Before you begin , you need to prepare the environment before you install
CloudStack. We will go over the steps to prepare now.
Operating System
Using the CentOS 6.8 x86_64 minimal install ISO, you’ll need to install CentOS 6
on your hardware. The defaults will generally be acceptable for this
installation.
Once this installation is complete, you’ll want to connect to your freshly
installed machine via SSH as the root user. Note that you should not allow
root logins in a production environment, so be sure to turn off remote logins
once you have finished the installation and configuration.
Configuring the network
By default the network will not come up on your hardware and you will need to
configure it to work in your environment. Since we specified that there will
be no DHCP server in this environment we will be manually configuring your
network interface. We will assume, for the purposes of this exercise, that
eth0 is the only network interface that will be connected and used.
Connecting via the console you should login as root. Check the file
/etc/sysconfig/network-scripts/ifcfg-eth0, it will look like this by default:
DEVICE="eth0"
HWADDR="52:54:00:B9:A6:C0"
NM_CONTROLLED="yes"
ONBOOT="no"
Unfortunately, this configuration will not permit you to connect to the
network, and is also unsuitable for our purposes with CloudStack. We want to
configure that file so that it specifies the IP address, netmask, etc., as
shown in the following example:
Note
You should not use the Hardware Address (aka the MAC address) from our
example for your configuration. It is network interface specific, so you
should keep the address already provided in the HWADDR directive.
DEVICE=eth0
HWADDR=52:54:00:B9:A6:C0
NM_CONTROLLED=no
ONBOOT=yes
BOOTPROTO=none
IPADDR=172.16.10.2
NETMASK=255.255.255.0
GATEWAY=172.16.10.1
DNS1=8.8.8.8
DNS2=8.8.4.4
Note
IP Addressing - Throughout this document we are assuming that you will have
a /24 network for your CloudStack implementation. This can be any RFC 1918
network. However, we are assuming that you will match the machine address
that we are using. Thus we may use 172.16.10.2 and because you might be
using the 192.168.55.0/24 network you would use 192.168.55.2
Now that we have the configuration files properly set up, we need to run a few
commands to start up the network:
# chkconfig network on
# service network start
Hostname
CloudStack requires that the hostname be properly set. If you used the default
options in the installation, then your hostname is currently set to
localhost.localdomain. To test this we will run:
At this point it will likely return:
To rectify this situation - we’ll set the hostname by editing the /etc/hosts
file so that it follows a similar format to this example:
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.10.2 srvr1.cloud.priv
After you’ve modified that file, go ahead and restart the network using:
# service network restart
Now recheck with the hostname –fqdn command and ensure that it returns a FQDN
response
SELinux
At the moment, for CloudStack to work properly SELinux must be set to
permissive. We want to both configure this for future boots and modify it in
the current running system.
To configure SELinux to be permissive in the running system we need to run the
following command:
To ensure that it remains in that state we need to configure the file
/etc/selinux/config to reflect the permissive state, as shown in this example:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
NTP
NTP configuration is a necessity for keeping all of the clocks in your cloud
servers in sync. However, NTP is not installed by default. So we’ll install
and and configure NTP at this stage. Installation is accomplished as follows:
The actual default configuration is fine for our purposes, so we merely need
to enable it and set it to start on boot as follows:
# chkconfig ntpd on
# service ntpd start
Configuring the CloudStack Package Repository
We need to configure the machine to use a CloudStack package repository.
Note
The Apache CloudStack official releases are source code. As such there are
no ‘official’ binaries available. The full installation guide describes how
to take the source release and generate RPMs and and yum repository. This
guide attempts to keep things as simple as possible, and thus we are using
one of the community-provided yum repositories.
To add the CloudStack repository, create /etc/yum.repos.d/cloudstack.repo and
insert the following information.
[cloudstack]
name=cloudstack
baseurl=http://cloudstack.apt-get.eu/centos/6/4.11/
enabled=1
gpgcheck=0
NFS
Our configuration is going to use NFS for both primary and secondary storage.
We are going to go ahead and setup two NFS shares for those purposes. We’ll
start out by installing nfs-utils.
# yum -y install nfs-utils
We now need to configure NFS to serve up two different shares. This is handled
comparatively easily in the /etc/exports file. You should ensure that it has
the following content:
/export/secondary *(rw,async,no_root_squash,no_subtree_check)
/export/primary *(rw,async,no_root_squash,no_subtree_check)
You will note that we specified two directories that don’t exist (yet) on the
system. We’ll go ahead and create those directories and set permissions
appropriately on them with the following commands:
# mkdir -p /export/primary
# mkdir /export/secondary
CentOS 6.x releases use NFSv4 by default. NFSv4 requires that domain setting
matches on all clients. In our case, the domain is cloud.priv, so ensure that
the domain setting in /etc/idmapd.conf is uncommented and set as follows:
Domain = cloud.priv
Now you’ll need uncomment the configuration values in the file
/etc/sysconfig/nfs
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
RQUOTAD_PORT=875
STATD_PORT=662
STATD_OUTGOING_PORT=2020
Now we need to configure the firewall to permit incoming NFS connections.
Edit the file /etc/sysconfig/iptables
-A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 111 -j ACCEPT
-A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 111 -j ACCEPT
-A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 2049 -j ACCEPT
-A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 32803 -j ACCEPT
-A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 32769 -j ACCEPT
-A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 892 -j ACCEPT
-A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 892 -j ACCEPT
-A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 875 -j ACCEPT
-A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 875 -j ACCEPT
-A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 662 -j ACCEPT
-A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 662 -j ACCEPT
Now you can restart the iptables service with the following command:
# service iptables restart
We now need to configure the nfs service to start on boot and actually start
it on the host by executing the following commands:
# service rpcbind start
# service nfs start
# chkconfig rpcbind on
# chkconfig nfs on