centos7.2 kvm虛擬化管理平臺WebVirtMgr部署

在服務器上部署kvm虛擬化，虛出多臺VM出來，以應對新的測試需求。
當KVM宿主機愈來愈多，須要對宿主機的狀態進行調控，決定採用WebVirtMgr做爲kvm虛擬化的web管理工具，圖形化的WEB，讓人能更方便的查看kvm 宿主機的狀況和操做
WebVirtMgr是近兩年來發展較快，比較活躍，很是清新的一個KVM管理平臺，提供對宿主機和虛機的統一管理，它有別於kvm自帶的圖形管理工具（virtual machine manager），讓kvm管理變得更爲可視化，對中小型kvm應用場景帶來了更多方便。
WebVirtMgr採用幾乎純Python開發，其前端是基於Python的Django，後端是基於Libvirt的Python接口，將平常kvm的管理操做變的更加的可視化。

WebVirtMgr特色
操做簡單，易於使用
經過libvirt的API接口對kvm進行管理
提供對虛擬機生命週期管理
WebVirtMgr 功能

宿主機管理支持如下功能
CPU利用率
內存利用率
網絡資源池管理
存儲資源池管理
虛擬機鏡像
虛擬機克隆
快照管理
日誌管理
虛機遷移

虛擬機管理支持如下功能
CPU利用率
內存利用率
光盤管理
關/開/暫停虛擬機
安裝虛擬機
VNC console鏈接
建立快照

下面對部署過程進行記錄，但願能幫助到有用到的朋友們。
這裏我將webvirtmgr服務器和kvm服務器放在同一臺機器上部署的，即單機部署
系統：Centos 7.2
內存:64G
CPU:32核
ip：192.168.56.50（內網），192.168.0.29（外網）

 

1、基礎環境

#close firewalld and NetworkManager
[root@linux-node1 ~]# systemctl disable firewalld
[root@linux-node1 ~]# systemctl disable NetworkManager

#關閉SELinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0

1.一、開啓blos 開啓vt，檢查

1）查看是否支持虛擬機
說明1:半虛擬化是不能運行與安裝KVM虛擬機的。
[root@ops ~]#egrep '(vmx|svm)' --color=always /proc/cpuinfo

1.二、系統版本

[root@webvirtmgr-node1 ~]# cat /etc/redhat-release 
CentOS Linux release 7.2.1511 (Core) 

[root@webvirtmgr-node1 ~]# uname -r
3.10.0-327.el7.x86_64

1.三、安裝epel源

#備份源
yum install wget -y
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum -y install epel-release
yum clean all
yum makecache

#install software
yum install net-tools vim lrzsz -y

1.四、安裝kvm軟件

yum install qemu-kvm libvirt libvirt-python libguestfs-tools virt-install virt-manager python-virtinst libvirt-client virt-viewer -y

1.五、本機網絡

[root@webvirtmg ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:68:4b:e3 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.50/24 brd 192.168.0.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe68:4be3/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:68:4b:ed brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.50/24 brd 192.168.56.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe68:4bed/64 scope link 
       valid_lft forever preferred_lft forever

1.六、配置橋接網絡，（備註：br0綁定eth1）

[root@webvirtmg ~]# cd /etc/sysconfig/network-scripts/

[root@webvirtmg network-scripts]# cat ifcfg-eth1
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=eth1
DEVICE=eth1
ONBOOT=yes
IPADDR=192.168.56.50
PREFIX=24
GATEWAY=192.168.56.2
DNS1=192.168.56.2
BRIDGE=br0  
NM_CONTROLLED=no

[root@webvirtmg network-scripts]# cat ifcfg-br0 
TYPE=Bridge
DEVICE=br0
NM_CONTROLLED=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=eth1
ONBOOT=yes
IPADDR=192.168.56.50
PREFIX=24
GATEWAY=192.168.56.2
DNS1=192.168.56.2

#重啓網絡服務

systemctl restart network

1.七、啓動libvirt

[root@webvirtmgr-node1 ~]# systemctl restart libvirtd
[root@webvirtmgr-node1 ~]# systemctl status libvirtd

1.八、測試

[root@webvirtmgr-node1 ~]# virsh -c qemu:///system list
 Id    Name                           State
----------------------------------------------------

[root@webvirtmgr-node1 ~]# virsh --version
3.9.0
[root@webvirtmgr-node1 ~]# virt-install --version
1.4.3
[root@webvirtmgr-node1 ~]# ln -s /usr/libexec/qemu-kvm /usr/bin/qemu-kvm
[root@webvirtmgr-node1 ~]# lsmod |grep kvm
kvm_intel 162153 0 
kvm 525259 1 kvm_intel

1.九、查看網橋

[root@webvirtmg ~]# brctl show
bridge name	bridge id		STP enabled	interfaces
br0		8000.000c29684bed	no		eth1
virbr0		8000.000000000000	yes	

　　

2、部署webvirtmgr

參考官網：https://github.com/retspen/webvirtmgr/wiki/Install-WebVirtMgr

1.一、安裝依賴包

yum install git python-pip libvirt-python libxml2-python python-websockify supervisor nginx -y

1.二、從git-hub中下載相關的webvirtmgr代碼

[root@openstack ops]# cd /usr/local/src/
[root@openstack src]# git clone git://github.com/retspen/webvirtmgr.git    （下載地址：https://pan.baidu.com/s/1pLS3kCj      獲取密碼：8efm）

1.三、安裝webvirtmgr
[root@openstack src]# cd webvirtmgr/
[root@openstack webvirtmgr]# pip install -r requirements.txt

1.四、檢查sqlite3  （備註：自帶不須要安裝，導入模塊檢查一下。）

[root@webvirtmg webvirtmgr]# python
Python 2.7.5 (default, Nov 20 2015, 02:00:19) 
[GCC 4.8.5 20150623 (Red Hat 4.8.5-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import sqlite3
>>> exit()

1.五、初始化帳號

[root@webvirtmg webvirtmgr]# pwd
/usr/local/src/webvirtmgr

[root@webvirtmg webvirtmgr]# ./manage.py syncdb 
WARNING:root:No local_settings file found.
Creating tables ...
Creating table auth_permission
Creating table auth_group_permissions
Creating table auth_group
Creating table auth_user_groups
Creating table auth_user_user_permissions
Creating table auth_user
Creating table django_content_type
Creating table django_session
Creating table django_site
Creating table servers_compute
Creating table instance_instance
Creating table create_flavor

You just installed Django's auth system, which means you don't have any superusers defined.
Would you like to create one now? (yes/no): yes
Username (leave blank to use 'root'): admin
Email address: 1034611705@qq.com
Password: 
Password (again): 
Superuser created successfully.
Installing custom SQL ...
Installing indexes ...
Installed 6 object(s) from 1 fixture(s)

1.六、拷貝web到 相關目錄

[root@openstack ops]# mkdir -pv /var/www
[root@openstack ops]# cp -Rv /usr/local/src/webvirtmgr /var/www/webvirtmgr

1.七、設置ssh

[root@openstack ops]# ssh-keygen -t rsa             //產生公私鑰
[root@openstack ops]# ssh-copy-id 192.168.1.17        //因爲這裏webvirtmgr和kvm服務部署在同一臺機器，因此這裏本地信任。若是kvm部署在其餘機器，那麼這個是它的ip
[root@openstack ops]# ssh 192.168.1.17 -L localhost:8000:localhost:8000 -L localhost:6080:localhost:60

1.八、編輯nginx配置文件

#添加這行代碼： include /etc/nginx/conf.d/*.conf;

[root@webvirtmg ~]# cd /etc/nginx/
[root@webvirtmg  nginx]# mv nginx.conf /tmp
[root@webvirtmg  nginx]#cp nginx.conf.default nginx.conf

#編輯配置文件
[root@webvirtmg  nginx]#vi nginx.conf

[root@webvirtmg nginx]# cat nginx.conf

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;
    include /etc/nginx/conf.d/*.conf;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

#添加 /etc/nginx/conf.d/webvirtmgr.conf  配置文件

[root@webvirtmg nginx]# vim /etc/nginx/conf.d/webvirtmgr.conf  
server {
listen 80 default_server;

server_name $hostname;
#access_log /var/log/nginx/webvirtmgr_access_log;

location /static/ {
root /var/www/webvirtmgr/webvirtmgr; # or /srv instead of /var
expires max;
}

location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $remote_addr;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
client_max_body_size 1024M; # Set higher depending on your needs
}
}

#重啓nginx服務

systemctl restart nginx

1.九、修改防火牆規則

#修改防火牆規則
[root@ops ~]# vim /etc/sysconfig/selinux 
......
SELINUX=disabled

#臨時生效
[root@ops ~]# setenforce 0
setenforce: SELinux is disabled

#查看狀態
[root@ops ~]# getenforce 
Disabled

#直接執行這行
/usr/sbin/setsebool httpd_can_network_connect true

2.0、受權

chown -R nginx:nginx /var/www/webvirtmgr

2.一、設置 supervisor (若是iptables防火牆開啓的話，就必需要開通80、8000、6080端口訪問)

[root@test]# vim /etc/supervisord.conf     //在文件末尾添加,注意將默認的python改成python2，由於上面只有用這個版本執行纔不報錯！
[program:webvirtmgr]
command=/usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py                     //啓動8000端口
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
logfile=/var/log/supervisor/webvirtmgr.log
log_stderr=true
user=nginx

[program:webvirtmgr-console]
command=/usr/bin/python2 /var/www/webvirtmgr/console/webvirtmgr-console                               //啓動6080端口（這是控制檯vnc端口）
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
stdout_logfile=/var/log/supervisor/webvirtmgr-console.log
redirect_stderr=true
user=nginx

#檢查

#檢查
[root@test]#vim /var/www/webvirtmgr/conf/gunicorn.conf.py    //確保下面bind綁定的是本機的8000端口，這個在nginx配置中定義了，被代理的端口
bind = '127.0.0.1:8000'

#設置開機啓動
[root@webvirtmg nginx]# systemctl enable supervisord.service

#設置開機加載
[root@webvirtmg nginx]#vim /etc/rc.local /usr/sbin/setsebool httpd_can_network_connect true

#重啓服務
[root@webvirtmg nginx]# systemctl restart supervisord
[root@webvirtmg nginx]# systemctl status supervisord
● supervisord.service - Process Monitoring and Control Daemon
Loaded: loaded (/usr/lib/systemd/system/supervisord.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2018-06-28 09:37:15 CST; 6s ago
Process: 19369 ExecStart=/usr/bin/supervisord -c /etc/supervisord.conf (code=exited, status=0/SUCCESS)
Main PID: 19372 (supervisord)
CGroup: /system.slice/supervisord.service
├─19372 /usr/bin/python /usr/bin/supervisord -c /etc/supervisord.conf
├─19373 /usr/bin/python2 /var/www/webvirtmgr/console/webvirtmgr-console
├─19374 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19380 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19381 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19382 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19383 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19384 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19385 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19386 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19387 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19388 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19389 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19390 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19391 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19392 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19393 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19394 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
├─19395 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...
└─19396 /usr/bin/python2 /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py...

Jun 28 09:37:15 webvirtmg.com systemd[1]: Starting Process Monitoring and Control Daemon...
Jun 28 09:37:15 webvirtmg.com systemd[1]: Started Process Monitoring and Control Daemon.

2.二、查看端口 備註：6080和8000已經啓動

#查看端口  備註：6080和8000已經啓動
[root@webvirtmg nginx]# netstat -lnpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name 
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 19287/nginx: master 
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 7498/dnsmasq 
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1631/sshd 
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1828/master 
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 18977/sshd: root@pt 
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 18977/sshd: root@pt 
tcp 0 0 127.0.0.1:8000 0.0.0.0:* LISTEN 19374/python2 
tcp 0 0 0.0.0.0:6080 0.0.0.0:* LISTEN 19373/python2 
tcp6 0 0 :::22 :::* LISTEN 1631/sshd 
tcp6 0 0 ::1:25 :::* LISTEN 1828/master 
tcp6 0 0 ::1:6010 :::* LISTEN 18977/sshd: root@pt 
tcp6 0 0 ::1:6011 :::* LISTEN 18977/sshd: root@pt

 

2.三、訪問地址：http://192.168.56.50/login/

帳號信息：

username: admin 

passwd:************

 

2.四、登陸後會報錯

解決措施：
1)在webvirtmgr服務器（服務端）上（這裏kvm和WebVirtMgr部署在同一臺機器上）建立nginx用戶家目錄（默認nginx服務安裝時是沒有nginx家目錄的），生成nginx的公私鑰
[root@test]# cd /home/
[root@test home]# mkdir nginx
[root@test home]# chown nginx.nginx nginx/
[root@test home]# chmod 700 nginx/ -R
[root@test home]# su - nginx -s /bin/bash
-bash-4.1$ ssh-keygen                             #期間輸入yes後直接回車，回車
-bash-4.1$ touch ~/.ssh/config && echo -e "StrictHostKeyChecking=no\nUserKnownHostsFile=/dev/null" >> ~/.ssh/config
-bash-4.1$ chmod 0600 ~/.ssh/config

#在webvirtmgr服務器（服務端）上（這裏kvm和WebVirtMgr部署在同一臺機器上），將nginx用戶的ssh-key上傳到kvm服務器上（這裏kvm和WebVirtMgr部署在同一臺機器上）

[root@openstack ops]# su - nginx -s /bin/bash
-bash-4.1$ ssh-copy-id root@192.168.0.50
Warning: Permanently added '192.168.0.50' (RSA) to the list of known hosts.
root@192.168.0.50's password: #輸入192.168.0.50即本機的root帳號
Now try logging into the machine, with "ssh 'root@192.168.0.50'", and check in:
.ssh/authorized_keys

#在kvm（客服端）服務器上（這裏kvm和WebVirtMgr部署在同一臺機器上）配置 libvirt ssh受權

[root@test]# vim /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
[Remote libvirt SSH access]
Identity=unix-user:root #注意這裏採用的是root用戶
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes

[root@test]# chown -R root.root /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla

#重啓服務

systemctl restart nginx

systemctl restart libvirtd

 #其它參考：

http://www.cnblogs.com/kevingrace/p/5737724.html

https://www.jianshu.com/p/160272d81ac3

 

3、WebVirtMgr的平常配置

參考：https://yq.aliyun.com/articles/46358

3.一、上傳Centos6.8的鏡像到這個目錄中

[root@webvirtmg images]# cd /var/lib/libvirt/images

[root@webvirtmg images]# ll
total 6162064
-rw-------. 1 qemu qemu 21478375424 Jun 28 11:13 Centos6.8.img
-rw-r--r--. 1 qemu qemu  3916431360 Jun 28 11:01 CentOS-6.8-x86_64-bin-DVD1.iso

3.二、配置完成