Network Hosted Kernel Virtual Machine (KVM)
Many Cisco Routers allow you to host your own virtual machine directly inside a router.
DevNet: Cisco IOS KVM Service-Containers
- CSR 1000v
- ISR 4000
- ASR 1000
I went through the documentation, especially Service-Containers-Tutorial.pdf and Ubuntu – Building a Service Container.pdf where very helpful.
But i didn’t want to go the „Ubuntu-Desktop-14.04-LTS“-way which was described.
„My“ Service-Container-VM should be:
- Ubuntu 16.04 LTS
- provides longer support (April 2021) Releases – Ubuntu Wiki
- Ubuntu Server
- save some compute/cpu/dram/harddisk-ressources by not installing an Ubuntu-Desktop-Environment inside the Router. Just network services, please!
The whole deployment process can be accomplished in five steps:
- build a KVM virtualization-Environment
- prepare an ISR-Router (lab: Create a CSR1000v-Instance for nested Virtualization)
- create the Service-VM (Ubuntu-Server)
- package it inside an OVA
- install this OVA at the router
Build the KVM Virtualization Environment
Here I’ll use Ubuntu LTS, but the „Desktop“-Release to get the „Virtual Machine Manager“-GUI.
ubuntu-16.04.3-desktop-amd64.iso
Common vSphere Process „New VM“
- Linux Ubuntu 64 Bit, 4GB DRAM, 120GB Disk
- mount Ubuntu-Desktop-ISO as DVD
Enable nested virtualization (Hardware-Virtualization for Guest-OS)
Don’t forget: this „KVM Virtualization Environment“ will run on top of an VSphere-ESXi-Host.
- nested virtualization: [Linux-Server-VM] on top of [KVM Virtualization] on top of [ESXi Hypervisor]
Ubuntu-Desktop VM with KVM-Virtualization
Installation: Defaults are fine
- never use the „root“-acccout
- use a common user-account instead, i’ll use the username „user“ in the text
Additional Setup
user@KVM-1:~$ sudo apt-get update && sudo apt-get upgrade -y
user@KVM-1:~$ sudo apt-get install -y open-vm-tools open-vm-tools-desktop
Add KVM („libvirt“)
user@KVM-1:~$ sudo apt-get install -y qemu-kvm libvirt-bin bridge-utils virt-manager qemu-system
Finalize it
user@KVM-1:~$ sudo reboot
Check the KVM Environment
Should look like this:
user@KVM-1:~/isr-service-container$ virsh -c qemu:///system list Id Name State ----------------------------------------------------
Fine-tuning: „Disable Screensaver“
- avoid ever and ever re-login to the remote-Desktop
- acceptable in an isolated lab environment
all settings => brightness & lock
- „never“ turn screen off when inactive
- lock „off“
- [ ] require password when waking from suspend
Preparation: Mount NFS-Share with „ubuntu-server“-ISO
I store my ISO-Images on an central NFS-Datastore.
- the ISO-image has to be available inside the VM
sudo apt-get install -y nfs-common mkdir /home/user/<NAS-SHARE> sudo mount.nfs <NAS-IP>:<NAS-SHARE> /home/user/<NAS-SHARE>