Chapter 3. Installing the Red Hat Virtualization Manager
3.1. Installing the Red Hat Virtualization Manager Machine and the Remote Server
The Red Hat Virtualization Manager must run on Red Hat Enterprise Linux 8. For detailed installation instructions, see Performing a standard RHEL installation.
This machine must meet the minimum Manager hardware requirements.
- Install a second Red Hat Enterprise Linux machine to use for the databases. This machine will be referred to as the remote server.
To install the Red Hat Virtualization Manager on a system that does not have access to the Content Delivery Network, see Configuring an Offline Repository for Installation before configuring the Manager.
3.2. Enabling the Red Hat Virtualization Manager Repositories
You need to log in and register the Manager machine with Red Hat Subscription Manager, attach the Red Hat Virtualization Manager
subscription, and enable the Manager repositories.
Procedure
Register your system with the Content Delivery Network, entering your Customer Portal user name and password when prompted:
# subscription-manager register
NoteIf you are using an IPv6 network, use an IPv6 transition mechanism to access the Content Delivery Network and subscription manager.
Find the
Red Hat Virtualization Manager
subscription pool and record the pool ID:# subscription-manager list --available
Use the pool ID to attach the subscription to the system:
# subscription-manager attach --pool=pool_id
NoteTo view currently attached subscriptions:
# subscription-manager list --consumed
To list all enabled repositories:
# dnf repolist
Configure the repositories:
# subscription-manager repos \ --disable='*' \ --enable=rhel-8-for-x86_64-baseos-eus-rpms \ --enable=rhel-8-for-x86_64-appstream-eus-rpms \ --enable=rhv-4.4-manager-for-rhel-8-x86_64-rpms \ --enable=fast-datapath-for-rhel-8-x86_64-rpms \ --enable=jb-eap-7.4-for-rhel-8-x86_64-rpms \ --enable=openstack-16.2-cinderlib-for-rhel-8-x86_64-rpms \ --enable=rhceph-4-tools-for-rhel-8-x86_64-rpms \ --enable=rhel-8-for-x86_64-appstream-tus-rpms \ --enable=rhel-8-for-x86_64-baseos-tus-rpms
Set the RHEL version to 8.6:
# subscription-manager release --set=8.6
Enable the
pki-deps
module.# dnf module -y enable pki-deps
Enable version 12 of the
postgresql
module.# dnf module -y enable postgresql:12
Enable version 14 of the
nodejs
module:# dnf module -y enable nodejs:14
Synchronize installed packages to update them to the latest available versions.
# dnf distro-sync --nobest
Additional resources
For information on modules and module streams, see the following sections in Installing, managing, and removing user-space components
Before configuring the Red Hat Virtualization Manager, you must manually configure the Manager database on the remote server. You can also use this procedure to manually configure the Data Warehouse database if you do not want the Data Warehouse setup script to configure it automatically.
3.3. Preparing a Remote PostgreSQL Database
In a remote database environment, you must create the Manager database manually before running engine-setup
.
The engine-setup
and engine-backup --mode=restore
commands only support system error messages in the en_US.UTF8
locale, even if the system locale is different.
The locale settings in the postgresql.conf
file must be set to en_US.UTF8
.
The database name must contain only numbers, underscores, and lowercase letters.
Enabling the Red Hat Virtualization Manager Repositories
You need to log in and register the database machine with Red Hat Subscription Manager, attach the Red Hat Virtualization Manager
subscription, and enable the Manager repositories.
Procedure
Register your system with the Content Delivery Network, entering your Customer Portal user name and password when prompted:
# subscription-manager register
NoteIf you are using an IPv6 network, use an IPv6 transition mechanism to access the Content Delivery Network and subscription manager.
Find the
Red Hat Virtualization Manager
subscription pool and record the pool ID:# subscription-manager list --available
Use the pool ID to attach the subscription to the system:
# subscription-manager attach --pool=pool_id
NoteTo view currently attached subscriptions:
# subscription-manager list --consumed
To list all enabled repositories:
# dnf repolist
Configure the repositories:
# subscription-manager repos \ --disable='*' \ --enable=rhel-8-for-x86_64-baseos-eus-rpms \ --enable=rhel-8-for-x86_64-appstream-eus-rpms \ --enable=rhv-4.4-manager-for-rhel-8-x86_64-rpms \ --enable=fast-datapath-for-rhel-8-x86_64-rpms \ --enable=jb-eap-7.4-for-rhel-8-x86_64-rpms \ --enable=openstack-16.2-cinderlib-for-rhel-8-x86_64-rpms \ --enable=rhceph-4-tools-for-rhel-8-x86_64-rpms \ --enable=rhel-8-for-x86_64-appstream-tus-rpms \ --enable=rhel-8-for-x86_64-baseos-tus-rpms
Set the RHEL version to 8.6:
# subscription-manager release --set=8.6
Enable version 12 of the
postgresql
module.# dnf module -y enable postgresql:12
Enable version 14 of the
nodejs
module:# dnf module -y enable nodejs:14
Synchronize installed packages to update them to the latest available versions.
# dnf distro-sync --nobest
Additional resources
For information on modules and module streams, see the following sections in Installing, managing, and removing user-space components
Initializing the PostgreSQL Database
Install the PostgreSQL server package:
# dnf install postgresql-server postgresql-contrib
Initialize the PostgreSQL database instance:
# postgresql-setup --initdb
Enable the
postgresql
service and configure it to start when the machine boots:# systemctl enable postgresql # systemctl start postgresql
Connect to the
psql
command line interface as thepostgres
user:# su - postgres -c psql
Create a default user. The Manager’s default user is
engine
:postgres=# create role user_name with login encrypted password 'password';
Create a database. The Manager’s default database name is
engine
:postgres=# create database database_name owner user_name template template0 encoding 'UTF8' lc_collate 'en_US.UTF-8' lc_ctype 'en_US.UTF-8';
Connect to the new database:
postgres=# \c database_name
Add the
uuid-ossp
extension:database_name=# CREATE EXTENSION "uuid-ossp";
Add the
plpgsql
language if it does not exist:database_name=# CREATE LANGUAGE plpgsql;
Quit the
psql
interface:database_name=# \q
Edit the
/var/lib/pgsql/data/pg_hba.conf
file to enable md5 client authentication, so that the engine can access the database remotely. Add the following line immediately below the line that starts withlocal
at the bottom of the file. ReplaceX.X.X.X
with the IP address of the Manager or Data Warehouse machine, and replace0-32
or0-128
with the CIDR mask length:host database_name user_name X.X.X.X/0-32 md5 host database_name user_name X.X.X.X::/0-128 md5
For example:
# IPv4, 32-bit address: host engine engine 192.168.12.10/32 md5 # IPv6, 128-bit address: host engine engine fe80::7a31:c1ff:0000:0000/96 md5
Allow TCP/IP connections to the database. Edit the
/var/lib/pgsql/data/postgresql.conf
file and add the following line:listen_addresses='*'
This example configures the
postgresql
service to listen for connections on all interfaces. You can specify an interface by giving its IP address.Update the PostgreSQL server’s configuration. In the
/var/lib/pgsql/data/postgresql.conf
file, add the following lines to the bottom of the file:autovacuum_vacuum_scale_factor=0.01 autovacuum_analyze_scale_factor=0.075 autovacuum_max_workers=6 maintenance_work_mem=65536 max_connections=150 work_mem=8192
Open the default port used for PostgreSQL database connections, and save the updated firewall rules:
# firewall-cmd --zone=public --add-service=postgresql # firewall-cmd --permanent --zone=public --add-service=postgresql
Restart the
postgresql
service:# systemctl restart postgresql
- Optionally, set up SSL to secure database connections.
3.4. Installing and Configuring the Red Hat Virtualization Manager
Install the package and dependencies for the Red Hat Virtualization Manager, and configure it using the engine-setup
command. The script asks you a series of questions and, after you provide the required values for all questions, applies that configuration and starts the ovirt-engine
service.
The engine-setup
command guides you through several distinct configuration stages, each comprising several steps that require user input. Suggested configuration defaults are provided in square brackets; if the suggested value is acceptable for a given step, press Enter
to accept that value.
You can run engine-setup --accept-defaults
to automatically accept all questions that have default answers. This option should be used with caution and only if you are familiar with engine-setup
.
Procedure
Ensure all packages are up to date:
# dnf upgrade --nobest
NoteReboot the machine if any kernel-related packages were updated.
Install the
rhvm
package and dependencies.# dnf install rhvm
Run the
engine-setup
command to begin configuring the Red Hat Virtualization Manager:# engine-setup
Optional: Type Yes and press
Enter
to set up Cinderlib integration on this machine:Set up Cinderlib integration (Currently in tech preview) (Yes, No) [No]:
ImportantCinderlib is a Technology Preview feature only. Technology Preview features are not supported with Red Hat production service level agreements (SLAs), might not be functionally complete, and Red Hat does not recommend to use them for production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process. For more information on Red Hat Technology Preview features support scope, see Red Hat Technology Preview Features Support Scope.
Press
Enter
to configure the Manager on this machine:Configure Engine on this host (Yes, No) [Yes]:
Optional: Install Open Virtual Network (OVN). Selecting
Yes
installs an OVN server on the Manager machine and adds it to Red Hat Virtualization as an external network provider. This action also configures the Default cluster to use OVN as its default network provider.ImportantAlso see the "Next steps" in Adding Open Virtual Network (OVN) as an External Network Provider in the Administration Guide.
Configuring ovirt-provider-ovn also sets the Default cluster’s default network provider to ovirt-provider-ovn. Non-Default clusters may be configured with an OVN after installation. Configure ovirt-provider-ovn (Yes, No) [Yes]:
For more information on using OVN networks in Red Hat Virtualization, see Adding Open Virtual Network (OVN) as an External Network Provider in the Administration Guide.
Optional: Allow
engine-setup
to configure a WebSocket Proxy server for allowing users to connect to virtual machines through thenoVNC
console:Configure WebSocket Proxy on this machine? (Yes, No) [Yes]:
ImportantThe WebSocket Proxy and noVNC are Technology Preview features only. Technology Preview features are not supported with Red Hat production service-level agreements (SLAs) and might not be functionally complete, and Red Hat does not recommend using them for production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process. For more information see Red Hat Technology Preview Features Support Scope.
To configure Data Warehouse on a remote server, answer
No
and see Installing and Configuring Data Warehouse on a Separate Machine after completing the Manager configuration.Please note: Data Warehouse is required for the engine. If you choose to not configure it on this host, you have to configure it on a remote host, and then configure the engine on this host so that it can access the database of the remote Data Warehouse host. Configure Data Warehouse on this host (Yes, No) [Yes]:
ImportantRed Hat only supports installing the Data Warehouse database, the Data Warehouse service, and Grafana all on the same machine as each other.
To configure Grafana on the same machine as the Data Warehouse service, enter
No
:Configure Grafana on this host (Yes, No) [Yes]:
Optional: Allow access to a virtual machine’s serial console from the command line.
Configure VM Console Proxy on this host (Yes, No) [Yes]:
Additional configuration is required on the client machine to use this feature. See Opening a Serial Console to a Virtual Machine in the Virtual Machine Management Guide.
Press
Enter
to accept the automatically detected host name, or enter an alternative host name and pressEnter
. Note that the automatically detected host name may be incorrect if you are using virtual hosts.Host fully qualified DNS name of this server [autodetected host name]:
The
engine-setup
command checks your firewall configuration and offers to open the ports used by the Manager for external communication, such as ports 80 and 443. If you do not allowengine-setup
to modify your firewall configuration, you must manually open the ports used by the Manager.firewalld
is configured as the firewall manager.Setup can automatically configure the firewall on this system. Note: automatic configuration of the firewall may overwrite current settings. Do you want Setup to configure the firewall? (Yes, No) [Yes]:
If you choose to automatically configure the firewall, and no firewall managers are active, you are prompted to select your chosen firewall manager from a list of supported options. Type the name of the firewall manager and press
Enter
. This applies even in cases where only one option is listed.Specify whether to configure the Manager database on this machine, or on another machine:
Where is the Engine database located? (Local, Remote) [Local]:
NoteDeployment with a remote engine database is now deprecated. This functionality will be removed in a future release.
If you select
Remote
, input the following values for the preconfigured remote database server. Replacelocalhost
with the ip address or FQDN of the remote database server:Engine database host [localhost]: Engine database port [5432]: Engine database secured connection (Yes, No) [No]: Engine database name [engine]: Engine database user [engine]: Engine database password:
Set a password for the automatically created administrative user of the Red Hat Virtualization Manager:
Engine admin password: Confirm engine admin password:
Select Gluster, Virt, or Both:
Application mode (Both, Virt, Gluster) [Both]:
- Both - offers the greatest flexibility. In most cases, select Both.
- Virt - allows you to run virtual machines in the environment.
Gluster - only allows you to manage GlusterFS from the Administration Portal.
NoteGlusterFS Storage is deprecated, and will no longer be supported in future releases.
If you installed the OVN provider, you can choose to use the default credentials, or specify an alternative.
Use default credentials (admin@internal) for ovirt-provider-ovn (Yes, No) [Yes]: oVirt OVN provider user[admin@internal]: oVirt OVN provider password:
Set the default value for the
wipe_after_delete
flag, which wipes the blocks of a virtual disk when the disk is deleted.Default SAN wipe after delete (Yes, No) [No]:
The Manager uses certificates to communicate securely with its hosts. This certificate can also optionally be used to secure HTTPS communications with the Manager. Provide the organization name for the certificate:
Organization name for certificate [autodetected domain-based name]:
Optionally allow
engine-setup
to make the landing page of the Manager the default page presented by the Apache web server:Setup can configure the default page of the web server to present the application home page. This may conflict with existing applications. Do you wish to set the application as the default web page of the server? (Yes, No) [Yes]:
By default, external SSL (HTTPS) communication with the Manager is secured with the self-signed certificate created earlier in the configuration to securely communicate with hosts. Alternatively, choose another certificate for external HTTPS connections; this does not affect how the Manager communicates with hosts:
Setup can configure apache to use SSL using a certificate issued from the internal CA. Do you wish Setup to configure that, or prefer to perform that manually? (Automatic, Manual) [Automatic]:
You can specify a unique password for the Grafana admin user, or use same one as the Manager admin password:
Use Engine admin password as initial Grafana admin password (Yes, No) [Yes]:
Review the installation settings, and press
Enter
to accept the values and proceed with the installation:Please confirm installation settings (OK, Cancel) [OK]:
When your environment has been configured, engine-setup
displays details about how to access your environment.
Next steps
If you chose to manually configure the firewall, engine-setup
provides a custom list of ports that need to be opened, based on the options selected during setup. engine-setup
also saves your answers to a file that can be used to reconfigure the Manager using the same values, and outputs the location of the log file for the Red Hat Virtualization Manager configuration process.
- If you intend to link your Red Hat Virtualization environment with a directory server, configure the date and time to synchronize with the system clock used by the directory server to avoid unexpected account expiry issues. See Synchronizing the System Clock with a Remote Server in the Red Hat Enterprise Linux System Administrator’s Guide for more information.
-
Install the certificate authority according to the instructions provided by your browser. You can get the certificate authority’s certificate by navigating to
http://<manager-fqdn>/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA
, replacing <manager-fqdn> with the FQDN that you provided during the installation.
Install the Data Warehouse service and database on the remote server:
3.5. Installing and Configuring Data Warehouse on a Separate Machine
This section describes installing and configuring the Data Warehouse service on a separate machine from the Red Hat Virtualization Manager. Installing Data Warehouse on a separate machine helps to reduce the load on the Manager machine.
Red Hat only supports installing the Data Warehouse database, the Data Warehouse service and Grafana all on the same machine as each other, even though you can install each of these components on separate machines from each other.
Prerequisites
- The Red Hat Virtualization Manager is installed on a separate machine.
- A physical server or virtual machine running Red Hat Enterprise Linux 8.
- The Manager database password.
Enabling the Red Hat Virtualization Manager Repositories
You need to log in and register the Data Warehouse machine with Red Hat Subscription Manager, attach the Red Hat Virtualization Manager
subscription, and enable the Manager repositories.
Procedure
Register your system with the Content Delivery Network, entering your Customer Portal user name and password when prompted:
# subscription-manager register
NoteIf you are using an IPv6 network, use an IPv6 transition mechanism to access the Content Delivery Network and subscription manager.
Find the
Red Hat Virtualization Manager
subscription pool and record the pool ID:# subscription-manager list --available
Use the pool ID to attach the subscription to the system:
# subscription-manager attach --pool=pool_id
NoteTo view currently attached subscriptions:
# subscription-manager list --consumed
To list all enabled repositories:
# dnf repolist
Configure the repositories:
# subscription-manager repos \ --disable='*' \ --enable=rhel-8-for-x86_64-baseos-eus-rpms \ --enable=rhel-8-for-x86_64-appstream-eus-rpms \ --enable=rhv-4.4-manager-for-rhel-8-x86_64-rpms \ --enable=fast-datapath-for-rhel-8-x86_64-rpms \ --enable=jb-eap-7.4-for-rhel-8-x86_64-rpms \ --enable=openstack-16.2-cinderlib-for-rhel-8-x86_64-rpms \ --enable=rhceph-4-tools-for-rhel-8-x86_64-rpms \ --enable=rhel-8-for-x86_64-appstream-tus-rpms \ --enable=rhel-8-for-x86_64-baseos-tus-rpms
Set the RHEL version to 8.6:
# subscription-manager release --set=8.6
Enable the
pki-deps
module.# dnf module -y enable pki-deps
Enable version 12 of the
postgresql
module.# dnf module -y enable postgresql:12
Enable version 14 of the
nodejs
module:# dnf module -y enable nodejs:14
Synchronize installed packages to update them to the latest available versions.
# dnf distro-sync --nobest
Additional resources
For information on modules and module streams, see the following sections in Installing, managing, and removing user-space components
Installing Data Warehouse on a Separate Machine
Procedure
- Log in to the machine where you want to install the database.
Ensure that all packages are up to date:
# dnf upgrade --nobest
Install the
ovirt-engine-dwh-setup
package:# dnf install ovirt-engine-dwh-setup
Run the
engine-setup
command to begin the installation:# engine-setup
Answer
Yes
to install Data Warehouse on this machine:Configure Data Warehouse on this host (Yes, No) [Yes]:
Answer
Yes
to install Grafana on this machine:Configure Grafana on this host (Yes, No) [Yes]:
Press
Enter
to accept the automatically-detected host name, or enter an alternative host name and pressEnter
:Host fully qualified DNS name of this server [autodetected hostname]:
Press
Enter
to automatically configure the firewall, or typeNo
and pressEnter
to maintain existing settings:Setup can automatically configure the firewall on this system. Note: automatic configuration of the firewall may overwrite current settings. Do you want Setup to configure the firewall? (Yes, No) [Yes]:
If you choose to automatically configure the firewall, and no firewall managers are active, you are prompted to select your chosen firewall manager from a list of supported options. Type the name of the firewall manager and press
Enter
. This applies even in cases where only one option is listed.Enter the fully qualified domain name of the Manager machine, and then press
Enter
:Host fully qualified DNS name of the engine server []:
Press
Enter
to allow setup to sign the certificate on the Manager via SSH:Setup will need to do some actions on the remote engine server. Either automatically, using ssh as root to access it, or you will be prompted to manually perform each such action. Please choose one of the following: 1 - Access remote engine server using ssh as root 2 - Perform each action manually, use files to copy content around (1, 2) [1]:
Press
Enter
to accept the default SSH port, or enter an alternative port number and then pressEnter
:ssh port on remote engine server [22]:
Enter the root password for the Manager machine:
root password on remote engine server manager.example.com:
Specify whether to host the Data Warehouse database on this machine (Local), or on another machine (Remote).:
NoteRed Hat only supports installing the Data Warehouse database, the Data Warehouse service and Grafana all on the same machine as each other, even though you can install each of these components on separate machines from each other.
Where is the DWH database located? (Local, Remote) [Local]:
If you select
Local
, theengine-setup
script can configure your database automatically (including adding a user and a database), or it can connect to a preconfigured local database:Setup can configure the local postgresql server automatically for the DWH to run. This may conflict with existing applications. Would you like Setup to automatically configure postgresql and create DWH database, or prefer to perform that manually? (Automatic, Manual) [Automatic]:
-
If you select
Automatic
by pressingEnter
, no further action is required here. If you select
Manual
, input the following values for the manually-configured local database:DWH database secured connection (Yes, No) [No]: DWH database name [ovirt_engine_history]: DWH database user [ovirt_engine_history]: DWH database password:
-
If you select
If you select
Remote
, you are prompted to provide details about the remote database host. Input the following values for the preconfigured remote database host:DWH database host []: dwh-db-fqdn DWH database port [5432]: DWH database secured connection (Yes, No) [No]: DWH database name [ovirt_engine_history]: DWH database user [ovirt_engine_history]: DWH database password: password
If you select
Remote
, you are prompted to enter the username and password for the Grafana database user:Grafana database user [ovirt_engine_history_grafana]: Grafana database password:
Enter the fully qualified domain name and password for the Manager database machine. If you are installing the Data Warehouse database on the same machine where the Manager database is installed, use the same FQDN. Press
Enter
to accept the default values in each other field:Engine database host []: engine-db-fqdn Engine database port [5432]: Engine database secured connection (Yes, No) [No]: Engine database name [engine]: Engine database user [engine]: Engine database password: password
Choose how long Data Warehouse will retain collected data:
Please choose Data Warehouse sampling scale: (1) Basic (2) Full (1, 2)[1]:
Full
uses the default values for the data storage settings listed in Application Settings for the Data Warehouse service in ovirt-engine-dwhd.conf (recommended when Data Warehouse is installed on a remote host).Basic
reduces the values ofDWH_TABLES_KEEP_HOURLY
to720
andDWH_TABLES_KEEP_DAILY
to0
, easing the load on the Manager machine. UseBasic
when the Manager and Data Warehouse are installed on the same machine.Confirm your installation settings:
Please confirm installation settings (OK, Cancel) [OK]:
After the Data Warehouse configuration is complete, on the Red Hat Virtualization Manager, restart the
ovirt-engine
service:# systemctl restart ovirt-engine
- Optionally, set up SSL to secure database connections.
Log in to the Administration Portal, where you can add hosts and storage to the environment:
3.6. Connecting to the Administration Portal
Access the Administration Portal using a web browser.
In a web browser, navigate to
https://manager-fqdn/ovirt-engine
, replacing manager-fqdn with the FQDN that you provided during installation.NoteYou can access the Administration Portal using alternate host names or IP addresses. To do so, you need to add a configuration file under /etc/ovirt-engine/engine.conf.d/. For example:
# vi /etc/ovirt-engine/engine.conf.d/99-custom-sso-setup.conf SSO_ALTERNATE_ENGINE_FQDNS="alias1.example.com alias2.example.com"
The list of alternate host names needs to be separated by spaces. You can also add the IP address of the Manager to the list, but using IP addresses instead of DNS-resolvable host names is not recommended.
- Click Administration Portal. An SSO login page displays. SSO login enables you to log in to the Administration and VM Portal at the same time.
- Enter your User Name and Password. If you are logging in for the first time, use the user name admin along with the password that you specified during installation.
- Select the Domain to authenticate against. If you are logging in using the internal admin user name, select the internal domain.
- Click Log In.
- You can view the Administration Portal in multiple languages. The default selection is chosen based on the locale settings of your web browser. If you want to view the Administration Portal in a language other than the default, select your preferred language from the drop-down list on the welcome page.
To log out of the Red Hat Virtualization Administration Portal, click your user name in the header bar and click Sign Out. You are logged out of all portals and the Manager welcome screen displays.