{"id":882,"date":"2019-12-24T16:58:21","date_gmt":"2019-12-24T15:58:21","guid":{"rendered":"https:\/\/blog.unetresgrossebite.com\/?p=882"},"modified":"2019-12-24T17:06:57","modified_gmt":"2019-12-24T16:06:57","slug":"kubevirt","status":"publish","type":"post","link":"https:\/\/blog.unetresgrossebite.com\/?p=882","title":{"rendered":"KubeVirt"},"content":{"rendered":"

Today we’ll take a quick look at KubeVirt, A Kubernetes native virtualization solution.<\/p>\n

While OpenShift and Kubernetes have been all about containers, as of 2018, we’ve started hearing about some weird idea: shipping virtual machines into containers.<\/p>\n

Today, KubeVirt is fairly well integrated into OpenShift, which has its own Operator.<\/p>\n

If like me, you’re running OpenShift on KVM guests, you’ll first have to make sure nested virtualization was enabled. With an Intel processor, we would look for the following:<\/p>\n

$ cat \/sys\/module\/kvm_intel\/parameters\/nested
\nY<\/code><\/p>\n

Or using AMD:<\/p>\n

$ cat \/sys\/module\/kvm_amd\/parameters\/nested
\nY<\/code><\/p>\n

Unless the above returns with `Y` or `1`, we need to enable nested
\nvirtualization. First, shut down all guests. Then, reload your KVM module:<\/p>\n

# modprobe -r kvm_intel
\n# modprobe kvm_intel nested=1
\n# cat \/sys\/module\/kvm_intel\/parameters\/nested
\n# cat <\/etc\/modprobe.d\/kvm.conf
\noptions kvm_intel nested=1
\nEOF<\/eof><\/code><\/p>\n

With AMD, use instead:<\/p>\n

# modprobe -r kvm_amd
\n# modprobe kvm_amd nested=1
\n# cat \/sys\/module\/kvm_amd\/parameters\/nested
\n# cat <\/etc\/modprobe.d\/kvm.conf
\noptions kvm_amd nested=1
\nEOF<\/eof><\/code><\/p>\n

Reboot your guests, and confirm you can now find a `\/dev\/kvm` device:<\/p>\n

$ ssh core@compute1.friends
\nRed Hat Enterprise Linux CoreOS 42.81.20191113.0
\n...
\n$ grep vmx \/proc\/cpuinfo
\nflags\t\t: xxx
\n...
\n$ ls \/dev\/kvm
\n\/dev\/kvm<\/code><\/p>\n

Confirm OpenShift node-capability-detector did discover those devices:<\/p>\n

$ oc describe node compute1.xxx
\n...
\nAllocatable:
\ncpu: 7500m
\ndevices.kubevirt.io\/kvm: 110
\ndevices.kubevirt.io\/tun: 110
\ndevices.kubevirt.io\/vhost-net: 110
\n<\/code><\/p>\n

Now, from the OperatorHub console, we would install the KubeVirt operator. While writing these lines, there are still some bugs, prefer using some lab cluster doing so.<\/p>\n

Next, we’ll migrate a test KVM instance, from a regular hypervisor to OpenShift. Here, the first thing we would want to do is to provision a DataVolume.<\/p>\n

DataVolumes are built on top of PersistentVolumeClaims, they’re meant to help dealing with persistent volumes, implementing data provisioning.<\/p>\n

There’s two ways to go about this: either we can host our disks using a web server, and then we may use the following DataVolume definition:<\/p>\n

apiVersion: cdi.kubevirt.io\/v1alpha1
\nkind: DataVolume
\nmetadata:
\n  name: bluemind-demo
\n  namespace: wsweet-demo
\nspec:
\n  source:
\n    http:
\n      url: https:\/\/repository.undomaine.com\/modeles\/kvm\/kvm-kubevirt\/bm40.qcow2
\n  pvc:
\n    accessModes:
\n    - ReadWriteOnce
\n    resources:
\n      requests:
\n      storage: 20Gi<\/code><\/p>\n

Or we could use the virtctl client uploading an image from our system into OpenShift:<\/p>\n

$ virtctl image-upload dv bluemind-demo --wait-secs=600 --size=8Gi --insecure --block-volume --image-path=\/var\/lib\/libvirt\/images\/bm40-template.raw
\nDataVolume wsweet-demo\/bluemind-demo created
\nWaiting for PVC bluemind-demo upload pod to be ready...
\nPod now ready
\nUploading data to https:\/\/cdi-uploadproxy-openshift-operators.apps.undomaine.com
\n...<\/code><\/p>\n

The process of uploading a volume would start some temporary Pod, which would use a pair of PVC: one that would receive the final image, the other serving as a temporary storage while upload is running.<\/p>\n

Once our image was uploaded, we would be able to create a VirtualMachine object:<\/p>\n

apiVersion: kubevirt.io\/v1alpha3
\nkind: VirtualMachine
\nmetadata:
\n  name: bluemind-demo
\n  namespace: wsweet-demo
\nspec:
\n  running: false
\n  template:
\n    metadata:
\n      labels:
\n        name: bluemind-demo
\n    spec:
\n      domain:
\n        devices:
\n          disks:
\n          - disk:
\n            bus: virtio
\n          name: rootfs
\n          interfaces:
\n          - name: default
\n            masquerade: {}
\n          resources:
\n            requests:
\n              memory: 8Gi
\n              cpu: \"1\"
\n      networks:
\n      - name: default
\n        pod: {}
\nterminationGracePeriodSeconds: 600
\n      volumes:
\n      - dataVolume:
\n          name: bluemind-demo
\n        name: rootfs<\/code><\/code><\/p>\n

$ oc get vm
\n...
\nbluemind-demo 2s false
\n$ virtctl start bluemind-demo
\n$ oc describe vm bluemind-demo
\n...
\n$ oc get vmi
\n...
\nbluemind-demo 3s Scheduling
\n$ oc get pods
\n...
\nvirt-launcher-bluemind-demo-8kcxz 0\/1 ContainerCreating 0 38s
\n<\/code><\/p>\n

Once that Pod is running, we should be able to attach our guest VNC console:<\/p>\n

$ virtctl vnc bluemind-demo<\/code><\/p>\n

Finish up configuring your system, you may have to rename your network
\ninterfaces, reset IP addresses, fix DNS resolution integrating with OpenShift. Here, we could use cloud-init, or script our own contextualization, installing OpenShift Service CA, …<\/p>\n","protected":false},"excerpt":{"rendered":"

Today we’ll take a quick look at KubeVirt, A Kubernetes native virtualization solution. While OpenShift and Kubernetes have been all about containers, as of 2018, we’ve started hearing about some weird idea: shipping virtual machines into containers. Today, KubeVirt is fairly well integrated into OpenShift, which has its own Operator. If like me, you’re running […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[10,13,4,2],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=\/wp\/v2\/posts\/882"}],"collection":[{"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=882"}],"version-history":[{"count":7,"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=\/wp\/v2\/posts\/882\/revisions"}],"predecessor-version":[{"id":889,"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=\/wp\/v2\/posts\/882\/revisions\/889"}],"wp:attachment":[{"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=882"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=882"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=882"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}