6.16. Other Virtual Machine Tasks
6.16.1. Enabling SAP Monitoring
Enable SAP monitoring on a virtual machine through the Administration Portal.
Enabling SAP Monitoring on Virtual Machines
-
Click
and select a virtual machine. - Click .
- Click the Custom Properties tab.
Select
sap_agent
from the drop-down list. Ensure the secondary drop-down menu is set to True.If previous properties have been set, select the plus sign to add a new property rule and select
sap_agent
.- Click .
6.16.2. Configuring Red Hat Enterprise Linux 5.4 and later Virtual Machines to use SPICE
SPICE is a remote display protocol designed for virtual environments, which enables you to view a virtualized desktop or server. SPICE delivers a high quality user experience, keeps CPU consumption low, and supports high quality video streaming.
Using SPICE on a Linux machine significantly improves the movement of the mouse cursor on the console of the virtual machine. To use SPICE, the X-Windows system requires additional QXL drivers. The QXL drivers are provided with Red Hat Enterprise Linux 5.4 and later. Earlier versions are not supported. Installing SPICE on a virtual machine running Red Hat Enterprise Linux significantly improves the performance of the graphical user interface.
Typically, this is most useful for virtual machines where the user requires the use of the graphical user interface. System administrators who are creating virtual servers may prefer not to configure SPICE if their use of the graphical user interface is minimal.
6.16.2.1. Installing and Configuring QXL Drivers
You must manually install QXL drivers on virtual machines running Red Hat Enterprise Linux 5.4 or later. This is unnecessary for virtual machines running Red Hat Enterprise Linux 6 or Red Hat Enterprise Linux 7 as the QXL drivers are installed by default.
Installing QXL Drivers
- Log in to a Red Hat Enterprise Linux virtual machine.
Install the QXL drivers:
# yum install xorg-x11-drv-qxl
You can configure QXL drivers using either a graphical interface or the command line. Perform only one of the following procedures.
Configuring QXL drivers in GNOME
- Click System.
- Click Administration.
- Click Display.
- Click the Hardware tab.
- Click Video Cards Configure.
- Select qxl and click .
- Restart X-Windows by logging out of the virtual machine and logging back in.
Configuring QXL drivers on the command line
Back up /etc/X11/xorg.conf:
# cp /etc/X11/xorg.conf /etc/X11/xorg.conf.$$.backup
Make the following change to the Device section of /etc/X11/xorg.conf:
Section "Device" Identifier "Videocard0" Driver "qxl" Endsection
6.16.2.2. Configuring a Virtual Machine’s Tablet and Mouse to use SPICE
Edit the /etc/X11/xorg.conf
file to enable SPICE for your virtual machine’s tablet devices.
Configuring a Virtual Machine’s Tablet and Mouse to use SPICE
Verify that the tablet device is available on your guest:
# /sbin/lsusb -v | grep 'QEMU USB Tablet'
If there is no output from the command, do not continue configuring the tablet.
Back up
/etc/X11/xorg.conf
:# cp /etc/X11/xorg.conf /etc/X11/xorg.conf.$$.backup
Make the following changes to
/etc/X11/xorg.conf
:Section "ServerLayout" Identifier "single head configuration" Screen 0 "Screen0" 0 0 InputDevice "Keyboard0" "CoreKeyboard" InputDevice "Tablet" "SendCoreEvents" InputDevice "Mouse" "CorePointer" EndSection Section "InputDevice" Identifier "Mouse" Driver "void" #Option "Device" "/dev/input/mice" #Option "Emulate3Buttons" "yes" EndSection Section "InputDevice" Identifier "Tablet" Driver "evdev" Option "Device" "/dev/input/event2" Option "CorePointer" "true" EndSection
- Log out and log back into the virtual machine to restart X-Windows.
6.16.3. KVM Virtual Machine Timing Management
Virtualization poses various challenges for virtual machine time keeping. Virtual machines which use the Time Stamp Counter (TSC) as a clock source may suffer timing issues as some CPUs do not have a constant Time Stamp Counter. Virtual machines running without accurate timekeeping can have serious affects on some networked applications as your virtual machine will run faster or slower than the actual time.
KVM works around this issue by providing virtual machines with a paravirtualized clock. The KVM pvclock
provides a stable source of timing for KVM guests that support it.
Presently, only Red Hat Enterprise Linux 5.4 and later virtual machines fully support the paravirtualized clock.
Virtual machines can have several problems caused by inaccurate clocks and counters:
- Clocks can fall out of synchronization with the actual time which invalidates sessions and affects networks.
- Virtual machines with slower clocks may have issues migrating.
These problems exist on other virtualization platforms and timing should always be tested.
The Network Time Protocol (NTP) daemon should be running on the host and the virtual machines. Enable the ntpd
service and add it to the default startup sequence:
- For Red Hat Enterprise Linux 6
# service ntpd start # chkconfig ntpd on
- For Red Hat Enterprise Linux 7
# systemctl start ntpd.service # systemctl enable ntpd.service
Using the ntpd
service should minimize the affects of clock skew in all cases.
The NTP servers you are trying to use must be operational and accessible to your hosts and virtual machines.
Determining if your CPU has the constant Time Stamp Counter
Your CPU has a constant Time Stamp Counter if the constant_tsc
flag is present. To determine if your CPU has the constant_tsc
flag run the following command:
$ cat /proc/cpuinfo | grep constant_tsc
If any output is given your CPU has the constant_tsc
bit. If no output is given follow the instructions below.
Configuring hosts without a constant Time Stamp Counter
Systems without constant time stamp counters require additional configuration. Power management features interfere with accurate time keeping and must be disabled for virtual machines to accurately keep time with KVM.
These instructions are for AMD revision F CPUs only.
If the CPU lacks the constant_tsc
bit, disable all power management features (BZ#513138). Each system has several timers it uses to keep time. The TSC is not stable on the host, which is sometimes caused by cpufreq
changes, deep C state, or migration to a host with a faster TSC. Deep C sleep states can stop the TSC. To prevent the kernel using deep C states append “processor.max_cstate=1” to the kernel boot options in the grub.conf
file on the host:
term Red Hat Enterprise Linux Server (2.6.18-159.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-159.el5 ro root=/dev/VolGroup00/LogVol00 rhgb quiet processor.max_cstate=1
Disable cpufreq
(only necessary on hosts without the constant_tsc
) by editing the /etc/sysconfig/cpuspeed
configuration file and change the MIN_SPEED
and MAX_SPEED
variables to the highest frequency available. Valid limits can be found in the /sys/devices/system/cpu/cpu/cpufreq/scaling_available_frequencies
files.
Using the engine-config
tool to receive alerts when hosts drift out of sync.
You can use the engine-config
tool to configure alerts when your hosts drift out of sync.
There are 2 relevant parameters for time drift on hosts: EnableHostTimeDrift
and HostTimeDriftInSec
. EnableHostTimeDrift
, with a default value of false, can be enabled to receive alert notifications of host time drift. The HostTimeDriftInSec
parameter is used to set the maximum allowable drift before alerts start being sent.
Alerts are sent once per hour per host.
Using the paravirtualized clock with Red Hat Enterprise Linux virtual machines
For certain Red Hat Enterprise Linux virtual machines, additional kernel parameters are required. These parameters can be set by appending them to the end of the /kernel line in the /boot/grub/grub.conf file of the virtual machine.
The process of configuring kernel parameters can be automated using the ktune
package
The ktune
package provides an interactive Bourne shell script, fix_clock_drift.sh
. When run as the superuser, this script inspects various system parameters to determine if the virtual machine on which it is run is susceptible to clock drift under load. If so, it then creates a new grub.conf.kvm
file in the /boot/grub/
directory. This file contains a kernel boot line with additional kernel parameters that allow the kernel to account for and prevent significant clock drift on the KVM virtual machine. After running fix_clock_drift.sh
as the superuser, and once the script has created the grub.conf.kvm
file, then the virtual machine’s current grub.conf
file should be backed up manually by the system administrator, the new grub.conf.kvm
file should be manually inspected to ensure that it is identical to grub.conf
with the exception of the additional boot line parameters, the grub.conf.kvm
file should finally be renamed grub.conf
, and the virtual machine should be rebooted.
The table below lists versions of Red Hat Enterprise Linux and the parameters required for virtual machines on systems without a constant Time Stamp Counter.
Red Hat Enterprise Linux | Additional virtual machine kernel parameters |
---|---|
5.4 AMD64/Intel 64 with the paravirtualized clock | Additional parameters are not required |
5.4 AMD64/Intel 64 without the paravirtualized clock | notsc lpj=n |
5.4 x86 with the paravirtualized clock | Additional parameters are not required |
5.4 x86 without the paravirtualized clock | clocksource=acpi_pm lpj=n |
5.3 AMD64/Intel 64 | notsc |
5.3 x86 | clocksource=acpi_pm |
4.8 AMD64/Intel 64 | notsc |
4.8 x86 | clock=pmtmr |
3.9 AMD64/Intel 64 | Additional parameters are not required |
3.9 x86 | Additional parameters are not required |
6.16.4. Adding a Trusted Platform Module device
Trusted Platform Module (TPM) devices provide a secure crypto-processor designed to carry out cryptographic operations such as generating cryptographic keys, random numbers, and hashes, or for storing data that can be used to verify software configurations securely. TPM devices are commonly used for disk encryption.
QEMU and libvirt implement support for emulated TPM 2.0 devices, which is what Red Hat Virtualization uses to add TPM devices to Virtual Machines.
Once an emulated TPM device is added to the virtual machine, it can be used as a normal TPM 2.0 device in the guest OS.
If there is TPM data stored for the virtual machine and the TPM device is disabled in the virtual machine, the TPM data is permanently removed.
Enabling a TPM device
-
In the
Add Virtual Machine
orEdit Virtual Machine
screen, click . -
In the
Resource Allocation
tab, select the TPM Device Enabled check box.
Limitations
The following limitations apply:
- TPM devices can only be used on x86_64 machines with UEFI firmware and PowerPC machines with pSeries firmware installed.
- Virtual machines with TPM devices can not have snapshots with memory.
While the Manager retrieves and stores TPM data periodically, there is no guarantee that the Manager will always have the latest version of the TPM data.
NoteThis process can take 120 seconds or more, and you must wait for the process to complete before you can take snapshot of a running virtual machine, clone a running virtual machine, or migrate a running virtual machine.
- TPM devices can only be enabled for virtual machines running RHEL 7 or later and Windows 8.1 or later.
- Virtual machines and templates with TPM data can not be exported or imported.