由于KVM的架构为

Libvirt –> qemu –> KVM

所以对于live migration有两种方式,一种是qemu + KVM自己的方式,一种是libvirt的方式,当然libvirt也是基于qemu+kvm的方式

qemu + KVM自己的方式为使用monitor

KVM Migration

KVM currently supports savevm/loadvm and offline or live migration Migration commands are given when in qemu-monitor (Alt-Ctrl-2). Upon successful completion, the migrated VM continues to run on the destination host.

Requirements

  • The VM image is accessible on both source and destination hosts (located on a shared storage, e.g. using nfs).
  • It is recommended an images-directory would be found on the same path on both hosts (for migrations of a copy-on-write image -- an image created on top of a base-image using "qemu-image create -b ...")
  • The src and dst hosts must be on the same subnet (keeping guest's network when tap is used).
  • Do not use -snapshot qemu command line option.
  • For tcp: migration protocol

the guest on the destination must be started the same way it was started on the source.

The live migration process has the following steps:

  1. The virtual machine instance is running on the source host.

  2. The virtual machine is started on the destination host in the frozen listening mode. The parameters used are the same as on the source host plus the -incoming tcp:ip:port parameter, where ip specifies the IP address and port specifies the port for listening to the incoming migration. If 0 is set as IP address, the virtual machine listens on all interfaces.

  3. On the source host, switch to the monitor console and use the migrate -d tcp:destination_ip:port command to initiate the migration.

  4. To determine the state of the migration, use the info migrate command in the monitor console on the source host.

  5. To cancel the migration, use the migrate_cancel command in the monitor console on the source host.

  6. To set the maximum tolerable downtime for migration in seconds, use the migrate_set_downtime number_of_seconds command.

  7. To set the maximum speed for migration in bytes per second, use the migrate_set_speed bytes_per_second command.

要进行live migration首先要存储共享,我们这里用nfs

在一台nfs server上安装

apt-get install nfs-kernel-server

export如下的文件夹

# cat /etc/exports
# /etc/exports: the access control list for filesystems which may be exported
#               to NFS clients.  See exports(5).
#
# Example for NFSv2 and NFSv3:
# /srv/homes       hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
#
# Example for NFSv4:
# /srv/nfs4        gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
# /srv/nfs4/homes  gss/krb5i(rw,sync,no_subtree_check)
#
/home/cliu8/nfs    *(rw,sync,no_root_squash)

在source机器和destination机器上,都mount这个文件夹

mount 16.158.166.150:/home/cliu8/nfs /home/cliu8/migrate

在文件夹里面放入两个image

root@escto-bj-hp-z620:/home/cliu8/migrate# ls -l
total 3842908
-rwxr-xr-x 1 root root 1717567488 Jul 18 00:01 ubuntu-14.04.img
-rwxr-xr-x 1 root root 2217869312 Jul 17 22:13 ubuntutest.img

在source机器上启动

qemu-system-x86_64 -enable-kvm -name ubuntutest  -m 2048 -hda /home/cliu8/migrate/ubuntu-14.04.img -vnc :19 -net nic -net user

在dest机器上同样启动,但是多了listen的参数

qemu-system-x86_64 -enable-kvm -name ubuntutest  -m 2048 -hda /home/cliu8/migrate/ubuntu-14.04.img -vnc :19 -net nic -net user -incoming tcp:0:4444

打开source机器的monitor

运行migrate -d tcp:16.158.166.150:4444

这个时候info migrate,显示Migration status: active

等变成complete,则migration结束

这个时候,另一面的机器已经起来了。

Libvirt Migration

Network data transports

migration的时候的数据传输有两种方式:

Hypervisor native transport

所谓native的transport,就是依赖于hypervisor,也即KVM的自有的机制去做网络传输,不支持加密,可能对于某些hypervisor来讲,网络还需要特殊的配置。

libvirt tunnelled transport

依赖于libvirt的RPC的网络通路进行网络传输,支持加密。

只要下面的命令能够执行,就能够传输

virsh -c qemu+ssh://cliu8@16.158.166.150/system list --all
virsh -c qemu+tcp://popsuper1982/system list --all
virsh -c qemu+tls://popsuper1982/system list --all

缺点是有很多额外的性能损耗

Communication control paths/flows

看完了数据通路,我们再来看控制通路

Migration一般涉及三个较色,admin, source, destination

Managed direct migration

admin节点控制整个migration的全过程,admin既控制source, 也控制destination,然而source和destination之间并不交互,因而migration过程中,如果admin挂了,就失败了。

Managed peer to peer migration

admin节点仅仅和source交互,告诉source,你要migrate到destination,然后source控制整个过程,如果admin在这个过程中挂了,不影响接着进行migration

注意的是,admin登录source的credential信息和source登录destination的credential信息是不一样的。

Unmanaged direct migration

admin和source都不控制migration的过程,而是admin的libvirt直接调用hypervisor的控制器,让hypervisor自己进行migration。

Configuration file handling

A transient guest only exists while it is running, and has no configuration file stored on disk.

A persistent guest maintains a configuration file on disk even when it is not running.

The virsh command has two flags to influence this behaviour.

The --undefine-source flag will cause the configuration file to be removed on the source host after a successful migration.

The --persist flag will cause a configuration file to be created on the destination host after a successful migration.

我们首先需要使得source和destination之间的libvirt是相互通的。

在source机器上,16.158.166.197

root@escto-bj-hp-z620:/home/cliu8/certtool# ls -l
total 60
-r--r--r-- 1 root root 1204 Jul 17 20:17 certificate_authority_certificate.pem
-r--r--r-- 1 root root 1972 Jul 17 20:17 certificate_authority_key.pem
-r--r--r-- 1 root root   37 Jul 17 20:17 certificate_authority_template.info
-r--r--r-- 1 root root 1379 Jul 17 20:17 escto-bj-hp-z620_client_certificate.pem
-r--r--r-- 1 root root 1968 Jul 17 20:17 escto-bj-hp-z620_client_key.pem
-r--r--r-- 1 root root  139 Jul 17 20:17 escto-bj-hp-z620_client_template.info
-r--r--r-- 1 root root 1310 Jul 17 20:17 escto-bj-hp-z620_server_certificate.pem
-r--r--r-- 1 root root 1968 Jul 17 20:17 escto-bj-hp-z620_server_key.pem
-r--r--r-- 1 root root   91 Jul 17 20:17 escto-bj-hp-z620_server_template.info
-r--r--r-- 1 root root 1371 Jul 17 20:17 popsuper1982_client_certificate.pem
-r--r--r-- 1 root root 1972 Jul 17 20:17 popsuper1982_client_key.pem
-r--r--r-- 1 root root  135 Jul 17 20:17 popsuper1982_client_template.info
-r--r--r-- 1 root root 1306 Jul 17 20:17 popsuper1982_server_certificate.pem
-r--r--r-- 1 root root 1968 Jul 17 20:17 popsuper1982_server_key.pem
-r--r--r-- 1 root root   87 Jul 17 20:17 popsuper1982_server_template.info

root@escto-bj-hp-z620:/home/cliu8/certtool# tree --charset ASCII /etc/pki/
/etc/pki/
|-- CA
|   `-- cacert.pem -> /home/cliu8/certtool/certificate_authority_certificate.pem
|-- libvirt
|   |-- clientcert.pem -> /home/cliu8/certtool/escto-bj-hp-z620_client_certificate.pem
|   |-- private
|   |   |-- clientkey.pem -> /home/cliu8/certtool/escto-bj-hp-z620_client_key.pem
|   |   `-- serverkey.pem -> /home/cliu8/certtool/escto-bj-hp-z620_server_key.pem
|   `-- servercert.pem -> /home/cliu8/certtool/escto-bj-hp-z620_server_certificate.pem
`-- nssdb -> /var/lib/nssdb

配置/etc/libvirt/libvirtd.conf

为了方便测试,我们对tcp, tls不进行密码设置

listen_tls = 1

listen_tcp = 1

tls_port = "16514"

tcp_port = "16509"

unix_sock_group = "libvirtd"

unix_sock_ro_perms = "0777"

unix_sock_rw_perms = "0770"

auth_unix_ro = "none"

auth_unix_rw = "none"

auth_tcp = "none"

auth_tls = "none"

测试下面的命令都能通过

virsh -c qemu+ssh://cliu8@16.158.166.150/system list --all
virsh -c qemu+tcp://popsuper1982/system list --all
virsh -c qemu+tls://popsuper1982/system list --all

在destination机器上,16.158.166.150

root@popsuper1982:/home/cliu8/certtool# ls -l
total 60
-r--r--r-- 1 root root 1204 Jul 15 22:31 certificate_authority_certificate.pem
-r--r--r-- 1 root root 1972 Jul 15 22:28 certificate_authority_key.pem
-r--r--r-- 1 root root   37 Jul 15 22:26 certificate_authority_template.info
-r--r--r-- 1 root root 1379 Jul 16 00:27 escto-bj-hp-z620_client_certificate.pem
-r--r--r-- 1 root root 1968 Jul 16 00:25 escto-bj-hp-z620_client_key.pem
-r--r--r-- 1 root root  139 Jul 16 00:24 escto-bj-hp-z620_client_template.info
-r--r--r-- 1 root root 1310 Jul 17 20:09 escto-bj-hp-z620_server_certificate.pem
-r--r--r-- 1 root root 1968 Jul 17 20:07 escto-bj-hp-z620_server_key.pem
-r--r--r-- 1 root root   91 Jul 17 20:06 escto-bj-hp-z620_server_template.info
-r--r--r-- 1 root root 1371 Jul 17 20:14 popsuper1982_client_certificate.pem
-r--r--r-- 1 root root 1972 Jul 17 20:13 popsuper1982_client_key.pem
-r--r--r-- 1 root root  135 Jul 17 20:12 popsuper1982_client_template.info
-r--r--r-- 1 root root 1306 Jul 16 00:09 popsuper1982_server_certificate.pem
-r--r--r-- 1 root root 1968 Jul 16 00:06 popsuper1982_server_key.pem
-r--r--r-- 1 root root   87 Jul 16 00:05 popsuper1982_server_template.info
root@popsuper1982:/home/cliu8/certtool# tree --charset ASCII /etc/pki/
/etc/pki/
|-- CA
|   `-- cacert.pem -> /home/cliu8/certtool/certificate_authority_certificate.pem
|-- libvirt
|   |-- clientcert.pem -> /home/cliu8/certtool/popsuper1982_client_certificate.pem
|   |-- private
|   |   |-- clientkey.pem -> /home/cliu8/certtool/popsuper1982_client_key.pem
|   |   `-- serverkey.pem -> /home/cliu8/certtool/popsuper1982_server_key.pem
|   `-- servercert.pem -> /home/cliu8/certtool/popsuper1982_server_certificate.pem
`-- nssdb -> /var/lib/nssdb

virsh -c qemu+ssh://cliu8@16.158.166.197/system list --all
virsh -c qemu+tcp://escto-bj-hp-z620/system list --all
virsh -c qemu+tls://escto-bj-hp-z620/system list –all

在source机器上,启动一个虚拟机virsh start ubuntu-14.04

# virsh dumpxml ubuntu-14.04
<domain type='kvm' id='55'>
  <name>ubuntu-14.04</name>
  <uuid>0f0806ab-531d-6134-5def-c5b495529284</uuid>
  <memory unit='KiB'>2097152</memory>
  <currentMemory unit='KiB'>2097152</currentMemory>
  <vcpu placement='static'>1</vcpu>
  <resource>
    <partition>/machine</partition>
  </resource>
  <os>
    <type arch='x86_64' machine='pc-i440fx-trusty'>hvm</type>
    <boot dev='hd'/>
  </os>
  <features>
    <acpi/>
    <apic/>
    <pae/>
  </features>
  <clock offset='utc'/>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>restart</on_crash>
  <devices>
    <emulator>/usr/bin/kvm-spice</emulator>
    <disk type='file' device='disk'>
      <driver name='qemu' type='qcow2' cache='none'/>
      <source file='/home/cliu8/migrate/ubuntu-14.04.img'/>
      <target dev='vda' bus='virtio'/>
      <alias name='virtio-disk0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
    </disk>
    <disk type='block' device='cdrom'>
      <driver name='qemu' type='raw'/>
      <target dev='hdc' bus='ide'/>
      <readonly/>
      <alias name='ide0-1-0'/>
      <address type='drive' controller='0' bus='1' target='0' unit='0'/>
    </disk>
    <controller type='usb' index='0'>
      <alias name='usb0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
    </controller>
    <controller type='pci' index='0' model='pci-root'>
      <alias name='pci.0'/>
    </controller>
    <controller type='ide' index='0'>
      <alias name='ide0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
    </controller>
    <interface type='bridge'>
      <mac address='52:54:11:9b:d5:11'/>
      <source bridge='ubuntu_br'/>
      <virtualport type='openvswitch'>
        <parameters interfaceid='18a45d7e-d96b-4b9e-9d92-dc9ff3ea77e0'/>
      </virtualport>
      <target dev='vnet8'/>
      <model type='virtio'/>
      <alias name='net0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    </interface>
    <serial type='pty'>
      <source path='/dev/pts/16'/>
      <target port='0'/>
      <alias name='serial0'/>
    </serial>
    <console type='pty' tty='/dev/pts/16'>
      <source path='/dev/pts/16'/>
      <target type='serial' port='0'/>
      <alias name='serial0'/>
    </console>
    <input type='mouse' bus='ps2'/>
    <input type='keyboard' bus='ps2'/>
    <graphics type='vnc' port='5908' autoport='yes' listen='0.0.0.0'>
      <listen type='address' address='0.0.0.0'/>
    </graphics>
    <video>
      <model type='cirrus' vram='9216' heads='1'/>
      <alias name='video0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
    </video>
    <memballoon model='virtio'>
      <alias name='balloon0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
    </memballoon>
  </devices>
  <seclabel type='none'/>
</domain>

其中cdrom和usb的都应该去掉,才能migration成功。

# virsh migrate --verbose --live --persistent ubuntu-14.04 qemu+tcp://popsuper1982/system     
Migration: [100 %]

QEMU KVM Libvirt(12): Live Migration的更多相关文章

  1. QEMU KVM Libvirt手册(10):Managing Virtual Machines with libvirt

    libvirt is a library that provides a common API for managing popular virtualization solutions, among ...

  2. QEMU KVM Libvirt手册(11): Managing Storage

    When managing a VM Guest on the VM Host Server itself, it is possible to access the complete file sy ...

  3. QEMU KVM Libvirt手册(7): 硬件虚拟化

    在openstack中,如果我们启动一个虚拟机,我们会看到非常复杂的参数 qemu-system-x86_64 -enable-kvm -name instance-00000024 -S -mach ...

  4. QEMU KVM libvirt手册(4) – images

    RAW raw是默认的格式,格式简单,容易转换为其他的格式.需要文件系统的支持才能支持sparse file 创建image # qemu-img create -f raw flat.img 10G ...

  5. QEMU KVM libvirt 手册(3) - Storage Media

    访问Hard Drive 使用-hda –hdb qemu-system-x86_64 -enable-kvm -name ubuntutest  -m 2048 -hda ubuntutest.im ...

  6. QEMU KVM libvirt手册(2): monitor

    Administrating Virtual Machines with QEMU Monitor When QEMU is running, a monitor console is provide ...

  7. QEMU KVM Libvirt手册(10): KVM的各种限制

    Overcommits KVM allows for both memory and disk space overcommit. However, hard errors resulting fro ...

  8. QEMU KVM Libvirt手册(5) – snapshots

    前面讲了QEMU的qcow2格式的internal snapshot和external snapshot,这都是虚拟机文件格式的功能. 这是文件级别的. 还可以是文件系统级别的,比如很多文件系统支持s ...

  9. kvm/qemu/libvirt学习笔记 (1) qemu/kvm/libvirt介绍及虚拟化环境的安装

    kvm简介 kvm最初由Quramnet公司开发,2008年被RedHat公司收购.kvm全称基于内核的虚拟机(Kernel-based Virtual Machine),它是Linux的一个内核模块 ...

随机推荐

  1. Java_异常以及处理

    目录 JAVA异常 异常的处理机制 自定义异常 写了一天的bug,来try...catch...finally了解一下.异常是程序中的一些错误,但并不是所有的错误都是异常,并且错误有时候是可以避免的. ...

  2. 使用javaScript操作页面元素

    from selenium import webdriver import time import unittest from selenium.common.exceptions import We ...

  3. bzoj 2599

    还是点对之间的问题,果断上点分治 同样,把一条路径拆分成经过根节点的两条路径,对不经过根节点的路径递归处理 然后,我们逐个枚举根节点的子树,计算出子树中某一点到根节点的距离,然后在之前已经处理过的点中 ...

  4. bzoj 3998

    我们分成两种情况来分析这个问题:t=0和t=1 t=1时,每一个子串出现的次数就是他在parent树上所在子树内前缀节点的个数,这一点我们已经说的很清楚了 利用SAM有向无环的性质,我们可以在pare ...

  5. 生活日历NABCD需求分析

    这次我们团队要开发一个生活日历APP,对于这个APP的NABCD的需求分析,我对此作出其中的一小部分介绍. N(Need)需求 目前市场上有很多的日历程序,每个手机自带的功能中必然有日历程序.但是对于 ...

  6. Iterator 和 ListIterator 的不同点以及包含的方法

    当我们在对集合(List,Set)进行操作的时候,为了实现对集合中的数据进行遍历,经常使用到了Iterator(迭代器).使用迭代器,你不需要干涉其遍历的过程,只需要每次取出一个你想要的数据进行处理就 ...

  7. mysql_config not found和error: command 'gcc' failed with exit status 1

    要想使python可以操作mysql 就需要MySQL-python驱动,它是python 操作mysql必不可少的模块. 下载地址:https://pypi.python.org/pypi/MySQ ...

  8. PHP使用urlencode对中文编码时空格、加号的问题

    使用urlencode这个函数进行格式化,urlencode函数会把空格编码为为:+ 当然,前端在接收时可以解码后进行替换 + 为空格的方式处理. 但是这样就多做了一步,很麻烦,有的时候我们的数据接口 ...

  9. 聊聊HTML

    HTML简述 What is HTML? HTML是用来描述网页的一种语言,全称超文本标记语言(HyperText Markup Language),它并不是一种编程语言,而是一种标记语言,即一套标记 ...

  10. Selenium 常用API

    浏览器相关操作 启动浏览器 driver = new ChromeDriver(); 控制浏览器窗口大小 maximize() 设置浏览器最大化 setSize() 设置浏览器窗口的宽与高 访问网页 ...