6.5 Configuring the KVM Provisioning Adapter

If you manage a KVM (kernel based virtual machine) hypervisor environment where the hypervisor funs on a SUSE Linux Enterprise Server (SLES) 11 SP1 host machine, you can use the Orchestration KVM provisioning adapter to help manage its VMs and to expose guest OS machines to Cloud Manager.

The KVM provisioning adapter uses job configuration settings specified on the kvm job, which is automatically deployed when you start the Orchestration Server. You can select these settings when you select the kvm job and open the Job Configuration tab in the job admin view of the Orchestration Console.

Figure 6-3 The Job Configuration Page of the KVM Provisioning Adapter Job

The page includes two subpanels:

There are additional kvm.policy file that are used by the provisioning adapter. You should retain the default values for these settings.

For more information about the how the KVM provisioning adapter works and for a list of the facts in the kvm provisioning adapter policy, see The KVM Provisioning Adapter in the NetIQ Cloud Manager 2.1.5 VM Orchestration Reference.

6.5.1 Authentication Settings

These settings relate to the type of authentication used between KVM hosts in your hypervisor’s environment. You need to set up some form of authentication between KVM hosts so that migrate operations function correctly. The Orchestration Server also uses the authenticated channel to optimize how VM registrations are moved between hosts, though it falls back to a less-efficient method of running joblets on both resources, if necessary. The Authentication Settings subpanel includes the following fact settings:

  • Authentication Type: The default type of authentication used by the libvirt libraries. This setting can be overridden on a per-host basis by setting the vmhost.libvirt.authentication.type fact. Valid values are ssh or tls.

    The setting is listed in the Fact Editor as a String type, named job.libvirt.authentication.type.default.

  • Default User: The default user to use to connect over a secure channel to the libvirt user on a given host. This setting can be overridden on a per-host basis by setting the vmhost.libvirt.authentication.user fact on any given host.

    The setting is listed in the Fact Editor as a String type, named job.libvirt.authentication.user.default.

You are responsible to set up the authentication channel and to advertise it to the Cloud Manager Orchestration Server (Cloud Manager does not attempt to automatically create these connections if they do not exist). For setup instructions for libvirt authentication on SUSE-based hosts, see Chapter 7: Connecting and Authorizing in Part II: Managing Virtual Machines with libvirt of the SLES 11 Virtualization with KVM Administration Guide.

The SSHConfigure job can help you set up SSH authentication, but you must run it manually. The job:

  • Sets up ssh keys for the root user on each kvm host.

  • Imports public keys into the Credential Manager from each host.

  • Propagates hosts’ public keys to other hosts and makes them available for use.

Use the following steps to run the SSHConfigure job manually:

  1. Create a Resource Group that includes each kvm host you want to configure for SSH.

  2. In the Job Configuration page of the Orchestration Console admin view for the SSHConfigure job, edit the settings.

    1. Enter the desired group name for SSH keys. This is the group name for keys in the Credential Manager.

    2. Define the desired SSH user name.

    3. Enter the name of the group you created in Step 2.a above into the Desired Host Group field.

  3. Run the SSHConfigure job by using the SSHConfigure schedule.

6.5.2 Debug Settings

These settings control the amount of information that is reported to a job log. The Debug Settings subpanel includes the following fact settings:

  • Log level: Specifies the level of verbosity for the information recorded in the job log. Values of “OFF”, “CRITICAL”, “ERROR”, “WARN”, “INFO”, “DEBUG”, “FINE”, “FINER”, and “FINEST” produce increasing detail.

    The setting is listed in the Fact Editor as a String type, named job.debugLevel.

  • Enable tracing: Select this check box to log a TRACE statement to the job log each time an annotated job method is entered or exited. The only reason to enable this is to provide additional detail when reporting a bug.

    The setting is listed in the Fact Editor as a Boolean type, named job.traceEnabled.

  • Trace width: Trace statements are formatted so that they do not exceed this line length. The default value is 120.

    The setting is listed in the Fact Editor as an Integer type, named job.traceWidth.

  • Trace depth: Specifies how much argument and return value data is displayed on trace statements. A value of 0 (zero) suppresses method argument and return values from the job log. Larger values indicate how many levels of data should be logged if arguments are nested data structures.

    The setting is listed in the Fact Editor as an Integer type, named job.traceDepth.