centos7下部署kvm并安装web管理客户端

centos7下部署kvm并安装web管理客户端

setenforce 0
systemctl stop firewalld
systemctl disable firewalld
yum install -y wget
ls /etc/yum.repos.d/
rm -rf /etc/yum.repos.d/*
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum install epel-release -y
yum makecache

yum install qemu-kvm libvirt libvirt-python libguestfs-tools virt-install virt-manager #virt-manager为图形管理工具可以选择安装
systemctl enable libvirtd
systemctl start libvirtd
lsmod | grep -i kvm
brctl show #查看网络
virsh net-list #查看网络virsh net-dumpxml default #默认的网络连接方式

TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens192"
UUID="fe8d89d2-fe1a-418b-aea2-682643e8661a"
DEVICE="ens192"
ONBOOT="yes"
IPV6_PRIVACY="no"
BRIDGE=br0
NM_CONTROLLED=no

3.2vi /etc/sysconfig/network-scripts/ifcfg-br0 #桥接ip设置

TYPE=Bridge
DEVICE=br0
NM_CONTROLLED=no
BOOTPROTO=static
NAME=br0
ONBOOT=yes
IPADDR=192.168.100.152
PREFIX=24
GATEWAY=192.168.100.1
DNS1=114.114.114.114

3.3重启网卡

systemctl restart network

3.4下载镜像或者本地上传

安装webvirmgr web管理工具

yum -y install git python-pip libvirt-python libxml2-python python-websockify supervisor nginx
yum -y install gcc python-devel

pip install numpy -i https://mirrors.aliyun.com/pypi/simple/ #用阿里源安装numpy组件git clone git://github.com/retspen/webvirtmgr.git #github克隆文件太慢可以下载zip文件解压安装
yum install -y unzip zip
unzip webvirtmgr-master.zip
mv webvirtmgr-master webvirtmgr
cd webvirtmgr/
pip install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple #安装所需的pip环境

配置nginx解析

vi /etc/nginx/conf.d/webvirtmgr.conf
server {
    listen 80 default_server;

    server_name $hostname;
    #access_log /var/log/nginx/webvirtmgr_access_log;

    location /static/ {
        root /var/www/webvirtmgr/webvirtmgr; # or /srv instead of /var
        expires max;
    }

    location / {
        proxy_pass http://127.0.0.1:8000;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_connect_timeout 600;
        proxy_read_timeout 600;
        proxy_send_timeout 600;
        client_max_body_size 1024M; # Set higher depending on your needs
    }
}

4.2 关闭默认解析
vi /etc/nginx/nginx.conf
注释掉下面内容

#    server {
#        listen       80 default_server;
#        listen       [::]:80 default_server;
#        server_name  _;
#       root         /usr/share/nginx/html;

#       # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;

#       location / {
#        }

#        error_page 404 /404.html;
#            location = /40x.html {
#        }

#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }

....
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }

 }

4.3

chown -R nginx:nginx /var/www/webvirtmgr
service nginx restart #重启nginx生效

4.4 设置nginx开机启动

vi /etc/supervisord.d/webvirtmgr.ini
[program:webvirtmgr]
command=/usr/bin/python /var/www/webvirtmgr/manage.py run_gunicorn -c /var/www/webvirtmgr/conf/gunicorn.conf.py
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
logfile=/var/log/supervisor/webvirtmgr.log
log_stderr=true
user=nginx

[program:webvirtmgr-console]
command=/usr/bin/python /var/www/webvirtmgr/console/webvirtmgr-console
directory=/var/www/webvirtmgr
autostart=true
autorestart=true
stdout_logfile=/var/log/supervisor/webvirtmgr-console.log
redirect_stderr=true
user=nginx

启动服务

service supervisord stop
service supervisord start

sudo su - nginx -s /bin/bash
-bash-4.2$ ssh-keygen

+-----------------+-bash-4.2$ touch ~/.ssh/config && echo -e "StrictHostKeyChecking=no\nUserKnownHostsFile=/dev/null" >> ~/.ssh/config
-bash-4.2$ chmod 0600 ~/.ssh/config
-bash-4.2$ cat .ssh/id_rsa.pub -bash-4.2$ ssh-copy-id root@192.168.120.54 #拷贝密钥到认证文件夹下

vi /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
[Remote libvirt SSH access]
Identity=unix-user:root
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes

chown -R root.root /etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
systemctl restart nginx
systemctl restart libvirtd

然后登录web连接kvm

http://192.168.100.152
admin
123456