规划部署
系统 Centos6.4x64 + Hypervisor KVM + CloudStack 4.2.1
管理服务器 (mangermant mysql)
eth0网卡:192.168.0.21(模拟公网ip)
eth1网卡:172.16.0.21 (模拟内网ip)
计算节点服务器 ( KVM 宿主机)
eth0网卡: 192.168.0.41
eth1网卡:172.16.0.41
二级存储服务器 ( NFS 二级存储)
eth0网卡:192.168.0.22
eth1网卡:172.16.0.22
物理网络1:
管理网络M 流量标签:manage
存储网络S 流量标签:manage
物理网络2:
公用网络P 流量标签:public
来宾网络G 流量标签:public
即:双网卡 ( kvm 网桥配置)
开始安装;
一、管理服务器配置;
1、关闭selinux
[root@manage ~]# vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
[root@manage ~]# setenforce permissive
(修改 selinux 即可生效)
2、修改host文件
[root@manage ~]# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.0.21 manage.cloud.com
3、修改network
[root@manage ~]# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=manage.cloud.com
4、重启系统测试;
[root@manage ~]# hostname --fqdn
5、暂时关闭防火墙
[root@manage ~]# service iptables stop
6、安装ntp 同步时间
[root@manage ~]# yum install ntpd -y
[root@manage ~]# /etc/init.d/ntpd start
[root@manage ~]# chkconfig ntpd on
校验时间;
7、配置网络
[root@manage ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.0.21
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
DNS1=8.8.8.8
DNS2=222.88.88.88
[root@manage ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=172.16.0.21
NETMASK=255.255.255.0
重启网络;
[root@manage ~]# service network restart
8、配置cloudstack yum 源;
(我这边配置的是官方源 可以根据自己情况配置本地源)
[root@manage ~]# vi /etc/yum.repos.d/cloudstack.repo
[cloudstack]
name=cloudstack
baseurl=http://cloudstack.apt-get.eu/rhel/4.2/
enabled=1
gpgcheck=0
[root@manage ~]# yum clean all
[root@manage ~]# yum makecache
9、YUM安装cloudstack-management
(这个步骤安装可能会耗些时间/yum会自动安装完成)
[root@manage ~]# yum install cloudstack-management -y
[root@manage ~]# yum install mysql-server -y
安装完成需要修改mysql的配置文件my.cnf
[root@manage ~]# cat /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
innodb_rollback_on_timeout=1
innodb_lock_wait_timeout=600
max_connections=350
log-bin=mysql-bin
binlog-format='ROW'
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
启动MySQL的
[root@manage ~]# /etc/init.d/mysqld start
10、创建mysql root用户密码;
[root@manage ~]# mysqladmin -uroot -p password 'mysql'
11、初始化 cloudsatck 数据库;
cloudstack-setup-databases cloud:cloud@localhost --deploy-as=root:mysql -i 172.16.0.21
(cloudstack-setup-databases cloud:cloud@localhost --deploy-as=root:password -i 内网IP地址)
cloud:cloud 是为cloudstack创建的数据库的用户名和密码
root:password 是数据库的root用户名和密码
12、自动配置 cloudstack 程序;
[root@manage ~]# cloudstack-setup-management
[root@manage ~]# /etc/init.d/cloudstack-management restart
自此管理服务器节点都安装完毕;
二、二级存储服务器配置;
1、关闭selinux
[root@nfs ~]# sed -i's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
2、修改host文件
[root@nfs ~]# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.0.22 nfs.cloud.com
172.16.0.21 manage.cloud.com
3、修改 /etc/sysconfig/network
[root@nfs ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=nfs.cloud.com
4、重启服务器验证hostname
[root@nfs ~]# hostname --fqdn
nfs.cloud.com
5、临时关闭 iptables ;
6、安装 ntpd 时间校验
[root@manage ~]# yum install ntpd -y
[root@manage ~]# /etc/init.d/ntpd start
[root@manage ~]# chkconfig ntpd on
7、配置网络;[root@nfs ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:0C:29:5E:87:08
TYPE=Ethernet
UUID=7fc789e1-d5a2-4d74-a73d-f9e09c614862
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.0.22
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
DNS1=222.88.88.88
DNS2=8.8.8.8
[root@nfs ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
HWADDR=00:0C:29:5E:87:12
TYPE=Ethernet
UUID=fd8e6e1e-bc2f-4a00-8d0d-2fd6a704ed32
ONBOOT=yes
NM_CONTROLLED=yes
IPADDR=172.16.0.22
NETMASK=255.255.255.0
7、安装 NFS 服务;
[root@nfs ~]# yum install nfs-utils -y
[root@nfs ~]# /etc/init.d/rpcbind start
[root@nfs ~]# /etc/init.d/nfs start
8、创建存储目录;
[root@nfs ~]# mkdir /data
[root@nfs ~]# mkdir /data/secondary
9、设置存储路径访问权限;
[root@nfs ~]# vi /etc/exports
/data/secondary *(rw,async,no_root_squash,no_subtree_check)
10、配置NFS实用端口;
[root@nfs ~]# cat /etc/sysconfig/nfs
RQUOTAD_PORT=875
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
STATD_PORT=662
STATD_OUTGOING_PORT=2020
11、配置iptables 安全策略;
[root@nfs ~]# cat /etc/sysconfig/iptables
-A INPUT -s
-A INPUT -s
-A INPUT -s
-A INPUT -s
-A INPUT -s
-A INPUT -s
-A INPUT -s
-A INPUT -s
-A INPUT -s
-A INPUT -s
-A INPUT -s
-A INPUT -s
-A INPUT -s
-A INPUT -s
启动iptables;
[root@nfs ~]# service iptables start
12、重启启动NFS服务;
[root@nfs ~]# /etc/init.d/rpcbind restart
[root@nfs ~]# chkconfig rpcbind on
[root@nfs ~]# /etc/init.d/nfs restart
[root@nfs ~]# chkconfig nfs on
13、验证NFS存储路径;
[root@nfs ~]# showmount -e
三、上传系统虚拟机模板;
1、再次登录管理服务器上;
[root@manage ~]# mount -t nfs 172.16.0.22:/data/secondary /mnt/secondary/
2、查看确保挂载上了
[root@manage ~]# mount -a
3、上传支持 KVM 的系统虚拟机模板;
[root@manage ~]# /usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt -m /mnt/secondary/ -f /root/systemvm64template-2014-01-14-master-kvm.qcow2.bz2 -h kvm -s -F
我是把系统虚拟机模板下载本地再进行上传导入的;
( /usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt–m /mnt/secondary/ -u http://download.cloud.com/templates/acton/acton-systemvm-02062012.qcow2.bz2 -hkvm -s -F )网络路径;
4、上传成功之后重启cloudstack-management
[root@manage ~]# service cloudstack-management restart
四、配置计算节点服务器
注意:首先需要先确定主机开启cpu对虚拟化的支持;
[root@kvm3 ~]# egrep '(svm|vmx)' /proc/cpuinfo
如果有flags内容输出,则证明支持虚拟化,如果没有内容输出,那么这个cpu不支持虚拟化或者是在bios中没有开启虚拟化,需要打开继续配置。
1、关闭selinux
[root@kvm3 ~]# sed -i's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
2、修改host文件
[root@kvm3 ~]# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.0.22 nfs.cloud.com
172.16.0.41 kvm3.cloud.com
3、修改 /etc/sysconfig/network
[root@nfs ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=kvm3.cloud.com
4、重启服务器验证hostname
[root@nfs ~]# hostname --fqdn
kvm3.cloud.com
5、临时关闭 iptables ;
6、安装 ntpd 时间校验
[root@manage ~]# yum install ntpd -y
[root@manage ~]# /etc/init.d/ntpd start
[root@manage ~]# chkconfig ntpd on
[root@manage ~]# date 时间校验
7、配置网络
[root@kvm3 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:E0:66:82:51:6E
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.0.41
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
DNS1=8.8.8.8
DNS2=222.88.88.88
BRIDGE=public
(上面已配置了网桥标签)
[root@kvm3 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=none
IPADDR=172.16.0.41
NETMASK=255.255.255.0
BRIDGE=manage
(已配置了网桥标签)
8、配置cloudstack yum 源;
(我这边配置的是官方源 可以根据自己情况配置本地源)
[root@kvm3 ~]# vi /etc/yum.repos.d/cloudstack.repo
[cloudstack]
name=cloudstack
baseurl=http://cloudstack.apt-get.eu/rhel/4.2/
enabled=1
gpgcheck=0
9、yum 安装 cloudstack-agent ;
[root@kvm3 ~]# yum install cloudstack-agent -y
10、检验KVM 是否正确安装;
[root@kvm3 ~]# lsmod | grep kvm
11、配置 libvirt;
[root@kvm3 ~]# cat /etc/libvirt/libvirtd.conf | grep -v "#" | grep -v "^$"
listen_tls=0
listen_tcp=1
tcp_port="16509"
mdns_adv = 1
auth_tcp="none"
( 取消上面注释 并修改参数 )
可以用命令来修改:
sed -i 's/#listen_tls =0/listen_tls = 0/g' /etc/libvirt/libvirtd.conf
sed -i 's/#listen_tcp =1/listen_tcp = 1/g' /etc/libvirt/libvirtd.conf
sed -i 's/#tcp_port ="16509"/tcp_port = "16509"/g' /etc/libvirt/libvirtd.conf
sed -i 's/#auth_tcp ="sasl"/auth_tcp = "none"/g' /etc/libvirt/libvirtd.conf
sed -i 's/#mdns_adv = 1/mdns_adv =0/g' /etc/libvirt/libvirtd.conf
[root@kvm3 ~]# cat /etc/libvirt/qemu.conf
vnc_listen="0.0.0.0"
(取消该行注释;)
[root@kvm3 ~]# cat /etc/sysconfig/libvirtd
LIBVIRTD_ARGS="--listen"
(取消该行注释;)
12、启动libvirt 程序;
[root@kvm3 ~]# service libvirtd satrt
[root@kvm3 ~]# chkconfig libvirtd on
[root@kvm3 ~]# service libvirtd resatrt
13、配置KVM高级网络主机网桥;
[root@kvm3 ~]# cat /etc/sysconfig/network-scripts/ifcfg-public
DEVICE=public
IPADDR=192.168.0.41
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
BOOTPROTO=none
ONBOOT=yes
TYPE=Bridge
(公用网络 上面eth0已注明)
[root@kvm3 ~]# cat /etc/sysconfig/network-scripts/ifcfg-manage
DEVICE=manage
TYPE=Bridge
ONBOOT=yes
BOOTPROTO=none
IPADDR=172.16.0.41
NETMASK=255.255.255.0
(来宾网络标签 上面eth1已注明)
14、重启网络 是网卡配置生效;
[root@kvm3 ~]# service network restart
15、添加防火墙规则;
22 (SSH)
1798 (etp)
16509 (libvirt)
5900 - 6100 (VNC consoles)
49152 - 49216 (libvirt livemigration)
[root@kvm3 ~]# iptables -I INPUT -p tcp -m tcp--dport 22 -j ACCEPT
[root@kvm3 ~]# iptables -I INPUT -p tcp -m tcp--dport 1798 -j ACCEPT
[root@kvm3 ~]# iptables -I INPUT -p tcp -m tcp--dport 16509 -j ACCEPT
[root@kvm3 ~]# iptables -I INPUT -p tcp -m tcp--dport 5900:6100 -j ACCEPT
[root@kvm3 ~]# iptables -I INPUT -p tcp -m tcp--dport 49152:49216 -j ACCEPT
[root@kvm3 ~]# service iptables save
[root@kvm3 ~]# serviceiptables start
[root@kvm3 ~]# serviceiptables restart
16、重启cloudstack-agnet 服务;
[root@kvm3 ~]# /etc/init.d/cloudstack-agent resatrt
六、UI测试访问cloudstack
http://ip:8080/client/
默认账户密码: admin/passwprd
(可以选择我以前使用过cloudstack,跳过指南 查看界面信息)
七、应用之高级网络配置
【高级网络配置:http://51log.blog.51cto.com/6076767/1598180 】