Red Hat Training
A Red Hat training course is available for Red Hat Virtualization
第 4 章 迁移到一个基于 RHEL 的自承载环境
4.1. 迁移到自承载环境
当需要把一个标准 Red Hat Virtualization 中存在的实例迁移到自承载环境中时,可以使用
hosted-engine
脚本来简化迁移的过程。这个脚本会要求用户输入一系列信息,并根据提供的信息对环境进行配置。在以下过程中,标准 Red Hat Virtualization 环境中的 Manager 被称为 BareMetal-Manager。
RHV-M Virtual Appliance 可以减少用户和 Manager 虚拟机的交流,从而缩短部署的过程。但是,appliance 只能在一个标准安装中自动化
engine-setup
。在迁移过程中,用户需要手工运行 engine-setup
,这样才可以提前在新的 Manager 虚拟机上恢复 BareMetal-Manager 备份文件。
迁移过程包括以下几个关键的步骤:
- 运行
hosted-engine
脚本来配置主机作为自承载引擎的主机,并创建一个新的 Red Hat Virtualization 虚拟机。 - 使用
engine-backup
工具程序备份引擎数据库和配置文件,把备份数据复制到新的 Manager 虚拟机上,并使用带有--mode=restore
选项的engine-backup
命令恢复备份。运行engine-setup
对 Manager 虚拟机进行配置。 - 使用
hosted-engine
脚本进行设置。
先决条件
- 准备一个安装了 ovirt-hosted-engine-setup 软件包的新主机。请参阅 第 2.1 节 “在 Red Hat Enterprise Linux 主机上初始化自承载引擎部署” 以获得相关的详细信息。主机需要是当前 Red Hat Virtualization 环境支持的版本。
注意
如果选择使用一个已存在的主机,请把它设置为维护模式并从当前的环境中移除。请参阅 管理指南中的删除一个主机了解详情。 - 为您的自承载引擎环境准备好存储。自承载引擎需要使用 Manager 虚拟机专用的共享存储域。此存储域创建于部署期间,应至少为 60 GB。如需了解与存储准备有关的更多信息,请参阅管理指南中的存储 章节。
重要
如果您使用的是 iSCSI 存储,则不要在共享存储域和数据存储域中使用相同的 iSCSI 目标。 - 通过安装 rhevm-appliance 软件包可以获得 RHV-M Virtual Appliance。RHV-M Virtual Appliance 总是基于最新支持的 Manager 版本。请确认您当前环境中的 Manager 版本已被更新到最新支持的 Y-stream 版本,因为 Manager 的版本需要相同才可以进行迁移。
- 要在 Manager 安装中使用 RHV-M Virtual Appliance,需要有一个至少有 5 GB 的目录。
hosted-engine
脚本首先会检查/var/tmp
是否具备足够的文件提取空间。如果空间不够,您可以指定不同的目录,或者挂载外部存储器。VDSM 用户和 KVM 群组必须具备在目录上读写和执行操作的权限。 - 新的 Manager 的完全限定域名需要和原始 BareMetal-Manager 的完全限定域名相同。DNS 中需要有它的正向和反向查询记录。
- 需要有访问和修改 BareMetal-Manager 的权限。
- BareMetal-Manager 迁入到的虚拟机必须与 BareMetal-Manager 原来所在物理机器具备等量的 RAM。如果迁入 BareMetal-Manager 的虚拟机的 RAM 比 BareMetal-Manager 原来所在物理机的 RAM 少,请参阅下列红帽知识库文章:https://access.redhat.com/articles/2705841。
过程 4.1. 迁移到自承载环境
开始自承载引擎部署
注意
如果您从 3.5 或更早版本更新,您必须运行hosted-engine --deploy --config-append=/etc/ovirt-hosted-engine/answers.conf
命令。文件answers.conf
必须包含OVEHOSTED_NETWORK/bridgeName=str:rhevm
参数。从 3.5 版本升级到 3.6 版本或更高版本时,如果不设置该参数,将导致默认管理网络无法运行。运行hosted-engine
脚本。使用 CTRL+D 可以随时中断部署。我们推荐在运行脚本时使用screen
程序,这样可以避免因为网络中断或其它原因造成脚本运行被中断。screen 软件包包括在标准的 Red Hat Enterprise Linux 软件仓库中。# yum install screen
# screen
# hosted-engine --deploy
注意
当网络中断或超时时,可以运行screen -d -r
来恢复当前运行的hosted-engine
。配置存储
选择使用的存储类型。During customization use CTRL-D to abort. Please specify the storage you would like to use (glusterfs, iscsi, fc, nfs3, nfs4)[nfs3]:
- 对于 NFS 存储类型,使用 FQDN 或 IP 地址指定它的完整地址,以及共享存储域的路径名。
Please specify the full shared storage connection path to use (example: host:/path): storage.example.com:/hosted_engine/nfs
- 对于 iSCSI,指定 iSCSI 门户 IP 地址、端口、用户名和密码,并从检测到的列表中选择一个目标名。在部署的过程中只能选择一个 iSCSI 目标:
Please specify the iSCSI portal IP address: Please specify the iSCSI portal port [3260]: Please specify the iSCSI portal user: Please specify the iSCSI portal password: Please specify the target name (auto-detected values) [default]:
- 对于 Gluster 存储类型,使用 FQDN 或 IP 地址指定它的完整地址,以及共享存储域的路径名。
重要
当前只支持 replica 3 Gluster 存储。请确认已进行了以下配置:- 在所有 3 个 Gluster 服务器的
/etc/glusterfs/glusterd.vol
文件中,把rpc-auth-allow-insecure
设置为on
。option rpc-auth-allow-insecure on
- 对卷进行以下配置:
gluster volume set volume cluster.quorum-type auto gluster volume set volume network.ping-timeout 10 gluster volume set volume auth.allow \* gluster volume set volume group virt gluster volume set volume storage.owner-uid 36 gluster volume set volume storage.owner-gid 36 gluster volume set volume server.allow-insecure on
Please specify the full shared storage connection path to use (example: host:/path): storage.example.com:/hosted_engine/gluster_volume
- 对于光纤通道设备,主机的总线适配器需要被配置和连接,
hosted-engine
脚本会自动检测到有效的 LUN。LUN 不能包括任何额外的数据。The following luns have been found on the requested target: [1] 3514f0c5447600351 30GiB XtremIO XtremApp status: used, paths: 2 active [2] 3514f0c5447600352 30GiB XtremIO XtremApp status: used, paths: 2 active Please select the destination LUN (1, 2) [1]:
配置网络
这个脚本会检测可以被用来对环境进行管理的网卡(NIC),然后会检查防火墙的配置,并根据控制台(SPICE 或 VNC)访问 HostedEngine-VM 的需要来修改防火墙的配置。另外,提供一个可以被 ping 到的网络 IP 地址,ovirt-ha-agent
会使用它来决定 HostedEngine-VM 是否在正常运行。Please indicate a nic to set rhvm bridge on: (eth1, eth0) [eth1]: iptables was detected on your computer, do you wish setup to configure it? (Yes, No)[Yes]: Please indicate a pingable gateway IP address [X.X.X.X]:
配置虚拟机
这个脚本会创建一个被配置为 Red Hat Virtualization Manager 的虚拟机(称为 HostedEngine-VM)。选择 disk 作为引导设备类型,脚本会自动检测可用的 RHV-M Appliance。选择一个 appliance。Please specify the device to boot the VM from (choose disk for the oVirt engine appliance) (cdrom, disk, pxe) [disk]: Please specify the console type you would like to use to connect to the VM (vnc, spice) [vnc]: vnc [ INFO ] Detecting available oVirt engine appliances The following appliance have been found on your system: [1] - The oVirt Engine Appliance image (OVA) [2] - Directly select an OVA file Please select an appliance (1, 2) [1]: [ INFO ] Checking OVF archive content (could take a few minutes depending on archive size)
如果使用 cloud-init 对 Manager 虚拟机进行初始设置,则选Yes
。选择 Generate 来使用 cloud-init 进行配置,如设置 root 密码、配置网络、配置主机名。或选择 Existing 来使用一个已存在的 cloud-init 脚本来处理相关的 cloud-init 功能。为 Manager 虚拟机设置 FQDN。这需要和 BareMetal-Manager 的 FQDN 相同。注意
如需了解更多与 cloud-init 相关的信息,请参阅 https://cloudinit.readthedocs.org/en/latest/。Would you like to use cloud-init to customize the appliance on the first boot (Yes, No)[Yes]? Yes Would you like to generate on-fly a cloud-init no-cloud ISO image or do you have an existing one(Generate, Existing)[Generate]? Generate Please provide the FQDN you would like to use for the engine appliance. Note: This will be the FQDN of the engine VM you are now going to launch. It should not point to the base host or to any other existing machine. Engine VM FQDN: (leave it empty to skip): manager.example.com
对于以下问题,回答No
,这样才可以在运行engine-setup
前在 HostedEngine-VM 上恢复 BareMetal-Manager 备份文件。Automatically execute engine-setup on the engine appliance on first boot (Yes, No)[Yes]? No
配置 Manager 的域名、root 密码、网络、硬件和控制台访问详情。Enter root password that will be used for the engine appliance (leave it empty to skip): p@ssw0rd Confirm appliance root password: p@ssw0rd The following CPU types are supported by this host: - model_Penryn: Intel Penryn Family - model_Conroe: Intel Conroe Family Please specify the CPU type to be used by the VM [model_Penryn]: Please specify the number of virtual CPUs for the VM [Defaults to appliance OVF value: 4]: You may specify a MAC address for the VM or accept a randomly generated default [00:16:3e:77:b2:a4]: How should the engine VM network be configured (DHCP, Static)[DHCP]? Static Please enter the IP address to be used for the engine VM: 192.168.x.x Please provide a comma-separated list (max3) of IP addresses of domain name servers for the engine VM Engine VM DNS (leave it empty to skip): Add lines for the appliance itself and for this host to /etc/hosts on the engine VM? Note: ensuring that this host could resolve the engine VM hostname is still up to you (Yes, No)[No] Yes
配置自承载引擎
指定在 Red Hat Virtualization 环境中标识 Host-HE1 的名称,以及访问管理门户所使用的admin@internal
用户的密码。最后,提供 SMTP 的名称和 TCP 端口号、发送事件通知的电子邮件地址、以及需要接收事件通知的用户的电子邮件地址列表(以逗号分隔)。Enter engine admin password: p@ssw0rd Confirm engine admin password: p@ssw0rd Enter the name which will be used to identify this host inside the Administrator Portal [hosted_engine_1]: Please provide the FQDN for the engine you would like to use. This needs to match the FQDN that you will use for the engine installation within the VM. Note: This will be the FQDN of the VM you are now going to create, it should not point to the base host or to any other existing machine. Engine FQDN: []: manager.example.com Please provide the name of the SMTP server through which we will send notifications [localhost]: Please provide the TCP port number of the SMTP server [25]: Please provide the email address from which notifications will be sent [root@localhost]: Please provide a comma-separated list of email addresses which will get notifications [root@localhost]:
配置预览
在实际进行配置前,hosted-engine
脚本会显示已输入的信息,并提示您确认这些信息。Bridge interface : eth1 Engine FQDN : manager.example.com Bridge name : ovirtmgmt Host address : host.example.com SSH daemon port : 22 Firewall manager : iptables Gateway address : X.X.X.X Host name for web application : Host-HE1 Host ID : 1 Image size GB : 50 Storage connection : storage.example.com:/hosted_engine/nfs Console type : vnc Memory size MB : 4096 MAC address : 00:16:3e:77:b2:a4 Boot type : pxe Number of CPUs : 2 CPU Type : model_Penryn Please confirm installation settings (Yes, No)[Yes]:
配置 HostedEngine-VM
这个脚本会创建虚拟机 HostedEngine-VM,并提供和它进行连接的信息。您需要在 HostedEngine-VM 上恢复备份文件后,手工运行engine-setup
,这样才能继续在 Host-HE1 上执行hosted-engine
脚本。[ INFO ] Stage: Transaction setup ... [ INFO ] Creating VM You can now connect to the VM with the following command: /bin/remote-viewer vnc://localhost:5900 Use temporary password "3463VnKn" to connect to vnc console. Please note that in order to use remote-viewer you need to be able to run graphical applications. This means that if you are using ssh you have to supply the -Y flag (enables trusted X11 forwarding). Otherwise you can run the command from a terminal in your preferred desktop environment. If you cannot run graphical applications you can connect to the graphic console from another host or connect to the serial console using the following command: socat UNIX-CONNECT:/var/run/ovirt-vmconsole-console/8f74b589-8c6f-4a32-9adf-6e615b69de07.sock,user=ovirt-vmconsole STDIO,raw,echo=0,escape=1 Please ensure that your Guest OS is properly configured to support serial console according to your distro documentation. Follow http://www.ovirt.org/Serial_Console_Setup#I_need_to_access_the_console_the_old_way for more info. If you need to reboot the VM you will need to start it manually using the command: hosted-engine --vm-start You can then set a temporary password using the command: hosted-engine --add-console-password Please install and setup the engine in the VM. You may also be interested in subscribing to "agent" RHN/Satellite channel and installing rhevm-guest-agent-common package in the VM. The VM has been rebooted. To continue please install oVirt-Engine in the VM (Follow http://www.ovirt.org/Quick_Start_Guide for more info). Make a selection from the options below: (1) Continue setup - oVirt-Engine installation is ready and ovirt-engine service is up (2) Abort setup (3) Power off and restart the VM (4) Destroy VM and abort setup (1, 2, 3, 4)[1]:
运行以下命令使用 VNC 协议连接到虚拟机。使用自承载引擎主机的 FQDN 或 IP 地址替换其中的 FQDN。# /bin/remote-viewer vnc://FQDN:5900
在 HostedEngine-VM 上启用 SSH
默认情况下,SSH 密码验证不会在 RHV-M Virtual Appliance 中启动,您可以通过 VNC 连接到 HostedEngine-VM 并启用 SSH 密码验证功能,这样,就可以通过 SSH 访问虚拟机来恢复 BareMetal-Manager 备份文件并配置新的 Manager。确认sshd
服务已在运行。编辑/etc/ssh/sshd_config
,把以下两个选项设置为yes
:[...] PermitRootLogin yes [...] PasswordAuthentication yes
重启sshd
服务来使所做的修改生效。# systemctl restart sshd.service
禁用 BareMetal-Manager
连接到 BareMetal-Manager(Red Hat Virtualization 环境中的 Manager),停止引擎并禁止它在系统引导时运行。# systemctl stop ovirt-engine.service # systemctl disable ovirt-engine.service
注意
推荐停止运行 BareMetal-Manager,这可以确保在系统备份被创建后,不会再对虚拟环境进行改变。另外,它还可以防止 BareMetal-Manager 和 HostedEngine-VM 同时管理存在的资源。更新 DNS
更新您的 DNS,从而使 Red Hat Virtualization 环境的 FQDN 可以正确地解析 HostedEngine-VM 的 IP 地址,以及在 Host-HE1 上配置hosted-engine
部署脚本所提供的 FQDN。在这里,FQDN 被设置为 manager.example.com,因为所提供引擎的 FQDN 和新设置引擎的 FQDN 必须相同。为 BareMetal-Manager 创建一个备份
连接到 BareMetal-Manager,运行engine-backup
命令。使用--mode=backup
、--file=FILE
和--log=LogFILE
参数来分别指定备份的模式、备份文件的名称以及日志文件的名称。# engine-backup --mode=backup --file=FILE --log=LogFILE
把备份文件复制到 HostedEngine-VM
登录到 BareMetal-Manager,把备份文件复制到 HostedEngine-VM 上。在以下的例子中,manager.example.com 是 HostedEngine-VM 的 FQDN,/backup/ 是备份文件要被复制到的目录或路径。如果这些目录和路径还没有存在,您需要登录到 HostedEngine-VM 上后创建它们。# scp -p FILE LogFILE manager.example.com:/backup/
在 HostedEngine-VM 上恢复备份文件
使用engine-backup
工具程序恢复一个完整的备份。如果在执行engine-setup
的过程中手工配置了 BareMetal-Manager 数据库,则需要根据 第 6.2.3 节 “手工恢复自承载引擎 Manager” 中的内容手工恢复备份的环境。- 如果只恢复 Manager,运行以下命令:
# engine-backup --mode=restore --file=file_name --log=log_file_name --provision-db --restore-permissions
- 如果恢复 Manager 和 Data Warehouse,运行以下命令:
# engine-backup --mode=restore --file=file_name --log=log_file_name --provision-db --provision-dwh-db --restore-permissions
如果运行成功,以下输出会被显示:You should now run engine-setup. Done.
配置 HostedEngine-VM
配置恢复的 Manager 虚拟机。这个过程会检测到存在的配置设置和数据库内容。确认这些设置。完成后,系统会提供一个 SSH 指纹(fingerprint)和一个内部的证书授权哈希数据(Certificate Authority hash)。# engine-setup
[ INFO ] Stage: Initializing [ INFO ] Stage: Environment setup Configuration files: ['/etc/ovirt-engine-setup.conf.d/10-packaging.conf', '/etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf'] Log file: /var/log/ovirt-engine/setup/ovirt-engine-setup-20140304075238.log Version: otopi-1.1.2 (otopi-1.1.2-1.el6ev) [ INFO ] Stage: Environment packages setup [ INFO ] Yum Downloading: rhel-65-zstream/primary_db 2.8 M(70%) [ INFO ] Stage: Programs detection [ INFO ] Stage: Environment setup [ INFO ] Stage: Environment customization --== PACKAGES ==-- [ INFO ] Checking for product updates... [ INFO ] No product updates found --== NETWORK CONFIGURATION ==-- Setup can automatically configure the firewall on this system. Note: automatic configuration of the firewall may overwrite current settings. Do you want Setup to configure the firewall? (Yes, No) [Yes]: [ INFO ] iptables will be configured as firewall manager. --== DATABASE CONFIGURATION ==-- --== OVIRT ENGINE CONFIGURATION ==-- --== PKI CONFIGURATION ==-- --== APACHE CONFIGURATION ==-- --== SYSTEM CONFIGURATION ==-- --== END OF CONFIGURATION ==-- [ INFO ] Stage: Setup validation [ INFO ] Cleaning stale zombie tasks --== CONFIGURATION PREVIEW ==-- Default SAN wipe after delete : False Firewall manager : iptables Update Firewall : True Host FQDN : manager.example.com Engine database secured connection : False Engine database host : X.X.X.X Engine database user name : engine Engine database name : engine Engine database port : 5432 Engine database host name validation : False Engine installation : True PKI organization : example.com NFS mount point : /var/lib/exports/iso Configure VMConsole Proxy : True Engine Host FQDN : manager.example.com Configure WebSocket Proxy : True Please confirm installation settings (OK, Cancel) [OK]:
把主机和 Manager 进行同步
返回到 Host-HE1,选择选项 1 来继续hosted-engine
脚本:(1) Continue setup - oVirt-Engine installation is ready and ovirt-engine service is up
这个脚本会显示内部 CA 的内容,并提示您选择 Host-HE1 要加入的集群。[ INFO ] Engine replied: DB Up!Welcome to Health Status! [ INFO ] Acquiring internal CA cert from the engine [ INFO ] The following CA certificate is going to be used, please immediately interrupt if not correct: [ INFO ] Issuer: C=US, O=example.com, CN=manager.example.com.23240, Subject: C=US, O=example.com, CN=manager.example.com.23240, Fingerprint (SHA-1): XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX [ INFO ] Connecting to the Engine Enter the name of the cluster to which you want to add the host (DB1, DB2, Default) [Default]: [ INFO ] Waiting for the host to become operational in the engine. This may take several minutes... [ INFO ] The VDSM Host is now operational [ INFO ] Saving hosted-engine configuration on the shared storage domain Please shutdown the VM allowing the system to launch it as a monitored service. The system will wait until the VM is down.
关闭 HostedEngine-VM
关闭 HostedEngine-VM。# shutdown -h now
设置确认
返回到 Host-HE1,确认它检测到 HostedEngine-VM 已经被关闭。[ INFO ] Enabling and starting HA services [ INFO ] Stage: Clean up [ INFO ] Generating answer file '/var/lib/ovirt-hosted-engine-setup/answers/answers-20160509162843.conf' [ INFO ] Generating answer file '/etc/ovirt-hosted-engine/answers.conf' [ INFO ] Stage: Pre-termination [ INFO ] Stage: Termination [ INFO ] Hosted Engine successfully set up
现在,Red Hat Virtualization 引擎已被迁移到一个自承载引擎环境中。Manager 现在运行于 Host-HE1 主机中的一个虚拟机(HostedEngine-VM)上。HostedEngine-VM 被设置为具有高可用性功能,它会在需要时被迁移到其它主机上。