{"id":1110,"date":"2022-04-04T15:51:50","date_gmt":"2022-04-04T07:51:50","guid":{"rendered":"https:\/\/www.buyao007.icu\/?p=1110"},"modified":"2022-04-05T16:04:13","modified_gmt":"2022-04-05T08:04:13","slug":"4-kvm%e8%99%9a%e6%8b%9f%e6%9c%ba%e7%9a%84%e7%bd%91%e7%bb%9c","status":"publish","type":"post","link":"https:\/\/www.buyao007.icu\/?p=1110","title":{"rendered":"4. KVM\u865a\u62df\u673a\u7684\u7f51\u7edc"},"content":{"rendered":"\n

\u5b59\u5bcc\u9633\uff0c \u6c5f\u6e56\u4eba\u79f0\u6ca1\u4eba\u79f0\u3002\u591a\u5e74\u4e92\u8054\u7f51\u8fd0\u7ef4\u5de5\u4f5c\u7ecf\u9a8c\uff0c\u66fe\u8d1f\u8d23\u8fc7\u5b59\u5e03\u65af\u5927\u89c4\u6a21\u96c6\u7fa4\u67b6\u6784\u81ea\u52a8\u5316\u8fd0\u7ef4\u7ba1\u7406\u5de5\u4f5c\u3002\u64c5\u957fWeb\u96c6\u7fa4\u67b6\u6784\u4e0e\u81ea\u52a8\u5316\u8fd0\u7ef4\uff0c\u66fe\u8d1f\u8d23\u56fd\u5185\u67d0\u5927\u578b\u535a\u5ba2\u7f51\u7ad9\u8fd0\u7ef4\u5de5\u4f5c\u3002<\/p>\n\n\n\n

1.\u865a\u62df\u673a\u7684\u6865\u63a5\u7f51\u7edc<\/h2>\n\n\n\n
##\u8bbe\u7f6e\u6865\u63a5\u7f51\u7edc\uff08\u4f1a\u53d1\u73b0eth1\u7f51\u5361\u7684ip\u8dd1\u5230\u4e86br2\u4e0a\u4e86\uff09\n[root@test ~]# virsh iface-bridge eth1 br2\nCreated bridge br2 with attached device eth1\nBridge interface br2 started\n\n##\u4fee\u6539\u914d\u7f6e\u6587\u4ef6\n[root@test ~]# virsh dumpxml web01 |grep bridge\n    <interface type='bridge'>\n      <source bridge='br0'\/>\n##\u53d6\u6d88\u6865\u63a5\u7f51\u7edc\u8bbe\u7f6e\n[root@test ~]# virsh iface-unbridge br2\nDevice eth1 un-attached from bridge br2\n\nInterface eth1 started\n<\/code><\/pre>\n\n\n\n
2.\u81ea\u5b9a\u4e49\u4e00\u4e2aNAT\u7f51\u7edc<\/h2>\n\n\n\n
#\u5148\u5bfc\u51fa\u4e00\u4efd\u914d\u7f6e\u6587\u4ef6\u6539\u5427\u6539\u5427\u5373\u53ef\n[root@kvm01 ~]# virsh net-dumpxml --network default > \/tmp\/test.xml\n[root@kvm01 ~]# vim \/tmp\/test.xml\n<network>\n  <name>ddd<\/name>\n  <forward mode='nat'>\n    <nat>\n      <port start='1024' end='65535'\/>\n    <\/nat>\n  <\/forward>\n  <bridge name='virbr1' stp='on' delay='0'\/>\n  <ip address='192.168.12.1' netmask='255.255.255.0'>\n    <dhcp>\n      <range start='192.168.12.2' end='192.168.12.254'\/>\n    <\/dhcp>\n  <\/ip>\n<\/network>\n[root@kvm01 ~]# virsh net-define --file \/tmp\/test.xml<\/code><\/pre>\n\n\n\n
3.nat\u548c\u6865\u63a5\u7684\u533a\u522b<\/h2>\n\n\n\n
nat\u4e0a\u7f51\u4f9d\u8d56\u5bbf\u4e3b\u673a\u7684\u8def\u7531\u8f6c\u53d1\u548ciptables\u89c4\u5219\n[root@test ~]# sysctl net.ipv4.ip_forward=1\nnet.ipv4.ip_forward = 1\n[root@test ~]# iptables -t nat -nL\nChain PREROUTING (policy ACCEPT)\ntarget     prot opt source               destination         \n\nChain INPUT (policy ACCEPT)\ntarget     prot opt source               destination         \n\nChain OUTPUT (policy ACCEPT)\ntarget     prot opt source               destination         \n\nChain POSTROUTING (policy ACCEPT)\ntarget     prot opt source               destination         \nRETURN     all  --  192.168.122.0\/24     224.0.0.0\/24        \nRETURN     all  --  192.168.122.0\/24     255.255.255.255     \nMASQUERADE  tcp  --  192.168.122.0\/24    !192.168.122.0\/24     masq ports: 1024-65535\nMASQUERADE  udp  --  192.168.122.0\/24    !192.168.122.0\/24     masq ports: 1024-65535\nMASQUERADE  all  --  192.168.122.0\/24    !192.168.122.0\/24   \n##\u67e5\u770b\u865a\u62df\u673a\u4f7f\u7528\u7684\u662f\u54ea\u4e2avnet\n[root@test ~]# virsh dumpxml web01|grep vnet\n      <target dev='vnet0'\/>\n<\/code><\/pre>\n\n\n\n
4.\u4e3a\u4ec0\u4e48nat\u6a21\u5f0f\u9ed8\u8ba4\u7f51\u6bb5\u662f 192.168.122.0\/24<\/h2>\n\n\n\n
\u7cfb\u7edf\u81ea\u5b9a\u4e49\u7684\n[root@test ~]# virsh net-list \n Name                 State      Autostart     Persistent\n----------------------------------------------------------\n default              active     yes           yes\n\n[root@test ~]# virsh net-edit default \n<network>\n  <name>default<\/name>\n  <uuid>4b37a0d2-92a9-45c6-a42d-52eb3f9d865f<\/uuid>\n  <forward mode='nat'\/>\n  <bridge name='virbr0' stp='on' delay='0'\/>\n  <mac address='52:54:00:20:85:73'\/>\n  <ip address='192.168.122.1' netmask='255.255.255.0'>\n    <dhcp>\n      <range start='192.168.122.2' end='192.168.122.254'\/>\n    <\/dhcp>\n  <\/ip>\n<\/network>\n##\u540c\u6837\u914d\u7f6e\u6587\u4ef6\u91cc\u4e5f\u80fd\u770b\u5230\n[root@test ~]# cat \/etc\/libvirt\/qemu\/networks\/default.xml \n<!--\nWARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE\nOVERWRITTEN AND LOST. Changes to this xml configuration should be made using:\n  virsh net-edit default\nor other application using the libvirt API.\n-->\n\n<network>\n  <name>default<\/name>\n  <uuid>4b37a0d2-92a9-45c6-a42d-52eb3f9d865f<\/uuid>\n  <forward mode='nat'\/>\n  <bridge name='virbr0' stp='on' delay='0'\/>\n  <mac address='52:54:00:20:85:73'\/>\n  <ip address='192.168.122.1' netmask='255.255.255.0'>\n    <dhcp>\n      <range start='192.168.122.2' end='192.168.122.254'\/>\n    <\/dhcp>\n  <\/ip>\n<\/network>\n<\/code><\/pre>\n\n\n\n
5.kvm\u51b7\u6dfb\u52a0\u786c\u76d8\u548c\u7f51\u5361<\/h2>\n\n\n\n
\u5173\u673a\u72b6\u6001\u4e0b\u76f4\u63a5\u7f16\u8f91\u914d\u7f6e\u6587\u4ef6\u6dfb\u52a0\u5c31\u662f\u51b7\u6dfb\u52a0\r\n[root@test ~]# virsh edit web01\r\n\u590d\u5236\u539f\u6765\u7684\u78c1\u76d8\u914d\u7f6e\r\n\u5220\u9664\u603b\u7ebf\u7684\u884c<address type='pci'\r\n\u4fee\u6539<source file=\u8def\u5f84\r\n\u4fee\u6539<target dev\r\n\u590d\u5236\u539f\u6765\u7684\u7f51\u5361\u914d\u7f6e\r\n\u5220\u9664\u603b\u7ebf\u7684\u884c<address type='pci'\r\n\u5220\u9664<mac address=\r<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
\u5b59\u5bcc\u9633\uff0c \u6c5f\u6e56\u4eba\u79f0\u6ca1\u4eba\u79f0\u3002\u591a\u5e74\u4e92\u8054\u7f51\u8fd0\u7ef4\u5de5\u4f5c\u7ecf\u9a8c\uff0c\u66fe\u8d1f\u8d23\u8fc7\u5b59\u5e03\u65af\u5927\u89c4\u6a21\u96c6\u7fa4\u67b6\u6784\u81ea\u52a8\u5316\u8fd0\u7ef4\u7ba1\u7406\u5de5\u4f5c\u3002\u64c5\u957fWeb\u96c6 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32],"tags":[],"_links":{"self":[{"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=\/wp\/v2\/posts\/1110"}],"collection":[{"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1110"}],"version-history":[{"count":2,"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=\/wp\/v2\/posts\/1110\/revisions"}],"predecessor-version":[{"id":1112,"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=\/wp\/v2\/posts\/1110\/revisions\/1112"}],"wp:attachment":[{"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1110"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1110"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.buyao007.icu\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1110"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}