上一篇博客我们主要聊了下virsh 管理kvm虚拟机的命令相关用法和说明,回顾请参考https://www.cnblogs.com/qiuhom-1874/p/13508231.html;今天我们来继续说virsh 管理kvm虚拟机的话题;

  1、virsh 监控kvm虚拟机相关命令

  virsh domblklist:列出指定虚拟机上的磁盘信息

[root@node1 ~]# virsh help domblklist
NAME
domblklist - 列出所有域块 SYNOPSIS
domblklist <domain> [--inactive] [--details] DESCRIPTION
获取域块设备小结 OPTIONS
[--domain] <string> domain name, id or uuid
--inactive 获取不活跃而不是运行的配置
--details type 和 device 值的附加显示 [root@node1 ~]# virsh list --all
Id 名称 状态
----------------------------------------------------
3 centos7.0 running
4 c2 running
6 generic running [root@node1 ~]# virsh domblklist c2
目标 源
------------------------------------------------
vda /kvm/images/c2.qcow2
hda - [root@node1 ~]# virsh domblklist generic
目标 源
------------------------------------------------
hda /kvm/images/cirros-0.5.0-x86_64-disk.img [root@node1 ~]#

  virsh domiflist:列出指定虚拟机上的所有网卡

[root@node1 ~]# virsh help domiflist
NAME
domiflist - 列出所有域虚拟接口 SYNOPSIS
domiflist <domain> [--inactive] DESCRIPTION
获取域虚拟接口小结 OPTIONS
[--domain] <string> domain name, id or uuid
--inactive 获取不活跃而不是运行的配置 [root@node1 ~]# virsh domiflist generic
接口 类型 源 型号 MAC
-------------------------------------------------------
vnet2 network default rtl8139 52:54:00:3e:3f:71 [root@node1 ~]# virsh domiflist centos7.0
接口 类型 源 型号 MAC
-------------------------------------------------------
vnet0 network default virtio 52:54:00:e3:8d:11 [root@node1 ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.41 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::20c:29ff:fe9a:dbd6 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:9a:db:d6 txqueuelen 1000 (Ethernet)
RX packets 113557 bytes 34709850 (33.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 111108 bytes 27361452 (26.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 132700 bytes 348628216 (332.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 132700 bytes 348628216 (332.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 virbr0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:45:06:15 txqueuelen 1000 (Ethernet)
RX packets 2042 bytes 130515 (127.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1028 bytes 83137 (81.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 vnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::fc54:ff:fee3:8d11 prefixlen 64 scopeid 0x20<link>
ether fe:54:00:e3:8d:11 txqueuelen 1000 (Ethernet)
RX packets 571 bytes 46596 (45.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 11055 bytes 593226 (579.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 vnet1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::fc54:ff:fee3:8521 prefixlen 64 scopeid 0x20<link>
ether fe:54:00:e3:85:21 txqueuelen 1000 (Ethernet)
RX packets 314 bytes 24074 (23.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6210 bytes 333740 (325.9 KiB)
TX errors 0 dropped 4072 overruns 0 carrier 0 collisions 0 vnet2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::fc54:ff:fe3e:3f71 prefixlen 64 scopeid 0x20<link>
ether fe:54:00:3e:3f:71 txqueuelen 1000 (Ethernet)
RX packets 741 bytes 56211 (54.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4711 bytes 248155 (242.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@node1 ~]#

  提示:从上面的信息可以看到kvm虚拟机上的网卡都对应在宿主机上的一个虚拟网卡 ;

  virsh domifaddr:获取指定虚拟机上的ip地址

[root@node1 ~]# virsh help domifaddr
NAME
domifaddr - Get network interfaces' addresses for a running domain SYNOPSIS
domifaddr <domain> [--interface <string>] [--full] [--source <string>] DESCRIPTION
Get network interfaces' addresses for a running domain OPTIONS
[--domain] <string> domain name, id or uuid
--interface <string> network interface name
--full always display names and MACs of interfaces
--source <string> address source: 'lease', 'agent', or 'arp' [root@node1 ~]# virsh domifaddr c2
名称 MAC 地址 Protocol Address
-------------------------------------------------------------------------------
vnet1 52:54:00:e3:85:21 ipv4 192.168.122.168/24 [root@node1 ~]# virsh domifaddr centos7.0
名称 MAC 地址 Protocol Address
-------------------------------------------------------------------------------
vnet0 52:54:00:e3:8d:11 ipv4 192.168.122.222/24 [root@node1 ~]# virsh domifaddr generic
名称 MAC 地址 Protocol Address
-------------------------------------------------------------------------------
vnet2 52:54:00:3e:3f:71 ipv4 192.168.122.4/24 [root@node1 ~]#

  virsh domifstat:统计指定虚拟机上的网卡状态信息

[root@node1 ~]# virsh help domifstat
NAME
domifstat - 获得域网络接口状态 SYNOPSIS
domifstat <domain> <interface> DESCRIPTION
获得运行域的网络接口状态。 OPTIONS
[--domain] <string> domain name, id or uuid
[--interface] <string> interface device specified by name or MAC Address [root@node1 ~]# virsh domiflist c2
接口 类型 源 型号 MAC
-------------------------------------------------------
vnet1 network default virtio 52:54:00:e3:85:21 [root@node1 ~]# virsh domifstat c2 vnet1
vnet1 rx_bytes 345156
vnet1 rx_packets 6429
vnet1 rx_errs 0
vnet1 rx_drop 4072
vnet1 tx_bytes 24206
vnet1 tx_packets 316
vnet1 tx_errs 0
vnet1 tx_drop 0 [root@node1 ~]#

  virsh dominfo:获取指定虚拟机的相关信息

[root@node1 ~]# virsh  help dominfo
NAME
dominfo - 域信息 SYNOPSIS
dominfo <domain> DESCRIPTION
返回这个域的基本信息。 OPTIONS
[--domain] <string> domain name, id or uuid [root@node1 ~]# virsh dominfo c2
Id: 4
名称: c2
UUID: 10d61aa8-b0fa-4433-a733-00a8721bee01
OS 类型: hvm
状态: running
CPU: 2
CPU 时间: 188.1s
最大内存: 2097152 KiB
使用的内存: 2097152 KiB
持久: 是
自动启动: 禁用
管理的保存: 否
安全性模式: none
安全性 DOI: 0 [root@node1 ~]#

  virsh dommemstat:获取指定虚拟机内存相关状态信息

[root@node1 ~]# virsh help dommemstat
NAME
dommemstat - 获取域的内存统计 SYNOPSIS
dommemstat <domain> [--period <number>] [--config] [--live] [--current] DESCRIPTION
获取运行域的内存统计 OPTIONS
[--domain] <string> domain name, id or uuid
--period <number> 以秒为单位设定集合期限
--config 影响下一次引导
--live 影响运行的域
--current 影响当前域 [root@node1 ~]# virsh dommemstat c2
actual 2097152
swap_in 0
swap_out 0
major_fault 201
minor_fault 176924
unused 1761832
available 1883456
last_update 1597490486
rss 455384 [root@node1 ~]# virsh dommemstat centos7.0
actual 2097152
swap_in 0
swap_out 0
major_fault 179
minor_fault 169193
unused 1761272
available 1883456
last_update 1597480749
rss 560324 [root@node1 ~]#

  virsh domstate:获取指定虚拟机的状态信息

[root@node1 ~]# virsh help domstate
NAME
domstate - 域状态 SYNOPSIS
domstate <domain> [--reason] DESCRIPTION
返回某个域的状态。 OPTIONS
[--domain] <string> domain name, id or uuid
--reason 同时输出状态原因 [root@node1 ~]# virsh domstate centos7.0
running [root@node1 ~]# virsh domstate centos7.0 --reason
running (已引导) [root@node1 ~]#

  virsh domstats:显示指定虚拟机的详细状态信息,如果不知道虚拟机表示显示当前宿主机上的所有虚拟机的详细状态信息

[root@node1 ~]# virsh help domstats
NAME
domstats - get statistics about one or multiple domains SYNOPSIS
domstats [--state] [--cpu-total] [--balloon] [--vcpu] [--interface] [--block] [--perf] [--list-active] [--list-inactive] [--list-persistent] [--list-transient] [--list-running] [--list-paused] [--list-shutoff] [--list-other] [--raw] [--enforce] [--backing] [--nowait] [<domain>]... DESCRIPTION
Gets statistics about one or more (or all) domains OPTIONS
--state report domain state
--cpu-total report domain physical cpu usage
--balloon report domain balloon statistics
--vcpu report domain virtual cpu information
--interface report domain network interface information
--block report domain block device statistics
--perf report domain perf event statistics
--list-active list only active domains
--list-inactive list only inactive domains
--list-persistent list only persistent domains
--list-transient list only transient domains
--list-running list only running domains
--list-paused list only paused domains
--list-shutoff list only shutoff domains
--list-other list only domains in other states
--raw do not pretty-print the fields
--enforce enforce requested stats parameters
--backing add backing chain information to block stats
--nowait report only stats that are accessible instantly
<domain> list of domains to get stats for [root@node1 ~]# virsh domstats centos7.0
Domain: 'centos7.0'
state.state=1
state.reason=1
cpu.time=108764965089
cpu.user=850000000
cpu.system=14010000000
balloon.current=2097152
balloon.maximum=2097152
balloon.swap_in=0
balloon.swap_out=0
balloon.major_fault=187
balloon.minor_fault=174029
balloon.unused=1758704
balloon.available=1883456
balloon.last-update=1597581679
balloon.rss=561212
vcpu.current=2
vcpu.maximum=2
vcpu.0.state=1
vcpu.0.time=39050000000
vcpu.0.wait=0
vcpu.1.state=1
vcpu.1.time=14570000000
vcpu.1.wait=0
net.count=1
net.0.name=vnet1
net.0.rx.bytes=142006
net.0.rx.pkts=2577
net.0.rx.errs=0
net.0.rx.drop=0
net.0.tx.bytes=17972
net.0.tx.pkts=222
net.0.tx.errs=0
net.0.tx.drop=0
block.count=2
block.0.name=vda
block.0.path=/var/lib/libvirt/images/centos7.0.qcow2
block.0.rd.reqs=6517
block.0.rd.bytes=150312448
block.0.rd.times=32776473520
block.0.wr.reqs=647
block.0.wr.bytes=13009920
block.0.wr.times=10069609744
block.0.fl.reqs=238
block.0.fl.times=938612582
block.0.allocation=16855924224
block.0.capacity=21474836480
block.0.physical=21478379520
block.1.name=hda
block.1.rd.reqs=3
block.1.rd.bytes=82
block.1.rd.times=227269
block.1.wr.reqs=0
block.1.wr.bytes=0
block.1.wr.times=0
block.1.fl.reqs=0
block.1.fl.times=0
block.1.allocation=0
block.1.physical=0 [root@node1 ~]#

  提示:如果想知获取某一对象的的详细信息可以在后面跟对应的选项来做过滤;

[root@node1 ~]# virsh domstats centos7.0 --interface  --balloon
Domain: 'centos7.0'
balloon.current=2097152
balloon.maximum=2097152
balloon.swap_in=0
balloon.swap_out=0
balloon.major_fault=187
balloon.minor_fault=174029
balloon.unused=1758704
balloon.available=1883456
balloon.last-update=1597581679
balloon.rss=561468
net.count=1
net.0.name=vnet1
net.0.rx.bytes=148978
net.0.rx.pkts=2710
net.0.rx.errs=0
net.0.rx.drop=0
net.0.tx.bytes=18326
net.0.tx.pkts=227
net.0.tx.errs=0
net.0.tx.drop=0 [root@node1 ~]#

  提示:如果指定多个选项,他们之间是或关系,就是只显示指定选项的内容;

  virsh domif-getlink:获取指定虚拟机的指定接口状态

[root@node1 ~]# virsh help domif-getlink
NAME
domif-getlink - 获取虚拟接口链接状态 SYNOPSIS
domif-getlink <domain> <interface> [--config] DESCRIPTION
获取域虚拟接口链接状态 OPTIONS
[--domain] <string> domain name, id or uuid
[--interface] <string> 接口失败 (MAC 地址)
--config 获取持续接口状态 [root@node1 ~]# virsh domif-getlink c2 vnet1
vnet1 up
[root@node1 ~]#

  virsh domblkinfo:获取指定虚拟机的磁盘大小信息

[root@node1 ~]# virsh domblkinfo centos7.0
错误:command 'domblkinfo' requires <device> option [root@node1 ~]#
[root@node1 ~]# virsh help domblkinfo
NAME
domblkinfo - 域块设备大小信息 SYNOPSIS
domblkinfo <domain> [--device <string>] [--human] [--all] DESCRIPTION
获取域块设备大小信息 OPTIONS
[--domain] <string> domain name, id or uuid
--device <string> 阻止设备
--human Human readable output
--all display all block devices info [root@node1 ~]# virsh domblklist c2
目标 源
------------------------------------------------
vda /kvm/images/c2.qcow2
hda - [root@node1 ~]# virsh domblkinfo c2 vda
容量: 21474836480
分配: 21478375424
物理: 21478375424 [root@node1 ~]# virsh domblkinfo c2 vda --human
容量: 20.000 GiB
分配: 20.003 GiB
物理: 20.003 GiB [root@node1 ~]#

  virsh domblkerror:列出指定虚拟机上的指定磁盘的错误信息

[root@node1 ~]# virsh help domblkerror
NAME
domblkerror - 在块设备中显示错误 SYNOPSIS
domblkerror <domain> DESCRIPTION
显示块设备错误 OPTIONS
[--domain] <string> domain name, id or uuid [root@node1 ~]# virsh domblkerror c2
未找到错误 [root@node1 ~]# virsh domblkerror centos7.0
未找到错误 [root@node1 ~]#

  virsh domcontrol:获取指定虚拟机上的控制接口状态信息

[root@node1 ~]# virsh help domcontrol
NAME
domcontrol - 域控制接口状态 SYNOPSIS
domcontrol <domain> DESCRIPTION
向域返回控制接口状态 OPTIONS
[--domain] <string> domain name, id or uuid [root@node1 ~]# virsh domcontrol centos7.0
确定 [root@node1 ~]# virsh domcontrol generic
确定 [root@node1 ~]#

  提示:我这里显示的是中文,正常情况就是ok状态;

  以上命令主要是用于监控虚拟机上的各种状态相关的命令,我们可以基于上面的命令写成脚本,然后实现批量的获取多个虚拟机的状态信息;

  2、virsh管理网络相关命令

  virsh net-list:列出网络

[root@node1 ~]# virsh help net-list
NAME
net-list - 列出网络 SYNOPSIS
net-list [--inactive] [--all] [--persistent] [--transient] [--autostart] [--no-autostart] [--uuid] [--name] [--table] DESCRIPTION
返回网络列表 OPTIONS
--inactive 列出不活跃的网络
--all 列出不活跃和活跃的网络
--persistent 列出持久网络
--transient 列出临时网络
--autostart 列出启用 autostart 的网络
--no-autostart 列出禁用 autostart 的网络
--uuid 只列出 uuid
--name list network names only
--table 列出表格(默认) [root@node1 ~]# virsh net-list
名称 状态 自动开始 持久
----------------------------------------------------------
default 活动 是 是 [root@node1 ~]#

  提示:默认是以表格的形式列出激活的网络,如果要指定列出某种状态的网络,后面可以跟选项;从上面的信息可以看到当前只有一个默认的网络,处于活跃状态并且是自动启动;

  virsh net-dumpxml:显示指定网络的配置文件内容到标准输出;

[root@node1 ~]# virsh  help net-dumpxml
NAME
net-dumpxml - XML 中的网络信息 SYNOPSIS
net-dumpxml <network> [--inactive] DESCRIPTION
把网络信息作为一个 XML 输出到 stdout。 OPTIONS
[--network] <string> 网络名或 uuid
--inactive 显示不活跃定义的 XML [root@node1 ~]# virsh net-dumpxml default
<network connections='3'>
<name>default</name>
<uuid>958c004e-7aa9-483e-a79e-c62884e88a08</uuid>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr0' stp='on' delay='0'/>
<mac address='52:54:00:45:06:15'/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.2' end='192.168.122.254'/>
</dhcp>
</ip>
</network> [root@node1 ~]#

  提示:通过上述命令我们可以把指定的某个网络导出,然后基于这个网络文件来当做模板文件,此后如果要创建一个网络,我们直接复制这个模板,然后修改私有的信息即可生成一个我们需要创建的网络的配置文件;

  virsh net-define:从指定xml配置文件定义一个网络或者基于指定xml来修改现有网络;类似virsh define命令的用法;

  示例:导出现有配置,修改ip地址,然后基于这个导出的配置来使用virsh net-define创建一个网络

[root@node1 ~]# virsh net-dumpxml default >default.xml
[root@node1 ~]# cp default.xml test.xml
[root@node1 ~]# diff default.xml test.xml
2,3c2
< <name>default</name>
< <uuid>958c004e-7aa9-483e-a79e-c62884e88a08</uuid>
---
> <name>test</name>
9,11c8,10
< <bridge name='virbr0' stp='on' delay='0'/>
< <mac address='52:54:00:45:06:15'/>
< <ip address='192.168.122.1' netmask='255.255.255.0'>
---
> <bridge name='virbr1' stp='on' delay='0'/>
> <mac address='52:54:00:45:06:16'/>
> <ip address='192.168.12.1' netmask='255.255.255.0'>
13c12
< <range start='192.168.122.2' end='192.168.122.254'/>
---
> <range start='192.168.12.2' end='192.168.12.254'/>
[root@node1 ~]# cat test.xml
<network connections='3'>
<name>test</name>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr1' stp='on' delay='0'/>
<mac address='52:54:00:45:06:16'/>
<ip address='192.168.12.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.12.2' end='192.168.12.254'/>
</dhcp>
</ip>
</network> [root@node1 ~]#

  提示:通常我们需要修改网络的名称,删除uuid,让其创建时自动生成,指定ip地址,修改mac地址以及dhcp地址池,网桥名称以及网络的类型;

[root@node1 ~]# virsh help net-define
NAME
net-define - define an inactive persistent virtual network or modify an existing persistent one from an XML file SYNOPSIS
net-define <file> DESCRIPTION
Define or modify a persistent virtual network. OPTIONS
[--file] <string> 文件包括一个 XML网络描述 [root@node1 ~]# virsh net-define test.xml
从 test定义网络test.xml [root@node1 ~]# virsh net-list
名称 状态 自动开始 持久
----------------------------------------------------------
default 活动 是 是 [root@node1 ~]# virsh net-list --all
名称 状态 自动开始 持久
----------------------------------------------------------
default 活动 是 是
test 不活跃 否 是 [root@node1 ~]#

  提示:默认情况用define定义一个网络它并不会激活;

  virsh net-start:激活指定网络

[root@node1 ~]# virsh help net-start
NAME
net-start - 开始一个(以前定义的)不活跃的网络 SYNOPSIS
net-start <network> DESCRIPTION
开始一个网络. OPTIONS
[--network] <string> 网络名或 uuid [root@node1 ~]# virsh net-start test
网络 test 已开始 [root@node1 ~]# virsh net-list
名称 状态 自动开始 持久
----------------------------------------------------------
default 活动 是 是
test 活动 否 是 [root@node1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:9a:db:d6 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.41/24 brd 192.168.0.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe9a:dbd6/64 scope link
valid_lft forever preferred_lft forever
3: virbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 52:54:00:45:06:15 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
link/ether 52:54:00:45:06:15 brd ff:ff:ff:ff:ff:ff
5: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr0 state UNKNOWN qlen 1000
link/ether fe:54:00:3e:3f:71 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc54:ff:fe3e:3f71/64 scope link
valid_lft forever preferred_lft forever
6: vnet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr0 state UNKNOWN qlen 1000
link/ether fe:54:00:e3:8d:11 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc54:ff:fee3:8d11/64 scope link
valid_lft forever preferred_lft forever
7: vnet2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr0 state UNKNOWN qlen 1000
link/ether fe:54:00:e3:85:21 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc54:ff:fee3:8521/64 scope link
valid_lft forever preferred_lft forever
8: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether 52:54:00:45:06:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.12.1/24 brd 192.168.12.255 scope global virbr1
valid_lft forever preferred_lft forever
9: virbr1-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr1 state DOWN qlen 1000
link/ether 52:54:00:45:06:16 brd ff:ff:ff:ff:ff:ff
[root@node1 ~]#

  提示:可以看到指定test网络已经激活并且在宿主机上创建了一个virbr1的网桥和virbr1-nic的网卡,其实virbr1就是我们在配置文件中指定的网桥,在配置文件中指定的网桥必须未使用,如果指定网桥不存在则创建,而virbr1-nic这张网卡就是直接桥接到virbr1上;

  测试:创建一个基于test网络的虚拟机,名为c3

[root@node1 ~]# cd /etc/libvirt/qemu/
[root@node1 ~]# ls
autostart c2.xml centos7.0.xml generic.xml networks
[root@node1 qemu]# cp c2.xml c3.xml
[root@node1 qemu]# cd /kvm/images/
[root@node1 images]# ls
c1.qcow2 c2.qcow2 cirros-0.5.0-x86_64-disk.img
[root@node1 images]# cp c2.qcow2 c3.qcow2
[root@node1 images]# diff /etc/libvirt/qemu/c2.xml /etc/libvirt/qemu/c3.xml
9c9
< <name>c2</name>
---
> <name>c3</name>
40c40
< <source file='/kvm/images/c2.qcow2'/>
---
> <source file='/kvm/images/c3.qcow2'/>
73,74c73,74
< <mac address='52:54:00:e3:85:21'/>
< <source network='default'/>
---
> <mac address='52:54:00:e3:86:e1'/>
> <source network='test'/>
[root@node1 images]# virsh define /etc/libvirt/qemu/c3.xml
定义域 c3(从 /etc/libvirt/qemu/c3.xml) [root@node1 images]# virsh list --all
Id 名称 状态
----------------------------------------------------
1 generic running
2 centos7.0 running
3 c2 running
- c3 关闭 [root@node1 images]# virsh start c3
域 c3 已开始 [root@node1 images]#

  验证:连接至c3控制台,查看其ip地址是否是test网络?是否能够ping通virbr1?网关是否是virbr1?

[root@node1 images]# virsh domifaddr c3
名称 MAC 地址 Protocol Address
-------------------------------------------------------------------------------
vnet3 52:54:00:e3:86:e1 ipv4 192.168.12.179/24 [root@node1 images]# ssh 192.168.12.179
The authenticity of host '192.168.12.179 (192.168.12.179)' can't be established.
ECDSA key fingerprint is SHA256:heUVB8InZ+56B+vMgUz+B7Uus4EgklEU9DVeywf1Z7s.
ECDSA key fingerprint is MD5:0b:b1:75:a4:2b:ba:cf:f1:ac:51:cb:76:2a:74:89:42.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.12.179' (ECDSA) to the list of known hosts.
[email protected]'s password:
Last login: Sun Aug 16 09:46:30 2020
[root@localhost ~]# ping 192.168.12.1
PING 192.168.12.1 (192.168.12.1) 56(84) bytes of data.
64 bytes from 192.168.12.1: icmp_seq=1 ttl=64 time=0.514 ms
64 bytes from 192.168.12.1: icmp_seq=2 ttl=64 time=0.585 ms
^C
--- 192.168.12.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.514/0.549/0.585/0.042 ms
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.12.1 0.0.0.0 UG 100 0 0 eth0
192.168.12.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
[root@localhost ~]# exit
登出
Connection to 192.168.12.179 closed.
[root@node1 images]#

  提示:从上面的信息可以看到基于test网络创建的虚拟机,其内部获取的地址是我们在test网络配置文件中指定的dhcp地址池,网关地址是virbr1的地址;

[root@node1 ~]# brctl show
bridge name bridge id STP enabled interfaces
virbr0 8000.525400450615 yes virbr0-nic
vnet0
vnet1
vnet2
virbr1 8000.525400450616 yes virbr1-nic
vnet3
[root@node1 ~]# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 239 packets, 21179 bytes)
pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 68 packets, 8639 bytes)
pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 86 packets, 6827 bytes)
pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 86 packets, 6827 bytes)
pkts bytes target prot opt in out source destination
2 180 RETURN all -- * * 192.168.12.0/24 224.0.0.0/24
1 328 RETURN all -- * * 192.168.12.0/24 255.255.255.255
29 1740 MASQUERADE tcp -- * * 192.168.12.0/24 !192.168.12.0/24 masq ports: 1024-65535
94 7144 MASQUERADE udp -- * * 192.168.12.0/24 !192.168.12.0/24 masq ports: 1024-65535
1 84 MASQUERADE all -- * * 192.168.12.0/24 !192.168.12.0/24
2 267 RETURN all -- * * 192.168.122.0/24 224.0.0.0/24
0 0 RETURN all -- * * 192.168.122.0/24 255.255.255.255
80 4800 MASQUERADE tcp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
269 20444 MASQUERADE udp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
0 0 MASQUERADE all -- * * 192.168.122.0/24 !192.168.122.0/24
[root@node1 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 100 0 0 ens33
192.168.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.12.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr1
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
[root@node1 ~]# ip a l vnet3
10: vnet3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr1 state UNKNOWN qlen 1000
link/ether fe:54:00:e3:86:e1 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc54:ff:fee3:86e1/64 scope link
valid_lft forever preferred_lft forever
[root@node1 ~]#

  提示:如果我们在基于test网络创建虚拟机,它也会把虚拟机的虚拟网卡桥接到virbr1上,如果我们指定的网络类型是nat类型并开启了dhcp,它默认会把虚拟机的网关指向virbr1;并且在宿主机上的iptables的nat表中会添加SNAT规则,正因为这些iptables规则才使得虚拟机可以上外网;

  virsh net-info:查看指定网络的简要信息

[root@node1 ~]# virsh help net-info
NAME
net-info - 网络信息 SYNOPSIS
net-info <network> DESCRIPTION
返回关于这个网络的基本信息。 OPTIONS
[--network] <string> 网络名或 uuid [root@node1 ~]# virsh net-info test
名称: test
UUID: be2af58a-c8cd-4b73-8ee3-36cb3fe9566b
活跃: 是
持久: 是
自动启动: 否
桥接: virbr1 [root@node1 ~]#

  virsh net-autostart:标记指定网络为自动启动

[root@node1 ~]# virsh help net-autostart
NAME
net-autostart - 自动开始网络 SYNOPSIS
net-autostart <network> [--disable] DESCRIPTION
设置一个网络在启动时自动开始. OPTIONS
[--network] <string> 网络名或 uuid
--disable 禁止自动启动 [root@node1 ~]# virsh net-autostart test
网络test标记为自动启动 [root@node1 ~]# virsh net-info test
名称: test
UUID: be2af58a-c8cd-4b73-8ee3-36cb3fe9566b
活跃: 是
持久: 是
自动启动: 是
桥接: virbr1 [root@node1 ~]#

  virsh net-name:把指定uuid解析成名称

[root@node1 ~]# virsh net-info test
名称: test
UUID: be2af58a-c8cd-4b73-8ee3-36cb3fe9566b
活跃: 是
持久: 是
自动启动: 是
桥接: virbr1 [root@node1 ~]# virsh help net-name
NAME
net-name - 把一个网络UUID 转换为网络名 SYNOPSIS
net-name <network> OPTIONS
[--network] <string> 网络uuid [root@node1 ~]# virsh net-name be2af58a-c8cd-4b73-8ee3-36cb3fe9566b
test [root@node1 ~]#

  virsh net-uuid:把指定网络名称解析成uuid

[root@node1 ~]# virsh help net-uuid
NAME
net-uuid - 把一个网络名转换为网络UUID SYNOPSIS
net-uuid <network> OPTIONS
[--network] <string> 网络名 [root@node1 ~]# virsh net-uuid test
be2af58a-c8cd-4b73-8ee3-36cb3fe9566b [root@node1 ~]#

  virsh net-dhcp-leases:将指定网络的dhcp的租赁信息;

[root@node1 ~]# virsh help net-dhcp-leases
NAME
net-dhcp-leases - print lease info for a given network SYNOPSIS
net-dhcp-leases <network> [--mac <string>] DESCRIPTION
Print lease info for a given network OPTIONS
[--network] <string> 网络名或 uuid
--mac <string> MAC 地址 [root@node1 ~]# virsh net-dhcp-leases test
Expiry Time MAC 地址 Protocol IP address Hostname Client ID or DUID
-------------------------------------------------------------------------------------------------------------------
2020-08-16 23:27:20 52:54:00:e3:86:e1 ipv4 192.168.12.179/24 - - [root@node1 ~]# virsh net-dhcp-leases default
Expiry Time MAC 地址 Protocol IP address Hostname Client ID or DUID
-------------------------------------------------------------------------------------------------------------------
2020-08-16 23:32:45 52:54:00:3e:3f:71 ipv4 192.168.122.4/24 cirros 01:52:54:00:3e:3f:71
2020-08-16 23:11:38 52:54:00:e3:85:21 ipv4 192.168.122.168/24 - -
2020-08-16 23:14:35 52:54:00:e3:8d:11 ipv4 192.168.122.222/24 - - [root@node1 ~]#

  virsh net-edit:编辑指定虚拟机的配置文件;

虚拟化技术之kvm管理工具virsh常用基础命令(二)-LMLPHP

  提示:使用virsh net-edit,它默认就会去打开指定网络的配置文件,我们可以编辑这个配置文件来创建一个网络,也可以更改对应网络的配置,然后重新对取配置文件使对应配置生效;

  编辑test网络配置文件的dhcp地址池地址和virbr1的地址;

[root@node1 ~]# virsh net-edit test
<network>
<name>test</name>
<uuid>f9452d96-55fa-4dbf-ad9c-b1ba99b7f2ad</uuid>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr1' stp='on' delay='0'/>
<mac address='52:54:00:45:06:16'/>
<ip address='192.168.11.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.11.2' end='192.168.11.254'/>
</dhcp>
</ip>
</network>
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
"/tmp/virshJaE8MT.xml" 16L, 413C written
已编辑网络 test XML 配置 [root@node1 ~]# cat /etc/libvirt/qemu/networks/test.xml
<!--
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
virsh net-edit test
or other application using the libvirt API.
--> <network>
<name>test</name>
<uuid>f9452d96-55fa-4dbf-ad9c-b1ba99b7f2ad</uuid>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr1' stp='on' delay='0'/>
<mac address='52:54:00:45:06:16'/>
<ip address='192.168.11.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.11.2' end='192.168.11.254'/>
</dhcp>
</ip>
</network>
[root@node1 ~]# virsh net-info test
名称: test
UUID: f9452d96-55fa-4dbf-ad9c-b1ba99b7f2ad
活跃: 是
持久: 是
自动启动: 否
桥接: virbr1 [root@node1 ~]# ip a l virbr1
13: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether 52:54:00:45:06:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.12.1/24 brd 192.168.12.255 scope global virbr1
valid_lft forever preferred_lft forever
[root@node1 ~]#

  提示:默认修改了指定活跃网络的配置文件后是不会马上生效的;创建持久网络后,默认配置文件存放在/etc/libvirt/qemu/network/目录下和对应网络名称同名的xml格式文件;

  让指定网络重读配置文件生效

[root@node1 ~]# virsh net-list
名称 状态 自动开始 持久
----------------------------------------------------------
default 活动 是 是
test 活动 否 是 [root@node1 ~]# virsh net-destroy test
网络 test 被删除 [root@node1 ~]# virsh net-list
名称 状态 自动开始 持久
----------------------------------------------------------
default 活动 是 是 [root@node1 ~]# virsh net-list --all
名称 状态 自动开始 持久
----------------------------------------------------------
default 活动 是 是
test 不活跃 否 是 [root@node1 ~]# virsh net-start test
网络 test 已开始 [root@node1 ~]# ip a l virbr1
15: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether 52:54:00:45:06:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.11.1/24 brd 192.168.11.255 scope global virbr1
valid_lft forever preferred_lft forever
[root@node1 ~]#

  提示:让其重读配置文件的方式我们只有重启网络,所以上面的操作上先停止对应网络,然后在启动对应网络;virsh net-destory命令是删除指定活跃状态的网络,就相当于停止操作;

  验证:对应网络上的虚拟机地址会发生更新吗?

[root@node1 ~]# virsh domifaddr c3
名称 MAC 地址 Protocol Address
------------------------------------------------------------------------------- [root@node1 ~]# virsh list --all
Id 名称 状态
----------------------------------------------------
1 generic running
2 centos7.0 running
3 c2 running
4 c3 running [root@node1 ~]# virsh destroy c3
域 c3 被删除 [root@node1 ~]# virsh list --all
Id 名称 状态
----------------------------------------------------
1 generic running
2 centos7.0 running
3 c2 running
- c3 关闭 [root@node1 ~]# virsh start c3
域 c3 已开始 [root@node1 ~]# virsh domifaddr c3
名称 MAC 地址 Protocol Address
-------------------------------------------------------------------------------
vnet3 52:54:00:e3:86:e1 ipv4 192.168.11.179/24 [root@node1 ~]#

  提示:对应网络上的虚拟机如果不重启,它默认会获取不到地址;其实上述重启可以使用virsh reboot命令;

  利用virsh edit来生成一个网络

[root@node1 ~]# virsh net-list --all
名称 状态 自动开始 持久
----------------------------------------------------------
default 活动 是 是
test 活动 否 是 [root@node1 ~]# virsh net-edit test
<uuid>f9452d96-55fa-4dbf-ad9c-b1ba99b7f2ad</uuid>
<network>
<name>test1</name>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr2' stp='on' delay='0'/>
<mac address='52:54:10:45:06:16'/>
<ip address='192.168.10.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.10.2' end='192.168.10.254'/>
</dhcp>
</ip>
</network>
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
"/tmp/virshWqhNS8.xml" 15L, 362C written
已编辑网络 test1 XML 配置 [root@node1 ~]# ll /etc/libvirt/qemu/networks/
总用量 12
drwx------ 2 root root 25 8月 16 22:59 autostart
-rw------- 1 root root 576 8月 13 23:31 default.xml
-rw------- 1 root root 641 8月 16 23:23 test1.xml
-rw------- 1 root root 639 8月 16 23:09 test.xml
[root@node1 ~]# diff /etc/libvirt/qemu/networks/test.xml /etc/libvirt/qemu/networks/test1.xml
4c4
< virsh net-edit test
---
> virsh net-edit test1
9,10c9,10
< <name>test</name>
< <uuid>f9452d96-55fa-4dbf-ad9c-b1ba99b7f2ad</uuid>
---
> <name>test1</name>
> <uuid>8dbdad99-91c5-435b-95b7-02179597f39e</uuid>
16,18c16,18
< <bridge name='virbr1' stp='on' delay='0'/>
< <mac address='52:54:00:45:06:16'/>
< <ip address='192.168.11.1' netmask='255.255.255.0'>
---
> <bridge name='virbr2' stp='on' delay='0'/>
> <mac address='52:54:10:45:06:16'/>
> <ip address='192.168.10.1' netmask='255.255.255.0'>
20c20
< <range start='192.168.11.2' end='192.168.11.254'/>
---
> <range start='192.168.10.2' end='192.168.10.254'/>
[root@node1 ~]# virsh net-list --all
名称 状态 自动开始 持久
----------------------------------------------------------
default 活动 是 是
test 活动 否 是
test1 不活跃 否 是 [root@node1 ~]#

  提示:从上面的演示我们可以看到,当我们修改了网络配置文件中的网络名称,ip地址,网桥名称,mac,dhcp地址池然后保存,它就会在对应目录下生成一个我们之前修改后的网络配置文件,并把我们的配置立刻应用到系统(define操作,不需要我们手动去define,它自动会define);

  virsh net-create:从指定xml文件创建一个非持久的临时网络,并激活;

[root@node1 ~]# virsh help net-create
NAME
net-create - 从一个 XML 文件创建一个网络 SYNOPSIS
net-create <file> DESCRIPTION
创建一个网络 OPTIONS
[--file] <string> 文件包括一个 XML网络描述 [root@node1 ~]# cat test.xml
<network connections='3'>
<name>test2</name>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr3' stp='on' delay='0'/>
<mac address='52:54:00:45:06:17'/>
<ip address='192.168.17.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.17.2' end='192.168.17.254'/>
</dhcp>
</ip>
</network> [root@node1 ~]# ll /etc/libvirt/qemu/networks/
总用量 12
drwx------ 2 root root 25 8月 16 22:59 autostart
-rw------- 1 root root 576 8月 13 23:31 default.xml
-rw------- 1 root root 641 8月 16 23:23 test1.xml
-rw------- 1 root root 639 8月 16 23:09 test.xml
[root@node1 ~]# virsh net-create test.xml
从test2创建网络test.xml [root@node1 ~]# virsh net-list --all
名称 状态 自动开始 持久
----------------------------------------------------------
default 活动 是 是
test 活动 否 是
test1 不活跃 否 是
test2 活动 否 否 [root@node1 ~]# ll /etc/libvirt/qemu/networks/
总用量 12
drwx------ 2 root root 25 8月 16 22:59 autostart
-rw------- 1 root root 576 8月 13 23:31 default.xml
-rw------- 1 root root 641 8月 16 23:23 test1.xml
-rw------- 1 root root 639 8月 16 23:09 test.xml
[root@node1 ~]#

  提示:这里提示下define出来的网络默认是持久的,create出来的网络不是持久的,所谓持久就是是否在/etc/libvirt/qemu/network/目录下生成配置文件,有配置文件的网络我们称它为持久网络,没有配置文件的网络我们称它为临时网络;

  virsh net-undefine:将指定持久网络取消定义,所谓取消定义就是转为非持久网络;

[root@node1 ~]# virsh help net-undefine
NAME
net-undefine - undefine a persistent network SYNOPSIS
net-undefine <network> DESCRIPTION
Undefine the configuration for a persistent network. OPTIONS
[--network] <string> 网络名或 uuid [root@node1 ~]# virsh net-list --all
名称 状态 自动开始 持久
----------------------------------------------------------
default 活动 是 是
test 活动 否 是
test1 不活跃 否 是
test2 活动 否 否 [root@node1 ~]# ll /etc/libvirt/qemu/networks/
总用量 12
drwx------ 2 root root 25 8月 16 22:59 autostart
-rw------- 1 root root 576 8月 13 23:31 default.xml
-rw------- 1 root root 641 8月 16 23:23 test1.xml
-rw------- 1 root root 639 8月 16 23:09 test.xml
[root@node1 ~]# virsh net-undefine test1
网络 test1 已经被取消定义 [root@node1 ~]# virsh net-list --all
名称 状态 自动开始 持久
----------------------------------------------------------
default 活动 是 是
test 活动 否 是
test2 活动 否 否 [root@node1 ~]# ll /etc/libvirt/qemu/networks/
总用量 8
drwx------ 2 root root 25 8月 16 22:59 autostart
-rw------- 1 root root 576 8月 13 23:31 default.xml
-rw------- 1 root root 639 8月 16 23:09 test.xml
[root@node1 ~]# virsh net-undefine test
网络 test 已经被取消定义 [root@node1 ~]# virsh net-list --all
名称 状态 自动开始 持久
----------------------------------------------------------
default 活动 是 是
test 活动 否 否
test2 活动 否 否 [root@node1 ~]# ll /etc/libvirt/qemu/networks/
总用量 4
drwx------ 2 root root 25 8月 16 22:59 autostart
-rw------- 1 root root 576 8月 13 23:31 default.xml
[root@node1 ~]#

  提示:net-undefine会把活跃状态的持久网络修改成非持久,它的操作就是把对应配置文件删除,将非活跃的持久化网络,它会删除其配置文件和网络实例;

05-10 23:47