告别传统虚拟化在K8s集群里用Kubevirt跑CentOS虚拟机的保姆级教程当运维团队面临既要管理容器又要维护虚拟机的混合环境时传统方案往往需要在VMware和Kubernetes之间不断切换。这不仅增加了运维复杂度还造成了资源利用率低下。现在通过Kubevirt技术我们可以在同一个Kubernetes集群中同时调度容器和虚拟机实现真正的一云多态管理。本文将手把手带您完成从传统虚拟化到Kubevirt的迁移之旅。不同于简单的技术介绍我们会重点解决实际迁移过程中的三个核心痛点如何将现有CentOS镜像转换为Kubevirt可用格式、如何实现虚拟机与容器的网络互通、以及如何通过Kubernetes原生方式管理虚拟机生命周期。1. 环境准备与Kubevirt部署1.1 节点环境检查在部署Kubevirt前需要确保所有Kubernetes节点满足以下条件# 检查CPU虚拟化支持Intel/AMD grep -E (vmx|svm) /proc/cpuinfo # 检查内核模块加载 lsmod | grep kvm # Ubuntu安装依赖 sudo apt-get install -y qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils # CentOS安装依赖 sudo yum install -y qemu-kvm libvirt virt-install bridge-utils如果硬件不支持虚拟化常见于云主机环境需要启用软件仿真模式kubectl edit kubevirt kubevirt -n kubevirt # 添加以下配置 spec: configuration: developerConfiguration: useEmulation: true1.2 Kubevirt集群部署推荐使用Operator方式部署最新稳定版# 部署Kubevirt Operator export KUBEVIRT_VERSION$(curl -s https://api.github.com/repos/kubevirt/kubevirt/releases/latest | jq -r .tag_name) kubectl apply -f https://github.com/kubevirt/kubevirt/releases/download/${KUBEVIRT_VERSION}/kubevirt-operator.yaml # 部署Kubevirt自定义资源 kubectl apply -f https://github.com/kubevirt/kubevirt/releases/download/${KUBEVIRT_VERSION}/kubevirt-cr.yaml # 验证安装 kubectl get pods -n kubevirt提示生产环境建议同时部署CDIContainerized Data Importer用于管理虚拟机磁盘镜像2. 虚拟机镜像处理与导入2.1 转换传统镜像格式从云平台下载的CentOS qcow2镜像需要转换为containerDisk格式# Dockerfile FROM kubevirt/container-disk-v1alpha ADD CentOS-7-x86_64-GenericCloud-2009.qcow2 /disk/disk.img构建并推送镜像到私有仓库docker build -t registry.example.com/kubevirt/centos7:2009 . docker push registry.example.com/kubevirt/centos7:20092.2 使用DataVolume动态导入对于大型镜像推荐使用CDI的DataVolume功能apiVersion: cdi.kubevirt.io/v1beta1 kind: DataVolume metadata: name: centos-dv spec: source: http: url: https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-2009.qcow2 pvc: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi3. 虚拟机定义与高级配置3.1 基础虚拟机定义创建包含cloud-init初始化的完整VM配置apiVersion: kubevirt.io/v1 kind: VirtualMachine metadata: name: centos-vm spec: running: false template: metadata: labels: kubevirt.io/domain: centos-vm spec: domain: cpu: cores: 2 devices: disks: - disk: bus: virtio name: rootdisk - disk: bus: virtio name: cloudinitdisk interfaces: - name: default bridge: {} resources: requests: memory: 4Gi networks: - name: default pod: {} volumes: - name: rootdisk persistentVolumeClaim: claimName: centos-dv - name: cloudinitdisk cloudInitNoCloud: userData: | #cloud-config password: centos chpasswd: { expire: False } ssh_pwauth: True3.2 网络高级配置实现虚拟机与K8s Service互通apiVersion: kubevirt.io/v1 kind: VirtualMachine metadata: name: centos-vm-with-service spec: template: spec: networks: - name: default pod: {} - multus: networkName: bridge-network name: secondary对应的Multus NetworkAttachmentDefinitionapiVersion: k8s.cni.cncf.io/v1 kind: NetworkAttachmentDefinition metadata: name: bridge-network annotations: k8s.v1.cni.cncf.io/resourceName: bridge.network.kubevirt.io/br0 spec: config: { cniVersion: 0.3.1, name: br0, type: macvlan, master: eth0, mode: bridge, ipam: { type: dhcp } }4. 运维与监控实践4.1 日常操作命令集安装virtctl客户端工具# Linux wget https://github.com/kubevirt/kubevirt/releases/download/v0.58.0/virtctl-v0.58.0-linux-amd64 -O /usr/local/bin/virtctl chmod x /usr/local/bin/virtctl # macOS brew install kubevirt/tap/virtctl常用操作命令# 启动/停止VM virtctl start centos-vm virtctl stop centos-vm # 控制台连接 virtctl console centos-vm # 导出VM快照 virtctl snapshot create centos-vm --namesnapshot-01 # 虚拟机迁移 virtctl migrate centos-vm4.2 监控与告警配置创建Prometheus监控规则示例apiVersion: monitoring.coreos.com/v1 kind: PrometheusRule metadata: name: kubevirt-vm-alerts spec: groups: - name: kubevirt.rules rules: - alert: HighVMMemoryUsage expr: kubevirt_vmi_memory_available_bytes / kubevirt_vmi_memory_usable_bytes 0.2 for: 5m labels: severity: warning annotations: summary: VM {{ $labels.name }} memory usage high description: VM {{ $labels.name }} has only {{ printf \%.2f\ (mul 100 (div (sub 1 (kubevirt_vmi_memory_available_bytes / kubevirt_vmi_memory_usable_bytes)) 1)) }}% memory available5. 性能优化与故障排查5.1 关键性能参数调优在VM定义中添加性能优化参数spec: domain: cpu: model: host-passthrough features: - name: pdpe1gb policy: require devices: autoattachGraphicsDevice: false autoattachSerialConsole: true rng: {} resources: requests: memory: 8Gi limits: memory: 8Gi cpu: 45.2 常见问题解决方案问题1虚拟机启动超时检查virt-launcher Pod日志kubectl logs -f virt-launcher-centos-vm-xxxxx -c compute常见解决方法增加虚拟机启动超时时间检查镜像是否损坏验证存储PV是否正常挂载问题2网络连接失败网络排查步骤# 检查Multus注解 kubectl get pod virt-launcher-centos-vm-xxxxx -o json | jq .metadata.annotations # 进入virt-launcher网络命名空间 nsenter -t $(pgrep qemu) -n ip a6. 生产环境最佳实践6.1 资源配额管理为Kubevirt设置专属资源池apiVersion: kubevirt.io/v1 kind: KubeVirt metadata: name: kubevirt spec: configuration: developerConfiguration: featureGates: - LiveMigration permittedHostDevices: pciDevices: - resourceName: nvidia.com/gpu externalResourceProvider: true workloadUpdateStrategy: workloadUpdateMethods: - LiveMigrate6.2 高可用配置启用虚拟机自动迁移apiVersion: kubevirt.io/v1 kind: VirtualMachine metadata: name: centos-ha spec: running: true template: spec: evictionStrategy: LiveMigrate domain: cpu: cores: 2 devices: disks: - disk: bus: virtio name: rootdisk volumes: - name: rootdisk persistentVolumeClaim: claimName: centos-dv