Cloudmin GPL Script on CentOS 7 does not produce a working environment

Downloaded the CM GPL Script for Xen from https://www.virtualmin.com/documentation/cloudmin/gpl

Running it I found a couple issues. The script installs xen and xen-libs from the repo chosen but those packages don't exist for CentOS 7 so I changed the script to read xen46 and xen46-libs. The script runs fine up until you hit the firewall section and then the grub loader.

Opening port 10000 on IPtables firewall ..
IPtables is not available
.. failed
...
Configuring GRUB to boot Xen-capable kernel ..
GRUB v1 not found on this system!
Cloudmin GPL has been successfully installed. However, you will need to
reboot to activate the new Xen-capable kernel before any Xen instances
can be created.
---

I fixed the grub loader to use the new Xen kernel and then rebooted. Server come up fine. When I try to use the xl command, I get errors.

[root@localhost ~]# xl info
xc: error: Could not obtain handle on privileged command interface (2 = No such file or directory): Internal error
libxl: error: libxl.c:116:libxl_ctx_alloc: cannot open libxc handle: No such file or directory
cannot init xl context

I'm stumped.

Status: 
Active

Comments

Howdy -- hmm, that's an unusual error! Sounds like there's a missing dependency.

I did some Googling, and see other examples of that occurring on CentOS 7, but most of those issues don't have solutions listed.

I'll continue to do some research into that, as we'd certainly like for Xen to work out of the box.

But I wanted to mention in the meantime that I'd highly recommend KVM over Xen if possible. It's far better supported by the various distros in question, but especially so on CentOS.

Steffan's picture
Submitted by Steffan on Tue, 07/19/2016 - 00:49 Pro Licensee

Problem is that I already have Xen VMs on CentOS 6 so moving to 7 is next. I tried the instructions here: http://xen.crc.id.au/support/guides/install/ with no luck. This is the same repo the gpl script uses. I emailed the package maintainer to see if he has any advice on this.

Can you tell us more about the changes you made to the install script? I'd like to test this out, and maybe include your changes in the official script.

Steffan's picture
Submitted by Steffan on Wed, 07/20/2016 - 00:09 Pro Licensee

I ended up nuking my script when I wiped the machine clean to start over fresh. I then followed the steps on http://xen.crc.id.au/support/guides/install/ exactly to the T. Lo and behold:

[root@localhost ~]# xl info
host                   : localhost.localdomain
release                : 4.4.13-1.el7xen.x86_64
version                : #1 SMP Thu Jun 9 13:25:43 AEST 2016
machine                : x86_64
nr_cpus                : 16
max_cpu_id             : 31
nr_nodes               : 2
cores_per_socket       : 4
threads_per_core       : 2
cpu_mhz                : 2394
hw_caps                : bfebfbff:2c100800:00000000:00003f00:029ee3ff:00000000:00000001:00000000
virt_caps              : hvm
total_memory           : 65523
free_memory            : 63786
sharing_freed_memory   : 0
sharing_used_memory    : 0
outstanding_claims     : 0
free_cpus              : 0
xen_major              : 4
xen_minor              : 6
xen_extra              : .3
xen_version            : 4.6.3
xen_caps               : xen-3.0-x86_64 xen-3.0-x86_32p hvm-3.0-x86_32 hvm-3.0-x86_32p hvm-3.0-x86_64 
xen_scheduler          : credit
xen_pagesize           : 4096
platform_params        : virt_start=0xffff800000000000
xen_changeset          : 
xen_commandline        : placeholder dom0_mem=1024M cpufreq=xen dom0_max_vcpus=1 dom0_vcpus_pin console=tty0 console=com1 com1=115200,8n1
cc_compiler            : gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-4)
cc_compile_by          : mockbuild
cc_compile_domain      : [unknown]
cc_compile_date        : Fri Jun 24 12:30:10 AEST 2016
xend_config_format     : 4

I'll try tinkering with the script again but I can see it would work if modified for all the changes in CentOS 7.

Steffan's picture
Submitted by Steffan on Sat, 07/23/2016 - 09:48 Pro Licensee

You guys never added back the ability to attach a file to EACH comment so, here is what I have so far for tonight. I have not yet been able to test the changes you make to the virt stuff. The file you check for doesn't seem to exist on CentOS 7 so not sure if that's relevant or not. I'll work more on it tomorrow as I test each piece. I'm no pro like you guys but this script, as it sits will only work on RedHat/CentOS 7 not 6 because the Xen versions differ. With the repo you guys use, for CentOS 6 the package is xen but on CentOS 7 it's xen44, xen45 or xen46. I chose the latest. Xen 4.7 is coming out soon so I'm sure he'll have a xen47 before too long. I need to figure out how to parse those options and grab the latest and install that. There is only one kernel-xen in the CentOS 7 repo so, all good there. I did find an issue with the firewall that I'll need to check too.

Opening port 10000 on IPtables firewall ..
IPtables is not available
.. failed

Post Edited - See code below

Steffan's picture
Submitted by Steffan on Sat, 07/23/2016 - 09:47 Pro Licensee

Here's what I have. Time to test if no one else is brave. haha...

#!/bin/sh
# cloudmin-gpl-redhat-install.sh
# Copyright 2005-2016 Virtualmin, Inc.
#
# Installs Cloudmin GPL for Xen and all dependencies on a CentOS, RHEL or
# Fedora system.
#
# Contributions from Steffan Cline steffan@hldns.com and Chris Buxton chris.buxton@me.com
 
VER=1.2
OS=`cat /etc/redhat-release | awk '{$1=$1};1'`
 
# Define functions
yesno () {
    while read line; do
        case $line in
            y|Y|Yes|YES|yes|yES|yEs|YeS|yeS) return 0
            ;;
            n|N|No|NO|no|nO) return 1
            ;;
            *)
            printf "\nPlease enter y or n: "
            ;;
        esac
    done
}
 
# Ask the user first
cat <<EOF
*******************************************************************************
*       Welcome to the Cloudmin GPL for Xen installer, version $VER           *
*******************************************************************************
 
 Operating systems supported by this installer are:
 
 Fedora Core 3-12 on i386 and x86_64
 CentOS and RHEL 3-7 on i386 and x86_64
 
 If $OS is not listed above, this script will fail (and attempting
 to run it on an unsupported OS is not recommended, or...supported).
EOF
printf " Continue? (y/n) "
if ! yesno
then exit
fi
echo ""
 
# Cleanup old repo files
rm -f /etc/yum.repos.d/vm2* /etc/yum.repos.d/cloudmin*
 
# Check for yum
echo Checking for yum ..
if [ ! -x /usr/bin/yum ]; then
    echo .. not installed. The Cloudmin installer requires YUM to download packages
    echo ""
    exit 1
fi
echo .. found OK
echo ""
 
# Make sure we have wget
echo "Installing wget .."
yum install -y wget
echo ".. done"
echo ""
 
# Check for wget or curl
echo "Checking for curl or wget..."
if [ -x "/usr/bin/curl" ]; then
    download="/usr/bin/curl -s "
elif [ -x "/usr/bin/wget" ]; then
    download="/usr/bin/wget -nv -O -"
else
    echo "No web download program available: Please install curl or wget"
    echo "and try again."
    exit 1
fi
echo "found $download"
echo ""
 
# Create Cloudmin licence file
echo Creating Cloudmin licence file
cat >/etc/server-manager-license <<EOF
SerialNumber=GPL
LicenseKey=GPL
EOF
chmod 600 /etc/server-manager-license
 
# Download GPG keys
echo Downloading GPG keys for packages ..
$download "http://software.virtualmin.com/lib/RPM-GPG-KEY-virtualmin" >/etc/pki/rpm-gpg/RPM-GPG-KEY-virtualmin
if [ "$?" != 0 ]; then
    echo .. download failed
    exit 1
fi
$download "http://software.virtualmin.com/lib/RPM-GPG-KEY-webmin" >/etc/pki/rpm-gpg/RPM-GPG-KEY-webmin
if [ "$?" != 0 ]; then
    echo .. download failed
    exit 1
fi
echo .. done
echo ""
 
# Import keys
echo Importing GPG keys ..
rpm -q gpg-pubkey-a0bdbcf9-42d1d837 || rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-virtualmin
rpm -q gpg-pubkey-11f63c51-3c7dc11d || rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-webmin
echo .. done
echo ""
 
# Setup the YUM repo file
echo Creating YUM repository for Cloudmin packages ..
cat >/etc/yum.repos.d/cloudmin.repo <<EOF
[cloudmin-universal]
name=Cloudmin Distribution Neutral
baseurl=http://cloudmin.virtualmin.com/gpl/universal/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-virtualmin
gpgcheck=1
EOF
echo .. done
echo ""
 
# Enable Xen kernels repo, if on CentOS
#yum info kernel-xen >/dev/null 2>&1
#if [ "$?" != 0 ]; then
#   echo Enabling Xen kernel repo for $OS ..
#   yum install wget
#   yum install http://au1.mirror.crc.id.au/repo/kernel-xen-release-latest.noarch.rpm
#   if [ "$?" != 0 ]; then
#       echo .. repo install failed
#       exit 1
#   fi
#   echo .. done
#   echo ""
#fi
 
# YUM install Perl, modules and other dependencies
echo Installing required Perl modules using YUM ..
yum install -y perl openssl perl-Net-SSLeay vixie-cron bind bind-utils lsof perl-Data-Dumper 
if [ "$?" != 0 ]; then
    echo .. install failed
    exit 1
fi
yum install -y perl-JSON
yum install -y dhcp
yum install -y openssh-clients
echo .. done
echo ""
 
# YUM install Steven Haigh's Xen repo, Xen, modules and other dependencies
# This section will pick the latest verion of Xen available. The repo only has 1 version 
# of xen for CentOS6/RHEL6. For CentOS7/RHEL7 there are options of xen44, xen45 and xen46 as of 7/20/2016.
# xen.x86_64 (4.2) will be chosen for CentOS6/RHEL6 and xen46.x86_64 for CentOS7/RHEL7. If a newer
# version of Xen is available such as xen47, it will then be the default for the newer OS.
echo Installing required Xen modules using YUM ..
xen_installed_version=$(yum list installed xen* | awk '/^xen[[:digit:]]*\.x86_64/{print $1}')
xen_latest_version=$(yum list xen* | awk '/^xen[[:digit:]]*\.x86_64/{print $1}' | sort | tail -1)
if [[ "$xen_installed_version" == "" ]]; then
    # do NOT change the order or Xen will fail miserably
    yum install -y bridge-utils
    yum install -y http://au1.mirror.crc.id.au/repo/kernel-xen-release-latest.noarch.rpm
    yum install -y $xen_latest_version
    yum install -y kernel-xen
else
    echo "You already have the $xen_installed_version package installed. This installer will not overwrite an existing Xen install." 
fi
echo .. done
echo ""
 
# disable SELinux
echo Disabling SELinux ..
sed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/sysconfig/selinux
/usr/sbin/setenforce 0
echo .. done
echo ""
 
# Check for virbrN interfaces
echo "Checking for and disabling virbr interfaces .."
ifaces=`/sbin/ifconfig -a | grep "^virbr" | cut -d " " -f 1`
if [ "$ifaces" != "" ]; then
    echo ".. need to disable $ifaces .."
    for iface in $ifaces; do
        /sbin/ifconfig $iface 0.0.0.0 down
    done
    echo ".. done"
else
    echo ".. none found"
fi
if [ -r /etc/libvirt/qemu/networks/default.xml ]; then
    cp /etc/libvirt/qemu/networks/default.xml /etc/libvirt/qemu/networks/default.xml.disabled
    cat /dev/null >/etc/libvirt/qemu/networks/default.xml
fi
echo ""
 
# YUM install webmin, theme and Cloudmin
echo Installing Cloudmin packages using YUM ..
yum install -y webmin wbm-server-manager wbt-virtual-server-theme wbt-virtual-server-mobile wbm-security-updates
if [ "$?" != 0 ]; then
    echo .. install failed
    exit 1
fi
mkdir -p /xen
echo .. done
echo ""
 
# Configure Webmin to use theme
echo Configuring Webmin ..
grep -v "^preroot=" /etc/webmin/miniserv.conf >/tmp/miniserv.conf.$$
echo preroot=authentic-theme >>/tmp/miniserv.conf.$$
cat /tmp/miniserv.conf.$$ >/etc/webmin/miniserv.conf
rm -f /tmp/miniserv.conf.$$
grep -v "^theme=" /etc/webmin/config >/tmp/config.$$
echo theme=authentic-theme >>/tmp/config.$$
cat /tmp/config.$$ >/etc/webmin/config
rm -f /tmp/config.$$
/etc/webmin/restart
echo .. done
echo ""
 
# Setup BIND zone for virtual systems
basezone=`hostname -d`
if [ "$basezone" = "" ]; then
    basezone=example.com
fi
zone="cloudmin.$basezone"
echo Creating DNS zone $zone ..
/usr/libexec/webmin/server-manager/setup-bind-zone.pl --zone $zone --auto-view
if [ "$?" != 0 ]; then
  echo .. failed
else
  echo xen_zone=$zone >>/etc/webmin/server-manager/config
  echo xen_zone=$zone >>/etc/webmin/server-manager/this
  echo .. done
fi
echo ""
 
# Open Webmin firewall port - default for CentOS6/RHEL6
echo Opening port 10000 on IPtables firewall ..
ports="10000 10001 10002 10003 10004 10005 843"
/usr/libexec/webmin/firewall/open-ports.pl $ports
if [ "$?" != 0 ]; then
  echo .. failed
else
  echo .. done
fi
echo ""
 
# Open firewalld ports - default for CentOS7/RHEL7
if [ -x /usr/bin/firewall-cmd ]; then
  echo Opening port 10000 on Firewalld firewall ..
  for port in $ports; do
    /usr/bin/firewall-cmd --add-port=$port/tcp >/dev/null
    /usr/bin/firewall-cmd --permanent --add-port=$port/tcp >/dev/null
  done
  echo .. done
  echo ""
fi
 
# Use Xen kernel
# echo Configuring GRUB to boot Xen-capable kernel ..
# /usr/libexec/webmin/server-manager/setup-xen-kernel.pl
# Not needed since the kernel-xen package already enables the xen kernel
echo Setting the OS to always boot the xen kernel...
sed -i "s/DEFAULTKERNEL=kernel/DEFAULTKERNEL=kernel-xen/" /etc/sysconfig/kernel
echo .. done
echo ""
 
# Tell user about need to reboot
hostname=`hostname`
echo Cloudmin GPL has been successfully installed. However, you will need to
echo reboot to activate the new Xen-capable kernel before any Xen instances
echo can be created.
echo
echo Once this is done, you can log into Cloudmin at :
echo https://$hostname:10000/
 
# All done!
Steffan's picture
Submitted by Steffan on Sat, 07/23/2016 - 09:49 Pro Licensee

I would suggest that you add some code that sees no bridges and offers to create one so that a user trying the product can immediately create a new VM with minimal hassle.

I agree to steffan, the bridge setup is a pain, if cloudmin has to compete with the likes of proxmox.. you need to make it more user friendly.. some of network wizard like how there is for virtualmin..

Steffan's picture
Submitted by Steffan on Sat, 07/23/2016 - 10:45 Pro Licensee

I am merely a novice with this but I tried to create the bridge through the webmin interface and had some issues with it locking myself out of the server. I went to the server and changed the files manually and got it up and working.

Has anyone else tested this to see if further refinements are needed?

This is actually something we're hoping to simplify. We're going to talk about making the bridge setup automatic, as part of a wizard during the setup process.

Steffan's picture
Submitted by Steffan on Tue, 08/09/2016 - 00:52 Pro Licensee

Any progress with this?

Sorry, not yet, but it is still on the todo list!

Steffan's picture
Submitted by Steffan on Tue, 09/06/2016 - 15:22 Pro Licensee

Hopefully this will be merged. I had a couple people try out the product but then had to come back to me for my script. It'll be cool to see what you come up with regarding setting up a bridge to get it immediately ready to start creating VMs.

Steffan's picture
Submitted by Steffan on Mon, 09/26/2016 - 15:22 Pro Licensee

Has this been applied to the script so you have a working version for download?

Sorry for the delay!

Simplifying the bridge setup is something we'd like to do, but unfortunately may take some time to complete. That can be tricky to do properly, since it's changing the networking settings of a server, which can cause downtime if not done properly.

In the meantime it would need to be setup manually, sorry!

Steffan's picture
Submitted by Steffan on Tue, 09/27/2016 - 09:23 Pro Licensee

The bridge part can wait. The script as-is on the site does not work on CentOS 7. The changes I provided create a working environment and everything short of the bridge setup. I provided this work so people don't get put off by a non-working installer. My request is that you merge what I've provided for now.

Ah, my bad -- I saw the last few comments were in reference to creating a wizard for setting up bridging, and completely overlooked the script you had shared above.

Do you happen to have a diff of yours as compared to the original?

In the meantime I'll follow up with Jamie about including these changes the official script. Thanks!

Bridge setup automatically is something i would endorse too, had myself also locked out once too :-)