centos7.2 kvm虛擬化管理平臺WebVirtMgr部署

首先要安裝KVM虛擬化環境，參考下面的一篇博客進行安裝：

 

1、部署webvirtmgr

參考官網：https://github.com/retspen/webvirtmgr/wiki/Install-WebVirtMgr

一、安裝依賴包

# yum install git python-pip libvirt-python libxml2-python python-websockify supervisor nginx -y

已安裝:
  nginx.x86_64 1:1.12.2-3.el7  python-websockify.noarch 0:0.6.0-2.el7  python2-pip.noarch 0:8.1.2-8.el7  supervisor.noarch 0:3.1.4-1.el7 

做爲依賴被安裝:
  nginx-all-modules.noarch 1:1.12.2-3.el7                         nginx-filesystem.noarch 1:1.12.2-3.el7                                
  nginx-mod-http-geoip.x86_64 1:1.12.2-3.el7                      nginx-mod-http-image-filter.x86_64 1:1.12.2-3.el7                     
  nginx-mod-http-perl.x86_64 1:1.12.2-3.el7                       nginx-mod-http-xslt-filter.x86_64 1:1.12.2-3.el7                      
  nginx-mod-mail.x86_64 1:1.12.2-3.el7                            nginx-mod-stream.x86_64 1:1.12.2-3.el7                                
  python-meld3.x86_64 0:0.6.10-1.el7                             

更新完畢:
  git.x86_64 0:1.8.3.1-20.el7                                                                                                            

做爲依賴被升級:
  perl-Git.noarch 0:1.8.3.1-20.el7                                                                                                       

完畢！

二、從git-hub中下載相關的webvirtmgr代碼

# cd /usr/local/src/

# git clone git://github.com/retspen/webvirtmgr.git

[root@localhost ~]# cd /usr/local/src/
[root@localhost src]# 
[root@localhost src]# ls
[root@localhost src]# 
[root@localhost src]# git clone git://github.com/retspen/webvirtmgr.git
Cloning into 'webvirtmgr'...
remote: Enumerating objects: 5614, done.
remote: Total 5614 (delta 0), reused 0 (delta 0), pack-reused 5614
Receiving objects: 100% (5614/5614), 2.98 MiB | 37.00 KiB/s, done.
Resolving deltas: 100% (3602/3602), done.
[root@localhost src]# 
[root@localhost src]# ls
webvirtmgr
[root@localhost src]# 

三、安裝webvirtmgr

# cd webvirtmgr/

# pip install -r requirements.txt

[root@localhost src]# cd webvirtmgr/
[root@localhost webvirtmgr]# 
[root@localhost webvirtmgr]# ls
conf     deploy                images      locale       networks          secrets    setup.py   Vagrantfile
console  dev-requirements.txt  instance    manage.py    README.rst        serverlog  storages   vrtManager
create   hostdetail            interfaces  MANIFEST.in  requirements.txt  servers    templates  webvirtmgr
[root@localhost webvirtmgr]# 
[root@localhost webvirtmgr]# pip install -r requirements.txt
Collecting django==1.5.5 (from -r requirements.txt (line 1))
  Downloading https://files.pythonhosted.org/packages/38/49/93511c5d3367b6b21fc2995a0e53399721afc15e4cd6eb57be879ae13ad4/Django-1.5.5.tar.gz (8.1MB)
    100% |████████████████████████████████| 8.1MB 19kB/s 
Collecting gunicorn==19.5.0 (from -r requirements.txt (line 2))
  Downloading https://files.pythonhosted.org/packages/f9/4e/f4076a1a57fc1e75edc0828db365cfa9005f9f6b4a51b489ae39a91eb4be/gunicorn-19.5.0-py2.py3-none-any.whl (113kB)
    100% |████████████████████████████████| 122kB 38kB/s 
Collecting lockfile>=0.9 (from -r requirements.txt (line 5))
  Downloading https://files.pythonhosted.org/packages/c8/22/9460e311f340cb62d26a38c419b1381b8593b0bb6b5d1f056938b086d362/lockfile-0.12.2-py2.py3-none-any.whl
Installing collected packages: django, gunicorn, lockfile
  Running setup.py install for django ... done
Successfully installed django-1.5.5 gunicorn-19.5.0 lockfile-0.12.2
You are using pip version 8.1.2, however version 19.1.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
[root@localhost webvirtmgr]# 

注意：若是上面的命令執行中報錯了，超時之類的，請更換有效的DNS好比阿里的DNS1：233.5.5.5或233.6.6.6

四、檢查sqlite3（備註：自帶不須要安裝，導入模塊檢查一下）

[root@localhost webvirtmgr]# python
Python 2.7.5 (default, Nov 20 2015, 02:00:19) 
[GCC 4.8.5 20150623 (Red Hat 4.8.5-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> 
>>> import sqlite3
>>> 
>>> exit()
[root@localhost webvirtmgr]#

五、初始化帳號

# ./manage.py syncdb

[root@localhost webvirtmgr]# ./manage.py syncdb
WARNING:root:No local_settings file found.
Creating tables ...
Creating table auth_permission
Creating table auth_group_permissions
Creating table auth_group
Creating table auth_user_groups
Creating table auth_user_user_permissions
Creating table auth_user
Creating table django_content_type
Creating table django_session
Creating table django_site
Creating table servers_compute
Creating table instance_instance
Creating table create_flavor

You just installed Django's auth system, which means you don't have any superusers defined.
Would you like to create one now? (yes/no): yes
Username (leave blank to use 'root'): admin
Email address: 1512005532@qq.com
Password: 
Password (again): 
Superuser created successfully.
Installing custom SQL ...
Installing indexes ...
Installed 6 object(s) from 1 fixture(s)
[root@localhost webvirtmgr]# 

六、拷貝web到相關目錄

# mkdir -pv /var/www

# cp -r /usr/local/src/webvirtmgr /var/www/webvirtmgr

[root@localhost webvirtmgr]# mkdir -pv /var/www
mkdir: created directory ‘/var/www’
[root@localhost webvirtmgr]#  
[root@localhost webvirtmgr]# cp -r /usr/local/src/webvirtmgr /var/www/webvirtmgr
[root@localhost webvirtmgr]# 

七、編輯nginx配置文件

# cd /etc/nginx/

[root@localhost webvirtmgr]# cd /etc/nginx/
[root@localhost nginx]# 
[root@localhost nginx]# ls
conf.d                  koi-utf             scgi_params
default.d               koi-win             scgi_params.default
fastcgi.conf            mime.types          uwsgi_params
fastcgi.conf.default    mime.types.default  uwsgi_params.default
fastcgi_params          nginx.conf          win-utf
fastcgi_params.default  nginx.conf.default
[root@localhost nginx]# ls /tmp/
ks-script-OhK0w4  yum.log
[root@localhost nginx]# mv nginx.conf /tmp
[root@localhost nginx]# 
[root@localhost nginx]# cp nginx.conf.default nginx.conf
[root@localhost nginx]#

# vi nginx.conf

添加這行代碼： include /etc/nginx/conf.d/*.conf;

[root@localhost nginx]# cat nginx.conf

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;
    include /etc/nginx/conf.d/*.conf;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

八、添加 /etc/nginx/conf.d/webvirtmgr.conf 配置文件

# vi /etc/nginx/conf.d/webvirtmgr.conf

server {
listen 80 default_server;

server_name $hostname;
#access_log /var/log/nginx/webvirtmgr_access_log;

location /static/ {
root /var/www/webvirtmgr/webvirtmgr; # or /srv instead of /var
expires max;
}

location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $remote_addr;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
client_max_body_size 1024M; # Set higher depending on your needs
}
}

九、受權

# chown -R nginx:nginx /var/www/webvirtmgr

十、啓動nginx服務

# systemctl start nginx

# netstat -tunlp | grep 80

[root@localhost ~]# netstat -tunlp | grep 80
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      5088/nginx: master  
tcp        0      0 127.0.0.1:8000          0.0.0.0:*               LISTEN      5165/python2        
tcp        0      0 0.0.0.0:6080            0.0.0.0:*               LISTEN      5163/python2  

 

十一、設置 supervisor (若是iptables防火牆開啓的話，就必需要開通80、8000、6080端口訪問)

# vi /etc/supervisord.conf

在文件末尾添加，注意將默認的python改成python2，由於上面只有用這個版本執行纔不報錯！

[program:webvirtmgr]
command=/usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py                     //啓動8000端口
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
logfile=/var/log/supervisor/webvirtmgr.log
log_stderr=true
user=nginx

[program:webvirtmgr-console]
command=/usr/bin/python2 /var/www/webvirtmgr/console/webvirtmgr-console                               //啓動6080端口（這是控制檯vnc端口）
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
stdout_logfile=/var/log/supervisor/webvirtmgr-console.log
redirect_stderr=true
user=nginx

檢查

# vi /var/www/webvirtmgr/conf/gunicorn.conf.py

確保下面bind綁定的是本機的8000端口，這個在nginx配置中定義了，被代理的端口

bind = '127.0.0.1:8000'

十二、設置開機自啓動

# systemctl enable supervisord.service

# systemctl enable nginx

[root@localhost ~]# systemctl enable supervisord.service
Created symlink from /etc/systemd/system/multi-user.target.wants/supervisord.service to /usr/lib/systemd/system/supervisord.service.
[root@localhost ~]#
[root@localhost ~]# systemctl enable nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[root@localhost ~]#

啓動服務

# systemctl start supervisord

[root@localhost ~]# systemctl start supervisord
[root@localhost ~]# systemctl status supervisord
● supervisord.service - Process Monitoring and Control Daemon
   Loaded: loaded (/usr/lib/systemd/system/supervisord.service; enabled; vendor preset: disabled)
   Active: active (running) since 一 2019-06-17 13:38:19 CST; 2s ago
  Process: 10893 ExecStart=/usr/bin/supervisord -c /etc/supervisord.conf (code=exited, status=0/SUCCESS)
 Main PID: 10896 (supervisord)
    Tasks: 13
   CGroup: /system.slice/supervisord.service
           ├─10896 /usr/bin/python /usr/bin/supervisord -c /etc/supervisord.conf
           ├─10898 /usr/bin/python2 /var/www/webvirtmgr/console/webvirtmgr-console
           ├─10899 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
           ├─10905 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
           ├─10906 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
           ├─10907 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
           ├─10908 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
           ├─10909 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
           ├─10910 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
           ├─10911 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
           ├─10912 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
           └─10913 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py

6月 17 13:38:19 localhost.localdomain systemd[1]: Starting Process Monitoring and Control Daemon...
6月 17 13:38:19 localhost.localdomain systemd[1]: Started Process Monitoring and Control Daemon.

查看端口

6080和8000已經啓動

[root@localhost ~]# netstat -tunlp | grep 6080
tcp        0      0 0.0.0.0:6080            0.0.0.0:*               LISTEN      12033/python2       
[root@localhost ~]# 
[root@localhost ~]# netstat -tunlp | grep 8000
tcp        0      0 127.0.0.1:8000          0.0.0.0:*               LISTEN      12034/python2

1三、瀏覽器訪問：http://192.168.2.150/servers/

配置鏈接

 報錯：沒法接收數據：主機密鑰驗證失敗。：鏈接被對等方重置

1四、設置ssh

在webvirtmgr服務器（服務端）上（這裏kvm和WebVirtMgr部署在同一臺機器上）建立nginx用戶家目錄（默認nginx服務安裝時是沒有nginx家目錄的），生成nginx的公私鑰

# cd /home/

# mkdir nginx

# chown nginx.nginx nginx/

# chmod 700 -R nginx/

# su - nginx -s /bin/bash

$ ssh-keygen

一路回車

[root@localhost ~]# cd /home/
[root@localhost home]# mkdir nginx
[root@localhost home]# chown nginx.nginx nginx/
[root@localhost home]# chmod 700 -R nginx/ 
[root@localhost home]# su - nginx -s /bin/bash
-bash-4.2$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/var/lib/nginx/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /var/lib/nginx/.ssh/id_rsa.
Your public key has been saved in /var/lib/nginx/.ssh/id_rsa.pub.
The key fingerprint is:
de:3d:01:69:15:7f:c3:cc:92:3f:6d:40:10:9d:36:42 nginx@localhost.localdomain
The key's randomart image is:
+--[ RSA 2048]----+
|           .E=.. |
|           o.oX  |
|          +  =o*.|
|         . .  ooo|
|        S   .  oo|
|       . . . . ..|
|        . . o    |
|             .   |
|                 |
+-----------------+
-bash-4.2$ 

根據DSA算法生成私鑰和公鑰【默認創建在當前用戶的家目錄】

id_dsa            -->私鑰(鑰匙)

id_dsa.pub      -->公鑰(鎖)

$ touch ~/.ssh/config && echo -e "StrictHostKeyChecking=no\nUserKnownHostsFile=/dev/null" >> ~/.ssh/config

$ chmod 0600 ~/.ssh/config

-bash-4.2$ touch ~/.ssh/config && echo -e "StrictHostKeyChecking=no\nUserKnownHostsFile=/dev/null" >> ~/.ssh/config
-bash-4.2$ chmod 0600 ~/.ssh/config

在webvirtmgr服務器（服務端）上（這裏kvm和WebVirtMgr部署在同一臺機器上），將nginx用戶的ssh-key上傳到kvm服務器上（這裏kvm和WebVirtMgr部署在同一臺機器上）

$ ssh-copy-id root@192.168.2.150

-bash-4.2$ ssh-copy-id root@192.168.2.150
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Warning: Permanently added '192.168.2.150' (ECDSA) to the list of known hosts.
root@192.168.2.150's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.2.150'"
and check to make sure that only the key(s) you wanted were added.

-bash-4.2$ 

在kvm（客服端）服務器上（這裏kvm和WebVirtMgr部署在同一臺機器上）配置 libvirt ssh受權

# vi /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla

新文件寫入一下內容

Identity=unix-user:root         #注意這裏採用的是root用戶
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes

受權

# chown -R root.root /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla

1五、重啓 libvirtd 服務

# systemctl restart libvirtd

# systemctl status libvirtd

[root@localhost ~]# systemctl status libvirtd
● libvirtd.service - Virtualization daemon
   Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled; vendor preset: enabled)
   Active: active (running) since 一 2019-06-17 14:11:26 CST; 24min ago
     Docs: man:libvirtd(8)
           https://libvirt.org
 Main PID: 8023 (libvirtd)
    Tasks: 19 (limit: 32768)
   CGroup: /system.slice/libvirtd.service
           ├─5281 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvir...
           ├─5282 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvir...
           └─8023 /usr/sbin/libvirtd

6月 17 14:11:26 localhost.localdomain systemd[1]: Starting Virtualization daemon...
6月 17 14:11:26 localhost.localdomain systemd[1]: Started Virtualization daemon.
6月 17 14:11:27 localhost.localdomain dnsmasq[5281]: read /etc/hosts - 2 addresses
6月 17 14:11:27 localhost.localdomain dnsmasq[5281]: read /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
6月 17 14:11:27 localhost.localdomain dnsmasq-dhcp[5281]: read /var/lib/libvirt/dnsmasq/default.hostsfile

 

這樣上面報錯的問題就迎仍而解了！

而後從新ssh方式鏈接就ok了，就不會有上面那個報錯了~

參考文獻：

https://www.centos.bz/2018/07/centos7-2-kvm虛擬化管理平臺webvirtmgr部署/

散盡浮華

https://www.cnblogs.com/kevingrace/p/5737724.html

 centos7.2 kvm虛擬化管理平臺WebVirtMgr部署

https://www.cnblogs.com/nulige/p/9236191.html

網絡橋接

https://www.cnblogs.com/liutao97/p/6882599.html