Updated Branches: refs/heads/master 1ec3fed0e -> b6a610e2d
docs: Work on Management Server and Hypervisor Host installation The Hypervisor installation describes what cloud-setup-agent is actually doing, but this way administrators know what the tool is doing. We could remove all these things from cloud-setup-agent and require system administrators to perform these steps them selfs, this way we don't break anything on their systems. It would make setting up Hypervisors a bit harder, but would be much better on the longer run. Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/b6a610e2 Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/b6a610e2 Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/b6a610e2 Branch: refs/heads/master Commit: b6a610e2db5798ae69cfd2cc8a9d7f85617f3926 Parents: 1ec3fed Author: Wido den Hollander <[email protected]> Authored: Tue Aug 14 17:30:38 2012 +0200 Committer: Wido den Hollander <[email protected]> Committed: Thu Aug 16 17:27:54 2012 +0200 ---------------------------------------------------------------------- docs/en-US/hypervisor-host-install-flow.xml | 31 +++++++ docs/en-US/hypervisor-host-install-libvirt.xml | 59 ++++++++++++ docs/en-US/hypervisor-host-install-overview.xml | 36 ++++++++ docs/en-US/hypervisor-host-install-prepare-os.xml | 53 +++++++++++ .../hypervisor-host-install-security-policies.xml | 69 +++++++++++++++ docs/en-US/installation.xml | 3 +- docs/en-US/minimum-system-requirements.xml | 6 +- 7 files changed, 253 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/b6a610e2/docs/en-US/hypervisor-host-install-flow.xml ---------------------------------------------------------------------- diff --git a/docs/en-US/hypervisor-host-install-flow.xml b/docs/en-US/hypervisor-host-install-flow.xml new file mode 100644 index 0000000..5badfde --- /dev/null +++ b/docs/en-US/hypervisor-host-install-flow.xml @@ -0,0 +1,31 @@ +<?xml version='1.0' encoding='utf-8' ?> +<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"; [ +<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent"> +%BOOK_ENTITIES; +]> + +<!-- Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> + +<section id="hypervisor-host-install-flow"> + <title>Hypervisor Host installation</title> + <xi:include href="hypervisor-host-install-overview.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> + <xi:include href="hypervisor-host-install-prepare-os.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> + <xi:include href="hypervisor-host-install-libvirt.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> + <xi:include href="hypervisor-host-install-security-policies.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> +</section> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/b6a610e2/docs/en-US/hypervisor-host-install-libvirt.xml ---------------------------------------------------------------------- diff --git a/docs/en-US/hypervisor-host-install-libvirt.xml b/docs/en-US/hypervisor-host-install-libvirt.xml new file mode 100644 index 0000000..239c4d7 --- /dev/null +++ b/docs/en-US/hypervisor-host-install-libvirt.xml @@ -0,0 +1,59 @@ +<?xml version='1.0' encoding='utf-8' ?> +<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"; [ +<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent"> +%BOOK_ENTITIES; +]> + +<!-- Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> + +<section id="hypervisor-host-install-libvirt"> + <title>Install and Configure libvirt</title> + <para>&PRODUCT; uses libvirt for managing virtual machines. Therefor it is vital that libvirt is configured correctly.</para> + <orderedlist> + <listitem> + <para>Install libvirt</para> + <para>On RHEL or CentOS:</para> + <programlisting># yum install libvirt</programlisting> + <para>On Ubuntu:</para> + <programlisting># apt-get install libvirt-bin</programlisting> + </listitem> + <listitem> + <para>In order to have live migration working libvirt has to listen for unsecured TCP connections.</para> + <programlisting># vi /etc/libvirt/libvirtd.conf</programlisting> + <para>Set the following paramaters:</para> + <programlisting>listen_tls = 0</programlisting> + <programlisting>listen_tcp = 1</programlisting> + <programlisting>tcp_port = 16059</programlisting> + <programlisting>auth_tcp none</programlisting> + </listitem> + <listitem> + <para>In order to have libvirt listening on TCP we have to change the execution arguments.</para> + <para>On RHEL or CentOS:</para> + <programlisting># vi /etc/sysconfig/libvirtd</programlisting> + <para>Uncomment the following line:</para> + <programlisting>#LIBVIRTD_ARGS="--listen"</programlisting> + <para>On Ubuntu:</para> + <programlisting># vi /etc/init/libvirt-bin.conf</programlisting> + <para>Change the following line:</para> + <programlisting>exec /usr/sbin/libvirtd -d</programlisting> + <para>to (just add -l)</para> + <programlisting>exec /usr/sbin/libvirtd -d -l</programlisting> + </listitem> + </orderedlist> +</section> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/b6a610e2/docs/en-US/hypervisor-host-install-overview.xml ---------------------------------------------------------------------- diff --git a/docs/en-US/hypervisor-host-install-overview.xml b/docs/en-US/hypervisor-host-install-overview.xml new file mode 100644 index 0000000..54ca55f --- /dev/null +++ b/docs/en-US/hypervisor-host-install-overview.xml @@ -0,0 +1,36 @@ +<?xml version='1.0' encoding='utf-8' ?> +<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"; [ +<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent"> +%BOOK_ENTITIES; +]> + +<!-- Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> + +<section id="hypervisor-host-install-overview"> + <title>Hypervisor Host Installation Overview</title> + <para>This section describes installing a Hypervisor host. This is targeted towards hosts running Linux Kernel Virtual Machine (KVM)</para> + <warning><para>Before continuing, make sure that you have applied the latest updates to your host.</para></warning> + <para>The procedure for installing the Hypervisor Host is:</para> + <orderedlist> + <listitem><para>Prepare the Operating System</para></listitem> + <listitem><para>Install and configure libvirt</para></listitem> + <listitem><para>Configure Security Policies (AppArmor and SELinux)</para></listitem> + <listitem><para>Install and configure the Agent</para></listitem> + </orderedlist> +</section> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/b6a610e2/docs/en-US/hypervisor-host-install-prepare-os.xml ---------------------------------------------------------------------- diff --git a/docs/en-US/hypervisor-host-install-prepare-os.xml b/docs/en-US/hypervisor-host-install-prepare-os.xml new file mode 100644 index 0000000..2884cd1 --- /dev/null +++ b/docs/en-US/hypervisor-host-install-prepare-os.xml @@ -0,0 +1,53 @@ +<?xml version='1.0' encoding='utf-8' ?> +<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"; [ +<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent"> +%BOOK_ENTITIES; +]> + +<!-- Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> + +<section id="hypervisor-host-install-prepare-os"> + <title>Prepare the Operating System</title> + <para>The OS of the Host must be prepared to host the &PRODUCT; Agent and run KVM instances.</para> + <orderedlist> + <listitem><para>Log in to your OS as root.</para></listitem> + <listitem> + <para>Check for a fully qualified hostname.</para> + <programlisting># hostname --fqdn</programlisting> + <para>This should return a fully qualified hostname such as "kvm1.lab.example.org". If it does not, edit /etc/hosts so that it does.</para> + </listitem> + <listitem> + <para>Make sure that the machine can reach the Internet.</para> + <programlisting># ping www.cloudstack.org</programlisting> + </listitem> + <listitem> + <para>Turn on NTP for time synchronization.</para> + <note><para>NTP is required to synchronize the clocks of the servers in your cloud.</para></note> + <orderedlist numeration="loweralpha"> + <listitem><para>Install NTP</para> + <para condition="community">On RHEL or CentOS:</para> + <programlisting># yum install ntp</programlisting> + <para condition="community">On Ubuntu:</para> + <programlisting condition="community"># apt-get install openntpd</programlisting> + </listitem> + </orderedlist> + </listitem> + <listitem><para>Repeat all of these steps on every hypervisor host.</para></listitem> + </orderedlist> +</section> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/b6a610e2/docs/en-US/hypervisor-host-install-security-policies.xml ---------------------------------------------------------------------- diff --git a/docs/en-US/hypervisor-host-install-security-policies.xml b/docs/en-US/hypervisor-host-install-security-policies.xml new file mode 100644 index 0000000..4ba748e --- /dev/null +++ b/docs/en-US/hypervisor-host-install-security-policies.xml @@ -0,0 +1,69 @@ +<?xml version='1.0' encoding='utf-8' ?> +<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"; [ +<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent"> +%BOOK_ENTITIES; +]> + +<!-- Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> + +<section id="hypervisor-host-install-security-policies"> + <title>Configure the Security Policies</title> + <orderedlist> + <listitem> + <para>Configure SELinux (RHEL and CentOS)</para> + <orderedlist numeration="loweralpha"> + <listitem> + <para>Check to see whether SELinux is installed on your machine. If not, you can skip this section.</para> + <para>In RHEL or CentOS, SELinux is installed and enabled by default. You can verify this with:</para> + <programlisting># rpm -qa | grep selinux</programlisting> + </listitem> + <listitem> + <para>Set the SELINUX variable in /etc/selinux/config to "permissive". This ensures that the permissive setting will be maintained after a system reboot.</para> + <para>In RHEL or CentOS:</para> + <programlisting># vi /etc/selinux/config</programlisting> + <para>Change the following line</para> + <programlisting>SELINUX=enforcing</programlisting> + <para>to this</para> + <programlisting>SELINUX=permissive</programlisting> + </listitem> + <listitem> + <para>Then set SELinux to permissive starting immediately, without requiring a system reboot.</para> + <programlisting># setenforce permissive</programlisting> + </listitem> + </orderedlist> + </listitem> + <listitem> + <para>Configure Apparmor (Ubuntu)</para> + <orderedlist numeration="loweralpha"> + <listitem> + <para>Check to see whether AppArmor is installed on your machine. If not, you can skip this section.</para> + <para>In Ubuntu AppArmor is installed and enabled by default. You can verify this with:</para> + <programlisting># dpkg --list 'apparmor'</programlisting> + </listitem> + <listitem> + <para>Disable the AppArmor profiles for libvirt</para> + <programlisting>ln -s /etc/apparmor.d/usr.sbin.libvirtd /etc/apparmor.d/disable/</programlisting> + <programlisting>ln -s /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper /etc/apparmor.d/disable/</programlisting> + <programlisting>apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd</programlisting> + <programlisting>apparmor_parser -R /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper</programlisting> + </listitem> + </orderedlist> + </listitem> + </orderedlist> +</section> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/b6a610e2/docs/en-US/installation.xml ---------------------------------------------------------------------- diff --git a/docs/en-US/installation.xml b/docs/en-US/installation.xml index 883a094..948931e 100644 --- a/docs/en-US/installation.xml +++ b/docs/en-US/installation.xml @@ -27,5 +27,6 @@ <xi:include href="who-should-read-installation.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/> <xi:include href="installation-steps-overview.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/> <xi:include href="minimum-system-requirements.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/> - <xi:include href="management-server-install-flow.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/> + <xi:include href="management-server-install-flow.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/> + <xi:include href="hypervisor-host-install-flow.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/> </chapter> http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/b6a610e2/docs/en-US/minimum-system-requirements.xml ---------------------------------------------------------------------- diff --git a/docs/en-US/minimum-system-requirements.xml b/docs/en-US/minimum-system-requirements.xml index da60c2c..0043a26 100644 --- a/docs/en-US/minimum-system-requirements.xml +++ b/docs/en-US/minimum-system-requirements.xml @@ -36,7 +36,7 @@ </listitem> <listitem><para>64-bit x86 CPU (more cores results in better performance)</para></listitem> <listitem><para>4 GB of memory</para></listitem> - <listitem><para>250 GB of local disk (more results in better capability; 500 GB recommended)</para></listitem> + <listitem><para>50 GB of local disk (When running secondary storage on the management server 500GB is recommended)</para></listitem> <listitem><para>At least 1 NIC</para></listitem> <listitem><para>Statically allocated IP address</para></listitem> <listitem><para>Fully qualified domain name as returned by the hostname command</para></listitem> @@ -78,8 +78,8 @@ </itemizedlist> <para>The main requirement for KVM hypervisors is the libvirt and Qemu version. If you whish to run on a different distribution, make sure you meet the following requirements:</para> <itemizedlist> - <listitem><para>libvirt: 0.9.4 and higher</para></listitem> - <listitem><para>Qemu/KVM: 1.0 and higher</para></listitem> + <listitem><para>libvirt: 0.9.4 or higher</para></listitem> + <listitem><para>Qemu/KVM: 1.0 or higher</para></listitem> </itemizedlist> </section> <section id="hypervisor-requirements-ovm">
