1、确定主板和CPU都支持虚拟化技术,在BIOS将VT-d(芯片组、IO)、VT-x(CPU)设置成启用。
2、确保BIOS中启用了SR-IOV。
3、内核启动参数设置,开启IOMMU。
# 检查系统是否启用iommu
cat /proc/cmdline | grep iommu
# 编辑/etc/default/grub文件
# X86架构设置为
GRUB_CMDLINE_LINUX_DEFAULT="intel_iommu=on iommu=pt"
# ARM架构设置为
GRUB_CMDLINE_LINUX_DEFAULT="iommu.passthrough=on iommu=pt"
更新grub2
rm -f /boot/grub2/grubenv
[ -d /sys/firmware/efi ] && echo UEFI || echo BIOS # 判断启动方式
grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg # EFI模式启动
# grub2-mkconfig -o /boot/grub2/grub.cfg # 传统模式启动
shutdown -r now
重启后再次检查
cat /proc/cmdline | grep iommu # 内核IO虚拟化启用确认
dmesg | grep -iE '(iommu|DMAR)' # IO虚拟化确认
grep -cE '(vmx|svm)' /proc/cpuinfo # CPU虚拟化确认
4、列出主机上的PCI设备及名称和ID
# 查询vendor_id和product_id,输出如[8086:8d10],8086为vendor_id,8d10为product_id
lspci -nn
00:1c.0 PCI bridge [0604]: Intel Corporation C610/X99 series chipset PCI Express Root Port #1 [8086:8d10] (rev d5)
5、确认驱动
lspci -vv -s 01:00.0 | grep driver
lspci -vv -s 01:00.1 | grep driver
lspci -vv -s 01:00.3 | grep driver
lspci -vv -s 06:00.2 | grep driver
Kernel driver in use: xhci_hcd
配置加载vfio-pci模块
# 配置加载vfio-pci模块,编辑/etc/modules,添加如下内容
vfio
vfio_pci
vfio_virqfd
vfio_iommu_type1
modprobe
配置设备vfio驱动
# 解绑定原有驱动
echo 0000:01:00.0 >>/sys/bus/pci/devices/0000\:01\:00.0/driver/unbind
echo 0000:01:00.1 >>/sys/bus/pci/devices/0000\:01\:00.1/driver/unbind
echo 0000:01:00.3 >>/sys/bus/pci/devices/0000\:01\:00.3/driver/unbind
# 绑定到vfio-pci
echo 125b 9100 > /sys/bus/pci/drivers/vfio-pci/new_id
# 获取设备所在的iommu group
readlink /sys/bus/pci/devices/0000\:01\:00.0/iommu_group
../../../../kernel/iommu_groups/31
# 查看设备使用的驱动,都显示vfio说明正确
# 注意,一定要看到设备使用vfio-pci作为驱动才能直通,否则无法直通
lspci -vv -s 01:00.0 | grep driver
Kernel driver in use: vfio-pci
lspci -vv -s 01:00.1 | grep driver
Kernel driver in use: vfio-pci
lspci -vv -s 01:00.3 | grep driver
Kernel driver in use: vfio-pci
6、配置nova_scheduler
[filter_scheduler]
enabled_filters = AvailabilityZoneFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter
available_filters = nova.scheduler.filters.all_filters
7、配置nova_api
[pci]
alias = { "vendor_id":"125b", "product_id":"9100", "device_type":"type-PCI", "name":"a1" }
# device_type网卡为type-PF,其他PCI设备为type-PCI。如果有多个设备,定义多个alias
8、配置nova_compute
[pci]
alias = {"name":"a1", "product_id":"9100", "vendor_id":"125b", "device_type":"type-PCI"}
passthrough_whitelist = [{ "vendor_id": "125b", "product_id": "9100" }]
# alias配置与nova_api一致,passthrough_whitelist只需要vendor_id和product_id即可
# 如果有多个设备,定义多个alias,passthrough_whitelist写成json格式的列表形式
9、配置flavor
openstack flavor set m1.large --property "pci_passthrough:alias"="a1:1,a2:1"
# 设置规格的属性可以在界面设置,键为pci_passthrough:alias,值为a1:3吗,其中a1为alias中定义的名称,3为需要映射的数量。多个pci设备设置用英文逗号分割
10、使用该规格创建虚拟机
官方文档:https://docs.openstack.org/nova/pike/admin/pci-passthrough.html
标签:vfio,01,PCI,虚拟化,iommu,driver,pci,OpenStack,id From: https://www.cnblogs.com/wanghongwei-dev/p/18222523