Martin Liu

Martin Liu

Senior Developer Relations/Advocate, Founder of DevOps China, Microsoft MVP

Martin Liu

6 分钟

本文安装和测试的软件是 Ovirt+KVM 的服务器虚拟化,这两个项目是红帽 RHEVM+KVM 服务器虚拟化的上游社区产品。可以通过这个文档清晰的了解到红帽服务器虚拟化产品的大体功能,基本特点。本测试文档使用的是 Centos7+社区 yum 源;因此是最新的 ovirt 和 kvm 的功能。如果是正式的企业级需求测试,请使用光纤或者传统存储,从而达到和 vmware 等商业产品最好的类比测试。尽量避免使用嵌套 kvm 虚拟化的方式,除非您很熟悉 Linux,使用两个笔记本是最简单的测试环境。

下图是 Ovirt 服务器的详细架构图。其中的 ovirt-engine 是本文安装和部署的部分,是用一个 centos7 的虚拟机安装的。Host1 也是用一个 centos7 的虚拟机安装的。半年之前我也配置过一次嵌套 kvm,根本是一头雾水,而且还没有成功,不过这次的配置过程却这么简单容易,就正常工作了。希望简单一点的人,可以把 Host1 用物理机来安装,也会节省很多时间。

[caption id=“attachment_53901” align=“alignnone” width=“512”]ovirt 架构图 ovirt 架构图[/caption]

KVM 嵌套虚拟化准备

在测试 KVM 服务器虚拟化的过程中,如果您能有独立的物理机跑 Hypervisor,那么您可以忽略本节。至今进入 ovirt 的安装。  下面的测试的物理机是 Lenovo T440s 笔记本,运行的 Fedora 22 操作系统,使用 KVM manager 做虚拟机的管理工具。本次测试用到两个虚拟机:

  1. ovirt: 运行服务器虚拟化的管理机 ovirt,这个程序类似于 vmware 的 vcenter。

  2. ovirt-host : 用来被 ovirt 管理的 hypervisor;使用 kvm 嵌套 kvm 的方式,来跑虚拟机。

确认本机的服务器虚拟机 CPU Bios 配置正常。

[bash]

egrep -c ‘(vmx|svm)’ /proc/cpuinfo 4

[/bash]

本机是 i5 的 CPU,双核开启超线程,显示为 4。还没有启用嵌套 KVM 的虚拟机,需要新建下面这个配置文件,操作系统不同,可能稍微不同,下面是以 Fedora 22 为例。

vi /etc/modprobe.d/kvm-nested.conf 编辑以上文件,增加下面这行参数即可 options kvm_intel nested=1

运行下面的命令,为操作系统内核加載此功能。

[bash]

modprobe -r kvm_intel # unload modprobe kvm_intel # reload again

cat /sys/module/kvm_intel/parameters/nested Y

[/bash]

用上面最后的 cat 的命令确认嵌套功能启用正常,看到的是 Y 即可。

查看本机虚拟化的 Cpu 相关参数。

[bash]

[[email protected] vm]# virsh capabilities | egrep “/model|/vendor” Westmere Intel none dac [[email protected] vm]#

[/bash]

到此,物理机的相关准备工作完成。下面使用 Martin’s Perfect CentOS7 模板新建一个 2C/4Gd 的虚拟机 ovirt-host; 用这个虚拟机作为跑虚拟机的 hypervisor 把建立好的虚拟机先别开机,需要对它的配置做修改。编辑 ovirt-host 虚拟机的配置,给这个嵌套的 KVM hypervisor 增加和物理机相同的 cpu 属性。

virsh edit ovirt-host

本嵌套 kvm 的虚拟机 cpu 参数如下,如果测试的物理机使用非 i5 的 CPU, 实际的配置参数应该和下面不同。

Westmere Intel

保存配置,启动这个虚拟机,配置好主机名和网络 ip 地址。安装 ovirt yum 源。做 yum update 之后,reboot 待用。

[bash] yum -y update yum install http://plain.resources.ovirt.org/pub/yum-repo/ovirt-release35.rpm

[/bash]

安装 ovirt 服务器虚拟化管理机

使用 Martin’s Perfect CentOS7 模板新建一个 1C/4G 的虚拟机 ovirt;这个虚拟机上还需要配置 NFS 服务器,用来做 跑虚拟机的共享存储和用于存储 iso 光盘的存储。

安装和配置 NFS 的过程如下:

安装 nfs 服务相关的包

yum install -y nfs-utils

创建存储目录

mkdir -p /srv/ovirt/{iso,export,sata} chown -R vdsm:kvm /srv/ovirt/ chmod -R 770 /srv/ovirt/

编辑 nfs 配置文件 /ect/exports , 加入下面三行。

/srv/ovirt/iso 192.168.10.0/24(rw,anonuid=36,anongid=36,all_squash) /srv/ovirt/export 192.168.10.0/24(rw,anonuid=36,anongid=36,all_squash) /srv/ovirt/sata 192.168.10.0/24(rw,anonuid=36,anongid=36,all_squash)

由于 centos 7 的 nfs 默认是 v4,这和 ovirt 不兼容,需要修改配置文件改为 v3, 编辑 /etc/nfsmount.conf 加入下面两个参数。

Defaultvers=3 Nfsvers=3

#重启动 nfs 服务器 ,设置开机启动服务 systemctl start rpcbind.service && systemctl enable rpcbind.service systemctl start nfs-server.service && systemctl enable nfs-server.service

下面开始安装 ovirt 服务器。

yum -y update yum install http://plain.resources.ovirt.org/pub/yum-repo/ovirt-release35.rpm yum -y install ovirt-engine

安装完后,用 engine-setup 命令配置和部署 ovirt 服务器。

[bash]

[[email protected] ~]# engine-setup [ INFO ] Stage: Initializing [ INFO ] Stage: Environment setup Configuration files: [’/etc/ovirt-engine-setup.conf.d/10-packaging-jboss.conf’, ‘/etc/ovirt-engine-setup.conf.d/10-packaging.conf’] Log file: /var/log/ovirt-engine/setup/ovirt-engine-setup-20150711225251-f9k7an.log Version: otopi-1.3.2 (otopi-1.3.2-1.el7.centos) [ INFO ] Stage: Environment packages setup [ INFO ] Yum Downloading: ovirt-3.5-patternfly1-noarch-epel/x86_64 (0%) [ INFO ] Stage: Programs detection [ INFO ] Stage: Environment setup [ INFO ] Stage: Environment customization

–== PRODUCT OPTIONS ==–

Configure Engine on this host (Yes, No) [Yes]: #回车,选择 Yes Configure WebSocket Proxy on this host (Yes, No) [Yes]: #回车,选择 Yes

–== PACKAGES ==–

[ INFO ] Checking for product updates… [ INFO ] No product updates found

–== ALL IN ONE CONFIGURATION ==–

–== NETWORK CONFIGURATION ==–

Setup can automatically configure the firewall on this system. Note: automatic configuration of the firewall may overwrite current settings. Do you want Setup to configure the firewall? (Yes, No) [Yes]: No #选择 no,由于本机的服务没有安装防火墙 Host fully qualified DNS name of this server [unknown.prolexic.com]: ovirt.xenlab.com #回车继续

–== DATABASE CONFIGURATION ==–

Where is the Engine database located? (Local, Remote) [Local]: #回车,选择 Local 继续 Setup can configure the local postgresql server automatically for the engine to run. This may conflict with existing applications. Would you like Setup to automatically configure postgresql and create Engine database, or prefer to perform that manually? (Automatic, Manual) [Automatic]: #回车,选择 继续

–== OVIRT ENGINE CONFIGURATION ==–

Engine admin password: Confirm engine admin password: [WARNING] Password is weak: it is based on a dictionary word Use weak password? (Yes, No) [No]: yes Application mode (Virt, Gluster, Both) [Both]: #回车,选择 Both 继续

–== PKI CONFIGURATION ==–

Organization name for certificate [xenlab.com]:

–== APACHE CONFIGURATION ==–

Setup can configure the default page of the web server to present the application home page. This may conflict with existing applications. Do you wish to set the application as the default page of the web server? (Yes, No) [Yes]: Setup can configure apache to use SSL using a certificate issued from the internal CA. Do you wish Setup to configure that, or prefer to perform that manually? (Automatic, Manual) [Automatic]:

–== SYSTEM CONFIGURATION ==–

Configure an NFS share on this server to be used as an ISO Domain? (Yes, No) [Yes]: no # 选择 no,本测试手工配置 NFS,不需要安装程序配置。 继续

–== MISC CONFIGURATION ==–

–== END OF CONFIGURATION ==–

[ INFO ] Stage: Setup validation [WARNING] Cannot validate host name settings, reason: resolved host does not match any of the local addresses [WARNING] Less than 16384MB of memory is available

–== CONFIGURATION PREVIEW ==–

Application mode : both Update Firewall : False Host FQDN : ovirt.xenlab.com Engine database name : engine Engine database secured connection : False Engine database host : localhost Engine database user name : engine Engine database host name validation : False Engine database port : 5432 Engine installation : True PKI organization : xenlab.com Configure local Engine database : True Set application as default page : True Configure Apache SSL : True Configure WebSocket Proxy : True Engine Host FQDN : ovirt.xenlab.com

Please confirm installation settings (OK, Cancel) [OK]: #回车,选择 OK 继续 [ INFO ] Stage: Transaction setup [ INFO ] Stopping engine service [ INFO ] Stopping ovirt-fence-kdump-listener service [ INFO ] Stopping websocket-proxy service [ INFO ] Stage: Misc configuration [ INFO ] Stage: Package installation [ INFO ] Stage: Misc configuration [ INFO ] Initializing PostgreSQL [ INFO ] Creating PostgreSQL ’engine’ database [ INFO ] Configuring PostgreSQL [ INFO ] Creating/refreshing Engine database schema [ INFO ] Creating CA [ INFO ] Configuring WebSocket Proxy [ INFO ] Generating post install configuration file ‘/etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf’ [ INFO ] Stage: Transaction commit [ INFO ] Stage: Closing up

–== SUMMARY ==–

[WARNING] Less than 16384MB of memory is available SSH fingerprint: DF:FF:42:14:80:35:E2:7D:68:3A:1F:83:65:6E:89:EA Internal CA 99:17:7A:42:D0:9D:D7:33:DE:C3:3E:07:EE:15:5D:01:28:63:4A:BF Web access is enabled at: http://ovirt.xenlab.com:80/ovirt-engine https://ovirt.xenlab.com:443/ovirt-engine Please use the user “admin” and password specified in order to login In order to configure firewalld, copy the files from /etc/ovirt-engine/firewalld to /etc/firewalld/services and execute the following commands: firewall-cmd -service ovirt-postgres firewall-cmd -service ovirt-https firewall-cmd -service ovirt-fence-kdump-listener firewall-cmd -service ovirt-websocket-proxy firewall-cmd -service ovirt-http The following network ports should be opened: tcp:443 tcp:5432 tcp:6100 tcp:80 udp:7410 An example of the required configuration for iptables can be found at: /etc/ovirt-engine/iptables.example

–== END OF SUMMARY ==–

[ INFO ] Starting engine service [ INFO ] Restarting httpd [ INFO ] Stage: Clean up Log file is located at /var/log/ovirt-engine/setup/ovirt-engine-setup-20150711225251-f9k7an.log [ INFO ] Generating answer file ‘/var/lib/ovirt-engine/setup/answers/20150711225734-setup.conf’ [ INFO ] Stage: Pre-termination [ INFO ] Stage: Termination [ INFO ] Execution of setup completed successfully

[/bash]

安装成功,用浏览器,访问 ovirt 服务器 IP 地址使用 admin / 密码 登陆管理员控制台,第一次比较慢,验证安装是否完全成功。

使用命令确认 nfs [[email protected] ~]# showmount -e Export list for ovirt.xenlab.com: /srv/ovirt/sata 192.168.10.0/24 /srv/ovirt/export 192.168.10.0/24 /srv/ovirt/iso 192.168.10.0/24

在 ovirt 服务器中添加这三个存储,然后在命令和中确认 iso 存储已经可用。

[bash]

[[email protected] ~]# engine-iso-uploader list Please provide the REST API password for the [email protected] oVirt Engine user (CTRL+D to abort): ISO Storage Domain Name | Datacenter | ISO Domain Status ovirt-iso | Default | active

[/bash]

把需要安装的光盘镜像文件,先复制到 ovirt 服务器上,然后传入 iso 存储。

[bash]

[[email protected] iso]$ scp CentOS-7-x86_64-Minimal-1503-01.iso [email protected]:/root/ The authenticity of host ‘192.168.10.25 (192.168.10.25)’ can’t be established. ECDSA key fingerprint is SHA256:KMGYLWZu14ZKaUwizIORgQ598Bpc0PKzNWF0qop2VAQ. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘192.168.10.25’ (ECDSA) to the list of known hosts. [email protected]’s password: CentOS-7-x86_64-Minimal-1503-01.iso 100% 636MB 90.9MB/s 00:07 [[email protected] iso]$

[/bash]

用这个命令上传光盘。 engine-iso-uploader upload -i ovirt-iso /root/CentOS-7-x86_64-Minimal-1503-01.iso

之后就可以在控制台中创建虚拟机了。在 Web 界面上安装虚拟机,是需要安装客户的程序的,在 Fedora 22 笔记本中安装它们。 yum install spice-xpi virt-viewer

点击新创建的虚拟机,启动之后,选择控制台,打开后,开始系统安装。

参考文档

本文没有做截图,是由于以下参考文档都有相关截图和步骤说明;因此,在使用本文档的过程中,一定要同时打开这几篇文档。

http://www.ovirt.org/QuickStart_Guide#Install_oVirt_Engine.28Fedora.29%60

http://jensd.be/?p=550

https://xrsa.net/2015/02/04/installing-ovirt-3-5-on-centos-7-hosted-engine/

http://www.server-world.info/en/note?os=Fedora_22&p=kvm&f=8

最新文章

分类

关于

This Blog is sharing DevOps and SRE ariticles. I am a Senior Developer Relations/Advocate at Elastic, Founder of DevOps China since 2017, Microsift MVP since 2021, DevOps Institute Ambassador.