dheg
-
Posts
413 -
Joined
-
Last visited
Content Type
Profiles
Forums
Downloads
Store
Gallery
Bug Reports
Documentation
Landing
Posts posted by dheg
-
-
Reserved for future use
-
Installation of Archipel Agent
This should've been easy, but for some reason, it took me some time:
Archipel Agent relies on python, so you have to install some dependencies:
[root@titan ~]# yum -y install libvirt-python python-pip python-imaging python-magic gcc python-devel gcc python-devel
This will give a lot of warnings, but it will still work.
Then instal the agent:
[root@titan ~]# easy_install archipel-agent
and run:
[root@titan ~]# archipel-initinstall [root@titan ~]# archipel-tagnode [email protected] --password=Your_XMPP_password --create [root@titan ~]# archipel-rolesnode [email protected] --password=Your_XMPP_password --create [root@titan ~]# archipel-adminaccounts [email protected] --password=Your_XMPP_password --create
We are there, just start the agent and enjoy!
[root@titan ~]# service archipel start * Starting Archipel: [OK]
That's it, go to Archipel and to add the hypervisor, add a contact. The JID is the user@domain. Since the Agent, Client and XMPP server are all at the same machine, this is a bit redundant: -> JID: [email protected]
Good luck with your testing!
NOTE: Although I played a bit with Archipel, I don't know much about it. The instructions in the GitHub site are alsoquite scarce. I don't even know for how long I'm going to have this installed, I'd like to test other webGUIs.
Bottom line, I don't know of how much more help I could be :-)!
-
Installation of Archipel Client
Ok, this is an easy one:
Install apache web server and mod_ssl
[root@titan ~]# yum install -y mod_ssl
I read it's recommended to put Archipel client into a virtual host (I don't really know what this means, sorry!)
[root@titan ~]# mkdir /var/www/vhosts
Download Archipel client into /var/www/vhosts and extract it:
[root@titan ~]# cd /var/www/vhosts [root@titan ~]# wget http://nightlies.archipelproject.org/latest-archipel-client.tar.gz [root@titan ~]# tar -xvzf latest-archipel-client.tar.gz
Define the virtualhost into Apache 2 configuration:
[root@titan ~]# mcedit /etc/httpd/conf.d/archipel.conf
And add this (watch out here, don't mix your FQDN with your domain):
<VirtualHost 192.168.1.141:80> ServerName archipel.home ServerAlias archipel.local DocumentRoot /var/www/vhosts/Archipel ServerAdmin root@home CustomLog /var/log/httpd/archipel.log combined </VirtualHost>
Edit your httpd.conf file, look for the ServerName variable, uncomment it and set it to 'localhost' (this is not really necessary, but avoids a warning message when starting Apache):
[root@titan ~]# mcedit /etc/httpd/conf/httpd.conf
... ServerName localhost ...
Start Apache, and you are up and running!
[root@titan vhosts]# service httpd start Starting httpd: [ OK ]
You can now access the webGUI from your network, just type 192.168.1.141:80 (or whatever your IP is) in any browser. Log in is also a bit tricky:
- JabberID: [email protected]
- Password: Your_XMPP_password
- XMPP Service: http://192.168.1.141:5280/http-bind (this will autofill automatically, to avoid DNS issues, replace your FQDN with your server IP).
And we are in! We can't yet connect to the hypervisor, for that we need to install the Agent.
- JabberID: [email protected]
-
Installation of XMPP Server
Update the system
[root@titan ~]# yum -y update
install the yum priorities plugin – this ensure that packages of certain repositories got precedence on packages of other repositories
[root@titan ~]# yum install -y yum-priorities
edit the file CentOS-Base.repo and add the line “priority = 1” to all the repos except “centosplus” and “contrib“: these one must have “priority = 2“. Enable all disabled repos:
[root@titan ~]# mcedit /etc/yum.repos.d/CentOS-Base.repo
edit the rpmforge.repo file adding the line “priority = 10” to all the repos except the testing ones. Add the line “priority = 30” to all the testing repos.
[root@titan ~]# mcedit /etc/yum.repos.d/rpmforge.repo
edit the epel repo and epel repo adding the line “priority = 20” to all the repos except the testing ones. Add the line “priority = 30” to all the testing repos. Enable all disabled repos:
[root@titan ~]# mcedit /etc/yum.repos.d/epel.repo [root@titan ~]# mcedit /etc/yum.repos.d/remi.repo
Update the system
[root@titan ~]# yum -y update
We are ready to install ejabberd service: simply run
[root@titan ~]# yum install -y ejabberd
we must ensure that ejabberd has been packaged with mod_admin_extra. Type the next command, it must give you the path to the module files.
[root@titan ~]# rpm -ql ejabberd |grep mod_admin /usr/lib64/ejabberd/ebin/mod_admin_extra.beam
Now we have to install ejabberd_xmlrpc:
[root@titan ~]# yum install -y erlang-xmerl erlang-xmlrpc erlang-tools
download all ejabberd modules
[root@titan ~]# cd /usr/local/src [root@titan ~]# svn checkout http://svn.process-one.net/ejabberd-modules/
compile the ejabberd_xmlrpc module
[root@titan ~]# cd /usr/local/src/ejabberd-modules/ejabberd_xmlrpc/trunk [root@titan ~]# ./build.sh
finally, copy it in the modules directory
[root@titan ~]# cp ebin/ejabberd_xmlrpc.beam /usr/lib64/ejabberd/ebin
Next is to configure the XMPP server, this is easier than it looks like. Just copy my config file replacing titan.home by your FQDN (a couple of substitutions):
[root@titan ~]# mcedit /etc/ejabberd/ejabberd.cfg
add your FQDN to your hosts file, add also archipel as a hostname with your domain:
[root@titan ~]# mcedit /etc/hosts 192.168.1.141 titan titan.home archipel.home
start the ejabberd service:
[root@titan ~]# service ejabberd start
now we need to register the admin user:
[root@titan ~]# ejabberdctl register admin titan.home Your_XMPP_password User [email protected] successfully registered
We are almost there, we have to add some rules to the iptables
[root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT [root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT [root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 4560 -j ACCEPT [root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 5222 -j ACCEPT [root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 5269 -j ACCEPT [root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 5280 -j ACCEPT [root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 5281 -j ACCEPT
Save and restart the iptables, and we are done, xmpp is installed, running and with access from your home network.
[root@titan ~]# service iptables save iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ] [root@titan ~]# service iptables restart iptables: Setting chains to policy ACCEPT: filter mangle na[ OK ] iptables: Flushing firewall rules: [ OK ] iptables: Unloading modules: [ OK ] iptables: Applying firewall rules: [ OK ]
-
Installation of prerequisites and repos
On a fresh Centos 6.5 x64 minimal installation (I only configured during installation the FQDN, root account password and static IP):
[root@titan ~]# yum install -y wget svn mc [root@titan ~]# yum install -y http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm [root@titan ~]# yum install -y http://rpms.famillecollet.com/enterprise/remi-release-6.rpm [root@titan ~]# yum install -y http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm [root@titan ~]# rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
You shouldn't receive any error messages.
Installation of KVM
This is not an exaustive guide, just the bare minimum to get archipel working.
Disable SELinux:
[root@titan ~]# mcedit /etc/selinux/config
and edit the file adding disabled in the SELINUX variable:
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted.
Reboot the server:
[root@titan ~]# reboot
Import the GPG keys for software packages:
[root@titan ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*
To install KVM and virtinst (a tool to create virtual machines), we run
[root@titan ~]# yum install -y kvm libvirt qemu-kvm python-virtinst virt-top
Then start the libvirt daemon:
[root@titan ~]# service libvirtd start
To check if KVM has successfully been installed, run
[root@titan ~]# virsh -c qemu:///system list
It should display something like this:
[root@server1 ~]# virsh -c qemu:///system list Id Name State ----------------------------------
Next we need to set up a network bridge on our server so that our virtual machines can be accessed from other hosts as if they were physical systems in the network.
To configure the bridge, edit the interface eth0: add BRIDGE=br0 and comment out BOOTPROTO, IPADDR, PREFIX, GATEWAY, DNS1 and DNS2. It should look something like this:
[root@titan ~]# mcedit /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 NAME="System eth0" TYPE=Ethernet UUID=(this field is unique for each card) ONBOOT=yes NM_CONTROLLED=no #BOOTPROTO=none HWADDR=(this field is unique for each card) #IPADDR=192.168.1.141 #PREFIX=24 #GATEWAY=192.168.1.1 #DNS1=208.67.222.222 #DNS2=208.67.220.220 DEFROUTE=yes IPV4_FAILURE_FATAL=yes IPV6INIT=no BRIDGE=br0
Now lets configure a bridge:
[root@titan ~]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-br0 [root@titan ~]# mcedit /etc/sysconfig/network-scripts/ifcfg-br0
Edit file so it looks like this:
DEVICE=br0 NAME="System br0" TYPE=Bridge ONBOOT=yes NM_CONTROLLED=no BOOTPROTO=none IPADDR=192.168.1.141 PREFIX=24 GATEWAY=192.168.1.1 DNS1=208.67.222.222 DNS2=208.67.220.220 DEFROUTE=yes IPV4_FAILURE_FATAL=yes IPV6INIT=no
and restart the network
[root@titan ~]# service network restart
if you run ifconfig, it should now show the network bridge:
[root@titan ~]# ifconfig br0 Link encap:Ethernet HWaddr 00:22:15:ED:3E:CF inet addr:192.168.1.141 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::222:15ff:feed:3ecf/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:37 errors:0 dropped:0 overruns:0 frame:0 TX packets:24 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2908 (2.8 KiB) TX bytes:3576 (3.4 KiB) eth0 Link encap:Ethernet HWaddr 00:22:15:ED:3E:CF inet6 addr: fe80::222:15ff:feed:3ecf/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:38625 errors:0 dropped:0 overruns:0 frame:0 TX packets:17905 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:40239878 (38.3 MiB) TX bytes:1444750 (1.3 MiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) virbr0 Link encap:Ethernet HWaddr 52:54:00:7C:D0:8F inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
insert rules into iptables to allow network to use that bridge
[root@titan ~]# iptables -I FORWARD -m physdev --physdev-is-bridge -j ACCEPT [root@titan ~]# service iptables save [root@titan ~]# service iptables start
make sure netfilter is enabled for bridges:
[root@titan ~]# mcedit /etc/sysctl.conf
check the next lines are set to 0, if not change them to 0
net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-call-iptables = 0 net.bridge.bridge-nf-call-arptables = 0
if you change any value, reboot server
That's it.
-
What is Archipel
Some of you might know Archipel (http://archipelproject.org/). It is a web based solution to manage and supervise virtual machines.
The good thing is that it does look very good, if you see the video in the website it's really appealing. On the cons, it's quite difficult to install, but mainly, and IMHO, it's not (yet) ready for production: it certainly does look good and have potential, but it's still buggy. I contacted the developer and he confirmed the project it's not abandoned, although he's quite busy with work and can't dedicate much of his time at the moment.
Nevertheless, as I went through the hoops of installing, and since some members couldn't make it work, I decided to write a quick guide for those interested in checking it out and have a test of it. Maybe some day it's actually ready and we can integrate it with a headless server.
Architecture
Archipel architecture is a bit complex. It is base in XMPP for all communication. Therefore for Archipel to work you need:
- XMPP server
- Archipel Client: this is the actual webGUi to communicate with the hypervisor
- Archipel Agent: installed in the hypervisor
Theoretically you should have to install all these 3 in different machines. The beauty of this guide is that it'll allow you to install all of them (XMPP server, Client and Agent) on the hypervisor
Prerequisites
CentOS 6.5 x64 minimal distro installed: it might work with other distros, but I'm certainly not an expert on linux. I'll write down a step by step guid to make this work.
Additional packages: wget svn mc system-config-network-tui.
- mc (midnight commander): it's not really neccesary, you can use vi, but I like the simplicity and easy of use of it.
- system-config-network-tui: it's a graphical wizard tool to set up a static ip. If you know your ways in CentOS you probably won't need it. I won't use it in this guide because I set up the static IP during installation.
Additional repos: epel and rmpforge repos.
Additional info
During installation I configured my server with:
- FQDN: titan.home
- Server IP: 192.168.1.141
You can modify this to your liking/needs.
Although you can do this from the server itself, I recommend you to SSH into the server, you can save a lot of typing!
If you follow this guide, and don't hit any walls, it should take about 30min (there are a lot of packages to download), start to end.
SOURCES:
- XMPP server
-
1. What little speed you might gain using Hardware Raid for what you are doing... Isn't worth the hassle.
2. You can use Software Raid and use a LVM on top of it. You could do RAID 0,1,5,6,10. Then you basically have an unRAID. You can add (doesn't matter what size, shape or speed) and remove it and expand the RAID / LVM very easily. You could mirror or have single or dual parity if you want. Then you have X amount of more space (or less if you removed a drive) for your Host, VMs, Data, ISOs, etc.
Makes a lot of sense
-
3. Why do you need a cache drive? Your VMs will download your TV Shows, Movies, etc. and copy them over to unRAID for you.
I do a bit of lightroom and photoshop, plus my Dropbox share. These are continuously writing files, without a cache my array will be up and running recalculating parity way too often.
With cache is just once per day.
Sent from my GT-I9305 using Tapatalk
-
I have a couple of points in which I'd really appreciate your input guys. Just bear with me for a sec.
I'm running an ESXi hypervisor and one of the VMs is a NAS4Free zfs server. I keep there the VMs and the cache drive. I'm happy with this setup because:
a. My cache drive has some level of protection
b. My other VMs not only are also protected but also have daily snapshots (which have come handy in a couple of occasions)
c. I'm getting very good speeds with spinners
When moving to unRAID-extreme (man i hope this does actually happen!) my plan is to set up some kind of raid through the motherboard, which will keep the hosts and datastore 'protected' and daily snapshots with LVM saved in unraid shares. This will keep the host/VMs side covered, but what about the cache drive? I don't really want to lose the advantages (speed / redundancy) of my current setup.
So my questions are:
1. Overall, what do you think? Does it make sense?
2. Would it be better software raid, in case the mb dies?
3. What do you recommend for the cache drive?
Sent from my GT-I9305 using Tapatalk
-
How massive is your database?
Sent from my GT-I9305 using Tapatalk
-
then, for my usage at least, i don't see the cons of not having a vtd cpu
No vtd, no pass through, if you don't need it you are good to go :-)
you could still virtualize a plex server, usenet box, Dropbox/crashplan server, etc
I was thinking on my needs, i want to pass through a gpu a ditch my desktop ;-)
Sent from my GT-I9305 using Tapatalk
-
I do sometimes regret a little getting a core i3 with 8gb of ram for something which barely/rarely gets pushed, so this would somehow justify my purchase while making me explore stuff I've never thought of exploring before! !
Don't mean to put you down but i don't think an i3 will support vt-d
Sent from my GT-I9305 using Tapatalk
-
Not alienating the existing customer base I believe is top priority for Tom.
However, for me, I'm not bound by such constraints and will be working closely with Tom over the coming weeks to bring this "unRAID Extreme" edition to fruition.
This is happening guys, it will just take me a little while to get the little details worked out, potentially porting the extreme edition to centOS or whatever is not too hard but I reckon tweaking emhttp will take some effort before its as reliable as it is now.
Once I've got the core port done we can look to add extra features.
Sent from my Nexus 5 using Tapatalk
Gooooooood! :-)
Sent from my GT-I9305 using Tapatalk
-
I raised that idea tongue in cheek. A foundation is for people with lots of money who want to give it away and change the world. Think Rockerfeller, Ford, Gates foundations. A non-profit established for charitable, educational or scientific purposes. After incorporation, and many lawyers later, step 8 is to apply to the IRS. Its a big hammer. It might be a few steps away from where we are at today.
Still we need a way to make the project proceed without financial constraints. Thankfully the internet enables most collaboration without additional cost. If the original PC was the oven for the half baked idea, forums like these are much more powerful....
Well, I'm certainly not a lawyer, although I'm sure there are some around (?)
While aiming at becoming the Bill Gates Foundation is a bit high (for now
) I don't necessarily agree that you need a ton of money to start. With some exceptions, everything in life come small and grow from there. Just of the top of my head, do you know/are aware of any means to set-up a bitcoin-based foundation-like thing? This would allow us to start without IRS constraints (and forgive my ignorance on this, I barely know the legislation in my country 
)What about Kickstarter? We could create an experts committee (not necessarily knowledgeable people), set up a project outline, and start a kickstarter project. Does it make sense?
PS: I've sent an email to Tom to have his input on this. This for me would be the first step.
-
I'm willing to contribute a few dollars.
As long as the information is brought back into the unRAID fold.
I figure the cost of a book on KVM could go to someone who can help and teach me a lil through their efforts.
We have PayPal as a base. This should work once Ironic gives us his paypal address. Giving directly to one person is easy.
More challenging, how is the money held and who controls it in a collaborative project like this? Do we set up an unRaid Foundation?
Going back to the original topic ;-)
I really like the unRAID Foundation idea.
However, before proceeding with anything I'd like to have the green light from Tom.
Sent from my GT-I9305 using Tapatalk
-
There is.. SolusVM Virtual Server Control Panel
Solus Virtual Manager (SolusVM) is a Web GUI based VPS management system with full OpenVZ, Linux KVM, Xen Paravirtualization and Xen HVM support.
That mean we still can write our own Control Panel
But this is a commercial product, isn't it?
-
Finka, while I respect your opinion I don't share it.
I'm willing to pay more if that helps to move things forward. It could be licensing, donation-ware, you name it. For the same reason I've donated to CP, SB or Wikipedia, among other.
I'm sure there are some people like you, and some like me, no judgment attached, and I don't see a valid reason because you and I can't co-exist.
And to be clear, I have no affiliation/relationship with grumpy, badger, or ford
Sent from my GT-I9305 using Tapatalk
-
And final post (for now), promised
!Why keep Slackware and not move the whole thing to CentOS (which is leading the poll at this moment)?
I'm still talking about an unRAID OS, but by reading this thread my understanding (and please forgive me as I'm no expert), it that Slackware is kind of dead. Shouldn't we steer or efforts for a 64bit OS for a more active distro?
-
in this community effort for a unRAID OS with KVM, shouldn't we talk also about:
- an email/notification system
- a nicer polished webGUI (ie boxcar or simplefeatures)
This would certainly round the product, right?
And this brings another question: how are we tracking all the good ideas in this thread, could GitHub be used, maybe not for actual development, but at least for tracking purposes.?
- an email/notification system
-
How about this as a compromise...
Being the poor college student that Ironic is, he puts together an Slackware 14.1 64 bit with unRAID Xen and KVM ISO (since the unRAID wiki is complicated and incomplete).
During the install (to a flash drive or Hard Drive) you select if you want a KDE Linux Desktop (looks and works much like Windows), XBMC or just a terminal screen.
He will also provide a repo where you can do...
slackpkg install mysql couchpotato plexmediasever etc.
If you want to install various packages. Since the Slackware repo sucks he can add the popular ones or users requests so none of you have to compile stuff.
Would any of you guys be willing to donate money to Ironic if he does that and maintains a repo with software which it updates with new versions as they come out?
So this doesn't get lost in the noise, and since only Ford and Weebo have confirmed their support (sorry if I missed someone else guys
): I'd would gladly contribute in any way I can, being that funds/time/testing or else.
And since at the end of the day, this is all about compromise and money talks louder than anything else, should something like http://www.kickstarter.com/ be considered? This is of course something for Tom to manage.
It would certainly give us more exposure, and would allow us to use our 'digital-personal-brand' to promote unRAID (is Tom #2 still around?).
-
oh boy, it's this thread exciting!
-
I'm going to put some guidelines so others can benefit of my efforts, BUT I don't think Archipel is ready for production, the product is still buggy.
I contacted the developer and he told he's been tight up with work and that he plans to resume this project next year, I don't think this could be our Plan A.
Any other webGUI you can think of? I was thinking of WebVirtManager or ConVirt, any experience with those?
Sent from my GT-I9305 using Tapatalk
-
I am not competent or knowledgeable with Linux, hence why I haven't cast a vote in the poll. So long as there is a manual and a user friendly interface, then I am good with whatever is chosen. There are far more technical people than me that will consider the pros and cons and direct this project. So I would not take the 30+ people that have voted as the target audience, there will be a lot of people watching this thread with interest.
Precisely my point
Sent from my GT-I9305 using Tapatalk
-
Since only 30 people have responded to the poll in this thread so far. Perhaps that is a good indication of how small the users base out there who want to see the added features and functionality we have discussed. I suspect not but I don't know.
My 2 cents:
I mainly follow this forum with tapatalk, and you can't see the surveys there.
I believe many people don't really understand the potential of this, and those who do might not care much about the OS as long as this is achieved.
Sent from my GT-I9305 using Tapatalk
) I don't necessarily agree that you need a ton of money to start. With some exceptions, everything in life come small and grow from there. Just of the top of my head, do you know/are aware of any means to set-up a bitcoin-based foundation-like thing? This would allow us to start without IRS constraints (and forgive my ignorance on this, I barely know the legislation in my country 
)
!
WebGUI for Virtualization Platforms (Xen, KVM, etc)
in Virtual Machines - Xen
Posted
For those interested, I posted a guide on how to install Archipel in a single machine (the host).
You can find it here: http://lime-technology.com/forum/index.php?topic=30850.msg277522#msg277522