概要
CloudStackをVirtualBox上に構築します。
MangementサーバとDBは同じVM上に構築します。
ここではハイパーバイザーは構築せず、とりあえずCloudStack管理画面にログインできるところをゴールにしてます。
公式 を参考にしてます。
CloudStack構築
SELinux無効
[root@vm1 ~]# getenforce
Enforcing
[root@vm1 ~]# setenforce 0
[root@vm1 ~]# getenforce
Permissive
[root@vm1 ~]# sed -i s/^SELINUX=enforcing/SELINUX=permissive/ /etc/selinux/config
[root@vm1 ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
[root@vm1 ~]#
時刻同期
Chrony使います。
[root@vm1 ~]# chronyc -a makestep
200 OK
[root@vm1 ~]# systemctl start chronyd
[root@vm1 ~]# systemctl enable chronyd
MySQL
インストール
- MySQLのリポジトリインストール
[root@vm1 ~]# yum install http://dev.mysql.com/get/mysql57-community-release-el7-8.noarch.rpm
Loaded plugins: fastestmirror
mysql57-community-release-el7-8.noarch.rpm | 8.9 kB 00:00:00
Examining /var/tmp/yum-root-kP_d5Z/mysql57-community-release-el7-8.noarch.rpm: mysql57-community-release-el7-8.noarch
Marking /var/tmp/yum-root-kP_d5Z/mysql57-community-release-el7-8.noarch.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package mysql57-community-release.noarch 0:el7-8 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
============================================================================================================================================================================
Package Arch Version Repository Size
============================================================================================================================================================================
Installing:
mysql57-community-release noarch el7-8 /mysql57-community-release-el7-8.noarch 8.2 k
Transaction Summary
============================================================================================================================================================================
Install 1 Package
Total size: 8.2 k
Installed size: 8.2 k
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : mysql57-community-release-el7-8.noarch 1/1
Verifying : mysql57-community-release-el7-8.noarch 1/1
Installed:
mysql57-community-release.noarch 0:el7-8
Complete!
[root@vm1 ~]#
- MySQLインストール
[root@vm1 ~]# yum install mysql-server
Loaded plugins: fastestmirror
base | 3.6 kB 00:00:00
extras | 3.4 kB 00:00:00
mysql-connectors-community | 2.5 kB 00:00:00
mysql-tools-community | 2.5 kB 00:00:00
mysql57-community | 2.5 kB 00:00:00
updates | 3.4 kB 00:00:00
(1/7): mysql-connectors-community/x86_64/primary_db | 18 kB 00:00:00
(2/7): base/7/x86_64/group_gz | 156 kB 00:00:00
(3/7): mysql-tools-community/x86_64/primary_db | 39 kB 00:00:00
(4/7): mysql57-community/x86_64/primary_db | 134 kB 00:00:00
(5/7): extras/7/x86_64/primary_db | 185 kB 00:00:00
(6/7): base/7/x86_64/primary_db | 5.7 MB 00:00:07
(7/7): updates/7/x86_64/primary_db | 6.9 MB 00:00:08
Determining fastest mirrors
* base: mirror.fairway.ne.jp
* extras: ftp.yz.yamagata-u.ac.jp
* updates: ftp.yz.yamagata-u.ac.jp
Resolving Dependencies
--> Running transaction check
---> Package mysql-community-server.x86_64 0:5.7.21-1.el7 will be installed
--> Processing Dependency: mysql-community-common(x86-64) = 5.7.21-1.el7 for package: mysql-community-server-5.7.21-1.el7.x86_64
--> Processing Dependency: mysql-community-client(x86-64) >= 5.7.9 for package: mysql-community-server-5.7.21-1.el7.x86_64
--> Processing Dependency: perl(strict) for package: mysql-community-server-5.7.21-1.el7.x86_64
--> Processing Dependency: perl(Getopt::Long) for package: mysql-community-server-5.7.21-1.el7.x86_64
--> Processing Dependency: net-tools for package: mysql-community-server-5.7.21-1.el7.x86_64
--> Processing Dependency: /usr/bin/perl for package: mysql-community-server-5.7.21-1.el7.x86_64
--> Running transaction check
ry)
Installed:
mysql-community-libs.x86_64 0:5.7.21-1.el7 mysql-community-libs-compat.x86_64 0:5.7.21-1.el7 mysql-community-server.x86_64 0:5.7.21-1.el7
Dependency Installed:
mysql-community-client.x86_64 0:5.7.21-1.el7 mysql-community-common.x86_64 0:5.7.21-1.el7 net-tools.x86_64 0:2.0-0.22.20131004git.el7 perl.x86_64 4:5.16.3-292.el7
perl-Carp.noarch 0:1.26-244.el7 perl-Encode.x86_64 0:2.51-7.el7 perl-Exporter.noarch 0:5.68-3.el7 perl-File-Path.noarch 0:2.09-2.el7
perl-File-Temp.noarch 0:0.23.01-3.el7 perl-Filter.x86_64 0:1.49-3.el7 perl-Getopt-Long.noarch 0:2.40-2.el7 perl-HTTP-Tiny.noarch 0:0.033-3.el7
perl-PathTools.x86_64 0:3.40-5.el7 perl-Pod-Escapes.noarch 1:1.04-292.el7 perl-Pod-Perldoc.noarch 0:3.20-4.el7 perl-Pod-Simple.noarch 1:3.28-4.el7
perl-Pod-Usage.noarch 0:1.63-3.el7 perl-Scalar-List-Utils.x86_64 0:1.27-248.el7 perl-Socket.x86_64 0:2.010-4.el7 perl-Storable.x86_64 0:2.45-3.el7
perl-Text-ParseWords.noarch 0:3.29-4.el7 perl-Time-HiRes.x86_64 4:1.9725-3.el7 perl-Time-Local.noarch 0:1.2300-2.el7 perl-constant.noarch 0:1.27-2.el7
perl-libs.x86_64 4:5.16.3-292.el7 perl-macros.x86_64 4:5.16.3-292.el7 perl-parent.noarch 1:0.225-244.el7 perl-podlators.noarch 0:2.5.1-3.el7
perl-threads.x86_64 0:1.87-4.el7 perl-threads-shared.x86_64 0:1.43-6.el7
Replaced:
mariadb-libs.x86_64 1:5.5.56-2.el7
Complete!
[root@vm1 ~]#
- MySQL起動
[root@vm1 ~]# systemctl start mysqld
初期設定
- 初期パスワード確認
[root@vm1 ~]# grep 'A temporary password is generated for root@localhost:' /var/log/mysqld.log | tail -1 | awk '{print $NF}'
fYAHnPBjF8<t
[root@vm1 ~]#
- secure_installation実行して初期設定する
[root@vm1 ~]# /bin/mysql_secure_installation
Securing the MySQL server deployment.
Enter password for user root:
The existing password for the user account root has expired. Please set a new password.
New password:
Re-enter new password:
The 'validate_password' plugin is installed on the server.
The subsequent steps will run with the existing configuration
of the plugin.
Using existing password for root.
Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) :
... skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.
All done!
[root@vm1 ~]#
nfs_server
インストール
[root@vm1 ~]# yum install nfs-utils
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.fairway.ne.jp
* extras: ftp.yz.yamagata-u.ac.jp
* updates: ftp.yz.yamagata-u.ac.jp
Resolving Dependencies
--> Running transaction check
---> Package nfs-utils.x86_64 1:1.3.0-0.48.el7_4 will be updated
---> Package nfs-utils.x86_64 1:1.3.0-0.48.el7_4.2 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
============================================================================================================================================================================
Package Arch Version Repository Size
============================================================================================================================================================================
Updating:
nfs-utils x86_64 1:1.3.0-0.48.el7_4.2 updates 399 k
Transaction Summary
============================================================================================================================================================================
Upgrade 1 Package
Total download size: 399 k
Is this ok [y/d/N]: y
Downloading packages:
Not downloading deltainfo for updates, MD is 960 k and rpms are 399 k
nfs-utils-1.3.0-0.48.el7_4.2.x86_64.rpm | 399 kB 00:00:03
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : 1:nfs-utils-1.3.0-0.48.el7_4.2.x86_64 1/2
Cleanup : 1:nfs-utils-1.3.0-0.48.el7_4.x86_64 2/2
Verifying : 1:nfs-utils-1.3.0-0.48.el7_4.2.x86_64 1/2
Verifying : 1:nfs-utils-1.3.0-0.48.el7_4.x86_64 2/2
Updated:
nfs-utils.x86_64 1:1.3.0-0.48.el7_4.2
Complete!
[root@vm1 ~]#
ストレージ用ディレクトリ作成
[root@vm1 ~]# mkdir -p /export/primary
[root@vm1 ~]# mkdir -p /export/secondary
NFS設定
- 公開ディレクトリ設定
[root@vm1 ~]# vi /etc/exports
[root@vm1 ~]# cat /etc/exports
/export *(rw,async,no_root_squash,no_subtree_check)
[root@vm1 ~]# exportfs -a
- NFSの設定
[root@vm1 ~]# vi /etc/sysconfig/nfs
[root@vm1 ~]#
[root@vm1 ~]# cat /etc/sysconfig/nfs
RPCNFSDARGS=""
RPCMOUNTDOPTS=""
STATDARG=""
SMNOTIFYARGS=""
RPCIDMAPDARGS=""
RPCGSSDARGS=""
GSS_USE_PROXY="yes"
BLKMAPDARGS=""
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
RQUOTAD_PORT=875
STATD_PORT=662
STATD_OUTGOING_PORT=2020
[root@vm1 ~]#
NFS起動
[root@vm1 ~]# systemctl start rpcbind
[root@vm1 ~]# systemctl start nfs
[root@vm1 ~]# systemctl enable rpcbind
[root@vm1 ~]# systemctl enable nfs
Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service.
[root@vm1 ~]#
cloudstack
インストール
- リポジトリ設定
[root@vm1 ~]# vi /etc/yum.repos.d/cloudstack.repo
[root@vm1 ~]#
[root@vm1 ~]# cat /etc/yum.repos.d/cloudstack.repo
[cloudstack]
name=cloudstack
baseurl=http://cloudstack.apt-get.eu/centos/$releasever/4.11/
enabled=1
gpgcheck=0
[root@vm1 ~]#
- インストール
[root@vm1 ~]# yum install cloudstack-management
Loaded plugins: fastestmirror
cloudstack | 3.2 kB 00:00:00
cloudstack/7/primary_db | 9.0 kB 00:00:01
Loading mirror speeds from cached hostfile
* base: mirror.fairway.ne.jp
* extras: ftp.yz.yamagata-u.ac.jp
* updates: ftp.yz.yamagata-u.ac.jp
Resolving Dependencies
--> Running transaction check
---> Package cloudstack-management.x86_64 0:4.11.0.0-1.el7.centos will be installed
--> Processing Dependency: cloudstack-common = 4.11.0.0 for package: cloudstack-management-4.11.0.0-1.el7.centos.x86_64
--> Processing Dependency: java >= 1.8.0 for package: cloudstack-management-4.11.0.0-1.el7.centos.x86_64
--> Processing Dependency: ipmitool for package: cloudstack-management-4.11.0.0-1.el7.centos.x86_64
--> Processing Dependency: wget for package: cloudstack-management-4.11.0.0-1.el7.centos.x86_64
--> Processing Dependency: mysql-connector-python for package: cloudstack-management-4.11.0.0-1.el7.centos.x86_64
--> Processing Dependency: mysql-connector-java for package: cloudstack-management-4.11.0.0-1.el7.centos.x86_64
--> Processing Dependency: unzip for package: cloudstack-management-4.11.0.0-1.el7.centos.x86_64
--> Processing Dependency: apache-commons-daemon-jsvc for package: cloudstack-management-4.11.0.0-1.el7.centos.x86_64
--> Processing Dependency: iptables-services for package: cloudstack-management-4.11.0.0-1.el7.centos.x86_64
--> Processing Dependency: mkisofs for package: cloudstack-management-4.11.0.0-1.el7.centos.x86_64
--> Running transaction check
ry)
Installed:
cloudstack-management.x86_64 0:4.11.0.0-1.el7.centos
Dependency Installed:
OpenIPMI-modalias.x86_64 0:2.0.19-15.el7 alsa-lib.x86_64 0:1.1.3-3.el7 apache-commons-daemon-jsvc.x86_64 0:1.0.13-6.el7
apache-commons-lang.noarch 0:2.6-15.el7 apache-commons-logging.noarch 0:1.1.2-7.el7 avalon-framework.noarch 0:4.3-10.el7
avalon-logkit.noarch 0:2.1-14.el7 cal10n.noarch 0:0.7.7-4.el7 cloudstack-common.x86_64 0:4.11.0.0-1.el7.centos
copy-jdk-configs.noarch 0:2.2-5.el7_4 fontconfig.x86_64 0:2.10.95-11.el7 fontpackages-filesystem.noarch 0:1.44-8.el7
genisoimage.x86_64 0:1.1.11-23.el7 geronimo-jms.noarch 0:1.1.1-19.el7 geronimo-jta.noarch 0:1.1.1-17.el7
giflib.x86_64 0:4.1.6-9.el7 ipmitool.x86_64 0:1.8.18-5.el7 iptables-services.x86_64 0:1.4.21-18.3.el7_4
java-1.8.0-openjdk.x86_64 1:1.8.0.161-0.b14.el7_4 java-1.8.0-openjdk-headless.x86_64 1:1.8.0.161-0.b14.el7_4 javamail.noarch 0:1.4.6-8.el7
javapackages-tools.noarch 0:3.4.1-11.el7 javassist.noarch 0:3.16.1-10.el7 libICE.x86_64 0:1.0.9-9.el7
libSM.x86_64 0:1.2.2-2.el7 libX11.x86_64 0:1.6.5-1.el7 libX11-common.noarch 0:1.6.5-1.el7
libXau.x86_64 0:1.0.8-2.1.el7 libXcomposite.x86_64 0:0.4.4-4.1.el7 libXext.x86_64 0:1.3.3-3.el7
libXfont.x86_64 0:1.5.2-1.el7 libXi.x86_64 0:1.7.9-1.el7 libXrender.x86_64 0:0.9.10-1.el7
libXtst.x86_64 0:1.2.3-1.el7 libfontenc.x86_64 0:1.1.3-3.el7 libjpeg-turbo.x86_64 0:1.2.90-5.el7
libpng.x86_64 2:1.5.13-7.el7_2 libusal.x86_64 0:1.1.11-23.el7 libxcb.x86_64 0:1.12-1.el7
libxslt.x86_64 0:1.1.28-5.el7 lksctp-tools.x86_64 0:1.0.17-2.el7 log4j.noarch 0:1.2.17-16.el7_4
mysql-connector-java.noarch 1:5.1.25-3.el7 mysql-connector-python.x86_64 0:2.1.7-1.el7 python-javapackages.noarch 0:3.4.1-11.el7
python-lxml.x86_64 0:3.2.1-4.el7 python-netaddr.noarch 0:0.7.5-7.el7 slf4j.noarch 0:1.7.4-4.el7_4
stix-fonts.noarch 0:1.1.0-5.el7 tomcat-servlet-3.0-api.noarch 0:7.0.76-3.el7_4 ttmkfdir.x86_64 0:3.0.9-42.el7
tzdata-java.noarch 0:2018d-1.el7 unzip.x86_64 0:6.0-16.el7 wget.x86_64 0:1.14-15.el7_4.1
xalan-j2.noarch 0:2.7.1-23.el7 xerces-j2.noarch 0:2.11.0-17.el7_0 xml-commons-apis.noarch 0:1.4.01-16.el7
xml-commons-resolver.noarch 0:1.2-15.el7 xorg-x11-font-utils.x86_64 1:7.5-20.el7 xorg-x11-fonts-Type1.noarch 0:7.5-9.el7
Dependency Updated:
iptables.x86_64 0:1.4.21-18.3.el7_4
Complete!
[root@vm1 ~]#
設定
- CloudStack用のDataBase設定
[root@vm1 ~]# cloudstack-setup-databases cloud:P@ssw0rd@localhost --deploy-as=root:P@ssw0rd -i 192.168.22.11
Mysql user name:cloud [ OK ]
Mysql user password:****** [ OK ]
Mysql server ip:localhost [ OK ]
Mysql server port:3306 [ OK ]
Mysql root user name:root [ OK ]
Mysql root user password:****** [ OK ]
Using specified cluster management server node IP 192.168.22.11 [ OK ]
Checking Cloud database files ... [ OK ]
Checking local machine hostname ... [ OK ]
Checking SELinux setup ... [ OK ]
Preparing /etc/cloudstack/management/db.properties [ OK ]
Applying /usr/share/cloudstack-management/setup/create-database.sql [ OK ]
Applying /usr/share/cloudstack-management/setup/create-schema.sql [ OK ]
Applying /usr/share/cloudstack-management/setup/create-database-premium.sql [ OK ]
Applying /usr/share/cloudstack-management/setup/create-schema-premium.sql [ OK ]
Applying /usr/share/cloudstack-management/setup/server-setup.sql [ OK ]
Applying /usr/share/cloudstack-management/setup/templates.sql [ OK ]
Processing encryption ... [ OK ]
Finalizing setup ... [ OK ]
CloudStack has successfully initialized database, you can check your database configuration in /etc/cloudstack/management/db.properties
[root@vm1 ~]#
- server.xmlの設定(リンクはる)
[root@vm1 ~]# ln -s /etc/cloudstack/management/server7-nonssl.xml /etc/cloudstack/management/server.xml
- Mangementサーバ設定
[root@vm1 ~]# cloudstack-setup-management --tomcat7
The --tomcat7 option is deprecated, CloudStack now uses embedded Jetty server.
Starting to configure CloudStack Management Server:
Configure Firewall ... [OK]
Configure CloudStack Management Server ...[OK]
CloudStack Management Server setup is Done!
[root@vm1 ~]#
- SystemVM用のテンプレートダウンロード(XenServer用)
[root@vm1 ~]# /usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt -m /export/secondary -u http://cloudstack.apt-get.eu/systemvm/4.11/systemvmtemplate-4.11.0-xen.vhd.bz2 -h xenserver -F
mysql: [Warning] Using a password on the command line interface can be insecure.
mysql: [Warning] Using a password on the command line interface can be insecure.
--2018-04-12 22:34:52-- http://cloudstack.apt-get.eu/systemvm/4.11/systemvmtemplate-4.11.0-xen.vhd.bz2
Resolving cloudstack.apt-get.eu (cloudstack.apt-get.eu)... 185.27.174.49, 2a00:f10:121:400:403:9cff:fe00:37f
Connecting to cloudstack.apt-get.eu (cloudstack.apt-get.eu)|185.27.174.49|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 255854279 (244M) [application/x-bzip2]
Saving to: ‘/usr/share/cloudstack-common/scripts/storage/secondary/dbe65071-5842-472a-bd92-940e01a39545.vhd’
100%[==================================================================================================================================>] 255,854,279 790KB/s in 5m 56s
2018-04-12 22:40:49 (701 KB/s) - ‘/usr/share/cloudstack-common/scripts/storage/secondary/dbe65071-5842-472a-bd92-940e01a39545.vhd’ saved [255854279/255854279]
Uncompressing to /usr/share/cloudstack-common/scripts/storage/secondary/dbe65071-5842-472a-bd92-940e01a39545.vhd.tmp (type bz2)...could take a long time
Moving to /export/secondary/template/tmpl/1/1///dbe65071-5842-472a-bd92-940e01a39545.vhd...could take a while
Successfully installed system VM template to /export/secondary/template/tmpl/1/1/
[root@vm1 ~]#
Mangementサーバ起動
# systemctl start cloudstack-management
管理画面に接続
http://127.0.0.1:8080/client/
admin/password
