How to Create a Hypervisor: Difference between revisions
m (edited ifcfg-br0 contents) |
mNo edit summary |
||
Line 22: | Line 22: | ||
ifcfg-br1: | ifcfg-br1: | ||
DEVICE="br1" | DEVICE="br1" | ||
BOOTPROTO="static" | BOOTPROTO="static" |
Latest revision as of 17:46, 12 June 2017
CREATING A HYPERVISOR NOTES: CREATING BRIDGES:
cd /etc/sysconfig/network-scripts cp ifcfg-eth0 /root/ifcfg-eth0.back cp ifcfg-eth1 /root/ifcfg-eth1.back
Create two files: ifcfg-br0 and ifcfg-br1
vim ifcfg*
ifcfg-br0: DEVICE="br0" BOOTPROTO="static" ONBOOT="yes" TYPE="Bridge" IPADDR="10.20.0.236" PREFIX="16" DHCP_HOSTNAME="he.cluster.ucsf.bkslab.org" HOSTNAME="he.cluster.ucsf.bkslab.org" DOMAIN="cluster.ucsf.bkslab.org" STP="off" DELAY="0"
ifcfg-br1: DEVICE="br1" BOOTPROTO="static" NM_CONTROLLED="no" ONBOOT="yes" TYPE="Bridge" IPADDR="169.230.26.168" PREFIX="24" GATEWAY="169.230.26.1" STP="off" DELAY="0"
ifcfg-eth0:
DEVICE="eth0" BOOTPROTO="static" HWADDR="00:25:90:D9:D8:6E" IPV6INIT="yes" MTU="1500" NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" UUID="691b9591-f3f5-47f1-8cc1-7a45495cc5ba" BRIDGE="br0"
ifcfg-eth1:
DEVICE="eth1" BOOTPROTO="none" HWADDR="00:25:90:D9:D8:6F" NM_CONTROLLED="no" ONBOOT="yes" TYPE="Ethernet" UUID="c9964a49-dfbc-419e-a475-19e947f45828" BRIDGE="br1"
TURN ON IP FORWARDING:
/sbin/sysctl -w net.ipv4.ip_forward=1
Check to make sure ip forwarding is on like this:
/sbin/sysctl net.ipv4.ip_forward
Make sure BOOTPROTO is not dhcp and make sure network manager is off INSTALL THE LIBVIRT SERVER:
yum install libvirt qemu-kvm bridge-utils
CHECK THE STORAGE SITUATION OUT: Two ways:
cat /sys/block/sd*/queue/rotational
You get a 1 for HDDs and 0 for SSDs OR
smartctl -a /dev/sd*
CREATE STORAGE POOL MOUNT POINTS:
Just create logical volumes (If there are ssd’s and hd’s you should have two volume groups and two lvms). This is what I did:
df -Th => To see the current filesystem types lvcreate -l 100%FREE -n lv_images vg_beatles (The 100% uses the rest of the space in the volume group) mkfs.ext4 /dev/mapper/vg_beatles-lv_images
BIND TO LIBVIRT DIRECTORY (this was already done for me)
mkdir /var/lib/libvirt/images/bulk mount -t ext4 /dev/mapper/vg_beatles-lv_images /var/lib/libvirt/images/bulk
Add the mount point to fstab ADD QEMU USER
useradd qemu groupadd qemu usermod -a -G qemu qemu
ADJUST FIREWALL
vim /etc/sysconfig/iptables
+++++++++++++++++++++++++++
# 16514 == libvirt tls; 16509 == libvirt tcp; 5900-5999 == vnc ports; -A INPUT -m state --state NEW -m tcp -p tcp --dport 16514 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 16509 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 5900:5999 -s 10.20.0.0/16 -j ACCEPT
++++++++++++++++++
service iptables restart
ADD TO THE LIBVIRT AND QEMU CONFIGS:
At first, before you get certs settled, have the tcp_port be 16509. After, when you’re ready to add certs, change the port to 16514. vim /etc/libvirt/libvirtd.conf
+++++++++++++
log_level = 3 auth_tcp = "none" log_outputs="3:syslog:libvirtd" listen_tcp = 1 tcp_port = "16509" listen_tls = 0
++++++++++++++++++
vim /etc/libvirt/qemu.conf
++++++++++++++++++++++
vnc_tls = 0 vnc_tls_x509_verify = 0 vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc" vnc_listen = "10.20.0.236" => internal ip of the hypervisor itself vnc_password = "4nu6rho3" user = "qemu" group = "qemu"
+++++++++++++++++++++++
vim /etc/sysconfig/libvirtd
++++++++++++++++++++++++++++
LIBVIRTD_ARGS="--listen"
+++++++++++++++++++++++++++++++
cd /etc/libvirt/qemu/networks
Add the following files here:
cluster.xml and public.xml vim cluster.xml
++++++++++++++++++++++
<network> <name>cluster</name> <uuid>691b9591-f3f5-47f1-8cc1-7a45495cc5ba</uuid> <forward mode='bridge'/> <bridge name='br0' /> <mac address='00:25:90:D9:D8:6E'/> <ip address='10.20.3.254' netmask='255.255.0.0'> </ip> </network>
++++++++++++++++++++
vim public.xml
+++++++++++++++++++
<network> <name>public</name> <uuid>c9964a49-dfbc-419e-a475-19e947f45828</uuid> <forward mode='bridge'/> <bridge name='br1' /> <mac address='00:25:90:D9:D8:6F'/> </network>
cd /etc/libvirt mkdir storage cd storage create fast.xml and bulk.xml vim fast.xml
+++++++++++++++++++++
<pool type="dir"> <name>fast</name> <target> <path>/var/lib/libvirt/images</path> </target> </pool>
++++++++++++++++++++
vim bulk.xml
++++++++++++++++++
<pool type="dir"> <name>bulk</name> <target> <path>/var/lib/libvirt/images/bulk</path> </target> </pool>
+++++++++++++++++++++
service libvirtd start
WHEN YOU DO THE FOLLOWING YOU EITHER HAVE TO BE IN THE DIRECTORY THAT THE XML FILE IS OR YOU HAVE TO SPECIFY THE FULL PATH TO THE XML FILE.
virsh pool-define fast.xml virsh pool-start fast virsh pool-autostart fast virsh pool-define bulk.xml virsh pool-start bulk virsh pool-autostart bulk
virsh net-define cluster.xml virsh net-start cluster virsh net-autostart cluster virsh net-define public.xml virsh net-start public virsh net-autostart public
service libvirtd restart
TO TEST THE CONFIGURATION SO FAR:
virsh -c qemu:///system list
You should see this:
Id Name State ----------------------------------------------------
Then on another machine that has libvirt installed:
[root@tet ~]# virsh -c qemu+tcp://he.cluster.ucsf.bkslab.org/system list Id Name State ----------------------------------------------------
If that is all good then you can proceed with updating the certs:
mkdir -pv /etc/pki/CA ln -sv /var/lib/puppet/ssl/certs/ca.pem /etc/pki/CA/cacert.pem rm -rf /etc/pki/libvirt
mkdir -pv /etc/pki/libvirt/private cp -rv /var/lib/puppet/ssl/private_keys/`hostname`.pem /etc/pki/libvirt/private/serverkey.pem cp -rv /var/lib/puppet/ssl/certs/`hostname`.pem /etc/pki/libvirt/servercert.pem ln -sv /etc/pki/libvirt/private/serverkey.pem /etc/pki/libvirt/private/clientkey.pem ln -sv /etc/pki/libvirt/servercert.pem /etc/pki/libvirt/clientcert.pem chcon -Rv -u system_u /etc/pki/libvirt chown -Rv root:qemu /etc/pki/libvirt chmod -Rv 440 /etc/pki/libvirt
mkdir -pv /etc/pki/libvirt-vnc ln -sv /etc/pki/CA/cacert.pem /etc/pki/libvirt-vnc/ca-cert.pem ln -sv /etc/pki/libvirt/servercert.pem /etc/pki/libvirt-vnc/server-cert.pem ln -sv /etc/pki/libvirt/private/serverkey.pem /etc/pki/libvirt-vnc/server-key.pem
vim /etc/libvirt/libvirtd.conf
++++++++++++++++++++++++
log_level = 1 #auth_tcp = "none" log_outputs="3:syslog:libvirtd" listen_tls = 1 listen_tcp = 0
+++++++++++++++++++++++++++++
vim /etc/libvirt/qemu.conf
++++++++++++++++++++++++++++
vnc_tls = 0 vnc_tls_x509_verify = 0 vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc" vnc_listen = "10.20.0.236" vnc_password = "4nu6rho3" user = "qemu" group = "qemu"
++++++++++++++++++++++++++
service libvirtd restart
Test to make sure it's still working:
[root@tet ~]# virsh -c qemu+tls://he.cluster.ucsf.bkslab.org/system list Id Name State ----------------------------------------------------
If this looks good go to foreman and register as compute source.