lost and found ( for me ? )

install oVirt engine ( open virtualization manager ) on Fedora 16


There are two components required to use oVirt , oVirt engine ( manage oVirt nodes ) and oVirt nodes.

If you’d like to know more details about oVirt , please check the following URLs.
http://www.ovirt.org
http://www.ovirt.org/w/images/a/a9/OVirt-3.0-Installation_Guide-en-US.pdf.

[ oVirt engine ]

install oVirt engine on Fedora16.

oVirt engine OS info
# cat /etc/redhat-release
Fedora release 16 (Verne)

# uname -ri
3.2.7-1.fc16.x86_64 x86_64


install the oVirt repository and then install oVirt engine via yum.
# wget http://www.ovirt.org/releases/stable/fedora/16/ovirt-engine.repo -P /etc/yum.repos.d/

`/etc/yum.repos.d/ovirt-engine.repo' saved [125/125]


overt-engine.repo file will be stored under /etc/yum.repos.d directory.
# cat /etc/yum.repos.d/ovirt-engine.repo
[ovirt-engine-stable]
name=ovirt-engine-stable
baseurl=http://www.ovirt.org/releases/stable/fedora/16/
enabled=1
gpgcheck=0


install oVirt engine.
# yum install ovirt-engine -y


set up oVirt engine configuration

run startup script
# engine-setup
Error, Not enough available memory on the Host
(the minimum requirement is 2 GB and the recommended is 4 GB).
Please check log file /var/log/ovirt-engine/engine-setup_2012_02_27_16_01_08.log for more information


nnn , the oVirt engine machine requires 4GB memory at least…

Okay , I’ve added 4GB memory on the oVirt engine machine.

set up.
# engine-setup
Error: current locale (ja_JP.UTF-8) is not supported. supported locales are: en_US.UTF-8,en_US.utf-8,en_US.utf8


oh , error .

change locale from JP to US.
# cat /etc/sysconfig/i18n
LANG="en_US.UTF-8"
#LANG="ja_JP.UTF-8"


reboot the OS
# reboot


confirm the current locale.
# echo $LANG
en_US.UTF-8


try again.
# engine-setup
Welcome to oVirt Engine setup utility
HTTP Port  [8080] :
HTTPS Port  [8443] :
Host fully qualified domain name, note that this name should be fully resolvable  [FC16-1.localdomain] : localhost
ERROR: domain is not a valid domain name
User input failed validation, do you still wish to use it? (yes|no): no
Host fully qualified domain name, note that this name should be fully resolvable


nnn , needs to resolve FQDN for the ovirt engine node.

edit hosts file
# cat /etc/hosts
127.0.0.1   FC16-1.localdomain localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

# ping FC16-1.localdomain -c 1
PING FC16-1.localdomain (127.0.0.1) 56(84) bytes of data.
64 bytes from FC16-1.localdomain (127.0.0.1): icmp_req=1 ttl=64 time=0.031 ms


try again.

A shared storage seems to be required for the setup. ( red lines )
However I have not had the shared storage ( NFS , FC or ISCSI ) in my environment .
So I’m not sure whether or not this setup procedure is correct…
# engine-setup
Welcome to oVirt Engine setup utility
HTTP Port  [8080] :
HTTPS Port  [8443] :
Host fully qualified domain name, note that this name should be fully resolvable  [FC16-1.localdomain] :
FC16-1.localdomain did not resolve into an IP address
User input failed validation, do you still wish to use it? (yes|no): yes
Password for Administrator (admin@internal) :
Confirm password :
Database password (required for secure authentication with the locally created database) :
Confirm password :
Organization Name for the Certificate: localdomain
The default storage type you will be using  ['NFS'| 'FC'| 'ISCSI']  [NFS] :
Should the installer configure NFS share on this server to be used as an ISO Domain? ['yes'| 'no']  [yes] : no
Firewall ports need to be opened.
You can let the installer configure iptables automatically overriding the current configuration. The old configuration will be backed up.
Alternately you can configure the firewall later using an example iptables file found under /usr/share/ovirt-engine/conf/iptables.example
Configure iptables ? ['yes'| 'no']: yes

oVirt Engine will be installed using the following configuration:
=================================================================
http-port:                     8080
https-port:                    8443
host-fqdn:                     FC16-1.localdomain
auth-pass:                     ********
db-pass:                       ********
org-name:                      localdomain
default-dc-type:               NFS
override-iptables:             yes
Proceed with the configuration listed above? (yes|no): yes

Installing:
Configuring oVirt-engine...                              [ DONE ]
Creating CA...                                           [ DONE ]
Editing JBoss Configuration...                           [ DONE ]
Setting Database Security...                             [ DONE ]
Creating Database...                                     [ DONE ]
Updating the Default Data Center Storage Type...         [ DONE ]
Editing oVirt Engine Configuration...                    [ DONE ]
Configuring Firewall (iptables)...                       [ DONE ]
Starting JBoss Service...                                [ DONE ]

**** Installation completed successfully ******

    (Please allow oVirt Engine a few moments to start up.....)


Additional information:
* There is less than 4 GB available free memory on the Host.
It is  recommended to have at least 4 GB available memory to run the RHEV Manager.
* SSL Certificate fingerprint:
* SSH Public key fingerprint:
* The firewall has been updated, the old iptables configuration file was saved to /usr/share/ovirt-engine/conf/iptables.backup.193547-02282012_12690
* The installation log file is available at: /var/log/ovirt-engine/engine-setup_2012_02_28_19_33_45.log
* Please use the user "admin" and password specified in order to login into oVirt Engine
* To configure additional users, first configure authentication domains using the 'engine-manage-domains' utility
* To access oVirt Engine please go to the following URL: http://FC16-1.localdomain:8080


# cat /etc/sysconfig/iptables
# Generated by rhevm-installer
#filtering rules
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [52:9697]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8006 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8007 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8008 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 8443 -j ACCEPT
#drop all rule
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT


# lsof -ni:8080
COMMAND   PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
java    15535 jboss-as  259u  IPv4 157259      0t0  TCP *:webcache (LISTEN)


access to 8080 port with an web browser.


click “Administrator Portal” and log in.
user : admin
credentials : letters you entered when issuing engine-setup


okay ,,, the next step is preparing an ovirt node and manage it via ovrit engine.
stay tuned for the next post on this :)

Linux : TCP Window scaling


How to check whether or not your OS supports TCP Window scaling.

# cat /proc/sys/net/ipv4/tcp_window_scaling
1

1 : enable window scale
0 : disable window scale

[ when disabling TCP window scale ]

Client ( CentOS 6.2 ) ------ web sites

OS informs Window scaling factor when sending syn packet.
# echo 0 > /proc/sys/net/ipv4/tcp_window_scaling


capture and then access to an web site.
# tshark -i eth0 port 80 -w ws_disable.pcap

# wget http://www.google.com


Here’s a syn packet sent from the client

Client -> google

the client does not add window scale option in TCP options.
  Flags: 0x02 (SYN)
       0... .... = Congestion Window Reduced (CWR): Not set
       .0.. .... = ECN-Echo: Not set
       ..0. .... = Urgent: Not set
       ...0 .... = Acknowledgement: Not set
       .... 0... = Push: Not set
       .... .0.. = Reset: Not set
       .... ..1. = Syn: Set

   Options: (16 bytes)
       Maximum segment size: 1460 bytes
       SACK permitted


[ when enabling Window scale ]

enable window scale
# echo 1 > /proc/sys/net/ipv4/tcp_window_scaling

# tshark -i eth0 port 80 -w ws_enable.pcap
# wget http://www.google.com


syn packet
The client adds window scaling factor in TCP options.
   Flags: 0x02 (SYN)
       0... .... = Congestion Window Reduced (CWR): Not set
       .0.. .... = ECN-Echo: Not set
       ..0. .... = Urgent: Not set
       ...0 .... = Acknowledgement: Not set
       .... 0... = Push: Not set
       .... .0.. = Reset: Not set
       .... ..1. = Syn: Set

   Options: (20 bytes)
       Maximum segment size: 1460 bytes
       SACK permitted
       Timestamps: TSval 807482, TSecr 0
       NOP
       Window scale: 6 (multiply by 64)  <-  2**6  =64


In this case , Window size will be 1460 * 2**6 = 93440

[ how to change window scaling factor ]

You may change scaling factor by editing the following three files. ( receive buffer )

/proc/sys/net/ipv4/tcp_rmem
/proc/sys/net/core/rmem_default
/proc/sys/net/core/rmem_max

The scaling factor range is from 0 to 14.

- scaling factor : 0

# echo "4096 65535 65535" > /proc/sys/net/ipv4/tcp_rmem
# echo 65535 > /proc/sys/net/core/rmem_default
# echo 65535 > /proc/sys/net/core/rmem_max

   Options: (20 bytes)
       Maximum segment size: 1460 bytes
       SACK permitted
       Timestamps: TSval 1516864, TSecr 0
       NOP
       Window scale: 0 (multiply by 1)


window size : 1460 * 2**0 = 1460

- scaling factor : 1

# echo 131070 > /proc/sys/net/core/rmem_max
# echo 131070 > /proc/sys/net/core/rmem_default
# echo "4096 131070 131070" > /proc/sys/net/ipv4/tcp_rmem

   Options: (20 bytes)
       Maximum segment size: 1460 bytes
       SACK permitted
       Timestamps: TSval 1665986, TSecr 0
       NOP
       Window scale: 1 (multiply by 2)


window size : 1460 * 2**1 = 2920

- scaling factor : 2

# echo "4096 196605 196605" > /proc/sys/net/ipv4/tcp_rmem
# echo 196605 > /proc/sys/net/core/rmem_default
# echo 196605 > /proc/sys/net/core/rmem_max

   Options: (20 bytes)
       Maximum segment size: 1460 bytes
       SACK permitted
       Timestamps: TSval 1892175, TSecr 0
       NOP
       Window scale: 2 (multiply by 4)


- scaling factor : 3

# echo "4096 300000 300000" > /proc/sys/net/core/rmem_default
# echo 300000 > /proc/sys/net/core/rmem_max
# echo 300000 > /proc/sys/net/core/rmem_default

   Options: (20 bytes)
       Maximum segment size: 1460 bytes
       SACK permitted
       Timestamps: TSval 3386446, TSecr 0
       NOP
       Window scale: 3 (multiply by 8)


- scaling factor : 4

# echo 1048560 > /proc/sys/net/core/rmem_default
# echo 1048560 > /proc/sys/net/core/rmem_max
# echo "4096 1048560 1048560" > /proc/sys/net/ipv4/tcp_rmem

   Options: (20 bytes)
       Maximum segment size: 1460 bytes
       SACK permitted
       Timestamps: TSval 3644467, TSecr 0
       NOP
       Window scale: 4 (multiply by 16)


- scaling factor : 5

>>> 65535*2**5
2097120

scaling factor becomes 5 ???
# echo 2097120 > /proc/sys/net/core/rmem_default
# echo 2097120 > /proc/sys/net/core/rmem_max
# echo "4096 2097120 2097120" > /proc/sys/net/ipv4/tcp_rmem

   Options: (20 bytes)
       Maximum segment size: 1460 bytes
       SACK permitted
       Timestamps: TSval 3817108, TSecr 0
       NOP
       Window scale: 5 (multiply by 32)


- scaling factor : 6

>>> 65535*2**6
4194240
# echo 4194240 > /proc/sys/net/core/rmem_default
# echo 4194240 > /proc/sys/net/core/rmem_max
# echo "4096 4194240 4194240" > /proc/sys/net/ipv4/tcp_rmem

   Options: (20 bytes)
       Maximum segment size: 1460 bytes
       SACK permitted
       Timestamps: TSval 4000584, TSecr 0
       NOP
       Window scale: 6 (multiply by 64)


- scaling factor : 7

>>> 65535*2**7
8388480
# echo 8388480 > /proc/sys/net/core/rmem_default
# echo 8388480 > /proc/sys/net/core/rmem_max
# echo "4096 8388480 8388480" > /proc/sys/net/ipv4/tcp_rmem

   Options: (20 bytes)
       Maximum segment size: 1460 bytes
       SACK permitted
       Timestamps: TSval 4338817, TSecr 0
       NOP
       Window scale: 7 (multiply by 128)


- scaling factor : 8

>>> 65535*2**8
16776960
# echo "4096 16776960 16776960" > /proc/sys/net/ipv4/tcp_rmem
# echo 16776960 > /proc/sys/net/core/rmem_default
# echo 16776960 > /proc/sys/net/core/rmem_max

   Options: (20 bytes)
       Maximum segment size: 1460 bytes
       SACK permitted
       Timestamps: TSval 4465434, TSecr 0
       NOP
       Window scale: 8 (multiply by 256)


- scaling factor : 9

>>> 65535*2**9
33553920
# echo 33553920 > /proc/sys/net/core/rmem_default
# echo 33553920 > /proc/sys/net/core/rmem_max
# echo "4096 33553920 33553920" > /proc/sys/net/ipv4/tcp_rmem

   Options: (20 bytes)
       Maximum segment size: 1460 bytes
       SACK permitted
       Timestamps: TSval 4596689, TSecr 0
       NOP
       Window scale: 9 (multiply by 512)


scale factor 10 – 14 ….. I’m tired of checking … :(