4. KVM虚拟机的网络
孙富阳, 江湖人称没人称。多年互联网运维工作经验,曾负责过孙布斯大规模集群架构自动化运维管理工作。擅长Web集群架构与自动化运维,曾负责国内某大型博客网站运维工作。
1.虚拟机的桥接网络
##设置桥接网络(会发现eth1网卡的ip跑到了br2上了)
[root@test ~]# virsh iface-bridge eth1 br2
Created bridge br2 with attached device eth1
Bridge interface br2 started
##修改配置文件
[root@test ~]# virsh dumpxml web01 |grep bridge
<interface type='bridge'>
<source bridge='br0'/>
##取消桥接网络设置
[root@test ~]# virsh iface-unbridge br2
Device eth1 un-attached from bridge br2
Interface eth1 started
2.自定义一个NAT网络
#先导出一份配置文件改吧改吧即可
[root@kvm01 ~]# virsh net-dumpxml --network default > /tmp/test.xml
[root@kvm01 ~]# vim /tmp/test.xml
<network>
<name>ddd</name>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr1' stp='on' delay='0'/>
<ip address='192.168.12.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.12.2' end='192.168.12.254'/>
</dhcp>
</ip>
</network>
[root@kvm01 ~]# virsh net-define --file /tmp/test.xml3.nat和桥接的区别
nat上网依赖宿主机的路由转发和iptables规则
[root@test ~]# sysctl net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1
[root@test ~]# iptables -t nat -nL
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
RETURN all -- 192.168.122.0/24 224.0.0.0/24
RETURN all -- 192.168.122.0/24 255.255.255.255
MASQUERADE tcp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
MASQUERADE udp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
MASQUERADE all -- 192.168.122.0/24 !192.168.122.0/24
##查看虚拟机使用的是哪个vnet
[root@test ~]# virsh dumpxml web01|grep vnet
<target dev='vnet0'/>
4.为什么nat模式默认网段是 192.168.122.0/24
系统自定义的
[root@test ~]# virsh net-list
Name State Autostart Persistent
----------------------------------------------------------
default active yes yes
[root@test ~]# virsh net-edit default
<network>
<name>default</name>
<uuid>4b37a0d2-92a9-45c6-a42d-52eb3f9d865f</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0'/>
<mac address='52:54:00:20:85:73'/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.2' end='192.168.122.254'/>
</dhcp>
</ip>
</network>
##同样配置文件里也能看到
[root@test ~]# cat /etc/libvirt/qemu/networks/default.xml
<!--
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
virsh net-edit default
or other application using the libvirt API.
-->
<network>
<name>default</name>
<uuid>4b37a0d2-92a9-45c6-a42d-52eb3f9d865f</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0'/>
<mac address='52:54:00:20:85:73'/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.2' end='192.168.122.254'/>
</dhcp>
</ip>
</network>
5.kvm冷添加硬盘和网卡
关机状态下直接编辑配置文件添加就是冷添加
[root@test ~]# virsh edit web01
复制原来的磁盘配置
删除总线的行<address type='pci'
修改<source file=路径
修改<target dev
复制原来的网卡配置
删除总线的行<address type='pci'
删除<mac address=
未经允许不得转载:孙某某的运维之路 » 4. KVM虚拟机的网络
评论已关闭