将单个 NIC 分配给 KVM 来宾

Question

我有一台安装了 6 个 NIC 的服务器，并且正在运行 Ubuntu 12.04LTS。我想使用 kvm 设置 4 个来宾 VM。现在我想为主机分配 2 个 NIC（1 个公共 IP 和 1 个私有 IP），每个 1 个 NIC 分配给 4 个来宾 VM（所有私有 IP）。我该怎么做呢？

/etc/network/interfaces

我的配置文件有问题，如下所示：

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
    address 192.168.1.109
    netmask 255.255.255.0
    gateway 192.168.1.5

auto eth1
iface eth1 inet static
        address 192.168.1.117
        netmask 255.255.255.0

auto eth2
iface eth2 inet manual

auto br0
iface br0 inet static
        address 192.168.1.118
        netmask 255.255.255.0
        bridge_ports eth2
        bridge_fd 9
        bridge_hello 2
        bridge_maxage 12
        bridge_stp off

auto eth3
iface eth3 inet manual

auto br1
iface br1 inet static
        address 192.168.1.119
        netmask 255.255.255.0
        bridge_ports eth3
        bridge_fd 9
        bridge_hello 2
        bridge_maxage 12
        bridge_stp off

auto eth4
iface eth4 inet manual

auto br2
iface br2 inet static
        address 192.168.1.123
        netmask 255.255.255.0
        bridge_ports eth4
        bridge_fd 9
        bridge_hello 2
        bridge_maxage 12
        bridge_stp off

auto eth5
iface eth5 inet manual

auto br3
iface br3 inet static
        address 192.168.1.124
        netmask 255.255.255.0
        bridge_ports eth5
        bridge_fd 9
        bridge_hello 2
        bridge_maxage 12
        bridge_stp off

---

更新：我现在可以工作了。唯一的问题是分配给来宾使用的 NIC 仍然在主机上获得 IP，输出如下：

eth0      Link encap:Ethernet  HWaddr 78:2b:cb:2b:61:ed  
          inet addr:192.168.1.109  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::7a2b:cbff:fe2b:61ed/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:117 errors:0 dropped:0 overruns:0 frame:0
          TX packets:108 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:26221 (26.2 KB)  TX bytes:17217 (17.2 KB)
          Interrupt:36 Memory:d2000000-d2012800 

eth1      Link encap:Ethernet  HWaddr 78:2b:cb:2b:61:ee  
          inet addr:192.168.1.10  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::7a2b:cbff:fe2b:61ee/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:40 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:9898 (9.8 KB)  TX bytes:3409 (3.4 KB)
          Interrupt:48 Memory:d4000000-d4012800 

eth2      Link encap:Ethernet  HWaddr 00:10:18:a8:84:80  
          inet6 addr: fe80::210:18ff:fea8:8480/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:46 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:11309 (11.3 KB)  TX bytes:2523 (2.5 KB)
          Interrupt:47 Memory:da000000-da012800 

eth3      Link encap:Ethernet  HWaddr 00:10:18:a8:84:82  
          inet6 addr: fe80::210:18ff:fea8:8482/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:51 errors:0 dropped:0 overruns:0 frame:0
          TX packets:17 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:12541 (12.5 KB)  TX bytes:4154 (4.1 KB)
          Interrupt:46 Memory:dc000000-dc012800 

eth4      Link encap:Ethernet  HWaddr 00:10:18:a8:84:84  
          inet6 addr: fe80::210:18ff:fea8:8484/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:55 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:15136 (15.1 KB)  TX bytes:3053 (3.0 KB)
          Interrupt:38 Memory:d6000000-d6012800 

eth5      Link encap:Ethernet  HWaddr 00:10:18:a8:84:86  
          inet6 addr: fe80::210:18ff:fea8:8486/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:58 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:14742 (14.7 KB)  TX bytes:2523 (2.5 KB)
          Interrupt:45 Memory:d8000000-d8012800 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:639 errors:0 dropped:0 overruns:0 frame:0
          TX packets:639 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:46422 (46.4 KB)  TX bytes:46422 (46.4 KB)

macvtap0  Link encap:Ethernet  HWaddr 52:54:00:8d:e7:e6  
          inet6 addr: fe80::5054:ff:fe8d:e7e6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:57 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:14074 (14.0 KB)  TX bytes:1553 (1.5 KB)

Answer 1

将 NIC 分配给来宾的最简单方法是让它们在主机中保持未配置状态，并对来宾 NIC 使用 macvtap passthrough 模式。请注意，如果没有额外的、更复杂的设置，这将阻止 VM 实时迁移。

设置：

  <devices>
    ...
    <interface type='direct'>
      <source dev='eth0' mode='private'/>
    </interface>
  </devices>

或者您可以使用完整的 PCI 直通模式（前提是您有 IOMMU/VT-d）：

  <devices>
    <interface type='hostdev'>
      <source>
        <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
      </source>
      <mac address='52:54:00:6d:90:02'>
    </interface>
  </devices>