====== Creating a KVM Virtual Machine ======
* Copy a virtual machine image from a virtual machine template:
root@host:~# cp
or create a new image file:
root@host:~# qemu-img create -f -o
E.g. a QCOW2 image file with a size of 2GB:
root@host:~# qemu-img create -f qcow2 -o lazy_refcounts=on slave1.qcow2 2G
<
* Create a virtual machine description file:
VMNAMEMEMORYCPUShvmdestroyrestartrestart/usr/bin/kvm
Replace ''VMNAME'', ''MEMORY'', ''CPUS'', ''PATHTOVMIMAGE'' and ''NETWORK'', with the appropriate values and save the virtual machine description file as ''.xml''.
With the virtual machine description file, define a virtual machine:
root@host:~# virsh define .xml
root@host:~# virsh autostart <
* Networking:
* Private bridge, with access to networks outside of the KVM host for the virtual machines via NAT on the KVM host:
* Create a virtual network description file:
default
Replace the IP addresses and the netmask with the appropriate values for the network environment and save the virtual network description file as ''network-default.xml''
With the virtual network description file, define a virtual network:
root@host:~# virsh net-define network-default.xml
root@host:~# virsh net-autostart default
root@host:~# virsh autostart default
<
* **Optional:** Add entries for each virtual machine to the file ''/etc/hosts'' on the KVM server if network access from the KVM server to the virtual machine is required. <
* Gather the MAC address for each virtual machine interface:
root@host:~# virsh dumpxml | egrep " <
* For each virtual machine insert a static entry to the virtual network. This will be used to map each virtual machines MAC address to a IP address via DHCP:
root@host:~# virsh net-update default add ip-dhcp-host "" --live --config
Replace ''MAC'', ''HOSTNAME'' and ''IPADDRESS'' with the appropriate values for each virtual machine. <
* Restart the libvirt service on the KVM host:
root@host:~# systemctl restart libvirtd.service
This will have created a virtual network in the form of a Linux bridge:
root@host:~# brctl show
bridge name bridge id STP enabled interfaces
virbr0 8000.fe54005a3df0 yes
It will also have inserted appropriate IPtables NAT rules into the ''FORWARD'' chain:
root@host:~# iptables -nL
[...]
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
[...]
In order to forward packets from and to the virtual machines, IP forwarding must also be enabled on the KVM host:
root@host:~# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
<
<
<
* Start the virtual machine:
root@host:~# virsh start
If the virtual machine was copied from a template and virtual machine networking is done with a private bridge and NAT, the hostname inside the virtual machine is currently still the wrong one in order to match the definition for a successful DHCP request. On the first boot of the virtual machine, the hostname needs to be changed via a login on the virtual machine console. See [[:sw:debian:recipies:changes-after-cloning|Debian - Necessary Changes After Cloning A System]] for the necessary steps. Afterwards the virtual machine should get an IP address assigned via DHCP. <