You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by an...@apache.org on 2021/08/06 12:52:34 UTC
[cloudstack-documentation] branch main updated: Adding docs for
SUSE / RHEL8 variants support (#224)
This is an automated email from the ASF dual-hosted git repository.
andrijapanic pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cloudstack-documentation.git
The following commit(s) were added to refs/heads/main by this push:
new 7f751ce Adding docs for SUSE / RHEL8 variants support (#224)
7f751ce is described below
commit 7f751ce189a778fceb9cd71ad6820313d303b186
Author: davidjumani <dj...@gmail.com>
AuthorDate: Fri Aug 6 18:22:30 2021 +0530
Adding docs for SUSE / RHEL8 variants support (#224)
* Adding docs for SUSE support
* Updating for RHEL8
* Fixing repo location
* Updating notes
---
source/installguide/hypervisor/kvm.rst | 385 +++++++++++++++++----
.../installguide/management-server/_database.rst | 102 ++++--
source/installguide/management-server/_nfs.rst | 18 +-
.../management-server/_pkg_install.rst | 12 +-
.../installguide/management-server/_pkg_repo.rst | 38 +-
.../management-server/_prerequisite.rst | 22 +-
source/releasenotes/compat.rst | 15 +-
7 files changed, 469 insertions(+), 123 deletions(-)
diff --git a/source/installguide/hypervisor/kvm.rst b/source/installguide/hypervisor/kvm.rst
index 5f94750..4156de4 100644
--- a/source/installguide/hypervisor/kvm.rst
+++ b/source/installguide/hypervisor/kvm.rst
@@ -26,7 +26,11 @@ are recommended:
- CentOS / RHEL: 7.X
-- Ubuntu: 16.04
+- CentOS / RHEL / Binary-compatible variants: 8.X
+
+- Ubuntu: 18.04 +
+
+- openSUSE / SLES: 15.2 +
The main requirement for KVM hypervisors is the libvirt and Qemu
version. No matter what Linux distribution you are using, make sure the
@@ -122,21 +126,32 @@ KVM instances.
NTP is required to synchronize the clocks of the servers in your
cloud. Unsynchronized clocks can cause unexpected problems.
- #. Install NTP
+
+#. Install NTP
+
+ In RHEL or CentOS:
.. parsed-literal::
- $ yum install ntp
+ $ yum install chrony
+
+ In Ubuntu:
.. parsed-literal::
- $ apt-get install openntpd
+ $ apt-get install chrony
+
+ In SUSE:
+
+ .. parsed-literal::
+
+ $ zypper install chrony
#. Repeat all of these steps on every hypervisor host.
.. warning::
CloudStack |version| requires Java 11 JRE. Installing CloudStack agent will
- automatically install Java 11, but it's good to explicitly confirm that the Java 11
+ automatically install Java 11, but it's good to explicitly confirm that the Java 11
is the selected/active one (in case you had a previous Java version already installed)
with ``alternatives --config java``, after CloudStack agent is installed.
@@ -166,6 +181,13 @@ In Ubuntu:
$ apt-get install cloudstack-agent
+In SUSE:
+
+.. parsed-literal::
+
+ $ zypper install cloudstack-agent
+
+
The host is now ready to be added to a cluster. This is covered in a
later section, see :ref:`adding-a-host`. It is
recommended that you continue to read the documentation before adding
@@ -263,6 +285,10 @@ CloudStack uses libvirt for managing virtual machines. Therefore it is
vital that libvirt is configured correctly. Libvirt is a dependency of
cloudstack-agent and should already be installed.
+.. note::
+ Please note that Cloudstack will automatically perform basic configuration of the agent and libvirt when the host is added. This is relevant if you are
+ planning to automate the deployment and configuration of your KVM hosts.
+
#. In order to have live migration working libvirt has to listen for
unsecured TCP connections. We also need to turn off libvirts attempt
to use Multicast DNS advertising. Both of these settings are in
@@ -293,7 +319,7 @@ cloudstack-agent and should already be installed.
#. Turning on "listen\_tcp" in libvirtd.conf is not enough, we have to
change the parameters as well:
- On RHEL or CentOS modify ``/etc/sysconfig/libvirtd``:
+ On RHEL or CentOS or SUSE modify ``/etc/sysconfig/libvirtd``:
Uncomment the following line:
@@ -301,35 +327,14 @@ cloudstack-agent and should already be installed.
#LIBVIRTD_ARGS="--listen"
- On Ubuntu 14.04: modify ``/etc/default/libvirt-bin``
-
- Add "-l" to the following line
-
- .. parsed-literal::
-
- libvirtd_opts="-d"
-
- so it looks like:
-
- .. parsed-literal::
-
- libvirtd_opts="-d -l"
-
- And modify ``/etc/init/libvirt-bin.conf``
-
- Add "-l" to the following line
+ On RHEL 8 / CentOS 8 / SUSE run the following command :
.. parsed-literal::
- env libvirtd_opts="-d"
+ systemctl mask libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket libvirtd-tls.socket libvirtd-tcp.socket
- so it looks like:
-
- .. parsed-literal::
-
- env libvirtd_opts="-d -l"
- On Ubuntu 16.04: just modify ``/etc/default/libvirt-bin``
+ On Ubuntu modify ``/etc/default/libvirt-bin``
Uncomment and change the following line
@@ -343,26 +348,20 @@ cloudstack-agent and should already be installed.
env libvirtd_opts="-l"
-
-
-
#. Restart libvirt
- In RHEL or CentOS:
+ In RHEL or CentOS or SUSE :
.. parsed-literal::
- $ service libvirtd restart
+ $ systemctl restart libvirtd
In Ubuntu:
.. parsed-literal::
- $ service libvirt-bin restart
-
-.. note::
- Please note that Cloudstack will automatically perform basic configuration of the agent and libvirt when the host is added. This is relevant if you are
- planning to automate the deployment and configuration of your KVM hosts.
+ $ systemctl restart libvirt-bin
+
Configure the Security Policies
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -371,7 +370,7 @@ CloudStack does various things which can be blocked by security
mechanisms like AppArmor and SELinux. These have to be disabled to
ensure the Agent has all the required permissions.
-#. Configure SELinux (RHEL and CentOS)
+#. Configure SELinux (RHEL, CentOS, SUSE)
#. Check to see whether SELinux is installed on your machine. If not,
you can skip this section.
@@ -455,12 +454,12 @@ Configuring the Networking
implementation in Linux. Please refer to the next section if you intend to
use OpenVswitch
-CloudStack uses the network bridges in conjunction with KVM to connect the guest instances to
-each other and the outside world. They also are used to connect the System VMs to your
+CloudStack uses the network bridges in conjunction with KVM to connect the guest instances to
+each other and the outside world. They also are used to connect the System VMs to your
infrastructure.
-By default these bridges are called *cloudbr0* and *cloudbr1* etc, but this can be
-changed to be more description.
+By default these bridges are called *cloudbr0* and *cloudbr1* etc, but this can be
+changed to be more descriptive.
.. note::
Ensure that the interfaces names to be used for configuring the bridges match one of the following patterns:
@@ -471,7 +470,7 @@ changed to be more description.
.. warning::
It is essential that you keep the configuration consistent across all of your hypervisors.
-There are many ways to configure your networking. Even within the scope of a given
+There are many ways to configure your networking. Even within the scope of a given
network mode. Below are a few simple examples.
.. note::
@@ -502,7 +501,7 @@ Configuring the Network Bridges for Basic Networks
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
It depends on the distribution you are using how to configure these,
-below you'll find examples for RHEL/CentOS and Ubuntu.
+below you'll find examples for RHEL/CentOS, SUSE and Ubuntu.
.. note::
The goal is to have two bridges called 'cloudbr0' and 'cloudbr1' after this
@@ -601,6 +600,95 @@ although a reboot is recommended to see if everything works properly.
Make sure you have an alternative way like IPMI or ILO to reach the machine
in case you made a configuration error and the network stops functioning!
+Configure SUSE for Basic Networks
+'''''''''''''''''''''''''''''''''''''
+
+The required packages were installed when libvirt was installed, we can
+proceed to configuring the network.
+
+First we configure eth0
+
+.. parsed-literal::
+
+ $ vi /etc/sysconfig/network/ifcfg-eth0
+
+Make sure it looks similar to:
+
+.. parsed-literal::
+
+ NAME=eth0
+ STARTMODE=auto
+ BOOTPROTO=none
+
+We now have to configure the VLAN interfaces:
+
+.. parsed-literal::
+
+ $ vi /etc/sysconfig/network/ifcfg-eth0.200
+
+.. parsed-literal::
+
+ NAME=eth0.200
+ STARTMODE=auto
+ BOOTPROTO=none
+ VLAN_ID=200
+ ETHERDEVICE=eth0
+
+Now that we have the VLAN interfaces configured we can add the bridges on top
+of them.
+
+.. parsed-literal::
+
+ $ vi /etc/sysconfig/network/ifcfg-cloudbr0
+
+Now we configure cloudbr0 and include the Management IP of the hypervisor.
+
+.. note::
+ The management IP of the hypervisor doesn't have to be in same subnet/VLAN as the
+ management network, but its quite common.
+
+.. parsed-literal::
+
+ NAME=cloudbr0
+ STARTMODE=auto
+ BOOTPROTO=static
+ BRIDGE=yes
+ BRIDGE_PORTS=eth0
+ BRIDGE_STP=on
+ BRIDGE_FORWARDDELAY=5
+ IPADDR=192.168.42.11
+ NETMASK=255.255.255.0
+
+Add the gatway in ``/etc/sysconfig/network/routes``
+
+.. parsed-literal::
+
+ default 192.168.42.1 - cloudbr0
+
+
+We configure cloudbr1 as a plain bridge without an IP address
+
+.. parsed-literal::
+
+ $ vi /etc/sysconfig/network/ifcfg-cloudbr1
+
+.. parsed-literal::
+
+ NAME=cloudbr1
+ STARTMODE=auto
+ BOOTPROTO=none
+ BRIDGE=yes
+ BRIDGE_PORTS=eth0.200
+ BRIDGE_STP=on
+ BRIDGE_FORWARDDELAY=5
+
+With this configuration you should be able to restart the network,
+although a reboot is recommended to see if everything works properly.
+
+.. warning::
+ Make sure you have an alternative way like IPMI or ILO to reach the machine
+ in case you made a configuration error and the network stops functioning!
+
Configure Ubuntu for Basic Networks
'''''''''''''''''''''''''''''''''''
@@ -659,7 +747,7 @@ although a reboot is recommended to see if everything works properly.
Network Example for Advanced Networks
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-In the Advanced networking mode is most common to have (at least) two physical interfaces per hypervior-host.
+In the Advanced networking mode, it is most common to have (at least) two physical interfaces per hypervior-host.
We will use the interface eth0 linked to the bridge 'cloudbr0' using the untagged (native) VLAN for hypervisor management.
Additionally we configure the second interface for usage with the bridge 'cloudbr1' for public and guest traffic.
This time there are no VLANs applied by us - CloudStack will add the VLANs as required during actual use.
@@ -675,7 +763,7 @@ Configuring the Network Bridges for Advanced Networks
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
It depends on the distribution you are using how to configure these,
-below you'll find examples for RHEL/CentOS and Ubuntu.
+below you'll find examples for RHEL/CentOS, SUSE and Ubuntu.
.. note::
The goal is to have two bridges called 'cloudbr0' and 'cloudbr1' after this
@@ -774,6 +862,92 @@ although a reboot is recommended to see if everything works properly.
Make sure you have an alternative way like IPMI or ILO to reach the machine
in case you made a configuration error and the network stops functioning!
+Configure SUSE for Advanced Networks
+''''''''''''''''''''''''''''''''''''''''
+
+The required packages were installed when libvirt was installed, we can
+proceed to configuring the network.
+
+First we configure eth0
+
+.. parsed-literal::
+
+ $ vi /etc/sysconfig/network/ifcfg-eth0
+
+Make sure it looks similar to:
+
+.. parsed-literal::
+
+ NAME=eth0
+ STARTMODE=auto
+ BOOTPROTO=none
+
+We now have to configure the VLAN interfaces:
+
+.. parsed-literal::
+
+ $ vi /etc/sysconfig/network/ifcfg-eth1
+
+.. parsed-literal::
+
+ NAME=eth1
+ STARTMODE=auto
+ BOOTPROTO=none
+
+Now we have the VLAN interfaces configured we can add the bridges on top
+of them.
+
+.. parsed-literal::
+
+ $ vi /etc/sysconfig/network/ifcfg-cloudbr0
+
+Now we configure cloudbr0 and include the Management IP of the hypervisor.
+
+.. note::
+ The management IP of the hypervisor doesn't have to be in same subnet/VLAN as the
+ management network, but its quite common.
+
+.. parsed-literal::
+
+ NAME=cloudbr0
+ STARTMODE=auto
+ BOOTPROTO=static
+ BRIDGE=yes
+ BRIDGE_PORTS=eth0
+ BRIDGE_STP=on
+ BRIDGE_FORWARDDELAY=5
+ IPADDR=192.168.42.11
+ NETMASK=255.255.255.0
+
+Add the gatway in ``/etc/sysconfig/network/routes``
+
+.. parsed-literal::
+
+ default 192.168.42.1 - cloudbr0
+
+We configure cloudbr1 as a plain bridge without an IP address
+
+.. parsed-literal::
+
+ $ vi /etc/sysconfig/network/ifcfg-cloudbr1
+
+.. parsed-literal::
+
+ NAME=cloudbr1
+ STARTMODE=auto
+ BOOTPROTO=none
+ BRIDGE=yes
+ BRIDGE_PORTS=eth1
+ BRIDGE_STP=on
+ BRIDGE_FORWARDDELAY=5
+
+With this configuration you should be able to restart the network,
+although a reboot is recommended to see if everything works properly.
+
+.. warning::
+ Make sure you have an alternative way like IPMI or ILO to reach the machine
+ in case you made a configuration error and the network stops functioning!
+
Configure Ubuntu for Advanced Networks
''''''''''''''''''''''''''''''''''''''
@@ -850,8 +1024,8 @@ Preparing
To make sure that the native bridge module will not interfere with
openvswitch the bridge module should be added to the denylist (likely named
-'denylist') see the modprobe documentation for your distribution on
-where to find the denylist. Make sure the module is not loaded either
+'denylist') see the modprobe documentation for your distribution on
+where to find the denylist. Make sure the module is not loaded either
by rebooting or executing rmmod bridge before executing next steps.
The network configurations below depend on the ifup-ovs and ifdown-ovs
@@ -1004,6 +1178,93 @@ although a reboot is recommended to see if everything works properly.
in case you made a configuration error and the network stops functioning!
+Configure OpenVswitch in SUSE
+'''''''''''''''''''''''''''''''''
+
+The required packages were installed when openvswitch and libvirt were
+installed, we can proceed to configuring the network.
+
+First we configure eth0
+
+.. parsed-literal::
+
+ $ vi /etc/sysconfig/network/ifcfg-eth0
+
+Make sure it looks similar to:
+
+.. parsed-literal::
+
+ NAME=eth0
+ STARTMODE=auto
+ BOOTPROTO=none
+
+
+We have to configure the base bridge with the trunk.
+
+.. parsed-literal::
+
+ $ vi /etc/sysconfig/network/ifcfg-cloudbr
+
+.. parsed-literal::
+
+ NAME=cloudbr
+ STARTMODE=auto
+ BOOTPROTO=none
+ OVS_BRIDGE=yes
+
+We now have to configure the three VLAN bridges:
+
+.. parsed-literal::
+
+ $ vi /etc/sysconfig/network/mgmt0
+
+.. parsed-literal::
+
+ NAME=mgmt0
+ STARTMODE=auto
+ BOOTPROTO=static
+ OVS_BRIDGE=yes
+ IPADDR=192.168.42.11
+ NETMASK=255.255.255.0
+
+
+Add the gatway in ``/etc/sysconfig/network/routes``
+
+.. parsed-literal::
+
+ default 192.168.42.1 - mgmt0
+
+
+.. parsed-literal::
+
+ $ vi /etc/sysconfig/network/ifcfg-cloudbr0
+
+.. parsed-literal::
+
+ NAME=cloudbr0
+ STARTMODE=auto
+ BOOTPROTO=none
+ OVS_BRIDGE=yes
+
+
+.. parsed-literal::
+
+ $ vi /etc/sysconfig/network/ifcfg-cloudbr1
+
+.. parsed-literal::
+
+ NAME=cloudbr1
+ STARTMODE=auto
+ BOOTPROTO=none
+ OVS_BRIDGE=yes
+
+With this configuration you should be able to restart the network,
+although a reboot is recommended to see if everything works properly.
+
+.. warning::
+ Make sure you have an alternative way like IPMI or ILO to reach the machine
+ in case you made a configuration error and the network stops functioning!
+
Configuring the firewall
~~~~~~~~~~~~~~~~~~~~~~~~
@@ -1028,8 +1289,8 @@ It depends on the firewall you are using how to open these ports. Below
you'll find examples how to open these ports in RHEL/CentOS and Ubuntu.
-Open ports in RHEL/CentOS
-^^^^^^^^^^^^^^^^^^^^^^^^^
+Open ports in RHEL / CentOS / SUSE
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
RHEL and CentOS use iptables for firewalling the system, you can open
extra ports by executing the following iptable commands:
@@ -1065,6 +1326,14 @@ save them first.
$ iptables-save > /etc/sysconfig/iptables
+.. warning::
+ On RHEL 8 / CentOS 8 / SUSE, firewalld is the default firewall manager and controls iptables. It is
+ recommended that it be disabled ``systemctl stop firewalld ; systemctl disable firewalld``
+
+.. warning::
+ On SUSE, iptables are not persisted on reboot, so it is recommended that an iptables and
+ ip6tables service be created to ensure that they persist
+
Open ports in Ubuntu
^^^^^^^^^^^^^^^^^^^^
@@ -1101,13 +1370,13 @@ To open the required ports, execute the following commands:
.. note::
By default UFW is not enabled on Ubuntu. Executing these commands with the
firewall disabled does not enable the firewall.
-
- If you have an issue with ufw while using a bridged connection,
+
+ If you have an issue with ufw while using a bridged connection,
add those two lines at the end of the /etc/ufw/before.rules just before COMMIT
-
+
.. parsed-literal::
sudo vi /etc/ufw/before.rules
-
+
.. parsed-literal::
-A FORWARD -d 192.168.42.11 -j ACCEPT
-A FORWARD -s 192.168.42.11 -j ACCEPT
@@ -1126,7 +1395,7 @@ In order to facilitate this the **Aria2** (https://aria2.github.io/) package mus
installed on all of your KVM hosts.
As this package often is not available in standard distribution repos, you will need
-to install the package from your preferred source.
+to install the package from your preferred source.
Volume snapshots
diff --git a/source/installguide/management-server/_database.rst b/source/installguide/management-server/_database.rst
index bad57c7..16d9c65 100644
--- a/source/installguide/management-server/_database.rst
+++ b/source/installguide/management-server/_database.rst
@@ -43,6 +43,10 @@ MySQL. See :ref:`install-database-on-separate-node`.
.. parsed-literal::
+ zypper install mysql-server
+
+ .. parsed-literal::
+
sudo apt-get install mysql-server
#. Open the MySQL configuration file. The configuration file is
@@ -62,12 +66,12 @@ MySQL. See :ref:`install-database-on-separate-node`.
max_connections=350
log-bin=mysql-bin
binlog-format = 'ROW'
-
+
.. note::
For Ubuntu 16.04 and later, make sure you specify a ``server-id`` in your ``.cnf`` file for binary logging. Set the ``server-id`` according to your database setup.
-
+
.. parsed-literal::
-
+
server-id=source-01
innodb_rollback_on_timeout=1
innodb_lock_wait_timeout=600
@@ -75,9 +79,9 @@ MySQL. See :ref:`install-database-on-separate-node`.
log-bin=mysql-bin
binlog-format = 'ROW'
- .. note::
- You can also create a file ``/etc/mysql/conf.d/cloudstack.cnf``
- and add these directives there. Don't forget to add ``[mysqld]`` on the
+ .. note::
+ You can also create a file ``/etc/mysql/conf.d/cloudstack.cnf``
+ and add these directives there. Don't forget to add ``[mysqld]`` on the
first line of the file.
@@ -89,22 +93,28 @@ MySQL. See :ref:`install-database-on-separate-node`.
.. parsed-literal::
- service mysqld start
+ systemctl start mysqld
+
+ On SUSE, start MySQL
+
+ .. parsed-literal::
+
+ systemctl start mysql
On Ubuntu, restart MySQL.
.. parsed-literal::
- sudo service mysql restart
+ sudo systemctl restart mysql
#. (CentOS and RHEL only; not required on Ubuntu)
.. warning::
- On RHEL and CentOS, MySQL does not set a root password by default. It is
- very strongly recommended that you set a root password as a security
+ On RHEL and CentOS, MySQL does not set a root password by default. It is
+ very strongly recommended that you set a root password as a security
precaution.
- Run the following command to secure your installation. You can answer "Y"
+ Run the following command to secure your installation. You can answer "Y"
to all questions.
.. parsed-literal::
@@ -184,13 +194,13 @@ MySQL. See :ref:`install-database-on-separate-node`.
- (Optional) For management\_server\_key, substitute the default key
that is used to encrypt confidential parameters in the CloudStack
properties file. Default: password. It is highly recommended that
- you replace this with a more secure value. See
+ you replace this with a more secure value. See
:ref:`about-password-key-encryption`.
- (Optional) For database\_key, substitute the default key that is
used to encrypt confidential parameters in the CloudStack
database. Default: password. It is highly recommended that you
- replace this with a more secure value. See
+ replace this with a more secure value. See
:ref:`about-password-key-encryption`.
- (Optional) For management\_server\_ip, you may explicitly specify
@@ -202,10 +212,10 @@ MySQL. See :ref:`install-database-on-separate-node`.
“Successfully initialized the database.”
.. note::
- If the script is unable to connect to the MySQL database, check the
- "localhost" loopback address in ``/etc/hosts``. It should be pointing to
- the IPv4 loopback address "127.0.0.1" and not the IPv6 loopback address
- ``::1``. Alternatively, reconfigure MySQL to bind to the IPv6 loopback
+ If the script is unable to connect to the MySQL database, check the
+ "localhost" loopback address in ``/etc/hosts``. It should be pointing to
+ the IPv4 loopback address "127.0.0.1" and not the IPv6 loopback address
+ ``::1``. Alternatively, reconfigure MySQL to bind to the IPv6 loopback
interface.
#. If you are running the KVM hypervisor on the same machine with the
@@ -237,14 +247,14 @@ This section describes how to install MySQL on a standalone machine,
separate from the Management Server. This technique is intended for a
deployment that includes several Management Server nodes. If you have a
single-node Management Server deployment, you will typically use the
-same node for MySQL. See `“Install the Database on the Management Server Node”
+same node for MySQL. See `“Install the Database on the Management Server Node”
<#install-the-database-on-the-management-server-node>`_.
-.. note::
- The management server doesn't require a specific distribution for the MySQL
- node. You can use a distribution or Operating System of your choice. Using
- the same distribution as the management server is recommended, but not
- required. See `“Management Server, Database, and Storage System Requirements”
+.. note::
+ The management server doesn't require a specific distribution for the MySQL
+ node. You can use a distribution or Operating System of your choice. Using
+ the same distribution as the management server is recommended, but not
+ required. See `“Management Server, Database, and Storage System Requirements”
<#management-server-database-and-storage-system-requirements>`_.
#. Install MySQL from the package repository from your distribution:
@@ -255,6 +265,10 @@ same node for MySQL. See `“Install the Database on the Management Server Node
.. parsed-literal::
+ zypper install mysql-server
+
+ .. parsed-literal::
+
sudo apt-get install mysql-server
#. Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf,
@@ -265,8 +279,8 @@ same node for MySQL. See `“Install the Database on the Management Server Node
two Management Servers.
.. note::
- On Ubuntu, you can also create /etc/mysql/conf.d/cloudstack.cnf file and
- add these directives there. Don't forget to add [mysqld] on the first
+ On Ubuntu, you can also create /etc/mysql/conf.d/cloudstack.cnf file and
+ add these directives there. Don't forget to add [mysqld] on the first
line of the file.
.. parsed-literal::
@@ -287,6 +301,13 @@ same node for MySQL. See `“Install the Database on the Management Server Node
service mysqld start
+ On SUSE, enable and start MySQL
+
+ .. parsed-literal::
+
+ systemctl enable mysql
+ systemctl start mysql
+
On Ubuntu, restart MySQL.
.. parsed-literal::
@@ -296,10 +317,10 @@ same node for MySQL. See `“Install the Database on the Management Server Node
#. (CentOS and RHEL only; not required on Ubuntu)
.. warning::
- On RHEL and CentOS, MySQL does not set a root password by default. It is
- very strongly recommended that you set a root password as a security
- precaution. Run the following command to secure your installation. You
- can answer "Y" to all questions except "Disallow root login remotely?".
+ On RHEL and CentOS, MySQL does not set a root password by default. It is
+ very strongly recommended that you set a root password as a security
+ precaution. Run the following command to secure your installation. You
+ can answer "Y" to all questions except "Disallow root login remotely?".
Remote root login is required to set up the databases.
.. parsed-literal::
@@ -316,7 +337,7 @@ same node for MySQL. See `“Install the Database on the Management Server Node
ufw allow mysql
- On RHEL/CentOS:
+ On RHEL/CentOS/SUSE:
#. Edit the /etc/sysconfig/iptables file and add the following line
at the beginning of the INPUT chain.
@@ -331,6 +352,15 @@ same node for MySQL. See `“Install the Database on the Management Server Node
service iptables restart
+ .. warning::
+ On CentOS 8 / SUSE, firewalld is the default firewall manager and controls iptables. It is
+ recommended that it be disabled ``systemctl stop firewalld ; systemctl disable firewalld``,
+ since CloudStack directly manipulates the iptable rules to manage networks.
+
+ .. warning::
+ On SUSE, iptables are not persisted on reboot, so it is recommended that iptables and
+ ip6tables service be created to ensure that they persist
+
#. Return to the root shell on your first Management Server.
#. Set up the database. The following command creates the cloud user on
@@ -357,7 +387,7 @@ same node for MySQL. See `“Install the Database on the Management Server Node
- (Optional) For database\_key, substitute the default key that is
used to encrypt confidential parameters in the CloudStack
database. Default: password. It is highly recommended that you
- replace this with a more secure value. See
+ replace this with a more secure value. See
:ref:`about-password-key-encryption`.
- (Optional) For management\_server\_ip, you may explicitly specify
@@ -373,7 +403,7 @@ same node for MySQL. See `“Install the Database on the Management Server Node
-k <database_key> \
-i <management_server_ip>
- When this script is finished, you should see a message like
+ When this script is finished, you should see a message like
“Successfully initialized the database.”
#. Now that the database is set up, you can finish configuring the OS
@@ -388,9 +418,9 @@ same node for MySQL. See `“Install the Database on the Management Server Node
done!”
.. warning::
- On RHEL and CentOS systems, firewalld (installed by default) will override all
- iptables rules set by the cloudstack-setup-management script,
+ On RHEL and CentOS systems, firewalld (installed by default) will override all
+ iptables rules set by the cloudstack-setup-management script,
so ensure that the firewalld is disabled or ensure the correct firewalld rules
are in place to allow traffic to ports 8080, 8250 and 9090 to the management server.
-
-
+
+
diff --git a/source/installguide/management-server/_nfs.rst b/source/installguide/management-server/_nfs.rst
index 91969b9..e10c771 100644
--- a/source/installguide/management-server/_nfs.rst
+++ b/source/installguide/management-server/_nfs.rst
@@ -24,9 +24,9 @@ section tells how to set up the NFS shares before adding the storage to
CloudStack.
.. note::
- NFS is not the only option for primary or secondary storage. For example,
- you may use Ceph RBD, PowerFlex, GlusterFS, iSCSI, and others. The choice of storage
- system will depend on the choice of hypervisor and whether you are dealing
+ NFS is not the only option for primary or secondary storage. For example,
+ you may use Ceph RBD, PowerFlex, GlusterFS, iSCSI, and others. The choice of storage
+ system will depend on the choice of hypervisor and whether you are dealing
with primary or secondary storage.
The requirements for primary and secondary storage are described in:
@@ -35,7 +35,7 @@ The requirements for primary and secondary storage are described in:
- :ref:`about-secondary-storage`
-A production installation typically uses a separate NFS server.
+A production installation typically uses a separate NFS server.
See :ref:`using-a-separage-nfs-server`.
You can also use the Management Server node as the NFS server. This is
@@ -118,14 +118,18 @@ on the host.
The exact commands for the following steps may vary depending on your
operating system version.
-#. On RHEL/CentOS systems, you'll need to install the nfs-utils package:
+#. On RHEL/CentOS/SUSE systems, you'll need to install the nfs-utils package:
.. parsed-literal::
yum install nfs-utils
+ .. parsed-literal::
+
+ zypper install nfs-utils
+
or for Ubuntu
-
+
.. parsed-literal::
apt-get install nfs-kernel-server
@@ -196,7 +200,7 @@ operating system version.
-A INPUT -s <NETWORK> -m state --state NEW -p tcp --dport 875 -j ACCEPT
-A INPUT -s <NETWORK> -m state --state NEW -p udp --dport 875 -j ACCEPT
-A INPUT -s <NETWORK> -m state --state NEW -p tcp --dport 662 -j ACCEPT
- -A INPUT -s <NETWORK> -m state --state NEW -p udp --dport 662 -j ACCEPT
+ -A INPUT -s <NETWORK> -m state --state NEW -p udp --dport 662 -j ACCEPT
#. Run the following commands:
diff --git a/source/installguide/management-server/_pkg_install.rst b/source/installguide/management-server/_pkg_install.rst
index ad2bc40..9367e42 100644
--- a/source/installguide/management-server/_pkg_install.rst
+++ b/source/installguide/management-server/_pkg_install.rst
@@ -21,8 +21,8 @@ Management Server on one host or many, is to install the software on a
single node.
.. note::
- If you are planning to install the Management Server on multiple nodes for
- high availability, do not proceed to the additional nodes yet. That step
+ If you are planning to install the Management Server on multiple nodes for
+ high availability, do not proceed to the additional nodes yet. That step
will come later.
The CloudStack Management server can be installed using either RPM or
@@ -34,11 +34,17 @@ the Management server.
Install on CentOS/RHEL
^^^^^^^^^^^^^^^^^^^^^^
-
+
.. parsed-literal::
yum install cloudstack-management
+Install on SUSE
+^^^^^^^^^^^^^^^
+
+.. parsed-literal::
+
+ zypper install cloudstack-management
Install on Ubuntu
^^^^^^^^^^^^^^^^^
diff --git a/source/installguide/management-server/_pkg_repo.rst b/source/installguide/management-server/_pkg_repo.rst
index 2f4e3c1..4f71230 100644
--- a/source/installguide/management-server/_pkg_repo.rst
+++ b/source/installguide/management-server/_pkg_repo.rst
@@ -22,25 +22,27 @@ binaries so that users can install Apache CloudStack without needing to
build from source.
If you didn't follow the steps to build your own packages from source in
-the sections for `“Building RPMs from Source”
-<../building_from_source.html#building-rpms-from-source>`__ or
-`“Building DEB packages” <../building_from_source.html#building-deb-packages>`__
-you may find pre-built DEB and RPM packages for your convenience linked from
+the sections for `“Building RPMs from Source”
+<../building_from_source.html#building-rpms-from-source>`__ or
+`“Building DEB packages” <../building_from_source.html#building-deb-packages>`__
+you may find pre-built DEB and RPM packages for your convenience linked from
the `downloads <http://cloudstack.apache.org/downloads.html>`_ page.
.. note::
- These repositories contain both the Management Server and KVM Hypervisor
+ These repositories contain both the Management Server and KVM Hypervisor
packages.
RPM package repository
~~~~~~~~~~~~~~~~~~~~~~
There is a RPM package repository for CloudStack so you can easily
-install on RHEL based platforms.
+install on RHEL and SUSE based platforms.
If you're using an RPM-based system, you'll want to add the Yum
repository so that you can install CloudStack with Yum.
+In RHEL or CentOS:
+
Yum repository information is found under ``/etc/yum.repos.d``. You'll
see several ``.repo`` files in this directory, each one denoting a
specific repository.
@@ -53,13 +55,33 @@ information.
[cloudstack]
name=cloudstack
- baseurl=http://download.cloudstack.org/centos/$releasever/|version|/
+ baseurl=http://download.cloudstack.org/centos$releasever/|version|/
enabled=1
gpgcheck=0
-
Now you should now be able to install CloudStack using Yum.
+In SUSE:
+
+Zypper repository information is found under ``/etc/zypp/repos.d/``. You'll
+see several ``.repo`` files in this directory, each one denoting a
+specific repository.
+
+To add the CloudStack repository, create
+``/etc/zypp/repos.d/cloudstack.repo`` and insert the following
+information.
+
+.. parsed-literal::
+
+ [cloudstack]
+ name=cloudstack
+ baseurl=http://download.cloudstack.org/suse/|version|/
+ enabled=1
+ gpgcheck=0
+
+
+Now you should now be able to install CloudStack using zypper.
+
DEB package repository
~~~~~~~~~~~~~~~~~~~~~~
diff --git a/source/installguide/management-server/_prerequisite.rst b/source/installguide/management-server/_prerequisite.rst
index 9c2ab52..c3b1324 100644
--- a/source/installguide/management-server/_prerequisite.rst
+++ b/source/installguide/management-server/_prerequisite.rst
@@ -29,7 +29,7 @@ In either case, each machine must meet the system requirements described
in :ref:`minimum-system-requirements`.
.. warning::
- For the sake of security, be sure the public Internet can not access port
+ For the sake of security, be sure the public Internet can not access port
8096 or port 8250 on the Management Server.
The procedure for installing the Management Server is:
@@ -81,19 +81,29 @@ node.
Install chrony.
- .. parsed-literal::
+ In RHEL or CentOS:
- yum install chrony
+ .. parsed-literal::
- .. parsed-literal::
+ $ yum install chrony
+
+ In Ubuntu:
+
+ .. parsed-literal::
+
+ $ apt-get install chrony
+
+ In SUSE:
+
+ .. parsed-literal::
- sudo apt install chrony
+ $ zypper install chrony
#. Repeat all of these steps on every host where the Management Server
will be installed.
.. warning::
CloudStack |version| requires Java 11 JRE. Installing CloudStack packages will
- automatically install Java 11, but it's good to explicitly confirm that the Java 11
+ automatically install Java 11, but it's good to explicitly confirm that the Java 11
is the selected/active one (in case you had a previous Java version already installed)
with ``alternatives --config java`` after CloudStack packages are already installed.
diff --git a/source/releasenotes/compat.rst b/source/releasenotes/compat.rst
index 1aea35c..3406b33 100644
--- a/source/releasenotes/compat.rst
+++ b/source/releasenotes/compat.rst
@@ -12,7 +12,7 @@
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-
+
Compatibility Matrix
====================
@@ -24,8 +24,11 @@ CloudStack Management Server.
- Ubuntu 18.04 LTS, 20.04 LTS
- CentOS versions 7, 8 (note: CentOS 8 will EOL in Dec 2021)
-- Rocky Linux 8
-- RHEL versions 7, 8
+- RHEL versions 7, 8 (along with binary compatible versions such as Rocky Linux 8)
+- openSUSE Leap 15
+- SUSE Linux Enterprise Server 15
+
+ .. note:: There is a known issue with ipmitool with RHEL8 / SUSE, so certain functionality such as out of band management might not work
Software Requirements
~~~~~~~~~~~~~~~~~~~~~
@@ -43,6 +46,8 @@ and VMware with vSphere.
- CentOS 7, 8 with KVM (note: CentOS 8 will EOL in Dec 2021)
- Rocky Linux 8 with KVM
- Red Hat Enterprise Linux 7, 8 with KVM
+- openSUSE Leap 15
+- SUSE Linux Enterprise Server 15
- XenServer versions 7.1, 7.2, 7.4, 7.5, 8.0 with latest hotfixes, XCP-ng 7.4, 7.6, 8.0, 8.1, 8.2
.. note:: It is now required to enable HA on the XenServer pool in order to recover from a pool-master failure. Please refer to the `XenServer documentation <https://docs.citrix.com/en-us/xencenter/7-1/pools-ha-enable.html>`_.
@@ -52,7 +57,7 @@ and VMware with vSphere.
.. note:: There is a known issue in 6.7 U1 (https://kb.vmware.com/s/article/67315) which blocks some CloudStack cloning operations. The use of linked clones is known to be effected.
.. note:: There is a known issue in 6.7 U3 - 6.7 U3f where a mailformed OVA could crash vCenter services (for more information see `here <https://mail-archives.apache.org/mod_mbox/cloudstack-users/202005.mbox/%3CCAMvtBPNQqbe0XEsHyjFMror7HRvj-c%3DfEe7y12NfCDQSFTYgqQ%40mail.gmail.com%3E>`_). To avoid the issue, make sure to use 6.7 U3g or later.
-
+
- LXC Host Containers on RHEL 7
- Windows Server 2012 R2 (with Hyper-V Role enabled)
- Hyper-V 2012 R2
@@ -110,5 +115,5 @@ The following Management Server Operating Systems are no longer supported in thi
- Ubuntu 14.04
- Ubuntu 16.04
-Please see `CloudStack Wiki <https://cwiki.apache.org/confluence/display/CLOUDSTACK/Hypervisor+and+Management+Server+OS+EOL+Dates>`_
+Please see `CloudStack Wiki <https://cwiki.apache.org/confluence/display/CLOUDSTACK/Hypervisor+and+Management+Server+OS+EOL+Dates>`_
for details.