Note: 关闭了NFS Storage 的防火墙 service iptables stop
1. 新创建的Linux没有获取IP;
vi /etc/sysconfig/network-script/ifcfg-eth0
修改 ONBOOT="yes"
增加 BOOTPROTO="dhcp"
2. 通过命令 "hostname --fqdn"查看FQDN, 如果不能返回值,
vi /etc/hosts
增加 ip fqdn hostname
3. 查看selinux状态
/usr/sbin/sestatus -v 或 sestatus
得确定selinux状态为disable 或 permissive
Set the SELINUX variable in /etc/selinux/config to "permissive". This ensures that the
permissive setting will be maintained after a system reboot.
Then set SELinux to permissive starting immediately, without requiring a system reboot.
增加 setenforce 0
4. 配置本地yum源
加载光盘系统文件到本地 mount /dev/cdrom /media
Create a repo file at /etc/yum.repos.d/rhel6.repo. In the file, insert the following lines:
[rhel]
name=rhel6
baseurl=file:///media
enabled=1
gpgcheck=0
5. 安装ntp服务
yum install ntp
Edit the NTP configuration file to point to your NTP server.
# vi /etc/ntp.conf
Add one or more server lines in this file with the names of the NTP servers you want to use.
For example:
server 0.xenserver.pool.ntp.org
server 1.xenserver.pool.ntp.org
server 2.xenserver.pool.ntp.org
server 3.xenserver.pool.ntp.org
Restart the NTP client.
# service ntpd restart
Make sure NTP will start again upon reboot.
# chkconfig ntpd on
6. 安装ManagementServer
1. Download the CloudStack Management Server onto the host where it will run. Get the software
from the following link.
https://www.citrix.com/English/ss/downloads/.
2. Install the CloudStack packages. You should have a file in the form of "CloudStack-VERSION-NOSVERSION.
tar.gz". Untar the file and then run the install.sh script inside it. Replace the file and
directory names below with those you are using:
# tar xzf CloudStack-VERSION-N-OSVERSION.tar.gz
# cd CloudStack-VERSION-N-OSVERSION
# ./install.sh
You should see a few messages as the installer prepares, followed by a list of choices.
3. Choose M to install the Management Server software.
> M
4. When the installation is finished, run the following commands to start essential services:
# service rpcbind start
# service nfs start
# chkconfig nfs on
# chkconfig rpcbind on
7. Install and Configure the Database
1. If you already have a version of MySQL installed on the Management Server node, make one of
the following choices, depending on what version of MySQL it is. The most recent version tested is
5.1.58.
• If you already have installed MySQL version 5.1.58 or later, skip to step 4.
• If you have installed a version of MySQL earlier than 5.1.58, you can either skip to step 4 or
uninstall MySQL and proceed to step 2 to install a more recent version.
Warning
It is important that you choose the right database version. Never downgrade a MySQL
installation.
2. On the same computer where you installed the Management Server, re-run install.sh.
# ./install.sh
You should see a few messages as the installer prepares, followed by a list of choices.
3. Choose D to install the MySQL server from the distribution's repo.
> D
Troubleshooting: If you do not see the D option, you already have MySQL installed. Please go
back to step 1.
4. Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf, depending on your OS) and
insert the following lines in the [mysqld] section. You can put these lines below the datadir line.
The max_connections parameter should be set to 350 multiplied by the number of Management
Servers you are deploying. This example assumes one Management Server.
innodb_rollback_on_timeout=1
innodb_lock_wait_timeout=600
max_connections=350
log-bin=mysql-bin
binlog-format = 'ROW'
5. Restart the MySQL service, then invoke MySQL as the root user.
# service mysqld restart
# mysql -u root
6. Best Practice: MySQL does not set a root password by default. It is very strongly recommended
that you set a root password as a security precaution. Run the following commands, and
substitute your own desired root password.
mysql> SET PASSWORD = PASSWORD('password');
From now on, start MySQL with mysql -p so it will prompt you for the password.
7. To grant access privileges to remote users, perform the following steps.
a. Run the following commands from the mysql prompt:
mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;
mysql> exit
b. Restart the MySQL service.
# service mysqld restart
c. Open the MySQL server port (3306) in the firewall to allow remote clients to connect.
# iptables -I INPUT -p tcp --dport 3306 -j ACCEPT
d. Edit the /etc/sysconfig/iptables file and add the following line at the beginning of the INPUT
chain.
-A INPUT -p tcp --dport 3306 -j ACCEPT
8. Set up the database. The following command creates the cloud user on the database.
• In dbpassword, specify the password to be assigned to the cloud user. You can choose to
provide no password.
• In deploy-as, specify the username and password of the user deploying the database. In the
following command, it is assumed the root user is deploying the database and creating the
cloud user.
• (Optional) For encryption_type, use file or web to indicate the technique used to pass in the
database encryption password. Default: file. See About Password and Key Encryption.
• (Optional) For management_server_key, substitute the default key that is used to encrypt
confidential parameters in the CloudPlatform properties file. Default: password. It is highly
recommended that you replace this with a more secure value. See About Password and Key
Encryption.
• (Optional) For database_key, substitute the default key that is used to encrypt confidential
parameters in the CloudPlatform database. Default: password. It is highly recommended that
you replace this with a more secure value. See About Password and Key Encryption.
# cloudstack-setup-databases cloud:<dbpassword>@localhost --deploy-as=root:<password> -e
<encryption_type> -m <management_server_key> -k <database_key>
9. Now that the database is set up, you can finish configuring the OS for the Management Server.
This command will set up iptables, sudoers, and start the Management Server.
# cloudstack-setup-management
7. Deploy a Separate NFS Server (最简单的方法,不要设置防火墙的相关信息,直接关闭防火墙 service iptables stop)
1. On the storage server, create an NFS share for secondary storage and, if you are using NFS for
primary storage as well, create a second NFS share. For example:
# mkdir -p /export/primary
# mkdir -p /export/secondary
2. To configure the new directories as NFS exports, edit /etc/exports. Export the NFS share(s) with
rw,async,no_root_squash. For example:
# vi /etc/exports
Insert the following line.
/export *(rw,async,no_root_squash)
3. Export the /export directory.
# exportfs -a
4. On the management server, create a mount point for secondary storage. For example:
# mkdir -p /mnt/secondary
5. Mount the secondary storage on your Management Server. Replace the example NFS server
name and NFS share paths below with your own.
# mount -t nfs nfsservername:/nfs/share/secondary /mnt/secondary
Edit the /etc/sysconfig/nfs file.
# vi /etc/sysconfig/nfs
Uncomment the following lines:
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
RQUOTAD_PORT=875
STATD_PORT=662
STATD_OUTGOING_PORT=2020
Edit the /etc/sysconfig/iptables file.
# vi /etc/sysconfig/iptables
Add the following lines at the beginning of the INPUT chain:
-A INPUT -m state --state NEW -p udp --dport 111 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 111 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 2049 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 32803 -j ACCEPT
-A INPUT -m state --state NEW -p udp --dport 32769 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 892 -j ACCEPT
-A INPUT -m state --state NEW -p udp --dport 892 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 875 -j ACCEPT
-A INPUT -m state --state NEW -p udp --dport 875 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 662 -j ACCEPT
-A INPUT -m state --state NEW -p udp --dport 662 -j ACCEPT
Run the following commands:
# service iptables restart
# service iptables save
9. Prepare the System VM Template
1. On the Management Server, run one or more of the following cloud-install-sys-tmplt commands
to retrieve and decompress the system VM template. Run the command for each hypervisor type
that you expect end users to run in this Zone.
If your secondary storage mount point is not named /mnt/secondary, substitute your own mount
point name.
If you set the CloudPlatform database encryption type to "web" when you set up the database, you
must now add the parameter -s <management-server-secret-key>. See About Password and Key
Encryption.
This process will require approximately 5 GB of free space on the local file system and up to 30
minutes each time it runs.
• For XenServer:
# /usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt -m /
mnt/secondary -u http://download.cloud.com/templates/4.2/systemvmtemplate-2013-07-12-
master-xen.vhd.bz2 -h xenserver -s <optional-management-server-secret-key> -F
• For vSphere:
# /usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt -m /
mnt/secondary -u http://download.cloud.com/templates/4.2/systemvmtemplate-4.2-vh7.ova -
h vmware -s <optional-management-server-secret-key> -F
• For KVM:
# /usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt -m /
mnt/secondary -u http://download.cloud.com/templates/4.2/systemvmtemplate-2013-06-12-
master-kvm.qcow2.bz2 -h kvm -s <optional-management-server-secret-key> -F
2. If you are using a separate NFS server, perform this step. If you are using the Management
Server as the NFS server, you MUST NOT perform this step.
Chapter 5. Installation
62
When the script has finished, unmount secondary storage and remove the created directory.
# umount /mnt/secondary
# rmdir /mnt/secondary
3. Repeat these steps for each secondary storage server.