From 9a9165b0f0c9924b0e46fbaef184b36da0d7121e Mon Sep 17 00:00:00 2001 From: Douglas Schilling Landgraf Date: Tue, 8 Oct 2024 02:56:52 -0400 Subject: [PATCH] qm sub-package Kernel-based Virtual Machine (KVM) The QM sub-package KVM includes drop-in configuration that enables the integration of Kernel-based Virtual Machine (KVM) management into the QM (Quality Management) container environment. This configuration allows users to easily configure and manage KVM virtual machines within the QM system, streamlining virtualization tasks in containerized setups. Use: make qm_dropin_mount_bind_kvm Signed-off-by: Douglas Schilling Landgraf --- Makefile | 16 ++- README.md | 129 ++++++++++++++++++ .../qm_dropin_mount_bind_kvm.conf | 7 + rpm/qm.spec | 40 ++++++ 4 files changed, 187 insertions(+), 5 deletions(-) create mode 100644 etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_kvm.conf diff --git a/Makefile b/Makefile index de4109fb..d0be2bad 100644 --- a/Makefile +++ b/Makefile @@ -66,6 +66,7 @@ rpm: clean dist ## - Creates a local RPM package, useful for develop --define="enable_qm_mount_bind_tty7 0" \ --define="enable_qm_mount_bind_ttyUSB0 0" \ --define="enable_qm_mount_bind_sound 0" \ + --define="enable_qm_mount_bind_kvm 0" \ --define="enable_qm_mount_bind_input 0" \ --define="_topdir ${RPM_TOPDIR}" \ --define="version ${VERSION}" \ @@ -76,27 +77,32 @@ rpm: clean dist ## - Creates a local RPM package, useful for develop ostree: qm_dropin_img_tempdir ## - A helper for creating QM packages for ostree based distros .PHONY: qm_dropin_img_tempdir -qm_dropin_img_tempdir: ## - Creates a QM RPM sub-package qm_dropin_img_tempdir +qm_dropin_img_tempdir: ## - QM RPM sub-package qm_dropin_img_tempdir sed -i 's/%define enable_qm_dropin_img_tempdir 0/%define enable_qm_dropin_img_tempdir 1/' ${SPECFILE} $(MAKE) VERSION=${VERSION} rpm .PHONY: qm_dropin_mount_bind_ttyUSB0 -qm_dropin_mount_bind_ttyUSB0: ## - Creates a QM RPM sub-package to mount bind /dev/ttyUSB0 in the nested containers +qm_dropin_mount_bind_ttyUSB0: ## - QM RPM sub-package to mount bind /dev/ttyUSB0 in the nested containers sed -i 's/%define enable_qm_mount_bind_ttyUSB0 0/%define enable_qm_mount_bind_ttyUSB0 1/' ${SPECFILE} $(MAKE) VERSION=${VERSION} rpm +.PHONY: qm_dropin_mount_bind_kvm +qm_dropin_mount_bind_kvm: ## - QM RPM sub-package to mount bind /dev/kvm in the nested containers + sed -i 's/%define enable_qm_mount_bind_kvm 0/%define enable_qm_mount_bind_kvm 1/' ${SPECFILE} + $(MAKE) VERSION=${VERSION} rpm + .PHONY: qm_dropin_mount_bind_sound -qm_dropin_mount_bind_sound: ## - Creates a QM RPM sub-package to mount bind /dev/snd in the nested containers +qm_dropin_mount_bind_sound: ## - QM RPM sub-package to mount bind /dev/snd in the nested containers sed -i 's/%define enable_qm_mount_bind_sound 0/%define enable_qm_mount_bind_sound 1/' ${SPECFILE} $(MAKE) VERSION=${VERSION} rpm .PHONY: qm_dropin_mount_bind_tty7 -qm_dropin_mount_bind_tty7: ## - Creates a QM RPM sub-package to mount bind /dev/tty7 in the nested containers +qm_dropin_mount_bind_tty7: ## - QM RPM sub-package to mount bind /dev/tty7 in the nested containers sed -i 's/%define enable_qm_mount_bind_tty7 0/%define enable_qm_mount_bind_tty7 1/' ${SPECFILE} $(MAKE) VERSION=${VERSION} rpm .PHONY: qm_dropin_mount_bind_input -qm_dropin_mount_bind_input: ## - Creates a QM RPM sub-package to mount bind /dev/input in the nested containers +qm_dropin_mount_bind_input: ## - QM RPM sub-package to mount bind /dev/input in the nested containers sed -i 's/%define enable_qm_mount_bind_input 0/%define enable_qm_mount_bind_input 1/' ${SPECFILE} $(MAKE) VERSION=${VERSION} rpm diff --git a/README.md b/README.md index 597401ff..2a341ca3 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,7 @@ - [Installing QM sub-packages](Installing-qm-sub-packages) - [Removing QM sub-packages](Removing-qm-sub-packages) - [Creating your own drop-in QM sub-package](Creating-your-own-drop-in-QM-sub-package) + - [QM sub-package kvm](QM-sub-package-kvm) - [QM sub-package Sound](QM-sub-package-Sound) 3. [SELinux Policy](#selinux-policy) 4. [BlueChi](#bluechi) @@ -288,6 +289,134 @@ Example changing the spec and triggering the build via make (feel free to automa $ make clean && VERSION=YOURVERSIONHERE make rpm ``` +## QM sub-package KVM + +The QM sub-package KVM includes drop-in configuration that enables the integration of Kernel-based Virtual Machine (KVM) management into the QM (Quality Management) container environment. This configuration allows users to easily configure and manage KVM virtual machines within the QM system, streamlining virtualization tasks in containerized setups. + +Below example step by step: + +Step 1: clone QM repo, install libvirt packages, prepare some files inside QM and start the libvirt daemon. + +```bash +$host> git clone https://github.com/containers/qm.git && cd qm +$host> make qm_dropin_mount_bind_kvm +$host> sudo dnf install rpmbuild/RPMS/noarch/qm_mount_bind_kvm-0.6.7-1.fc40.noarch.rpm +$host> sudo podman restart qm # if you have qm already running +$host> sudo dnf --installroot /usr/lib/qm/rootfs/ install virt-install libvirt-daemon libvirt-daemon-qemu libvirt-daemon-kvm -y + +# Copy default network settings to /root dir inside QM (/usr/lib/qm/rootfs/root) +$host> sudo cp /usr/share/libvirt/networks/default.xml /usr/lib/qm/rootfs/root + +Step 2: Preparing cloudinit files inside QM (/usr/lib/qm/rootfs/root) + +# Cloud-init files +------------------------------ +$host> cd /usr/lib/qm/rootfs/root/ +$host> cat meta-data +instance-id: fedora-cloud +local-hostname: fedora-vm + +# We are setting to user fedora the default password as fedora +$host> cd /usr/lib/qm/rootfs/root/ +$host> cat user-data +#cloud-config +password: fedora +chpasswd: { expire: False } +ssh_pwauth: True + +# Download the Fedora Cloud image for tests and save it /usr/lib/qm/rootfs/var/lib/libvirt/images/ +$ wget -O /usr/lib/qm/rootfs/root/Fedora-Cloud-Base-Generic.qcow2 https://download.fedoraproject.org/pub/fedora/linux/releases/40/Cloud/x86_64/images/Fedora-Cloud-Base-Generic.x86_64-40-1.14.qcow2 + +# Generate the cloud-init.iso and move it to /usr/lib/qm/rootfs/var/lib/libvirt/images/ +$host> cloud-localds cloud-init.iso user-data meta-data +$host> mv cloud-init.iso /usr/lib/qm/rootfs/var/lib/libvirt/images/ + +# Change permission to qemu:qemu +$host> chown qemu:qemu /usr/lib/qm/rootfs/var/lib/libvirt/* + +Step 3: Starting libvirtd and checking if it's active inside QM + +################################################################## +# Keep in mind for the next steps: +# Depending on the distro you are running SELinux might complain +# about libvirtd running on QM / udev errors +################################################################## + +# Going inside QM +$ sudo podman exec -it qm bash + +# Starting libvirtd +bash-5.2# systemctl start libvirt + +# Check if it's running: +bash-5.2# systemctl is-active libvirtd +active +``` + +Step 4: Creating a script inside QM and running the VM + +$host> cd /usr/lib/qm/rootfs/root/ +$host> vi run +``` +##### START SCRIPT ############ +# Set .cache to /tmp +export XDG_CACHE_HOME=/tmp/.cache + +# Remove previous instance +virsh destroy fedora-cloud-vm 2> /dev/null +virsh undefine fedora-cloud-vm 2> /dev/null + +# Network +virsh net-define ./default.xml 2> /dev/null +virsh net-start default 2> /dev/null +virsh net-autostart default 2> /dev/null + +# Install +virt-install \ +--name fedora-cloud-vm \ +--memory 20048 \ +--vcpus 4 \ +--disk path=/var/lib/libvirt/images/Fedora-Cloud-Base-Generic.qcow2,format=qcow2 \ +--disk path=/var/lib/libvirt/images/cloud-init.iso,device=cdrom \ +--os-variant fedora-unknown \ +--network network=default \ +--import \ +--graphics none \ +--console pty,target_type=serial \ +--noautoconsole + +##### END SCRIPT ############ +``` + +Step 5: Running the script + +``` +qm$ sudo podman exec -it qm bash +bash-5.2# cd /root +bash-5.2# ./run +Domain 'fedora-cloud-vm' destroyed + +Domain 'fedora-cloud-vm' has been undefined + +Network default marked as autostarted + +Starting install... +Creating domain... | 0 B 00:00:00 +Domain creation completed. +bash-5.2# virsh list + Id Name State +--------------------------------- + 4 fedora-cloud-vm running + +bash-5.2# virsh console fedora-cloud-vm + +fedora-vm login: fedora +Password: + +Last login: Tue Oct 8 06:01:18 on ttyS0 +[fedora@fedora-vm ~]$ +``` + ## RPM building dependencies In order to build qm package on CentOS Stream 9 you'll need Code Ready Builder diff --git a/etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_kvm.conf b/etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_kvm.conf new file mode 100644 index 00000000..4d4281cf --- /dev/null +++ b/etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_kvm.conf @@ -0,0 +1,7 @@ +# Drop-in configuration for Podman to mount bind /dev/kvm from host to container +# +[containers] +devices = [ + "/dev/kvm:/dev/kvm", + "/dev/net/tun:/dev/net/tun" +] diff --git a/rpm/qm.spec b/rpm/qm.spec index 736d46a2..47d4f1c4 100644 --- a/rpm/qm.spec +++ b/rpm/qm.spec @@ -32,6 +32,11 @@ ########################################### %define enable_qm_mount_bind_ttyUSB0 0 +########################################### +# subpackage QM - mount bind /dev/kvm # +########################################### +%define enable_qm_mount_bind_kvm 0 + ########################################### # subpackage QM - input devices # ########################################### @@ -141,6 +146,22 @@ install -d %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d # END - qm dropin sub-package - img tempdir # ######################################################## +######################################################## +# START - qm dropin sub-package - mount kvm # +######################################################## +%if %{enable_qm_mount_bind_kvm} + # first step - add drop-in file in /etc/containers/containers.d.conf/qm_dropin_mount_bind_kvm.conf + # to QM container mount bind /dev/kvm + install -m 644 %{_builddir}/qm-%{version}/etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_kvm.conf %{buildroot}%{_sysconfdir}/containers/containers.conf.d/qm_dropin_mount_bind_kvm.conf + + # second step - add drop-in file in /etc/qm/containers/containers.d.conf/qm_dropin/mount_bind_kvm.conf + # to nested containers in QM env mount bind it in /dev/kvm + install -m 644 %{_builddir}/qm-%{version}/etc/qm/containers/containers.conf.d/qm_dropin_mount_bind_kvm.conf %{buildroot}%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_kvm.conf +%endif +######################################################## +# END - qm dropin sub-package - mount kvm # +######################################################## + ######################################################## # START - qm dropin sub-package - mount sound # ######################################################## @@ -355,6 +376,25 @@ additional drop-in configurations. %{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_snd.conf %endif +####################################### +# sub-package QM Mount Bind /dev/kvm # +####################################### +%if %{enable_qm_mount_bind_kvm} +%package -n qm_mount_bind_kvm +Summary: Drop-in configuration for QM containers to mount bind /dev/kvm +Requires: %{name} = %{version}-%{release} +BuildArch: noarch + +%description -n qm_mount_bind_kvm +This sub-package installs a drop-in configurations for the QM. +It creates the `/etc/qm/containers/containers.conf.d/` directory for adding +additional drop-in configurations. + +%files -n qm_mount_bind_kvm +%{_sysconfdir}/containers/containers.conf.d/qm_dropin_mount_bind_kvm.conf +%{_sysconfdir}/qm/containers/containers.conf.d/qm_dropin_mount_bind_kvm.conf +%endif + ####################################### %changelog