libvirtd image

libvirtd/centos7/Dockerfile

@@ -0,0 +1,39 @@
+FROM centos/systemd
+
+USER 0
+
+RUN yum -y install libvirt-daemon-driver-* libvirt-daemon \
+  libvirt-daemon-kvm qemu-kvm && yum clean all
+RUN systemctl enable libvirtd; systemctl enable virtlockd
+
+RUN yum install -y openssh-server openssh-clients arpwatch
+
+RUN echo "root:root" |chpasswd
+RUN systemctl enable sshd
+RUN sed -i 's|[#]*PermitRootLogin no|PermitRootLogin yes|g' /etc/ssh/sshd_config
+RUN sed -i 's|[#]*PasswordAuthentication no|PasswordAuthentication yes|g' /etc/ssh/sshd_config
+RUN sed -i 's|[#]*ChallengeResponseAuthentication no|ChallengeResponseAuthentication yes|g' /etc/ssh/sshd_config
+RUN sed -i 's|UsePAM no|UsePAM yes|g' /etc/ssh/sshd_config
+
+RUN echo "listen_tls = 0" >> /etc/libvirt/libvirtd.conf; \
+echo 'listen_tcp = 1' >> /etc/libvirt/libvirtd.conf; \
+echo 'tls_port = "16514"' >> /etc/libvirt/libvirtd.conf; \
+echo 'tcp_port = "16509"' >> /etc/libvirt/libvirtd.conf; \
+echo 'auth_tcp = "none"' >> /etc/libvirt/libvirtd.conf
+
+RUN echo 'vnc_listen = "0.0.0.0"' >> /etc/libvirt/qemu.conf
+
+RUN echo 'LIBVIRTD_ARGS="--listen"' >> /etc/sysconfig/libvirtd
+
+ADD customlibvirtpost.service /usr/lib/systemd/system/customlibvirtpost.service
+ADD customlibvirtpost.sh /customlibvirtpost.sh
+RUN chmod a+x /customlibvirtpost.sh
+Add network.xml /network.xml
+RUN systemctl enable customlibvirtpost
+
+EXPOSE 22
+EXPOSE 16509
+EXPOSE 5900
+
+VOLUME [ "/sys/fs/cgroup" ]
+CMD ["/usr/sbin/init"]

libvirtd/centos7/README.md

@@ -0,0 +1,47 @@
+#  Official CentOS libvirtd docker container
+
+Credits to
+https://github.com/fuzzyhandle/libvirtd-in-docker
+https://github.com/projectatomic/docker-image-examples/blob/master/rhel-libvirt/libvirtd/Dockerfile
+http://www.projectatomic.io/blog/2014/10/libvirtd_in_containers/
+The Container supports running qemu hypervisor out of the box. However to leverage hardware acceleration, the underlying host needs to support Visualization Technology (VT).
+
+Running KVM in libvirtd in a container
+For running VMs using hardware acceleration, the docker host will need to have have a processor flag to support nested visualization
+
+Check your processor supports VT
+For more info refer http://www.howtogeek.com/howto/linux/linux-tip-how-to-tell-if-your-processor-supports-vt/
+
+Run
+
+egrep ‘(vmx|svm)’ /proc/cpuinfo
+The output should show vmx (in case of Intel Processor) or svm (in case of AMD Processor)
+
+E.g.
+
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall nx lm constant_tsc pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr lahf_lm
+Enable the setting for Nested KVM
+Assuming the processor supports VT, you can enable the VT support to nested VMs.
+
+Create/Edit file /etc/modprobe.d/kvm-nested.conf with contents
+
+options kvm_intel nested=1
+Unload and reload the module
+
+modprobe -r kvm_intel
+modprobe kvm_intel
+The output of this command is
+
+cat /sys/module/kvm_intel/parameters/nested
+should show
+
+Y
+Running the container
+This image needs to be run in privileged mode
+
+E.g.
+
+docker run -d --privileged -d -e 'container=docker' -v /sys/fs/cgroup:/sys/fs/cgroup:rw centos/libvirtd
+You can also forward ports to connect to the libvirtd service from remote machines
+
+docker run -d --privileged -d -e 'container=docker'-p 10001:16509 -p 10002:22 -p 10003:5900  -v /sys/fs/cgroup:/sys/fs/cgroup:rw centos/libvirtd;

libvirtd/centos7/customlibvirtpost.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=Setup Devices and directories and environment needed for libvirtd to fuction correctly
+After=libvirtd.service
+
+[Service]
+Type=oneshot
+ExecStart=/bin/sh /customlibvirtpost.sh
+
+[Install]
+WantedBy=multi-user.target

libvirtd/centos7/customlibvirtpost.sh

@@ -0,0 +1,5 @@
+#/bin/bash
+
+chmod 666 /dev/kvm
+virsh net-define /network.xml
+virsh net-start default

libvirtd/centos7/network.xml

@@ -0,0 +1,16 @@
+<network>
+  <name>default</name>
+  <forward mode='nat'>
+    <nat>
+      <port start='1024' end='65535'/>
+    </nat>
+  </forward>
+  <bridge name='virbr0' stp='on' delay='0'/>
+  <domain name='default'/>
+  <ip address='192.168.100.1' netmask='255.255.255.0'>
+    <dhcp>
+      <range start='192.168.100.128' end='192.168.100.254'/>
+    </dhcp>
+  </ip>
+</network>
+