source/installguide/locale/zh_CN/LC_MESSAGES/hypervisor/lxc.mo (30 lines of code) (raw):
��������v���������������|�������|�������}���������������������������&���������������9�����������&�������E���k���`���n�����������; ��S���J ��z���� �������
�������
�������
��%����
��^����
��]���N���������������b�������"
��#���>
��2���b
�������
�������
�������
�������
������������������)���<�������f���'���~���Y���������������Q�������
���e���7���p���X�������i�����������k�������Q�����������������������������������{���>�����������P���J�����������"�������������������x�������)�������D���2���c��� ���������������-���M���,���{���|�����������%���x���5���Q�������@�������5���A���.���w���`�������������������!���w���6�������������������~�������3���b�����������!�������������������`���!���~���I�������W�����������B���m�����������f������� ���������������n ��`����!��,���x!��k����!��W����"������i"��V����#��L���g#�������#��~���N$�������$��;���i%��%����%��b����%������.&������@&��)���^&��7����&��8����&��J����&������D'��3���`'��U����'�������'��L���s(�������(�������(�������(�������)�������)�������*�������*�������*��
����*��#���
+������.+�� ���J+������k+�������+��f����+��[����,������`,��Q���s,��l����,�����2-�������-�������-��(����-��S����-��O���R.�������.������(/�������/��#����/��)����/�������0������:0������P0������c0������v0�������0��'����0�������0�������0��b����0������S1��D���f1��
����1�������1��V����1��Y���/2�������2��|���J3�� ����3�������3�������3�������3��Y����4��i���n4��:����4�������5������#5������65������U6��%����6�������7��%����7��!���B7��v���d7��!����7��$����7��`���"8�������8��V����8��1����8��)����9��;���C9��1���9��S����9�������:������#:��Y���?:�������:�������:��[����:��'���&;������N;��$���b;�������;�������<������,<��:���E<��O����<�������<��e���c=�������=������f>��G����?��p���T?��D����?������
@��U���#@��M���y@�������@��n���QA��0����A������A��v���qB��g����B��0���PC��%����C��m����C�������D������'D��(���CD��0���lD��/����D��6����D�������E�������E��D���7E��H���|E��>����E�������F��!����F��
���>F�� ���LF���16509 (libvirt)�1798�22 (SSH)�4 GB of memory�49152 - 49216 (libvirt live migration)�5900 - 6100 (VNC consoles)�64-bit x86 CPU (more cores results in better performance)�Add "-l" to the following line�Add the host to CloudStack�All hosts within a cluster must be homogenous. The CPUs must be of the same type, count, and feature flags.�All the required packages were installed when you installed libvirt, so we only have to configure the network.�At least 1 NIC�Before continuing, make sure that you have applied the latest updates to your host.�By default UFW is not enabled on Ubuntu. Executing these commands with the firewall disabled does not enable the firewall.�By default these bridges are called *cloudbr0* and *cloudbr1*, but you do have to make sure they are available on each hypervisor.�CentOS / RHEL: 6.3�Change the following line�Check for a fully qualified hostname.�Check to see whether AppArmor is installed on your machine. If not, you can skip this section.�Check to see whether SELinux is installed on your machine. If not, you can skip this section.�CloudStack does various things which can be blocked by security mechanisms like AppArmor and SELinux. These have to be disabled to ensure the Agent has all the required permissions.�CloudStack uses libvirt for managing virtual machines. Therefore it is vital that libvirt is configured correctly. Libvirt is a dependency of cloudstack-agent and should already be installed.�Configure Apparmor (Ubuntu)�Configure SELinux (RHEL and CentOS)�Configure Security Policies (AppArmor and SELinux)�Configure in RHEL or CentOS�Configure in Ubuntu�Configure the Security Policies�Configure the network bridges�Configuring the firewall�Configuring the network bridges�Disable the AppArmor profiles for libvirt�First we configure eth0�First we start by installing the agent:�In RHEL or CentOS, SELinux is installed and enabled by default. You can verify this with:�In RHEL or CentOS:�In Ubuntu AppArmor is installed and enabled by default. You can verify this with:�In Ubuntu:�In addition, the following hardware requirements apply:�In order to do so we have to open the following TCP ports (if you are using a firewall):�In order to forward traffic to your instances you will need at least two bridges: *public* and *private*.�In order to have live migration working libvirt has to listen for unsecured TCP connections. We also need to turn off libvirts attempt to use Multicast DNS advertising. Both of these settings are in ``/etc/libvirt/libvirtd.conf``�In order to have the VNC Console work we have to make sure it will bind on 0.0.0.0. We do this by editing ``/etc/libvirt/qemu.conf``�Install NTP�Install and Configure libvirt�Install and configure libvirt�Install and configure the Agent�It depends on the distribution you are using how to configure these, below you'll find examples for RHEL/CentOS and Ubuntu.�It depends on the firewall you are using how to open these ports. Below you'll find examples how to open these ports in RHEL/CentOS and Ubuntu.�It is NOT recommended to run services on this host not controlled by CloudStack.�LXC Installation Overview�LXC Installation and Configuration�LXC does not have any native system VMs, instead KVM will be used to run system VMs. This means that your host will need to support both LXC and KVM, thus most of the installation and configuration will be identical to the KVM installation. The material in this section doesn't duplicate KVM installation docs. It provides the CloudStack-specific steps that are needed to prepare a KVM host to work with CloudStack.�LXC requires the Linux kernel cgroups functionality which is available starting 2.6.24. Although you are not required to run these distributions, the following are recommended:�Log in to your OS as root.�Make sure it looks similar to:�Make sure that the machine can reach the Internet.�Make sure this parameter is set:�Make sure you have an alternative way like IPMI or ILO to reach the machine in case you made a configuration error and the network stops functioning!�Modify the interfaces file to look like this:�Must support HVM (Intel-VT or AMD-V enabled)�NTP is required to synchronize the clocks of the servers in your cloud. Unsynchronized clocks can cause unexpected problems.�Network example�Next step is to update the Agent configuration setttings. The settings are in ``/etc/cloudstack/agent/agent.properties``�Now we have the VLAN interfaces configured we can add the bridges on top of them.�Now we just configure it is a plain bridge without an IP-Address�On RHEL or CentOS modify ``/etc/sysconfig/libvirtd``:�On Ubuntu: modify ``/etc/default/libvirt-bin``�On VLAN 100 we give the Hypervisor the IP-Address 192.168.42.11/24 with the gateway 192.168.42.1�Open ports in RHEL/CentOS�Open ports in Ubuntu�Optional: If you would like to use direct networking (instead of the default bridge networking), configure these lines:�Prepare the Operating System�Qemu/KVM: 1.0 or higher�RHEL and CentOS use iptables for firewalling the system, you can open extra ports by executing the following iptable commands:�Repeat all of these steps on every hypervisor host.�Restart libvirt�Set the Agent to run in LXC mode:�Set the SELINUX variable in ``/etc/selinux/config`` to "permissive". This ensures that the permissive setting will be maintained after a system reboot.�Set the following parameters:�System Requirements for LXC Hosts�The Hypervisor and Management server don't have to be in the same subnet!�The OS of the Host must be prepared to host the CloudStack Agent and run KVM instances.�The default bridge in CloudStack is the Linux native bridge implementation (bridge module). CloudStack includes an option to work with OpenVswitch, the requirements are listed below�The default firewall under Ubuntu is UFW (Uncomplicated FireWall), which is a Python wrapper around iptables.�The goal is to have two bridges called 'cloudbr0' and 'cloudbr1' after this section. This should be used as a guideline only. The exact configuration will depend on your network layout.�The host is now ready to be added to a cluster. This is covered in a later section, see :ref:`adding-a-host`. It is recommended that you continue to read the documentation before adding the host!�The hypervisor needs to be able to communicate with other hypervisors and the management server needs to be able to reach the hypervisor.�The main requirement for LXC hypervisors is the libvirt and Qemu version. No matter what Linux distribution you are using, make sure the following requirements are met:�The most important factor is that you keep the configuration consistent on all your hypervisors.�The procedure for installing an LXC Host is:�The required packages were installed when libvirt was installed, we can proceed to configuring the network.�Then set SELinux to permissive starting immediately, without requiring a system reboot.�There are many ways to configure your network. In the Basic networking mode you should have two (V)LAN's, one for your private network and one for the public network.�These iptable settings are not persistent accross reboots, we have to save them first.�This is a very important section, please make sure you read this thoroughly.�This section details how to configure bridges using the native implementation in Linux. Please refer to the next section if you intend to use OpenVswitch�This should return a fully qualified hostname such as "kvm1.lab.example.org". If it does not, edit /etc/hosts so that it does.�To manage LXC instances on the host CloudStack uses a Agent. This Agent communicates with the Management server and controls all the instances on the host.�To open the required ports, execute the following commands:�Turn on NTP for time synchronization.�Turning on "listen\_tcp" in libvirtd.conf is not enough, we have to change the parameters as well:�Ubuntu: 12.04(.1)�Uncomment the following line:�VLAN 100 for management of the hypervisor�VLAN 200 for public network of the instances (cloudbr0)�VLAN 300 for private network of the instances (cloudbr1)�We assume that the hypervisor has one NIC (eth0) with three tagged VLAN's:�We do the same for cloudbr1�We now have to configure the three VLAN interfaces:�When you deploy CloudStack, the hypervisor host must not have any VMs already running�With this configuration you should be able to restart the network, although a reboot is recommended to see if everything works properly.�Within a single cluster, the hosts must be of the same distribution version.�libvirt: 1.0.0 or higher�openvswitch: 1.7.1 or higher�so it looks like:�to this�Project-Id-Version: Apache CloudStack Installation RTD
Report-Msgid-Bugs-To:
POT-Creation-Date: 2014-06-30 11:42+0200
PO-Revision-Date: 2014-06-30 10:26+0000
Last-Translator: FULL NAME <EMAIL@ADDRESS>
Language-Team: Chinese (China) (http://www.transifex.com/projects/p/apache-cloudstack-installation-rtd/language/zh_CN/)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Language: zh_CN
Plural-Forms: nplurals=1; plural=0;
�16509 (libvirt)�1798�22 (SSH)�4GB 内存�49152 - 49216 (libvirt在线迁移)�5900 - 6100 (VNC 控制台)�64位x86 CPU(多核性能更佳)�在下列行添加 "-l"�添加主机到CloudStack�同一群集中的所有节点架构必须一致。CPU的型号、数量和功能参数必须相同。�在安装libvirt时所需的其他软件也会被安装,所以只需配置网络即可。�至少一块网卡�在我们开始之前,请确保所有的主机都安装了最新的更新包。�默认情况下,Ubuntu中并未启用UFW。在关闭情况下执行这些命令并不能启用防火墙。� 默认情况下,这些桥接被称为*cloudbr0*和*cloudbr1*,但必须确保他们在每个hypervisor上都是可用的。�CentOS / RHEL: 6.3�查找如下行�检查FQN完全合格/限定主机名。�检查你的机器中是否安装了AppArmor。如果没有,请跳过此部分。�检查你的机器是否安装了SELinux。如果没有,请跳过此部分。�CloudStack的会被例如AppArmor和SELinux的安全机制阻止。必须关闭安全机制并确保 Agent具有所必需的权限。�CloudStack使用libvirt管理虚拟机。因此正确地配置libvirt至关重要。CloudStack-agent依赖于Libvirt,应提前安装完毕。�配置AppArmor(Ubuntu)�配置SELinux(RHEL和CentOS):�配置安全策略 (AppArmor 和 SELinux)�在RHEL或CentOS中配置:�在Ubuntu中配置:�配置安全策略�配置网络桥接�配置防火墙�配置网络桥接�在AppArmor配置文件中禁用libvirt�首先配置eth0:�首先我们安装Agent:�在RHEL或者CentOS中,SELinux是默认安装并启动的。你可以使用如下命令验证:�在RHEL/CentOS上:�Ubuntu中默认安装并启动AppArmor。使用如下命令验证:�在Ubuntu上:�此外,硬件要求如下:�为了达到这个目的,我们需要开通以下TCP端口(如果使用防火墙):�为了转发流量到实例,至少需要两个桥接网络: *public* 和 *private*。�为了实现动态迁移libvirt需要监听不可靠的TCP连接。还要关闭libvirts尝试使用组播DNS进行广播。这些都可以在 /etc/libvirt/libvirtd.conf文件中进行配置。�为了VNC控制台正常工作,必须确保该参数绑定在0.0.0.0上。通过编辑 ``/etc/libvirt/qemu.conf``实现。�安装NTP�安装和配置libvirt�安装和配置libvirt�安装和配置Agent�配置方式取决于发行版类型,下面给出RHEL/CentOS和Ubuntu的配置示例。�如何打开这些端口取决于你使用的发行版本。在RHEL/CentOS 及Ubuntu中的示例如下。�不建议在主机中运行与CloudStack无关的服务。�LXC安装概述�LXC安装和配置�LXC没有任何本地系统VMs,而KVM需要运行系统VMs。意思为主机需要同时支持LXC和KVM。因此,大部分的安装和配置跟KVM的安装一样。本章节不会复述KVM的安装。这里我们只会给出使KVM与CloudStack协同工作的一些特有的步骤。�LXC要求Linux kernel 2.6.24开始引入的 cgroups功能。尽管不需要运行所有的发行版,但是建议下列的版本:�使用root用户登录操作系统。�确保内容如下所示:�确保机器可以连接到互联网.�请确保这个参数配置为:�在发生配置错误和网络故障的时,请确保可以能通过其他方式例如IPMI或ILO连接到服务器。�如下所示修改接口文件:�必须支持HVM(Intel-VT或者AMD-V)�NTP服务用来同步云中的服务器时间。时间不同步会带来意想不到的问题。�网络示例�接下来更新代理配置。在 ``/etc/cloudstack/agent/agent.properties`` 中配置�配置VLAN接口以便能够附加桥接网络。�现在只配置一个没有IP的桥接。�在RHEL或者CentOS中修改 ``/etc/sysconfig/libvirtd``:�在Ubuntu中:修改 ``/etc/default/libvirt-bin`` �在VLAN 100 中,配置Hypervisor的IP为 192.168.42.11/24,网关为192.168.42.1�在RHEL/CentOS中打开端口�在Ubuntu中打开端口:�可选项:如果想使用直连网络(代替默认的桥接网络),配置如下行:�准备操作系统�Qemu/KVM: 1.0 或更高版本�RHEL 及 CentOS使用iptables作为防火墙,执行以下iptables命令来开启端口:�在所有主机中重复上述步骤。�重启libvirt服务�设置代理运行在LXC模式下:�在 ``/etc/selinux/config`` 中设置SELINUX变量值为 "permissive"。这样能确保对SELinux的设置在系统重启之后依然生效。�设定下列参数:�LXC主机的系统要求�Hypervisor与管理服务器不需要在同一个子网!�主机的操作系统必须为运行CloudStack Agent和KVM实例做些准备。�CloudStack中的默认使用Linux本身的桥接(bridge模块)方式实现。也可选择在CloudStack中使用OpenVswitch,具体要求如下:�Ubuntu中的默认防火墙是UFW(Uncomplicated FireWall),使用Python围绕iptables进行包装。�本章节的目标是配置两个名为 'cloudbr0'和'cloudbr1'的桥接网络。这仅仅是指导性的,实际情况还要取决于你的网络布局。�现在主机已经为加入群集做好准备。后面的章节有介绍,请参阅 :ref:`adding-a-host`。强烈建议在添加主机之前阅读此部分内容。�hypervisor之间和hypervisor与管理服务器之间要能够通讯。�LXC hypervisor 要求libvirt和Qemu的版本。无论使用哪种Linux发行版,请确保满足以下要求:�最重要的因素是所有hypervisors上的配置要保持一致。�安装LXC主机步骤:�网络桥接所需的软件在安装libvirt时就已被安装,继续配置网络。�然后使SELinux立即运行于permissive模式,无需重新启动系统。�配置网络有很多方法。在基本网络模式中你应该拥有2个 (V)LAN,一个用于管理网络,一个用于公共网络。�这些iptables配置并不会持久保存,重启之后将会消失,我们必须手动保存这些配置。�本章节非常重要,请务必彻底理解。�本章节详细介绍了如何使用Linux自带的软件配置桥接网络。如果要使用OpenVswitch,请看下一章节。�该命令会返回完全合格/限定主机名,例如"kvm1.lab.example.org"。如果没有,请编辑 /etc/hosts。�CloudStack使用代理管理LXC实例。管理服务器与代理通信并控制主机中所有实例。�要打开所需端口,请执行以下命令:�启用NTP服务以确保时间同步.�除了在libvirtd.conf中打开"listen_tcp"以外,我们还必须修改/etc/sysconfig/libvirtd中的参数:�Ubuntu: 12.04(.1)�取消如下行的注释:�VLAN 100 作为hypervisor的管理网络� VLAN 200 作为实例的公共网络 (cloudbr0)�VLAN 300 作为实例的专用网络 (cloudbr1)�假设hypervisor中的网卡(eth0)有3个VLAN标签:�同样建立cloudbr1�现在配置3个VLAN接口:�在部署CloudStack时,Hypervisor主机不能运行任何虚拟机�配置完成之后重启网络,通过重启检查一切是否正常。�同一集群中主机必须使用相同版本的Linux系统。�libvirt: 1.0.0或更高�openvswitch: 1.7.1或更高版本�如下所示:�修改为�