Bakeng sa boiketlo, re tla kenya liphutheloana tse eketsehileng:
$ sudo yum install bash-completion vim
Ho etsa hore taelo e phetheloe, bash-completion e hloka ho fetohela ho bash.
E eketsa mabitso a DNS
Sena se tla hlokahala ha o hloka ho hokela mookameli o sebelisa lebitso le leng (CNAME, alias, kapa lebitso le lekhuts'oane feela ntle le suffix ea domain). Bakeng sa mabaka a ts'ireletso, mookameli o lumella likhokahano feela ka lethathamo le lumelletsoeng la mabitso.
Theha faele ea litlhophiso:
$ sudo vim /etc/ovirt-engine/engine.conf.d/99-custom-sso-setup.conf
Mohlala oa mosebetsi oa monghali
$ sudo ovirt-enjene-extension-aaa-ldap-setup
Ts'ebetsong ea LDAP e teng:
...
3 - Bukana e sebetsang
...
Ka kopo, khetha: 3
Ka kopo, kenya lebitso la Active Directory Forest: mohlala.com
Ka kopo, khetha protocol eo u ka e sebelisang (startTLS, ldaps, plain) [qalaTLS]:
Ka kopo, khetha mokhoa oa ho fumana setifikeiti sa CA se kentsoeng ka PEM (Faele, URL, Inline, System, Insecure): URL
URL: wwwca.example.com/myRootCA.pem
Kenya mosebelisi oa patlo oa DN (mohlala uid=username,dc=example,dc=com kapa u siee motho ea sa tsejoeng): CN=oVirt-Engine,CN=Basebedisi,DC=mohlala,DC=com
Kenya phasewete ea ho batla mosebelisi: *password*
[ INFO ] Ho leka ho tlama ka ho sebelisa 'CN=oVirt-Engine,CN=Users,DC=mohlala,DC=com'
A na u tlil'o sebelisa Ho Kena ho le Mong bakeng sa Mechini ea Virtual (E, Che) [Ee]:
Ka kopo, bolela lebitso la boemo bo tla bonahala ho basebelisi [mohlala.com]:
Ka kopo, fana ka mangolo a bopaki ho hlahloba phallo ea ho kena:
Kenya lebitso la mosebelisi: someAnyUser
Kenya password ea mosebelisi:
...
[INFO] Tatelano ea ho kena e sebelitsoe ka katleho
...
Khetha tatellano ea teko eo u lokelang ho e etsa (Ho felile, Tlosa, Kena, Batla) [E felile]:
[INFO] Boemo: tlhophiso ea transaction
...
TS'ELISO TS'ELISO
...
Ho sebelisa wizate ho loketse maemong a mangata. Bakeng sa litlhophiso tse rarahaneng, litlhophiso li etsoa ka letsoho. Lintlha tse ling ho litokomane tsa oVirt, Basebelisi le Likarolo. Kamora ho hokahanya Enjine ho AD ka katleho, profil e eketsehileng e tla hlaha fensetereng ea khokahano, le tabong Lumello Lintho tsa sistimi li na le bokhoni ba ho fana ka tumello ho basebelisi le lihlopha tsa AD. Hoa lokela ho hlokomeloa hore buka ea kantle ea basebelisi le lihlopha e ka se be AD feela, empa hape le IPA, eDirectory, joalo-joalo.
Bongata
Sebakeng sa tlhahiso, tsamaiso ea polokelo e tlameha ho hokahanngoa le moamoheli ka litsela tse ngata tse ikemetseng, tse ngata tsa I/O. E le molao, ho CentOS (ka hona oVirt) ha ho na mathata a ho bokella litsela tse ngata ho sesebelisoa (find_multipaths e). Litlhophiso tse ling tsa FCoE li ngotsoe ho Karolo ea 2. Ho bohlokoa ho ela hloko khothaletso ea moetsi oa sistimi ea polokelo - ba bangata ba khothaletsa ho sebelisa leano la "round-robin", empa ka ho sa feleng ho Enterprise Linux 7 nako ea ts'ebeletso e sebelisoa.
Raese. 2 - maano a mangata a I / O ka mor'a ho sebelisa litlhophiso.
Ho theha tsamaiso ea matla
E u lumella ho etsa, mohlala, ho lokisa lisebelisoa tsa mochini haeba Enjine e sa khone ho fumana karabo ho tsoa ho Moamoheli nako e telele. E kenngoe ka Moemeli oa Fense.
Kopanya -> Baamoheli -> moamoheli - Edita -> Tsamaiso ea Matla, ebe u nolofalletsa "Enable Power Management" 'me u kenye moemeli - "Eketsa Moemeli oa Fence" -> +.
Re bonts'a mofuta (mohlala, bakeng sa iLO5 o hloka ho hlakisa ilo4), lebitso / aterese ea sebopeho sa ipmi, hammoho le lebitso la mosebelisi / password. Ho khothaletsoa ho theha mosebelisi ea arohaneng (mohlala, oVirt-PM) mme, molemong oa ILO, o mo fe litokelo:
Kena
Remote Console
Matla a Virtual le Reset
Virtual Media
Lokisa Litlhophiso tsa ILO
Laola Liakhaonto tsa Basebelisi
U se ke ua botsa hore na ke hobane'ng ha sena se le joalo, se khethiloe ka matla. Moemeli oa terata oa console o hloka litokelo tse fokolang.
Ha u theha manane a taolo ea phihlello, u lokela ho hopola hore moemeli ha a sebetse ka enjene, empa ho moamoheli oa "moahelani" (eo ho thoeng ke Power Management Proxy), ke hore, haeba ho na le node e le 'ngoe feela sehlopheng, tsamaiso ea matla e tla sebetsa hana.
Ho theha SSL
Litaelo tse felletseng tsa semmuso - ho litokomane, Sehlomathiso sa D: oVirt le SSL — Ho Nchafatsa Setifikeiti sa OVirt Engine SSL/TLS.
Setifikeiti se ka tsoa ho CA ea rona ea khoebo kapa ho tsoa ho bolaoli ba setifikeiti sa kantle sa khoebo.
Keletso ea bohlokoa: Setifikeiti se reretsoe ho hokela mookameli 'me se ke ke sa ama puisano lipakeng tsa Enjene le li-node - ba tla sebelisa litifikeiti tse ingoletseng tse fanoeng ke Enjene.
Litlhokahalo:
setifikeiti sa ho fana ka CA ka sebopeho sa PEM, ka ketane eohle ho fihlela motso oa CA (ho tloha ho CA e fanoeng ka tlase qalong ho isa motsong qetellong);
setifikeiti sa Apache se fanoeng ke CA e fanoeng (hape e tlatselletsoa ke ketane eohle ea litifikeiti tsa CA);
senotlolo sa poraefete bakeng sa Apache, ntle le password.
Ha re nke hore CA ea rona e ntšitsoeng e sebetsa CentOS, e bitsoang subca.example.com, 'me likopo, linotlolo le litifikeiti li fumaneha ho /etc/pki/tls/ directory.
Re etsa li-backups mme re theha bukana ea nakoana:
E lokile! Ke nako ea ho hokela mookameli le ho netefatsa hore khokahano e sirelelitsoe ke setifikeiti sa SSL se saennoeng.
Ho boloka
Re ka be re le kae kantle ho eena? Karolong ena re tla bua ka polokelo ea litaba ea mookameli; ho boloka litaba tsa VM ke taba e arohaneng. Re tla etsa likopi tsa bekapo hang ka letsatsi ebe re li boloka ka NFS, ho etsa mohlala, tsamaisong e tšoanang moo re behileng litšoantšo tsa ISO - mynfs1.example.com:/exports/ovirt-backup. Ha e khothalletsoe ho boloka li-archives mochining o le mong moo Enjine e sebetsang teng.
Joale o ka hokela ho moamoheli: https://[Host IP or FQDN]:9090
Li-VLAN
U lokela ho bala haholoanyane ka marang-rang ho litokomane. Ho na le menyetla e mengata, mona re tla hlalosa ho hokahanya marang-rang a fumanehang.
Ho hokahanya li-subnets tse ling, li tlameha ho hlalosoa pele ho tlhophiso: Network -> Networks -> New, mona feela lebitso ke sebaka se hlokahalang; Lebokose la tlhahlobo la VM Network, le lumellang mechini ho sebelisa marang-rang ena, lea lumelloa, empa ho hokahanya tag ho tlameha ho lumelloa. Numella VLAN tagging, kenya nomoro ea VLAN ebe o tobetsa OK.
Joale o hloka ho ea ho Compute hosts -> Hosts -> kvmNN -> Network Interfaces -> Setup Host Networks. Hula marang-rang a kenyellelitsoeng ho tloha ka lehlakoreng le letona la Unassigned Logical Networks ho ea ka ho le letšehali ho Assigned Logical Networks:
Raese. 4 - pele o eketsa marang-rang.
Raese. 5 - ka mor'a ho eketsa marang-rang.
Ho hokela marang-rang a mangata ho moamoheli ka bongata, ho bonolo ho ba abela lileibole ha u theha marang-rang, le ho eketsa marang-rang ka lileibole.
Ka mor'a hore marang-rang a thehoe, mabotho a tla kena sebakeng se sa sebetseng ho fihlela marang-rang a kenngoa ho li-node tsohle sehlopheng. Boitšoaro bona bo bakoa ke folakha ea Require All ho tab ea Cluster ha u theha marang-rang a macha. Tabeng ea ha marang-rang a sa hlokehe ho li-node tsohle tsa sehlopha, folakha ena e ka holofala, joale ha marang-rang a eketsoa ho moeti, e tla ba ka ho le letona karolong e sa Hlokehang 'me u ka khetha hore na u kopanye. ho moamoheli ea itseng.
Raese. 6—khetha tšobotsi e hlokahalang ea netweke.
HPE e khethehileng
Hoo e ka bang baetsi bohle ba na le lisebelisoa tse ntlafatsang ts'ebeliso ea lihlahisoa tsa bona. Ho sebelisa HPE e le mohlala, AMS (Agentless Management Service, amsd for iLO5, hp-ams bakeng sa iLO4) le SSA (Smart Storage Administrator, ho sebetsa le disk controller), joalo-joalo li molemo.
Ho hokela polokelo ea HPE
Re kenya senotlolo ebe re hokela polokelo ea HPE:
$ sudo rpm --import https://downloads.linux.hpe.com/SDR/hpePublicKey2048_key1.pub
$ sudo vim /etc/yum.repos.d/mcp.repo
Mohlala oa sesebelisoa sa ho sebetsa le taolo ea disk
Ke phetho bakeng sa jwale. Lihloohong tse latelang ke rera ho bua ka ts'ebetso le lits'ebetso tse ling tsa mantlha. Mohlala, mokhoa oa ho etsa VDI ho oVirt.