Chapter 9. Provisioning Virtual Machines on KVM (libvirt)
Kernel-based Virtual Machines (KVMs) use an open source virtualization daemon and API called
libvirt running on Red Hat Enterprise Linux. Red Hat Satellite can connect to the
libvirt API on a KVM server, provision hosts on the hypervisor, and control certain virtualization functions.
You can use KVM provisioning to create hosts over a network connection or from an existing image.
- Synchronized content repositories for Red Hat Enterprise Linux. For more information, see Synchronizing Red Hat Repositories in the Content Management Guide.
- An activation key for host registration. For more information, see Creating An Activation Key in the Content Management guide.
- A Capsule Server managing a network on the KVM server. Ensure no other DHCP services run on this network to avoid conflicts with the Capsule Server. For more information about network service configuration for Capsule Servers, see Chapter 3, Configuring Networking.
- A Red Hat Enterprise Linux server running KVM virtualization tools (libvirt daemon). For more information, see the Red Hat Enterprise Linux 7 Virtualization Getting Started Guide.
An existing virtual machine image if you want to use image-based provisioning. Ensure that this image exists in a storage pool on the KVM host. The
defaultstorage pool is usually located in
/var/lib/libvirt/images. Only directory pool storage types can be managed through Satellite.
Optional: The examples in these procedures use the root user for KVM. If you want to use a non-root user on the KVM server, you must add the user to the
libvirtgroup on the KVM server:
useradd -a -G libvirt non_root_user
A Satellite user account with the following roles:
- Edit hosts
For more information, see Assigning Roles to a User in the Administering Red Hat Satellite guide.
A custom role in Satellite with the following permissions:
For more information about creating roles, see Creating a Role in the Administering Red Hat Satellite guide. For more information about adding permissions to a role, see Adding Permissions to a Role in the Administering Red Hat Satellite guide.
- Section 9.1, “Configuring Satellite Server for KVM Connections”.
- Section 9.2, “Adding a KVM Connection to Satellite Server”.
- Optional: Section 9.3, “Adding KVM Images to Satellite Server”. Use this procedure if you want to use image-based provisioning.
- Section 9.4, “Adding KVM Details to a Compute Profile”.
- Section 9.5, “Creating Hosts on KVM”.
9.1. Configuring Satellite Server for KVM Connections
Before adding the KVM connection, create an SSH key pair for the
foreman user to ensure a secure connection between Satellite Server and KVM.
On Satellite Server, switch to the
# su foreman -s /bin/bash
Generate the key pair:
Copy the public key to the KVM server:
$ ssh-copy-id firstname.lastname@example.org
Exit the bash shell for the
# satellite-maintain packages install libvirt-client
Use the following command to test the connection to the KVM server:
# su foreman -s /bin/bash -c 'virsh -c qemu+ssh://email@example.com/system list'
9.2. Adding a KVM Connection to Satellite Server
Use this procedure to add KVM as a compute resource in Satellite.
- In the Satellite web UI, navigate to Infrastructure > Compute Resources and click Create Compute Resource.
- In the Name field, enter a name for the new compute resource.
- From the Provider list, select Libvirt
- In the Description field, enter a description for the compute resource.
In the URL field, enter the connection URL to the KVM server. For example:
- From the Display type list, select either VNC or Spice.
Optional: To secure console access for new hosts with a randomly generated password, select the Set a randomly generated password on the display connection check box. You can retrieve the password for the VNC console to access the guest virtual machine console from the output of the following command executed on the KVM server:
# virsh edit your_VM_name <graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0' passwd='your_randomly_generated_password'>
The password is randomly generated every time the console for the virtual machine is opened, for example, with virt-manager.
- Click Test Connection to ensure that Satellite Server connects to the KVM server without fault.
- Verify that the Locations and Organizations tabs are automatically set to your current context. If you want, add additional contexts to these tabs.
- Click Submit to save the KVM connection.
For CLI Users
To create a compute resource, enter the
hammer compute-resource createcommand:
# hammer compute-resource create --name "My_KVM_Server" \ --provider "Libvirt" --description "KVM server at kvm.example.com" \ --url "qemu+ssh://firstname.lastname@example.org/system" --locations "New York" \ --organizations "My_Organization"
9.3. Adding KVM Images to Satellite Server
To create hosts using image-based provisioning, you must add information about the image, such as access details and the image location, to your Satellite Server.
Note that you can manage only directory pool storage types through Satellite 6.
- In the Satellite web UI, navigate to Infrastructure > Compute Resources and click the name of the KVM connection.
- Click Create Image.
- In the Name field, enter a name for the image.
- From the Operating System list, select the image’s base operating system.
- From the Architecture list, select the operating system architecture.
In the Username field, enter the SSH user name for image access. This is normally the
- In the Password field, enter the SSH password for image access.
In the Image path field, enter the full path that points to the image on the KVM server. For example:
Optional: Select the User Data check box if the image supports user data input, such as
- Click Submit to save the image details.
For CLI Users
Create the image with the
hammer compute-resource image createcommand. Use the
--uuidfield to store the full path of the image location on the KVM server.
# hammer compute-resource image create \ --name "KVM Image" \ --compute-resource "My_KVM_Server" --operatingsystem "RedHat version" \ --architecture "x86_64" \ --username root \ --user-data false \ --uuid "/var/lib/libvirt/images/KVMimage.qcow2" \
9.4. Adding KVM Details to a Compute Profile
Use this procedure to add KVM hardware settings to a compute profile. When you create a host on KVM using this compute profile, these settings are automatically populated.
- In the Satellite web UI, navigate to Infrastructure > Compute Profiles.
- In the Compute Profiles window, click the name of an existing compute profile, or click Create Compute Profile, enter a Name, and click Submit.
- Click the name of the KVM compute resource.
- In the CPUs field, enter the number of CPUs to allocate to the new host.
- In the Memory field, enter the amount of memory to allocate to the new host.
- From the Image list, select the image to use if performing image-based provisioning.
- From the Network Interfaces list, select the network parameters for the host’s network interface. You can create multiple network interfaces. However, at least one interface must point to a Capsule-managed network.
- In the Storage area, enter the storage parameters for the host. You can create multiple volumes for the host.
- Click Submit to save the settings to the compute profile.
For CLI Users
To create a compute profile, enter the following command:
# hammer compute-profile create --name "Libvirt CP"
To add the values for the compute profile, enter the following command:
# hammer compute-profile values create --compute-profile "Libvirt CP" \ --compute-resource "My_KVM_Server" \ --interface "compute_type=network,compute_model=virtio,compute_network=examplenetwork" \ --volume "pool_name=default,capacity=20G,format_type=qcow2" \ --compute-attributes "cpus=1,memory=1073741824"
9.5. Creating Hosts on KVM
In Satellite, you can use KVM provisioning to create hosts over a network connection or from an existing image:
- If you want to create a host over a network connection, the new host must be able to access either the Satellite Server’s integrated Capsule or an external Capsule Server on a KVM virtual network, so that the host has access to PXE provisioning services. This new host entry triggers the KVM server to create and start a virtual machine. If the virtual machine detects the defined Capsule Server through the virtual network, the virtual machine boots to PXE and begins to install the chosen operating system.
- If you want to create a host with an existing image, the new host entry triggers the KVM server to create the virtual machine using a pre-existing image as a basis for the new volume.
For network-based provisioning, if you use a virtual network on the KVM server for provisioning, select a network that does not provide DHCP assignments. This causes DHCP conflicts with Satellite Server when booting new hosts.
- In the Satellite web UI, navigate to Hosts > Create Host.
- In the Name field, enter a name for the host.
- Click the Organization and Location tabs to ensure that the provisioning context is automatically set to the current context.
- From the Host Group list, select the host group that you want to use to populate the form.
- From the Deploy on list, select the KVM connection.
- From the Compute Profile list, select a profile to use to automatically populate virtual machine settings.
- Click the Interface tab and click Edit on the host’s interface.
Verify that the fields are automatically populated, particularly the following items:
- The Name from the Host tab becomes the DNS name.
- Satellite Server automatically assigns an IP address for the new host.
- The MAC address field is blank. The KVM server assigns a MAC address to the host.
- The Managed, Primary, and Provision options are automatically selected for the first interface on the host. If not, select them.
- The KVM-specific fields are populated with settings from your compute profile. Modify these settings if required.
- Click the Operating System tab, and confirm that all fields automatically contain values.
Select the Provisioning Method that you want to use:
- For network-based provisioning, click Network Based.
- For image-based provisioning, click Image Based.
- Click Resolve in Provisioning templates to check the new host can identify the right provisioning templates to use.
- Click the Virtual Machine tab and confirm that these settings are populated with details from the host group and compute profile. Modify these settings to suit your needs.
- Click the Parameters tab, and ensure that a parameter exists that provides an activation key. If not, add an activation key.
- Click Submit to save the host entry.
For CLI Users
To use network-based provisioning, create the host with the
hammer host createcommand and include
--provision-method build. Replace the values in the following example with the appropriate values for your environment.
# hammer host create \ --name "kvm-host1" \ --organization "My_Organization" \ --location "New York" \ --hostgroup "Base" \ --compute-resource "My_KVM_Server" \ --provision-method build \ --build true \ --enabled true \ --managed true \ --interface "managed=true,primary=true,provision=true,compute_type=network,compute_network=examplenetwork" \ --compute-attributes="cpus=1,memory=1073741824" \ --volume="pool_name=default,capacity=20G,format_type=qcow2" \ --root-password "password"
To use image-based provisioning, create the host with the
hammer host createcommand and include
--provision-method image. Replace the values in the following example with the appropriate values for your environment.
# hammer host create \ --name "kvm-host2" \ --organization "My_Organization" \ --location "New York" \ --hostgroup "Base" \ --compute-resource "My_KVM_Server" \ --provision-method image \ --image "KVM Image" \ --enabled true \ --managed true \ --interface "managed=true,primary=true,provision=true,compute_type=network,compute_network=examplenetwork" \ --compute-attributes="cpus=1,memory=1073741824" \ --volume="pool_name=default,capacity=20G,format_type=qcow2"
For more information about additional host creation parameters for this compute resource, enter the
hammer host create --help command.