From ec985cce17fa6ea79342ffddeea14f55bdd52f99 Mon Sep 17 00:00:00 2001 From: spaceman1984 Date: Mon, 7 Jun 2021 11:16:43 +0200 Subject: [PATCH 01/21] Cleanup --- source/adminguide/accounts.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/adminguide/accounts.rst b/source/adminguide/accounts.rst index a83bcd105d..cd6edc5360 100644 --- a/source/adminguide/accounts.rst +++ b/source/adminguide/accounts.rst @@ -337,7 +337,7 @@ the user are used. #. CloudStack searches for it in LDAP by the configured ``ldap.username.attribute``. - #. If an LDAP user is found is found, CloudStack does a bind + #. If an LDAP user is found, CloudStack does a bind request with the returned principal for that LDAP user and the entered password. @@ -345,7 +345,7 @@ the user are used. authenticated user exists in the domain it is trying to log on to. - #. If the user exists in CloudStack, it is ensured to be enabled + #. If the user exists in CloudStack, it is ensured to be enabled. #. If it doesn't exist it is created in a new account with the username as names for both account and user. From d940bc5ed0be6b78791ede22b1c75184d46d5a7f Mon Sep 17 00:00:00 2001 From: spaceman1984 Date: Mon, 28 Jun 2021 09:41:47 +0200 Subject: [PATCH 02/21] Updated networking and added config drive --- source/adminguide/api.rst | 93 ++++++++++++++++++- .../networking/advanced_zone_config.rst | 23 +++-- 2 files changed, 104 insertions(+), 12 deletions(-) diff --git a/source/adminguide/api.rst b/source/adminguide/api.rst index 75df8a1f82..3fe5b34589 100644 --- a/source/adminguide/api.rst +++ b/source/adminguide/api.rst @@ -43,8 +43,8 @@ possible as well. For example, see Using an LDAP Server for User Authentication. -User Data and Meta Data ------------------------ +User Data and Meta Data via Virtual Router +------------------------------------------ CloudStack provides API access to attach up to 32KB of user data to a deployed VM. Deployed VMs also have access to instance metadata via the @@ -87,4 +87,93 @@ is also supported.) For metadata type, use one of the following: - instance-id. The instance name of the VM +User Data and Meta Data via Config Drive +---------------------------------------- +The user-data service on a Shared or L2 Network can be provided through the +Virtual Router or through an attached iso called the Config drive. + +Config drive is an ISO file that is mounted as a cd-rom on a user VM and +contains the user VM related userdata, metadata (incl. ssh-keys) and +password files. + +Enable config drive +~~~~~~~~~~~~~~~~~~~ +To use the config drive the network offering must have the “ConfigDrive” +provider selected for the userdata service. + +If the networkoffering uses ConfigDrive for userdata and the template is +password enabled, the password string for the VM is placed in password.txt file +and it is included in the ISO. + +ConfigDrive availability +~~~~~~~~~~~~~~~~~~~~~~~~ +At VM start the config drive ISO is attached on the 2nd cd/dvd drive of the +user instance, such that any other ISO image (e.g. boot image or vmware tools) +is mounted on 1st cd/dvd drive. This means existing functionality of +supporting 1 cd rom drive is still available. + +At Password reset or update of user data, Secondary Storage VM will rebuild the +ConfigDrive ISO image. That is the existing ISO is mounted on a temporary directory, +password, userdata or ssh-keys are updated and a new ISO is built from the +updated directory structure. + +In case of a password reset, the new password will be picked-up at VM start. +To access the updated userdata, the user needs to remount the config drive ISO. + +When a VM is stopped, the ConfigDrive network element will trigger the +Secondary Storage VM to remove the ISO from the secondary storage. + +Since the ISO is available on secondary storage, there is no need for an extra +implementation in case of migration. + +Supporting ConfigDrive +~~~~~~~~~~~~~~~~~~~~~~ + +Extra data is added to the VM profile to enable the creation of the config drive: + +VMdata - a list of String arrays representing [“directory”, “filename”, “content”] on the ConfigDrive device. + +- /cloudstack + + - /metadata: + + - availability-zone.txt + + - instance-id.txt + + - service-offering.txt + + - cloud-identifier.txt + + - local-hostname.txt + + - vm-id.txt + + - public-keys.txt + + - /password + + - vm_password.txt + + - vm_password_md5checksum (for windows VM’s) + +- /openstack/version/: + + - user_data (=hardlink to /cloudstack/user_data/user_data.txt) + + - vendor_data.json + + - meta_data.json + + - Network_data.json + + - label, which is configurable in global settings: + + - name : vm.configdrive.label + + - default: config-2 + +For more detailed information about the Config Drive implementation refer to +the `Wiki Article +`_ \ No newline at end of file diff --git a/source/adminguide/networking/advanced_zone_config.rst b/source/adminguide/networking/advanced_zone_config.rst index 63027b370d..befc5331bb 100644 --- a/source/adminguide/networking/advanced_zone_config.rst +++ b/source/adminguide/networking/advanced_zone_config.rst @@ -29,33 +29,36 @@ Configure Guest Traffic in an Advanced Zone These steps assume you have already logged in to the CloudStack UI. To configure the base guest network: -#. In the left navigation, choose Infrastructure. On Zones, click View - More, then click the zone to which you want to add a network. +#. In the left navigation, choose Network. -#. Click the Network tab. - -#. Click Add guest network. +#. Click Add network. The Add guest network window is displayed: |addguestnetwork.png| -#. Provide the following information: +#. Provide the following information for creating an isolated network: - **Name**: The name of the network. This will be user-visible - - **Display Text**: The description of the network. This will be + - **Description**: The description of the network. This will be user-visible - **Zone**: The zone in which you are configuring the guest network. - **Network offering**: If the administrator has configured multiple network offerings, select the one you want to use for this network + + - **External Id**: ID of the network in an external system. - - **Guest Gateway**: The gateway that the guests should use + - **Gateway**: The gateway that the guests instances will use. - - **Guest Netmask**: The netmask in use on the subnet the guests - will use + - **Netmask**: The netmask in use on the subnet the guest instances + will use. + + - **Network Domain**: A custom DNS suffix at the level of a network. If you + want to assign a special domain name to the guest VM network, specify a + DNS suffix. #. Click OK. From 04a593bc46598bee56dafe50255751cf04e04419 Mon Sep 17 00:00:00 2001 From: spaceman1984 Date: Wed, 30 Jun 2021 20:21:56 +0200 Subject: [PATCH 03/21] Updated install guide --- source/quickinstallationguide/qig.rst | 168 ++++++++++++++++++-------- 1 file changed, 119 insertions(+), 49 deletions(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index c5ee82b76a..e815527f6b 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -53,8 +53,8 @@ To complete this guide you'll need the following items: #. At least one computer which supports and has enabled hardware virtualization. -#. An `CentOS 7.7 x86_64 install ISO, on bootable media - `_ +#. An `CentOS 7.9 minimal x86_64 install ISO, on bootable media + `_ #. A /24 network with the gateway being at xxx.xxx.xxx.1, no DHCP should be on this network and none of the computers running CloudStack will have a @@ -71,11 +71,11 @@ CloudStack. We will go over the steps to prepare now. Operating System ~~~~~~~~~~~~~~~~ -Using the CentOS 7.7 x86_64 install ISO, you'll need to install CentOS 7 -on your hardware. The defaults will generally be acceptable for this -installation. You may want to configure network configuration during -setup - either using the guidelines below, or using a standard access -configuration which we will modify later. +Using the CentOS 7.9.2009 minmal x86_64 install ISO, you'll need to install +CentOS 7 on your hardware. The defaults will generally be acceptable for this +installation. You may want to configure network configuration during setup - +either using the guidelines below, or using a standard access configuration +which we will modify later. Once this installation is complete, you'll want to gain access to your server - through SSH (if network is configured) or connected peripherals. @@ -153,10 +153,17 @@ Open the configuration file of your interface and configure it as follows: BRIDGE=cloudbr0 .. note:: - You should not use the Hardware Address (aka the MAC address, or UUID) from our - example for your configuration. It is network interface specific, so you + You should not use the Hardware Address (aka the MAC address, or UUID) from our + example for your configuration. It is network interface specific, so you should keep the address already provided in the UUID directive. +.. note:: + If your physical nic (eth0 in the case of our example) has already been + setup before following this guide, make sure that there is no duplication + between /etc/sysconfig/network-scripts/ifcfg-cloudbr0 and + /etc/sysconfig/network-scripts/ifcfg-eth0 which will cause a failure that + would prevent the network from starting. Basically the majority eth0 config + moves over to the bridge and eth0 will point to the bridge. Now that we have the configuration files properly set up, we need to run a few @@ -378,6 +385,7 @@ First, as CentOS 7 no longer provides the MySQL binaries, we need to add a MySQL that will provide MySQL Server (and the Python MySQL connector later) : .. parsed-literal:: + # yum -y install wget # wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm # rpm -ivh mysql-community-release-el7-5.noarch.rpm @@ -623,109 +631,171 @@ UI Access To get access to CloudStack's web interface, merely point your browser to http://172.16.10.2:8080/client The default username is 'admin', and the default password is 'password'. You should see a splash screen that allows you -to choose several options for setting up CloudStack. You should choose the -Continue with Basic Setup option. +to choose several options for setting up CloudStack. You should now see a prompt requiring you to change the password for the admin user. Please do so. Setting up a Zone -~~~~~~~~~~~~~~~~~ +----------------- + +Zone Type +~~~~~~~~~ -A zone is the largest organization entity in CloudStack - and we'll be -creating one, this should be the screen that you see in front of you now. And -for us there are 5 pieces of information that we need. +A zone is the largest organization entity in CloudStack - and we'll be +creating one, this should be the screen that you see in front of you now. +In previous versions of cloudstack there was the option to configure a zone +with a "Basic Network" model, this has been removed leaving only the "Advanced +Network" model. Here you can opt to use security groups for vm isolation or not. + +Click "Next" to continue on + +Zone Details +~~~~~~~~~~~~ +On this page we enter where our dns servers are located. +CloudStack distinguishes between internal and public DNS. Internal DNS is +assumed to be capable of resolving internal-only hostnames, such as your +NFS server’s DNS name. Public DNS is provided to the guest VMs to resolve +public IP addresses. You can enter the same DNS server for both types, but +if you do so, you must make sure that both internal and public IP addresses +can route to the DNS server. In our specific case we will not use any names +for resources internally, and we will indeed them set to look to the same +external resource so as to not add a namerserver setup to our list of +requirements. #. Name - we will set this to the ever-descriptive 'Zone1' for our cloud. -#. Public DNS 1 - we will set this to ``8.8.8.8`` for our cloud. +#. IPv4 DNS 1 - we will set this to ``8.8.8.8`` for our cloud. -#. Public DNS 2 - we will set this to ``8.8.4.4`` for our cloud. +#. IPV4 DNS 2 - we will set this to ``8.8.4.4`` for our cloud. #. Internal DNS1 - we will also set this to ``8.8.8.8`` for our cloud. -#. Internal DNS2 - we will also set this to ``8.8.4.4`` for our cloud. +#. Internal DNS2 - we will also set this to ``8.8.4.4`` for our cloud. -.. note:: - CloudStack distinguishes between internal and public DNS. Internal DNS is - assumed to be capable of resolving internal-only hostnames, such as your - NFS server’s DNS name. Public DNS is provided to the guest VMs to resolve - public IP addresses. You can enter the same DNS server for both types, but - if you do so, you must make sure that both internal and public IP addresses - can route to the DNS server. In our specific case we will not use any names - for resources internally, and we have indeed them set to look to the same - external resource so as to not add a namerserver setup to our list of - requirements. +#. Hypervisor - this will be the primary hypervisor used in this zone. In our + case, we will select KVM. + +Click "Next" to continue on + +Physical Network +~~~~~~~~~~~~~~~~ +There are various network isolation methods supported by Cloudstack. The +default VLAN option will be sufficient for our purposes. For improved +performance and/or security, Cloudstack allows different trafic types to run +over specifically dedicated network interface cards attached to the management +server. We will not be making any changes here, the default settings are fine +for a simple installation of Cloudstack. + +Click "Next" to continue on + +Public Traffic +~~~~~~~~~~~~~~ +Public traffic is generated when VMs in the cloud access the internet. +Publicly-accessible IPs must be allocated for this purpose. + +#. Gateway - We'll use ``172.16.10.1`` +#. Netmask - We'll use ``255.255.255.0`` + +#. VLAN/VNI - We'll use ``50`` + +#. Start IP - We'll use ``172.16.10.11`` + +#. End IP - We'll use ``172.16.10.20`` + +Click "Add" to add the range + +Click "Next" to continue on Pod Configuration ~~~~~~~~~~~~~~~~~ -Now that we've added a Zone, the next step that comes up is a prompt for -information regading a pod. Which is looking for several items. +Here we will configure a range for Cloudstack's internal management traffic. -#. Name - We'll use ``Pod1`` for our cloud. +#. Pod Name - We'll use ``Pod1`` for our cloud. -#. Gateway - We'll use ``172.16.10.1`` as our gateway +#. Reserved system gateway - We'll use ``172.16.10.1`` -#. Netmask - We'll use ``255.255.255.0`` +#. Reserved system netmask - We'll use ``255.255.255.0`` -#. Start/end reserved system IPs - we will use ``172.16.10.10-172.16.10.20`` +#. Start reserved system IPs - we will use ``172.16.10.21-172.16.10.30`` -#. Guest gateway - We'll use ``172.16.10.1`` +Click "Next" to continue on -#. Guest netmask - We'll use ``255.255.255.0`` +Guest Traffic +~~~~~~~~~~~~~ + +Next we will configure a range of VLAN IDs for our guest VMs. -#. Guest start/end IP - We'll use ``172.16.10.30-172.16.10.200`` +A range of ``100`` - ``200`` would suffice. +Click "Next" to continue on Cluster ~~~~~~~ -Now that we've added a Zone, we need only add a few more items for configuring -the cluster. +Multiple clusters can belong to a pod and multiple hosts can belong to a +cluster. We will have one cluster and we have to give our cluster a name. #. Name - We'll use ``Cluster1`` -#. Hypervisor - Choose ``KVM`` +Click "Next" to continue on -You should be prompted to add the first host to your cluster at this point. -Only a few bits of information are needed. +Host +~~~~ +This is where we specify the details of our hypervisor host. In our case, +we are running the management server on the same machine that we will be using +as a hypervisor. -#. Hostname - we'll use the IP address ``172.16.10.2`` since we didn't set up a - DNS server. +#. Hostname - we'll use the IP address ``172.16.10.2`` since we didn't set up a + DNS server for name resolution. #. Username - we'll use ``root`` #. Password - enter the operating system password for the root user +Click "Next" to continue on Primary Storage ^^^^^^^^^^^^^^^ With your cluster now setup - you should be prompted for primary storage -information. Choose NFS as the storage type and then enter the following -values in the fields: +information. Enter the following values in the fields: #. Name - We'll use ``Primary1`` +#. Scope - We'll use ``Cluster`` even though either is fine in this case. With + "Zone" scope, all hosts in all clusters would have access to this storage + pool. + +#. Protocol - We'll use ``NFS`` + #. Server - We'll be using the IP address ``172.16.10.2`` #. Path - Well define ``/export/primary`` as the path we are using +Click "Next" to continue on Secondary Storage ^^^^^^^^^^^^^^^^^ -If this is a new zone, you'll be prompted for secondary storage information - +If this is a new zone, you'll be prompted for secondary storage information - populate it as follows: +#. Provider - Choose ``NFS`` + +#. Name - We can call it ``Secondary1`` + #. NFS server - We'll use the IP address ``172.16.10.2`` #. Path - We'll use ``/export/secondary`` -Now, click Launch and your cloud should begin setup - it may take several -minutes depending on your internet connection speed for setup to finalize. +Click "Next" to continue on + +Now, click "Launch Zone" and your cloud should begin setup - it may take +several minutes depending on your internet connection speed for setup to +finalize. That's it, you are done with installation of your Apache CloudStack cloud. From 3b4b14d43c162b1ebcfe9947ba8f351efdd9d6dc Mon Sep 17 00:00:00 2001 From: spaceman1984 Date: Thu, 1 Jul 2021 09:49:19 +0200 Subject: [PATCH 04/21] fixed word order --- source/quickinstallationguide/qig.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index e815527f6b..f6ea907d4b 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -660,7 +660,7 @@ NFS server’s DNS name. Public DNS is provided to the guest VMs to resolve public IP addresses. You can enter the same DNS server for both types, but if you do so, you must make sure that both internal and public IP addresses can route to the DNS server. In our specific case we will not use any names -for resources internally, and we will indeed them set to look to the same +for resources internally, and we will indeed set them to look to the same external resource so as to not add a namerserver setup to our list of requirements. From 752548002c5358bfaa145030716a10ca7978d0ec Mon Sep 17 00:00:00 2001 From: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> Date: Mon, 5 Jul 2021 18:16:18 +0200 Subject: [PATCH 05/21] Update qig.rst --- source/quickinstallationguide/qig.rst | 75 ++++++++++++--------------- 1 file changed, 33 insertions(+), 42 deletions(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index f6ea907d4b..8988b8545c 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -30,6 +30,11 @@ goal for this runbook is to provide a straightforward set of instructions to get you up and running with CloudStack with a minimum amount of trouble. +.. warning:: + This guide is meant to be used to build CloudStack test/demo cloud only, + as certain choices have been made to get you up and running with minimal amount of time + + High level overview of the process ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -212,8 +217,13 @@ After you've modified that file, go ahead and restart the network using: # systemctl restart network -Now recheck with the hostname --fqdn command and ensure that it returns a FQDN -response +Now recheck with the + +.. parsed-literal:: + + # hostname --fqdn + +and ensure that it returns a FQDN response .. _conf-selinux: @@ -407,19 +417,6 @@ section: log-bin=mysql-bin binlog-format = 'ROW' -.. note:: - - For Ubuntu 16.04 and later, make sure you specify a ``server-id`` in your ``.cnf`` file for binary logging. Set the ``server-id`` according to your database setup. - -.. parsed-literal:: - - server-id=master-01 - innodb_rollback_on_timeout=1 - innodb_lock_wait_timeout=600 - max_connections=350 - log-bin=mysql-bin - binlog-format = 'ROW' - Now that MySQL is properly configured we can start it and configure it to start on boot as follows: @@ -508,12 +505,6 @@ CloudStack, but we will do that after we get our hypervisor set up. KVM Setup and Installation -------------------------- -KVM is the hypervisor we'll be using - we will recover the initial setup which -has already been done on the hypervisor host and cover installation of the -agent software, you can use the same steps to add additional KVM nodes to your -CloudStack environment. - - Prerequisites ~~~~~~~~~~~~~ @@ -619,12 +610,6 @@ to using the CloudStack UI for the actual configuration of our cloud. Configuration ------------- -As we noted before we will be using security groups to provide isolation and -by default that implies that we'll be using a flat layer-2 network. It also -means that the simplicity of our setup means that we can use the quick -installer. - - UI Access ~~~~~~~~~ @@ -633,10 +618,6 @@ http://172.16.10.2:8080/client The default username is 'admin', and the default password is 'password'. You should see a splash screen that allows you to choose several options for setting up CloudStack. -You should now see a prompt requiring you to change the password for the admin -user. Please do so. - - Setting up a Zone ----------------- @@ -645,12 +626,18 @@ Zone Type A zone is the largest organization entity in CloudStack - and we'll be creating one, this should be the screen that you see in front of you now. -In previous versions of cloudstack there was the option to configure a zone -with a "Basic Network" model, this has been removed leaving only the "Advanced -Network" model. Here you can opt to use security groups for vm isolation or not. -Click "Next" to continue on +.. warning:: + We will be configuring an Advanced Zone in a way that will allow us to access both + the "Management" network of the cloud as well as the "Public" network - we will do so + by using the same CIDR (but different IP ranges) for both "Management" (Pod) and the "Public" + networks - which is something your would NEVER do in a production - this is for strictly for + testing purposes only! + +Click "Continue with Installation" to continue - you will be offered to change your +root admin password - please do so, and click on OK. +A new Zone wizard will pop-up. Please chose Advanced (don't tick the "Security Groups") and click on Next. Zone Details ~~~~~~~~~~~~ On this page we enter where our dns servers are located. @@ -686,10 +673,11 @@ default VLAN option will be sufficient for our purposes. For improved performance and/or security, Cloudstack allows different trafic types to run over specifically dedicated network interface cards attached to the management server. We will not be making any changes here, the default settings are fine -for a simple installation of Cloudstack. +for this demo installation of Cloudstack. Click "Next" to continue on + Public Traffic ~~~~~~~~~~~~~~ Public traffic is generated when VMs in the cloud access the internet. @@ -716,11 +704,13 @@ Here we will configure a range for Cloudstack's internal management traffic. #. Pod Name - We'll use ``Pod1`` for our cloud. -#. Reserved system gateway - We'll use ``172.16.10.1`` +#. Reserved system gateway - we'll use ``172.16.10.1`` + +#. Reserved system netmask - we'll use ``255.255.255.0`` -#. Reserved system netmask - We'll use ``255.255.255.0`` +#. Start reserved system IPs - we will use ``172.16.10.21`` -#. Start reserved system IPs - we will use ``172.16.10.21-172.16.10.30`` +#. End Reserved system IP - we will use ``172.16.10.30`` Click "Next" to continue on @@ -795,7 +785,8 @@ populate it as follows: Click "Next" to continue on Now, click "Launch Zone" and your cloud should begin setup - it may take -several minutes depending on your internet connection speed for setup to -finalize. +several minutes for setup to finalize. + +When done, click on "Enable Zone" and your zone will be ready. -That's it, you are done with installation of your Apache CloudStack cloud. +That's it, you are done with installation of your Apache CloudStack demo cloud. From b88086532fd90b8c74bd710311614762f8fc7664 Mon Sep 17 00:00:00 2001 From: spaceman1984 Date: Tue, 6 Jul 2021 09:54:40 +0200 Subject: [PATCH 06/21] Removed incorrect vlan id --- source/quickinstallationguide/qig.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index f6ea907d4b..6fc88d0574 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -699,7 +699,7 @@ Publicly-accessible IPs must be allocated for this purpose. #. Netmask - We'll use ``255.255.255.0`` -#. VLAN/VNI - We'll use ``50`` +#. VLAN/VNI - We'll leave this one empty #. Start IP - We'll use ``172.16.10.11`` From 5ead105954a4ef2ebaf23200fd1104b9c47e9254 Mon Sep 17 00:00:00 2001 From: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> Date: Wed, 28 Jul 2021 21:31:20 +0200 Subject: [PATCH 07/21] Update qig.rst --- source/quickinstallationguide/qig.rst | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index 3495f25ef9..a3e551793e 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -176,13 +176,10 @@ commands to start up the network: .. parsed-literal:: + # systemctl disable NetworkManager; systemctl stop NetworkManager # systemctl enable network - - # systemctl restart network - -Note that if you were connected through SSH, you will be temporarily (~5 seconds depending on hardware) disconnected. If the disconnection lasts, there was an error in configuration. - - + # reboot + .. _conf-hostname: Hostname From 0af75f5e65a57b1450c53bb079acd2c885a312ad Mon Sep 17 00:00:00 2001 From: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> Date: Wed, 28 Jul 2021 21:37:21 +0200 Subject: [PATCH 08/21] Update qig.rst --- source/quickinstallationguide/qig.rst | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index a3e551793e..eae7e21cd2 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -337,7 +337,9 @@ appropriately on them with the following commands: CentOS 7.x releases use NFSv4 by default. NFSv4 requires that domain setting matches on all clients. In our case, the domain is cloud.priv, so ensure that the domain setting in /etc/idmapd.conf is uncommented and set as follows: -Domain = cloud.priv + +.. parsed-literal:: + Domain = cloud.priv Now you'll need to add the configuration values at the bottom in the file /etc/sysconfig/nfs (or merely uncomment and set them) From 36a2fac78b3476c258f042440444484bcd303412 Mon Sep 17 00:00:00 2001 From: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> Date: Thu, 5 Aug 2021 21:11:02 +0200 Subject: [PATCH 09/21] Update qig.rst --- source/quickinstallationguide/qig.rst | 2 -- 1 file changed, 2 deletions(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index eae7e21cd2..c8b8c2b7d0 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -474,8 +474,6 @@ up the management server by issuing the following command: # cloudstack-setup-management -If the servlet container is Tomcat7 the argument --tomcat7 must be used. - System Template Setup ~~~~~~~~~~~~~~~~~~~~~ From 1dae91c5d060fd0cf0cdf229355a87146fdfda80 Mon Sep 17 00:00:00 2001 From: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> Date: Thu, 5 Aug 2021 22:23:49 +0200 Subject: [PATCH 10/21] Update qig.rst --- source/quickinstallationguide/qig.rst | 72 ++++++++++++++++----------- 1 file changed, 42 insertions(+), 30 deletions(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index c8b8c2b7d0..e260f75a98 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -120,7 +120,10 @@ the bridge that Cloudstack will use for networking. Create and open a /24 network for your CloudStack implementation. This can be any RFC 1918 network. However, we are assuming that you will match the machine address that we are using. Thus we may use 172.16.10.2 and because you might be - using the 192.168.55.0/24 network you would use 192.168.55.2 + using the 192.168.55.0/24 network you would use 192.168.55.2. Another example + would be if you are using i.e. VirtualBox on your local home network on 192.168.1.0/24 network - + in this case you can use a single free IP address from your home range (VirtualBox NIC for this VM + should be in bridged mode for correct functioning) :: @@ -131,8 +134,8 @@ the bridge that Cloudstack will use for networking. Create and open IPV6INIT=no IPV6_AUTOCONF=no DELAY=5 - IPADDR=172.16.10.2 - GATEWAY=172.16.10.1 + IPADDR=172.16.10.2 #(or e.g. 192.168.1.2 + GATEWAY=172.16.10.1 #(or e.g. 192.168.1.1 - this would be your physical home router) NETMASK=255.255.255.0 DNS1=8.8.8.8 DNS2=8.8.4.4 @@ -200,7 +203,8 @@ At this point it will likely return: localhost To rectify this situation - we'll set the hostname by editing the /etc/hosts -file so that it follows a similar format to this example: +file so that it follows a similar format to this example (remember to replace +the IP with your IP which might be e.g. 192.168.1.2): .. parsed-literal:: @@ -480,11 +484,14 @@ System Template Setup CloudStack uses a number of system VMs to provide functionality for accessing the console of virtual machines, providing various networking services, and -managing various aspects of storage. This step will acquire those system -images ready for deployment when we bootstrap your cloud. +managing various aspects of storage. -Now we need to download the system VM template and deploy that to the share we -just mounted. The management server includes a script to properly manipulate +Now we need to download the systemVM template and deploy that to the secondary storage. +We will use the local path (/export/secondary) since we are already on the NFS server itself, +but otherwise you would need to mount your Secondary Storage to a temporary mount point, and use +that mount point instead of the /export/secondary path. + +The management server includes a script to properly manipulate the system VMs images. .. parsed-literal:: @@ -593,7 +600,8 @@ and should already be installed. KVM configuration complete ^^^^^^^^^^^^^^^^^^^^^^^^^^^ -For the sake of completeness you should check if KVM is running OK on your machine: +For the sake of completeness you should check if KVM is running OK on your machine (you should see kvm_intel or kvm_amd shown as loaded): + .. parsed-literal:: # lsmod | grep kvm @@ -611,9 +619,8 @@ UI Access ~~~~~~~~~ To get access to CloudStack's web interface, merely point your browser to -http://172.16.10.2:8080/client The default username is 'admin', and the -default password is 'password'. You should see a splash screen that allows you -to choose several options for setting up CloudStack. +the IP address of your machine e.g. http://172.16.10.2:8080/client +1he default username is 'admin', and the default password is 'password'. Setting up a Zone ----------------- @@ -622,7 +629,7 @@ Zone Type ~~~~~~~~~ A zone is the largest organization entity in CloudStack - and we'll be -creating one, this should be the screen that you see in front of you now. +creating one. .. warning:: We will be configuring an Advanced Zone in a way that will allow us to access both @@ -635,8 +642,10 @@ Click "Continue with Installation" to continue - you will be offered to change y root admin password - please do so, and click on OK. A new Zone wizard will pop-up. Please chose Advanced (don't tick the "Security Groups") and click on Next. + Zone Details ~~~~~~~~~~~~ + On this page we enter where our dns servers are located. CloudStack distinguishes between internal and public DNS. Internal DNS is assumed to be capable of resolving internal-only hostnames, such as your @@ -668,27 +677,28 @@ Physical Network There are various network isolation methods supported by Cloudstack. The default VLAN option will be sufficient for our purposes. For improved performance and/or security, Cloudstack allows different trafic types to run -over specifically dedicated network interface cards attached to the management -server. We will not be making any changes here, the default settings are fine +over specifically dedicated network interface cards attached to hypervisors. +We will not be making any changes here, the default settings are fine for this demo installation of Cloudstack. -Click "Next" to continue on +Click "Next" to continue. Public Traffic ~~~~~~~~~~~~~~ Public traffic is generated when VMs in the cloud access the internet. -Publicly-accessible IPs must be allocated for this purpose. +Publicly-accessible IPs must be allocated for this purpose in normal/public cloud installations, +but since we are deploying merely a demo/test env, we will use a PART of our local network (from .11 to .20 or other free range) -#. Gateway - We'll use ``172.16.10.1`` +#. Gateway - We'll use ``172.16.10.1`` #or whatever is your physical gateway e.g. 192.168.1.1 #. Netmask - We'll use ``255.255.255.0`` #. VLAN/VNI - We'll leave this one empty -#. Start IP - We'll use ``172.16.10.11`` +#. Start IP - We'll use ``172.16.10.11`` # or e.g. 192.168.1.11 -#. End IP - We'll use ``172.16.10.20`` +#. End IP - We'll use ``172.16.10.20`` # or e.g. 192.168.1.20 Click "Add" to add the range @@ -698,16 +708,18 @@ Pod Configuration ~~~~~~~~~~~~~~~~~ Here we will configure a range for Cloudstack's internal management traffic. +This will also be part of our local network (i.e. different part of your local home network, +from .21 to .30 - but within the same IP range - same gateway, same netmask) #. Pod Name - We'll use ``Pod1`` for our cloud. -#. Reserved system gateway - we'll use ``172.16.10.1`` +#. Reserved system gateway - we'll use ``172.16.10.1`` #or whatever is your physical gateway e.g. 192.168.1.1 #. Reserved system netmask - we'll use ``255.255.255.0`` -#. Start reserved system IPs - we will use ``172.16.10.21`` +#. Start reserved system IPs - we will use ``172.16.10.21`` # or e.g. 192.168.1.21 -#. End Reserved system IP - we will use ``172.16.10.30`` +#. End Reserved system IP - we will use ``172.16.10.30`` # or e.g. 192.168.1.30 Click "Next" to continue on @@ -726,9 +738,9 @@ Cluster Multiple clusters can belong to a pod and multiple hosts can belong to a cluster. We will have one cluster and we have to give our cluster a name. -#. Name - We'll use ``Cluster1`` +Enter ``Cluster1`` -Click "Next" to continue on +Click "Next" to continue Host ~~~~ @@ -737,13 +749,13 @@ we are running the management server on the same machine that we will be using as a hypervisor. #. Hostname - we'll use the IP address ``172.16.10.2`` since we didn't set up a - DNS server for name resolution. + DNS server for name resolution. (this is your local server, so swap with the correct IP) #. Username - we'll use ``root`` #. Password - enter the operating system password for the root user -Click "Next" to continue on +Click "Next" to continue Primary Storage ^^^^^^^^^^^^^^^ @@ -759,11 +771,11 @@ information. Enter the following values in the fields: #. Protocol - We'll use ``NFS`` -#. Server - We'll be using the IP address ``172.16.10.2`` +#. Server - We'll be using the IP address ``172.16.10.2`` (this is your local server, so swap with the correct IP) #. Path - Well define ``/export/primary`` as the path we are using -Click "Next" to continue on +Click "Next" to continue Secondary Storage ^^^^^^^^^^^^^^^^^ @@ -775,7 +787,7 @@ populate it as follows: #. Name - We can call it ``Secondary1`` -#. NFS server - We'll use the IP address ``172.16.10.2`` +#. NFS server - We'll use the IP address ``172.16.10.2`` (this is your local server, so swap with the correct IP) #. Path - We'll use ``/export/secondary`` From bb20c5d0aff1382dc9b7a37d6efa6642e2c27e97 Mon Sep 17 00:00:00 2001 From: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> Date: Thu, 5 Aug 2021 22:53:40 +0200 Subject: [PATCH 11/21] Update qig.rst --- source/quickinstallationguide/qig.rst | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index e260f75a98..14787e1ee1 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -83,10 +83,7 @@ either using the guidelines below, or using a standard access configuration which we will modify later. Once this installation is complete, you'll want to gain access to your -server - through SSH (if network is configured) or connected peripherals. -Note that you should not allow remote root logins in a production -environment, so be sure to turn off this feature once the installation -and configuration is complete. +server - through SSH. If your network interface was configured to grant the server internet access, it is always wise to update the system before starting: From a3748a9058ea3b6958a7fa2597b0e1532b8f48b0 Mon Sep 17 00:00:00 2001 From: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> Date: Thu, 5 Aug 2021 23:42:42 +0200 Subject: [PATCH 12/21] Update qig.rst --- source/quickinstallationguide/qig.rst | 40 +++++++++++++-------------- 1 file changed, 19 insertions(+), 21 deletions(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index 14787e1ee1..d3e7ea0ec3 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -32,7 +32,15 @@ get you up and running with CloudStack with a minimum amount of trouble. .. warning:: This guide is meant to be used to build CloudStack test/demo cloud only, - as certain choices have been made to get you up and running with minimal amount of time + as certain networking choices have been made to get you up and running with minimal amount of time + +.. warning:: + In case you don't have physical server to "play with", you can use e.g. Oracle VirtualBox 6.1+ + The requirement is that you enable "Enable Nested VT-x/AMD-V" as the Extended Feature on the System page of the Settings of the VM. + You will need to have 1 NIC in your VM, bridged to the NIC of your laptop/desktop + (wifi or wired NIC, doesn't matter), and optimally to set Adapter Type="Paravirtualized Network (virtio-net)" + for somewhat better network performance (Settings of VM, Network section, Adapter1, + expand "Advanced settings"). Also, make sure you have allowed enough ram (6G+) and enough CPU cores (3+) for demo purposes. High level overview of the process @@ -80,7 +88,7 @@ Using the CentOS 7.9.2009 minmal x86_64 install ISO, you'll need to install CentOS 7 on your hardware. The defaults will generally be acceptable for this installation. You may want to configure network configuration during setup - either using the guidelines below, or using a standard access configuration -which we will modify later. +which we will modify later - so that you can later install needed packages from internet, etc. Once this installation is complete, you'll want to gain access to your server - through SSH. @@ -97,18 +105,12 @@ access, it is always wise to update the system before starting: Configuring the network ^^^^^^^^^^^^^^^^^^^^^^^ -Unless you have configured it during install, which will not be covered by -this guide, the network interface will not come up on your hardware and you -will need to configure it to work in your environment. Since we specified -that there will be no DHCP server in this environment we will be manually -configuring your network interface. - -Before going any further, make sure that "brctl" and "net-tools" are installed and available: +Before going any further, make sure that "bridge-utils" and "net-tools" are installed and available: .. parsed-literal:: # yum install bridge-utils net-tools -y -Connecting via the console you should login as root. We will start by creating +Connecting via the console or SSH, you should login as root. We will start by creating the bridge that Cloudstack will use for networking. Create and open /etc/sysconfig/network-scripts/ifcfg-cloudbr0 and add the following settings: @@ -131,7 +133,7 @@ the bridge that Cloudstack will use for networking. Create and open IPV6INIT=no IPV6_AUTOCONF=no DELAY=5 - IPADDR=172.16.10.2 #(or e.g. 192.168.1.2 + IPADDR=172.16.10.2 #(or e.g. 192.168.1.2) GATEWAY=172.16.10.1 #(or e.g. 192.168.1.1 - this would be your physical home router) NETMASK=255.255.255.0 DNS1=8.8.8.8 @@ -140,10 +142,11 @@ the bridge that Cloudstack will use for networking. Create and open USERCTL=no NM_CONTROLLED=no -Save the configuration and exit. We will then edit the interface so that it +Save the configuration and exit. We will then edit the NIC so that it makes use of this bridge. -Open the configuration file of your interface and configure it as follows: +Open the configuration file of your NIC (e.g. /etc/sysconfig/network-scripts/ifcfg-eth0) +and edit it as follows: .. note:: Interface name used as example only. Replace eth0 with your default ethernet interface name. @@ -157,18 +160,13 @@ Open the configuration file of your interface and configure it as follows: ONBOOT=yes BRIDGE=cloudbr0 -.. note:: - You should not use the Hardware Address (aka the MAC address, or UUID) from our - example for your configuration. It is network interface specific, so you - should keep the address already provided in the UUID directive. - .. note:: If your physical nic (eth0 in the case of our example) has already been setup before following this guide, make sure that there is no duplication - between /etc/sysconfig/network-scripts/ifcfg-cloudbr0 and + between IP configuration of /etc/config/network-scripts/ifcfg-cloudbr0 and /etc/sysconfig/network-scripts/ifcfg-eth0 which will cause a failure that - would prevent the network from starting. Basically the majority eth0 config - moves over to the bridge and eth0 will point to the bridge. + would prevent the network from starting. Basically the majority of IP configuration + of eth0 config moves over to the bridge and eth0 will point to the bridge. Now that we have the configuration files properly set up, we need to run a few From 626c43b388174c1978ef51655ef5100640c15c55 Mon Sep 17 00:00:00 2001 From: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> Date: Fri, 6 Aug 2021 00:06:53 +0200 Subject: [PATCH 13/21] Update qig.rst --- source/quickinstallationguide/qig.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index d3e7ea0ec3..8e8be53c9d 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -37,6 +37,7 @@ get you up and running with CloudStack with a minimum amount of trouble. .. warning:: In case you don't have physical server to "play with", you can use e.g. Oracle VirtualBox 6.1+ The requirement is that you enable "Enable Nested VT-x/AMD-V" as the Extended Feature on the System page of the Settings of the VM. + You will want to create a Vm of "Red Hat (64-bit)" type and 20+GB disk space. You will need to have 1 NIC in your VM, bridged to the NIC of your laptop/desktop (wifi or wired NIC, doesn't matter), and optimally to set Adapter Type="Paravirtualized Network (virtio-net)" for somewhat better network performance (Settings of VM, Network section, Adapter1, From 37986f54c21262d56e8b0ac871bb6801f92e6aa0 Mon Sep 17 00:00:00 2001 From: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> Date: Fri, 6 Aug 2021 00:08:48 +0200 Subject: [PATCH 14/21] Update qig.rst --- source/quickinstallationguide/qig.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index 8e8be53c9d..74fb966ccb 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -37,11 +37,11 @@ get you up and running with CloudStack with a minimum amount of trouble. .. warning:: In case you don't have physical server to "play with", you can use e.g. Oracle VirtualBox 6.1+ The requirement is that you enable "Enable Nested VT-x/AMD-V" as the Extended Feature on the System page of the Settings of the VM. - You will want to create a Vm of "Red Hat (64-bit)" type and 20+GB disk space. + You will want to create a Vm of "Red Hat (64-bit)" type and 40+GB disk space. You will need to have 1 NIC in your VM, bridged to the NIC of your laptop/desktop (wifi or wired NIC, doesn't matter), and optimally to set Adapter Type="Paravirtualized Network (virtio-net)" for somewhat better network performance (Settings of VM, Network section, Adapter1, - expand "Advanced settings"). Also, make sure you have allowed enough ram (6G+) and enough CPU cores (3+) for demo purposes. + expand "Advanced"). Also, make sure you have allowed enough ram (6G+) and enough CPU cores (3+) for demo purposes. High level overview of the process From 68e9d73c3667aaef86a44bab7a3b227d2a1a7869 Mon Sep 17 00:00:00 2001 From: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> Date: Fri, 6 Aug 2021 00:35:15 +0200 Subject: [PATCH 15/21] Update qig.rst --- source/quickinstallationguide/qig.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index 74fb966ccb..d375a4ff76 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -795,3 +795,10 @@ several minutes for setup to finalize. When done, click on "Enable Zone" and your zone will be ready. That's it, you are done with installation of your Apache CloudStack demo cloud. + +To check the health of your CloudStack installation, go to Infrastructure --> System VMs and refresh +the UI from time to time - you should see “S-1-VM” and “V-2-VM” system VMs (SSVM and CPVM) in State=Running and Agent State=Up +After that you can go to Images --> Templates, click on the built-in template named "CentOS 5.5(64-bit) no GUI (KVM)", +then click on "Zones" tab - and observe how the Status is moving from a few percents downloaded up to fully downloaded, +after which the Status will show as "Ready". After this template is ready, you will be able to deploy a VM from it. + From 5e3f35fa3c266b30827c277ac88013cdc244e1ce Mon Sep 17 00:00:00 2001 From: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> Date: Fri, 6 Aug 2021 00:38:09 +0200 Subject: [PATCH 16/21] Update qig.rst --- source/quickinstallationguide/qig.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index d375a4ff76..6a697747ea 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -800,5 +800,6 @@ To check the health of your CloudStack installation, go to Infrastructure --> Sy the UI from time to time - you should see “S-1-VM” and “V-2-VM” system VMs (SSVM and CPVM) in State=Running and Agent State=Up After that you can go to Images --> Templates, click on the built-in template named "CentOS 5.5(64-bit) no GUI (KVM)", then click on "Zones" tab - and observe how the Status is moving from a few percents downloaded up to fully downloaded, -after which the Status will show as "Ready". After this template is ready, you will be able to deploy a VM from it. +after which the Status will show as "Download Complete" and "Ready" column will say "Yes". +After this is done, you will be able to deploy a VM from this template. From 07aa16f3eb9b3fcdfbd076d8cf5ca20635062258 Mon Sep 17 00:00:00 2001 From: Spaceman1984 <49917670+Spaceman1984@users.noreply.github.com> Date: Mon, 23 Aug 2021 09:26:07 +0200 Subject: [PATCH 17/21] Update source/adminguide/api.rst Co-authored-by: dahn --- source/adminguide/api.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/adminguide/api.rst b/source/adminguide/api.rst index 3fe5b34589..f7ccff1c8c 100644 --- a/source/adminguide/api.rst +++ b/source/adminguide/api.rst @@ -43,8 +43,8 @@ possible as well. For example, see Using an LDAP Server for User Authentication. -User Data and Meta Data via Virtual Router ------------------------------------------- +User Data and Meta Data via the Virtual Router +---------------------------------------------- CloudStack provides API access to attach up to 32KB of user data to a deployed VM. Deployed VMs also have access to instance metadata via the From 1f967838784fff70fa9291781c20c07dce89d4ab Mon Sep 17 00:00:00 2001 From: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> Date: Fri, 10 Sep 2021 11:18:23 +0200 Subject: [PATCH 18/21] Update qig.rst --- source/quickinstallationguide/qig.rst | 117 ++++++++++++-------------- 1 file changed, 56 insertions(+), 61 deletions(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index 6a697747ea..01194c8649 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -32,12 +32,13 @@ get you up and running with CloudStack with a minimum amount of trouble. .. warning:: This guide is meant to be used to build CloudStack test/demo cloud only, - as certain networking choices have been made to get you up and running with minimal amount of time + as certain networking choices have been made to get you up and running with + minimal amount of time. This guide can NOT be used for production setup. .. warning:: In case you don't have physical server to "play with", you can use e.g. Oracle VirtualBox 6.1+ The requirement is that you enable "Enable Nested VT-x/AMD-V" as the Extended Feature on the System page of the Settings of the VM. - You will want to create a Vm of "Red Hat (64-bit)" type and 40+GB disk space. + You will want to create a VM of "Red Hat (64-bit)" type and 40+GB disk space. You will need to have 1 NIC in your VM, bridged to the NIC of your laptop/desktop (wifi or wired NIC, doesn't matter), and optimally to set Adapter Type="Paravirtualized Network (virtio-net)" for somewhat better network performance (Settings of VM, Network section, Adapter1, @@ -48,17 +49,14 @@ High level overview of the process ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This guide will focus on building a CloudStack cloud using KVM on CentOS -7.7 with NFS storage on a flat layer-2 network utilizing layer-3 network -isolation (aka Security Groups), and doing it all on a single piece of -hardware. +7.9 with NFS storage and layer-2 isolation using VLANs, +(flat home network can be used for this as well) and on a single piece of +hardware (server/VM) KVM, or Kernel-based Virtual Machine is a virtualization technology for the Linux kernel. KVM supports native virtualization atop processors with hardware virtualization extensions. -Security Groups act as distributed firewalls that control access to a group of -virtual machines. - Prerequisites ~~~~~~~~~~~~~ @@ -70,8 +68,8 @@ To complete this guide you'll need the following items: #. An `CentOS 7.9 minimal x86_64 install ISO, on bootable media `_ -#. A /24 network with the gateway being at xxx.xxx.xxx.1, no DHCP should be on - this network and none of the computers running CloudStack will have a +#. A /24 network with the gateway being at (e.g.) xxx.xxx.xxx.1, no DHCP is needed + on this network and none of the computers running CloudStack will have a dynamic address. Again this is done for the sake of simplicity. @@ -87,15 +85,13 @@ Operating System Using the CentOS 7.9.2009 minmal x86_64 install ISO, you'll need to install CentOS 7 on your hardware. The defaults will generally be acceptable for this -installation. You may want to configure network configuration during setup - -either using the guidelines below, or using a standard access configuration -which we will modify later - so that you can later install needed packages from internet, etc. +installation - but make sure to configure IP address/parameters so that you can later install needed +packages from internet. Later, we will change the network configuration as needed. Once this installation is complete, you'll want to gain access to your server - through SSH. -If your network interface was configured to grant the server internet -access, it is always wise to update the system before starting: +It is always wise to update the system before starting: .. parsed-literal:: # yum -y upgrade @@ -120,7 +116,7 @@ the bridge that Cloudstack will use for networking. Create and open a /24 network for your CloudStack implementation. This can be any RFC 1918 network. However, we are assuming that you will match the machine address that we are using. Thus we may use 172.16.10.2 and because you might be - using the 192.168.55.0/24 network you would use 192.168.55.2. Another example + using e.g. 192.168.55.0/24 network you would use 192.168.55.2. Another example would be if you are using i.e. VirtualBox on your local home network on 192.168.1.0/24 network - in this case you can use a single free IP address from your home range (VirtualBox NIC for this VM should be in bridged mode for correct functioning) @@ -135,7 +131,7 @@ the bridge that Cloudstack will use for networking. Create and open IPV6_AUTOCONF=no DELAY=5 IPADDR=172.16.10.2 #(or e.g. 192.168.1.2) - GATEWAY=172.16.10.1 #(or e.g. 192.168.1.1 - this would be your physical home router) + GATEWAY=172.16.10.1 #(or e.g. 192.168.1.1 - this would be your physical/home router) NETMASK=255.255.255.0 DNS1=8.8.8.8 DNS2=8.8.4.4 @@ -150,7 +146,7 @@ Open the configuration file of your NIC (e.g. /etc/sysconfig/network-scripts/ifc and edit it as follows: .. note:: - Interface name used as example only. Replace eth0 with your default ethernet interface name. + Interface name (eth0) used as example only. Replace eth0 with your default ethernet interface name. .. parsed-literal:: TYPE=Ethernet @@ -167,7 +163,7 @@ and edit it as follows: between IP configuration of /etc/config/network-scripts/ifcfg-cloudbr0 and /etc/sysconfig/network-scripts/ifcfg-eth0 which will cause a failure that would prevent the network from starting. Basically the majority of IP configuration - of eth0 config moves over to the bridge and eth0 will point to the bridge. + of eth0 config moves over to the bridge and eth0 will be added to the bridge. Now that we have the configuration files properly set up, we need to run a few @@ -184,7 +180,7 @@ commands to start up the network: Hostname ^^^^^^^^ -CloudStack requires that the hostname be properly set. If you used the default +CloudStack requires that the hostname is properly set. If you used the default options in the installation, then your hostname is currently set to localhost.localdomain. To test this we will run: @@ -229,7 +225,7 @@ SELinux ^^^^^^^ At the moment, for CloudStack to work properly SELinux must be set to -permissive. We want to both configure this for future boots and modify it in +permissive or disabled. We want to both configure this for future boots and modify it in the current running system. To configure SELinux to be permissive in the running system we need to run the @@ -317,8 +313,7 @@ start out by installing nfs-utils. # yum -y install nfs-utils We now need to configure NFS to serve up two different shares. This is handled -comparatively easily in the /etc/exports file. You should ensure that it has -the following content: +in the /etc/exports file. You should ensure that it has the following content: .. parsed-literal:: @@ -353,7 +348,7 @@ Now you'll need to add the configuration values at the bottom in the file STATD_PORT=662 STATD_OUTGOING_PORT=2020 -Now we need to disable the firewall, so that it will not block connections. +For simplicity, we need to disable the firewall, so that it will not block connections. .. note:: @@ -404,6 +399,7 @@ Install by running the following command: # yum -y install mysql-server +This should install MySQL 5.x, as of the time of writing this guide. With MySQL now installed we need to make a few configuration changes to /etc/my.cnf. Specifically we need to add the following options to the [mysqld] section: @@ -482,13 +478,12 @@ CloudStack uses a number of system VMs to provide functionality for accessing the console of virtual machines, providing various networking services, and managing various aspects of storage. -Now we need to download the systemVM template and deploy that to the secondary storage. +We need to download the systemVM template and deploy that to the secondary storage. We will use the local path (/export/secondary) since we are already on the NFS server itself, but otherwise you would need to mount your Secondary Storage to a temporary mount point, and use that mount point instead of the /export/secondary path. -The management server includes a script to properly manipulate -the system VMs images. +Execute the followint script: .. parsed-literal:: @@ -508,7 +503,7 @@ KVM Setup and Installation Prerequisites ~~~~~~~~~~~~~ -We explicitly are using the management server as a compute node as well, which +We are using the management server as a compute node as well, which means that we have already performed many of the prerequisite steps when setting up the management server, but we will list them here for clarity. Those steps are: @@ -523,15 +518,14 @@ Those steps are: :ref:`qigconf-pkg-repo` -You shouldn't need to do that for the management server, of course, but any -additional hosts will need for you to complete the above steps. +You don't need to do that for the management server now as we've already done that. Installation ~~~~~~~~~~~~ Installation of the KVM agent is trivial with just a single command, but -afterwards we'll need to configure a few things. +afterwards we'll need to configure a few things. We need to install the EPEL repository also. .. parsed-literal:: @@ -548,9 +542,8 @@ We have two different parts of KVM to configure, libvirt, and QEMU. QEMU Configuration ^^^^^^^^^^^^^^^^^^^ -KVM configuration is relatively simple at only a single item. We need to edit -the QEMU VNC configuration. This is done by editing /etc/libvirt/qemu.conf and -ensuring the following line is present and uncommented. +We need to edit the QEMU VNC configuration. This is done by editing /etc/libvirt/qemu.conf +and ensuring the following line is present and uncommented. :: @@ -564,7 +557,9 @@ CloudStack uses libvirt for managing virtual machines. Therefore it is vital that libvirt is configured correctly. Libvirt is a dependency of cloud-agent and should already be installed. -#. In order to have live migration working libvirt has to listen for unsecured +#. Even though we are using a single host, the following steps are recommended + to get faimilar with the general requirements. + In order to have live migration working libvirt has to listen for unsecured TCP connections. We also need to turn off libvirts attempt to use Multicast DNS advertising. Both of these settings are in /etc/libvirt/libvirtd.conf @@ -596,7 +591,8 @@ and should already be installed. KVM configuration complete ^^^^^^^^^^^^^^^^^^^^^^^^^^^ -For the sake of completeness you should check if KVM is running OK on your machine (you should see kvm_intel or kvm_amd shown as loaded): +For the sake of completeness, you should check if KVM is running OK on your +machine (you should see kvm_intel or kvm_amd modules shown as loaded): .. parsed-literal:: @@ -616,7 +612,7 @@ UI Access To get access to CloudStack's web interface, merely point your browser to the IP address of your machine e.g. http://172.16.10.2:8080/client -1he default username is 'admin', and the default password is 'password'. +The default username is 'admin', and the default password is 'password'. Setting up a Zone ----------------- @@ -630,9 +626,9 @@ creating one. .. warning:: We will be configuring an Advanced Zone in a way that will allow us to access both the "Management" network of the cloud as well as the "Public" network - we will do so - by using the same CIDR (but different IP ranges) for both "Management" (Pod) and the "Public" - networks - which is something your would NEVER do in a production - this is for strictly for - testing purposes only! + by using the same CIDR (but different part of it, i.e. different IP ranges) for both + "Management" (Pod) and "Public" networks - which is something your would NEVER do + in a production - this is done strictly for testing purposes only in this guide! Click "Continue with Installation" to continue - you will be offered to change your root admin password - please do so, and click on OK. @@ -666,7 +662,7 @@ requirements. #. Hypervisor - this will be the primary hypervisor used in this zone. In our case, we will select KVM. -Click "Next" to continue on +Click "Next" to continue. Physical Network ~~~~~~~~~~~~~~~~ @@ -682,9 +678,8 @@ Click "Next" to continue. Public Traffic ~~~~~~~~~~~~~~ -Public traffic is generated when VMs in the cloud access the internet. Publicly-accessible IPs must be allocated for this purpose in normal/public cloud installations, -but since we are deploying merely a demo/test env, we will use a PART of our local network (from .11 to .20 or other free range) +but since we are deploying merely a demo/test env, we will use a PART of our local network (e.g. from .11 to .20 or other free range) #. Gateway - We'll use ``172.16.10.1`` #or whatever is your physical gateway e.g. 192.168.1.1 @@ -692,30 +687,31 @@ but since we are deploying merely a demo/test env, we will use a PART of our loc #. VLAN/VNI - We'll leave this one empty -#. Start IP - We'll use ``172.16.10.11`` # or e.g. 192.168.1.11 +#. Start IP - We'll use ``172.16.10.11`` # (or e.g. 192.168.1.11) -#. End IP - We'll use ``172.16.10.20`` # or e.g. 192.168.1.20 +#. End IP - We'll use ``172.16.10.20`` # (or e.g. 192.168.1.20) -Click "Add" to add the range +Click "Add" to add the range. -Click "Next" to continue on +Click "Next" to continue. Pod Configuration ~~~~~~~~~~~~~~~~~ -Here we will configure a range for Cloudstack's internal management traffic. -This will also be part of our local network (i.e. different part of your local home network, -from .21 to .30 - but within the same IP range - same gateway, same netmask) +Here we will configure a range for Cloudstack's internal management traffic - CloudStack +will assign IPs from this range to system VMs. This will also be part of our local network +(i.e. different part of your local home network, from .21 to .30), with the rest of the IP parameters +(netmaks/gateway) being the same as ised for Public Traffic. #. Pod Name - We'll use ``Pod1`` for our cloud. -#. Reserved system gateway - we'll use ``172.16.10.1`` #or whatever is your physical gateway e.g. 192.168.1.1 +#. Reserved system gateway - we'll use ``172.16.10.1`` # (or whatever is your physical gateway e.g. 192.168.1.1) #. Reserved system netmask - we'll use ``255.255.255.0`` -#. Start reserved system IPs - we will use ``172.16.10.21`` # or e.g. 192.168.1.21 +#. Start reserved system IPs - we will use ``172.16.10.21`` # (or e.g. 192.168.1.21) -#. End Reserved system IP - we will use ``172.16.10.30`` # or e.g. 192.168.1.30 +#. End Reserved system IP - we will use ``172.16.10.30`` # (or e.g. 192.168.1.30) Click "Next" to continue on @@ -726,7 +722,7 @@ Next we will configure a range of VLAN IDs for our guest VMs. A range of ``100`` - ``200`` would suffice. -Click "Next" to continue on +Click "Next" to continue. Cluster ~~~~~~~ @@ -736,7 +732,7 @@ cluster. We will have one cluster and we have to give our cluster a name. Enter ``Cluster1`` -Click "Next" to continue +Click "Next" to continue. Host ~~~~ @@ -751,7 +747,7 @@ as a hypervisor. #. Password - enter the operating system password for the root user -Click "Next" to continue +Click "Next" to continue. Primary Storage ^^^^^^^^^^^^^^^ @@ -771,23 +767,22 @@ information. Enter the following values in the fields: #. Path - Well define ``/export/primary`` as the path we are using -Click "Next" to continue +Click "Next" to continue. Secondary Storage ^^^^^^^^^^^^^^^^^ -If this is a new zone, you'll be prompted for secondary storage information - -populate it as follows: +You'll be prompted for secondary storage information - populate it as follows: #. Provider - Choose ``NFS`` -#. Name - We can call it ``Secondary1`` +#. Name - ``Secondary1`` #. NFS server - We'll use the IP address ``172.16.10.2`` (this is your local server, so swap with the correct IP) #. Path - We'll use ``/export/secondary`` -Click "Next" to continue on +Click "Next" to continue. Now, click "Launch Zone" and your cloud should begin setup - it may take several minutes for setup to finalize. From 759247469c4a5ea90fe48b2f4cdf9acb5a30b053 Mon Sep 17 00:00:00 2001 From: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> Date: Fri, 10 Sep 2021 11:51:34 +0200 Subject: [PATCH 19/21] Update qig.rst --- source/quickinstallationguide/qig.rst | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index 01194c8649..619bdaa2db 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -36,9 +36,9 @@ get you up and running with CloudStack with a minimum amount of trouble. minimal amount of time. This guide can NOT be used for production setup. .. warning:: - In case you don't have physical server to "play with", you can use e.g. Oracle VirtualBox 6.1+ - The requirement is that you enable "Enable Nested VT-x/AMD-V" as the Extended Feature on the System page of the Settings of the VM. - You will want to create a VM of "Red Hat (64-bit)" type and 40+GB disk space. + In case you don't have physical server to "play with", you can use e.g. Oracle VirtualBox 6.1+. + The requirement is that you enable "Enable Nested VT-x/AMD-V" as the Extended Feature on the System page of the Settings of the VM. + You will want to create a VM of "Red Hat (64-bit)" type and 40+GB disk space. You will need to have 1 NIC in your VM, bridged to the NIC of your laptop/desktop (wifi or wired NIC, doesn't matter), and optimally to set Adapter Type="Paravirtualized Network (virtio-net)" for somewhat better network performance (Settings of VM, Network section, Adapter1, @@ -162,8 +162,8 @@ and edit it as follows: setup before following this guide, make sure that there is no duplication between IP configuration of /etc/config/network-scripts/ifcfg-cloudbr0 and /etc/sysconfig/network-scripts/ifcfg-eth0 which will cause a failure that - would prevent the network from starting. Basically the majority of IP configuration - of eth0 config moves over to the bridge and eth0 will be added to the bridge. + would prevent the network from starting. Basically, IP configuration + of eth0 should be moved to the bridge and eth0 will be added to the bridge. Now that we have the configuration files properly set up, we need to run a few @@ -701,7 +701,7 @@ Pod Configuration Here we will configure a range for Cloudstack's internal management traffic - CloudStack will assign IPs from this range to system VMs. This will also be part of our local network (i.e. different part of your local home network, from .21 to .30), with the rest of the IP parameters -(netmaks/gateway) being the same as ised for Public Traffic. +(netmaks/gateway) being the same as used for the Public Traffic. #. Pod Name - We'll use ``Pod1`` for our cloud. From 471f28e53271693095bc288cf47a942713c64dd3 Mon Sep 17 00:00:00 2001 From: Rohit Yadav Date: Wed, 22 Sep 2021 13:34:58 +0530 Subject: [PATCH 20/21] Update source/quickinstallationguide/qig.rst Co-authored-by: sureshanaparti <12028987+sureshanaparti@users.noreply.github.com> --- source/quickinstallationguide/qig.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index 619bdaa2db..f4977fbded 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -638,7 +638,7 @@ A new Zone wizard will pop-up. Please chose Advanced (don't tick the "Security G Zone Details ~~~~~~~~~~~~ -On this page we enter where our dns servers are located. +On this page, we enter where our DNS servers are located. CloudStack distinguishes between internal and public DNS. Internal DNS is assumed to be capable of resolving internal-only hostnames, such as your NFS server’s DNS name. Public DNS is provided to the guest VMs to resolve From 3a85bff0f8ec051b29fc5b52776da360271e9bb4 Mon Sep 17 00:00:00 2001 From: Rohit Yadav Date: Wed, 22 Sep 2021 13:35:04 +0530 Subject: [PATCH 21/21] Update source/quickinstallationguide/qig.rst Co-authored-by: sureshanaparti <12028987+sureshanaparti@users.noreply.github.com> --- source/quickinstallationguide/qig.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index f4977fbded..88a63999c2 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -668,7 +668,7 @@ Physical Network ~~~~~~~~~~~~~~~~ There are various network isolation methods supported by Cloudstack. The default VLAN option will be sufficient for our purposes. For improved -performance and/or security, Cloudstack allows different trafic types to run +performance and/or security, Cloudstack allows different traffic types to run over specifically dedicated network interface cards attached to hypervisors. We will not be making any changes here, the default settings are fine for this demo installation of Cloudstack.