Im folgenden Teil wird erklärt wie oVirt eingerichtet werden kann.
Zunächst muss die Paketquelle hinzugefügt werden:
# yum install http://resources.ovirt.org/pub/yum-repo/ovirt-release40.rpm
Danach müssen die benötigten Softwarepakete installiert werden:
# yum install ovirt-engine -y
Im Anschluss kann mit engine-setup das Installationsprogramm gestartet werden.
# engine-setup
[ INFO ] Stage: Initializing
[ INFO ] Stage: Environment setup
Configuration files: ['/etc/ovirt-engine-setup.conf.d/10-packaging-jboss.conf', '/etc/ovirt-engine-setup.conf.d/10-packaging.conf']
Log file: /var/log/ovirt-engine/setup/ovirt-engine-setup-20170107120457-5krvyd.log
Version: otopi-1.5.2 (otopi-1.5.2-1.el7.centos)
[ INFO ] Stage: Environment packages setup
[ INFO ] Stage: Programs detection
[ INFO ] Stage: Environment setup
[ INFO ] Stage: Environment customization
--== PRODUCT OPTIONS ==--
Configure Engine on this host (Yes, No) [Yes]:
Configure Image I/O Proxy on this host? (Yes, No) [Yes]:
Configure WebSocket Proxy on this host (Yes, No) [Yes]:
Please note: Data Warehouse is required for the engine. If you choose to not configure it on this host, you have to configure it on a remote host, and then configure the engine on this host so that it can access the database of the remote Data Warehouse host.
Configure Data Warehouse on this host (Yes, No) [Yes]:
Configure VM Console Proxy on this host (Yes, No) [Yes]:
--== PACKAGES ==--
[ INFO ] Checking for product updates...
[ INFO ] No product updates found
--== NETWORK CONFIGURATION ==--
Host fully qualified DNS name of this server [vmnode1.skys.local]:
[WARNING] Failed to resolve vmnode1.skys.local using DNS, it can be resolved only locally
Setup can automatically configure the firewall on this system.
Note: automatic configuration of the firewall may overwrite current settings.
Do you want Setup to configure the firewall? (Yes, No) [Yes]: No
--== DATABASE CONFIGURATION ==--
Where is the DWH database located? (Local, Remote) [Local]:
Setup can configure the local postgresql server automatically for the DWH to run. This may conflict with existing applications.
Would you like Setup to automatically configure postgresql and create DWH database, or prefer to perform that manually? (Automatic, Manual) [Automatic]:
Where is the Engine database located? (Local, Remote) [Local]:
Setup can configure the local postgresql server automatically for the engine to run. This may conflict with existing applications.
Would you like Setup to automatically configure postgresql and create Engine database, or prefer to perform that manually? (Automatic, Manual) [Automatic]:
--== OVIRT ENGINE CONFIGURATION ==--
Engine admin password:
Confirm engine admin password:
[WARNING] Password is weak: Es ist zu kurz
Use weak password? (Yes, No) [No]: Yes
Application mode (Virt, Gluster, Both) [Both]:
--== STORAGE CONFIGURATION ==--
Default SAN wipe after delete (Yes, No) [No]:
--== PKI CONFIGURATION ==--
Organization name for certificate [skys.local]:
--== APACHE CONFIGURATION ==--
Setup can configure the default page of the web server to present the application home page. This may conflict with existing applications.
Do you wish to set the application as the default page of the web server? (Yes, No) [Yes]:
Setup can configure apache to use SSL using a certificate issued from the internal CA.
Do you wish Setup to configure that, or prefer to perform that manually? (Automatic, Manual) [Automatic]:
--== SYSTEM CONFIGURATION ==--
Configure an NFS share on this server to be used as an ISO Domain? (Yes, No) [No]:
--== MISC CONFIGURATION ==--
Please choose Data Warehouse sampling scale:
(1) Basic
(2) Full
(1, 2)[1]:
--== END OF CONFIGURATION ==--
[ INFO ] Stage: Setup validation
--== CONFIGURATION PREVIEW ==--
Application mode : both
Default SAN wipe after delete : False
Update Firewall : False
Host FQDN : vmnode1.skys.local
Engine database secured connection : False
Engine database host : localhost
Engine database user name : engine
Engine database name : engine
Engine database port : 5432
Engine database host name validation : False
DWH database secured connection : False
DWH database host : localhost
DWH database user name : ovirt_engine_history
DWH database name : ovirt_engine_history
DWH database port : 5432
DWH database host name validation : False
Engine installation : True
PKI organization : skys.local
Configure local Engine database : True
Set application as default page : True
Configure Apache SSL : True
DWH installation : True
Configure local DWH database : True
Engine Host FQDN : vmnode1.skys.local
Configure Image I/O Proxy : True
Configure VMConsole Proxy : True
Configure WebSocket Proxy : True
Please confirm installation settings (OK, Cancel) [OK]:
[ INFO ] Stage: Transaction setup
[ INFO ] Stopping engine service
[ INFO ] Stopping ovirt-fence-kdump-listener service
[ INFO ] Stopping dwh service
[ INFO ] Stopping Image I/O Proxy service
[ INFO ] Stopping websocket-proxy service
[ INFO ] Stage: Misc configuration
[ INFO ] Stage: Package installation
[ INFO ] Stage: Misc configuration
[ INFO ] Upgrading CA
[ INFO ] Initializing PostgreSQL
[ INFO ] Creating PostgreSQL 'engine' database
[ INFO ] Configuring PostgreSQL
[ INFO ] Creating PostgreSQL 'ovirt_engine_history' database
[ INFO ] Configuring PostgreSQL
[ INFO ] Creating CA
[ INFO ] Creating/refreshing Engine database schema
[ INFO ] Creating/refreshing DWH database schema
[ INFO ] Configuring Image I/O Proxy
[ INFO ] Setting up ovirt-vmconsole proxy helper PKI artifacts
[ INFO ] Setting up ovirt-vmconsole SSH PKI artifacts
[ INFO ] Configuring WebSocket Proxy
[ INFO ] Creating/refreshing Engine 'internal' domain database schema
[ INFO ] Generating post install configuration file '/etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf'
[ INFO ] Stage: Transaction commit
[ INFO ] Stage: Closing up
[ INFO ] Starting engine service
[ INFO ] Starting dwh service
[ INFO ] Restarting ovirt-vmconsole proxy service
--== SUMMARY ==--
[ INFO ] Restarting httpd
In order to configure firewalld, copy the files from
/etc/ovirt-engine/firewalld to /etc/firewalld/services
and execute the following commands:
firewall-cmd --permanent --add-service ovirt-postgres
firewall-cmd --permanent --add-service ovirt-https
firewall-cmd --permanent --add-service ovirt-fence-kdump-listener
firewall-cmd --permanent --add-service ovirt-imageio-proxy
firewall-cmd --permanent --add-service ovirt-websocket-proxy
firewall-cmd --permanent --add-service ovirt-http
firewall-cmd --permanent --add-service ovirt-vmconsole-proxy
firewall-cmd --reload
The following network ports should be opened:
tcp:2222
tcp:443
tcp:5432
tcp:54323
tcp:6100
tcp:80
udp:7410
An example of the required configuration for iptables can be found at:
/etc/ovirt-engine/iptables.example
Please use the user 'admin@internal' and password specified in order to login
Web access is enabled at:
http://vmnode1.skys.local:80/ovirt-engine
https://vmnode1.skys.local:443/ovirt-engine
Internal CA D4:C8:59:3F:54:CD:26:4E:5C:97:5A:59:E4:1B:8A:DB:47:96:06:49
SSH fingerprint: cf:bd:ba:bb:d8:5c:92:8e:9e:50:1d:80:a7:cf:f5:d7
--== END OF SUMMARY ==--
[ INFO ] Stage: Clean up
Log file is located at /var/log/ovirt-engine/setup/ovirt-engine-setup-20170107120457-5krvyd.log
[ INFO ] Generating answer file '/var/lib/ovirt-engine/setup/answers/20170107122105-setup.conf'
[ INFO ] Stage: Pre-termination
[ INFO ] Stage: Termination
[ INFO ] Execution of setup completed successfully
Wenn die Firewall aktiviert ist muss man noch die oben aufgelisteten Aktionen durchführen.
Wenn SPICE von extern verwendet werden können soll muss noch folgende Regel hinzugefügt werden:
# firewall-cmd --permanent --add-port 5634-6166/tcp
Danach kann man sich am Webportal über die 2 ausgegebenen Adressen verbinden und einloggen.
Zunächst muss der lokale Host hinzu gefügt werden:
“System -> Data Centers -> Default -> Clusters -> Default -> Hosts -> New”
Die erfolgt über die Angabe von Namen IP und root Passwort.
Der Installationsprozess kann eine weile dauern.
NFS Exports erstellen:
# vi /etc/exports
/mnt/raid6/exports/isos vmnode1(rw,sync,no_subtree_check,all_squash,anonuid=36,anongid=36)
/mnt/raid6/exports/data vmnode1(rw,sync,no_subtree_check,all_squash,anonuid=36,anongid=36)
Nach müssen die shares neu geladen werden und die Berechtigungen für oVirt angepasst werden:
# exportfs -a
# chown -R vdsm:kvm /mnt/raid6/exports
# chown -R vdsm:kvm /mnt/raid6/exports
Im Anschluss kann der NFS Server aktiviert und gestartet werden:
# systemctl start {nfs-server,nfs-lock,nfs-idmap}
# systemctl enable {nfs-server,nfs-lock,nfs-idmap}
Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service.
Da oVirt noch NFS3 als Standard Version verwendet empfiehlt es sich NFS in der /etc/nfsmount.conf wie folgt zu konfigurieren:
[ NFSMount_Global_Options ]
# This statically named section defines global mount
# options that can be applied on all NFS mount.
#
# Protocol Version [2,3,4]
# This defines the default protocol version which will
# be used to start the negotiation with the server.
Defaultvers=3
#
# Setting this option makes it mandatory the server supports the
# given version. The mount will fail if the given version is
# not support by the server.
Nfsvers=3
Nach dem die Speicherplätze verfügbar sind können diese in oVirt eingehangen werden:
„System -> Data Centers -> Default -> Storage -> New Domain“:
Danach sollte es so aussehen:
Nun ist oVirt bereit für die Verwendung