ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    The Ultimate KVM setup

    IT Discussion
    elite kvm setup take on me
    12
    57
    6.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      NerdyDad
      last edited by

      I'm starting to think that Emad has gone full blown Curtis here.

      E 1 Reply Last reply Reply Quote 1
      • E
        Emad R @Emad R
        last edited by

        @emad-r

        Fixed some typos and made it more clearer article. Also posted 2 Centos logos for dominance.

        1 Reply Last reply Reply Quote 0
        • B
          black3dynamite
          last edited by

          I always thought it was Fedora > RedHat > CentOS.

          S 1 Reply Last reply Reply Quote 0
          • S
            scottalanmiller @black3dynamite
            last edited by

            @black3dynamite said in The Ultimate KVM setup:

            I always thought it was Fedora > RedHat > CentOS.

            It is. Fedora is the original. RH is more or less a frozen version of Fedora. CentOS is a code recompile of RH.

            1 Reply Last reply Reply Quote 1
            • R
              RamblingBiped @DustinB3403
              last edited by

              @dustinb3403 said in The Ultimate KVM setup:

              @wirestyle22 said in The Ultimate KVM setup:

              @dustinb3403 said in The Ultimate KVM setup:

              @wirestyle22 said in The Ultimate KVM setup:

              @dustinb3403 said in The Ultimate KVM setup:

              @wirestyle22 said in The Ultimate KVM setup:

              @dustinb3403 said in The Ultimate KVM setup:

              @wirestyle22 said in The Ultimate KVM setup:

              @emad-r said in The Ultimate KVM setup:

              I got triggered cause there can be only 1 KVM MASTER

              It's weird that you're attempting to take the KVM Master role with a GUI install

              Why is that any more weird? The CLI is still there to be used, but as far as a tool goes, a GUI is just another one. . .

              It's wasted resources. I'd think the KVM Master would be as efficient as possible.

              If a tool is needed, why would it be wasted resources? I get what you are trying to get at here, but a tool is a tool is a tool.

              If you need a GUI to do something (whatever it is) and it's the best approach "you" know then why bash the tool?

              So my old users who say they can't operate a computer shouldn't learn the right way to file things digitally. We should be okay with her using paper because she understands that? I understand what you're saying, but how far down that rabbit hole do we go?

              Why would your user be the administrator of the computer? Why are CLI's the golden child tool, and GUI's are the bastard tools?

              My point is it's a tool to be used, why not use it if it's available?

              It's just an argument for learning the most efficient/best way to do things. I have a lot of failures and some successes with my learning, but I am learning how to do things in the most efficient way I can.

              We could start installing hyper-v as a role because i don't know powershell, but the reality is i should learn powershell to manage hyper-v anyway.

              The argument is flawed though.

              Tools are only meant to make the process efficient. You're stating that using a GUI is counter efficiency. Which in terms of resources required to use the GUI, makes sense.

              But the GUI it's self is there to eliminate wasted time remembering powershell (and human error) by providing a button to start a specific VM etc.

              That's what scripts are for... 😛

              1 Reply Last reply Reply Quote 1
              • O
                Obsolesce @Emad R
                last edited by

                @emad-r said in The Ultimate KVM setup:

                @dustinb3403 said in The Ultimate KVM setup:

                e GUI it's self is there to eliminate wasted time remembering powershell (and human error)

                BUT I am using GUI i am just moving it away of the KVM host, and giving the KVM host one role only, instead of

                Web server
                PHP/Python
                Node JS

                And those stuff that KIMCHI use

                Kimchi and all the stuff it requires to run barely uses any resources. We're talking tens of megabytes, almost no CPU, barely any RAM. I'm not using any 15-year-old servers, so they can all handle that tiny extra bit without it having any impact whatsoever on running VMs or the host.

                I do agree with installing the web services on a separate device on the perimeter network if setting it up to be accessed from the internet, and having that connected to your Host via another NIC. But I highly recommend keeping selinux enabled. I don't see why everyone always disables that. I always keep selinux and firewall enabled, even on internal-only servers. Banks don't only lock the front door and keep the vault open. They lock both.

                J 1 Reply Last reply Reply Quote 1
                • J
                  JaredBusch @Obsolesce
                  last edited by

                  @tim_g said in The Ultimate KVM setup:

                  @emad-r said in The Ultimate KVM setup:

                  @dustinb3403 said in The Ultimate KVM setup:

                  e GUI it's self is there to eliminate wasted time remembering powershell (and human error)

                  BUT I am using GUI i am just moving it away of the KVM host, and giving the KVM host one role only, instead of

                  Web server
                  PHP/Python
                  Node JS

                  And those stuff that KIMCHI use

                  Kimchi and all the stuff it requires to run barely uses any resources. We're talking tens of megabytes, almost no CPU, barely any RAM. I'm not using any 15-year-old servers, so they can all handle that tiny extra bit without it having any impact whatsoever on running VMs or the host.

                  I do agree with installing the web services on a separate device on the perimeter network if setting it up to be accessed from the internet, and having that connected to your Host via another NIC. But I highly recommend keeping selinux enabled. I don't see why everyone always disables that. I always keep selinux and firewall enabled, even on internal-only servers. Banks don't only lock the front door and keep the vault open. They lock both.

                  Then why did you permanently set it to permissive for httpd_t in your guide?

                  1 Reply Last reply Reply Quote 1
                  • O
                    Obsolesce
                    last edited by

                    @jaredbusch said in The Ultimate KVM setup:

                    @tim_g said in The Ultimate KVM setup:

                    @emad-r said in The Ultimate KVM setup:

                    @dustinb3403 said in The Ultimate KVM setup:

                    e GUI it's self is there to eliminate wasted time remembering powershell (and human error)

                    BUT I am using GUI i am just moving it away of the KVM host, and giving the KVM host one role only, instead of

                    Web server
                    PHP/Python
                    Node JS

                    And those stuff that KIMCHI use

                    Kimchi and all the stuff it requires to run barely uses any resources. We're talking tens of megabytes, almost no CPU, barely any RAM. I'm not using any 15-year-old servers, so they can all handle that tiny extra bit without it having any impact whatsoever on running VMs or the host.

                    I do agree with installing the web services on a separate device on the perimeter network if setting it up to be accessed from the internet, and having that connected to your Host via another NIC. But I highly recommend keeping selinux enabled. I don't see why everyone always disables that. I always keep selinux and firewall enabled, even on internal-only servers. Banks don't only lock the front door and keep the vault open. They lock both.

                    Then why did you permanently set it to permissive for httpd_t in your guide?

                    SELinux is still enabled. That command only puts Apache in a single permissive security domain.

                    It's way better than putting SELinux in permissive mode or disabling it altogether.

                    J 1 Reply Last reply Reply Quote 0
                    • E
                      Emad R @NerdyDad
                      last edited by

                      @nerdydad said in The Ultimate KVM setup:

                      I'm starting to think that Emad has gone full blown Curtis here.

                      well it is not fault madness is in my name

                      1 Reply Last reply Reply Quote 0
                      • J
                        JaredBusch @Obsolesce
                        last edited by JaredBusch

                        @tim_g said in The Ultimate KVM setup:

                        @jaredbusch said in The Ultimate KVM setup:

                        @tim_g said in The Ultimate KVM setup:

                        @emad-r said in The Ultimate KVM setup:

                        @dustinb3403 said in The Ultimate KVM setup:

                        e GUI it's self is there to eliminate wasted time remembering powershell (and human error)

                        BUT I am using GUI i am just moving it away of the KVM host, and giving the KVM host one role only, instead of

                        Web server
                        PHP/Python
                        Node JS

                        And those stuff that KIMCHI use

                        Kimchi and all the stuff it requires to run barely uses any resources. We're talking tens of megabytes, almost no CPU, barely any RAM. I'm not using any 15-year-old servers, so they can all handle that tiny extra bit without it having any impact whatsoever on running VMs or the host.

                        I do agree with installing the web services on a separate device on the perimeter network if setting it up to be accessed from the internet, and having that connected to your Host via another NIC. But I highly recommend keeping selinux enabled. I don't see why everyone always disables that. I always keep selinux and firewall enabled, even on internal-only servers. Banks don't only lock the front door and keep the vault open. They lock both.

                        Then why did you permanently set it to permissive for httpd_t in your guide?

                        SELinux is still enabled. That command only puts Apache in a single permissive security domain.

                        But from a web server, that is the single largest attack vector. why do it? Instead properly set httpd_t_rw on the select files or directories that need it.

                        @tim_g said in The Ultimate KVM setup:

                        It's way better than putting SELinux in permissive mode or disabling it altogether.

                        True, but see above.

                        O 1 Reply Last reply Reply Quote 0
                        • O
                          Obsolesce @JaredBusch
                          last edited by

                          @jaredbusch said in The Ultimate KVM setup:

                          Instead properly set httpd_t_rw on the select files or directories that need it.

                          That would be the most thorough way to do it. But I don't know everything it needs or have time to figure it out. (yet)

                          If you do, go for it. I'll credit you for it if works and I put it in my blog.

                          1 Reply Last reply Reply Quote 0
                          • M
                            mattbagan
                            last edited by

                            I'm having a hard time following this. So we have one(two) KVM host, fedora instance running virt manger, another fedora running vnc server?

                            O 1 Reply Last reply Reply Quote 0
                            • O
                              Obsolesce @mattbagan
                              last edited by

                              @mattbagan said in The Ultimate KVM setup:

                              I'm having a hard time following this. So we have one(two) KVM host, fedora instance running virt manger, another fedora running vnc server?

                              Install Cockpit: dnf install cockpit cockpit-machines
                              Then do a dnf group install "Virtualization".

                              Set each VM to use SPICE and VNC. You can get VM console access via Cockpit and the VNC display.

                              M 1 Reply Last reply Reply Quote 0
                              • M
                                mattbagan @Obsolesce
                                last edited by

                                @tim_g said in The Ultimate KVM setup:

                                @mattbagan said in The Ultimate KVM setup:

                                I'm having a hard time following this. So we have one(two) KVM host, fedora instance running virt manger, another fedora running vnc server?

                                Install Cockpit: dnf install cockpit cockpit-machines
                                Then do a dnf group install "Virtualization".

                                Set each VM to use SPICE and VNC. You can get VM console access via Cockpit and the VNC display.

                                cockpit gets installed on the KVM host?

                                O 1 Reply Last reply Reply Quote 0
                                • O
                                  Obsolesce @mattbagan
                                  last edited by

                                  @mattbagan said in The Ultimate KVM setup:

                                  @tim_g said in The Ultimate KVM setup:

                                  @mattbagan said in The Ultimate KVM setup:

                                  I'm having a hard time following this. So we have one(two) KVM host, fedora instance running virt manger, another fedora running vnc server?

                                  Install Cockpit: dnf install cockpit cockpit-machines
                                  Then do a dnf group install "Virtualization".

                                  Set each VM to use SPICE and VNC. You can get VM console access via Cockpit and the VNC display.

                                  cockpit gets installed on the KVM host?

                                  Yes.

                                  M 1 Reply Last reply Reply Quote 0
                                  • M
                                    mattbagan @Obsolesce
                                    last edited by

                                    @tim_g said in The Ultimate KVM setup:

                                    @mattbagan said in The Ultimate KVM setup:

                                    @tim_g said in The Ultimate KVM setup:

                                    @mattbagan said in The Ultimate KVM setup:

                                    I'm having a hard time following this. So we have one(two) KVM host, fedora instance running virt manger, another fedora running vnc server?

                                    Install Cockpit: dnf install cockpit cockpit-machines
                                    Then do a dnf group install "Virtualization".

                                    Set each VM to use SPICE and VNC. You can get VM console access via Cockpit and the VNC display.

                                    cockpit gets installed on the KVM host?

                                    Yes.

                                    Can I create VMs within cockpit? I do not see an option for that.

                                    E O 2 Replies Last reply Reply Quote 0
                                    • E
                                      Emad R @mattbagan
                                      last edited by

                                      @mattbagan

                                      Can I create VMs within cockpit? I do not see an option for that.

                                      Who resurrected MEEEEE and this thread, I WILL BURY YOU ALL.

                                      seriously no you cant, cockpit is very simple and meant to be simple, and currently you can only view.

                                      Regarding this setup it involves basically a Fedora machine in the cloud for management and you connect it and do anything/everything, it works but only if you are the only IT person. (my idea is making Fedora a Virt Manager program, like Vsphere C# or Hyper-V manager, and you can connect to it using web interface thanks to NoVNC)

                                      I love it and use it, cause it keeps the KVM servers basic and simple, however cockpit for me can be the cherry topping, after I setup everything I can connect via cockpit and quickly edit, but if I want to do management I will use Virt Manager

                                      1 Reply Last reply Reply Quote 0
                                      • O
                                        Obsolesce @mattbagan
                                        last edited by Obsolesce

                                        @mattbagan said in The Ultimate KVM setup:

                                        @tim_g said in The Ultimate KVM setup:

                                        @mattbagan said in The Ultimate KVM setup:

                                        @tim_g said in The Ultimate KVM setup:

                                        @mattbagan said in The Ultimate KVM setup:

                                        I'm having a hard time following this. So we have one(two) KVM host, fedora instance running virt manger, another fedora running vnc server?

                                        Install Cockpit: dnf install cockpit cockpit-machines
                                        Then do a dnf group install "Virtualization".

                                        Set each VM to use SPICE and VNC. You can get VM console access via Cockpit and the VNC display.

                                        cockpit gets installed on the KVM host?

                                        Yes.

                                        Can I create VMs within cockpit? I do not see an option for that.

                                        No, but you can connect to your KVM host via virt-manager from another Linux PC.

                                        M 1 Reply Last reply Reply Quote 0
                                        • M
                                          mattbagan @Obsolesce
                                          last edited by

                                          @tim_g said in The Ultimate KVM setup:

                                          @mattbagan said in The Ultimate KVM setup:

                                          @tim_g said in The Ultimate KVM setup:

                                          @mattbagan said in The Ultimate KVM setup:

                                          @tim_g said in The Ultimate KVM setup:

                                          @mattbagan said in The Ultimate KVM setup:

                                          I'm having a hard time following this. So we have one(two) KVM host, fedora instance running virt manger, another fedora running vnc server?

                                          Install Cockpit: dnf install cockpit cockpit-machines
                                          Then do a dnf group install "Virtualization".

                                          Set each VM to use SPICE and VNC. You can get VM console access via Cockpit and the VNC display.

                                          cockpit gets installed on the KVM host?

                                          Yes.

                                          Can I create VMs within cockpit? I do not see an option for that.

                                          No, but you can connect to your KVM host via virt-manager from another Linux PC.

                                          Or do a search for my Kimchi guide:

                                          https://mangolassi.it/topic/14675/fedora-26-kvm-html5-remote-access-with-web-console-via-kimchi

                                          Guide is here:
                                          https://www.timothygruber.com/linux/fedora-26-kvm-html5-remote-access-with-web-console-via-kimchi-part-1/

                                          I have tried connecting virt manger to my KVM host but I get all kinds of errors. Not sure if I am doing it right. Do you have a guide for connecting to a remote KVM host with virt manger for a non-root user? I get lots of accessed denied. I did end up finding your guide after searching cockpit on the forum.

                                          J O 2 Replies Last reply Reply Quote 0
                                          • J
                                            JaredBusch @mattbagan
                                            last edited by JaredBusch

                                            @mattbagan said in The Ultimate KVM setup:

                                            @tim_g said in The Ultimate KVM setup:

                                            @mattbagan said in The Ultimate KVM setup:

                                            @tim_g said in The Ultimate KVM setup:

                                            @mattbagan said in The Ultimate KVM setup:

                                            @tim_g said in The Ultimate KVM setup:

                                            @mattbagan said in The Ultimate KVM setup:

                                            I'm having a hard time following this. So we have one(two) KVM host, fedora instance running virt manger, another fedora running vnc server?

                                            Install Cockpit: dnf install cockpit cockpit-machines
                                            Then do a dnf group install "Virtualization".

                                            Set each VM to use SPICE and VNC. You can get VM console access via Cockpit and the VNC display.

                                            cockpit gets installed on the KVM host?

                                            Yes.

                                            Can I create VMs within cockpit? I do not see an option for that.

                                            No, but you can connect to your KVM host via virt-manager from another Linux PC.

                                            Or do a search for my Kimchi guide:

                                            https://mangolassi.it/topic/14675/fedora-26-kvm-html5-remote-access-with-web-console-via-kimchi

                                            Guide is here:
                                            https://www.timothygruber.com/linux/fedora-26-kvm-html5-remote-access-with-web-console-via-kimchi-part-1/

                                            I have tried connecting virt manger to my KVM host but I get all kinds of errors. Not sure if I am doing it right. Do you have a guide for connecting to a remote KVM host with virt manger for a non-root user? I get lots of accessed denied. I did end up finding your guide after searching cockpit on the forum.

                                            You have to put your user in the virtual manager group. Forget the proper name of the group.

                                            @stacksofplates knows it

                                            stacksofplatesS 1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 3
                                            • 3 / 3
                                            • First post
                                              Last post