File README.md of Package kvm-container
# What's inside
This container provide kvm toolstack inside a container.
* '''Dockerfile''' with the definition of the kvm container
** based on SLE15 SP4 BCI image suse/sle15:15.4
** installs qemu, libvirt, virt-install and some additional tools
** Use the entrypoint.sh as ENTRYPOINT for the container
* '''kvm-base-container.conf''' file for which contains all VAR
* '''kvm-container-functions''' functions to check configuration
* '''VM_config.ign''' as an ignition file (not yet used as default image is an openstack one)
* '''kvm-container-manage.sh''' script to manage the container using podman
* '''virsh''' is the wrapper on the host to use virsh command
* '''virt-install-demo.sh''' is a wrapper to quickly install a test VM
* '''virt-install''' is the wrapper on the host to virt-install
* '''virt-manager''' is the virt-manager wrapper on the host
* The host network is the default one as podman network requires to publish port (which add complexity for VNC port and all VM)
* Default user inside the container is '''testuser''', password='''opensuse''', ssh port: 16022
# Usage of the the manage script
```# ./kvm-container-manage.sh
```
# Installing the kvm-container tools
To be able to manage Virtual Machines using Libvirt, first install the container using
the '''runlabel install''' for the container image available from the registry.
```
# podman container runlabel install registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/kvm:latest
Trying to pull registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/kvm:latest...
Getting image source signatures
Copying blob e0a935ad0ff9 done
Copying blob a9510fddaf27 done
Copying config f31316e5ee done
Writing manifest to image destination
Storing signatures
LABEL INSTALL
copy /container/kvm-container-manage.sh in /host/usr/local/bin/
'/container/kvm-container-manage.sh' -> '/host/usr/local/bin/kvm-container-manage.sh'
copy /container/virsh in /host/usr/local/bin/
'/container/virsh' -> '/host/usr/local/bin/virsh'
copy /container/virt-install in /host/usr/local/bin/
'/container/virt-install' -> '/host/usr/local/bin/virt-install'
copy /container/kvm-container.conf in /host/etc/
'/container/kvm-container.conf' -> '/host/etc/kvm-container.conf'
copy /container/kvm-container-functions in /host/etc/
'/container/kvm-container-functions' -> '/host/etc/kvm-container-functions'
.....
```
## runlabel install image id saved to /etc/default/kvm-container
The image used by the most recent '''runlabel install''' of the
kvm-container will be saved in the '''/etc/default/kvm-container'''
file as the IMAGE variable.
This allows other tools to benefit from the fact that a version
of the image will be present in the local container image repository.
# Setting up the systemd libvirtd service
The libvirtd service leverages the '''kvm-container-manage.sh'''
script in a '''ExecPreStart''' step create the '''libvirtd'''
container, as well as leveraging the '''/etc/default/kvm-container'''
(if found) to specify the container image to use.
Verify that the libvirtd service is starting correctly by running
'''systemctl start libvirtd''' and check it's status once it has
finished:
```
# systemctl status libvirtd
○ libvirtd.service - Libvirtd daemon container
Loaded: loaded (/etc/systemd/system/libvirtd.service; disabled; preset: disabled)
Active: inactive (dead)
Docs: https://build.opensuse.org/package/show/SUSE:ALP:Workloads/kvm-container
# systemctl start libvirtd
# systemctl status libvirtd
● libvirtd.service - Libvirtd daemon container
Loaded: loaded (/etc/systemd/system/libvirtd.service; disabled; preset: disabled)
Active: active (running) since Fri 2023-03-03 15:55:31 UTC; 21min ago
Docs: https://build.opensuse.org/package/show/SUSE:ALP:Workloads/kvm-container
Process: 1388 ExecStartPre=/usr/bin/podman run --env IMAGE=${IMAGE} --rm --privileged -v /:/host ${IMAGE} /bin/bash /container/labe>
Process: 1563 ExecStartPre=/bin/bash /usr/local/bin/kvm-container-manage.sh stop (code=exited, status=1/FAILURE)
Process: 1589 ExecStartPre=/bin/bash /usr/local/bin/kvm-container-manage.sh create (code=exited, status=0/SUCCESS)
Main PID: 1626 (conmon)
Tasks: 1 (limit: 4650)
CPU: 7.180s
CGroup: /system.slice/libvirtd.service
└─1626 /usr/bin/conmon --api-version 1 -c d41cab0cc530a6c3ae1c18d1650a2450b48a0d9882bb3e5fc15dfd43771a5b9f -u d41cab0cc530>
Mar 03 15:55:29 alpvm podman[1614]: 2023-03-03 15:55:29.675532277 +0000 UTC m=+0.234767107 container start d41cab0cc530a6c3ae1c18d1650>
Mar 03 15:55:29 alpvm podman[1614]: libvirtd
Mar 03 15:55:29 alpvm libvirtd[1626]: useradd warning: tester's uid 1000 is greater than SYS_UID_MAX 499
Mar 03 15:55:29 alpvm libvirtd[1626]: New password: Retype new password: passwd: password updated successfully
Mar 03 15:55:29 alpvm libvirtd[1626]: grep: /etc/ssh/sshd_config: No such file or directory
Mar 03 15:55:29 alpvm libvirtd[1626]: Checking for missing server keys in /etc/ssh
Mar 03 15:55:30 alpvm libvirtd[1626]: ssh-keygen: generating new host keys: RSA DSA ECDSA ED25519
Mar 03 15:55:31 alpvm systemd[1]: Started Libvirtd daemon container.
Mar 03 15:55:32 alpvm libvirtd[1626]: Network sle_network started
Mar 03 15:55:32 alpvm libvirtd[1626]:
```
# Setting up a libvirtd container manually
## Create the container
```# kvm-container-manage.sh create
Found local version of kvm-functions
using /etc/kvm-container.conf as configuration file
+ case $1 in
+ create_container
+ podman create --name kvm --tls-verify=false --network host registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/kvm:latest
Trying to pull registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/kvm:latest...
Getting image source signatures
Copying blob 516d2ff9c231 done
Copying blob 01d99e9cadaf done
Copying config 2698f55e87 done
Writing manifest to image destination
Storing signatures
82dc879bc340e20f375cbb1ba67d60b2dd77c6e9029a8459fea318fe2b6639d7
```
## Start the container with kvm-server
```
# kvm-container-manage.sh start
using /etc/kvm-container.conf as configuration file
+ case $1 in
+ podman start kvm
kvm
+ podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b0580df381b0 registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/kvm:latest 3 seconds ago Up Less than a second ago kvm
```
## Install the VM
the '''virt-install''' script should grab the OpenStack VM image openSUSE-Tumbleweed-JeOS.x86_64-OpenStack-Cloud.qcow2
```# virt-install.sh
++ pwd
+ '[' -f /root/SUSE:ALP:Workloads/kvm-container/kvm-container-functions ']'
++ pwd
+ . /root/SUSE:ALP:Workloads/kvm-container/kvm-container-functions
++ CONF=kvm-container.conf
+ check_load_config_file
+ '[' -f kvm-container.conf ']'
+ source kvm-container.conf
++ CONTAINER_NAME=libvirtd
++ IMAGE=registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/kvm:latest
++ DATA=./data
++ LIBVIRTDQEMU=./data/libvirt/qemu
++ APPLIANCE_MIRROR=https://download.opensuse.org/tumbleweed/appliances
++ APPLIANCE=openSUSE-Tumbleweed-JeOS.x86_64-OpenStack-Cloud
++ BACKING_DIR=/var/lib/libvirt/images
++ BACKING_FORMAT=qcow2
++ BACKING_STORE=/var/lib/libvirt/images/openSUSE-Tumbleweed-JeOS.x86_64-OpenStack-Cloud.qcow2
++ DOMAIN=Tumbleweed-JeOS
+ '[' '!' -f ./data/openSUSE-Tumbleweed-JeOS.x86_64-OpenStack-Cloud.qcow2 ']'
++ openssl rand -hex 5
+ RANDOMSTRING=5221fd7860
+ VMNAME=Tumbleweed-JeOS_5221fd7860
+ podman exec -ti libvirtd virt-install --connect qemu:///system --import --name Tumbleweed-JeOS_5221fd7860 --osinfo opensusetumbleweed --virt-type kvm --hvm --machine q35 --boot uefi --cpu host-passthrough --video vga --console pty,target_type=virtio --network network=sle_network --rng /dev/urandom --vcpu 4 --memory 4096 --cloud-init --disk size=6,backing_store=/var/lib/libvirt/images/openSUSE-Tumbleweed-JeOS.x86_64-OpenStack-Cloud.qcow2,backing_format=qcow2,bus=virtio,cache=none --graphics vnc,listen=0.0.0.0
WARNING Defaulting to --cloud-init root-password-generate=yes,disable=yes
Starting install...
Password for first root login is: OPjQok1nlfKp5DRZ
Allocating 'Tumbleweed-JeOS_5221fd7860.qcow2' | 0 B 00:00:00 ...
Creating domain... | 0 B 00:00:00
Running text console command: virsh --connect qemu:///system console Tumbleweed-JeOS_5221fd7860
Connected to domain 'Tumbleweed-JeOS_5221fd7860'
Escape character is ^] (Ctrl + ])
Welcome to openSUSE Tumbleweed 20220919 - Kernel 5.19.8-1-default (hvc0).
eth0: 192.168.10.67 fe80::5054:ff:fe5a:c416
localhost login:
```
To quit the console, the shortcut key is: '''crtl + ]'''
# Play around with the VM
```
# kvm-container-manage.sh virsh list --all
+ case $1 in
+ set +eu
+ podman exec -ti libvirtd virsh list --all
Id Name State
--------------------------------------------
1 Tumbleweed-JeOS_186c8cac70 running
2 Tumbleweed-JeOS_5221fd7860 running
# virsh list
+ podman exec -ti libvirtd virsh list
Id Name State
--------------------------------------------
1 Tumbleweed-JeOS_186c8cac70 running
2 Tumbleweed-JeOS_5221fd7860 running
```
## Connect to the VM from another host
### using virsh and ssh
* The default password for the user '''tester''' use is : "opensuse"
* The default port to access the container using ssh is '''16022'''
```
virsh -c qemu+ssh://tester@YOURHOST:16022/system
```
### using VNC
```
# vncviewer YOURHOST:590[0-9]
```
## Stop the libvirtd container
```
# kvm-container-manage.sh stop
+ case $1 in
+ podman stop libvirtd
libvirtd
+ ip link delete virbr0
+ podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
```
# Uninstall needed files to manage the container
To remove management files from the host:
```
# kvm-container-manage.sh uninstall
Found local version of kvm-functions
using /root/home:aginies:branches:SUSE:ALP:Workloads/kvm-container/kvm-container.conf as configuration file
+ case $1 in
+ podman run --env IMAGE=registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/kvm:latest --rm --privileged -v /:/host registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/kvm:latest /bin/bash /container/label-uninstall
LABEL UNINSTALL: Removing all files
removed '/host/etc/kvm-container.conf'
removed '/host/etc/kvm-container-functions'
removed '/host/usr/local/bin/kvm-container-manage.sh'
removed '/host/usr/local/bin/virsh'
removed '/host/usr/local/bin/virt-install'
.....
```
# Warning
This code is only provided for experimentation.
