在服务器上部署kvm虚拟化,虚出多台VM出来,以应对新的测试需求。
当KVM宿主机越来越多,需要对宿主机的状态进行调控,决定采用WebVirtMgr作为kvm虚拟化的web管理工具,图形化的WEB,让人能更方便的查看kvm 宿主机的情况和操作
WebVirtMgr是近两年来发展较快,比较活跃,非常清新的一个KVM管理平台,提供对宿主机和虚机的统一管理,它有别于kvm自带的图形管理工具(virtual machine manager),让kvm管理变得更为可视化,对中小型kvm应用场景带来了更多方便。
WebVirtMgr采用几乎纯Python开发,其前端是基于Python的Django,后端是基于Libvirt的Python接口,将日常kvm的管理操作变的更加的可视化。
WebVirtMgr特点
操作简单,易于使用
通过libvirt的API接口对kvm进行管理
提供对虚拟机生命周期管理
WebVirtMgr 功能
宿主机管理支持以下功能
CPU利用率
内存利用率
网络资源池管理
存储资源池管理
虚拟机镜像
虚拟机克隆
快照管理
日志管理
虚机迁移
虚拟机管理支持以下功能
CPU利用率
内存利用率
光盘管理
关/开/暂停虚拟机
安装虚拟机
VNC console连接
创建快照
下面对部署过程进行记录,希望能帮助到有用到的朋友们。
这里我将webvirtmgr服务器和kvm服务器放在同一台机器上部署的,即单机部署
系统:Centos 7.2
内存:64G
CPU:32核
ip:192.168.56.50(内网),192.168.0.29(外网)
一、基础环境
#close firewalld and NetworkManager
[root@linux-node1 ~]# systemctl disable firewalld
[root@linux-node1 ~]# systemctl disable NetworkManager #关闭SELinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
1.1、开启blos 开启vt,检查
1)查看是否支持虚拟机
说明1:半虚拟化是不能运行与安装KVM虚拟机的。
[root@ops ~]#egrep '(vmx|svm)' --color=always /proc/cpuinfo
1.2、系统版本
[root@webvirtmgr-node1 ~]# cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core) [root@webvirtmgr-node1 ~]# uname -r
3.10.0-327.el7.x86_64
1.3、安装epel源
#备份源
yum install wget -y
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum -y install epel-release
yum clean all
yum makecache
#install software
yum install net-tools vim lrzsz -y
1.4、安装kvm软件
yum install qemu-kvm libvirt libvirt-python libguestfs-tools virt-install virt-manager python-virtinst libvirt-client virt-viewer -y
1.5、本机网络
[root@webvirtmg ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:68:4b:e3 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.50/24 brd 192.168.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe68:4be3/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:68:4b:ed brd ff:ff:ff:ff:ff:ff
inet 192.168.56.50/24 brd 192.168.56.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe68:4bed/64 scope link
valid_lft forever preferred_lft forever
1.6、配置桥接网络,(备注:br0绑定eth1)
[root@webvirtmg ~]# cd /etc/sysconfig/network-scripts/ [root@webvirtmg network-scripts]# cat ifcfg-eth1
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=eth1
DEVICE=eth1
ONBOOT=yes
IPADDR=192.168.56.50
PREFIX=24
GATEWAY=192.168.56.2
DNS1=192.168.56.2
BRIDGE=br0
NM_CONTROLLED=no [root@webvirtmg network-scripts]# cat ifcfg-br0
TYPE=Bridge
DEVICE=br0
NM_CONTROLLED=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=eth1
ONBOOT=yes
IPADDR=192.168.56.50
PREFIX=24
GATEWAY=192.168.56.2
DNS1=192.168.56.2
#重启网络服务
systemctl restart network
1.7、启动libvirt
[root@webvirtmgr-node1 ~]# systemctl restart libvirtd
[root@webvirtmgr-node1 ~]# systemctl status libvirtd
1.8、测试
[root@webvirtmgr-node1 ~]# virsh -c qemu:///system list
Id Name State
---------------------------------------------------- [root@webvirtmgr-node1 ~]# virsh --version
3.9.0
[root@webvirtmgr-node1 ~]# virt-install --version
1.4.3
[root@webvirtmgr-node1 ~]# ln -s /usr/libexec/qemu-kvm /usr/bin/qemu-kvm
[root@webvirtmgr-node1 ~]# lsmod |grep kvm
kvm_intel 162153 0
kvm 525259 1 kvm_intel
1.9、查看网桥
[root@webvirtmg ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000c29684bed no eth1
virbr0 8000.000000000000 yes
二、部署webvirtmgr
参考官网:https://github.com/retspen/webvirtmgr/wiki/Install-WebVirtMgr
1.1、安装依赖包
yum install git python-pip libvirt-python libxml2-python python-websockify supervisor nginx -y
1.2、从git-hub中下载相关的webvirtmgr代码
[root@openstack ops]# cd /usr/local/src/
[root@openstack src]# git clone git://github.com/retspen/webvirtmgr.git (下载地址:https://pan.baidu.com/s/1pLS3kCj 获取密码:8efm)
1.3、安装webvirtmgr
[root@openstack src]# cd webvirtmgr/
[root@openstack webvirtmgr]# pip install -r requirements.txt
1.4、检查sqlite3 (备注:自带不需要安装,导入模块检查一下。)
[root@webvirtmg webvirtmgr]# python
Python 2.7.5 (default, Nov 20 2015, 02:00:19)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import sqlite3
>>> exit()
1.5、初始化账号
[root@webvirtmg webvirtmgr]# pwd
/usr/local/src/webvirtmgr
[root@webvirtmg webvirtmgr]# ./manage.py syncdb
WARNING:root:No local_settings file found.
Creating tables ...
Creating table auth_permission
Creating table auth_group_permissions
Creating table auth_group
Creating table auth_user_groups
Creating table auth_user_user_permissions
Creating table auth_user
Creating table django_content_type
Creating table django_session
Creating table django_site
Creating table servers_compute
Creating table instance_instance
Creating table create_flavor You just installed Django's auth system, which means you don't have any superusers defined.
Would you like to create one now? (yes/no): yes
Username (leave blank to use 'root'): admin
Email address: 1034611705@qq.com
Password:
Password (again):
Superuser created successfully.
Installing custom SQL ...
Installing indexes ...
Installed 6 object(s) from 1 fixture(s)
1.6、拷贝web到 相关目录
[root@openstack ops]# mkdir -pv /var/www
[root@openstack ops]# cp -Rv /usr/local/src/webvirtmgr /var/www/webvirtmgr
1.7、设置ssh
[root@openstack ops]# ssh-keygen -t rsa //产生公私钥
[root@openstack ops]# ssh-copy-id 192.168.1.17 //由于这里webvirtmgr和kvm服务部署在同一台机器,所以这里本地信任。如果kvm部署在其他机器,那么这个是它的ip
[root@openstack ops]# ssh 192.168.1.17 -L localhost:8000:localhost:8000 -L localhost:6080:localhost:60
1.8、编辑nginx配置文件
#添加这行代码: include /etc/nginx/conf.d/*.conf;
[root@webvirtmg ~]# cd /etc/nginx/
[root@webvirtmg nginx]# mv nginx.conf /tmp
[root@webvirtmg nginx]#cp nginx.conf.default nginx.conf #编辑配置文件
[root@webvirtmg nginx]#vi nginx.conf [root@webvirtmg nginx]# cat nginx.conf #user nobody;
worker_processes 1; #error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info; #pid logs/nginx.pid; events {
worker_connections 1024;
} http {
include mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf; #log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on;
#tcp_nopush on; #keepalive_timeout 0;
keepalive_timeout 65; #gzip on; server {
listen 80;
server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / {
root html;
index index.html index.htm;
} #error_page 404 /404.html; # redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
} # proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#} # deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
} # another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias; # location / {
# root html;
# index index.html index.htm;
# }
#} # HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost; # ssl_certificate cert.pem;
# ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on; # location / {
# root html;
# index index.html index.htm;
# }
#} }
#添加 /etc/nginx/conf.d/webvirtmgr.conf 配置文件
[root@webvirtmg nginx]# vim /etc/nginx/conf.d/webvirtmgr.conf
server {
listen 80 default_server; server_name $hostname;
#access_log /var/log/nginx/webvirtmgr_access_log; location /static/ {
root /var/www/webvirtmgr/webvirtmgr; # or /srv instead of /var
expires max;
} location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $remote_addr;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
client_max_body_size 1024M; # Set higher depending on your needs
}
}
#重启nginx服务
systemctl restart nginx
1.9、修改防火墙规则
#修改防火墙规则
[root@ops ~]# vim /etc/sysconfig/selinux
......
SELINUX=disabled #临时生效
[root@ops ~]# setenforce 0
setenforce: SELinux is disabled #查看状态
[root@ops ~]# getenforce
Disabled #直接执行这行
/usr/sbin/setsebool httpd_can_network_connect true
2.0、授权
chown -R nginx:nginx /var/www/webvirtmgr
2.1、设置 supervisor (如果iptables防火墙开启的话,就必须要开通80、8000、6080端口访问)
[root@test]# vim /etc/supervisord.conf //在文件末尾添加,注意将默认的python改为python2,因为上面只有用这个版本执行才不报错!
[program:webvirtmgr]
command=/usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py //启动8000端口
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
logfile=/var/log/supervisor/webvirtmgr.log
log_stderr=true
user=nginx [program:webvirtmgr-console]
command=/usr/bin/python2 /var/www/webvirtmgr/console/webvirtmgr-console //启动6080端口(这是控制台vnc端口)
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
stdout_logfile=/var/log/supervisor/webvirtmgr-console.log
redirect_stderr=true
user=nginx
#检查
#检查
[root@test]#vim /var/www/webvirtmgr/conf/gunicorn.conf.py //确保下面bind绑定的是本机的8000端口,这个在nginx配置中定义了,被代理的端口
bind = '127.0.0.1:8000' #设置开机启动
[root@webvirtmg nginx]# systemctl enable supervisord.service #设置开机加载
[root@webvirtmg nginx]#vim /etc/rc.local /usr/sbin/setsebool httpd_can_network_connect true #重启服务
[root@webvirtmg nginx]# systemctl restart supervisord
[root@webvirtmg nginx]# systemctl status supervisord
● supervisord.service - Process Monitoring and Control Daemon
Loaded: loaded (/usr/lib/systemd/system/supervisord.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2018-06-28 09:37:15 CST; 6s ago
Process: 19369 ExecStart=/usr/bin/supervisord -c /etc/supervisord.conf (code=exited, status=0/SUCCESS)
Main PID: 19372 (supervisord)
CGroup: /system.slice/supervisord.service
├─19372 /usr/bin/python /usr/bin/supervisord -c /etc/supervisord.conf
├─19373 /usr/bin/python2 /var/www/webvirtmgr/console/webvirtmgr-console
├─19374 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19380 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19381 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19382 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19383 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19384 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19385 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19386 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19387 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19388 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19389 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19390 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19391 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19392 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19393 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19394 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19395 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
└─19396 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py... Jun 28 09:37:15 webvirtmg.com systemd[1]: Starting Process Monitoring and Control Daemon...
Jun 28 09:37:15 webvirtmg.com systemd[1]: Started Process Monitoring and Control Daemon.
2.2、查看端口 备注:6080和8000已经启动
#查看端口 备注:6080和8000已经启动
[root@webvirtmg nginx]# netstat -lnpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 19287/nginx: master
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 7498/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1631/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1828/master
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 18977/sshd: root@pt
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 18977/sshd: root@pt
tcp 0 0 127.0.0.1:8000 0.0.0.0:* LISTEN 19374/python2
tcp 0 0 0.0.0.0:6080 0.0.0.0:* LISTEN 19373/python2
tcp6 0 0 :::22 :::* LISTEN 1631/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1828/master
tcp6 0 0 ::1:6010 :::* LISTEN 18977/sshd: root@pt
tcp6 0 0 ::1:6011 :::* LISTEN 18977/sshd: root@pt
2.3、访问地址:http://192.168.56.50/login/
账号信息:
username: admin
passwd:************
2.4、登录后会报错
解决措施:
1)在webvirtmgr服务器(服务端)上(这里kvm和WebVirtMgr部署在同一台机器上)创建nginx用户家目录(默认nginx服务安装时是没有nginx家目录的),生成nginx的公私钥
[root@test]# cd /home/
[root@test home]# mkdir nginx
[root@test home]# chown nginx.nginx nginx/
[root@test home]# chmod 700 nginx/ -R
[root@test home]# su - nginx -s /bin/bash
-bash-4.1$ ssh-keygen #期间输入yes后直接回车,回车
-bash-4.1$ touch ~/.ssh/config && echo -e "StrictHostKeyChecking=no\nUserKnownHostsFile=/dev/null" >> ~/.ssh/config
-bash-4.1$ chmod 0600 ~/.ssh/config
#在webvirtmgr服务器(服务端)上(这里kvm和WebVirtMgr部署在同一台机器上),将nginx用户的ssh-key上传到kvm服务器上(这里kvm和WebVirtMgr部署在同一台机器上)
[root@openstack ops]# su - nginx -s /bin/bash
-bash-4.1$ ssh-copy-id root@192.168.0.50
Warning: Permanently added '192.168.0.50' (RSA) to the list of known hosts.
root@192.168.0.50's password: #输入192.168.0.50即本机的root账号
Now try logging into the machine, with "ssh 'root@192.168.0.50'", and check in:
.ssh/authorized_keys
#在kvm(客服端)服务器上(这里kvm和WebVirtMgr部署在同一台机器上)配置 libvirt ssh授权
[root@test]# vim /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
[Remote libvirt SSH access]
Identity=unix-user:root #注意这里采用的是root用户
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes [root@test]# chown -R root.root /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
#重启服务
systemctl restart nginx
systemctl restart libvirtd
#其它参考:
http://www.cnblogs.com/kevingrace/p/5737724.html
https://www.jianshu.com/p/160272d81ac3
三、WebVirtMgr的日常配置
参考:https://yq.aliyun.com/articles/46358
3.1、上传Centos6.8的镜像到这个目录中
[root@webvirtmg images]# cd /var/lib/libvirt/images [root@webvirtmg images]# ll
total 6162064
-rw-------. 1 qemu qemu 21478375424 Jun 28 11:13 Centos6.8.img
-rw-r--r--. 1 qemu qemu 3916431360 Jun 28 11:01 CentOS-6.8-x86_64-bin-DVD1.iso
3.2、配置完成
