KVM网页管理工具WebVirtMgr部署
KVM-WebVirtMgr
0ther
https://github.com/retspen/webvirtmgr/wiki
System Optimization(Only CentOS6.X)
Run
# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
# LANG=en
# for root in `chkconfig --list|grep 3:on|awk '{print $1}'`;do chkconfig --level 3 $root off;done
# for root in crond network rsyslog sshd;do chkconfig --level 3 $root on;done
# chkconfig --list|grep 3:on
Install WebVirtMgr
1. Installation
CentOS/RHEL 6.x
Run:
# yum -y install epel-release
# yum -y install vim wget ftp git python-pip libvirt-python libxml2-python python-websockify supervisor nginx
CentOS 7.x
Run:
# yum -y install epel-release
# yum -y install vim wget ftp git python-pip libvirt-python libxml2-python python-websockify supervisor nginx
# yum -y install gcc python-devel
# pip install numpy
2. Install python requirements and setup Django environment
Run:
# git clone git://github.com/retspen/webvirtmgr.git
# cd webvirtmgr
# pip install -r requirements.txt
# ./manage.py syncdb //Configuration database
# ./manage.py collectstatic //Add Database administrator for webvirtmagr, no System administrator!
Enter the user information:
You just installed Django's auth system, which means you don't have any superusers defined.
Would you like to create one now? (yes/no): yes (Put: yes)
Username (Leave blank to use 'admin'): admin (Put: your username or login)
E-mail address: username@domain.local (Put: your email)
Password: xxxxxx (Put: your password)
Password (again): xxxxxx (Put: confirm password)
Superuser created successfully.
Adding additional superusers
Run:
# ./manage.py createsuperuser //Create an Account, Account Login and Password Information
3. Setup Nginx
Warning: Usually WebVirtMgr is only available from localhost on port 8000. This step will make WebVirtMgr available to everybody on port 80. The webinterface is also unprotected (no https), which means that everybody in between you and the server (people on the same wifi, your local router, your provider, the servers provider, backbones etc.) can see your login credentials in clear text!
Instead you can also skip this step completely + uninstall nginx. By simply redirecting port 8000 to your local machine via SSH. This is much safer because WebVirtMgr is not available to the public any more and you can only access it over an encrypted connection.
Example:
# ssh user@server:port -L localhost:8000:localhost:8000 -L localhost:6080:localhost:6080
You should be able to access WebVirtMgr by typing localhost:8000 in your browser after completing the install. Port 6080 is forwarded to make noVNC work.
If you really know what you are doing, feel free to ignore the warning and continue setting up the redirect with nginx:
# cd .. && mkdir -p /data/www
# mv webvirtmgr /data/www/
Add file webvirtmgr.conf in /etc/nginx/conf.d
server {
listen 80 default_server;
server_name $hostname;
access_log off;
location /static/ {
root /data/www/webvirtmgr;
expires max;
}
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
client_max_body_size 1024M; # Set higher depending on your needs
}
}
Delete default.conf
# cd /etc/nginx/conf.d && rm -rf default.conf
Open nginx.conf out of /etc/nginx/nginx.conf (in Ubuntu 14.04 LTS the configuration is in /etc/nginx/sites-enabled/default):
# vim /etc/nginx/nginx.conf
Comment the Server Section as it is shown in the example:
# server {
# listen 80 default_server;
# server_name localhost;
# root /usr/share/nginx/html;
#
# #charset koi8-r;
#
# #access_log /var/log/nginx/host.access.log main;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
#
# # redirect server error pages to the static page /40x.html
# #
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# # redirect server error pages to the static page /50x.html
# #
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
Restart nginx service:
# service nginx restart && chkconfig nginx on
Update SELinux policy
# setsebool httpd_can_network_connect true
make it permanet service:
# chkconfig supervisord on
4. Setup Supervisor
CentOS, RedHat, Fedora
Run:
# chown -R nginx:nginx /data/html/webvirtmgr
Open supervisord.conf in /etc/supervisord.conf with following content:
[program:webvirtmgr]
command=/usr/bin/python /data/www/webvirtmgr/manage.py run_gunicorn -c /data/www/webvirtmgr/conf/gunicorn.conf.py
directory=/data/www/webvirtmgr
autostart=true
autorestart=true
logfile=/var/log/supervisor/webvirtmgr.log
log_stderr=true
user=nginx
[program:webvirtmgr-console]
command=/usr/bin/python /data/www/webvirtmgr/console/webvirtmgr-console
directory=/data/www/webvirtmgr
autostart=true
autorestart=true
stdout_logfile=/var/log/supervisor/webvirtmgr-console.log
redirect_stderr=true
user=nginx
Restart supervisor daemon
# service supervisord restart && chkconfig supervisord on
WebVirtMgr :Make it permanet service
# vim /etc/rc.d/rc.local
...
nohup ./data/www/webvirtmgr/manage.py runserver 0.0.0.0:8000 &
...
Reboot System
Setup SSH Authorization
For new versions of webvirtmgr
- Create SSH private key and ssh config options (On system where WebVirtMgr is installed):
# cd /var/cahce/nginx/ &&
# mkdir .ssh
# chown -Rf nginx:nginx .ssh
# chmod -Rf 700 .ssh
# su - nginx -s /bin/bash
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (path-to-id-rsa-in-nginx-home): Just hit Enter here!
$ touch ~/.ssh/config && echo -e "StrictHostKeyChecking=no\nUserKnownHostsFile=/dev/null" >> ~/.ssh/config
$ chmod -Rf 0600 ~/.ssh/config
- Copy public key to qemu-kvm/libvirt host server:
# su - nginx -s /bin/bash
$ ssh-copy-id root@emu-kvm-libvirt-host
if you changed the default SSH port use:
$ ssh-copy-id -P YOUR_SSH_PORT root@qemu-kvm-libvirt-host
Now you can test the connection by entering:
$ ssh root@qemu-kvm-libvirt-host
Setup TCP Authorization
Setup Host Server
Supported Linux distributions
CentOS 6.3, RedHat 6.3 and above
Fedora 18 and above
Debian Testing, Ubuntu 12.04 and above
Setup libvirt and KVM
# curl http://retspen.github.io/libvirt-bootstrap.sh | sudo sh
or if haven't curl
# wget -O - http://retspen.github.io/libvirt-bootstrap.sh | sudo sh
Configuring the firewall
CentOS 6, Fedora 18, RedHat EL6
Open access to libvirt port
# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 16509 -j ACCEPT
CentOS 7, Fedora 19+, RedHat EL7 (and other distributions utilizing firewalld)
Find your firewalld zones:
# firewall-cmd --get-active-zones
The zone for the interface which connects the libvirt host and the webvirtmgr host is in the public zone by default, so the command is:
# firewall-cmd --zone=public --add-port 16509/tcp --permanent
# firewall-cmd --reload
Otherwise substitute --zone=public in the above for the correct zone.
Adding users and setting their passwords is done with the saslpasswd2 command. When running this command it is important to tell it that the appname is libvirt. As an example, to add a user admin, run
# saslpasswd2 -a libvirt admin
Password: xxxxxx
Again (for verification): xxxxxx
To see a list of all accounts the sasldblistusers2 command can be used. This command expects to be given the path to the libvirt user database, which is kept in /etc/libvirt/passwd.db
# sasldblistusers2 -f /etc/libvirt/passwd.db
admin@webvirtmgr.net: userPassword
To disable a user's access, use the command saslpasswd2 with the -d
# saslpasswd2 -a libvirt -d admin
Verify settings
Before you add the ip address of your server in the control center perform the following test
# virsh -c qemu+tcp://IP_address/system nodeinfo
Please enter your authentication name: admin
Please enter your password: xxxxxx
CPU model: x86_64
CPU(s): 2
CPU frequency: 2611 MHz
CPU socket(s): 1
Core(s) per socket: 2
Thread(s) per core: 1
NUMA cell(s): 1
Memory size: 2019260 kB
If you have same error:
# virsh -c qemu+tcp://IP_address/system nodeinfo
Please enter your authentication name: admin
Please enter your password:
error: authentication failed: authentication failed
error: failed to connect to the hypervisor
Try input login with domain (hostname):
# sasldblistusers2 -f /etc/libvirt/passwd.db
admin@webvirtmgr.net: userPassword
KVM网页管理工具WebVirtMgr部署的更多相关文章
- kvm虚拟化管理平台WebVirtMgr部署-完整记录(1)
公司机房有一台2U的服务器(64G内存,32核),由于近期新增业务比较多,测试机也要新增,服务器资源十分有限.所以打算在这台2U服务器上部署kvm虚拟化,虚出多台VM出来,以应对新的测试需求.当KVM ...
- KVM虚拟化管理平台WebVirtMgr部署及使用
KVM虚拟化管理平台WebVirtMgr部署及使用 需求: 公司机房有一台2U的服务器(64G内存,32核),由于近期新增业务比较多,测试机也要新增,服务器资源十分有限.所以打算在这台2U服务器上 ...
- kvm虚拟化管理平台WebVirtMgr部署-完整记录(3)
继下面三篇文章完成了kvm虚拟化管理平台webvirtmgr环境的部署安装:kvm虚拟化管理平台WebVirtMgr部署-虚拟化环境安装-完整记录(0)kvm虚拟化管理平台WebVirtMgr部署-完 ...
- kvm虚拟化管理平台WebVirtMgr部署-完整记录(2)
继上一篇kvm虚拟化管理平台WebVirtMgr部署-完整记录(1),接下来说说WebVirtMgr的日常配置:添加宿主机,创建虚机,磁盘扩容,快照等具体操作记录如下: 一.配置宿主机1.登录WebV ...
- KVM web管理工具——WebVirtMgr(一)
WebVirtMgr 介绍 WebVirtMgr采用几乎纯Python开发,其前端是基于Python的Django,后端是基于Libvirt的Python接口,将日常kvm的管理操作变的更加的 ...
- 快速搭建 kvm web 管理工具 WebVirtMgr
作者:SRE运维博客 博客地址: https://www.cnsre.cn/ 文章地址:https://www.cnsre.cn/posts/211117937177/ 相关话题:https://ww ...
- centos7.2 kvm虚拟化管理平台WebVirtMgr部署
在服务器上部署kvm虚拟化,虚出多台VM出来,以应对新的测试需求.当KVM宿主机越来越多,需要对宿主机的状态进行调控,决定采用WebVirtMgr作为kvm虚拟化的web管理工具,图形化的WEB,让人 ...
- KVM web管理工具——WebVirtMgr
系统环境: [root@kvm-admin ~]# cat /etc/redhat-release CentOS Linux release (Core) 关闭防火墙.selinux [root@kv ...
- kvm虚拟化管理平台WebVirtMgr部署-完整记录(安装Windows虚拟机)-(4)
一.背景说明 在之前的篇章中,提到在webvirtmgr里安装linux系统的vm,下面说下安装windows系统虚拟机的操作记录: 由于KVM管理虚拟机的硬盘和网卡需要virtio驱动,linux ...
随机推荐
- NYOJ--32--SEARCH--组合数
按照思路写:深搜,r控制位数,位数为0输出否则递归 /* Name: NYOJ--32--搜索--组合数 Date: 14/04/17 16:48 Description: 深度优先搜索 */ #in ...
- akoj-1162-计算表达式
计算表达式 Time Limit:1000MS Memory Limit:65536K Total Submit:14 Accepted:7 Description 对于一个不存在括号的表达式进行计 ...
- C++ 开发OCX 的方法和注意事项
C++ 开发OCX 的方法和注意事项 前言 ActiveX控件是一种实现了一系列特定接口而使其在使用和外观上更象一个控件的COM组件.ActiveX控件这种技术涉及到了几乎所有的COM和OLE的技术精 ...
- shell编程之数组
bash 编程只支持一维数组,不支持多维,类似c语言,数组下标从0开始,下标可以是整数,也可以是表达式 数组的定义 在shell中用括号来表示数组,中间用空格来隔开 主要有两种种定义形式: arr=( ...
- 如何验证所做的AIX系统备份是否可用
--如何验证所做的AIX系统备份是否可用 ----------------------------------2013/11/15 系统备份(mksysb)的介质可以是磁带,也可以是CD和DVD.想要 ...
- JS中的变量和输入输出
一.使用JS的三种方式 1.在HTML标签中,直接内嵌JS(并不提倡使用) <button onclick="alert('点你咋地')">点我</button& ...
- 浅谈C#中的斐波拉契数列
突然对那些有趣的数学类知识感兴趣了,然后就简单研究了一下斐波拉契数列,看看它的有趣之处! 斐波拉契数列(Fibonacci Sequence),又称黄金分割数列,该数列由意大利的数学家列奥纳多·斐波那 ...
- [js高手之路] 跟GhostWu一起封装一个字符串工具库-架构篇(1)
所谓字符串工具库就是利用javascript面向对象的知识封装一个常用的字符串处理方法库,首先给这个库起个名字,好吧就叫ghostwu.js. 看下ghostwu.js的整体架构: ; (functi ...
- Web存储—简易注册登录
Web Storage是HTML5引入的一个非常重要的功能,可以在客户端本地存储数据,类似HTML4的cookie,但可实现功能要比cookie强大的多,cookie大小被限制在4KB,cookie只 ...
- js的点表示法和方括号表示法
最近发现了一个很好玩的js特性,就是任何可以用点表示法的语句,都可以同样用方括号表示法表示出来,就例如一下语句,三句都是可以实现的: document.body.innerHTML="tes ...