Ovirt 服务器虚拟化测试

Reading time ~5 minutes

本文安装和测试的软件是Ovirt+KVM的服务器虚拟化,这两个项目是红帽RHEVM+KVM服务器虚拟化的上游社区产品。可以通过这个文档清晰的了解到红帽服务器虚拟化产品的大体功能,基本特点。本测试文档使用的是Centos7+社区yum 源;因此是最新的ovirt和kvm的功能。如果是正式的企业级需求测试,请使用光纤或者传统存储,从而达到和vmware等商业产品最好的类比测试。尽量避免使用嵌套kvm虚拟化的方式,除非您很熟悉Linux,使用两个笔记本是最简单的测试环境。

下图是Ovirt服务器的详细架构图。其中的ovirt-engine是本文安装和部署的部分,是用一个centos7的虚拟机安装的。Host1也是用一个centos7的虚拟机安装的。半年之前我也配置过一次嵌套kvm,根本是一头雾水,而且还没有成功,不过这次的配置过程却这么简单容易,就正常工作了。希望简单一点的人,可以把Host1用物理机来安装,也会节省很多时间。

[caption id=”attachment_53901” align=”alignnone” width=”512”]ovirt 架构图 ovirt 架构图[/caption]

KVM嵌套虚拟化准备

在测试KVM服务器虚拟化的过程中,如果您能有独立的物理机跑Hypervisor,那么您可以忽略本节。至今进入ovirt的安装。 下面的测试的物理机是 Lenovo T440s 笔记本,运行的 Fedora 22 操作系统,使用 KVM manager 做虚拟机的管理工具。本次测试用到两个虚拟机:

  1. ovirt: 运行服务器虚拟化的管理机ovirt,这个程序类似于vmware 的 vcenter。

  2. ovirt-host : 用来被ovirt管理的hypervisor;使用 kvm 嵌套 kvm 的方式,来跑虚拟机。

确认本机的服务器虚拟机CPU Bios配置正常。

[bash]

egrep -c ‘(vmx|svm)’ /proc/cpuinfo 4

[/bash]

本机是i5的CPU,双核开启超线程,显示为4。还没有启用嵌套KVM的虚拟机,需要新建下面这个配置文件,操作系统不同,可能稍微不同,下面是以 Fedora 22 为例。

vi /etc/modprobe.d/kvm-nested.conf 编辑以上文件,增加下面这行参数即可 options kvm_intel nested=1

运行下面的命令,为操作系统内核加載此功能。

[bash]

modprobe -r kvm_intel # unload modprobe kvm_intel # reload again

cat /sys/module/kvm_intel/parameters/nested Y

[/bash]

用上面最后的cat的命令确认嵌套功能启用正常,看到的是Y即可。

查看本机虚拟化的Cpu相关参数。

[bash]

[root@martin-fedora vm]# virsh capabilities | egrep “/model|/vendor”

Westmere Intel none dac

[root@martin-fedora vm]#

[/bash]

到此,物理机的相关准备工作完成。下面使用 Martin’s Perfect CentOS7 模板新建一个2C/4Gd的虚拟机 ovirt-host; 用这个虚拟机作为跑虚拟机的hypervisor把建立好的虚拟机先别开机,需要对它的配置做修改。编辑 ovirt-host虚拟机的配置,给这个嵌套的KVM hypervisor 增加和物理机相同的cpu属性。

virsh edit ovirt-host

本嵌套kvm的虚拟机 cpu 参数如下,如果测试的物理机使用非 i5 的 CPU, 实际的配置参数应该和下面不同。

Westmere Intel

保存配置,启动这个虚拟机,配置好主机名和网络ip地址。安装ovirt yum 源。做 yum update 之后,reboot待用。

[bash] yum -y update yum install http://plain.resources.ovirt.org/pub/yum-repo/ovirt-release35.rpm

[/bash]

安装ovirt 服务器虚拟化管理机

使用 Martin’s Perfect CentOS7 模板新建一个1C/4G 的虚拟机 ovirt;这个虚拟机上还需要配置 NFS 服务器,用来做 跑虚拟机的共享存储和用于存储iso光盘的存储。

安装和配置NFS的过程如下:

安装 nfs 服务相关的包

yum install -y nfs-utils

创建存储目录

mkdir -p /srv/ovirt/{iso,export,sata} chown -R vdsm:kvm /srv/ovirt/ chmod -R 770 /srv/ovirt/

编辑nfs配置文件 /ect/exports , 加入下面三行。

/srv/ovirt/iso 192.168.10.0/24(rw,anonuid=36,anongid=36,all_squash) /srv/ovirt/export 192.168.10.0/24(rw,anonuid=36,anongid=36,all_squash) /srv/ovirt/sata 192.168.10.0/24(rw,anonuid=36,anongid=36,all_squash)

由于centos 7 的nfs默认是v4,这和ovirt不兼容,需要修改配置文件改为 v3, 编辑 /etc/nfsmount.conf 加入下面两个参数。

Defaultvers=3 Nfsvers=3

#重启动 nfs 服务器 ,设置开机启动服务 systemctl start rpcbind.service && systemctl enable rpcbind.service systemctl start nfs-server.service && systemctl enable nfs-server.service

下面开始安装ovirt服务器。

yum -y update yum install http://plain.resources.ovirt.org/pub/yum-repo/ovirt-release35.rpm yum -y install ovirt-engine

安装完后,用 engine-setup 命令配置和部署ovirt 服务器。

[bash]

[root@ovirt ~]# engine-setup [ INFO ] Stage: Initializing [ INFO ] Stage: Environment setup Configuration files: [‘/etc/ovirt-engine-setup.conf.d/10-packaging-jboss.conf’, ‘/etc/ovirt-engine-setup.conf.d/10-packaging.conf’] Log file: /var/log/ovirt-engine/setup/ovirt-engine-setup-20150711225251-f9k7an.log Version: otopi-1.3.2 (otopi-1.3.2-1.el7.centos) [ INFO ] Stage: Environment packages setup [ INFO ] Yum Downloading: ovirt-3.5-patternfly1-noarch-epel/x86_64 (0%) [ INFO ] Stage: Programs detection [ INFO ] Stage: Environment setup [ INFO ] Stage: Environment customization

–== PRODUCT OPTIONS ==–

Configure Engine on this host (Yes, No) [Yes]: #回车,选择Yes Configure WebSocket Proxy on this host (Yes, No) [Yes]: #回车,选择Yes

–== PACKAGES ==–

[ INFO ] Checking for product updates… [ INFO ] No product updates found

–== ALL IN ONE CONFIGURATION ==–

–== NETWORK CONFIGURATION ==–

Setup can automatically configure the firewall on this system. Note: automatic configuration of the firewall may overwrite current settings. Do you want Setup to configure the firewall? (Yes, No) [Yes]: No #选择no,由于本机的服务没有安装防火墙 Host fully qualified DNS name of this server [unknown.prolexic.com]: ovirt.xenlab.com #回车继续

–== DATABASE CONFIGURATION ==–

Where is the Engine database located? (Local, Remote) [Local]: #回车,选择 Local 继续 Setup can configure the local postgresql server automatically for the engine to run. This may conflict with existing applications. Would you like Setup to automatically configure postgresql and create Engine database, or prefer to perform that manually? (Automatic, Manual) [Automatic]: #回车,选择 继续

–== OVIRT ENGINE CONFIGURATION ==–

Engine admin password: Confirm engine admin password: [WARNING] Password is weak: it is based on a dictionary word Use weak password? (Yes, No) [No]: yes Application mode (Virt, Gluster, Both) [Both]: #回车,选择 Both 继续

–== PKI CONFIGURATION ==–

Organization name for certificate [xenlab.com]:

–== APACHE CONFIGURATION ==–

Setup can configure the default page of the web server to present the application home page. This may conflict with existing applications. Do you wish to set the application as the default page of the web server? (Yes, No) [Yes]: Setup can configure apache to use SSL using a certificate issued from the internal CA. Do you wish Setup to configure that, or prefer to perform that manually? (Automatic, Manual) [Automatic]:

–== SYSTEM CONFIGURATION ==–

Configure an NFS share on this server to be used as an ISO Domain? (Yes, No) [Yes]: no # 选择 no,本测试手工配置NFS,不需要安装程序配置。 继续

–== MISC CONFIGURATION ==–

–== END OF CONFIGURATION ==–

[ INFO ] Stage: Setup validation [WARNING] Cannot validate host name settings, reason: resolved host does not match any of the local addresses [WARNING] Less than 16384MB of memory is available

–== CONFIGURATION PREVIEW ==–

Application mode : both Update Firewall : False Host FQDN : ovirt.xenlab.com Engine database name : engine Engine database secured connection : False Engine database host : localhost Engine database user name : engine Engine database host name validation : False Engine database port : 5432 Engine installation : True PKI organization : xenlab.com Configure local Engine database : True Set application as default page : True Configure Apache SSL : True Configure WebSocket Proxy : True Engine Host FQDN : ovirt.xenlab.com

Please confirm installation settings (OK, Cancel) [OK]: #回车,选择 OK 继续 [ INFO ] Stage: Transaction setup [ INFO ] Stopping engine service [ INFO ] Stopping ovirt-fence-kdump-listener service [ INFO ] Stopping websocket-proxy service [ INFO ] Stage: Misc configuration [ INFO ] Stage: Package installation [ INFO ] Stage: Misc configuration [ INFO ] Initializing PostgreSQL [ INFO ] Creating PostgreSQL ‘engine’ database [ INFO ] Configuring PostgreSQL [ INFO ] Creating/refreshing Engine database schema [ INFO ] Creating CA [ INFO ] Configuring WebSocket Proxy [ INFO ] Generating post install configuration file ‘/etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf’ [ INFO ] Stage: Transaction commit [ INFO ] Stage: Closing up

–== SUMMARY ==–

[WARNING] Less than 16384MB of memory is available SSH fingerprint: DF:FF:42:14:80:35:E2:7D:68:3A:1F:83:65:6E:89:EA Internal CA 99:17:7A:42:D0:9D:D7:33:DE:C3:3E:07:EE:15:5D:01:28:63:4A:BF Web access is enabled at: http://ovirt.xenlab.com:80/ovirt-engine https://ovirt.xenlab.com:443/ovirt-engine Please use the user “admin” and password specified in order to login In order to configure firewalld, copy the files from /etc/ovirt-engine/firewalld to /etc/firewalld/services and execute the following commands: firewall-cmd -service ovirt-postgres firewall-cmd -service ovirt-https firewall-cmd -service ovirt-fence-kdump-listener firewall-cmd -service ovirt-websocket-proxy firewall-cmd -service ovirt-http The following network ports should be opened: tcp:443 tcp:5432 tcp:6100 tcp:80 udp:7410 An example of the required configuration for iptables can be found at: /etc/ovirt-engine/iptables.example

–== END OF SUMMARY ==–

[ INFO ] Starting engine service [ INFO ] Restarting httpd [ INFO ] Stage: Clean up Log file is located at /var/log/ovirt-engine/setup/ovirt-engine-setup-20150711225251-f9k7an.log [ INFO ] Generating answer file ‘/var/lib/ovirt-engine/setup/answers/20150711225734-setup.conf’ [ INFO ] Stage: Pre-termination [ INFO ] Stage: Termination [ INFO ] Execution of setup completed successfully

[/bash]

安装成功,用浏览器,访问ovirt 服务器IP地址使用 admin / 密码 登陆管理员控制台,第一次比较慢,验证安装是否完全成功。

使用命令确认nfs [root@ovirt ~]# showmount -e Export list for ovirt.xenlab.com: /srv/ovirt/sata 192.168.10.0/24 /srv/ovirt/export 192.168.10.0/24 /srv/ovirt/iso 192.168.10.0/24

在ovirt服务器中添加这三个存储,然后在命令和中确认iso存储已经可用。

[bash]

[root@ovirt ~]# engine-iso-uploader list Please provide the REST API password for the admin@internal oVirt Engine user (CTRL+D to abort): ISO Storage Domain Name | Datacenter | ISO Domain Status ovirt-iso | Default | active

[/bash]

把需要安装的光盘镜像文件,先复制到ovirt服务器上,然后传入iso存储。

[bash]

[martin@martin-fedora iso]$ scp CentOS-7-x86_64-Minimal-1503-01.iso root@192.168.10.25:/root/ The authenticity of host ‘192.168.10.25 (192.168.10.25)’ can’t be established. ECDSA key fingerprint is SHA256:KMGYLWZu14ZKaUwizIORgQ598Bpc0PKzNWF0qop2VAQ. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘192.168.10.25’ (ECDSA) to the list of known hosts. root@192.168.10.25’s password: CentOS-7-x86_64-Minimal-1503-01.iso 100% 636MB 90.9MB/s 00:07 [martin@martin-fedora iso]$

[/bash]

用这个命令上传光盘。 engine-iso-uploader upload -i ovirt-iso /root/CentOS-7-x86_64-Minimal-1503-01.iso

之后就可以在控制台中创建虚拟机了。在Web界面上安装虚拟机,是需要安装客户的程序的,在 Fedora 22 笔记本中安装它们。 yum install spice-xpi virt-viewer

点击新创建的虚拟机,启动之后,选择控制台,打开后,开始系统安装。

参考文档

本文没有做截图,是由于以下参考文档都有相关截图和步骤说明;因此,在使用本文档的过程中,一定要同时打开这几篇文档。

http://www.ovirt.org/Quick_Start_Guide#Install_oVirt_Engine_.28Fedora.29%60

http://jensd.be/?p=550

https://xrsa.net/2015/02/04/installing-ovirt-3-5-on-centos-7-hosted-engine/

http://www.server-world.info/en/note?os=Fedora_22&p=kvm&f=8

互联网规模的超融合平台

什么是互联网规模?什么是web scale风格?看下Nutanix的亮点。 阅读全文

2017DevOps采用和趋势现状-信息图

Published on February 11, 2017