Red Hat Training
A Red Hat training course is available for Red Hat Virtualization
第 4 章 从裸机迁移到基于 RHEL 的自托管环境
4.1. 迁移到自托管环境
要将标准 Red Hat Virtualization 的现有实例迁移到自托管引擎环境,请使用 hosted-engine 脚本协助任务。该脚本要求您包含一系列问题,并根据您的答案配置您的环境。在以下情况下,标准 Red Hat Virtualization 环境中的 Manager 被称为 BareMetal-Manager。
RHV-M 虚拟设备通过减少所需的用户与管理器虚拟机交互来缩短进程。但是,虽然设备可以在标准安装中自动执行 engine-setup,但在迁移过程 engine-setup 中必须手动运行,以便您可以事先在新管理器虚拟机上恢复 BareMetal-Manager 备份文件。
迁移涉及以下关键操作:
- 运行 hosted-engine 脚本,将主机配置为用作自托管引擎节点,并创建新的 Red Hat Virtualization 虚拟机。
- 使用 engine-backup 工具备份引擎数据库和配置文件,将备份复制到新的 Manager 虚拟机,并使用 engine-backup 的
--mode=restore参数恢复备份。运行 engine-setup 以完成 Manager 虚拟机配置。 - 按照 hosted-engine 脚本完成设置。
前提条件
- 准备安装 ovirt-hosted-engine-setup 软件包的新主机。有关订阅和软件包安装的详情,请查看 第 2.1 节 “在 Red Hat Enterprise Linux 主机上部署自托管引擎”。主机必须是当前 Red Hat Virtualization 环境的支持版本。注意如果要使用现有主机,请将主机置于维护模式,并将其从现有环境中删除。如需更多信息,请参阅管理指南中的 删除主机。
- 为您的自托管引擎环境准备存储。自托管引擎需要一个专用于管理器虚拟机的共享存储域。此域是在部署过程中创建的,且必须至少为 60 GB。有关为您的部署准备存储的更多信息,请参阅管理指南中的存储章节。https://access.redhat.com/documentation/en/red-hat-virtualization/4.0/single/administration-guide/#chap-Storage重要如果您使用的是 iSCSI 存储,请不要将同样的 iSCSI 目标用于共享存储域和数据存储域。
- 通过安装 rhevm-appliance 软件包来获取 RHV-M 虚拟设备。RHV-M 虚拟设备始终基于最新支持的管理器版本。确保当前环境中的 Manager 版本更新至最新支持的 Y-stream 版本,因为 Manager 版本需要与迁移相同。
- 要将 RHV-M 虚拟设备用于管理器安装,请确保一个目录至少为 5 GB。hosted-engine 脚本首先检查
/var/tmp是否有足够空间来提取设备文件。如果没有,您可以指定不同的目录或挂载外部存储。VDSM 用户和组必须具有目录的读取、写入和执行权限。 - 新管理器的完全限定域名必须与 BareMetal-Manager 的完全限定域名相同。正向和反向查找记录必须在 DNS 中设置。
- 您必须有权访问,并可以更改 BareMetal-Manager。
- 迁移 BareMetal-Manager 的虚拟机必须具有与要迁移 BareMetal-Manager 的物理机相同的 RAM。如果必须迁移到比迁移 BareMetal-Manager 的物理机更少的 RAM 的虚拟机,请参阅以下红帽知识库文章: https://access.redhat.com/articles/2705841
过程 4.1. 迁移到自托管环境
启动自托管引擎部署
注意如果您要从版本 3.5 或更早版本更新,您必须运行命令 hosted-engine --deploy --config-append=/etc/ovirt-hosted-engine/answers.conf。文件answers.conf必须包含参数 OVEHOSTED_NETWORK/bridgeName=str: running。从 3.5 升级到 3.6 或更高版本会导致默认的管理网络无法正常运行,除非设置了此参数。运行 hosted-engine 脚本。要随时退出脚本,请使用 CTRL+D 键盘组合来中止部署。建议您使用 screen 窗口管理器运行脚本,以避免在网络或终端中断时丢失会话。如果尚未安装,请安装 screen 软件包,该软件包可在标准 Red Hat Enterprise Linux 存储库中获得。# yum install screen
# screen
# hosted-engine --deploy
注意如果出现会话超时或连接中断,请运行 screen -d -r 来恢复 hosted-engine 部署会话。配置存储
选择要使用的存储类型。During customization use CTRL-D to abort. Please specify the storage you would like to use (glusterfs, iscsi, fc, nfs3, nfs4)[nfs3]:
- 对于 NFS 存储类型,请使用 FQDN 或 IP 地址以及共享存储域的路径名称指定完整地址。
Please specify the full shared storage connection path to use (example: host:/path): storage.example.com:/hosted_engine/nfs
- 对于 iSCSI,指定 iSCSI 门户 IP 地址、端口、用户名和密码,然后从自动检测的列表中选择目标名称。在部署过程中只能选择一个 iSCSI 目标。
Please specify the iSCSI portal IP address: Please specify the iSCSI portal port [3260]: Please specify the iSCSI portal user: Please specify the iSCSI portal password: Please specify the target name (auto-detected values) [default]:
- 对于 Gluster 存储,使用 FQDN 或 IP 地址以及共享存储域的路径名称指定完整地址。重要仅支持副本 3 Gluster 存储。确保已进行以下配置:
- 在所有三个 Gluster 服务器上的
/etc/glusterfs/glusterd.vol文件中,将rpc-auth-allow-insecure设置为上的。option rpc-auth-allow-insecure on
- 配置卷,如下所示:
gluster volume set volume cluster.quorum-type auto gluster volume set volume network.ping-timeout 10 gluster volume set volume auth.allow \* gluster volume set volume group virt gluster volume set volume storage.owner-uid 36 gluster volume set volume storage.owner-gid 36 gluster volume set volume server.allow-insecure on
Please specify the full shared storage connection path to use (example: host:/path): storage.example.com:/hosted_engine/gluster_volume
- 对于光纤通道,必须配置并连接主机总线适配器,hosted-engine 脚本将自动探测可用的 LUN。LUN 不得包含任何现有数据。
The following luns have been found on the requested target: [1] 3514f0c5447600351 30GiB XtremIO XtremApp status: used, paths: 2 active [2] 3514f0c5447600352 30GiB XtremIO XtremApp status: used, paths: 2 active Please select the destination LUN (1, 2) [1]:
配置网络
该脚本检测可能的网络接口控制器(NIC),以用作环境的管理网桥。然后,它会检查您的防火墙配置,并将其修改为控制台(SPICE 或 VNC)访问 HostedEngine-VM。提供可 ping 网关 IP 地址,供ovirt-ha-agent使用,以帮助确定主机是否适合运行 HostedEngine-VM。Please indicate a nic to set rhvm bridge on: (eth1, eth0) [eth1]: iptables was detected on your computer, do you wish setup to configure it? (Yes, No)[Yes]: Please indicate a pingable gateway IP address [X.X.X.X]:
配置虚拟机
该脚本创建一个虚拟机,配置为 Red Hat Virtualization Manager,在此过程中称为 HostedEngine-VM。为引导设备类型选择 磁盘,该脚本将自动检测可用的 RHV-M 设备。选择设备。Please specify the device to boot the VM from (choose disk for the oVirt engine appliance) (cdrom, disk, pxe) [disk]: Please specify the console type you would like to use to connect to the VM (vnc, spice) [vnc]: vnc [ INFO ] Detecting available oVirt engine appliances The following appliance have been found on your system: [1] - The oVirt Engine Appliance image (OVA) [2] - Directly select an OVA file Please select an appliance (1, 2) [1]: [ INFO ] Checking OVF archive content (could take a few minutes depending on archive size)如果您希望 cloud-init 处理 Manager 虚拟机的初始配置,请指定Yes。为 cloud-init 指定 Generate 以处理诸如设置 root 密码、配置网络和配置主机名等任务。(可选)如果您有一个现有的 cloud-init 脚本可以处理 cloud-init 的更复杂的功能,请选择 Existing。指定 Manager 虚拟机的 FQDN。这必须是为 BareMetal-Manager 提供的 FQDN。注意有关 cloud-init 的更多信息,请参阅 https://cloudinit.readthedocs.org/en/latest/。Would you like to use cloud-init to customize the appliance on the first boot (Yes, No)[Yes]? Yes Would you like to generate on-fly a cloud-init no-cloud ISO image or do you have an existing one(Generate, Existing)[Generate]? Generate Please provide the FQDN you would like to use for the engine appliance. Note: This will be the FQDN of the engine VM you are now going to launch. It should not point to the base host or to any other existing machine. Engine VM FQDN: (leave it empty to skip): manager.example.com
您必须回答No,以便您可以在 HostedEngine-VM 上恢复 BareMetal-Manager 备份文件,然后才能运行 engine-setup。Automatically execute engine-setup on the engine appliance on first boot (Yes, No)[Yes]? No
配置 Manager 域名、root 密码、网络、硬件和控制台访问详情。Enter root password that will be used for the engine appliance (leave it empty to skip): p@ssw0rd Confirm appliance root password: p@ssw0rd The following CPU types are supported by this host: - model_Penryn: Intel Penryn Family - model_Conroe: Intel Conroe Family Please specify the CPU type to be used by the VM [model_Penryn]: Please specify the number of virtual CPUs for the VM [Defaults to appliance OVF value: 4]: You may specify a MAC address for the VM or accept a randomly generated default [00:16:3e:77:b2:a4]: How should the engine VM network be configured (DHCP, Static)[DHCP]? Static Please enter the IP address to be used for the engine VM: 192.168.x.x Please provide a comma-separated list (max3) of IP addresses of domain name servers for the engine VM Engine VM DNS (leave it empty to skip): Add lines for the appliance itself and for this host to /etc/hosts on the engine VM? Note: ensuring that this host could resolve the engine VM hostname is still up to you (Yes, No)[No] Yes配置自托管引擎
指定要在 Red Hat Virtualization 环境中标识的 Host-HE1 的名称,以及admin@internal用户的密码来访问管理门户。最后,提供 SMTP 服务器的名称和 TCP 端口号、用于发送电子邮件通知的电子邮件地址,以及用于接收这些通知的电子邮件地址列表。Enter engine admin password: p@ssw0rd Confirm engine admin password: p@ssw0rd Enter the name which will be used to identify this host inside the Administrator Portal [hosted_engine_1]: Please provide the FQDN for the engine you would like to use. This needs to match the FQDN that you will use for the engine installation within the VM. Note: This will be the FQDN of the VM you are now going to create, it should not point to the base host or to any other existing machine. Engine FQDN: []: manager.example.com Please provide the name of the SMTP server through which we will send notifications [localhost]: Please provide the TCP port number of the SMTP server [25]: Please provide the email address from which notifications will be sent [root@localhost]: Please provide a comma-separated list of email addresses which will get notifications [root@localhost]:配置预览
在继续之前,hosted-engine 脚本会显示您输入的配置值,并提示您确认以继续使用这些值。Bridge interface : eth1 Engine FQDN : manager.example.com Bridge name : ovirtmgmt Host address : host.example.com SSH daemon port : 22 Firewall manager : iptables Gateway address : X.X.X.X Host name for web application : Host-HE1 Host ID : 1 Image size GB : 50 Storage connection : storage.example.com:/hosted_engine/nfs Console type : vnc Memory size MB : 4096 MAC address : 00:16:3e:77:b2:a4 Boot type : pxe Number of CPUs : 2 CPU Type : model_Penryn Please confirm installation settings (Yes, No)[Yes]:
Creating HostedEngine-VM
该脚本创建虚拟机,以配置为 HostedEngine-VM 并提供连接详情。在 HostedEngine-VM 上恢复备份文件后,您必须手动运行 engine-setup,然后才能在 Host-HE1 上进行 hosted-engine 脚本。[ INFO ] Stage: Transaction setup ... [ INFO ] Creating VM You can now connect to the VM with the following command: /bin/remote-viewer vnc://localhost:5900 Use temporary password "3463VnKn" to connect to vnc console. Please note that in order to use remote-viewer you need to be able to run graphical applications. This means that if you are using ssh you have to supply the -Y flag (enables trusted X11 forwarding). Otherwise you can run the command from a terminal in your preferred desktop environment. If you cannot run graphical applications you can connect to the graphic console from another host or connect to the serial console using the following command: socat UNIX-CONNECT:/var/run/ovirt-vmconsole-console/8f74b589-8c6f-4a32-9adf-6e615b69de07.sock,user=ovirt-vmconsole STDIO,raw,echo=0,escape=1 Please ensure that your Guest OS is properly configured to support serial console according to your distro documentation. Follow http://www.ovirt.org/Serial_Console_Setup#I_need_to_access_the_console_the_old_way for more info. If you need to reboot the VM you will need to start it manually using the command: hosted-engine --vm-start You can then set a temporary password using the command: hosted-engine --add-console-password Please install and setup the engine in the VM. You may also be interested in subscribing to "agent" RHN/Satellite channel and installing rhevm-guest-agent-common package in the VM. The VM has been rebooted. To continue please install oVirt-Engine in the VM (Follow http://www.ovirt.org/Quick_Start_Guide for more info). Make a selection from the options below: (1) Continue setup - oVirt-Engine installation is ready and ovirt-engine service is up (2) Abort setup (3) Power off and restart the VM (4) Destroy VM and abort setup (1, 2, 3, 4)[1]:使用以下命令,使用 VNC 协议连接到虚拟机。使用自托管引擎节点的完全限定域名或 IP 地址替换 FQDN。# /bin/remote-viewer vnc://FQDN:5900
在 HostedEngine-VM 中启用 SSH
RHV-M 虚拟设备上不默认启用 SSH 密码身份验证。通过 VNC 连接到 HostedEngine-VM 并启用 SSH 密码身份验证,以便您可以稍后通过 SSH 访问虚拟机,以恢复 BareMetal-Manager 备份文件并配置新的管理器。验证 sshd 服务是否正在运行。编辑/etc/ssh/sshd_config,并将以下两个选项改为yes:[...] PermitRootLogin yes [...] PasswordAuthentication yes
重启sshd服务以使更改生效。# systemctl restart sshd.service
Disabling BareMetal-Manager
连接到 BareMetal-Manager (您建立的 Red Hat Virtualization 环境的管理器),并停止ovirt-engine服务并阻止它运行。# systemctl stop ovirt-engine.service # systemctl disable ovirt-engine.service
注意虽然无法禁止运行 BareMetal-Manager,但建议不要对环境进行更改,因为它在创建备份后不会对环境进行任何更改。另外,它还可防止 BareMetal-Manager 和 HostedEngine-VM 同时管理现有资源。更新 DNS
更新您的 DNS,以便 Red Hat Virtualization 环境的 FQDN 与在 Host-HE1 上配置 hosted-engine 部署脚本时提供的 IP 地址 HostedEngine-VM 和 FQDN 相关联。在此过程中,FQDN 被设置为 manager.example.com,因为在迁移的 hosted-engine 设置中,为引擎提供的 FQDN 必须与原始引擎引擎引擎中提供的 FQDN 相同。创建 BareMetal-Manager 备份
连接到 BareMetal-Manager,并使用--mode=backup、--file=FILE和--log=LogFILE参数运行 engine-backup 命令,以指定备份模式、创建并用于备份的备份文件的名称,以及要创建的日志文件名称来存储备份日志。# engine-backup --mode=backup --file=FILE --log=LogFILE
将备份文件复制到 HostedEngine-VM
在 BareMetal-Manager 上,将备份文件复制到 HostedEngine-VM。在以下示例中,manager.example.com 是 HostedEngine-VM 的 FQDN,/backup/ 是任何指定的文件夹或路径。如果指定的文件夹或路径不存在,您必须连接到 HostedEngine-VM,并在从 BareMetal-Manager 复制备份前创建它。# scp -p FILE LogFILE manager.example.com:/backup/
Registering HostedEngine-VM
使用红帽订阅管理注册 HostedEngine-VM 并启用所需的存储库。请参阅安装指南中的订阅所需 权利。在 HostedEngine-VM 上恢复备份文件
使用 engine-backup 工具恢复完整的备份。如果您在 engine-setup 过程中手动配置 BareMetal-Manager 数据库,请按照 第 6.2.3 节 “手动恢复自托管引擎管理器” 中的说明手动恢复备份环境。- 如果您只恢复 Manager,请运行:
# engine-backup --mode=restore --file=file_name --log=log_file_name --provision-db --restore-permissions
- 如果您要恢复 Manager 和数据仓库,请运行:
# engine-backup --mode=restore --file=file_name --log=log_file_name --provision-db --provision-dwh-db --restore-permissions
如果成功,则会显示以下输出:You should now run engine-setup. Done.
Configuring HostedEngine-VM
配置恢复的 Manager 虚拟机。这个过程标识现有的配置设置和数据库内容。确认设置。完成后,设置会提供 SSH 指纹和内部证书颁发机构哈希。# engine-setup
[ INFO ] Stage: Initializing [ INFO ] Stage: Environment setup Configuration files: ['/etc/ovirt-engine-setup.conf.d/10-packaging.conf', '/etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf'] Log file: /var/log/ovirt-engine/setup/ovirt-engine-setup-20140304075238.log Version: otopi-1.1.2 (otopi-1.1.2-1.el6ev) [ INFO ] Stage: Environment packages setup [ INFO ] Yum Downloading: rhel-65-zstream/primary_db 2.8 M(70%) [ INFO ] Stage: Programs detection [ INFO ] Stage: Environment setup [ INFO ] Stage: Environment customization --== PACKAGES ==-- [ INFO ] Checking for product updates... [ INFO ] No product updates found --== NETWORK CONFIGURATION ==-- Setup can automatically configure the firewall on this system. Note: automatic configuration of the firewall may overwrite current settings. Do you want Setup to configure the firewall? (Yes, No) [Yes]: [ INFO ] iptables will be configured as firewall manager. --== DATABASE CONFIGURATION ==-- --== OVIRT ENGINE CONFIGURATION ==-- --== PKI CONFIGURATION ==-- --== APACHE CONFIGURATION ==-- --== SYSTEM CONFIGURATION ==-- --== END OF CONFIGURATION ==-- [ INFO ] Stage: Setup validation [ INFO ] Cleaning stale zombie tasks --== CONFIGURATION PREVIEW ==-- Default SAN wipe after delete : False Firewall manager : iptables Update Firewall : True Host FQDN : manager.example.com Engine database secured connection : False Engine database host : X.X.X.X Engine database user name : engine Engine database name : engine Engine database port : 5432 Engine database host name validation : False Engine installation : True PKI organization : example.com NFS mount point : /var/lib/exports/iso Configure VMConsole Proxy : True Engine Host FQDN : manager.example.com Configure WebSocket Proxy : True Please confirm installation settings (OK, Cancel) [OK]:同步主机和管理器
返回到 Host-HE1,并通过选择选项 1 继续运行 hosted-engine 部署脚本:(1) Continue setup - oVirt-Engine installation is ready and ovirt-engine service is up
脚本显示内部证书颁发机构哈希,并提示您选择要添加 Host-HE1 的集群。[ INFO ] Engine replied: DB Up!Welcome to Health Status! [ INFO ] Acquiring internal CA cert from the engine [ INFO ] The following CA certificate is going to be used, please immediately interrupt if not correct: [ INFO ] Issuer: C=US, O=example.com, CN=manager.example.com.23240, Subject: C=US, O=example.com, CN=manager.example.com.23240, Fingerprint (SHA-1): XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX [ INFO ] Connecting to the Engine Enter the name of the cluster to which you want to add the host (DB1, DB2, Default) [Default]: [ INFO ] Waiting for the host to become operational in the engine. This may take several minutes... [ INFO ] The VDSM Host is now operational [ INFO ] Saving hosted-engine configuration on the shared storage domain Please shutdown the VM allowing the system to launch it as a monitored service. The system will wait until the VM is down.关闭 HostedEngine-VM
关闭 HostedEngine-VM.# shutdown -h now
设置确认
返回到 Host-HE1,以确认它检测到 HostedEngine-VM 已关闭。[ INFO ] Enabling and starting HA services [ INFO ] Stage: Clean up [ INFO ] Generating answer file '/var/lib/ovirt-hosted-engine-setup/answers/answers-20160509162843.conf' [ INFO ] Generating answer file '/etc/ovirt-hosted-engine/answers.conf' [ INFO ] Stage: Pre-termination [ INFO ] Stage: Termination [ INFO ] Hosted Engine successfully set up
您的 Red Hat Virtualization 引擎已迁移到自托管引擎设置中。Manager 现在在 Host-HE1 上的虚拟机上运行,在环境中名为 HostedEngine-VM。当 HostedEngine-VM 具有高可用性时,它将在适用时迁移到环境中的其他自托管引擎节点。
