Linux Virtualization Part 4: Manage, Monitor, and Control Your Virtual Machines with libvirt

I’ve been writing the last two weeks about Linux virtualization, including how to use Containers and Docker and how to virtualize multiple operating systems on different architectures.

We can do many powerful things, but you may be getting worried — how hard is it to control all these widely varying virtualization technologies?

There’s good news: It’s not difficult at all!

Command Line or Graphics? Why Not Both?

The command-line interface is great for efficiency. You can use it as a programming environment, and you can scale things out to the enterprise with some shell scripts.

There is a common command-line tool virsh with which you can define, create, modify, delete, start, and stop (and even more!) both containers and virtual machines. Some associated commands allow you to connect to the consoles of running containers and KVM-based virtual machines, and the docker command handles all the Docker-specific pieces.

A graphical user interface may not scale very well for doing large things, but it can be very nice for monitoring systems (and it’s perfectly adequate for smaller tasks). The virt-manager tool starts a graphical interface that can do everything virsh can do with containers and VMs.

The Power of libvirt

The command-line and graphical interfaces can do the same things in the same ways because they are based on a common underlying code base named libvirt. You can develop your own tools that use the libvirt library, and then your custom programs can create and control containers and virtual machines.

The libvirt library is written in C, and so your C/C++ programmers are ready to go. The libvirt library also provides Python and Java APIs, so most any organization will be ready to start creating their own virtualization-controlling custom code. We show you how to do this in Learning Tree’s Linux Virtualization Training, and an exercise in that course guides you through developing a Java application to provide high availability by controlling multiple containers to ensure that one is always running.

Putting It All Together

Here’s a screenshot showing the types of things you can do with virsh, virt-manager, and your own custom libvirt tools.

virtualization-screen

This is a RHEL 7 graphical desktop. At lower right you see an Oracle Linux 6 text console. This is a container, started with virsh.

The colorful window behind the Oracle Linux one is a Windows 8.1 virtual machine. Behind that, the blue-grey graphical login screen is a Debian Linux virtual machine.

We can connect to the console of a container or virtual machine, and since we have full control over virtual networks and the connections between them, we could also connect via SSH.

 

Let’s zoom in on the window titled “Virtual Machine Manager”, this is the virt-manager program.

virt-manager Virtual Machine Manager

Here we can see that there are two other virtualized systems up and running on this single physical platform: a CentOS 6 container and a CentOS 7 virtual machine (yes, all these systems have been given obvious names, but of course you are free to assign hostnames and IP addresses however you please).

Secure Remote Management

These containers and virtual machines are all running on the same platform where we are running the management tool, so it is communicating with them directly via LXC and QEMU.

What about in your data center, when you have dozens of physical platforms and each of them are running several containers and/or virtual machines?

The virtual machine manager can connect over a raw TCP connection, but of course there is no security in that. So your first step will likely be tunneling the connections through SSH.

SSH provides the functionality and most of the security we would like, but it doesn’t scale well. The enterprise solution is to create key pairs and certificates, using your in-house PKI to support mutually authenticated and encrypted connections over TLS.

As the helpful libvirt TLS setup page explains, this isn’t difficult but the details can be a little overwhelming. Follow their documentation, it starts with the fundamentals of PKI and TLS, and walks you through the needed steps.

That’s it for now, have fun with virtualization!

Learning Tree is training you can trust. Learn more about Linux Virtualization Training.

image sources

  • virtualization-cropped: Bob Cromwell

Type to search blog.learningtree.com

Do you mean "" ?

Sorry, no results were found for your query.

Please check your spelling and try your search again.