ConVirt Enterprise 3.4.5 Setup for Fedora/RHEL/CentOS
Note These are instructions tested on RHEL/CentOS 6.0. There might be slight variations on other distributions. We would appreciate your contribution in refining these instructions with distribution specific changes.
1.1 Prerequisites
- You will need internet access during ConVirt installation, as some of the packages are downloaded over the network.
- If your organization is using proxy server to get to internet, make sure that you have the proxy details ready.
1.2 Step By Step
NOTE : DO NOT INSTALL Convirt Enterprise 3.4.5 on the same server as 2.0 Production Server
NOTE : Follow EACH step carefully and you will have a working ConVirt deployment in minutes.
NOTE : Please refer to Troubleshooting Guide for any issues.
- Request download for ConVirt 3.4.5 package appropriate to your Linux distribution. You will be sent url to actual download location with credentials. Please use "Your Message" field to specify the distribution and version.
- Login as root and create a new user account for installing ConVirt Management Serevr. Lets refer to this as CMS user account.
e.g. useradd -m convirt -s /bin/bash passwd convirt
- Login as CMS user account. (If you are using existing account, make sure that you are suing bash shell.)
- Download the package in your home directory, and untar it. You will find the following tarballs within it.
-
- convirt-enterprise-install-3.4.5.tar.gz : ConVirt Management Server (CMS) installer.
- convirt-enterprise-3.4.5.tar.gz : ConVirt Management Server.
- convirture-enterprise-tools-3.4.5.tar.gz : Tar ball contains tools to prepare Managed Servers (Hosts running virtualization platform e.g. Xen or KVM)
- Untar the CMS installer tarball in the home directory. You will see the directory containing scripts to create TurboGerars2 (tg2) environment and ConVirt management server in the home directory.
tar -xzf ./convirt-enterprise-install-3.4.5.tar.gz
- By default the CMS will get installed in the home directory like ~/convirt-enterprise. If you wish it to be at any other location, please update CONVIRT_BASE varialbe in install/cms/scripts/install_config file.
For example, change
if [ "" == "$CONVIRT_BASE" ]; then CONVIRT_BASE=~ fi
To
if [ "" == "$CONVIRT_BASE" ]; then CONVIRT_BASE=~/cms fi
Now CMS will get installed under ~/cms/convirt-enterprise
- Untar the CMS tarball.
source ./convirt-enterprise-install/install/cms/scripts/install_config tar -xzf ./convirt-enterprise-3.4.5.tar.gz -C $CONVIRT_BASE
1.3 Installing and setting up ConVirt Management Server (CMS)
NOTE : Please refer to Troubleshooting Guide for any issues.
NOTE : RHEL/CentOS 6 users, please visit RHEL 6 Networking section, before starting here.
- Setup Proxy : If your organization has a proxy server to access internet, then make sure that you set the http_proxy variable as follows at the time of ConVirt installation and setup.
export http_proxy="http://company-proxy-server:80" NOTE The proxy port may be different. In this example, 80 is assumed.
- Login as root user.
- Setup ConVirt repository
yum install wget cd /etc/yum.repos.d wget --no-cache http://www.convirture.com/repos/definitions/rhel/5.x/convirt.repo
For RHEL/CentOS 6, yum install wget cd /etc/yum.repos.d wget --no-cache http://www.convirture.com/repos/definitions/rhel/6.x/convirt.repo
- IMPORTANT INSTALL RELATED PATCH/CHANGE Due to change in some of the dependencies, we need to install specific version of virtualenv. To do so, please make the following change.
In the following two files convirt-enterprise-install/install/cms/common/functions convirt-enterprise/install/cms/common/functions
Change the line $SUDO easy_install virtualenv To $SUDO easy_install virtualenv==1.11.6
NOTE Two equal-to signs before the version number.
- Install dependencies.
./convirt-enterprise-install/install/cms/scripts/install_dependencies NOTE When prompted for mysql credentials for root, please remember what you enter. For simplicity you may enter "convirt" (you can change this later.)
- Setup innodb buffer and memory pool.
In the mysql configuration file /etc/my.cnf under [mysqld] section. Please add the following two lines innodb_buffer_pool_size=1G innodb_additional_mem_pool_size=20M transaction-isolation = READ-COMMITTED
Restart mysqld /etc/init.d/mysqld restart
- Install ConVirt. For this, log in as CMS user account.
- * If required, setup Proxy again, as now you are logged in as CMS user account. (e.g. convirt)
export http_proxy="http://company-proxy-server:80"
- * Untar the CMS tarball, if you have not already done so.
source convirt-enterprise-install/install/cms/scripts/install_config tar -xzf ./convirt-enterprise-3.4.5.tar.gz -C $CONVIRT_BASE
- * Setup TurboGears
./convirt-enterprise-install/install/cms/scripts/setup_tg2
- * Setup ConVirt
-
- Modify sqlalchemy.url in src/convirt/web/convirt/development.ini to reflect user and password for the mysql database.
For example in the following url, username = root, password = convirt, server=localhost, database port = 3306 and database name is convirt_ee sqlalchemy.url=mysql://root:convirt@localhost:3306/convirt_ee?charset=utf8
-
- and then execute :
./convirt-enterprise-install/install/cms/scripts/setup_convirt
NOTE You would be prompted for password for SSH identity for CMS server. You will be required to enter the password every time you start the ConVirt Management Server (CMS).
-
- Update : Recently due to change in json library, users run in to the following error.
error: SandboxViolation: chmod('/home/convirt/convirt-enterprise/.python-eggs/simplejson-2.0.8-py2.7-linux-x86_64.egg-tmp/simplejson/tmpBaN0BU.$extract', 493) {}
To workaround this, please follow the steps given below. cd convirt-enterprise source ./tg2env/bin/activate easy_install -U simplejson deactivate Now run the setup_convirt again. ./convirt-enterprise-install/install/cms/scripts/setup_convirt
- * RHEL/CentOS 6 users should, follow steps given below to manage Xen environment. This steps can be skipped if you want to manage only KVM based servers.
cd /tmp wget --no-cache http://www.convirture.com/downloads/xen-client/xen-client.tar.gz cd /usr/lib64/python2.6/site-packages tar -xzf /tmp/xen-client.tar.gz
1.4 Validating the CMS Setup
- Start ConVirt Management Server
cd ~/convirt-enterprise ./convirt-ctl start
- NOTE You would be prompted for passphrase. Enter the same passphrase that you gave at the time of setting up ConVirt
- If the firewall is enabled, configure it to allow TCP access to port 8091
iptables -I INPUT -p tcp --dport 8091 -j ACCEPT
- Follow instructions to make this permanent depending on the distribution, so that the rule is present even when you boot the machine.
Add the rule in /etc/sysconfig/iptables at appropriate place. -A INPUT -p tcp --dport 8091 -j ACCEPT
- Find the IP address of the machine using,
ifconfig eth0
- Point your browser at CMS : http://ip-address:8091/. The default credentials are admin/admin.
- Stop server once you are done.
cd ~/convirt-enterprise ./convirt-ctl stop
1.5 Firewall setup for VNC
In addition to CMS port (8091) as mentioned before, you should open up 6900:6999 port range for VNC. This is used by the ConVirt to allow VNC applet to access Virtual machine consoles. To do so,
- Login as root on the CMS server and run the following command.
iptables -I INPUT -m state --state NEW -p tcp --dport 6900:6999 -j ACCEPT
- Follow instructions to make this permanent depending on the distribution, so that the rule is present even when you boot the machine.
1.6 Apply Recommended patches
NOTE : Use the same credentials that you used for downloading the product.
For 3.1.2 Enterprise Cloud
- EC-VDC-CREATE-001 : This patch fixes error at the time of creating a Virtual Data Center (VDC). To download the patch please use http://www.convirture.com/3.0_ec_downloads/convirt/3.1.2/patches area and download the files specific to your distribution. Untar the package and follow instructions in the README to apply the patch.
For 3.2 Enterprise / Enterprise Cloud
No patches at this time.
1.7 Preparing Managed Servers
NOTE: Skip this section if you want to want to use ConVirt for Amazon/OpenStack Cloud Management only.
NOTE: Skip this section for ESXi/vSphere/vCenter environments.
NOTE: For Hyper-V environment, simply make sure hyper-v is installed, you can ping the server from another machine and Enable-PSRemoting -force is executed as administrator.
1.7.1 Install Virtualization Platform
Before you start managing a remote server using ConVirt, you need to ensure that it's properly configured. This can be done easily in a few quick steps.
NOTE: Each managed server needs to be prepared using the following procedure.
- Install (if necessary) and configure Xen (3.0.4 or higher) or KVM (kvm-70 or higher) on the managed server. Note: chances are your linux distribution already includes either Xen or KVM. Almost all modern distributions do.
- Here are some tips and pointers :
-
- For Xen on CentOS/RHEL 5.x: Select the Virtualization option at the time of installation.
-
- For KVM on CentOS/RHEL 5.x :
- yum groupinstall KVM; modprobe kvm;
- Depending on your processor, modprobe kvm-amd or modprobe kvm-intel
- For KVM on CentOS/RHEL 5.x :
-
- For Xen and KVM, Disable SELINUX by setting SELINUX=permissive in /etc/sysconfig/selinux file.
-
- For KVM on CentOS/RHEL 6.x,7.x : Select "Virtual Host" at the time of installation.
-
-
- NOTE : RHEL 6.x or RHEL 7.x users, please visit RHEL/CentOS 6.x or RHEL/CentOS 7.xNetworking section, before proceeding to next step.
-
1.7.2 Run convirt-tool
The convirt-tool script helps you do necessary changes to the managed server, so it is easily managed by ConVirt (CMS).
- For the Xen platform, running this command configures the Xend Server to listen on port 8006 and opens port 8002 for migration. The command also detects the default bridge and writes a summary of its operations to the /var/cache/convirt/server_info file.
- For the KVM platform, the command creates appropriate public bridges, required scripts and writes a summary of its operations to the /var/cache/convirt/server_info file.
Please follow the steps.
- Login to CMS server as CMS user account.
- Copy the convirt-tool tarball to managed server.
scp convirture-enterprise-tools-3.4.5.tar.gz root@managed-server:/root
- As a CMS user, Login to the managed server as root. DO NOT SKIP THIS STEP.
ssh root@managed-server Note ConVirt requires ability to login remotely using root account. For certain distribution root password is not set by default. On such distribution, root password must be explicitly set.
- Extract the contents of the archive into a directory. For example:
tar -xzf convirture-enterprise-tools-3.4.5.tar.gz
- Change to the ~/convirture-enterprise-tools/install/managed_server/scripts directory, then use the convirt-tool command to check or configure the managed server.
For example:
cd ./convirture-enterprise-tools/install/managed_server/scripts
- To view the usage message, run:
./convirt-tool -h
- To validate the platform without making any changes, run:
./convirt-tool --detect_only setup
- Install required dependencies
./convirt-tool install_dependencies
- Note: For SLES 11 SP3, you may see "Valid metadata not found at specified URL(s).", If you see this, the required dependencies may not be installed. The workaround for this is to run the ./convirt-tool install_dependencies again.
- To have a virtual machine connect to a network, bridge setup is required. With virtualization platform installation, depending on the version, you would have either xenbr0 or eth0 or br0 setup. You can verify this using the brctl show command. If you do not have any bridge, convirt-tool can set up bridges for each network interface.
./convirt-tool setup
Warning : This might disconnect the server from the network, so please make sure you have an alternative way of getting to the server (Be on the server, iLO, DRAC etc). Also, in case the managed server is part of cluster, the server might reboot because of network connectivity loss resulting in node fencing.
If you have the bridge set up already done or want to handle bridge setup separately, run the following command. (er. ./convirt-tool --skip_bridge setup
NOTE : Make sure that you have atleast one bridge setup to which the virtual machines can connect.
For the Xen 4.0 /SLES 11/SLES 11 SP1 user, xen server should be listening on SSL option
./convirt-tool --xen_ssl --all setup
- If you are using a firewall on Debian/Ubuntu you should verify that following ports are open
- For Both: ssh port (usually 22)
- For Xen : TCP port 8002 to allow migration, 8006 to allow ConVirt to talk to Xend Server.
- Fox KVM : TCP ports 8002 to 8012 for migration.
- For Xen, you should also specify the default memory for dom0. (new with version 2.0.1)
./convirt-tool --dom0_mem 1024 setup
This will set the dom0_mem using xm command as well as change the grub.conf file to have dom0_mem parameter added to the kernel line.
1.8 Preparing External Network Service Host
As a part of creating cloud from local infrastructure, you may need to setup an external Network Service Host. To setup a server for this purpose, follow the same instructions as Preparing Managed Servers. Use the --skip_bridge option to skip the bridge setup on this host.
./convirt-tool --skip_bridge setup
Note : Depending on the platform you may want to use --xen_ssl or --dom0_mem etc. Please refer to the earlier section of Preparing Managed Servers
1.9 Using ConVirt to manage your environment
Once the CMS and the managed servers are prepared, you can start managing your virtual infrastructure with CMS.
- Typical CMS startup
- Start the CMS
cd ~/convirt ./convirt-ctl start
- NOTE You would be prompted for passphrase if you have done ssh key based setup. By default the ~/.ssh/cms_id_rsa identity is used, if not found, it would use ~/.ssh/id_rsa. If neither of these are found, ConVirt would use passwords.
- Point the browser to CMS http://ip-address:8091/
- Login using credentials (default admin/admin)
- Select the Server Pool to which you'd like to add the new managed server. For example : QA Pool
- Right mouse click to get to the context menu and select 'Add Server'.
- Select the virtualization platform.
- Provide the IP address or hostname of the managed server prepared in the previous section. Also provide ssh credentials and check the "Use Keys" option in the advanced section. Press ok to add the server.
- On success, the new managed server would show up under the Server Pool and you will be prompted to import any virtual machine configuration files available on the server.
Now you can use ConVirt to create and manage complete life cycle of Virtual Machines on this server. Refer to documentation for more details.
NOTE : Please refer to Troubleshooting Guide for any issues.
2 SSL setup for CMS on CentOS/RHEL
NOTE : Instructions tested on CentOS/RHEL 5.4
To use SSL for CMS, we need to setup stunnel.
- Login as root user.
- Install stunnel
yum install stunnel
- Generate a certificate
cd /etc/stunnel wget http://www.convirture.com/downloads/stunnel/RHEL/stunnel.cnf (umask 077; \ /usr/bin/openssl req -new -x509 -days 365 -nodes \ -config /etc/stunnel/stunnel.cnf \ -out /etc/stunnel/stunnel.pem -keyout /etc/stunnel/stunnel.pem)
- Download configuration file.
cd /etc/stunnel wget --no-cache http://www.convirture.com/downloads/stunnel/RHEL/stunnel.conf -O stunnel.conf
- By default the SSL port is set to 8082, feel free to change it by changing stunnel.conf
[convirt] accept = 8092 connect = 8091
- start the stunnel
stunnel /etc/stunnel/stunnel.conf
- Login to CMS server using CMS user account. And edit src/convirt/web/convirt/development.ini and set server_protocol to https</>
server_protocol=https
- Restart CMS
./convirt-ctl stop ./convirt-ctl start
- Point the browser to the login page.
https://machine-name:8092/login
- Troubleshooting
Take a look at this if you run in to problems http://www.convirture.com/forums/viewtopic.php?f=36&t=6276
Commentaires