ISO image, or to a CDROM device.

–network network=default,model=virtio : Connect the guest to the host network. In this example, connect to a virtual network in the host called “default” with nic model called virtio.

–graphics vnc : Setup a virtual console in the guest and export it as a VNC server in the host. This is useful for our headless server (see below).

–disk path=/var/lib/libvirt/images/centos7.img,size=20,bus=virtio : Specifies media to use as storage for the guest. A path to /var/lib/libvirt/images/centos7.img storage media to use with size (20 GB) to use if creating new storage and disk bus type set to virtio.

A note about VNC and a headless server

This is a headless server i.e. a server without a local interface or GUI. There is no monitor or peripherals, such as a keyboard and mouse attached to this server. To continue installation you need to use the vnc client from your own laptop or desktop. To find out information about the vnc server port, enter:

$ sudo virsh dumpxml centos7 | grep vnc

Sample outputs:

Please note down the port value (i.e. 5901). You need to use an SSH client to setup tunnel and a VNC client to access the remote vnc server.

To access guest domain’s VNC console

Type the following SSH port forwarding command:

$ ssh vivek@server1.cyberciti.biz -L 5901:127.0.0.1:5901

Where,

ssh vivek@server1.cyberciti.biz – Establishes the SSH session to the remote KVM host at server1.cyberciti.biz host.

-L – Start local port forwarding.

5901:127.0.0.1:5901 – Setup tunnel i.e. pass traffic over the internet to access remote server 127.0.0.1 and port 5901. See “Setup SSH To Tunnel VNC Traffic Though Internet” for more information.

Once you have ssh tunnel established, you can point your VNC client at your own 127.0.0.1 (localhost) address and port 5901 as follows:

Fig.04: Accessing VNC consoles of KVM guests via SSH

You should see CentOS Linux 7 guest installation screen as follows:

Fig.05: CentOS 7 guest vm installation

Just follow on screen instructions to install CentOS 7. After some time CentOS 7 installed successfully on my server and ready to use. Go ahead and click reboot button. The remote server closed the connection to our VNC client. Type the following command to boot up VM for the first time:

$ sudo virsh start centos7

Sample outputs:

Domain centos7 started

Verify it:

$ sudo virsh list

Sample outputs:

Id Name State

3 puffy running

5 centos7 running

Again use an SSH client to setup tunnel and a VNC client to access CentOS 7 vm via the vnc server:

Fig.07: Sample CentOS 7 vm session using VNC

And, there you have it a CentOS 7 vm running KVM on top of the Ubuntu Linux 14.04 LTS server. In the default configuration, the CentOS 7 guest operating system will have access to network services, but will not be visible to other machines on the network or from the Internets. The CentOS VM will not be able to host an accessible web server. In next part of this tutorial I will talk about port forwarding and setting up bridged networking to connect to the outside network transparently.

KVM libvirt assign static guest IP addresses using DHCP on the virtual machine

omid — Thu, 04 Jan 2018 08:41:24 +0000

am using KVM/libvirt on Linux operating system and how do I assign static IP address using dnsmasq dhcpd server for my default virtual network switch?

By default, an instance of dnsmasq dhcpd server is automatically configured and started by libvirt for each virtual network switch needing it. Each virtual network switch can given a range of IP addresses provided to guests through DHCP. The default networking switch uses dnsmasq server.

Fig.01: Libvirt uses a program, dnsmasq for DNS and DHCP for default network.

View the current dnsmasq DHCP configuration

Type the following command to list networks

# virsh net-list

Sample outputs:

Name State Autostart Persistent

default active yes yes

To see the default network information, enter:

# virsh net-dumpxml default

Sample outputs:

default

e346291e-f86b-4f2f-a16e-654136441805

The DHCP range is between 192.168.122.100 and 192.168.122.254.

How to configure static guest IP addresses on the VM host

First find out your guest VM’s MAC addresses, enter:

# virsh dumpxml {VM-NAME-HERE} | grep -i

# virsh dumpxml xenial | grep -i

Sample outputs:

Please note down the MAC addresses of the xenial VM that you want to assign static IP addresses.

Edit the default network

Type the following command:

# virsh net-edit default

Find the following section:

Append the static IP as follows after range:

Where,

mac= 52:54:00:4c:40:1c – VMs mac address

name= xenial – VMs name.

ip= 192.168.122.4 – VMs static IP.

Here is my complete file with three static DHCP entries for three VMs:

default

e346291e-f86b-4f2f-a16e-654136441805

Restart DHCP service:

# virsh net-destroy default

# virsh net-start default

Sample outputs:

Network default destroyed

Network default started

If you are running the guest/VM called xenial shutdown it:

# virsh shutdown xenial

# /etc/init.d/libvirt-bin restart

# virsh start xenial

# ping -a 192.168.122.4

Sample outputs:

PING 192.168.122.4 (192.168.122.4) 56(84) bytes of data.

64 bytes from 192.168.122.4: icmp_seq=1 ttl=64 time=0.518 ms

64 bytes from 192.168.122.4: icmp_seq=2 ttl=64 time=0.202 ms

64 bytes from 192.168.122.4: icmp_seq=3 ttl=64 time=0.327 ms

— 192.168.122.4 ping statistics —

3 packets transmitted, 3 received, 0% packet loss, time 1999ms

rtt min/avg/max/mdev = 0.202/0.349/0.518/0.129 ms

Each time the guest or VM called xenial comes online (or rebooted for the kernel update) it will get 192.168.122.4 as static IP address by dnsmasq DHCP server.

Linux: lxc forcefully stop and kill container

msrxp — Thu, 04 Jan 2018 08:38:24 +0000

want to stop the application running inside a container. I issued lxc-stop -n myapp but the command is not returning to the shell prompt, and my lxc container entered in hang state. How do I kill my container running on Ubuntu Linux host?

You need use the lxc-stop command to reboot, cleanly shuts down, or kills all the processes inside the Linux container (LXC). By default, it will request a clean shutdown of the container by sending lxc.haltsignal (defaults to SIGPWR) to the container’s init process, waiting up to 60 seconds for the container to exit, and then returning. If the container fails to cleanly exit in 60 seconds, it will be sent the lxc.stopsignal (defaults to SIGKILL) to force it to shut down.

Reboot the container

The syntax is:

lxc-stop -n containerNameHere -r

To reboot the container called myhttpd, enter:

lxc-stop -n myhttpd -r

Shut down and kill the container (hard kill)

The syntax is:

lxc-stop -n containerNameHere -k

lxc-stop -n containerNameHere –kill

To forcefully kill and shut down the container called myhttpd, enter:

lxc-stop -n myhttpd -k

To wait TIMEOUT (say 180) seconds before hard-stopping the container, enter:

lxc-stop -n myhttpd -k -t 180

lxc-stop -n myhttpd -k –timeout 180

Clean shutdown (recommended)

The following syntax only request a clean shutdown, do not kill the container tasks if the clean shutdown fail:

lxc-stop -n containerNameHere –nokill

lxc-stop -n myhttpd –nokill

A note about timeouts

To avoid waiting up to 60 seconds and simply perform the requestion action (reboot, shutdown, or hard kill) and exit, pass the -W option:

hard kill ##

lxc-stop -W -n containerNameHere -k

reboot ##

lxc-stop -W -n containerNameHere -r

How do I view the container state?

To list only running containers, enter:

lxc-ls –fancy –running

Sample outputs:

To list only stopped containers, enter:

lxc-ls –fancy –stopped

To list both stopped and running containers on the system, enter:

lxc-ls –fancy

Sample outputs:

NAME STATE IPV4 IPV6 AUTOSTART

debian8 STOPPED – – NO

wwwapp1 RUNNING 10.0.3.14 – YES

dnsapp1 RUNNING 10.0.3.16 – YES

staticf1 RUNNING 10.0.3.17 – YES

mysqlapp RUNNING 10.0.3.19 – YES

How to determine Linux guest VM virtualization technology

msrxp — Thu, 04 Jan 2018 08:21:56 +0000

have a cloud-based virtual machine running Ubuntu and CentOS Linux server. It may or may not be virtualized. How do I determine what kind of virtualization technology (VMWARE/ KVM/ XEN/ VirtualBox/ Container/ lxc/Hyper-V etc.) a Linux guest system running on? How do I find out the virtualization type of a CentOS 7 Linux VPS?

You need to use the virt-what program (shell script) to detect the type of virtualization being used (or none at all if we’re running on bare-metal). It prints out one of more lines each being a ‘fact’ about the virtualization.

Install virt-what on Debian or Ubuntu Linux VM

$ sudo apt-get install virt-what

$ sudo apt install virt-what

Fig.01: Debian/Ubuntu Linux install virt-what command

Install virt-what on RHEL/CentOS/Scientific Linux VM

$ sudo yum install virt-what

Fig.02: Fedora/RHEL/CentOS Linux install virt-what command

Install virt-what on Fedora Linux VM

$ sudo dnf install virt-what

Check if your remote server runs in virtual environment

Simply type the following command:

$ sudo virt-what

xen

xen-domU

Another output:

$ sudo virt-what

kvm

Another output:

$ sudo virt-what

lxc

Other possible values

hyperv : This is Microsoft Hyper-V hypervisor.

parallels : The guest is running inside Parallels Virtual Platform (Parallels Desktop, Parallels Server).

powervm_lx86 : The guest is running inside IBM PowerVM Lx86 Linux/x86 emulator.

qemu : This is QEMU hypervisor using software emulation.

virtualpc : The guest appears to be running on Microsoft VirtualPC.

xen-hvm : This is a Xen guest fully virtualized (HVM).

uml : This is a User-Mode Linux (UML) guest.

openvz : The guest appears to be running inside an OpenVZ or Virtuozzo container.

linux_vserver : This process is running in a Linux VServer container.

ibm_systemz : This is an IBM SystemZ (or other S/390) hardware partitioning system.

If nothing is printed, then it can mean *either* that the program is running on bare-metal *or* the program is running inside a type of virtual machine which we don’t know about or cannot detect. For more info see virt-what – detect if we are running in a virtual machine and here is the source code of the script:

#!/bin/bash –

# virt-what. Generated from virt-what.in by configure.

# Do not allow unset variables, and set defaults.

set -u

root=

skip_qemu_kvm=false

VERSION= 1.13

function fail {

echo virt-what: $1 >&2

exit 1

}

function usage {

echo virt-what [options]

echo Options:

echo –help Display this help

echo –version Display version and exit

exit 0

}

# Handle the command line arguments, if any.

TEMP=$(getopt -o v –long help –long version –long test-root: -n virt-what — $@ )

if [ $? != 0 ]; then exit 1; fi

eval set — $TEMP

while true; do

case $1 in

–help) usage ;;

–test-root)

# Deliberately undocumented: used for make check .

root= $2

shift 2

;;

-v|–version) echo $VERSION ; exit 0 ;;

–) shift; break ;;

*) fail internal error ($1) ;;

esac

done

# Add /sbin and /usr/sbin to the path so we can find system

# binaries like dmicode.

# Add /usr/libexec to the path so we can find the helper binary.

prefix=/usr

exec_prefix=${prefix}

PATH= ${root}${prefix}/lib/virt-what:${root}/sbin:${root}/usr/sbin:${PATH}

# Check we re running as root.

if [ x$root = x ] && [ $EUID -ne 0 ]; then

fail this script must be run as root

# Many fullvirt hypervisors give an indication through CPUID. Use the

# helper program to get this information.

cpuid=$(virt-what-cpuid-helper)

# Check for various products in the BIOS information.

# Note that dmidecode doesn t exist on non-PC architectures. On these,

# this will return an error which is ignored (error message redirected

# into $dmi variable).

dmi=$(LANG=C dmidecode 2>&1)

# Architecture.

# Note for the purpose of testing, we only call uname with -p option.

arch=$(uname -p)

# Check for VMware.

# cpuid check added by Chetan Loke.

if [ $cpuid = VMwareVMware ]; then

echo vmware

elif echo $dmi | grep -q Manufacturer: VMware ; then

echo vmware

# Check for Hyper-V.

# http://blogs.msdn.com/b/sqlosteam/archive/2010/10/30/is-this-real-the-metaphysics-of-hardware-virtualization.aspx

if [ $cpuid = Microsoft Hv ]; then

echo hyperv

# Check for VirtualPC.

# The negative check for cpuid is to distinguish this from Hyper-V

# which also has the same manufacturer string in the SM-BIOS data.

if [ $cpuid != Microsoft Hv ] &&

echo $dmi | grep -q Manufacturer: Microsoft Corporation ; then

echo virtualpc

# Check for VirtualBox.

# Added by Laurent LÃ©onard.

if echo $dmi | grep -q Manufacturer: innotek GmbH ; then

echo virtualbox

# Check for OpenVZ / Virtuozzo.

# Added by Evgeniy Sokolov.

# /proc/vz – always exists if OpenVZ kernel is running (inside and outside

# container)

# /proc/bc – exists on node, but not inside container.

if [ -d ${root}/proc/vz -a ! -d ${root}/proc/bc ]; then

echo openvz

# Check for LXC containers

# http://www.freedesktop.org/wiki/Software/systemd/ContainerInterface

# Added by Marc Fournier

if [ -e ${root}/proc/1/environ ] &&

cat ${root}/proc/1/environ | tr \000 \n | grep -Eiq ^container= ; then

echo lxc

# Check for Linux-VServer

if cat ${root}/proc/self/status | grep -q VxID: [0-9]* ; then

echo linux_vserver

# Check for UML.

# Added by Laurent LÃ©onard.

if grep -q UML ${root}/proc/cpuinfo ; then

echo uml

# Check for IBM PowerVM Lx86 Linux/x86 emulator.

if grep -q ^vendor_id.*PowerVM Lx86 ${root}/proc/cpuinfo ; then

echo powervm_lx86

# Check for Hitachi Virtualization Manager (HVM) Virtage logical partitioning.

if echo $dmi | grep -q Manufacturer.*HITACHI &&

echo $dmi | grep -q Product.* LPAR ; then

echo virtage

# Check for IBM SystemZ.

if grep -q ^vendor_id.*IBM/S390 ${root}/proc/cpuinfo ; then

echo ibm_systemz

if [ -f ${root}/proc/sysinfo ]; then

if grep -q VM.*Control Program.*z/VM ${root}/proc/sysinfo ; then

echo ibm_systemz-zvm

elif grep -q ^LPAR ${root}/proc/sysinfo ; then

echo ibm_systemz-lpar

else

# This is unlikely to be correct.

echo ibm_systemz-direct

# Check for Parallels.

if echo $dmi | grep -q Vendor: Parallels ; then

echo parallels

skip_qemu_kvm=true

# Check for Xen.

if [ $cpuid = XenVMMXenVMM ]; then

echo xen; echo xen-hvm

skip_qemu_kvm=true

elif [ -f ${root}/proc/xen/capabilities ]; then

echo xen

if grep -q control_d ${root}/proc/xen/capabilities ; then

echo xen-dom0

else

echo xen-domU

skip_qemu_kvm=true

elif [ -f ${root}/sys/hypervisor/type ] &&

grep -q xen ${root}/sys/hypervisor/type ; then

# Ordinary kernel with pv_ops. There does not seem to be

# enough information at present to tell whether this is dom0

# or domU. XXX

echo xen

elif [ $arch = ia64 ]; then

if [ -d ${root}/sys/bus/xen -a ! -d ${root}/sys/bus/xen-backend ]; then

# PV-on-HVM drivers installed in a Xen guest.

echo xen

echo xen-hvm

else

# There is no virt leaf on IA64 HVM. This is a last-ditch

# attempt to detect something is virtualized by using a

# timing attack.

virt-what-ia64-xen-rdtsc-test > /dev/null 2>&1

case $? in

0) ;; # not virtual

1) # Could be some sort of virt, or could just be a bit slow.

echo virt

esac

# Check for QEMU/KVM.

# Parallels exports KVMKVMKVM leaf, so skip this test if we ve already

# seen that it s Parallels. Xen uses QEMU as the device model, so

# skip this test if we know it is Xen.

if ! $skip_qemu_kvm ; then

if [ $cpuid = KVMKVMKVM ]; then

echo kvm

else

# XXX This is known to fail for qemu with the explicit -cpu

# option, since /proc/cpuinfo will not contain the QEMU

# string. The long term fix for this would be to export

# another CPUID leaf for non-accelerated qemu.

if grep -q QEMU ${root}/proc/cpuinfo ; then

echo qemu

How to delete KVM VM guest using virsh command

msrxp — Thu, 04 Jan 2018 07:26:05 +0000

am a new Linux and KVM user. How do I delete a VM guest with virsh command line on Linux operating system? How do I delete a virtual machine called vps42 on Ubuntu or CentOS Linux server?

Deleting a VM Guest removes its XML configuration by default stored in /etc/ directory. You may also delete a guest’s storage files to completely erase the guest. In this quick tutorial you will learn how to delete a VM guest with virsh on Debian/Ubuntu/RHEL/CentOS Linux servers.

To Delete a KVM Guest Using Virsh:

First, list all running KVM guests using “virsh list” command.

Next, you need to shut down a guest virtual machine using the “virsh shutdown VM” command.

Finally, delete a VM Guest with “virsh undefine VM” command.

Let us see steps in details.

Step 1: List all a VM guests

Type the following command:

# virsh list

Sample outputs:

Fig.01: Virsh list a KVM vm

To see info about domain called openbsd, enter:

# virsh dumpxml VM_NAME

# virsh dumpxml –domain VM_NAME

# virsh dumpxml –domain openbsd

Note down a guest’s storage files

# virsh dumpxml –domain openbsd | grep source file

Step 2: Shutdown the guest

Type the following command to shutdown the vm called openbsd:

# virsh shutdown VM_NAME

# virsh shutdown –domain VM_NAME

# virsh shutdown –domain openbsd

You can force a guest virtual machine to stop with the virsh destroy command:

# virsh destroy VM_NAME

# virsh destroy –domain VM_NAME

# virsh destroy –domain openbsd

Step 3: Deleting a virtual machine

To delete a VM Guest with virsh run

# virsh undefine VM_NAME

# virsh undefine –domain VM_NAME

# virsh undefine –domain openbsd

Sample outputs:

Domain openbsd has been undefined

There is no option to automatically delete the attached storage file called /nfswheel/kvm/openbsd.qcow2. To delete it, enter:

# rm -rf /nfswheel/kvm/openbsd.qcow2

A note about error: “cannot delete inactive domain with snapshots”

You cannot delete a VM with snapshots. For example:

# virsh undefine –domain openbsd

Sample outputs:

error: Failed to undefine domain openbsd

error: Requested operation is not valid: cannot delete inactive domain with 2 snapshots

To list snapshots, enter:

# virsh snapshot-list –domain VM_NAME

# virsh snapshot-list –domain openbsd

Sample outputs:

Name Creation Time State

3sep2016 2016-09-02 13:38:18 -0500 shutoff

3sep2016u1 2016-09-02 15:04:50 -0500 shutoff

The syntax is as follows to delete snapshot:

# virsh snapshot-delete –domain VM_NAME –snapshotname SNAPSHOT_NAME

To delete both snapshots, enter:

# virsh snapshot-delete –domain openbsd –snapshotname 3sep2016

Domain snapshot 3sep2016 deleted

# virsh snapshot-delete –domain openbsd –snapshotname 3sep2016u1

Domain snapshot 3sep2016u1 deleted

Verify it:

# virsh snapshot-list –domain openbsd

Name Creation Time State

Now delete the vm:

# virsh undefine –domain openbsd

Domain openbsd has been undefined

# rm -f /nfswheel/kvm/openbsd.qcow2

How to install LXD container hypervisor on Ubuntu 16.04 LTS server

msrxp — Thu, 04 Jan 2018 07:20:03 +0000

ow do I install LXD container “hypervisor” to runs unmodified Debian/Ubuntu/CentOS Linux operating systems VM at incredible speed on a Ubuntu Linux 16.04 LTS server?

LXD is lxc on steroids with strong security on the mind. LXD is not a rewrite of LXC. Under the hood, LXD uses LXC through liblxc and its Go binding. In this tutorial, you will learn to set up LXD on a Ubuntu Linux server.

Install LXD

Type the following apt-get command:

$ sudo apt install lxd

$ sudo apt-get install lxd

Sample outputs:

Fig.01 Installing LXD on a Ubuntu Linux 16.04 LTS

Configure the LXD networking and storage for VM

I suggest you use ZFS and along with DHCP based IP networking for ease of setup for each VM. The ZFS offers quick option to make snapshots and other advanced features. See how to install ZFS on Ubuntu server for more information. The following command displays my ZFS setup for all VMs:

$ sudo zfs list

Sample outputs:

[sudo] password for vivek:

NAME USED AVAIL REFER MOUNTPOINT

nixcraft 744K 461G 192K /nixcraft

nixcraft/lxdvms 192K 461G 192K /nixcraft/lxdvms

To setup both storage and networking option, enter:

$ sudo lxd init

Sample outputs:

Name of the storage backend to use (dir or zfs) [default=zfs]:

Create a new ZFS pool (yes/no) [default=yes]? no

Name of the existing ZFS pool or dataset: nixcraft/lxdvms

Would you like LXD to be available over the network (yes/no) [default=no]?

Do you want to configure the LXD bridge (yes/no) [default=yes]?

You need to configure the LXD dhcp based bridge as prompted:

Setup a network bridge for the LXD

Setup bridge name for the LXD

A random subnet for the LXD

Setup a valid IPv4 address for the LXD

Setup CIDR for the LXD

Setup the first IP for the LXD dhcpd

Setup last IP address for the LXD dhcpd

Setup max number of the LXD dhcpd client

Setup NAT for the LXD

Setup IPv6 for the LXD

Say hello to lxc command

The lxc command used to talk with LXD server. The lxd package creates a new “lxd” group which contains all users allowed to talk to lxd over the local unix socket. In other words your username must be part of lxd group:

$ id username

$ id vivek

$ grep lxd /etc/group

Sample outputs:

lxd:x:110:vivek

If vivek (or any other user) user is not part of lxd group you will get an error that read as follows when you try to use lxc command:

Permission denied, are you in the lxd group?

Please note that group membership is only applied at login or ssh session, you then either need to close and re-open your user/ssh session or use the following command to avoid above error:

$ newgrp lxd

Verify that the lxc client is talking to the LXD daemon:

$ lxc list

Sample outputs:

+——+——-+——+——+——+———–+

+——+——-+——+——+——+———–+

How do I list available images for various Linux distro?

$ lxc image list images:

Sample outputs:

Fig.02: Listing all images from default remote server

Most of the images are known by several aliases. To see a list, enter:

$ lxc image alias list images:

$ lxc image alias list images: | grep -i centos

$ lxc image alias list images: | grep -i arch

$ lxc image alias list images: | grep -i debian

How create and use your first container

The syntax is:

lxc launch images:{distro}/{version}/{arch} {container-name-here}

Create a Alpine Linux 3.4 VM

$ lxc launch images:alpine/3.4/amd64 alpine-www

Sample outputs:

Creating alpine-www

Retrieving image: 100%

Starting alpine-www

Create a CentOS Linux 7 VM

$ lxc launch images:centos/7/amd64 cenots-db

Create a Ubuntu Linux 16.4 “xenial” LTS VM

$ lxc launch images:ubuntu/xenial/amd64 ubuntu-nginx

Create a Debian Linux 7.x “wheezy” VM

$ lxc launch images:debian/wheezy/amd64 file-server

Create a Debian Linux 8.x “jessie” VM

$ lxc launch images:debian/jessie/amd64 file-server

Create a Arch Linux VM

$ lxc launch images:archlinux/amd64 arch-c1

Create a Gentoo Linux VM

$ lxc launch images:gentoo/amd64 gentoo-c1

Create a Fedora Linux 24 VM

$ lxc launch images:fedora/24/amd64 fedora24-c1

Create a Fedora Linux 25 VM

$ lxc launch images:fedora/25/amd64 fedora25-c1

Create a Ppensuse Linux 13.2 VM

$ lxc launch images:opensuse/13.2/amd64 opensuse

Create a Opensuse Linux 42.2 VM

$ lxc launch images:opensuse/42.2/amd64 opensuse-42-2

Create a Oracle Linux 7.x VM

$ lxc launch images:oracle/7/amd64 oracle-proxy-c1

How do I list all my containers?

Type the following command:

$ lxc list –fast

$ lxc list | grep RUNNING

$ lxc list | grep STOPPED

$ lxc list | grep

$ lxc list *c1*

$ lxc list *db*

$ lxc list

Sample outputs:

Fig.03 Lists the available resource for the LXD

How do I execute/run the specified command in a container?

The syntax is:

lxc exec containerName — command

lxc exec containerName — /path/to/script

lxc exec containerName –env EDITOR=/usr/bin/vim — command

run date, ip a, ip rm and other commands on various containers ###

$ lxc exec cenots-db — date

$ lxc exec opensuse — ifconfig

$ lxc exec ubuntu-nginx — ip r

$ lxc exec fedora24-c1 — dnf update

$ lxc exec file-server — cat /etc/debian_version

Sample outputs:

Fig.03: Run commands on in a container

How do I get the bash shell access in a container?

To gain login and gain shell access in a container named file-server , enter:

$ lxc exec file-server bash

Now you can run commands or install packages:

# cat /etc/*issue*

# apt-get update

# apt-get upgrade

To exit simply from container simply type exit:

# exit

Sample session:

Fig.04: Gain a bash shell access in container

How do I start my containers?

The syntax is:

$ lxc start containerName

$ lxc start foo

$ lsc start centos-db opensuse

How do I stop my containers?

The syntax is:

$ lxc stop containerName

$ lxc stop foo

$ lsc stop centos-db opensuse

How do I restart my containers?

The syntax is:

$ lxc restart containerName

$ lxc restart foo

$ lsc restart centos-db opensuse

How do I delete my containers?

The syntax is (be careful as the LXD containers are deleted immediately without any confirmation prompt i.e. keep backups):

$ lxc delete containerName

$ lxc delete foo

$ lsc delete centos-db

You may get the following error while deleting the container:

The container is currently running, stop it first or pass –force.

To fix this:

$ lxc stop centos-db && lxc delete centos-db

How do I show information on LXD servers and containers?

Type the following command:

$ lxc info

$ lxc info containerName

$ lxc info cenots-db

Sample outputs:

Fig.05: How to see LXD containers memory, cpu, network usage info using lxc

Can I run the OpenSSH server in a container?

Yes. You can install and use the openssh-server just like a VPS or dedicated box. For example:

$ lxc exec centos-db — yum install openssh-server

$ lxc exec cenots-db — systemctl start sshd

$ ssh user@centos-db

$ ssh user@centos-db-ip-address-here

How to rename LXD / LXC container

msrxp — Thu, 04 Jan 2018 06:12:44 +0000

ow do I rename an LXD managed LXC container under a Linux operating system?

You can move or rename containers within or in between lxd instances. In this quick tutorial, I will show how to rename an LXD managed LXC container using lxc command line.

How to rename a local container

Let us say you want to rename a local container named file-server to debian-wheezy. The syntax is:

lxc move {old-lxc-name} {new-lxc-name}

Please note that renaming of running container not allowed. So first stop the container, enter:

$ lxc stop file-server

Now rename it:

$ lxc move file-server debian-wheezy

Start it:

$ lxc start debian-wheezy

Verify it:

$ lxc info debian-wheezy

Sample outputs:

Fig.01: Rename a local container

$ lxc exec debian-wheezy bash

Change hostname and updated /etc/hosts if you want:

# echo debian-wheezy > /etc/hostname

# sed -i s/file-server/debian-wheezy/g /etc/hosts

# exit

$ lxc restart debian-wheezy

Verify new changes:

$ lxc exec debian-wheezy bash

root@debian-wheezy:~# cat /etc/os-release

Sample outputs:

PRETTY_NAME= Debian GNU/Linux 7 (wheezy)

NAME= Debian GNU/Linux

VERSION_ID= 7

VERSION= 7 (wheezy)

ID=debian

ANSI_COLOR= 1;31

HOME_URL= http://www.debian.org/

SUPPORT_URL= http://www.debian.org/support/

BUG_REPORT_URL= http://bugs.debian.org/

Also you can move a container between two hosts, renaming it if destination name differs. The syntax is:

$ lxc move [:][:][]

$ lxc stop server1:foo

$ lxc move server1:foo server2:bar