# CloudStack 4.17.2 Installation Guide ###### Tags: `CloudStack` `past` ## Requirement OS：Ubuntu 22.04 ## Configure SSH ### Update apt ``` apt update ``` ### Install SSH ``` apt install openssh-server -y ``` ### Configure SSH config Install vim to edit files ``` apt install vim -y ``` Edit SSH config ``` vim /etc/ssh/sshd_config ``` Apend to end ``` PermitRootLogin yes KexAlgorithms=+diffie-hellman-group-exchange-sha1 PubkeyAcceptedKeyTypes=+ssh-dss HostKeyAlgorithms=+ssh-dss KexAlgorithms=+diffie-hellman-group1-sha1 ``` Restart SSH let config take effect ``` systemctl restart ssh ``` ## Configure Network Install Net-Tools first ``` apt install net-tools -y ``` You need to know your network card name, ip, gateway, subnet mask to continue to the next step ### Get network card detail ``` ifconfig ``` ### Edit configure files ``` vim /etc/netplan/01-network-manager-all.yaml ``` Modify it as follows ``` network: renderer: networkd ethernets: NATNIC: dhcp4: false dhcp6: false NATNIC.200: dhcp4: false dhcp6: false bridges: cloudbr0: dhcp4: no dhcp6: no mtu: 1500 interfaces: [NATNIC] addresses: [LANIP/CIDR] routes: - to: default via: GATEWAY nameservers: addresses: [8.8.8.8,8.8.4.4] parameters: stp: false forward-delay: 5 cloudbr1: dhcp4: no dhcp6: no interfaces: [NATNIC.200] parameters: stp: false forward-delay: 5 ``` **NATNIC** is your network card name **LANIP** is your network card ip **CIDR** is your network card subnet mask **GATEWAY** is your network card gateway ### Check and apply Check config correct ``` netplan try ``` Let config take effect ``` netplan apply ``` ## Install & Configure NFS ### Install NFS ``` apt install nfs-kernel-server nfs-common -y ``` Make directory for NFS mount ``` mkdir -p /export/primary mkdir /export/secondary mkdir /mnt/primary mkdir /mnt/secondary ``` Set directory permissions ``` chmod -R 777 /export/primary chmod -R 777 /export/secondary chmod -R 777 /mnt/primary chmod -R 777 /mnt/secondary ``` ``` echo "/export/secondary *(rw,async,no_root_squash,no_subtree_check)" >> /etc/exports echo "/export/primary *(rw,async,no_root_squash,no_subtree_check)" >> /etc/exports ``` ### Configure NFS ``` vim /etc/default/nfs-kernel-server ``` Append to end ``` LOCKD_TCPPORT=32803 LOCKD_UDPPORT=32769 MOUNTD_PORT=892 RQUOTAD_PORT=875 STATD_PORT=662 STATD_OUTGOING_PORT=2020 ``` Enable NFS ``` systemctl enable nfs-kernel-server ``` Mount NFS ``` exportfs -a ``` Auto mount in startup ``` vim /etc/fstab ``` Append to end ``` LANIP:/export/primary /mnt/primary nfs defaults 0 0 LANIP:/export/secondary /mnt/secondary nfs defaults 0 0 ``` **LANIP** is your network card IP Mount NFS to debug ``` mount -a ``` ## Install & Configure CloudStack Management ### Install MySQL Install database before install cloudstack management ``` apt install mysql-server -y ``` Configure MySQL ``` vim /etc/mysql/conf.d/cloudstack.cnf ``` ``` [mysqld] server-id=master-01 innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections=350 log-bin=mysql-bin binlog-format = 'ROW' ``` Enable and Start MySQL ``` systemctl enable mysql.service systemctl start mysql.service ``` ### Initialize MySQL **mysqlRPassword** is password you want to change ``` mysql -u root ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password by 'mysqlRPassword'; exit ``` ``` mysql_secure_installation ``` Enter password first then, You will see selections ``` Would you like to setup VALIDATE PASSWORD component? N Change the password for root ? N Remove anonymous users? N Disallow root login remotely? Y Remove test database and access to it? Y Reload privilege tables now? Y ``` ### Install CloudStack Managment Add CloudStack Managment to apt source ``` echo deb http://download.cloudstack.org/ubuntu focal 4.17 > /etc/apt/sources.list.d/cloudstack.list wget -O - http://download.cloudstack.org/release.asc|apt-key add - ``` Then update apt ``` apt update ``` Install JAVA before install CloudStack Managment ``` apt-get install chrony openjdk-11-jre-headless -y ``` Install CloudStack Managment ``` apt-get install cloudstack-management -y ``` ### Setup CloudStack database ``` cloudstack-setup-databases cloud:mysqlCPassword@localhost \ --deploy-as=root:mysqlRootPassword \ -e file \ -m managementServerKey \ -k databaseKey \ -i LANIP ``` **mysqlCPassword** is the password of the account created by cloudstack **managementServerKey** is the management server key **databaseKey** is database key Complate configure CloudStack Managment ``` cloudstack-setup-management ``` ### Install SystemVM for CloudStack Managment ``` /usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt \ -m /mnt/secondary \ -u http://download.cloudstack.org/systemvm/4.17/systemvmtemplate-4.17.2-kvm.qcow2.bz2 \ -h kvm \ -s managementServerKey \ -F ``` **managementServerKey** is the key you just set Set sudoers to make sure everything works ``` vim /etc/sudoers ``` Append to end ``` Defaults:cloud !requiretty ``` ## Install CloudStack Agent ``` apt install cloudstack-agent -y ``` ### Configure QENU ``` vim /etc/libvirt/qemu.conf ``` Find the identifier and ucomment or change or append to config ``` vnc_listen = "0.0.0.0" ``` ### Configure Hypervisor ``` vim /etc/libvirt/libvirtd.conf ``` Find the identifier and ucomment or change or append to config ``` listen_tls = 0 listen_tcp = 1 tcp_port = "16509" auth_tcp = "none" mdns_adv = 0 ``` ``` vim /etc/default/libvirtd ``` Find the identifier and ucomment or change or append to config ``` LIBVIRTD_ARGS="--listen" ``` ### Mask libvirt for listening ``` systemctl mask libvirtd.socket libvirtd-ro.socket \ libvirtd-admin.socket libvirtd-tls.socket libvirtd-tcp.socketd ``` ### Disable Apparmor ``` ln -s /etc/apparmor.d/usr.sbin.libvirtd /etc/apparmor.d/disable/ ln -s /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper /etc/apparmor.d/disable/ apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd apparmor_parser -R /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper ``` ## All Done ## Some problem solution If you get a secondary not found error ``` systemctl restart nfs-server.service exportfs -a mount -a systemctl restart cloudstack-agent.service ``` Then restart systemvm in manager