WebVirtMgr

elixiat

　　I really need a web-based tool to manage kvm hosts.
　　Search "kvm web" and found "Management Tools - KVM" ( http://www.linux-kvm.org/page/Management_Tools ).
　　Well, WebVirtMgr( https://github.com/retspen/webvirtmgr ) looks pretty good. Try it.
　　WebVirtMgr is a libvirt-based Web interface for managing virtual machines. It allows you to create and configure new domains, and adjust a domain's resource allocation. A VNC viewer over a SSH tunnel presents a full graphical console to the guest domain. KVM is currently the only hypervisor supported.
　　I prepared three servers for the test, one for WebVirtMgr  and two for kvm host.
　　
　　WebVirtMgr Server Installation
Test server: Centos 6.3 x86_64, ip address 192.168.150.201, hostname ms-centos, username root.
1. Get Fedora EPEL
root@ms-centos:~$ rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
2.Install packages needed
root@ms-centos:~$ yum -y install git python-virtinst httpd mod_python mod_wsgi Django
3.Get webvirtmgr code
root@ms-centos:~$ git clone git://github.com/retspen/webvirtmgr.git
4.Initial webvirtmgr
root@ms-centos:~$ ./webvirtmgr/manage.py syncdb
You just installed Django's auth system, which means you don't have any superusers defined.
Would you like to create one now? (yes/no): yes
Username (Leave blank to use 'admin'): wvmadmin
E-mail address: wvmadmin@domain.local
Password: 123456
Password (again): 123456
Superuser created successfully.
....
Creating tables ...
Installing custom SQL ...
Installing indexes ...
No fixtures found.
If you want to create another user, 'fred' for example:
[iyunv@ms-centos ~]# ./webvirtmgr/manage.py createsuperuser
Username (Leave blank to use 'root'): fred
E-mail address: fred@domain.local
Password: 654321
Password (again): 654321
Superuser created successfully.

5.Adjust iptables (TCP port 8000 is for app test. In production, use port 80.)
root@ms-centos:~$ vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8000 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
root@ms-centos:~$ service iptables restart
6.Run app for test:
[iyunv@ms-centos ~]# ./webvirtmgr/manage.py runserver 192.168.150.201:8000
Validating models...
0 errors found
Django version 1.3.4, using settings 'webvirtmgr.settings'
Development server is running at http://192.168.150.201:8000/
Quit the server with CONTROL-C.
　　
　　Now browse 'http://192.168.150.201:8000' to try.
Login with the user you created during './webvirtmgr/manage.py syncdb'.
Here we user wvmadmin with password 123456.

　　
　　
Dashboard

　　Click "Add Connection" to manage kvm host servers.
Of course, you can NOT connect to the kvm host with your host's linux user.
Let's click the "Host Server Setup" link and see what to do for the host.

Host Server Setup
Test server: Ubuntu Server 12.04, ipaddress 192.168.150.202, hostname ms2-ubuntu, username serveruser.
　　1. Install packages
serveruser@ms2-ubuntu:~$ sudo apt-get install kvm libvirt-bin sasl2-bin bridge-utils
......
update-rc.d: warning: saslauthd stop runlevel arguments (0 1 6) do not match LSB Default-Stop values (1)
* To enable saslauthd, edit /etc/default/saslauthd and set START=yes
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place
serveruser@ms2-ubuntu:~$
serveruser@ms2-ubuntu:~$ sudo vi /etc/default/saslauthd
# Should saslauthd run automatically on startup? (default: no)
START=yes
　　Start saslauthd
serveruser@ms2-ubuntu:~$ sudo service saslauthd start
* Starting SASL Authentication Daemon saslauthd                         [ OK ]
serveruser@ms2-ubuntu:~$ sudo service saslauthd status
* Checking SASL Authentication Daemon saslauthd                         [ OK ]
2.Add the option -l in the file /etc/default/libvirt-bin
libvirtd_opts="-d -l"
serveruser@ms2-ubuntu:~$ sudo vi /etc/default/libvirt-bin
3.The file /etc/libvirt/libvirtd.conf uncomment the line
#listen_tls = 0
#listen_tcp = 1
serveruser@ms2-ubuntu:~$ sudo vi /etc/libvirt/libvirtd.conf
4.The file /etc/libvirt/qemu.conf uncomment the line
#vnc_listen = "0.0.0.0"
serveruser@ms2-ubuntu:~$ sudo vi /etc/libvirt/qemu.conf
5.Restart libvirt-bin
serveruser@ms2-ubuntu:~$ sudo service libvirt-bin restart
libvirt-bin stop/waiting
libvirt-bin start/running, process 3091
If someting wrong with CA certificate appears, as shown in libvirt log. ( It's wired that one ubuntu server has it, and the other doesn't.)
serveruser@ms2-ubuntu:~$ sudo tail /var/log/libvirt/libvirtd.log
error : virNetTLSContextCheckCertFile:92 : Cannot read CA certificate '/etc/pki/CA/cacert.pem': No such file or directory
Found a solution here: http://wiki.libvirt.org/page/The_daemon_cannot_be_started
Should install CA certificate, like this:
serveruser@ms1-ubuntu:~$ sudo mkdir -p /etc/pki/CA
serveruser@ms1-ubuntu:~$ sudo openssl genrsa 1024 > cakey.pem
serveruser@ms1-ubuntu:~$ sudo openssl req -new -x509 -key cakey.pem -out /etc/pki/CA/cacert.pem -days 3655
Try:
serveruser@ms1-ubuntu:~$ sudo service libvirt-bin restart
libvirt-bin stop/waiting
libvirt-bin start/running, process 20268
Verify:
serveruser@ms1-ubuntu:~$ sudo service libvirt-bin status
libvirt-bin start/running, process 20268

6.Add a user 'wvm' using saslpasswd2 (This user is used for WebVirtMgr to connect to the kvm host.)
serveruser@ms2-ubuntu:~$ sudo saslpasswd2 -a libvirt wvm
Password:
Again (for verification):
See a list of all accounts
serveruser@ms2-ubuntu:~$ sudo sasldblistusers2 -f /etc/libvirt/passwd.db
wvm@ms2-ubuntu: userPassword
7.Test connection
clientuser@clienthost:~$ sudo apt-get install virt-manager
clientuser@clienthost:~$ virsh -c qemu+tcp://192.168.150.202/system
Please enter your authentication name: wvm
Please enter your password:
error: authentication failed: authentication failed
error: failed to connect to the hypervisor
A tip: The authentication name should be like: username@hostname
clientuser@clienthost:~$ virsh -c qemu+tcp://192.168.150.202/system
Please enter your authentication name: wvm@ms2-ubuntu
Please enter your password:
welcome to virsh, the virtualization interactive terminal.
Type: 'help' for help with commands
      'quit' to quit
virsh #
　　OK! Now, add your hosts to manage them through web. (to be continued.)


　　
　　
　　Next, I think I would like to do some i18n job for retspen, Chinese translation.