Written by Subramanya

Virtualization

What is virtualization & hypervisors ?

Process of creating a software based application,servers is achieved using hypervisors and are classified as Type1 and Type2 hypervisors.Type1 runs on a bare metal in our case will be KVM which is opensource and will be discussed here later.Type2 which runs on top of a host OS ,example would be oracle virtual box which is commonly used and opensource which isn’t described here.The difference between the two is the latency since in the Type1 the underlying hardware and the hypervisor have no host OS in between so the extra routing is avoided.

What is a virtual environment(VE)?

In a VE , application (or OS) is spawned in a container when compared to the Virtual Machine where the underlying hardware is also emulated.Some of the VE discussed will be LXC, Docker and QEMU.

LXC and Dockers provide virtualization but each one differs from one other however initially dockers were built on top of LXC and QEMU is used as a machine emulator uses dynamic translation using which programs made for one machine can be built/run on a different machine.

KVM

As mentioned earlier KVM (Kernel based virtual machine )is type 1 based hypervisor and this is suppoterd on Linux Machines and is opensource , libvrt library is used internally in KVM . Virtualization must be enabled in BIOS first.After this the KVM packages can be used to start virtual machines. If VMware Type 2 hypervisor is used then virtualization can be enabled in guest linux system on top of it however oracle virtual box doesn’t support it.Below are the steps to setup KVM.

$ sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils

$sudo adduser `id -un` libvirtd

$sudo adduser `id -un` kvm

verify if the required user is added 
$ groups

$virsh list --all
 Id Name                 State
----------------------------------

you should get something like this then you are good to go and install guest images
$sudo apt-get install ubuntu-vm-builder
$sudo ubuntu-vm-builder kvm hardy

to connect to the new guest os through ssh use the below command 
$ssh USER@IP -L5900:127.0.0.1:5900

LXC

LXC uses namespaces to isolate process i.e you can have 2 process with the same name one in the container and other on the system, cgroups is used to limit CPU, memory, disk I/O and network usage .

Setting up LXC container in linux

$sudo apt-get install lxc

$mkdir ~/.config/lxc 
$cp /etc/lxc/default.conf  ~/.config/lxc/default.conf
$cat /etc/subuid
user:100000:65536
$cat /etc/subgid
user:100000:65536

$vi ~/.config/lxc/default.conf
lxc.net.0.type = empty
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
lxc.network.type = veth
lxc.network.link = lxcbr0
lxc.network.flags = up
lxc.network.hwaddr = 00:16:3e:xx:xx:xx
lxc.id_map = u 0 100000 65536
lxc.id_map = g 0 100000 65536

$vi /etc/lxc/lxc-usernet
user veth lxcbr0 10

$sudo modprobe veth

$ sudo lxc-create -t download -n mycontainer

Distribution: ubuntu
Release: xenial
Architecture: amd64
 
$sudo apt install openssh-server
$sudo apt-get install apparmor
$sudo apparmor_parser -r -W -T /etc/apparmor.d/lxc-containers
$sudo lxc-attach -n mycontainer
root@mycontainer:/# useradd user
root@mycontainer:/# passwd user
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
root@mycontainer:/# exit
exit

$sudo lxc-console -n mycontainer
login and use as a regular machine

To stop the container from another terminal
$sudo lxc-stop -n mycontainer

TO remove the container 
$sudo lxc-destroy -n mycontainer

Docker

Even docker uses namespaces and cgroups to isolate process.However in docker only single process can be run inside a container ,its portable from one machine to another and the storage is per session basis and not persistent.

$sudo apt-get install docker.io

$sudo docker pull ubuntu

$sudo docker run -it ubuntu /bin/bash

QEMU

QEMU provides an option to run a emulated system or user mode emulation on a system for any architecture.

for armhf architecture on amd64
 
$sudo apt install qemu binfmt-support qemu-user-static

$sudo update-binfmts --display

$sudo dpkg --add-architecture armhf
$sudo apt update
$sudo apt install libc6:armhf

download the example helloworld arm binary from 
http://deb.debian.org/debian/pool/main/h/hello/hello_2.10-1+b1_armhf.deb

$dpkg -x hello_*_armhf.deb /tmp/hello_armhf

Run the Armhf binaries on amd64 system
$/tmp/hello_armhf/usr/bin/hello
Hello, world!

There is also a way to run the entire guest system on the host architecture using light-weight namespace container using systemd-nspawn similar to chroot

$unset LD_PRELOAD
download the armrootfs from https://www.armhf.com/download/
$sudo systemd-nspawn \
     -D /opt/armhfrootfs/ \
     --bind-ro /etc/resolv.conf \
     --tmpfs /tmp:mode=777 \
     --bind-ro /usr/bin/qemu-arm-static \
     --bind $HOME \
     --chdir /tmp \
     --user=user

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.