我在通过 libvirt/qemu-kvm 执行虚拟化时遇到问题,其中我的桥接网络设置似乎无法正常工作。我按照我能找到的所有教程进行了操作,并花了数小时浏览论坛,但目前毫无进展。
主机和客户机都使用Centos6。
以下是主机的设置:
[root@node2 ~]# ifconfig -a
bridge0 Link encap:Ethernet HWaddr BC:30:5B:E8:C0:4F
inet addr:10.59.190.253 Bcast:10.59.190.255 Mask:255.255.255.0
inet6 addr: fe80::be30:5bff:fee8:c04f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5315 errors:0 dropped:0 overruns:0 frame:0
TX packets:3350 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:316961 (309.5 KiB) TX bytes:3943630 (3.7 MiB)
eth0 Link encap:Ethernet HWaddr BC:30:5B:E8:C0:4F
inet6 addr: fe80::be30:5bff:fee8:c04f/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:5286 errors:0 dropped:0 overruns:0 frame:0
TX packets:5325 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:409939 (400.3 KiB) TX bytes:4095006 (3.9 MiB)
Interrupt:16 Memory:c0000000-c0012800
eth1 Link encap:Ethernet HWaddr BC:30:5B:E8:C0:50
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:17 Memory:c2000000-c2012800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:28 errors:0 dropped:0 overruns:0 frame:0
TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2832 (2.7 KiB) TX bytes:2832 (2.7 KiB)
sit0 Link encap:IPv6-in-IPv4
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
vnet0 Link encap:Ethernet HWaddr FE:54:00:3A:C5:C9
inet6 addr: fe80::fc54:ff:fe3a:c5c9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:492 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 b) TX bytes:29516 (28.8 KiB)
我有两个物理适配器,eth0 和 eth1。eth1 目前未插上电源,在本设置中未使用。eth0 桥接到 bridge0。bridge0 使用 DHCP 获取其网络配置。适配器使用以下配置:
[root@node2 network-scripts]# cat ifcfg-eth0
DEVICE="eth0"
NM_CONTROLLED="no"
ONBOOT=yes
HWADDR=BC:30:5B:E8:C0:4F
BRIDGE=bridge0
[root@node2 network-scripts]# cat ifcfg-bridge0
DEVICE=bridge0
ONBOOT=yes
TYPE=Bridge
BOOTPROTO=dhcp
DELAY=0
NM_CONTROLLED=no
...iptables 设置如下:
[root@node2 network-scripts]# iptables --list-rules
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 5900 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -m physdev --physdev-is-bridged -j ACCEPT
-A FORWARD -m physdev --physdev-is-bridged -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
这就是设置。然后我使用以下命令创建并安装 Centos6 客户机映像:
virt-install --name=centos-bridge-test --disk path=/var/lib/libvirt/images/centos6-minimal,size=5 --vnc --ram=512 --cdrom=/var/lib/libvirt/images/CentOS-6.0-x86_64-minimal.iso --vnclisten=0.0.0.0 -b bridge0
我的理解是,这种设置应该足以使桥接网络“正常工作”,但是,当我使用维尔什命令 (virsh 启动 centos-bridge-test)没有网络连接。
以下是 libvirt 域的 xml 转储:
[root@node2 network-scripts]# virsh dumpxml centos-bridge-test
<domain type='kvm' id='7'>
<name>centos-bridge-test</name>
<uuid>5d611267-2feb-c6f7-7a48-29f9695a4a75</uuid>
<memory>524288</memory>
<currentMemory>524288</currentMemory>
<vcpu>1</vcpu>
<os>
<type arch='x86_64' machine='rhel6.0.0'>hvm</type>
<boot dev='hd'/>
</os>
<features>
<acpi/>
<apic/>
<pae/>
</features>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<devices>
<emulator>/usr/libexec/qemu-kvm</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='raw' cache='none'/>
<source file='/var/lib/libvirt/images/centos6-minimal'/>
<target dev='hda' bus='ide'/>
<alias name='ide0-0-0'/>
<address type='drive' controller='0' bus='0' unit='0'/>
</disk>
<disk type='block' device='cdrom'>
<driver name='qemu' type='raw'/>
<target dev='hdc' bus='ide'/>
<readonly/>
<alias name='ide0-1-0'/>
<address type='drive' controller='0' bus='1' unit='0'/>
</disk>
<controller type='ide' index='0'>
<alias name='ide0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
</controller>
<interface type='bridge'>
<mac address='52:54:00:3a:c5:c9'/>
<source bridge='bridge0'/>
<target dev='vnet0'/>
<alias name='net0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>
<serial type='pty'>
<source path='/dev/pts/1'/>
<target port='0'/>
<alias name='serial0'/>
</serial>
<console type='pty' tty='/dev/pts/1'>
<source path='/dev/pts/1'/>
<target port='0'/>
<alias name='serial0'/>
</console>
<input type='mouse' bus='ps2'/>
<graphics type='vnc' port='5900' autoport='yes' listen='0.0.0.0' keymap='en-gb'/>
<video>
<model type='cirrus' vram='9216' heads='1'/>
<alias name='video0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
</video>
<memballoon model='virtio'>
<alias name='balloon0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
</memballoon>
</devices>
<seclabel type='dynamic' model='selinux'>
<label>system_u:system_r:svirt_t:s0:c384,c608</label>
<imagelabel>system_u:object_r:svirt_image_t:s0:c384,c608</imagelabel>
</seclabel>
</domain>
该接口似乎设置正确(从查看libvirt文档)。
因此,每当我启动客户机时,就没有网络连接。
[root@localhost ~]# ifconfig -a
eth0 Link encap:Ehternet HWaddr 52:54:00:3A:C5:C9
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:10 Base address:0x6000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
编辑:请注意,eth0 不在这里,所以我一直在运行ifup eth0使适配器启动,然后给出以下输出:
[root@localhost ~]# ifconfig -a
eth0 Link encap:Ehternet HWaddr 52:54:00:3A:C5:C9
inet6 addr: fe80::5054:ff:fe3a:c5c9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets65 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3896 (3.8 KiB) TX bytes:398 (398.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
...当我尝试访问内部或外部地址的网络时,我得到了以下信息:
[root@localhost ~]# ping 10.59.190.253
connect: Network is unreachable
[root@localhost ~]# ping www.google.com
ping: unknown host www.google.com
[root@localhost ~]# ping 173.194.66.99
connect: Network is unreachable
附加信息:以下是针对此问题的评论要求提供的一些附加信息。这些命令是从主机运行的,而客户机当前正在运行:
[root@node2 network-scripts]# brctl show
bridge name bridge id STP enabled interfaces
bridge0 8000.bc305be8c04f no eth0
vnet0
[root@node2 network-scripts]# ps -ef | grep qemu
qemu 1597 1 0 11:28 ? 00:00:25 /usr/libexec/qemu-kvm -S -M rhel6.0.0 -enable-kvm -m 512 -smp 1,sockets=1,cores=1,threads=1 -name centos-bridge-test -uuid 5d611267-2feb-c6f7-7a48-29f9695a4a75 -nodefconfig -nodefaults -chardev socket,id=monitor,path=/var/lib/libvirt/qemu/centos-bridge-test.monitor,server,nowait -mon chardev=monitor,mode=control -rtc base=utc -boot c -drive file=/var/lib/libvirt/images/centos6-minimal,if=none,id=drive-ide0-0-0,boot=on,format=raw,cache=none -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -netdev tap,fd=20,id=hostnet0 -device rtl8139,netdev=hostnet0,id=net0,mac=52:54:00:3a:c5:c9,bus=pci.0,addr=0x3 -chardev pty,id=serial0 -device isa-serial,chardev=serial0 -usb -vnc 0.0.0.0:0 -k en-gb -vga cirrus -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x4
root 2815 32057 0 14:31 pts/0 00:00:00 grep qemu
我非常感激此刻任何可能的帮助!如果您需要我提供任何进一步的配置等,请告诉我。
编辑:我使用的是 Centos6 的最小安装,因此没有安装任何窗口管理器,因此我尝试通过 virsh 和 virsh-install 完成所有操作,并希望尽量避免使用 virsh-manager。谢谢。
答案1
这个问题的答案是,因为我在客户机上安装了非图形化的 Centos 6 minimal,所以网络接口没有自动设置为工作。由于我对虚拟化和 Centos 缺乏了解,我以为这个问题会自己解决,但这个假设是错误的。
使固定:我需要进入ifcfg-eth0客人并打开ONBOOT=是和BOOTPROTO=dhcp,然后通过重新启动网络适配器否然后ifup eth0完成此操作后,来宾收到了 IP 地址,并且一切都按预期运行。
答案2
好的,设置似乎没问题。剩下的就是
1. 尝试完全禁用 iptables 2. 将网络设备从 RTL 切换到 virtio
以下是我通常设置 IPTables 的方法:http://fpaste.org/OKG5/