Chapter 8. Installing Red Hat Enterprise Linux Hosts

Virtual machines on Red Hat Enterprise Linux can be managed by Red Hat Enterprise Virtualization Manager. Red Hat Enterprise Linux hosts can be used concurrently with Red Hat Enterprise Virtualization Hypervisors.

Important

Only the AMD64/Intel 64 version of Red Hat Enterprise Linux is compatible for use with Red Hat Enterprise Virtualization.

8.1. Adding Red Hat Enterprise Linux Hosts

Red Hat Enterprise Virtualization also supports hosts running Red Hat Enterprise Linux AMD64/Intel 64 version. This section describes the preparatory steps for installing the Red Hat Enterprise Linux host, as well as the steps to manually add the host to the Red Hat Enterprise Virtualization platform.
Adding a host can take some time, as the following steps are completed by the platform: virtualization checks, installation of packages, creation of bridge and a reboot of the host. Use the Details pane to monitor the hand-shake process as the host and management system establish a connection.
The following table shows which versions of Red Hat Enterprise Linux are supported as hosts for each version of Red Hat Enterprise Virtualization.
Red Hat Enterprise Linux Version Red Hat Enterprise Virtualization 2.2 clusters Red Hat Enterprise Virtualization 3.0 clusters Red Hat Enterprise Virtualization 3.0 clusters in 2.2 compatibility mode
5.6+ Supported Unsupported Supported
6.2+ Unsupported Supported Supported

8.1.1. Preparing Red Hat Enterprise Linux Hosts

To ensure a smooth and successful integration of Red Hat Enterprise Linux Hosts and Red Hat Enterprise Virtualization platform, prepare the host carefully according to the instructions in this section.

Procedure 8.1. Directions:

  1. Install Red Hat Enterprise Linux

    Ensure that Red Hat Enterprise Linux is correctly installed and configured on the physical host. Refer to the Red Hat Enterprise Linux Installation Guide for more information. Only the Base package group is required. All other packages can be removed or not selected.

    Warning — DNS Configuration

    The Red Hat Enterprise Linux host must have a fully resolvable network address. Valid forward and reverse lookups for the address must be available in DNS. Virtual machine migration will not work in environments where this is not the case.

    Important — Provide Access to Authentication Files

    If you are using proprietary directory services or standard directory services with no access to authentication files for user management, the vdsm package will fail to create the required system user. The authentication files required by the useradd command must be accessible to the installer. Red Hat Directory Server (RHDS) recommends a security policy with a mixture of local files and LDAP. Following this recommendation will resolve this issue.
  2. Configure VLANs

    If you are using VLAN, ensure that VLANs are configured for access to the Red Hat Enterprise Virtualization Manager.
  3. Check Red Hat Network Subscriptions

    Ensure the host is correctly subscribed to the Red Hat Enterprise Virt Management Agent (v 6 x86_64) channel in Red Hat Network, also referred to as rhel-x86_64-rhev-mgmt-agent-6, on Red Hat Network. If you do not have the appropriate subscription entitlements, contact Red Hat Customer Service.
    1. If the machine has not already been registered with Red Hat Network, run the rhn_register command as root to register it. To complete registration successfully you will need to supply your Red Hat Network username and password. Follow the onscreen prompts to complete registration of the system.
      # rhn_register
    2. You must now add a subscription to the Red Hat Enterprise Virt Management Agent (v 6 x86_64) channel to the machine. To add the channel subscription to the system from the Red Hat Network web interface:
      1. Log on to Red Hat Network (http://rhn.redhat.com).
      2. Click Systems at the top of the page.
      3. Select the system to which you are adding channels from the list presented on the screen, by clicking the name of the system.
      4. Click Alter Channel Subscriptions in the Subscribed Channels section of the screen.
      5. Select the Red Hat Enterprise Virt Management Agent (v 6 x86_64) channel from the list presented on the screen, then click the Change Subscription button to finalize the change.
  4. Edit hosts file

    Add a manual host entry to the /etc/hosts file (on the Red Hat Enterprise Linux host) for the Red Hat Enterprise Virtualization Manager server to enable vdsm and other services to connect properly to the host.
    Because Active Directory uses layered domain names, the Active Directory instance takes the domain name usually used by a Linux host. For example, if the server running the Red Hat Enterprise Virtualization Manager has a hostname of server1.example.com, Active Directory uses that address and creates a sub-address named rhev-manager.server1.example.com.
    Edit the /etc/hosts file on the Red Hat Enterprise Linux Host. The following screen output sample resembles the contents of the file:
    127.0.0.1    localhost.localdomain localhost
    ::1          localhost6.localdomain6 localhost6
    
    Append a new line to /etc/hosts with the IP address and both variants of the Red Hat Enterprise Virtualization Manager domain names. The following screen output sample resembles the required contents of the file:
    127.0.0.1    localhost.localdomain localhost
    ::1          localhost6.localdomain6 localhost6
    10.0.0.1     server1.example.com rhev-manager.server1.example.com
    
  5. Open firewall ports

    Red Hat Enterprise Virtualization platform uses a number of network ports for management and other virtualization features.
    The following steps configure iptables to open the required ports. These steps replace any existing firewall configuration with that required for Red Hat Enterprise Virtualization Manager. If you have existing firewall rules with which this configuration must be merged then you must manually edit the rules defined in the iptables configuration file, /etc/sysconfig/iptables.
    1. Remove and existing firewall rules.
      # iptables --flush
    2. Add the ports required by Red Hat Enterprise Virtualization Manager to the iptables rules.
      # iptables --append INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
      # iptables --append INPUT -p icmp -j ACCEPT
      # iptables --append INPUT -i lo -j ACCEPT
      # iptables --append INPUT -p tcp --dport 22 -j ACCEPT
      # iptables --append INPUT -p tcp --dport 16514 -j ACCEPT
      # iptables --append INPUT -p tcp --dport 54321 -j ACCEPT
      # iptables --append INPUT -p tcp -m multiport --dports 5634:6166 -j ACCEPT
      # iptables --append INPUT -p tcp -m multiport --dports 49152:49216 -j ACCEPT
      # iptables --append INPUT -j REJECT --reject-with icmp-host-prohibited
      # iptables --append FORWARD -m physdev ! --physdev-is-bridged -j REJECT --reject-with icmp-host-prohibited
      

      Note

      The provided iptables commands add firewall rules to accept network traffic on a number of ports. These include:
      • port 22 for SSH,
      • ports 5634 to 6166 for guest console connections,
      • port 16514 for libvirt virtual machine migration traffic,
      • ports 49152 to 49216 for VDSM virtual machine migration traffic, and
      • port 54321 for the Red Hat Enterprise Virtualization Manager.
    3. Save the modified rules.
      # service iptables save
    4. Ensure that the iptables service is configured to start on boot and has been restarted, or started for the first time if it wasn't already running.
      # chkconfig iptables on
      # service iptables restart
      
  6. Configure sudo access

    The Red Hat Enterprise Virtualization Manager makes use of sudo to perform operations as root on the host. The default configuration stored in /etc/sudoers contains values to allow this. If this file has been modified since Red Hat Enterprise Linux installation these values may have been removed. As root run visudo to ensure that the /etc/sudoers contains the default configuration values. Where it does not they must be added.
    # Allow root to run any commands anywhere 
    root    ALL=(ALL)   ALL
    
  7. Enable SSH access for root

    The Red Hat Enterprise Virtualization management daemon accesses host machines via SSH. To do this it logs in as root with an encrypted key for authentication. To ensure that SSH is configured and root is able to use it to access the system follow these additional steps.

    Warning

    The first time the Red Hat Enterprise Virtualization Manager is connected to the host it will install an authentication key. In the process it will overwrite any existing keys which exist in /root/.ssh/authorized_keys.
    1. These steps assume that the openssh-server package is installed on the system. Where the package is not present use yum to install it.
      # yum install openssh-server
    2. Use chkconfig to verify which run-levels SSH is enabled at.
      # chkconfig --list sshd
      sshd			0:off	1:off	2:on	3:on	4:on	5:on	6:off
      
      It is expected that the SSH daemon shows as on for run-levels 3, 4, and 5. This is the default configuration.
      If the configuration on the host differs use chkconfig to enable it for the required run-levels. The /etc/init.d/sshd script can then be used to ensure the service is currently started.
      # chkconfig --level 345 sshd on
      # /etc/init.d/sshd start
      
      To verify this operation as successful run chkconfig --list sshd again and check the output. It should now show the daemon as on at run-level 3, 4, and 5.
    3. In Red Hat Enterprise Linux the default SSH daemon configuration allows remote login by the root user. This is also a requirement for the Red Hat Enterprise Virtualization Manager to successfully access the machine. In some cases administrator's may have disabled this ability.
      To check whether or not this is the case search the /etc/ssh/sshd_config for the value PermitRootLogin. This must be done while logged in as root.
      # grep PermitRootLogin /etc/ssh/sshd_config
      PermitRootLogin no
      
      Where PermitRootLogin is set to no the value must be changed to yes. To do this edit the configuration file.
      # vi /etc/ssh/sshd_config
      
      Once the updated configuration file has been saved the SSH daemon must be told to reload it.
      # /etc/init.d/sshd reload
      Reloading sshd:                                            [  OK  ]
      
    The root user should now be able to access the system via SSH.
Result:
You can now add the correctly installed and configured Red Hat Enterprise Linux host to the Red Hat Enterprise Virtualization platform.

8.1.2. To Add a Host

In the process of adding a host, you will need to provide the IP and password of the host. The manager then logs into the host to performs virtualization checks, install packages, create a network bridge and reboot the host. The process of adding a new host can take some time, the state of the process can be followed in the Details pane.
  1. Click the Hosts tab. The Hosts tab displays a list of all hosts in the system.
    List of Hosts

    Figure 8.1. List of Hosts


  2. Click the New button. The New Host dialog displays.
    New Host Dialog

    Figure 8.2. New Host Dialog


    Enter the details of the new host.
    • Name: a descriptive name for the host.
    • Address: the IP address, or resolvable hostname of the host (provided during installation).
    • Port: the port used for internal communication control between the hosts. A default port is displayed; change the default only if you are sure that another port can be used.
    • Host Cluster: the cluster to which the host belongs (select from the drop-down list).
    • Root password: the password of the designated host; used during installation of the host.
    • Enable Power Management: Select this checkbox to turn out-of-band (OOB) power management on. If selected, the information for the following fields must also be provided.
      • The Address of the host. This is usually the address of the remote access card (RAC) on the host.
      • A valid User Name for the OOB management.
      • A valid, robust Password for the OOB management.
      • The Type of the OOB management device. Select the appropriate device from the drop down list.
        alom Sun Integrated Lights Out Manager (ILOM)
        apc APC Master MasterSwitch network power switch
        bladecenter IBM Bladecentre Remote Supervisor Adapter
        drac5 Dell Remote Access Controller for Dell computers
        eps ePowerSwitch 8M+ network power switch
        ilo HP Integrated Lights Out standard
        ipmilan Intelligent Platform Management Interface
        rsa IBM Remote Supervisor Adaptor
        rsb Fujitsu-Siemens RSB management interface
        wti WTI Network PowerSwitch
      • The Port to connect to OOB management.
      • Slot: The slot number in the blade chassis. This option is for blade systems only.
      • Options: Extra command line options for the fence agent. Detailed documentation of the options available is provided in the man page for each fence agent.
      • Secure: Some fence agents support both encrypted and unencrypted communications. Select this option to enable encrypted communications.
      • Click the Test button to test the operation of the OOB management solution.
    Red Hat Enterprise Virtualization recommends power management. Power management enables the system to fence a troublesome host using an additional interface.

    Note

    If the host is required to be Highly Available, power management must be enabled and configured.
  3. Click OK.
Result:
The new host displays in the list of hosts with a status of Installing. Once installation is complete, the status will update to Reboot and then Awaiting. The host must be activated for the status to change to Up.

Note

View the process of the host installation on the Details pane.