RedHat Virtualization Manager

Red Hat Virtualization Manager (RHVM) provides a central management platform for physical and logical resources of a Red Hat Virtualization environment. Red Hat Virtualization Manager is built on Red Hat Enterprise Linux and Red Hat JBoss Enterprise Application Platform. It uses a PostgreSQL database to store information and offers several management interfaces, including REST APIs.

System Requirements

The hardware and operating system of the server must meet the following requirements before installation of Red Hat Virtualization Manager (RHVM). These requirements are for Red Hat Virtualization 4.1.

Operating System

A base installation of Red Hat Enterprise Linux 7 updated to the latest minor release.

Hardware Requirements

The following table lists the minimum and recommended hardware requirements for Red Hat Virtualization Manager 4.1:

CATEGORY MINIMUM RECOMMENDED
Processor One dual-core CPU One quad-core CPU or multiple dual-core CPUs
Memory 4 GB of available system RAM (not being consumed by existing processes) 16 GB of available system RAM (not being consumed by existing processes)
Disk space 25 GB of locally accessible and writable disk space 50 GB of locally accessible and writable disk space
Network 1 network interface card (NIC) with bandwidth of at least 1 Gbps 1 network interface card (NIC) with bandwidth of at least 1 Gbps

Note: The hardware requirements outlined in this table are based on a typical small- to medium-sized installation. The exact requirements vary between deployments based on size, load, and the period for which history records are being saved. Use these recommendations only as a guide.

Network Requirements

Red Hat Virtualization Manager and all hosts must have fully-qualified domain names as well as forward and reverse DNS entries. All DNS services that are used by a Red Hat Virtualization environment must be hosted outside the environment.

A number of network ports must be available to services external and internal to the Red Hat Virtualization Manager to ensure correct operation. The engine-setup command used to configure the RHVM server can also configure the firewall automatically. However, it overwrites any custom iptables rules that exist, unless you are using firewalld to manage them. The engine-setup command populates a list of the necessary iptables rules in the /etc/ovirt-engine/iptables.example file.

Installation and Configuration Process

The process of installing and configuring Red Hat Virtualization Manager can be broken down into three steps:

1. Install the server with a base install of Red Hat Enterprise Linux 7, subscribe it to the entitlements for Red Hat Enterprise Linux and Red Hat Virtualization, and enable the appropriate software channels or repositories.
2. Install the Red Hat Virtualization Manager software packages on the server.
3. Configure Red Hat Virtualization Manager using the engine-setup command.

Step 1: Installing the Operating System and Enabling Software Repositories

On the system that will host Red Hat Virtualization Manager, install Red Hat Enterprise Linux 7 Server with only the Base package group. This ensures that only necessary packages are installed on the system and that there are no conflicts between packages from different software channels when you install Red Hat Virtualization Manager.

The system should be registered and attached to software entitlements for Red Hat Enterprise Linux and Red Hat Virtualization so that it can install packages and updates from the Red Hat Content Distribution Network or from a Red Hat Satellite server.

Register the system to the Customer Portal account that has been granted entitlements to Red Hat Enterprise Linux Server and Red Hat Virtualization:

[[email protected] ~]# subscription-manager register

Next, identify the pool IDs for subscriptions that provide Red Hat Enterprise Linux Server and Red Hat Virtualization. Use those pool IDs to attach the subscriptions to your server. Use the subscription-manager list command to look at the subscriptions available to the Customer Portal account used to register your server. When you do, you may see something like the following:

[[email protected] ~]# subscription-manager list --available|less 
...output omitted...
Subscription Name:    Red Hat Virtualization (2-sockets), Standard
Provides:             JBoss Enterprise Application Platform
                      Red Hat JBoss Core Services
                      Red Hat Virtualization Host
                      Red Hat Virtualization
SKU:                  ...omitted...
Contract:             ...omitted...
Pool ID:              12345678901234567890123456789012
Provides Management:  No
Available:            1
Suggested:            1
Service Level:        Standard
Service Type:         L1-L3
Subscription Type:    Stackable
Ends:                 07/01/2018
System Type:          Physical

[[email protected] ~]#

Then use the Pool ID to attach the pool providing the necessary entitlements to your server:

[[email protected] ~]# subscription-manager attach --pool=12345678901234567890123456789012 
Successfully attached a subscription for: Red Hat Virtualization (2-sockets), Standard
[[email protected] ~]#

Note: You may need to attach more than one pool to get both entitlements for your server. For instance, the pool in the previous example does not provide the Red Hat Enterprise Linux Server entitlement. The exact details of the subscriptions that you see are likely to be different than the example output above.

Each of the entitlements provides access to multiple software channels (YUM repositories). Not all of the repositories provided by the entitlements are needed for Red Hat Virtualization Manager. You should disable all software repositories on your server, and then only enable the ones that are needed.

Disable all existing repositories:

[[email protected] ~]# subscription-manager repos --disable=*

Enable the required repositories:

[[email protected] ~]# subscription-manager repos  
--enable=rhel-7-server-rpms  
--enable=rhel-7-server-supplementary-rpms  
--enable=rhel-7-server-rhv-4.1-rpms  
--enable=rhel-7-server-rhv-4-tools-rpms  
--enable=jb-eap-7-for-rhel-7-server-rpms

The required repositories contain the following software:

REPOSITORY ID DESCRIPTION
rhel-7-server-rpms Red Hat Enterprise Linux 7 Server packages
rhel-7-server-supplementary-rpms Supplementary Red Hat Enterprise Linux 7 packages, including the supported version of the Java Runtime Environment (JRE) and the virtio-win package
rhel-7-server-rhv-4.1-rpms Core Red Hat Virtualization Manager 4.1 packages
rhel-7-server-rhv-4-tools-rpms Additional Red Hat Virtualization 4 tools including virt-v2v
jb-eap-7-for-rhel-7-server-rpms JBoss Enterprise Application Platform 7 packages

Finally, use yum to update all packages on the system to their latest versions:

[[email protected] ~]# yum -y update

Step 2: Installing Red Hat Virtualization Manager Software

Once the operating system has been installed and has the correct software repositories enabled, install the rhevm package and its dependencies using the yum command. The dependencies for the rhevm package causes yum to download everything required to run Red Hat Virtualization Manager.

[[email protected] ~]# yum -y install rhevm

note: The package used to install Red Hat Virtualization Manager 4.1 is called rhevm with an “e”, not rhvm as might be expected. This is a legacy of the branding for Red Hat Enterprise Virtualization 3. The package name may change in future minor releases of Red Hat Virtualization. When you install the rhevm package with yum, a number of additional packages are downloaded and installed. This takes approximately five minutes.

Step 3: Configuring Red Hat Virtualization Manager

After package installation is finished, perform initial configuration of Red Hat Virtualization Manager by running engine-setup in a terminal on the server. The engine-setup command interactively prompts you for a number of configuration settings, applies them, and starts Red Hat Virtualization Manager. Once it completes, you can connect to its Administration Portal with a web browser to configure image storage and to register the hosts that will run virtual machines.

The following example focuses on the settings needed for a typical stand-alone, self-contained Red Hat Virtualization Manager installation on a bare-metal server intended for production use.

Start the configuration process by running engine-setup as root.

[[email protected] ~]# engine-setup

As engine-setup runs, it prompts you with questions about how Red Hat Virtualization Manager should be configured. It proposes default settings for most questions. These defaults are displayed in square brackets ([ and ]). Press Enter to accept the default value, or type a different value in manually.

The engine-setup command first asks for input on product options.

--== PRODUCT OPTIONS ==--
Configure Engine on this host (Yes, No) [Yes]:
Configure Image I/O Proxy on this host? (Yes, No) [Yes]:
Configure WebSocket Proxy on this host (Yes, No) [Yes]:
Configure Data Warehouse on this host (Yes, No) [Yes]:
Configure VM Console Proxy on this host (Yes, No) [Yes]:

Notice [Yes] at the end of each question. That is the default value. The default settings in this section configure a number of key services on the main Red Hat Virtualization Manager host:

  • The core engine for Red Hat Virtualization Manager.
  • Image I/O Proxy, which uploads images to storage domains.
  • WebSocket Proxy, which supports noVNC or SPICE-HTML5 connections to virtual machine consoles.
  • Data Warehouse, which maintains a comprehensive management database of Red Hat Virtualization operations. It is simple to install Data Warehouse on the RHVM server, but it can also be installed on a separate database server to reduce system load.
  • VM Console Proxy, which publishes serial console access to virtual machines through an SSH service running on port 2222 of the Red Hat Virtualization Manager server.

The Network Configuration section prompts you for the DNS name of the server and confirms that forward and reverse DNS name resolution is working. It also asks if you want it to automatically open the firewall ports needed by Red Hat Virtualization Manager using the firewalld system.

          --== NETWORK CONFIGURATION ==--
          Host fully qualified DNS name of this server [rhvm.lab.example.com]:
          Setup can automatically configure the firewall on this system.
          Note: automatic configuration of the firewall may overwrite current
 settings.
          Do you want Setup to configure the firewall? (Yes, No) [Yes]:
[ INFO  ] firewalld will be configured as firewall manager.

The Database Configuration section prompts you to configure the PostgreSQL database used for Data Warehouse. In the following example, the Data Warehouse database is configured on the local RHVM server, which is the default.

          --== DATABASE CONFIGURATION ==--
          Where is the DWH database located? (Local, Remote) [Local]:
          Setup can configure the local postgresql server automatically for the
DWH to run. This may conflict with existing applications.
          Would you like Setup to automatically configure postgresql and
create DWH database, or prefer to perform that manually? (Automatic, Manual)
[Automatic]:
          Where is the Engine database located? (Local, Remote) [Local]:
          Setup can configure the local postgresql server automatically for the
engine to run. This may conflict with existing applications.
          Would you like Setup to automatically configure postgresql and
create Engine database, or prefer to perform that manually? (Automatic, Manual)
[Automatic]:

The oVirt Engine Configuration section sets a password for the default admin user in the internal authentication domain. Remember whatever password you use, because you will need it later to log in to the Administration Portal to set up storage, virtual machine hosts, and other users.

If you specify a weak password, engine-setup warns you and asks you to confirm that you want to use that password. Since the admin user has complete administrative access to Red Hat Virtualization Manager, it should have a strong password and should only be used if personal administrative user accounts are not working or have not yet been set up.

You are also asked what Application mode the engine should run in. Both is the most flexible, and usually should be selected. This mode allows Red Hat Virtualization Manager to manage GlusterFS storage pools and to use GlusterFS as a data domain to host virtual machine disks.

--== OVIRT ENGINE CONFIGURATION ==--
Engine admin password: ...password...
Confirm engine admin password: ...password... 
Application mode (Virt, Gluster, Both) [Both]:

In the Storage Configuration section, Default SAN wipe after delete, is a security setting that wipes the blocks of a virtual disk when the virtual machine is deleted. This is off by default.

--== STORAGE CONFIGURATION ==--
Default SAN wipe after delete (Yes, No) [No]:

The PKI Configuration section sets the organization name used in the TLS certificate for the server.

--== PKI CONFIGURATION ==--
Organization name for certificate [lab.example.com]:

The Apache Configuration section sets up the Apache HTTPD web server used by Red Hat Virtualization Manager. If the application is set as the default page of the web server, the main page for the web server is a landing page with links to the Red Hat Virtualization Manager login screen, documentation, and other resources. Normally this should be fine, since you should not be running other applications on that web server.

You are also asked whether you want to configure the HTTPS certificate using a Certificate Authority (CA) internal to Red Hat Virtualization Manager, or by using a certificate from an external CA.

         --== APACHE CONFIGURATION ==--
         Setup can configure the default page of the web server to present the
application home page. This may conflict with existing applications.
         Do you wish to set the application as the default page of the web
server? (Yes, No) [Yes]:
         Setup can configure apache to use SSL using a certificate issued from
the internal CA.
         Do you wish Setup to configure that, or prefer to perform that manually?
(Automatic, Manual) [Automatic]:

The System Configuration section asks if you want to configure the Red Hat Virtualization Manager to provide an NFS export that should be used as an ISO domain. This is only appropriate for a proof-of-concept or very small test environment. In production, it makes more sense to use a dedicated NFS server or storage device. The default is No.

         --== SYSTEM CONFIGURATION ==--
         Configure an NFS share on this server to be used as an ISO Domain? (Yes,
No) [No]:

There are two sampling scales available for Red Hat Virtualization Manager’s Data Warehouse: Basic and Full. The default is Basic. Full records more detailed data but also requires more database storage and may increase database load.

--== MISC CONFIGURATION ==--
Please choose Data Warehouse sampling scale:
(1) Basic
(2) Full
(1, 2)[1]:
 --== END OF CONFIGURATION ==--

At this point, the configuration settings are complete, and engine-setup starts the Setup validation process.

The setup validation stage validates all configuration settings provided so far and prints a summary of the configuration settings to confirm. If you notice any incorrect setting in the Configuration Preview, cancel the setup by typing Cancel, or you can enter OK if everything is correct.

[ INFO  ] Stage: Setup validation
[WARNING] Less than 16384MB of memory is available

          --== CONFIGURATION PREVIEW ==--
Application mode                            : both
Default SAN wipe after delete               : False
Firewall manager                            : firewalld
Update Firewall                             : True
Host FQDN                                   : rhvm.lab.example.com
Configure local Engine database             : True
Set application as default page             : True 
Configure Apache SSL                        : True 
Engine database secured connection          : False 
Engine database user name                   : engine 
Engine database name                        : engine 
Engine database host                        : localhost 
Engine database port                        : 5432 
Engine database host name validation        : False
Engine installation                         : True
PKI organization                            : lab.example.com
DWH installation                            : True
DWH database secured connection             : False
DWH database host                           : localhost
DWH database user name                      : ovirt_engine_history
DWH database name                           : ovirt_engine_history
DWH database port                           : 5432
DWH database host name validation           : False
Configure local DWH database                : True
Configure Image I/O Proxy                   : True
Configure VMConsole Proxy                   : True
Configure WebSocket Proxy                   : True

Please confirm installation settings (OK, Cancel) [OK]: OK

Note: If less than 16 GB of memory is available, a warning is displayed, as shown in the preceding example. For a small environment, such as the one used in this course, we can safely ignore the warning. However, for a medium- to large-sized production environment with many active hosts and virtual machines, 16 GB or more system memory is recommended.

At this point, engine-setup configures and starts Red Hat Virtualization Manager. A number of informational messages are printed to the terminal.

If the configuration process and service startup completes successfully, engine-setup displays output similar to this, and then exits:

          --== SUMMARY ==--

[ INFO  ] Restarting httpd
          Please use the user '[email protected]' and password specified in order to
login
    Web access is enabled at:
    http://rhvm.lab.example.com:80/ovirt-engine
    https://rhvm.lab.example.com:443/ovirt-engine
    Internal CA CC:C6:8A:2A:66:30:17:10:21:1E:52:20:B3:6A:D2:A2:22:7A:E9:89
    SSH fingerprint: 9f:8b:65:cf:37:b4:45:ca:22:3e:31:09:60:c9:64:d2
[WARNING] Less than 16384MB of memory is available

          --== END OF SUMMARY ==--

[ INFO  ] Stage: Clean up
          Log file is located at /var/log/ovirt-engine/setup/ovirt-engine-
setup-20170818054801-ovn90u.log
[ INFO  ] Generating answer file '/var/lib/ovirt-engine/setup/
answers/20170818055642-setup.conf'
[ INFO  ] Stage: Pre-termination
[ INFO  ] Stage: Termination
[ INFO  ] Execution of setup completed successfully
[[email protected] ~]#

If the installation did not complete successfully, the summary reports the location of a log file in the /var/log/ovirt-engine/setup directory. This log file is the first source of information in case anything went wrong with the configuration process.

The summary also reports the location of the landing page for your Red Hat Virtualization Manager installation. In this example, it is https://rhvm.lab.example.com/ovirt-engine. If you specified that the application should be set as the default page of the web server, the host’s default URL also works. For the example above, the URL https://rhvm.lab.example.com also goes to that landing page.

Accessing the Administration Portal

Red Hat Virtualization Manager has a number of interfaces that can be used to interact with it and to manage the Red Hat Virtualization environment. A number of these are provided through its Apache httpd web server. One of the key interfaces, which can be reached through a link from Red Hat Virtualization Manager’s landing page, is the Administration Portal. This cross-platform web interface is accessible using any supported web browser.

Logging in to the Administration Portal

To access the Administration Portal, open a web browser and enter the URL of the landing page as discussed in the previous section. Click on the Administration Portal link. Alternatively, open the Administration Portal directly by going to the URL https://your-rhvm-server-fqdn/ ovirt-engine/sso/login.html.

Note:
When you do this, your web browser may complain because it does not recognize the CA that signed the TLS certification for Red Hat Virtualization Manager’s web server. There are three ways to fix this:

1. First, you may download and install the local CA certificate in your web browser. This is available at the URL http://your-rhvm-server- fqdn/ovirt-engine/services/pki-resource?resource=ca- certificate&format=X509-PEM-CA (replacing your-rhvm-server-fqdn with the fully-qualified domain name of your RHVM server).

2. Secondly, you may replace the TLS certificate used by the server with one that is signed by a CA already trusted by your web browser. At the time of writing, there are instructions to do this in Appendix D, “Red Hat Virtualization and SSL”, of the Red Hat Virtualization 4.1 Administration Guide at https://access.redhat.com/ documentation. (The exact location of those instructions might change in a future revision of the documentation.)

3. Finally, you may add a security exception in your web browser so that it accepts the self-signed certificate as valid. For Firefox, the procedure from the error page is:

  • Click the Advanced button.
  • Click the Add Exception button.
  • Click the Confirm Security Exception button in the Add Security Exception dialog.

Red Hat Virtualization Manager Landing Page

On the landing page, in the Portals section, click Administration Portal to be redirected to the Administration Portal’s login page. Alternatively, you can open the Administration Portal directly by going to the URL https://your-rhvm-server-fqdn/ovirt-engine/sso/login.html.

For your first login, authenticate to the portal using the admin user and the password you set in engine-setup. The Profile should be set to internal to use the internal authentication domain.

Administration Portal Login Screen

Upon successful login, you reach the Administration Portal’s dashboard.

Administration Portal