Appendix B. Migrating Databases and Services to a Remote Server
Although you cannot configure remote databases and services during the automated installation, you can migrate them to a remote server post-installation.
B.1. Migrating the Self-Hosted Engine Database to a Remote Server
You can migrate the engine
database of a self-hosted engine to a remote database server after the Red Hat Virtualization Manager has been initially configured. Use engine-backup
to create a database backup and restore it on the new database server.
The new database server must have Red Hat Enterprise Linux 7 installed and the required repositories enabled:
Enabling the Red Hat Virtualization Manager Repositories
Register the system with Red Hat Subscription Manager, attach the Red Hat Virtualization Manager
subscription, and enable Manager repositories.
Procedure
Register your system with the Content Delivery Network, entering your Customer Portal user name and password when prompted:
# subscription-manager register
NoteIf you are using an IPv6 network, use an IPv6 transition mechanism to access the Content Delivery Network and subscription manager.
Find the
Red Hat Virtualization Manager
subscription pool and record the pool ID:# subscription-manager list --available
Use the pool ID to attach the subscription to the system:
# subscription-manager attach --pool=pool_id
NoteTo view currently attached subscriptions:
# subscription-manager list --consumed
To list all enabled repositories:
# yum repolist
Configure the repositories:
# subscription-manager repos \ --disable='*' \ --enable=rhel-7-server-rpms \ --enable=rhel-7-server-supplementary-rpms \ --enable=rhel-7-server-rhv-4.3-manager-rpms \ --enable=rhel-7-server-rhv-4-manager-tools-rpms \ --enable=rhel-7-server-ansible-2.9-rpms \ --enable=jb-eap-7.2-for-rhel-7-server-rpms
Migrating the Self-Hosted Engine Database to a Remote Server
Log in to a self-hosted engine node and place the environment into
global
maintenance mode. This disables the High Availability agents and prevents the Manager virtual machine from being migrated during the procedure:# hosted-engine --set-maintenance --mode=global
Log in to the Red Hat Virtualization Manager machine and stop the
ovirt-engine
service so that it does not interfere with the engine backup:# systemctl stop ovirt-engine.service
Create the
engine
database backup:# engine-backup --scope=files --scope=db --mode=backup --file=file_name --log=backup_log_name
Copy the backup file to the new database server:
# scp /tmp/engine.dump root@new.database.server.com:/tmp
Log in to the new database server and install
engine-backup
:# yum install ovirt-engine-tools-backup
Restore the database on the new database server. file_name is the backup file copied from the Manager.
# engine-backup --mode=restore --scope=files --scope=db --file=file_name --log=restore_log_name --provision-db --no-restore-permissions
Now that the database has been migrated, start the
ovirt-engine
service:# systemctl start ovirt-engine.service
Log in to a self-hosted engine node and turn off maintenance mode, enabling the High Availability agents:
# hosted-engine --set-maintenance --mode=none
B.2. Migrating Data Warehouse to a Separate Machine
This section describes how to migrate the Data Warehouse database and service from the Red Hat Virtualization Manager to a separate machine. Hosting the Data Warehouse service on a separate machine reduces the load on each individual machine, and allows each service to avoid potential conflicts caused by sharing CPU and memory resources with other processes.
You can migrate the Data Warehouse service and connect it with the existing Data Warehouse database (ovirt_engine_history
), or you can migrate the Data Warehouse database to the separate machine before migrating the Data Warehouse service. If the Data Warehouse database is hosted on the Manager, migrating the database in addition to the Data Warehouse service further reduces the competition for resources on the Manager machine. You can migrate the database to the same machine onto which you will migrate the Data Warehouse service, or to a machine that is separate from both the Manager machine and the new Data Warehouse service machine.
B.2.1. Migrating the Data Warehouse Database to a Separate Machine
Migrate the Data Warehouse database (ovirt_engine_history
) before you migrate the Data Warehouse service. Use engine-backup
to create a database backup and restore it on the new database machine. For more information on engine-backup
, run engine-backup --help
.
To migrate the Data Warehouse service only, see Section B.2.2, “Migrating the Data Warehouse Service to a Separate Machine”.
The new database server must have Red Hat Enterprise Linux 7 installed. Enable the required repositories on the new database server.
Enabling the Red Hat Virtualization Manager Repositories
Register the system with Red Hat Subscription Manager, attach the Red Hat Virtualization Manager
subscription, and enable Manager repositories.
Procedure
Register your system with the Content Delivery Network, entering your Customer Portal user name and password when prompted:
# subscription-manager register
NoteIf you are using an IPv6 network, use an IPv6 transition mechanism to access the Content Delivery Network and subscription manager.
Find the
Red Hat Virtualization Manager
subscription pool and record the pool ID:# subscription-manager list --available
Use the pool ID to attach the subscription to the system:
# subscription-manager attach --pool=pool_id
NoteTo view currently attached subscriptions:
# subscription-manager list --consumed
To list all enabled repositories:
# yum repolist
Configure the repositories:
# subscription-manager repos \ --disable='*' \ --enable=rhel-7-server-rpms \ --enable=rhel-7-server-supplementary-rpms \ --enable=rhel-7-server-rhv-4.3-manager-rpms \ --enable=rhel-7-server-rhv-4-manager-tools-rpms \ --enable=rhel-7-server-ansible-2.9-rpms \ --enable=jb-eap-7.2-for-rhel-7-server-rpms
Migrating the Data Warehouse Database to a Separate Machine
Create a backup of the Data Warehouse database and configuration files on the Manager:
# engine-backup --mode=backup --scope=dwhdb --scope=files --file=file_name --log=log_file_name
Copy the backup file from the Manager to the new machine:
# scp /tmp/file_name root@new.dwh.server.com:/tmp
Install
engine-backup
on the new machine:# yum install ovirt-engine-tools-backup
Install the PostgreSQL server package:
# yum install rh-postgresql10 rh-postgresql10-postgresql-contrib
Initialize the PostgreSQL database, start the
postgresql
service, and ensure that this service starts on boot:# scl enable rh-postgresql10 -- postgresql-setup --initdb # systemctl enable rh-postgresql10-postgresql # systemctl start rh-postgresql10-postgresql
Restore the Data Warehouse database on the new machine. file_name is the backup file copied from the Manager.
# engine-backup --mode=restore --scope=files --scope=dwhdb --file=file_name --log=log_file_name --provision-dwh-db --no-restore-permissions
The Data Warehouse database is now hosted on a separate machine from that on which the Manager is hosted. After successfully restoring the Data Warehouse database, a prompt instructs you to run the engine-setup
command. Before running this command, migrate the Data Warehouse service.
B.2.2. Migrating the Data Warehouse Service to a Separate Machine
You can migrate the Data Warehouse service installed and configured on the Red Hat Virtualization Manager to a separate machine. Hosting the Data Warehouse service on a separate machine helps to reduce the load on the Manager machine.
Notice that this procedure migrates the Data Warehouse service only.
To migrate the Data Warehouse database (ovirt_engine_history
) prior to migrating the Data Warehouse service, see Section B.2.1, “Migrating the Data Warehouse Database to a Separate Machine”.
Prerequisites
- You must have installed and configured the Manager and Data Warehouse on the same machine.
To set up the new Data Warehouse machine, you must have the following:
- The password from the Manager’s /etc/ovirt-engine/engine.conf.d/10-setup-database.conf file.
- Allowed access from the Data Warehouse machine to the Manager database machine’s TCP port 5432.
-
The username and password for the Data Warehouse database from the Manager’s /etc/ovirt-engine-dwh/ovirt-engine-dwhd.conf.d/10-setup-database.conf file. If you migrated the
ovirt_engine_history
database using Section B.2.1, “Migrating the Data Warehouse Database to a Separate Machine”, the backup includes these credentials, which you defined during the database setup on that machine.
Installing this scenario requires four steps:
B.2.2.1. Setting up the New Data Warehouse Machine
Enable the Red Hat Virtualization repositories and install the Data Warehouse setup package on a Red Hat Enterprise Linux 7 machine:
Enable the required repositories:
Register your system with the Content Delivery Network, entering your Customer Portal user name and password when prompted:
# subscription-manager register
Find the
Red Hat Virtualization Manager
subscription pool and record the pool ID:# subscription-manager list --available
Use the pool ID to attach the subscription to the system:
# subscription-manager attach --pool=pool_id
Configure the repositories:
# subscription-manager repos \ --disable='*' \ --enable=rhel-7-server-rpms \ --enable=rhel-7-server-supplementary-rpms \ --enable=rhel-7-server-rhv-4.3-manager-rpms \ --enable=rhel-7-server-rhv-4-manager-tools-rpms \ --enable=rhel-7-server-ansible-2.9-rpms \ --enable=jb-eap-7.2-for-rhel-7-server-rpms
Ensure that all packages currently installed are up to date:
# yum update
Install the
ovirt-engine-dwh-setup
package:# yum install ovirt-engine-dwh-setup
B.2.2.2. Stopping the Data Warehouse Service on the Manager Machine
Stop the Data Warehouse service:
# systemctl stop ovirt-engine-dwhd.service
If the database is hosted on a remote machine, you must manually grant access by editing the postgres.conf file. Edit the /var/opt/rh/rh-postgresql10/lib/pgsql/data/postgresql.conf file and modify the listen_addresses line so that it matches the following:
listen_addresses = '*'
If the line does not exist or has been commented out, add it manually.
If the database is hosted on the Manager machine and was configured during a clean setup of the Red Hat Virtualization Manager, access is granted by default.
See Section B.2.1, “Migrating the Data Warehouse Database to a Separate Machine” for more information on how to configure and migrate the Data Warehouse database.
Restart the postgresql service:
# systemctl restart rh-postgresql10-postgresql
B.2.2.3. Configuring the New Data Warehouse Machine
The order of the options or settings shown in this section may differ depending on your environment.
If you are migrating both the
ovirt_engine_history
database and the Data Warehouse service to the same machine, run the following, otherwise proceed to the next step.# sed -i '/^ENGINE_DB_/d' \ /etc/ovirt-engine-dwh/ovirt-engine-dwhd.conf.d/10-setup-database.conf # sed -i \ -e 's;^\(OVESETUP_ENGINE_CORE/enable=bool\):True;\1:False;' \ -e '/^OVESETUP_CONFIG\/fqdn/d' \ /etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf
Run the
engine-setup
command to begin configuration of Data Warehouse on the machine:# engine-setup
Press
Enter
to configure Data Warehouse:Configure Data Warehouse on this host (Yes, No) [Yes]:
Press Enter to accept the automatically detected host name, or enter an alternative host name and press Enter:
Host fully qualified DNS name of this server [autodetected host name]:
Press
Enter
to automatically configure the firewall, or typeNo
and pressEnter
to maintain existing settings:Setup can automatically configure the firewall on this system. Note: automatic configuration of the firewall may overwrite current settings. Do you want Setup to configure the firewall? (Yes, No) [Yes]:
If you choose to automatically configure the firewall, and no firewall managers are active, you are prompted to select your chosen firewall manager from a list of supported options. Type the name of the firewall manager and press
Enter
. This applies even in cases where only one option is listed.Enter the fully qualified domain name and password for the Manager. Press Enter to accept the default values in each other field:
Host fully qualified DNS name of the engine server []: engine-fqdn Setup needs to do some actions on the remote engine server. Either automatically, using ssh as root to access it, or you will be prompted to manually perform each such action. Please choose one of the following: 1 - Access remote engine server using ssh as root 2 - Perform each action manually, use files to copy content around (1, 2) [1]: ssh port on remote engine server [22]: root password on remote engine server engine-fqdn: password
Enter the FQDN and password for the Manager database machine. Press
Enter
to accept the default values in each other field:Engine database host []: manager-db-fqdn Engine database port [5432]: Engine database secured connection (Yes, No) [No]: Engine database name [engine]: Engine database user [engine]: Engine database password: password
Confirm your installation settings:
Please confirm installation settings (OK, Cancel) [OK]:
The Data Warehouse service is now configured on the remote machine. Proceed to disable the Data Warehouse service on the Manager machine.
B.2.2.4. Disabling the Data Warehouse Service on the Manager Machine
On the Manager machine, restart the Manager:
# service ovirt-engine restart
Run the following command to modify the file /etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf and set the options to
False
:# sed -i \ -e 's;^\(OVESETUP_DWH_CORE/enable=bool\):True;\1:False;' \ -e 's;^\(OVESETUP_DWH_CONFIG/remoteEngineConfigured=bool\):True;\1:False;' \ /etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf
Disable the Data Warehouse service:
# systemctl disable ovirt-engine-dwhd.service
Remove the Data Warehouse files:
# rm -f /etc/ovirt-engine-dwh/ovirt-engine-dwhd.conf.d/* .conf /var/lib/ovirt-engine-dwh/backups/*
The Data Warehouse service is now hosted on a separate machine from the Manager.
B.3. Migrating the Websocket Proxy to a Separate Machine
The websocket proxy and noVNC are Technology Preview features only. Technology Preview features are not supported with Red Hat production service-level agreements (SLAs) and might not be functionally complete, and Red Hat does not recommend using them for production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process. For more information see Red Hat Technology Preview Features Support Scope.
For security or performance reasons the websocket proxy can run on a separate machine that does not run the Red Hat Virtualization Manager. The procedure to migrate the websocket proxy from the Manager machine to a separate machine involves removing the websocket proxy configuration from the Manager machine, then installing the proxy on the separate machine.
The engine-cleanup
command can be used to remove the websocket proxy from the Manager machine:
Removing the Websocket Proxy from the Manager machine
On the Manager machine, run
engine-cleanup
to remove the required configuration.# engine-cleanup
Type
No
when asked to remove all components and pressEnter
.Do you want to remove all components? (Yes, No) [Yes]: No
Type
No
when asked to remove the engine and pressEnter
.Do you want to remove the engine? (Yes, No) [Yes]: No
Type
Yes
when asked to remove the websocket proxy and pressEnter
.Do you want to remove the WebSocket proxy? (Yes, No) [No]: Yes
Select
No
if asked to remove any other components.
Installing a Websocket Proxy on a Separate Machine
The websocket proxy and noVNC are Technology Preview features only. Technology Preview features are not supported with Red Hat production service-level agreements (SLAs) and might not be functionally complete, and Red Hat does not recommend using them for production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process. For more information see Red Hat Technology Preview Features Support Scope.
The websocket proxy allows users to connect to virtual machines through a noVNC console. The noVNC client uses websockets to pass VNC data. However, the VNC server in QEMU does not provide websocket support, so a websocket proxy must be placed between the client and the VNC server. The proxy can run on any machine that has access to the network, including the the Manager machine.
For security and performance reasons, users may want to configure the websocket proxy on a separate machine.
Procedure
Install the websocket proxy:
# yum install ovirt-engine-websocket-proxy
Run the
engine-setup
command to configure the websocket proxy.# engine-setup
NoteIf the
rhvm
package has also been installed, chooseNo
when asked to configure the Manager (Engine
) on this host.Press
Enter
to allowengine-setup
to configure a websocket proxy server on the machine.Configure WebSocket Proxy on this machine? (Yes, No) [Yes]:
Press
Enter
to accept the automatically detected host name, or enter an alternative host name and pressEnter
. Note that the automatically detected host name may be incorrect if you are using virtual hosts:Host fully qualified DNS name of this server [host.example.com]:
Press
Enter
to allowengine-setup
to configure the firewall and open the ports required for external communication. If you do not allowengine-setup
to modify your firewall configuration, then you must manually open the required ports.Setup can automatically configure the firewall on this system. Note: automatic configuration of the firewall may overwrite current settings. Do you want Setup to configure the firewall? (Yes, No) [Yes]:
Enter the FQDN of the Manager machine and press
Enter
.Host fully qualified DNS name of the engine server []: manager.example.com
Press
Enter
to allowengine-setup
to perform actions on the Manager machine, or press2
to manually perform the actions.Setup will need to do some actions on the remote engine server. Either automatically, using ssh as root to access it, or you will be prompted to manually perform each such action. Please choose one of the following: 1 - Access remote engine server using ssh as root 2 - Perform each action manually, use files to copy content around (1, 2) [1]:
Press
Enter
to accept the default SSH port number, or enter the port number of the Manager machine.ssh port on remote engine server [22]:
Enter the root password to log in to the Manager machine and press
Enter
.root password on remote engine server engine_host.example.com:
Select whether to review iptables rules if they differ from the current settings.
Generated iptables rules are different from current ones. Do you want to review them? (Yes, No) [No]:
Press
Enter
to confirm the configuration settings.--== CONFIGURATION PREVIEW ==-- Firewall manager : iptables Update Firewall : True Host FQDN : host.example.com Configure WebSocket Proxy : True Engine Host FQDN : engine_host.example.com Please confirm installation settings (OK, Cancel) [OK]:
Instructions are provided to configure the Manager machine to use the configured websocket proxy.
Manual actions are required on the engine host in order to enroll certs for this host and configure the engine about it. Please execute this command on the engine host: engine-config -s WebSocketProxy=host.example.com:6100 and than restart the engine service to make it effective
Log in to the Manager machine and execute the provided instructions.
# engine-config -s WebSocketProxy=host.example.com:6100 # systemctl restart ovirt-engine.service