告别传统虚拟化:在K8s集群里用Kubevirt跑CentOS虚拟机的保姆级教程
当运维团队面临既要管理容器又要维护虚拟机的混合环境时,传统方案往往需要在VMware和Kubernetes之间不断切换。这不仅增加了运维复杂度,还造成了资源利用率低下。现在,通过Kubevirt技术,我们可以在同一个Kubernetes集群中同时调度容器和虚拟机,实现真正的"一云多态"管理。
本文将手把手带您完成从传统虚拟化到Kubevirt的迁移之旅。不同于简单的技术介绍,我们会重点解决实际迁移过程中的三个核心痛点:如何将现有CentOS镜像转换为Kubevirt可用格式、如何实现虚拟机与容器的网络互通、以及如何通过Kubernetes原生方式管理虚拟机生命周期。
1. 环境准备与Kubevirt部署
1.1 节点环境检查
在部署Kubevirt前,需要确保所有Kubernetes节点满足以下条件:
# 检查CPU虚拟化支持(Intel/AMD) grep -E '(vmx|svm)' /proc/cpuinfo # 检查内核模块加载 lsmod | grep kvm # Ubuntu安装依赖 sudo apt-get install -y qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils # CentOS安装依赖 sudo yum install -y qemu-kvm libvirt virt-install bridge-utils如果硬件不支持虚拟化(常见于云主机环境),需要启用软件仿真模式:
kubectl edit kubevirt kubevirt -n kubevirt # 添加以下配置 spec: configuration: developerConfiguration: useEmulation: true1.2 Kubevirt集群部署
推荐使用Operator方式部署最新稳定版:
# 部署Kubevirt Operator export KUBEVIRT_VERSION=$(curl -s https://api.github.com/repos/kubevirt/kubevirt/releases/latest | jq -r .tag_name) kubectl apply -f https://github.com/kubevirt/kubevirt/releases/download/${KUBEVIRT_VERSION}/kubevirt-operator.yaml # 部署Kubevirt自定义资源 kubectl apply -f https://github.com/kubevirt/kubevirt/releases/download/${KUBEVIRT_VERSION}/kubevirt-cr.yaml # 验证安装 kubectl get pods -n kubevirt提示:生产环境建议同时部署CDI(Containerized Data Importer)用于管理虚拟机磁盘镜像
2. 虚拟机镜像处理与导入
2.1 转换传统镜像格式
从云平台下载的CentOS qcow2镜像需要转换为containerDisk格式:
# Dockerfile FROM kubevirt/container-disk-v1alpha ADD CentOS-7-x86_64-GenericCloud-2009.qcow2 /disk/disk.img构建并推送镜像到私有仓库:
docker build -t registry.example.com/kubevirt/centos7:2009 . docker push registry.example.com/kubevirt/centos7:20092.2 使用DataVolume动态导入
对于大型镜像,推荐使用CDI的DataVolume功能:
apiVersion: cdi.kubevirt.io/v1beta1 kind: DataVolume metadata: name: centos-dv spec: source: http: url: "https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-2009.qcow2" pvc: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi3. 虚拟机定义与高级配置
3.1 基础虚拟机定义
创建包含cloud-init初始化的完整VM配置:
apiVersion: kubevirt.io/v1 kind: VirtualMachine metadata: name: centos-vm spec: running: false template: metadata: labels: kubevirt.io/domain: centos-vm spec: domain: cpu: cores: 2 devices: disks: - disk: bus: virtio name: rootdisk - disk: bus: virtio name: cloudinitdisk interfaces: - name: default bridge: {} resources: requests: memory: 4Gi networks: - name: default pod: {} volumes: - name: rootdisk persistentVolumeClaim: claimName: centos-dv - name: cloudinitdisk cloudInitNoCloud: userData: | #cloud-config password: centos chpasswd: { expire: False } ssh_pwauth: True3.2 网络高级配置
实现虚拟机与K8s Service互通:
apiVersion: kubevirt.io/v1 kind: VirtualMachine metadata: name: centos-vm-with-service spec: template: spec: networks: - name: default pod: {} - multus: networkName: bridge-network name: secondary对应的Multus NetworkAttachmentDefinition:
apiVersion: "k8s.cni.cncf.io/v1" kind: NetworkAttachmentDefinition metadata: name: bridge-network annotations: k8s.v1.cni.cncf.io/resourceName: bridge.network.kubevirt.io/br0 spec: config: '{ "cniVersion": "0.3.1", "name": "br0", "type": "macvlan", "master": "eth0", "mode": "bridge", "ipam": { "type": "dhcp" } }'4. 运维与监控实践
4.1 日常操作命令集
安装virtctl客户端工具:
# Linux wget https://github.com/kubevirt/kubevirt/releases/download/v0.58.0/virtctl-v0.58.0-linux-amd64 -O /usr/local/bin/virtctl chmod +x /usr/local/bin/virtctl # macOS brew install kubevirt/tap/virtctl常用操作命令:
# 启动/停止VM virtctl start centos-vm virtctl stop centos-vm # 控制台连接 virtctl console centos-vm # 导出VM快照 virtctl snapshot create centos-vm --name=snapshot-01 # 虚拟机迁移 virtctl migrate centos-vm4.2 监控与告警配置
创建Prometheus监控规则示例:
apiVersion: monitoring.coreos.com/v1 kind: PrometheusRule metadata: name: kubevirt-vm-alerts spec: groups: - name: kubevirt.rules rules: - alert: HighVMMemoryUsage expr: kubevirt_vmi_memory_available_bytes / kubevirt_vmi_memory_usable_bytes < 0.2 for: 5m labels: severity: warning annotations: summary: "VM {{ $labels.name }} memory usage high" description: "VM {{ $labels.name }} has only {{ printf \"%.2f\" (mul 100 (div (sub 1 (kubevirt_vmi_memory_available_bytes / kubevirt_vmi_memory_usable_bytes)) 1)) }}% memory available"5. 性能优化与故障排查
5.1 关键性能参数调优
在VM定义中添加性能优化参数:
spec: domain: cpu: model: host-passthrough features: - name: pdpe1gb policy: require devices: autoattachGraphicsDevice: false autoattachSerialConsole: true rng: {} resources: requests: memory: 8Gi limits: memory: 8Gi cpu: 45.2 常见问题解决方案
问题1:虚拟机启动超时
检查virt-launcher Pod日志:
kubectl logs -f virt-launcher-centos-vm-xxxxx -c compute常见解决方法:
- 增加虚拟机启动超时时间
- 检查镜像是否损坏
- 验证存储PV是否正常挂载
问题2:网络连接失败
网络排查步骤:
# 检查Multus注解 kubectl get pod virt-launcher-centos-vm-xxxxx -o json | jq '.metadata.annotations' # 进入virt-launcher网络命名空间 nsenter -t $(pgrep qemu) -n ip a6. 生产环境最佳实践
6.1 资源配额管理
为Kubevirt设置专属资源池:
apiVersion: kubevirt.io/v1 kind: KubeVirt metadata: name: kubevirt spec: configuration: developerConfiguration: featureGates: - LiveMigration permittedHostDevices: pciDevices: - resourceName: "nvidia.com/gpu" externalResourceProvider: true workloadUpdateStrategy: workloadUpdateMethods: - LiveMigrate6.2 高可用配置
启用虚拟机自动迁移:
apiVersion: kubevirt.io/v1 kind: VirtualMachine metadata: name: centos-ha spec: running: true template: spec: evictionStrategy: LiveMigrate domain: cpu: cores: 2 devices: disks: - disk: bus: virtio name: rootdisk volumes: - name: rootdisk persistentVolumeClaim: claimName: centos-dv
