I’ve been writing the last two weeks about Linux virtualization, including how to use Containers and Docker and how to virtualize multiple operating systems on different architectures.
We can do many powerful things, but you may be getting worried — how hard is it to control all these widely varying virtualization technologies?
There’s good news: It’s not difficult at all!
The command-line interface is great for efficiency. You can use it as a programming environment, and you can scale things out to the enterprise with some shell scripts.
There is a common command-line tool
virsh with which you can define, create, modify, delete, start, and stop (and even more!) both containers and virtual machines. Some associated commands allow you to connect to the consoles of running containers and KVM-based virtual machines, and the
docker command handles all the Docker-specific pieces.
A graphical user interface may not scale very well for doing large things, but it can be very nice for monitoring systems (and it’s perfectly adequate for smaller tasks). The
virt-manager tool starts a graphical interface that can do everything
virsh can do with containers and VMs.
The command-line and graphical interfaces can do the same things in the same ways because they are based on a common underlying code base named
libvirt. You can develop your own tools that use the
libvirt library, and then your custom programs can create and control containers and virtual machines.
libvirt library is written in C, and so your C/C++ programmers are ready to go. The
libvirt library also provides Python and Java APIs, so most any organization will be ready to start creating their own virtualization-controlling custom code. We show you how to do this in Learning Tree’s Linux Virtualization Training, and an exercise in that course guides you through developing a Java application to provide high availability by controlling multiple containers to ensure that one is always running.
Here’s a screenshot showing the types of things you can do with
virt-manager, and your own custom
This is a RHEL 7 graphical desktop. At lower right you see an Oracle Linux 6 text console. This is a container, started with
The colorful window behind the Oracle Linux one is a Windows 8.1 virtual machine. Behind that, the blue-grey graphical login screen is a Debian Linux virtual machine.
We can connect to the console of a container or virtual machine, and since we have full control over virtual networks and the connections between them, we could also connect via SSH.
Let’s zoom in on the window titled “Virtual Machine Manager”, this is the
Here we can see that there are two other virtualized systems up and running on this single physical platform: a CentOS 6 container and a CentOS 7 virtual machine (yes, all these systems have been given obvious names, but of course you are free to assign hostnames and IP addresses however you please).
These containers and virtual machines are all running on the same platform where we are running the management tool, so it is communicating with them directly via LXC and QEMU.
What about in your data center, when you have dozens of physical platforms and each of them are running several containers and/or virtual machines?
The virtual machine manager can connect over a raw TCP connection, but of course there is no security in that. So your first step will likely be tunneling the connections through SSH.
SSH provides the functionality and most of the security we would like, but it doesn’t scale well. The enterprise solution is to create key pairs and certificates, using your in-house PKI to support mutually authenticated and encrypted connections over TLS.
As the helpful libvirt TLS setup page explains, this isn’t difficult but the details can be a little overwhelming. Follow their documentation, it starts with the fundamentals of PKI and TLS, and walks you through the needed steps.
That’s it for now, have fun with virtualization!
Learning Tree is training you can trust. Learn more about Linux Virtualization Training.