The text on this page was translated by translation software. A revised version from our editors will be available soon.
For Ubuntu Server 14.04.x LTS
We show you how to install Ubuntu and KVM on your Server guest systems and make them accessible via a (separate) public IP.
The use of the Kernel-based Virtual Machine (KVM) makes sense, as KVM has been Ubuntu's officially supported (and preferred in the server area) virtualization solution since Ubuntu 8.04. The KVM kernel module has also been an official part of the Linux kernel since 2.6.20.
Step 1 Check prerequisites
Before you start the installation, make sure that your server meets the technical requirements for using KVM: KVM requires server hardware that supports virtualization at the hardware level. Use the following command to determine whether this is the case on your server:
egrep -c '(vmx|svm)' /proc/cpuinfo
If you get here a value greater than or equal to 1 as return value, everything is OK. If this is not the case, switch to another software - for example
If you want to set up guest systems with more than 2 GB RAM, you need a host system with 64bit kernel. Check as follows:
egrep -c ' lm ' /proc/cpuinfo
A"1" (or higher) means that you have a 64bit system. In the other case a new installation with a 64Bit image would be necessary.
Then you have to add your users to the groups kvm and libvirtd:
adduser `id -un` kvm
adduser `id -un` libvirtd
Since the change does not take effect until the next login, you now have to log off briefly and log on again.
Step 3.1 Provide storage space
All current server images are equipped with the Logical Volume Manager (LVM). This makes it possible to create dynamically changeable partitions (logical volumes). In order to offer you the greatest possible flexibility, not all of your server's capacity is pre-partitioned when delivered. For example, the initial size of /var is only 4GB.
For example, the following command increases /var by 20GB (if you are using a server without an SSD option, replace"ssd" with"vg00"):
lvextend -L +20G /dev/ssd/var
Afterwards, the file system must be adjusted to the new size:
Step 3.2 Installing VM and OS
There are a number of tools that simplify the setup of virtual machines. This guide uses the virt-inst tool included in the virtinst package:
apt-get install virtinst
It is important (see note at the beginning of this manual) that the VM is created with the network setting NAT, which should however correspond to the default setting. Check as follows:
virsh net-dumpxml default
<network connections='3'> <name>default</name> <uuid>9eedf2c5-9ce2-43ea-9eaa-4a4e57902653</uuid> <forward mode='nat'> <nat> <port start='1024' end='65535'/> </nat> </forward> <bridge name='virbr0' stp='on' delay='0'/> <ip address='192.168.122.1' netmask='255.255.255.0'> <dhcp> <range start='192.168.122.2' end='192.168.122.254'/> </dhcp> </ip> </network>
The following command creates a VM and connects you to it via serial console. There you can perform the installation of the guest system (here Ubuntu 14.04) started from the assigned image.
virt-install --name vm1 --ram 2048 --disk path=/var/lib/libvirt/images /vm1.img,size=8 --vcpus 2 --os-type linux --os-variant ubuntutrusty --network network=default --graphics none --console pty,target_type=serial --location /var/lib/libvirt /boot/ubuntu-14.04-server-i386.iso --extra-args 'console=ttyS0,115200n8 serial'
|name||name of the VM|
|2048 MB main memory|
|disk||8 GB total disk space (img)|
|vcpus||2 virtual cores for the VM|
|OS||Type of operating system (Linux, ubuntutrusty)|
|--network||Which network property, 'default' stands for NAT by default in this case (absolutely necessary!)|
|--graphics||Possible graphic settings|
|the installation runs from the serial console|
|--location||the path to the ISO image|
Before you make changes to the guest system, make sure that the VM is started automatically in the future. Exit the virtual console by pressing (Ctrl)+(+) and enter the following command on the host:
virsh -c qemu://system autostart vm1
Then use the following command to switch back to the guest system:
virsh console vm1
Step 3.3 Configuring the network (IPv4)
To make the guest system accessible via a public IP address, a few more changes on the guest and host systems are necessary.
Step 3.3.1 Guest settings
Note: Please replace the example IP 217.160.167.xxx with your address in the following steps (you manage your IP addresses in 1&1 IONOS under Server > IP Addresses).
Create an Ethernet alias (e.g. eth0:0) with the public IPv4 address :
sudo vi /etc/network/interfaces
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet dhcp #---------------------------------------- auto eth0:0 iface eth0:0 inet static address 217.160.167.xxx broadcast 217.160.167.xxx netmask 255.255.255.255 #---------------------------------------
Step 3.3.2 Settings on the host
First activate IP forwarding in the kernel:
sudo sh -c "echo 1 /proc/sys/net/ipv4/ip forward"
Now the route to the virtual network is needed:
route add -host 217.160.167.xxx dev virbr0
Finally, add the necessary firewall rules:
iptables -I FORWARD 1 -t filter -d 217.160.167.xxx/32 -o virbr0 -j ACCEPT
iptables -I FORWARD 1 -t filter -s 217.160.167.xxx/32 -i virbr0 -j ACCEPT
So that these settings are also active after the next restart, write them to rc.local as follows:
#--------------------------------------------- while [ `ps -e | grep -c libvirtd` -lt 1 ]; do sleep 1 done sleep 10 # set up custom iptables rules. iptables -I FORWARD 1 -t filter -d 217.160.167.xxx/32 -o virbr0 -j ACCEPT iptables -I FORWARD 1 -t filter -s 217.160.167.xxx/32 -i virbr0 -j ACCEPT # add static routes to the ip routing table route add -host 217.160.167.xxx dev virbr0 ) & #---------------------------------------------------------------------- exit 0
Step 3.4 Configuring the network (IPv6)
You can also make your guest systems available and/or via IPv6. The IPv6 subnet assigned to you can be found in 1&1 IONOS under Server > IP Addresses.
The following steps show setup using the example of the subnet 2001:8d8:91d:bd00::/56.
Step 3.4.1 Settings on the host
Enable IPv6 forwarding by commenting out the line net.ipv6.conf.all.forwarding=1 in /etc/sysctl.conf:
# Uncomment the next line to enable packet forwarding for IPv6 # Enabling this option disables Stateless Address Autoconfiguration # based on Router Advertisements for this host net.ipv6.conf.all.forwarding=1
Then the interfaces eth0 and virbr0 must be reconfigured. The addresses are then automatically distributed to the guest systems later.
For simplicity, eth0 gets the smallest possible address that the IPv6 subnet allows. In this example, 2001:08D8:091D:BD00:0000:0000:0000:0000:0001 :
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet dhcp iface eth0 inet6 static address 2001:08D8:091D:BD00:0000:0000:0000:0001 netmask 64 post-up ip -6 route add fe80::1 dev eth0 post-up ip -6 route add default via fe80::1 dev eth0 post-down ip -6 route del default via fe80::1 dev eth0 post-down ip -6 route del fe80::1 dev eth0
Before you edit virbr0, shut down the virtual network:
virsh net-destroy default
Now enter Virbr0 the smallest possible address of a new subnet. In the following example this is 2001:08D8:091D:BD01:0000:0000:0000:0000:0001 :
virsh net-edit default
<network> <name>default</name> <uuid>9eedf2c5-9ce2-43ea-9eaa-4a4e57902653</uuid> <forward mode='nat'/> <bridge name='virbr0' stp='on' delay='0'/> <mac address='52:54:00:80:c9:68'/> <ip address='192.168.122.1' netmask='255.255.255.0'> <dhcp> <range start='192.168.122.2' end='192.168.122.254'/> </dhcp> </ip> <ip family='ipv6' address='2001:08D8:091D:BD01:0000:0000:0000:00001' prefix='64'> </ip> </network>
In order for a guest to receive an IPv6 address from this subnet, it must be restarted:
virsh -c qemu://system reboot <name>
Attention, the guest system now has two IPv6 addresses! The configuration now looks like this, for example:
eth0 Link encap:Ethernet HWaddr 52:54:00:9a:17:3e inet addr:192.168.122.159 Bcast:192.168.122.255 Mask:255.255.255.0 inet6 addr: 2001:8d8:91d:bd01:8982:6203:5146:27e9/64 Scope:Global inet6 addr: 2001:8d8:91d:bd01:5054:ff:fe9a:173e/64 Scope:Global inet6 addr: fe80::5054:ff:fe9a:173e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:18 errors:0 dropped:3 overruns:0 frame:0 TX packets:24 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1811 (1.8 KB) TX bytes:2500 (2.5 KB)
The lower (line 4) in this example is the fixed IP address. This consists of the subnet[2001:8d8:91d:bd01] and a second part, which is derived from the hardware address. The upper IPv6 address is partially generated randomly. The guest system is now uniquely identifiable and accessible under both IP addresses. For the accessibility of e.g. web servers, the lower/fixed IP should be used.