[Original]KVM Virtualization Management platform Deployment-full record

Company Room has a 2U server (64G memory, 32 cores), due to the recent new business more, testing machine to be added, server resources are very limited. So we're going to deploy KVM virtualization on this 2U server and virtual VMs out to meet the new testing requirements.

As KVM hosts become more and more, the host's state needs to be regulated. Here I use Webvirtmgr as a KVM Virtualization Web management tool, a graphical web, making it easier for people to view the situation and operation of the KVM host

Webvirtmgr is a KVM management platform that has developed faster, more active, and very fresh over the past two years, providing unified management of host and virtual machines, unlike KVM's own graphical management tools (virtual Machine Manager), which makes KVM management more visible, Provides more convenience for small to medium KVM applications.

The webvirtmgr is developed in almost pure python, with the front-end of Python-based Django, and the backend is a libvirt-based Python interface that visualizes the daily KVM management operations.

Webvirtmgr Features:
Easy to operate and easy to use
KVM Management via Libvirt API interface
Provides virtual machine life cycle management
Webvirtmgr function

Host management supports the following features
CPU utilization
Memory utilization
Network resource pool Management
Storage resource Pool Management
Virtual Machine Mirroring
Virtual machine cloning
Snapshot management
Log Management
Virtual Machine Migration

Virtual machine Management supports the following features
CPU utilization
Memory utilization
Disc Management
On/off/pause virtual machines
Installing virtual machines
VNC Console Connection
Create a Snapshot

The following is a detailed record of this environment deployment process, hoping to help friends who are useful.

Here I deployed the Webvirtmgr server and the KVM server on the same machine, the standalone deployment
System: Centos 6.8
Memory: 63G
Cpu:32 Nuclear
ip:192.168.1.17 (intranet), 116.15.186.17 (External network)

First, to install the KVM virtualization environment, refer to the following blog for installation:

Http://www.cnblogs.com/kevingrace/p/5737487.html

Second, KVM management tools Webvirtmgr installation and use

1 Installing the Supported software sources
[[email protected] ops] #yum-y install http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

2 Installing related software
[[email protected] ops] #yum-y install git python-pip libvirt-python libxml2-python python-websockify Supervisor Nginx

3 Download related webvirtmgr codes from Git-hub
[[email protected] OPS] #cd/usr/local/src/
[[email protected] src] #git clone git://github.com/retspen/webvirtmgr.git

4 Installing Webvirtmgr
[[email protected] src] #cd webvirtmgr/
[[email protected] webvirtmgr] #pip install-r requirements.txt

5 Installing the Database
[[email protected] webvirtmgr] #yum install Python-sqlite2

6 environment configuration for Django
[[email protected] webvirtmgr] #pwd
/usr/local /src/webvirtmgr
[[email protected] webvirtmgr]# ./manage.py syncdb
----------------------------------------------------- ------------------------- 
note here The above command is executed with the default python. General error, as follows:
importerror:no module named Django.core.management

This is generally due to the Python version, since the system comes with several versions of Python
[email protected] webvirtmgr]# python #按Tab键自查找
Python python2.6
python2 python2.6-config python-config
[Email protected] webvirtmgr]# python-v
Python 2.6.6

As you can see, the default Python version of the system is 2.6.6
Indicates that the above command is python2.6 executed by default

now that you use python2.6 to perform the above command error, swap with the other version Python2 execute
[Email protected] webvirtmgr]#/usr/bin/python2 manage.py syncdb #最终发现使用python2执行这个命令就不报错了
............
............
You just installed Django's auth system, which means you don ' t has any superusers defined.
Would to create one now? (yes/no):Yes
Username (leave blank to use ' root '):Admin
Email address: [Email protected]
password:*********
Password (again):* ********
--------------------- --------------------- --------------------- --------------------- 
[Email protected] Webvirtmgr]#/usr/bin/python2 manage.py collectstatic#生成配置文件 (also performed using the Python2 version, do not use the default Python execution)
WARNING:root:No local_settings file found.

You have requested to collect static files at the destination
Location as specified in your settings.

This would overwrite existing files!
Is you sure your want to does this?

Type ' yes ' to continue, or ' No ' to cancel: Yes
..........
..........

[Email protected] webvirtmgr]#/usr/bin/python2 manage.py createsuperuser #添加管理员账号 (also performed using the Python2 version, Do not use the default Python execution)
WARNING:root:No local_settings file found.
Username: ops #这个是管理员账号, you can login with Admin and admin account above WEBV Irtmgr Web interface Management platform
Email address: [Email protected]
Password:
Password (again):
Superuser created successfully.

7 Copy Web to related directory
[[email protected] OPS] #mkdir-pv/var/www
[[email protected] OPS] #cp-rv/usr/local/src/webvirtmgr/var/www/webvirtmgr

8 Setting up SSH
[[email protected] OPS] #ssh-keygen-r RSA #产生公私钥
[[email protected] ops] #ssh-copy-id 192.168.1.17 #由于这里webvirtmgr和kvm服务部署在同一台机器, so here is local trust. If the KVM is deployed on another machine, then this is its IP
[[email protected] ops] #ssh 192.168.1.17-l localhost:8000:localhost:8000-l localhost:6080:localhost:60

9 Editing Nginx configuration files
Make sure the "include/etc/nginx/conf.d/*.conf" is open in the/etc/nginx/nginx.conf file in advance.

[[email protected] ops] #vim/etc/nginx/conf.d/webvirtmgr.conf #添加下面内容到文件中
Server {
Listen default_ Server

server_name $hostname;
#access_log/var/log/nginx/webvirtmgr_access_log;

location/static/{
root/var/www/webvirtmgr/webvirtmgr; # or/srv instead Of/var
expires Max;
}

Location/{
Proxy_pass http://127.0.0.1:8000;
Proxy_set_header x-real-ip $remote _addr;
proxy_set_ Header x-forwarded-for $proxy _add_x_forwarded_for;
Proxy_set_header Host $host: $server _port;
Proxy_set_header X-forwarded-proto $remote _addr;
Proxy_connect_timeout 600;
Proxy_read_timeout 600;
Proxy_send_timeout 600;
Client_max_body_size 1024M; # Set higher depending on your needs
}
}


[[email protected] ops] #mv/etc/nginx/conf.d/default.conf/etc/nginx/conf.d/default.conf.bak

10 Start Nginx
[Email protected] Ops]#/etc/init.d/nginx restart

11 Modifying firewall rules
[[Email protected] ~] #vim/etc/sysconfig/selinux
......
Selinux=disabled

[[Email protected] ~] #setenforce 0
Setenforce:selinux is disabled
[[Email protected] ~] #getenforce
Disabled

[[email protected] Ops]#/usr/sbin/setsebool Httpd_can_network_connect True

12 Setting Supervisor
[[email protected] OPS] #chown-R nginx:nginx/var/www/webvirtmgr

[[email protected] ops] #vim/etc/supervisord.conf #在文件末尾添加, notice that the default Python is changed to Python2 because it is only executed with this version to not error!
[program:webvirtmgr]
command=/usr/bin/python2/var/www/webvirtmgr/manage.py run_gunicorn-c/var/www/ webvirtmgr/conf/gunicorn.conf.py
Directory=/var/www/webvirtmgr
autostart=true
Autorestart=true
Logfile=/var/log/supervisor/webvirtmgr.log
Log_stderr=true
User=nginx

[Program:webvirtmgr-console]
Command=/usr/bin/python2/var/www/webvirtmgr/console/webvirtmgr-console
Directory=/var/www/webvirtmgr
Autostart=true
autorestart=true
stdout_logfile=/var/log/supervisor/ Webvirtmgr-console.log
Redirect_stderr=true
User=nginx


[[email protected] ops] #vim/var/ www/webvirtmgr/conf/gunicorn.conf.py #确保下面bind绑定的是本机的8000端口, this is defined in the Nginx configuration, the proxied port
bind = ' 127.0.0.1:8000 '

13 set boot start
[[email protected] ops] #chkconfig supervisord on
[[ Email protected] ops] #vim/etc/rc.local
/usr/sbin/setsebool httpd_can_network_connect true

14 START process
[Email protected] Ops]#/etc/init.d/supervisord restart

15 Viewing processes
[[email protected] OPS] #netstat-LNPT can see that 6080 and 8000 have started
[Email protected] ops]# lsof-i:6080
COMMAND PID USER FD TYPE DEVICE size/off NODE NAME
Python2 53476 nginx 3u IPv4 364124 0t0 TCP *:6080 (LISTEN)
[[email protected] OPS] #lsof-i:8000

Web Access
http://116.15.186.17/login/

Select "SSH link", set LABEL,IP, user

Note: Label and IP are the same

After opening, there is an error! It seems that the configuration link using SSH connection is wrong!

Resolution:

1) Create Nginx user home directory on webvirtmgr server (service side) (where KVM and webvirtmgr are deployed on the same machine) (default Nginx service is installed without Nginx home directory), generate Nginx public key
[Email protected] ops]# cd/home/
[Email protected] home]# mkdir Nginx
[Email protected] home]# chown Nginx.nginx nginx/
[Email protected] home]# chmod nginx/-R
[Email protected] home]# su-nginx-s/bin/bash
-bash-4.1$ Ssh-keygen #期间输入yes后直接回车, enter
-bash-4.1$ Touch ~/.ssh/config && echo-e "Stricthostkeychecking=no\nuserknownhostsfile=/dev/null" >> ~/ . ssh/config
-bash-4.1$ chmod 0600 ~/.ssh/config

2) Configure the user on the KVM (client side) server (where KVM and webvirtmgr are deployed on the same machine), where the root user is used by default
--------------------------------------------------------------------------------------------------------------- ------
If you are using another user, such as Webvirtmgr, do the following:
[[email protected] OPS] #useradd webvirtmgr
[[email protected] ops] #echo "123456" | passwd--stdin Webvirtmgr
[[email protected] OPS] #groupadd Libvirt
[[email protected] OPS] #usermod-G libvirt-a webvirtmgr
--------------------------------------------------------------------------------------------------------------- ------

3) on the Webvirtmgr server (service side) (where KVM and webvirtmgr are deployed on the same machine), the Nginx user's Ssh-key is uploaded to the KVM server (where KVM and webvirtmgr are deployed on the same machine)
[Email protected] ops]# su-nginx-s/bin/bash
-bash-4.1$ Ssh-copy-id [email protected]
warning:permanently added ' 192.168.1.17 ' (RSA) to the list of known hosts.
[email protected] ' s password: #输入192.168.1.17 is the root account of the machine
Now try logging to the machine, with "ssh" [email protected] ' ", and check in:

. Ssh/authorized_keys

To make sure we haven ' t added extra keys so you weren ' t expecting.
--------------------------------------------------------------------------------------------------------------- ------
Here is the root user, if the use of other users, such as the above hypothetical webvirtmgr user, the operation is as follows:
[[email protected] ops] #su-nginx-s/bin/bash
-bash-4.1$ssh-copy-id [email protected]
--------------------------------------------------------------------------------------------------------------- ------

4) Configure Libvirt SSH authorization on the KVM (client side) server (where KVM and webvirtmgr are deployed on the same machine)
[Email protected] ops]# Vim/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
[Remote libvirt SSH Access]
Identity=unix-user:root #注意这里采用的是root用户
Action=org.libvirt.unix.manage
Resultany=yes
Resultinactive=yes
Resultactive=yes

[Email protected] ops]# chown-r Root.root/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
----------------------------------------------------------------------------------------------------------- ----------
here is the root user, if the use of other users, such as the above hypothetical webvirtmgr user, the operation is as follows:
[[email protected] ops] #vim/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
[Remote libvirt SSH Access]
identity=unix-user:webvirtmgr #这里就设定webvirtmgr用户
Action=org.libvirt.unix.manage
Resultany=yes
Resultinactive=yes
Resultactive=yes

[[email protected] OPS] #chown-R webvirtmgr.webvirtmgr/etc/polkit-1/localauthority/50-local.d/50- Libvirt-remote-access.pkla
--------------------------------------------------------------------------------------------------------------- ------

5) Restart LIBVIRTD service
/ETC/INIT.D/LIBVIRTD restart

This is the problem of the above error is still solved!

The previous error connection, reconnect on OK, there will be no error on the above ~

However, a new error has occurred:

Resolution:

[Email protected] home]# su-nginx-s/bin/bash
-bash-4.1$ CD. SSH
-bash-4.1$ Cat config #将下面两行注释掉! This file can not be set in the above installation process!
#StrictHostKeyChecking =no
#UserKnownHostsFile =/dev/null

-bash-4.1$ ssh [email protected]
The authenticity of host ' 192.168.1.17 (192.168.1.17) ' can ' t be established.
RSA key fingerprint is 3D:C1:2E:70:E9:E5:1D:84:40:A2:63:82:AF:E5:CC:CD.
Is you sure want to continue connecting (yes/no)? Yes
warning:permanently added ' 192.168.1.17 ' (RSA) to the list of known hosts.
Last Login:thu 4 18:56:30 from OpenStack

Look at Nginx again. There's a knows file under SSH.
-bash-4.1$ LL
Total 16
-RW-------1 nginx 4 18:58 config
-RW-------1 nginx 1675 4 18:15 Id_rsa
-rw-r--r--1 Nginx 397 4 18:15 id_rsa.pub
-rw-r--r--1 nginx 394 4 18:58 known_hosts

[Original]KVM Virtualization Management platform Deployment-full record