KvirtIO is an enterprise, Service Provider-class virtualization architecture designed for high I/O density and High Availability (HA) scenarios. It is based entirely on native and open-source technologies running on SUSE Linux Enterprise Server (SLES). We do not intend KvirtIO to be a native hypervisor, but rather, as previously mentioned, an architecture composed of open-source solutions.
KvirtIO is exclusively a reference architecture. It documents a validated design and a set of conventions (storage, networking, HA, monitoring) that can be implemented with the tools of your choice.
- The monitoring/watcher scripts provided in this repository are reference implementations: they show how and where to retrieve telemetry and status data from each component (Libvirt, Pacemaker, multipath, etc.). Anyone adopting this architecture can connect their own monitoring stack (e.g., Zabbix, Prometheus, Grafana) to the same data sources, instead of using these scripts.
- Similarly, provisioning is not tied to any specific tool: the documented procedures and templates (VM XML, configuration files) can be wired into your own automation via Ansible, Terraform, or any other IaC/orchestration tool, in place of the example scripts.
- In Service Provider / Enterprise environments, it is strongly recommended to integrate this architecture with your existing monitoring, automation, and orchestration tooling rather than relying on the scripts in this repository.
- The scripts and tools included here are intended for lab, demo, and Proof-of-Concept environments, to validate the architecture end-to-end before integrating it with production-grade tooling.
- Deterministic Performance: Total exclusion of host swap and optimization of RAM allocation (Hugepages) and CPU (NUMA pinning).
- I/O Optimized for Databases ("IOIntensive"): Parallelization of kernel SCSI queues (
lun_queue_depth) through Multi-LUN Striped strategies andblk-mqarchitecture. - High Availability and Multilevel Fencing: Tight integration among Pacemaker, Corosync, Cluster LVM (
lvmlockd+dlm), and physical STONITH mechanisms (fence_idrac) as well as storage-based ones (sbdon Witness LUN with hardware watchdog). - Control Plane Decoupling: Isolation of monitoring, telemetry, and load balancing logic outside the production KVM cluster.
| Scenario | Fit |
|---|---|
| Enterprise VM Cluster | Excellent |
| SAP / DB | Excellent |
| Private Cloud | Moderate |
| Kubernetes Platform | Not Primary Goal |
| VDI | Moderate |
| Edge | Good |
| Feature | Generic | App | Database |
|---|---|---|---|
| CPU | Auto | Auto | Static |
| NUMA | Auto | Auto | Static |
| HugePages | No | 2M | 1G |
| Ballooning | Yes | Optional | No |
| Migration | Full | Full | Conditional |
- 📄 KvirtIO High-Level Design (HLD): The high-level architecture document.
- 🔒 KvirtIO Security Architecture & Hardening Design (HLD): Mandatory security baseline, Zero-Trust model and hardening reference for hosts, hypervisor, network, storage and cluster layers.
These scripts reside on the external management server and query the KVM nodes via SSH using the kvirtwatch user.
- 📜 kvirtio-cluster-watcher.sh: Pacemaker/Corosync cluster and fencing status watcher.
- 📜 kvirtio-console-tracker.sh: Daemon aligning Websockify VNC token maps with active VM targets.
- 📜 kvirtio-host-watcher.sh: CPU/RAM load monitoring script with
crm_attributeintegration. - 📜 kvirtio-html-generator.py: Python engine compiling telemetry into the HTML dashboard.
- 📜 kvirtio-io-watcher.sh: Script analyzing Fibre Channel multipath I/O
awaitlatency. - 📜 kvirtio-json-indexer.sh: Helper compiling JSON state files catalog for dashboard consumption.
- 📜 kvirtio-log-collector.py: Centralizes and filters KvirtIO systemd journal logs into structured JSON.
- 📜 kvirtio-mail-alerter.py: Python SMTP alerter sending asynchronous notifications.
- 📜 kvirtio-multipath-watcher.sh: Watcher monitoring health of active FC multipath paths per node.
- 📜 kvirtio-network-watcher.sh: Watcher monitoring bond slaves health and RX/TX network bandwidth.
- 📜 kvirtio-setup-rsyslog-generator.sh: Dynamic Rsyslog receiver rule compiler mapping nodes to clusters.
- 📜 kvirtio-vm-create.sh: VM deployment engine applying tuned hardware profiles (e.g.,
iointensive). - 📜 kvirtio-vm-migrate.sh: VM live peer-to-peer migration orchestrator.
- 📜 kvirtio-vm-watcher.sh: Watcher correlating running VMs Libvirt states with Pacemaker HA resource statuses.
- ⚙️ kvirtio-cluster-watcher.service / Timer: Run cluster watcher every 60 seconds.
- ⚙️ kvirtio-console-tracker.service: Run VNC console tracker daemon.
- ⚙️ kvirtio-host-watcher.service / Timer: Run host resource watcher every 5 minutes.
- ⚙️ kvirtio-html-generator.service / Timer: Run HTML dashboard builder every 5 minutes.
- ⚙️ kvirtio-io-watcher.service / Timer: Run I/O latency watcher every minute.
- ⚙️ kvirtio-log-collector.service: Run centralized log aggregator daemon.
- ⚙️ kvirtio-multipath-watcher.service / Timer: Run multipath path watcher every 2 minutes.
- ⚙️ kvirtio-vm-watcher.service / Timer: Run VM HA status watcher every 2 minutes.
- 🛡️ kvirtwatch (Sudoers): Least-privilege sudo configuration template for hypervisor nodes.
- ⚙️ mail.conf: Global SMTP notifier configurations file template.
- ⚙️ cluster_db.conf: Database cluster specific configurations example.
- ⚙️ cluster_web.conf: Web/General cluster specific configurations example.
- 📘 Watcher Deployment Guide: Main step-by-step deployment guide.
- 📘 Configuration Guide: Detailed configuration templates and security policy details.
- 📘 Cluster Watcher Service Detail: Pacemaker and Corosync cluster monitoring algorithms.
- 📘 Host Watcher Service Detail: CPU/RAM calculation algorithm and state transitions.
- 📘 I/O Watcher Service Detail: FC disk I/O metrics parsing using
iostat. - 📘 Multipath Watcher Service Detail: FC multipath degradation and failover paths monitoring.
- 📘 Network Watcher Service Detail: Bond interfaces status and throughput monitor.
- 📘 VM Watcher Service Detail: HA VirtualDomain resources and Libvirt domain correlation.
- 📘 HTML Generator Service Detail: Dashboard building details and Apache configuration.
- 📘 Log Collector Service Detail: Central syslog/journalctl event collector details.
- 📘 Console Tracker Service Detail: noVNC proxy token sync details.
- 📘 JSON Indexer Script Detail: Dynamic state catalog generator.
- 📘 Rsyslog Generator Script Detail: Remote rsyslog rules generator.
- 📘 VM Create Script Detail: Parameterized VM creation engine.
- 📘 VM Migrate Script Detail: Virtual machine live migration operations.
- 📘 VM XML Templates Guide: Optimized Libvirt XML templates for DB, App, and Domain Controller workloads.
- 📘 Alerter Detail: SMTP alert notifier mechanism details.
