Red Hat Enterprise Virtualization (RHEV) – Hypervisor Host Options

Posted by

2

Overview

Red Hat Enterprise Virtualization (RHEV) has two options for running a hypervisor host: 1) use the RHEV-H host 2) use Red Hat Enterprise Linux 6 or 7. Option 1 is similar to VMware ESXi, RHEV-H is an optimized OS for running Virtual Machines.  Option 2 allows you to configure a standard RHEL 6 or 7 host and add it to RHEV as a hypervisor.

Which option is best?

The answer here depends on your requirements but just having feedom of choice is an evolution and step in the right direction. If you would like to install extra packages or your hardware requires certain kernel modules then RHEL 7 is the best choice as you need that flexibility. If you dont need anything but the hypervisor itself then RHEV-H is the way to go.

Some additional use cases for using RHEL 6 or 7?

  • Application clustering using pacemaker
  • Utilizing local hypervisor storage within cluster
  • Special monitoring requirements

Red Hat Enterprise Virtualization Management (RHEV-M) is required before proceeding. For more general information about RHEV and configuring RHEV-M please check out this past article.

Adding RHEV Hypervisor Host

As mentioned RHEV-H is an optimized OS for running virtual machines. In order to configure RHEV-H please follow the below steps:

  • Download RHEV-H ISO
  • Boot ISO image and follow standard installation steps
  • ssh -l admin <RHEV-H FQDN or IP>

By default root account is disabled for login. The account used to configure RHEV-H is admin and upon logging in as admin you are provided with the following configuration menu.

RHEV_ovirt_engine

Besides configuring network settings it is important to configure access to Red Hat Enterprise Virtualization Management (RHEV-M). Under the oVirt Engine menu the IP and port of the RHEV-M server must be configured. This will add the RHEV-H host to the Default datacenter in RHEV-M and from there all additional configuration can be done through RHEV-M.

Adding RHEL 7 Host

Instead of going with RHEV-H as mentioned we can build the hypervisor ourselves using RHEL 6 or RHEL 7 as baseline. One word of caution it is only possible to cluster hypervisors that are either RHEL 6 or RHEL 7, not a mix.

Install RHEL 7 minimal OS

Download and install RHEL 7 ISO. Choose a minimal install and configure static networking.

Required Repositories

#systemctl stop NetworkManager
#systemctl disable NetworkManager
#subscription-manager repos --enable=rhel-7-server-rpms
#subscription-manager repos --enable=rhel-7-server-optional-rpms
#subscription-manager repos --enable=rhel-7-server-rhev-mgmt-agent-rpms
#yum update -y

Configure Firewall

The RHEV Hypervisor requires iptables not firewalld. On RHEL 7 we need to disable firewalld and enable iptables. In addition we also need to disable Network Manager.

#systemctl stop firewalld
#systemctl disable firewalld
#systemctl stop NetworkManager
#systemctl disable NetworkManager
#yum -y install iptables-services
#systemctl enable iptables.service
#systemctl start iptables.service
#iptables --flush
#systemctl restart iptables.service

Required iptables rules

Below are the required iptables rules for a RHEV hypervisor host. Note this is not required, RHEV-M will automatically configure these rules upon install this is just in case you change rules later.

# iptables -I INPUT -p tcp -m tcp --dport 54321 -j ACCEPT
# iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT
# iptables -I INPUT -p udp -m udp --dport 161 -j ACCEPT
# iptables -I INPUT -p tcp -m tcp --dport 16514 -j ACCEPT
# iptables -I INPUT -p tcp -m multiport --dports 5634:6166 -j ACCEPT
# iptables -I INPUT -p tcp -m multiport --dports 49152:49216 -j ACCEPT
# iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
# iptables -I FORWARD -m physdev ! --physdev-is-bridged -j REJECT --reject-with icmp-host-prohibited
# service iptables save

Add RHEL Host to RHEV as Hypervisor

Once the RHEL host has been prepared it can be added to RHEV-M environment. RHEV-M will install all the required packages for RHEV and add host to desired cluster. From RHEV-M UI logon as admin@internal and under host select add a new host.

RHEV_ADD_HOST

RHEV-M will use SSH in order to communicate with host and install packages as well as start services. RHEV-M will even configure the iptables rules as mentioned. It is important to add any additional iptables rules after the configuration is complete as RHEV-M will wipe previous iptables rules. Below we can see a new hypervisor host is being installed in the environment.

RHEV_INSTALL_HOST

Once the installation is complete you can proceed to install any other packages and tweak things to your hearts content.

Configure local storage in cluster

Optionally you may want to use local storage of hypervisor host for images or other purposes. The easiest way to do this is by exporting mountpoints as NFS shares. In RHEV all storage in a cluster must be available to all hosts, therefore local storage is not an option unless you have a cluster consisting of just one RHEV host.

Install NFS Services on RHEV Host

#yum install nfs-utils rpcbind
#systemctl enable rpcbind
#systemctl enable nfs-server
#systemctl start rpcbind
#systemctl start nfs-server

Exporting NFS mountpoints

In order to export NFS share to RHEV we need to create the mountpoint and ensure permissions are set correctly. In addition we need to ensure the mountpoint is also exported with read-write.

#mkdir /usr/share/rhev
#chown -R 36:36 /usr/share/rhev/
#chmod -R 0755 /usr/share/rhev/
#vi /etc/exports
#/usr/share/rhev 192.168.2.0/24(rw)
#exportfs -a

Configure NFS iptables rules

Once the NFS share is exported iptables rules need to be implemented in order to allow access to the NFS services.

Portmapper (rpcbind)

# iptables -I INPUT -p tcp -m tcp --dport 111 -j ACCEPT

# iptables -I INPUT -p udp -m udp --dport 111 -j ACCEPT

Mountd (defined in /etc/sysconfig/nfs)

# iptables -I INPUT -p tcp -m tcp --dport 892 -j ACCEPT

# iptables -I INPUT -p udp -m udp --dport 892 -j ACCEPT

Rquotad (defined in /etc/sysconfig/nfs)

# iptables -I INPUT -p tcp -m tcp --dport 875 -j ACCEPT

# iptables -I INPUT -p udp -m udp --dport 875 -j ACCEPT

NFS Statd (defined in /etc/sysconfig/nfs)

# iptables -I INPUT -p tcp -m tcp --dport 662 -j ACCEPT

# iptables -I INPUT -p udp -m udp --dport 662 -j ACCEPT

NFSD

# iptables -I INPUT -p tcp -m tcp --dport 2049 -j ACCEPT

NFS Lock Manager (defined in /etc/sysconfig/nfs)

# iptables -I INPUT -p tcp -m tcp --dport 32803 -j ACCEPT

NFS Lockd (defined in /etc/sysconfig)

# iptables -I INPUT -p udp -m udp --dport 32769 -j ACCEPT

#service iptables save

Summary

Red Hat provides two Hypervisor options for RHEV. As we have seen you can use the optimized OS RHEV-H that is similar to VMware ESXi or you can build your own using RHEL 6 or 7 as base. The freedom of choice enables you to make the best decision for your IT infrastructure.

Happy RHEVing!

(c) 2015 Keith Tenzer

2 thoughts on “Red Hat Enterprise Virtualization (RHEV) – Hypervisor Host Options

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Cancel

Connecting to %s