M #-: Upgrade and installation guide minor fixes mainly about CRB repo #443
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
| @@ -1,6 +1,5 @@ | ||||||
| --- | ||||||
| title: "KVM Node Installation" | ||||||
| date: "2025-02-17" | ||||||
| description: | ||||||
| categories: | ||||||
|
|
@@ -38,35 +37,35 @@ Refer to [OpenNebula Repositories]({{% relref "opennebula_repository_configurati | |||||
|
|
||||||
| ### Installing on AlmaLinux/RHEL | ||||||
|
|
||||||
| OpenNebula depends on packages which aren’t in the base **AlmaLinux/RHEL 8,9** distribution repositories. Execute one of the commands below (distinguished by the Host platform) under privileged user (`root`) to configure access to additional [EPEL](https://fedoraproject.org/wiki/EPEL) (Extra Packages for Enterprise Linux) repository: | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
|
|
||||||
| #### EPEL repository | ||||||
|
There was a problem hiding this comment. You can remove this heading. The intro above is enough. |
||||||
|
|
||||||
| **AlmaLinux 8,9** | ||||||
|
|
||||||
| ```bash | ||||||
| dnf -y install epel-release | ||||||
| ``` | ||||||
|
|
||||||
| **RHEL 8** | ||||||
|
|
||||||
| ```bash | ||||||
| rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm | ||||||
| ``` | ||||||
|
|
||||||
| **RHEL 9** | ||||||
|
|
||||||
| ```bash | ||||||
| rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm | ||||||
| ``` | ||||||
|
|
||||||
| #### Install OpenNebula KVM Node Package | ||||||
|
|
||||||
| Execute the following commands to install the OpenNebula KVM Node package and restart libvirt to use the OpenNebula-provided configuration file: | ||||||
|
|
||||||
| ```bash | ||||||
| dnf -y install opennebula-node-kvm | ||||||
| systemctl restart libvirtd | ||||||
| ``` | ||||||
|
|
||||||
| For further configuration, check the specific [guide]({{% relref "kvm_driver#kvmg" %}}). | ||||||
|
|
@@ -75,10 +74,10 @@ For further configuration, check the specific [guide]({{% relref "kvm_driver#kvm | |||||
|
|
||||||
| Execute the following commands to install the OpenNebula KVM Node package and restart libvirt to use the OpenNebula-provided configuration file: | ||||||
|
|
||||||
| ```bash | ||||||
| apt-get update | ||||||
| apt-get -y install opennebula-node-kvm | ||||||
| systemctl restart libvirtd | ||||||
| ``` | ||||||
|
|
||||||
| For further configuration check the specific [guide]({{% relref "kvm_driver#kvmg" %}}). | ||||||
|
|
@@ -94,7 +93,7 @@ If you are performing an upgrade skip this and the next steps and go back to the | |||||
|
|
||||||
| Depending on the type of OpenNebula deployment, the SELinux can block some operations initiated by the OpenNebula Front-end, which results in a failure of the particular operation. It’s **not recommended to disable** the SELinux on production environments, as it degrades the security of your server, but to investigate and work around each individual problem based on the [SELinux User’s and Administrator’s Guide](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/selinux_users_and_administrators_guide/). The administrator might disable the SELinux to temporarily work around the problem or on non-production deployments by changing the following line in `/etc/selinux/config`: | ||||||
|
|
||||||
| ```bash | ||||||
| SELINUX=disabled | ||||||
| ``` | ||||||
|
|
||||||
|
|
@@ -106,8 +105,8 @@ Depending on your OpenNebula deployment type, the following may be required on y | |||||
| * package `util-linux` newer than 2.23.2-51 installed | ||||||
| * SELinux boolean `virt_use_nfs` enabled (with datastores on NFS): | ||||||
|
|
||||||
| ```bash | ||||||
| setsebool -P virt_use_nfs on | ||||||
| ``` | ||||||
|
|
||||||
| ### Disable AppArmor on Ubuntu/Debian | ||||||
|
|
@@ -117,8 +116,8 @@ Depending on the type of OpenNebula deployment, the AppArmor can block some oper | |||||
| {{< alert title="Note" color="success" >}} | ||||||
|
Contributor
Author
There was a problem hiding this comment. @prisorue , do you mean to have it as a regular sentence, i.e. the same text type as the one above? Like that ^^?
Contributor
Author
There was a problem hiding this comment. please, ignore my previous comment - it's clear from the next one what you meant. There was a problem hiding this comment. No worries. This is what I meant. Thanks a lot for working on this suggestion. |
||||||
| Depending on your OpenNebula deployment type, the following lines might be required at `/etc/apparmor.d/abstractions/libvirt-qemu` profile:{{< /alert >}} | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
|
|
||||||
| ```bash | ||||||
| /var/lib/one/datastores/** rwk, | ||||||
| ``` | ||||||
|
|
||||||
| <a id="kvm-local"></a> | ||||||
|
|
@@ -155,14 +154,14 @@ If [default SSH configuration]({{% relref "advanced_ssh_usage#node-ssh-config" % | |||||
|
|
||||||
| Make sure you are logged in on your Front-end and run the commands as `oneadmin`, e.g., by typing: | ||||||
|
|
||||||
| ```bash | ||||||
| su - oneadmin | ||||||
| ``` | ||||||
|
|
||||||
| Create the `known_hosts` file by running following command with all the node names including the Front-end as parameters: | ||||||
|
|
||||||
| ```bash | ||||||
| ssh-keyscan <frontend> <node1> <node2> <node3> ... >> /var/lib/one/.ssh/known_hosts | ||||||
| ``` | ||||||
|
|
||||||
| ### B. Distribute Authentication Configuration | ||||||
|
prisorue marked this conversation as resolved.
|
||||||
|
|
@@ -171,24 +170,24 @@ To enable passwordless login on your infrastructure, you must copy authenticatio | |||||
|
|
||||||
| Make sure you are logged in on your Front-end and run the commands as `oneadmin`, e.g., by typing: | ||||||
|
|
||||||
| ```bash | ||||||
| su - oneadmin | ||||||
| ``` | ||||||
|
|
||||||
| Enable passwordless logins by executing the following command for each of your nodes. For example: | ||||||
|
|
||||||
| ```bash | ||||||
| ssh-copy-id -i /var/lib/one/.ssh/id_rsa.pub <node1> | ||||||
| ssh-copy-id -i /var/lib/one/.ssh/id_rsa.pub <node2> | ||||||
| ssh-copy-id -i /var/lib/one/.ssh/id_rsa.pub <node3> | ||||||
| ``` | ||||||
|
|
||||||
| If the list of host SSH public keys was created in the previous section, distribute the `known_hosts` file to each of your nodes. For example: | ||||||
|
|
||||||
| ```bash | ||||||
| scp -p /var/lib/one/.ssh/known_hosts <node1>:/var/lib/one/.ssh/ | ||||||
| scp -p /var/lib/one/.ssh/known_hosts <node2>:/var/lib/one/.ssh/ | ||||||
| scp -p /var/lib/one/.ssh/known_hosts <node3>:/var/lib/one/.ssh/ | ||||||
| ``` | ||||||
|
|
||||||
| #### Without SSH Authentication Agent (Optional) | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
|
|
@@ -198,10 +197,10 @@ $ scp -p /var/lib/one/.ssh/known_hosts <node3>:/var/lib/one/.ssh/ | |||||
|
|
||||||
| If you need to distribute `oneadmin`’s private SSH key on your nodes, proceed with steps above and continue with following extra commands for all your nodes. For example: | ||||||
|
|
||||||
| ```bash | ||||||
| scp -p /var/lib/one/.ssh/id_rsa <node1>:/var/lib/one/.ssh/ | ||||||
| scp -p /var/lib/one/.ssh/id_rsa <node2>:/var/lib/one/.ssh/ | ||||||
| scp -p /var/lib/one/.ssh/id_rsa <node3>:/var/lib/one/.ssh/ | ||||||
| ```{{< /alert >}} | ||||||
|
|
||||||
| ### C. Validate Connections | ||||||
|
|
@@ -215,40 +214,40 @@ You should verify that none of these connections (under user `oneadmin`) fail an | |||||
|
|
||||||
| For example, execute on the Front-end: | ||||||
|
|
||||||
| ```bash | ||||||
| # from Front-end to Front-end itself | ||||||
| ssh <frontend> | ||||||
| exit | ||||||
|
|
||||||
| # from Front-end to node, back to Front-end and to other nodes | ||||||
| ssh <node1> | ||||||
| ssh <frontend> | ||||||
| exit | ||||||
| ssh <node2> | ||||||
| exit | ||||||
| ssh <node3> | ||||||
| exit | ||||||
| exit | ||||||
|
|
||||||
| # from Front-end to node, back to Front-end and to other nodes | ||||||
| ssh <node2> | ||||||
| ssh <frontend> | ||||||
| exit | ||||||
| ssh <node1> | ||||||
| exit | ||||||
| ssh <node3> | ||||||
| exit | ||||||
| exit | ||||||
|
|
||||||
| # from Front-end to nodes and back to Front-end and other nodes | ||||||
| ssh <node3> | ||||||
| ssh <frontend> | ||||||
| exit | ||||||
| ssh <node1> | ||||||
| exit | ||||||
| ssh <node2> | ||||||
| exit | ||||||
| exit | ||||||
| ``` | ||||||
|
|
||||||
| <a id="kvm-node-networking"></a> | ||||||
|
|
@@ -266,15 +265,15 @@ There are various models for virtual networks, check the [Open Cloud Networking] | |||||
|
|
||||||
| You may want to use the simplest network model that corresponds to the [bridged]({{% relref "bridged#bridged" %}}) driver. For this driver, you will need to set up a Linux bridge and include a physical device in the bridge. Later on, when defining the network in OpenNebula, you will specify the name of this bridge and OpenNebula will know that it should connect the VM to this bridge, thus giving it connectivity with the physical network device connected to the bridge. For example, a typical Host with two physical networks, one for public IP addresses (attached to an `eth0` NIC for example) and the other for private virtual LANs (NIC `eth1` for example) should have two bridges: | ||||||
|
|
||||||
| ```bash | ||||||
| ip link show type bridge | ||||||
| 4: br0: ... | ||||||
| 5: br1: ... | ||||||
|
|
||||||
| ip link show master br0 | ||||||
| 2: eth0: ... | ||||||
|
|
||||||
| ip link show master br1 | ||||||
| 3: eth1: ... | ||||||
| ``` | ||||||
|
|
||||||
|
|
@@ -318,16 +317,16 @@ Finally, return back to the **Hosts** list, and check that the Host has switched | |||||
|
|
||||||
| To add a node to the cloud, run this command as `oneadmin` in the Front-end (replace `<node01>` with your node hostname): | ||||||
|
|
||||||
| ```bash | ||||||
| onehost create <node01> -i kvm -v kvm | ||||||
|
|
||||||
| onehost list | ||||||
| ID NAME CLUSTER RVM ALLOCATED_CPU ALLOCATED_MEM STAT | ||||||
| 1 localhost default 0 - - init | ||||||
|
|
||||||
| # After some time (up to 1 minute) | ||||||
|
|
||||||
| onehost list | ||||||
| ID NAME CLUSTER RVM ALLOCATED_CPU ALLOCATED_MEM STAT | ||||||
| 0 node01 default 0 0 / 400 (0%) 0K / 7.7G (0%) on | ||||||
| ``` | ||||||
|
|
||||||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.