Setup Hypervisor
WebVirtCompute is a daemon for deploying and managing virtual machines based on FastAPI and libvirt. It is designed to be used for compute nodes and backend. This project provides a REST API to manage virtual machines and their resources, making it easy to automate virtual machine management.
Supported Distribution
- AlmaLinux 8
- AlmaLinux 9
- Rocky Linux 8
- Rocky Linux 9
- Debian 12 (Beta)
- Ubuntu 22.04 (Beta)
Requirements
- qemu
- libvirt
- firewalld
- prometheus
- libguestfs-tools
- NetworkManager
For what is it?
- It is a daemon for managing virtual machines based on FastAPI and libvirt.
- It is designed to be used for compute nodes and backend.
- It is a lightweight and fast daemon.
- It is easy to install and configure.
- It is only one binary file.
- It is use TLS to secure the communication between the client and the daemon.
Hypervisor
Network Setup
Only for Ubuntu 22.04 (Beta)
Install NetworkManager and firewalld:
sudo apt install -y network-manager firewalld
and update /etc/netplan/00-installer-config.yaml
:
network:
version: 2
renderer: NetworkManager
Only for Debian 12 (Beta)
Install NetworkManager and firewalld:
sudo apt install -y network-manager firewalld
and change managed
to true
in the file /etc/NeworkManager/NetworkManager.conf
:
[main]
plugins=ifupdown,keyfile
[ifupdown]
managed=true
For all supported distributions
Before installation, you have to prepare br-ext
and br-int
bridges for public and private networks accordingly.
please note you will also need two networking interfaces; for example eno1
& eno2
Example how to create and setup br-ext
bridge on eno1
interface:
nmcli conn add type bridge ifname br-ext con-name br-ext
nmcli conn add type bridge-slave ifname eno1 con-name eno1 master br-ext # NEED TO CHANGE eno1 ON YOUR INTERFACE NAME
nmcli conn modify br-ext ipv4.method manual ipv4.addresses 10.255.0.1/16 # for floating IP feature - DO NOT CHANGE
nmcli conn modify br-ext ipv4.method manual +ipv4.addresses 169.254.169.254/16 # for metadata service - DO NOT CHANGE
nmcli conn modify br-ext ipv4.method manual +ipv4.addresses 192.168.50.10/24 # NEED TO CHANGE 192.168.50.10/24 ON YOUR CIDR
nmcli conn modify br-ext ipv4.method manual ipv4.gateway 192.168.50.1 # NEED TO CHANGE 192.168.50.1 ON YOUR GATEWAY IP
nmcli conn modify br-ext ipv4.method manual ipv4.dns 8.8.8.8,1.1.1.1
nmcli conn modify br-ext bridge.stp no
nmcli conn modify br-ext 802-3-ethernet.mtu 1500
nmcli conn up eno1 # NEED TO CHANGE eno1 ON YOUR INTERFACE NAME
nmcli conn up br-ext
Exampale how to create and setup br-int
bridge on eno2
interface:
nmcli conn add type bridge ifname br-int con-name br-int ipv4.method disabled ipv6.method ignore
nmcli conn add type bridge-slave ifname eno2 con-name eno2 master br-int # NEED TO CHANGE eno2 ON YOUR INTERFACE NAME
nmcli conn modify br-int bridge.stp no
nmcli conn modify br-int 802-3-ethernet.mtu 1500
nmcli conn up eno2 # NEED TO CHANGE eno2 ON YOUR INTERFACE NAME
nmcli conn up br-int
For bridge interface br-int
we don't need to set IP addresses.
Libvirt setup
This script will install and configure libvirt
with qemu:///system
URI. You can always change settings libvirt
and libguestfish
if that is needed. Only create and set up br-ext
and br-int
bridges before running this script.
curl -fsSL https://raw.githubusercontent.com/webvirtcloud/webvirtcompute/master/scripts/libvirt.sh | sudo bash
Prometheus setup
This script will install and configure prometheus
with node_exporter
and libvirt_exporter
. You can always change settings for prometheus
if that is needed.
curl -fsSL https://raw.githubusercontent.com/webvirtcloud/webvirtcompute/master/scripts/prometheus.sh | sudo bash
Firewall setup
Enable firewalld service:
systemctl enable --now firewalld
Base firewall rules:
WEBVIRTBACKED_IP=<you backend IP> # need put your backend IP
firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 1 -m physdev --physdev-is-bridged -j ACCEPT # Bridge traffic rule
firewall-cmd --permanent --direct --add-rule ipv4 nat POSTROUTING 0 -d 10.255.0.0/16 -j MASQUERADE # Floating IP feature rule
firewall-cmd --permanent --direct --add-rule ipv4 nat PREROUTING 0 -i br-ext '!' -s 169.254.0.0/16 -d 169.254.169.254 -p tcp -m tcp --dport 80 -j DNAT --to-destination $WEBVIRTBACKED_IP:80 # CLoud-init metadata service rule
firewall-cmd --permanent --zone=trusted --add-source=169.254.0.0/16 # Move cloud-init metadata service to trusted zone
firewall-cmd --permanent --zone=trusted --add-interface=br-ext # Move br-ext to trusted zone
firewall-cmd --permanent --zone=trusted --add-interface=br-int # Move br-int to trusted zone
firewall-cmd --reload
Install WebVirtCompute daemon
curl -fsSL https://raw.githubusercontent.com/webvirtcloud/webvirtcompute/master/scripts/install.sh | sudo bash
Update WebVirtCompute daemon
curl -fsSL https://raw.githubusercontent.com/webvirtcloud/webvirtcompute/master/scripts/update.sh | sudo bash
Configuring daemon (optional)
WebVirtCompute uses a configuration file to set up the daemon. The default configuration file is located at /etc/webvirtcompute/webvirtcompute.ini
. You have to copy token
and add it to WebVirtCloud admin panel when you add a new compute node.
WebVirtCompute
Build from source
make -f Makefile.rockylinux8 compile
make -f Makefile.rockylinux8 package
You can find the archive with binary in release
directory.
Download binary
You can download already built binary for:
Also check README.md which is always up-to-date.