KVM-WebVirtMgr


0ther

https://github.com/retspen/webvirtmgr/wiki

System Optimization(Only CentOS6.X)

Run

# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
# LANG=en
# for root in `chkconfig --list|grep 3:on|awk '{print $1}'`;do chkconfig --level 3 $root off;done
# for root in crond network rsyslog sshd;do chkconfig --level 3 $root on;done
# chkconfig --list|grep 3:on

Install WebVirtMgr

1. Installation

CentOS/RHEL 6.x

Run:

# yum -y install epel-release
# yum -y install vim wget ftp git python-pip libvirt-python libxml2-python python-websockify supervisor nginx

CentOS 7.x

Run:

# yum -y install epel-release
# yum -y install vim wget ftp git python-pip libvirt-python libxml2-python python-websockify supervisor nginx
# yum -y install gcc python-devel
# pip install numpy

2. Install python requirements and setup Django environment

Run:

# git clone git://github.com/retspen/webvirtmgr.git
# cd webvirtmgr
# pip install -r requirements.txt
# ./manage.py syncdb          //Configuration database
# ./manage.py collectstatic   //Add Database administrator for webvirtmagr, no System administrator!

Enter the user information:

You just installed Django's auth system, which means you don't have any superusers defined.
Would you like to create one now? (yes/no): yes (Put: yes)
Username (Leave blank to use 'admin'): admin (Put: your username or login)
E-mail address: username@domain.local (Put: your email)
Password: xxxxxx (Put: your password)
Password (again): xxxxxx (Put: confirm password)
Superuser created successfully.

Adding additional superusers

Run:

# ./manage.py createsuperuser     //Create an Account, Account Login and Password Information

3. Setup Nginx

Warning: Usually WebVirtMgr is only available from localhost on port 8000. This step will make WebVirtMgr available to everybody on port 80. The webinterface is also unprotected (no https), which means that everybody in between you and the server (people on the same wifi, your local router, your provider, the servers provider, backbones etc.) can see your login credentials in clear text!

Instead you can also skip this step completely + uninstall nginx. By simply redirecting port 8000 to your local machine via SSH. This is much safer because WebVirtMgr is not available to the public any more and you can only access it over an encrypted connection.

Example:

# ssh user@server:port -L localhost:8000:localhost:8000 -L localhost:6080:localhost:6080

You should be able to access WebVirtMgr by typing localhost:8000 in your browser after completing the install. Port 6080 is forwarded to make noVNC work.

If you really know what you are doing, feel free to ignore the warning and continue setting up the redirect with nginx:

# cd ..  && mkdir -p /data/www
# mv webvirtmgr /data/www/

Add file webvirtmgr.conf in /etc/nginx/conf.d

server {
    listen 80 default_server;

    server_name $hostname;
    access_log  off; 

    location /static/ {
        root /data/www/webvirtmgr;
        expires max;
    }

    location / {
        proxy_pass http://127.0.0.1:8000;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_connect_timeout 600;
        proxy_read_timeout 600;
        proxy_send_timeout 600;
        client_max_body_size 1024M; # Set higher depending on your needs
    }
}

Delete default.conf

# cd /etc/nginx/conf.d && rm -rf default.conf

Open nginx.conf out of /etc/nginx/nginx.conf (in Ubuntu 14.04 LTS the configuration is in /etc/nginx/sites-enabled/default):

# vim /etc/nginx/nginx.conf

Comment the Server Section as it is shown in the example:

#    server {
#        listen       80 default_server;
#        server_name  localhost;
#        root         /usr/share/nginx/html;
#
#        #charset koi8-r;
#
#        #access_log  /var/log/nginx/host.access.log  main;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        # redirect server error pages to the static page /40x.html
#        #
#        error_page  404              /404.html;
#        location = /40x.html {
#        }
#
#        # redirect server error pages to the static page /50x.html
#        #
#        error_page   500 502 503 504  /50x.html;
#        location = /50x.html {
#        }
#    }

Restart nginx service:

# service nginx restart && chkconfig nginx on

Update SELinux policy

# setsebool httpd_can_network_connect true

make it permanet service:

# chkconfig supervisord on

4. Setup Supervisor

CentOS, RedHat, Fedora

Run:

# chown -R nginx:nginx /data/html/webvirtmgr

Open supervisord.conf in /etc/supervisord.conf with following content:

[program:webvirtmgr]
command=/usr/bin/python /data/www/webvirtmgr/manage.py run_gunicorn -c /data/www/webvirtmgr/conf/gunicorn.conf.py
directory=/data/www/webvirtmgr
autostart=true
autorestart=true
logfile=/var/log/supervisor/webvirtmgr.log
log_stderr=true
user=nginx

[program:webvirtmgr-console]
command=/usr/bin/python /data/www/webvirtmgr/console/webvirtmgr-console
directory=/data/www/webvirtmgr
autostart=true
autorestart=true
stdout_logfile=/var/log/supervisor/webvirtmgr-console.log
redirect_stderr=true
user=nginx

Restart supervisor daemon

# service supervisord restart && chkconfig supervisord on

WebVirtMgr :Make it permanet service

# vim /etc/rc.d/rc.local
...
nohup ./data/www/webvirtmgr/manage.py runserver 0.0.0.0:8000 &
...

Reboot System

Setup SSH Authorization


For new versions of webvirtmgr

  1. Create SSH private key and ssh config options (On system where WebVirtMgr is installed):
# cd /var/cahce/nginx/ &&
# mkdir .ssh
# chown -Rf nginx:nginx .ssh
# chmod -Rf 700 .ssh
# su - nginx -s /bin/bash
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (path-to-id-rsa-in-nginx-home):   Just hit Enter here!
$ touch ~/.ssh/config && echo -e "StrictHostKeyChecking=no\nUserKnownHostsFile=/dev/null" >> ~/.ssh/config
$ chmod -Rf 0600 ~/.ssh/config
  1. Copy public key to qemu-kvm/libvirt host server:
# su - nginx -s /bin/bash
$ ssh-copy-id root@emu-kvm-libvirt-host
if you changed the default SSH port use:
$ ssh-copy-id -P YOUR_SSH_PORT root@qemu-kvm-libvirt-host

Now you can test the connection by entering:
$ ssh root@qemu-kvm-libvirt-host

Setup TCP Authorization


Setup Host Server

Supported Linux distributions

CentOS 6.3, RedHat 6.3 and above

Fedora 18 and above

Debian Testing, Ubuntu 12.04 and above

Setup libvirt and KVM

# curl http://retspen.github.io/libvirt-bootstrap.sh | sudo sh

or if haven't curl

# wget -O - http://retspen.github.io/libvirt-bootstrap.sh | sudo sh

Configuring the firewall

CentOS 6, Fedora 18, RedHat EL6

Open access to libvirt port

# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 16509 -j ACCEPT

CentOS 7, Fedora 19+, RedHat EL7 (and other distributions utilizing firewalld)

Find your firewalld zones:

# firewall-cmd --get-active-zones

The zone for the interface which connects the libvirt host and the webvirtmgr host is in the public zone by default, so the command is:

# firewall-cmd --zone=public --add-port 16509/tcp --permanent
# firewall-cmd --reload

Otherwise substitute --zone=public in the above for the correct zone.

Adding users and setting their passwords is done with the saslpasswd2 command. When running this command it is important to tell it that the appname is libvirt. As an example, to add a user admin, run

# saslpasswd2 -a libvirt admin
Password: xxxxxx
Again (for verification): xxxxxx

To see a list of all accounts the sasldblistusers2 command can be used. This command expects to be given the path to the libvirt user database, which is kept in /etc/libvirt/passwd.db

# sasldblistusers2 -f /etc/libvirt/passwd.db
admin@webvirtmgr.net: userPassword

To disable a user's access, use the command saslpasswd2 with the -d

# saslpasswd2 -a libvirt -d admin

Verify settings

Before you add the ip address of your server in the control center perform the following test

# virsh -c qemu+tcp://IP_address/system nodeinfo
Please enter your authentication name: admin
Please enter your password: xxxxxx
CPU model:           x86_64
CPU(s):              2
CPU frequency:       2611 MHz
CPU socket(s):       1
Core(s) per socket:  2
Thread(s) per core:  1
NUMA cell(s):        1
Memory size:         2019260 kB

If you have same error:

# virsh -c qemu+tcp://IP_address/system nodeinfo
Please enter your authentication name: admin
Please enter your password:
error: authentication failed: authentication failed
error: failed to connect to the hypervisor

Try input login with domain (hostname):

# sasldblistusers2 -f /etc/libvirt/passwd.db
admin@webvirtmgr.net: userPassword

KVM网页管理工具WebVirtMgr部署的更多相关文章

  1. kvm虚拟化管理平台WebVirtMgr部署-完整记录(1)

    公司机房有一台2U的服务器(64G内存,32核),由于近期新增业务比较多,测试机也要新增,服务器资源十分有限.所以打算在这台2U服务器上部署kvm虚拟化,虚出多台VM出来,以应对新的测试需求.当KVM ...

  2. KVM虚拟化管理平台WebVirtMgr部署及使用

    KVM虚拟化管理平台WebVirtMgr部署及使用   需求: 公司机房有一台2U的服务器(64G内存,32核),由于近期新增业务比较多,测试机也要新增,服务器资源十分有限.所以打算在这台2U服务器上 ...

  3. kvm虚拟化管理平台WebVirtMgr部署-完整记录(3)

    继下面三篇文章完成了kvm虚拟化管理平台webvirtmgr环境的部署安装:kvm虚拟化管理平台WebVirtMgr部署-虚拟化环境安装-完整记录(0)kvm虚拟化管理平台WebVirtMgr部署-完 ...

  4. kvm虚拟化管理平台WebVirtMgr部署-完整记录(2)

    继上一篇kvm虚拟化管理平台WebVirtMgr部署-完整记录(1),接下来说说WebVirtMgr的日常配置:添加宿主机,创建虚机,磁盘扩容,快照等具体操作记录如下: 一.配置宿主机1.登录WebV ...

  5. KVM web管理工具——WebVirtMgr(一)

    WebVirtMgr 介绍     WebVirtMgr采用几乎纯Python开发,其前端是基于Python的Django,后端是基于Libvirt的Python接口,将日常kvm的管理操作变的更加的 ...

  6. 快速搭建 kvm web 管理工具 WebVirtMgr

    作者:SRE运维博客 博客地址: https://www.cnsre.cn/ 文章地址:https://www.cnsre.cn/posts/211117937177/ 相关话题:https://ww ...

  7. centos7.2 kvm虚拟化管理平台WebVirtMgr部署

    在服务器上部署kvm虚拟化,虚出多台VM出来,以应对新的测试需求.当KVM宿主机越来越多,需要对宿主机的状态进行调控,决定采用WebVirtMgr作为kvm虚拟化的web管理工具,图形化的WEB,让人 ...

  8. KVM web管理工具——WebVirtMgr

    系统环境: [root@kvm-admin ~]# cat /etc/redhat-release CentOS Linux release (Core) 关闭防火墙.selinux [root@kv ...

  9. kvm虚拟化管理平台WebVirtMgr部署-完整记录(安装Windows虚拟机)-(4)

    一.背景说明  在之前的篇章中,提到在webvirtmgr里安装linux系统的vm,下面说下安装windows系统虚拟机的操作记录: 由于KVM管理虚拟机的硬盘和网卡需要virtio驱动,linux ...

随机推荐

  1. C++中堆和栈的完全解析(转)

    内存分配方面: 堆: 操作系统有一个记录空闲内存地址的链表,当系统收到程序的申请时,会遍历该链表,寻找第一个空间大于所申请空间的堆结点,然后将该结点从空闲结点链表中删 除,并将该结点的空间分配给程序, ...

  2. Luogu P2802 回家

    题目描述 小H在一个划分成了n*m个方格的长方形封锁线上. 每次他能向上下左右四个方向移动一格(当然小H不可以静止不动), 但不能离开封锁线,否则就被打死了. 刚开始时他有满血6点,每移动一格他要消耗 ...

  3. chrome地址栏命令

    Chrome作为一个前端开发的标准浏览器,用来体验和测试日新月异的新特性,自然是没话说. 有些新特性是需要特意开启设置的,有很多浏览器的内置功能也是要通过命令来开启或者使用的. Chrome 有很多的 ...

  4. React Native 系列(九) -- Tab标签组件

    前言 本系列是基于React Native版本号0.44.3写的.很多的App都使用了Tab标签组件,例如QQ,微信等等,就是切换不同的选项,显示不同的内容.那么这篇文章将介绍RN中的Tab标签组件. ...

  5. 前端到后台ThinkPHP开发整站(4)

    今晚继续我的这个项目的开发,今晚也是写的不多,主要写了一个菜单管理功能的CURD方法,前端界面还没有进行编写. 菜单管理Model层的代码: <?php namespace Common\Mod ...

  6. 【有意思的BUG】反转的水印

    今天无意中看到一个图集,翻着翻着感觉到哪儿不对劲.是的,水印打反了,怎么会出现这样的局面我也不知道,可能就是手抖了吧. 通过与懂这方面知识的人请教,120%的可能是因为图片本身就自带水印,而不是因为后 ...

  7. 微软认知服务 Luis

    学习认知服务 Luis(Language understand intellgence service) 简述: 开发者可以通过Luis开发可以理解人类语言的只能应用,学习人类语言分析语义. 利用这个 ...

  8. hdu 6125 -- Free from square(状态压缩+分组背包)

    题目链接 Problem Description There is a set including all positive integers that are not more then n. Ha ...

  9. Apache Storm 1.1.0 中文文档 | ApacheCN

    前言 Apache Storm 是一个免费的,开源的,分布式的实时计算系统. 官方文档: http://storm.apache.org 中文文档: http://storm.apachecn.org ...

  10. Spring框架IOC,DI概念理解

    1.什么是框架? 框架是一种重复使用的解决方案,针对某个软件开发的问题提出的. Spring框架,它是一个大型的包含很多重复使用的某个领域的解决方案. Spring的理念:不要重复发明轮子. 2.Sp ...