oVirt是RHEV的上游开源产品,
管理也和RHEV非常相似,
主打KVM的虚拟机管理平台. 相比OpenStack更加轻量化.
本文先介绍一下oVirt engine在CentOS 6.x x64平台下的安装.
除了数据库我们使用自己编译的PostgreSQL 9.3.5, 因为从依赖安装的版本实在太老了. 其他都使用依赖安装.
导入yum源
或者
# wget http://resources.ovirt.org/pub/yum-repo/ovirt-release34.rpm
# rpm -ivh ovirt-release34.rpm或者
yum localinstall -y http://resources.ovirt.org/pub/yum-repo/ovirt-release34.rpm
导入的源, gpgcheck建议改成0, 省得安装gpgkey, 没安装的话, 后面安装一些包的时候还可能报错.
最好不要改成0, 导入KEY可参考
安装ovirt-engine, yum自动解决依赖关系.
准备nfs目录, 用于存放ISO文件. 数据库的表空间目录.
配置/etc/hosts, 主机名.
配置数据库, 因为使用engine-setup设置engine时, Local数据库配置不能指定端口, 所以先使用默认的5432端口.
# yum install -y ovirt-engine
ovirt-engine noarch 3.4.3-1.el6 ovirt-3.4-stable 1.3 M
otopi noarch 1.2.2-1.el6 ovirt-3.4-stable 133 k
otopi-java noarch 1.2.2-1.el6 ovirt-3.4-stable 23 k
ovirt-engine-backend noarch 3.4.3-1.el6 ovirt-3.4-stable 10 M
ovirt-engine-cli noarch 3.4.0.5-1.el6 epel 196 k
ovirt-engine-dbscripts noarch 3.4.3-1.el6 ovirt-3.4-stable 189 k
ovirt-engine-lib noarch 3.4.3-1.el6 ovirt-3.4-stable 20 k
ovirt-engine-restapi noarch 3.4.3-1.el6 ovirt-3.4-stable 2.2 M
ovirt-engine-sdk-python noarch 3.4.3.0-1.el6 ovirt-3.4-stable 685 k
ovirt-engine-setup noarch 3.4.3-1.el6 ovirt-3.4-stable 4.2 k
ovirt-engine-setup-base noarch 3.4.3-1.el6 ovirt-3.4-stable 94 k
ovirt-engine-setup-plugin-ovirt-engine noarch 3.4.3-1.el6 ovirt-3.4-stable 134 k
ovirt-engine-setup-plugin-ovirt-engine-common noarch 3.4.3-1.el6 ovirt-3.4-stable 22 k
ovirt-engine-setup-plugin-websocket-proxy noarch 3.4.3-1.el6 ovirt-3.4-stable 13 k
ovirt-engine-tools noarch 3.4.3-1.el6 ovirt-3.4-stable 178 k
ovirt-engine-userportal noarch 3.4.3-1.el6 ovirt-3.4-stable 82 M
ovirt-engine-webadmin-portal noarch 3.4.3-1.el6 ovirt-3.4-stable 105 M
ovirt-engine-websocket-proxy noarch 3.4.3-1.el6 ovirt-3.4-stable 13 k
ovirt-host-deploy noarch 1.2.2-1.el6 ovirt-3.4-stable 72 k
ovirt-host-deploy-java noarch 1.2.2-1.el6 ovirt-3.4-stable 7.3 k
ovirt-image-uploader noarch 3.4.2-1.el6 ovirt-3.4-stable 104 k
ovirt-iso-uploader noarch 3.4.3-1.el6 ovirt-3.4-stable 36 k准备nfs目录, 用于存放ISO文件. 数据库的表空间目录.
# mkdir -p /ssd4/ovirt/iso
# mkdir -p /ssd4/pg93/tbs_ovirt配置/etc/hosts, 主机名.
[root@db-172-16-3-150 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
172.16.3.150 db-172-16-3-150.sky-mobi.com
[root@db-172-16-3-150 ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=db-172-16-3-150.sky-mobi.com
GATEWAY=172.16.3.1配置数据库, 因为使用engine-setup设置engine时, Local数据库配置不能指定端口, 所以先使用默认的5432端口.
(有误, 选择Remote数据库配置, 可以配置端口, 所以数据库端口随意即可.)
后期要改可以改配置文件.
/etc/ovirt-engine/engine.conf.d
配置数据库
[root@db-172-16-3-150 ~]# su - pg93
pg93@db-172-16-3-150-> psql
psql (9.3.3)
Type "help" for help.
digoal=# show port;
port
------
5432
(1 row)
create role ovirt superuser login encrypted password 'ovirt'; -- 建议给超级用户, 完全配置好之后, 再改成普通用户. 配置report时貌似需要超级用户权限
create tablespace tbs_ovirt location '/ssd4/pg93/tbs_ovirt';
create database ovirt with template template0 encoding 'UTF8' tablespace tbs_ovirt owner ovirt; -- 数据库登录用户必须是owner, 因为需要新建language.
grant all on tablespace tbs_ovirt to ovirt;
\c ovirt ovirt
# ovirt=> create schema ovirt; -- 目前oVirt不可使用自定义schema, 建议用public, 因为使用ovirt schema 后, web 管理界面会进不去.
# 错误参考 http://blog.163.com/digoal@126/blog/static/1638770402014714521962/
# CREATE SCHEMA
# ovirt=> \q
另外使用engine-setup前, 建议安装和后端数据库版本相同的数据库, jdbc等. 建议使用的目录结构和yum安装的postgresql , jdbc等目录结构一至. --exec-prefix=/usr
配置ovirt engine. 按提示输入即可.
如果配置有问题, 可以使用engine-cleanup命令清除配置, 并手工清除数据库schema, 重新执行engine-setup配置.
正常配置完后, 会自动启动ovirt-engine服务.
[root@db-172-16-3-150 ~]# engine-setup
[ INFO ] Stage: Initializing
[ INFO ] Stage: Environment setup
Configuration files: ['/etc/ovirt-engine-setup.conf.d/10-packaging.conf']
Log file: /var/log/ovirt-engine/setup/ovirt-engine-setup-20140728115413-jfj1wp.log
Version: otopi-1.2.2 (otopi-1.2.2-1.el6)
[ INFO ] Stage: Environment packages setup
[ INFO ] Yum Downloading: epel-debuginfo/metalink 2.4 k(43%)
[ INFO ] Yum Downloading: repomdRx7eXltmp.xml (0%)
[ INFO ] Yum Downloading: repomdSxJzf2tmp.xml (0%)
[ INFO ] Yum Status: Downloading Packages
[ INFO ] Yum Download/Verify: iproute-2.6.32-32.el6_5.x86_64
[ INFO ] Yum Status: Check Package Signatures
[ INFO ] Yum Status: Running Test Transaction
[ INFO ] Yum Status: Running Transaction
[ INFO ] Yum update: 1/2: iproute-2.6.32-32.el6_5.x86_64
[ INFO ] Yum updated: 2/2: iproute
[ INFO ] Yum Verify: 1/2: iproute.x86_64 0:2.6.32-32.el6_5 - u
[ INFO ] Yum Verify: 2/2: iproute.x86_64 0:2.6.32-23.el6 - ud
[ INFO ] Stage: Programs detection
[ INFO ] Stage: Environment setup
[ INFO ] Stage: Environment customization
--== PRODUCT OPTIONS ==--
--== PACKAGES ==--
[ INFO ] Checking for product updates...
[ INFO ] No product updates found
--== NETWORK CONFIGURATION ==--
Host fully qualified DNS name of this server [db-172-16-3-150.sky-mobi.com]:
Setup can automatically configure the firewall on this system.
Note: automatic configuration of the firewall may overwrite current settings.
Do you want Setup to configure the firewall? (Yes, No) [Yes]: No
--== DATABASE CONFIGURATION ==--
Where is the Engine database located? (Local, Remote) [Local]: 数据库选择Remote的话, 可以配置端口, Local不能选择配置端口.
Setup can configure the local postgresql server automatically for the engine to run. This may conflict with existing applications.
Would you like Setup to automatically configure postgresql and create Engine database, or prefer to perform that manually? (Automatic, Manual) [Automatic]: Manual
ATTENTION
Manual action required.
Please create database for ovirt-engine use. Use the following commands as an example:
create role engine with login encrypted password 'engine';
create database engine owner engine
template template0
encoding 'UTF8' lc_collate 'en_US.UTF-8'
lc_ctype 'en_US.UTF-8';
Make sure that database can be accessed remotely.
Engine database secured connection (Yes, No) [No]:
Engine database name [engine]: ovirt
Engine database user [engine]: ovirt
Engine database password: 输入ovirt
--== OVIRT ENGINE CONFIGURATION ==--
Application mode (Both, Virt, Gluster) [Both]:
Default storage type: (NFS, FC, ISCSI, POSIXFS, GLUSTERFS) [NFS]:
Engine admin password: 输入engine
Confirm engine admin password: 输入engine
[WARNING] Password is weak: it does not contain enough DIFFERENT characters
Use weak password? (Yes, No) [No]: Yes
--== PKI CONFIGURATION ==--
Organization name for certificate [sky-mobi.com]:
--== APACHE CONFIGURATION ==--
Setup can configure apache to use SSL using a certificate issued from the internal CA.
Do you wish Setup to configure that, or prefer to perform that manually? (Automatic, Manual) [Automatic]:
Setup can configure the default page of the web server to present the application home page. This may conflict with existing applications.
Do you wish to set the application as the default page of the web server? (Yes, No) [Yes]: No
--== SYSTEM CONFIGURATION ==--
Configure WebSocket Proxy on this machine? (Yes, No) [Yes]: No
Configure an NFS share on this server to be used as an ISO Domain? (Yes, No) [Yes]: 这里看情况, 可以不配置, 未来在ovirt engine WEB里配.
Local ISO domain path [/var/lib/exports/iso]: /ssd4/ovirt/iso
Local ISO domain ACL [0.0.0.0/0.0.0.0(rw)]:
Local ISO domain name [ISO_DOMAIN]:
--== MISC CONFIGURATION ==--
--== END OF CONFIGURATION ==--
[ INFO ] Stage: Setup validation
--== CONFIGURATION PREVIEW ==--
Engine database name : ovirt
Engine database secured connection : False
Engine database host : localhost
Engine database user name : ovirt
Engine database host name validation : False
Engine database port : 5432
NFS setup : True
PKI organization : sky-mobi.com
Application mode : both
Update Firewall : False
Configure WebSocket Proxy : True
Host FQDN : db-172-16-3-150.sky-mobi.com
NFS export ACL : 0.0.0.0/0.0.0.0(rw)
NFS mount point : /ssd4/ovirt/iso
Datacenter storage type : nfs
Configure local Engine database : False
Set application as default page : False
Configure Apache SSL : True
Please confirm installation settings (OK, Cancel) [OK]:
[ INFO ] Stage: Transaction setup
[ INFO ] Stopping engine service
[ INFO ] Stopping websocket-proxy service
[ INFO ] Stage: Misc configuration
[ INFO ] Stage: Package installation
[ INFO ] Stage: Misc configuration
[ INFO ] Creating Engine database schema
[ INFO ] Creating CA
[ INFO ] Configuring WebSocket Proxy
[ INFO ] Generating post install configuration file '/etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf'
[ INFO ] Stage: Transaction commit
[ INFO ] Stage: Closing up
--== SUMMARY ==--
SSH fingerprint: EB:B1:B2:56:74:74:C7:FE:59:D2:B5:FE:65:85:D2:44
Internal CA 80:04:4C:3F:3D:C5:98:10:D1:20:8B:32:8D:A0:98:A7:FF:2A:00:9B
Web access is enabled at:
http://db-172-16-3-150.sky-mobi.com:80/ovirt-engine
https://db-172-16-3-150.sky-mobi.com:443/ovirt-engine
Please use the user "admin" and password specified in order to login
In order to configure firewalld, copy the files from
/etc/ovirt-engine/firewalld to /etc/firewalld/services
and execute the following commands:
firewall-cmd -service ovirt-postgres
firewall-cmd -service ovirt-https
firewall-cmd -service ovirt-websocket-proxy
firewall-cmd -service ovirt-nfs
firewall-cmd -service ovirt-http
The following network ports should be opened:
tcp:111
tcp:2049
tcp:32803
tcp:443
tcp:5432
tcp:6100
tcp:662
tcp:80
tcp:875
tcp:892
udp:111
udp:32769
udp:662
udp:875
udp:892
An example of the required configuration for iptables can be found at:
/etc/ovirt-engine/iptables.example
--== END OF SUMMARY ==--
[ INFO ] Starting engine service
[ INFO ] Restarting httpd
[ INFO ] Restarting nfs services
[ INFO ] Stage: Clean up
Log file is located at /var/log/ovirt-engine/setup/ovirt-engine-setup-20140728115413-jfj1wp.log
[ INFO ] Generating answer file '/var/lib/ovirt-engine/setup/answers/20140728124134-setup.conf'
[ INFO ] Stage: Pre-termination
[ INFO ] Stage: Termination
[ INFO ] Execution of setup completed successfully如果配置有问题, 可以使用engine-cleanup命令清除配置, 并手工清除数据库schema, 重新执行engine-setup配置.
# engine-cleanup
ovirt=# drop schema public cascade;
DROP SCHEMA
ovirt=# create schema public; grant all on schema public to PUBLIC;
CREATE SCHEMA正常配置完后, 会自动启动ovirt-engine服务.
[root@db-172-16-3-150 ~]# ps -ewf|grep engin
ovirt 24538 1 0 12:41 ? 00:00:00 /usr/bin/python /usr/share/ovirt-engine/services/ovirt-engine/ovirt-engine.py --pidfile=/var/run/ovirt-engine.pid --background --redirect-output start
ovirt 24540 24538 21 12:41 ? 00:00:26 ovirt-engine -server -XX:+TieredCompilation -Xms1g -Xmx1g -XX:PermSize=256m -XX:MaxPermSize=256m -Djava.net.preferIPv4Stack=true -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Djava.awt.headless=true -Djsse.enableSNIExtension=false -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/ovirt-engine/dump -Djava.util.logging.manager=org.jboss.logmanager -Dlogging.configuration=file:///var/tmp/ovirt-engine/config/ovirt-engine-logging.properties -Dorg.jboss.resolver.warning=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djboss.modules.write-indexes=false -Djboss.server.default.config=ovirt-engine -Djboss.home.dir=/usr/share/jboss-as -Djboss.server.base.dir=/usr/share/ovirt-engine -Djboss.server.data.dir=/var/lib/ovirt-engine -Djboss.server.log.dir=/var/log/ovirt-engine -Djboss.server.config.dir=/var/tmp/ovirt-engine/config -Djboss.server.temp.dir=/var/tmp/ovirt-engine/tmp -Djboss.controller.temp.dir=/var/tmp/ovirt-engine/tmp -jar /usr/share/jboss-as/jboss-modules.jar -mp /var/tmp/ovirt-engine/modules/00-ovirt-engine-modules:/var/tmp/ovirt-engine/modules/01-jboss-as-modules -jaxpmodule javax.xml.jaxp-provider org.jboss.as.standalone -c ovirt-engine.xml
ovirt 24895 1 0 12:41 ? 00:00:00 /usr/bin/python /usr/share/ovirt-engine/services/ovirt-websocket-proxy/ovirt-websocket-proxy.py --pidfile=/var/run/ovirt-websocket-proxy.pid --background --redirect-output start
[root@db-172-16-3-150 ~]# cat /etc/exports
/ssd4/ovirt/iso 0.0.0.0/0.0.0.0(rw)
[root@db-172-16-3-150 ~]# showmount -e 127.0.0.1
Export list for 127.0.0.1:
/ssd4/ovirt/iso 0.0.0.0/0.0.0.0