Author: Jin
Date: 20130627
Title: 安装配置convirture
参考: http://www.convirture.com/wiki/index.php?title=C2_fedora_installation。
一、准备工作
1、安装系统
CentOS release 6.3 (Final)
2.6.32-279.22.1.el6.x86_64 #1 SMP Wed Feb 6 03:10:46 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
2、安装KVM虚拟化软件和相关套件
yum -y install qemu-kvm qemu-kvm-tools
yum -y install libvirt libvirt-client libvirt-python virt-manager
3、安装socat
#cd /etc/yum.repos.d && wget --no-cache http://www.convirture.com/repos/definitions/rhel/6.x/convirt.repo
# yum makecache
# yum -y install socat
4、安装mysql
1)、配置mysql
#vim /etc/my.cnf
#under [mysqld] section. Please add the following two lines
innodb_buffer_pool_size=1G
innodb_additional_mem_pool_size=20M
2)、Restart mysqld
#/etc/init.d/mysqld restart
5、准备convirture安装包
如果需要设置代理才能访问外网
export http_proxy="http://company-proxy-server:80"
Download the packages from the Convirture website
# mkdir -p convirture && cd convirture wget --no-cache http://www.convirture.com/downloads/convirt/2.1.1/convirt-install-2.1.1.tar.gz
wget --no-cache http://www.convirture.com/downloads/convirt/2.1.1/convirt-2.1.1.tar.gz
wget --no-cache http://www.convirture.com/downloads/convirture-tools/2.1.1/convirture-tools-2.1.1.tar.gz
二、Installing and setting up ConVirt Management Server (CMS)
1、解包安装环境
# tar -zxf convirt-install-2.1.1.tar.gz && convirt-install/install/cms/scripts/install_dependencies
安装有报错
You could try using --skip-broken to work around the problem
解决办法
yum clean all
rpm --rebuilddb
yum update
或者换一个yum源
删掉原来的需要的包,重新安装
说明:
会安装很多包 #安装后会启动mysql做一些数据库设置Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
You already have a root password set, so you can safely answer 'n'.
Change the root password? [Y/n] n
#没有修改root密码
2、Untar the CMS tarball
source convirt-install/install/cms/scripts/install_config
tar -xzf ./convirt-2.1.1.tar.gz -C $CONVIRT_BASE
echo $CONVIRT_BASE
安装到其他位置
By default the CMS will get installed in the home directory like ~/convirt.
If you wish it to be at any other location, please update CONVIRT_BASE varialbe in install/cms/scripts/install_config file.
默认的情况下CMS安装在家目录下~/convirt,如果想安装到其他位置,需要修改install/cms/scripts/install_config中的CONVIRT_BASE
3、Setup TurboGears
./convirt-install/install/cms/scripts/setup_tg2
安装目录/src/convirt/web/convirt/development.ini
# vim ~/convirt/src/convirt/web/convirt/development.ini
sqlalchemy.url=mysql://root:convirt@localhost:3306/convirt?charset=utf8
#sqlalchemy.url=mysql://账号:密码@localhost:3306/库?charset=utf8
and then execute :
./convirt-install/install/cms/scripts/setup_convirt
NOTE You would be prompted for password/passphrase for SSH identity for CMS server. You will be required to enter the password/passphrase every time you start the ConVirt Management Server (CMS). You can choose to leave it blank.注意你会被提示输入密码/密码为SSH服务器身份的CMS。你会被要求输入 密码/密码每次你启动ConVirt管理服务器(CMS)。你可以选择让它空白. . 在setup_convirt过程中,会配置SSH密钥。正常配置即可,输入的密码在启动服务时需要输入。
ConVirt Setup Done...
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /var/lib/convirt/identity/cms_id_rsa.
Your public key has been saved in /var/lib/convirt/identity/cms_id_rsa.pub.
The key fingerprint is:
d6:1d:4f:a2:01:5d:54:76:57:2d:b1:b2:fe:cc:2b:4d [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
| .. oo.+.*|
| .. ..oo|
| . + o. |
| . + B |
| S o o . |
| . . E |
| .o |
| .+. |
| .=. |
+-----------------+
ConVirt Management Server (CMS) setup complete.
To start CMS, give the following commands.
cd /root/convirt
./convirt-ctl start
By default the CMS listens on 8081 port. So make sure that your firewall
allows TCP 8081 port
Typically this can be achieved by using the following command as root user
iptables -I INPUT -p tcp --dport 8081 -j ACCEPT
Once done, you should be able to access ConVirt application using
http://control.skylog.com:8081/
三、Validating the CMS Setup
1、key
前面创建的key拷贝过来,或者重新创建一个key
cp /var/lib/convirt/identity/cms_id_rsa* /root/.ssh/
chmod 600 /root/.ssh/cms_id_rsa
chmod 644 /root/.ssh/cms_id_rsa.pub
或ssh-keygen 重新创建
如果都没则提示
/root/.ssh/cms_id_rsa does not exist. Setting it to /root/.ssh/id_rsa.
/root/.ssh/id_rsa not found, Key based Authentication will not be used.
2、Start ConVirt Management Server
cd ~/convirt
./convirt-ctl start
PID file is /var/run/convirt/paster.pid
Trying to source /root/convirt/tg2env/bin/activate
virtualenv set to /root/convirt/tg2env
Log file: /var/log/convirt/paster.log
Using /root/.ssh/cms_id_rsa
Agent pid 29425
Enter passphrase for /root/.ssh/cms_id_rsa: #输入设置的2次密码
Identity added: /root/.ssh/cms_id_rsa (/root/.ssh/cms_id_rsa)
ssh key added to agent.
Starting ConVirt using virtualenv : /root/convirt/tg2env
Default character encoding is utf-8
Entering daemon mode
Server running in PID 29435
ConVirt Started.
3、添加iptables规则
iptables -I INPUT -p tcp --dport 8081 -j ACCEPT
4、访问测试
http://172.16.9.66:8081/
账号密码均为admin
四、准备要被管理的服务器
Preparing_Managed_Servers
http://www.convirture.com/wiki/index.php?title=Convirt2_Installation#Preparing_Managed_Servers
首先,每台被管理的服务器上,要安装Xen (3.0.4及其以上版本) 或KVM (KVM-70及其以上版本)。
其次,每台被管理的服务器上安装convirt-tool。
第三,每台被管理服务器与CMS机器之间必须能够以root用户使用密钥进行无密码登陆。
1、安装被管理机软件
1)安装KVM虚拟化软件和相关套件
yum -y install qemu-kvm qemu-kvm-tools
yum -y install libvirt libvirt-client libvirt-python virt-manager
2)安装convirt-tool
mkdir -p convirture && cd convirture && wget --no-cache http://www.convirture.com/downloads/convirture-tools/2.1.1/convirture-tools-2.1.1.tar.gz
tar -zxf convirture-tools-2.1.1.tar.gz && cd convirture-tools/install/managed_server/scripts/
./convirt-tool install_dependencies
./convirt-tool setup
这个脚本还有其他功能,可以# convirt-tool -h查看
setup过程
# brctl show
bridge name bridge id STP enabled interfaces
br1 8000.180373af9be4 no em1
br1p1 8000.00151719b950 no p1p1
br1p2 8000.00151719b951 no p1p2
将三张网卡都bridge
防火墙增加
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:8002:8012
For the KVM platform, the command creates appropriate public bridges, required scripts and writes a summary of its operations to the /var/cache/convirt/server_info file.
将信息写入 /var/cache/convirt/server_info
# cat /var/cache/convirt/server_info
DISTRO="RedHat"
CODE_NAME="Final"
VER="6.4"
KERNEL="2.6.32-358.6.1.el6.x86_64"
ARCH="x86_64"
V_PLATFORM="KVM"
V_PLATFORM_VER="qemu-kvm-0.12.1.2"
DEFAULT_BRIDGE="br1p1"
2、CMS拷贝公钥到要管理的机器
ssh-copy-id [email protected]
key不是的名字,需要-i指定
[root@control ~]# ssh-copy-id -i /root/.ssh/cms_id_rsa.pub [email protected]
The authenticity of host '192.168.1.120 (192.168.1.120)' can't be established.
RSA key fingerprint is 13:6b:f4:c0:9a:a7:42:6b:c4:79:1c:64:28:7e:88:c3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.120' (RSA) to the list of known hosts.
[email protected]'s password:
Now try logging into the machine, with "ssh '[email protected]'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@control ~]# ssh -i /root/.ssh/cms_id_rsa [email protected]
Enter passphrase for key '/root/.ssh/cms_id_rsa':
Last login: Thu Jun 27 11:36:25 2013 from 172.16.9.251
五、管理
1、Adding new Managed Server
http://www.convirture.com/wiki/index.php?title=C2_doc_add_server
2、Creating Virtual Machine
http://www.convirture.com/wiki/index.php?title=C2_doc_create_vm
3、Storage Management
http://www.convirture.com/wiki/index.php?title=C2_doc_storage
4、Network Management
http://www.convirture.com/wiki/index.php?title=C2_doc_network