vKVM Rescue System
The vKVM Rescue System allows you to start the operating system installed on the server in a virtual machine. With the help of vKVM, you can diagnose booting problems or adjust firewall settings — actions that would normally require a KVM Console to do.
The virtualization technology used is KVM. SATA and IDE drives are passed through to the guest system. You can also access the network directly. (The virtual machine uses the same MAC address as the physical NIC, which means that the normal network connection works without any problem).
The following ports cannot be used by the guest system in vKVM mode. (That means that incoming packets to these ports are not forwarded to the guest):
47772 | SSH |
---|---|
47773 | web interfaces (SSL) |
Starting the Rescue System
You can access the Rescue System from Robot. After choosing the correct server from the server overview (Menu Server -> click on the correct server), go to the tab Rescue. (Here, you'll need to select vkvm
from the list of possible options). After activation, you will see a URL and a user name/password. Open the URL in a web browser to get to the vKVM website.
In addition to viewing the console output and forwarding keyboard and mouse input, the vKVM interface offers you the chance to use the following additional functions:
Send Alt-Gr |
Sends Alt-Gr e.g. for backslash or pipe |
---|---|
Send Ctrl-Alt-Del |
Sends Ctrl-Alt-Del (soft reset) to the virtual machine |
Send HW Reset | Performs a reset of the virtual machine |
With its default settings, vKVM tries to boot from the first drive. To leave vKVM mode and directly boot from the drive again, shut down the virtual machine using Send Ctrl-Alt-Del
(to prevent corruption of the file system). Then reboot the real server using Hetzner Robot by also sending a Ctrl-Alt-Del
.
You can also connect to the Rescue System via SSH at the port 47772 with the user "root" and the password that is shown in Robot.
Limitations
With vKVM, the server is started in a virtual machine, and thus doesn't have direct access to the physical hardware components of the actual server. This can lead to limitations for certain operating systems.
These are the limitations that we currently know about:
Half RAM usage
Since the vKVM hypervisor itself needs memory, and it only runs in RAM, the virtual machine is started with only 50% of the physical memory that is actually available.
Windows
vKVM automatically detects Windows installations and forwards the SATA drives as IDE drives, as the SCSI controller cannot be used by Windows without problem.
Windows deactivates the IDE drivers if no IDE drives are detected during installation. You need to reactivate them before using vKVM using the following guide: Microsoft Support site
The main problem for Windows is that the emulated hardware greatly differs from the physical hardware. Depending on the license model, you may or may not need to reactivate your Windows license.
It is also not possible to change the network settings of the physical NIC as the corresponding network interface is not displayed in the control panel.
VMware ESXi, Citrix XenServer, OpenSolaris
Are not supported.
RAID controllers
Configured units are passed through as SCSI devices to the VM. However it is not possible to access the controller. Please use the regular Hetzner Rescue System for this purpose.
Network
Servers with more than one network card will only have one card passed through to the VM. Packets received on any other physical NIC are forwarded to the first NIC in the virtual machine. Outgoing packets are always sent out of the first physical NIC.
Server without Intel VT or AMD-V
Servers with CPUs that do not support Intel VT or AMD-V will not be able to run vKVM.
Nested virtualization
The virtualization features of certain CPUs are not passed through to the virtual machine.
32-bit CPUs
Unfortunately, 32-bit CPUs are not supported.
Black screen
On Ubuntu 10.04 (and probably higher), you need to first disable the vga16fb module in order to use vKVM. Otherwise, you will only see a black screen after booting.
To disable this module, edit the file /etc/modprobe.d/blacklist-framebuffer.conf
and add this line:
blacklist vga16fb