Setting up Virtualization on penguin

Contents

Installing the virtualization RPMs on penguin was straightforward:

for PACKAGE in qemu-kvm libvirt virt-install virt-viewer
do
    yum install -y $PACKAGE 2>&1 | jtime | tee ~/packages/install.$PACKAGE.text
done

Installing the FreePBX distribution

A network bridge is needed for the VM, but when I checked penguin one had already been created by the installation of qemu-kvm:

# nmcli
virbr0: connected to virbr0
  "virbr0"
  bridge, 52:54:00:C1:42:3D, sw, mtu 1500
  inet4 192.168.122.1/24
  route4 192.168.122.0/24

Note, however, the bridge has ip address 192.168.122.1/24, meaning it has its own sub-net. That’s not what I want: I want the guest system to be able to talk to the local network as a normal system. See Setting up a bridge for transparent networking on libvirt guests for details.

Install the VM: 

virt-install --name freepbx --cpu host --memory 2048 --disk size=8 \
  --cdrom /var/local/iso/misc/FreePBX-64bit-1904-2.iso \
  --network bridge=virbr0 --os-variant rhel7

Typically I run commands on penguin by making an ssh connection to the system, but this time I had to run the command in a terminal from the graphical desktop on the penguin itself. This is because by default virt-install starts virt-viewer, and details on running virt-viewer remotely are hard to come by.

But there’s another way to get the console on sparrow, by connecting to penguin using ssh -Y penguin. That forwards my X11 connection to the server, letting sparrow’s X11 handle the window.

Setting up a bridge for transparent networking on libvirt guests

It took a ridiculous amount of effort to come up with a networking configuration that allowed libvirt domains to participate in my LAN as a normal system as opposed to being isolated on penguin. The official libvirt documentation is practically silent on this issue. Searching on the web turned up a couple of variations on binding a bridge device to a tun/tap interface, but my attempts to use these were not successful.

In the end I had to do the following:

  • Remove all IP configuration from the network card eno1
  • Create a bridge br0 using the same the IP configuration eno1 had used
  • Add eno1 as an interface on br0
  • Also assign 192.168.1.3 (used for WAN domain resolution) to br0

In theory that’s what the tap/tun stuff is supposed to be doing without having to muck around with IP addresses on the primary NIC. I’m at a loss to explain why those approaches didn’t work.

Connecting to a VM’s display on a remote system

I ran the following command on my laptop:

virt-viewer --debug --direct --connect qemu+ssh://penguin/system

The above command brought up a list of the running VMs. I selected the only one listed, and the viewer gave an error:

(virt-viewer:3402): virt-viewer-DEBUG: Guest CentOS-7-A has a spice display
(virt-viewer:3402): virt-viewer-DEBUG: Guest graphics address is 127.0.0.1:5900
(virt-viewer:3402): virt-viewer-DEBUG: graphics listen '127.0.0.1' is not reachable from this machine

Note that penguin told my laptop to connect to 127.0.0.1 and not its IP address of 192.168.1.1.

About

Ramblings about Linux and other things

Archives

Tags