Red Hat Virtualization + Ansible + IdM

RH318

Welcome

Course Objectives and Structure

Schedule

Day 1	Day 2	Day 3	Day 4
Introduction	Deploying Ansible (cont.)	Managing User Accounts and Roles (cont.)	Deploying and Managing Virtual Machines (cont.)
Red Hat Virtualization (RHV) Overview	Implementing Playbooks	Managing RHV Networks	Managing Virtual Machine Images
Installing and Configuring Red Hat Virtualization	Creating and Managing Data Centers and Clusters	Managing RHV Storage	Managing Red Hat Virtualization Infrastructure
Introducing Red Hat Hyperconverged Infrastructure for Virtualization	Centralizing Identity Management	Deploying and Managing Virtual Machines (start)	Comprehensive Review: Red Hat Virtualization
Deploying Ansible (start)	Managing User Accounts and Roles (start)

Orientation to the Classroom Lab Environment

Internationalization

Chapter 1: Red Hat Virtualization (RHV) Overview

Goal: Explain the purpose and architecture of Red Hat Virtualization.

Objectives:

Describe the purpose of Red Hat Virtualization and its architectural design.

Introducing Red Hat Virtualization

Describing Virtualization Concepts

Describing Red Hat Virtualization

Overview of Red Hat Virtualization

Getting Started with Red Hat Virtualization

Quiz: Describing the Concepts of Red Hat Virtualization

Summary

Virtualization allows a single computer to be divided into multiple virtual computers in order to more efficiently use physical computing resources.
Red Hat Virtualization (RHV) is an open source virtualization platform that allows centralized management of hosts, virtual servers, and desktops across an enterprise data center. It consists of three major components: the Red Hat Virtualization Manager, physical hosts, and storage domains.

Summary (continued)

Red Hat Virtualization Manager provides a central management platform for both physical and virtual resources in a Red Hat Virtualization environment, and can be deployed as a Standalone Manager or Self-Hosted Engine.
Data domains store virtual machine disk images and templates. ISO domains store ISO files used for operating system and application deployments.

Chapter 2: Installing and Configuring Red Hat Virtualization

Goal: Install a minimal Red Hat Virtualization (RHV) environment and use it to create a virtual machine.

Objectives:

Install Red Hat Virtualization Manager (RHV-M) as a VM on the Red Hat Virtualization Host system.
Configure storage domains in Red Hat Virtualization that can be used to store virtual machine disks and installation media.
Use the Administration Portal to manually create a Linux virtual machine running in the Red Hat Virtualization environment.

Installing a Red Hat Virtualization Host

Deploying Red Hat Virtualization

RHV Infrastructure Deployment Options

Describing Red Hat Virtualization Hosts

System Requirements

Installing Red Hat Virtualization Host

RHV-H Anaconda Installer Main Screen

Managing Red Hat Virtualization Host

Virtualization Dashboard on a Red Hat Virtualization Host

Guided Exercise: Viewing a Red Hat Virtualization Host

Installing Red Hat Virtualization Manager

Red Hat Virtualization Manager

Installation and Configuration Process

Red Hat Virtualization Hosted Engine Setup

Hosted Engine Deployment Configuration

Storage Configuration

Accessing the Administration Portal

Red Hat Virtualization Manager Landing Page

Administration Portal Login Screen

Administration Portal Dashboard

Guided Exercise: Installing a Self-hosted Red Hat Virtualization Manager

Configuring Storage for Virtual Machines and Installation Media

Storage Domains

Preparing NFS Exports for Storage Domains

The hosted_storage Data Domain

Details of the hosted_storage Data Domain.

Uploading ISO Files to a Data Domain

Upload Image Screen with Successful Connection Test.

The ovirt-engine Certificate Needs to be Downloaded.

Download the ovirt-engine Certificate and Trust It to Identify Websites.

Guided Exercise: Configuring Storage for Virtual Machines and Installation Media

Creating a Linux Virtual Machine

Installing Console Components on Client Systems

Creating a New Virtual Machine

New Virtual Machine Window

New Virtual Disk Window

Booting the Virtual Machine

Run Virtual Machine(s) Boot Options

Run Virtual Machine(s) Console Settings

Opening a Remote Viewer File

RHEL boot ISO menu with Kickstart Kernel Parameter

Controlling Virtual Machines

Guided Exercise: Creating a Linux Virtual Machine

Installing and Configuring Red Hat Virtualization

Summary

RHV-H leverages Anaconda for installation, LVM for image management, and web console for administration and monitoring.
The Administration Portal provides various controls for the management of physical and virtual resources in a RHV environment. RHV-M also exposes REST APIs and SDKs for various programming languages.

Summary (continued)

A data domain is a centrally accessed repository for virtual machines disk and images files, ISO files, and other data accessible to all hosts in a RHV data center. NFS, iSCSI, as well as other protocols, can be used for storage domains.
The Remote Viewer application is used to access the consoles of RHV virtual machines from client systems. On a Red Hat Enterprise Linux client system, the spice-xpi package installs Remote Viewer and all required plugins.

Chapter 3: Introducing Red Hat Hyperconverged Infrastructure for Virtualization

Goal: Describe how to install and maintain a minimal Red Hat Hyperconverged Infrastructure (RHHI-V) environment.

Objectives:

Describe how to install Red Hat Virtualization Manager and Red Hat Gluster Storage as a self-hosted, hyperconverged deployment on Red Hat Virtualization Hosts.
Perform maintenance tasks to manage RHHI-V storage, high availability, and geo-replication.

Deploying Red Hat Hyperconverged Infrastructure for Virtualization

Introducing Red Hat Hyperconverged Infrastructure for Virtualization (RHHI-V)

The RHHI-V architecture of a single pod

Installing a RHHI-V Pod

The Gluster Configuration window opens

Specify hyperconverged hosts

Specify management network FQDNs

Specify the volumes needed

Specify the brick layout

Specify the hosted engine virtual machine

Specify the management parameters

Specify the hosted engine storage

Verify the hosted engine deployment in the Dashboard

Deploying Red Hat Hyperconverged Infrastructure for Virtualization

Maintaining Red Hat Hyperconverged Infrastructure for Virtualization

Maintaining a RHHI-V Pod

Managing and Scaling Storage

Creating a brick

Quiz: Maintaining Red Hat Hyperconverged Infrastructure for Virtualization

Summary

RHHI-V is a tuned combination of RHEL, RHV, and Red Hat Gluster Storage, with an OVN SDN stack, VDO, and Red Hat Ansible Automation.
RHHI-V pods are installed as a self-hosted cluster, with hypervisor hosts in multiples of 3.
Managing a RHHI-V pod is almost identical to managing standard RHV clusters and standalone Gluster storage.
Installation and maintenance of RHHI-V pods primarily uses the Web Console and Administration Portal browser utilities.

Chapter 4: Deploying Ansible

Goal: Configure Ansible to manage hosts and run ad hoc Ansible commands.

Objectives:

Describe Ansible inventory concepts and manage a static inventory file. Describe where Ansible configuration files are located, how Ansible selects them, and edit them to apply changes to default settings. Run a single Ansible automation task using an ad hoc command and explain some use cases for ad hoc commands. Configure Ansible to be used with Red Hat Virtualization

Building an Ansible Inventory

The Inventory

Static Inventory

Dynamic Inventory

Guided Exercise: Building an Ansible Inventory

Managing Ansible Configuration Files

Configuring Ansible

Configuration File Precedence

Managing Settings in the Configuration File

Configuring Connections

Configuration File Comments

Guided Exercise: Managing Ansible Configuration Files

Running Ad Hoc Commands

Running Ad Hoc Commands with Ansible

Configuring Connections for Ad Hoc Commands

Guided Exercise: Running Ad Hoc Commands

Using Ansible with Red Hat Virtualization

Configuring and Managing RHV Systems

Ansible Requirements for Managing a RHV Environment

Running an Ansible Playbook with Vault

Guided Exercise: Preparing Ansible for Red Hat Virtualization

Lab: Deploying Ansible

Summary

Any system on which Ansible is installed and which has access to the right configuration files and playbooks to manage remote systems (managed hosts) is called a control node.
Managed hosts are defined in the inventory. Host patterns are used to reference managed hosts defined in an inventory.
Inventories can be static files or dynamically generated by a program from an external source, such as a directory service or cloud management system.
The location of the inventory is controlled by the Ansible configuration file in use, but most frequently is kept with the playbook files.

Summary (continued)

Ansible looks for its configuration file in a number of places in order of precedence. The first configuration file found is used; all others are ignored.
The ansible command is used to perform ad hoc commands on managed hosts.
Ad hoc commands determine the operation to perform through the use of modules and their arguments.
Ad hoc commands requiring additional permissions can make use of Ansible's privilege escalation features.

Chapter 5: Implementing Playbooks

Goal: Write a simple Ansible Playbook and run it to automate tasks on multiple hosts.

Objectives:

Write a basic Ansible Playbook and run it using the ansible-playbook command. Effectively use ovirt modules and learn about playbook components for managing a Red Hat Virtualization environment. Write a playbook that uses multiple plays and per-play privilege escalation. Effectively use ansible-doc to learn how to use new modules to implement tasks for a play.

Writing and Running Playbooks

Ansible Playbooks and Ad Hoc Commands

Format of an Ansible Playbook

Running Playbooks

Guided Exercise: Writing and Running Playbooks

Red Hat Virtualization Ansible Playbook Components

Ansible Playbook Components

Demonstration: Complete Ansible Playbook

Guided Exercise: Creating an Ansible Playbook for Red Hat Virtualization

Implementing Multiple Plays

Writing Multiple Plays

Remote Users and Privilege Escalation in Plays

Finding Modules for Tasks

Playbook Syntax Variations

Guided Exercise: Implementing Multiple Plays

Lab: Implementing Playbooks

Summary

Summary (continued)

Chapter 6: Creating and Managing Data Centers and Clusters

Goal: Organize hypervisors into groups using data centers and clusters.

Objectives:

Explain the purpose of a data center for organizing hosts, and create a new data center.
Explain how clusters are used to group hosts in a data center, and create a new cluster.

Creating and Managing Data Centers

Introduction to Data Centers

Data centers

Creating a New Data Center

Available data centers

Data center's name

Data center's quota mode

Data center resource configuration wizard

Uninitialized status

Creating a New Data Center with Ansible

Guided Exercise: Creating and Managing Data Centers

Creating and Managing Clusters

Introduction to Clusters

Creating a New Cluster

Host's CPU type

New cluster form

Cluster's CPU type

Cluster network and service options

Creating a New Cluster with Ansible

MAC Address Pools

Guided Exercise: Creating and Managing Clusters

Lab: Creating and Managing Data Centers and Clusters

Lab: Creating and Managing Data Centers and Clusters Using Ansible

Summary

A data center consists of a collection of logical resources, including clusters, hosts, logical networks, and storage domains.
A cluster is a group of hosts in a single data center that act as a migration domain for virtual machines. The hosts do not need to have the same CPU physically, but their hardware does have to match the features that the cluster's CPU type provides.

Summary (continued)

The CPU type of the cluster specifies which CPU features are supported by the hardware of every host in the cluster.
The installation process automatically creates a data center named Default containing an empty cluster named Default.
Additional data centers and clusters can be created in the RHVM Administration Portal.

Chapter 7: Centralizing Identity Management

Goal: Explain the services running on an IdM server, and discuss IdM clients.

Objectives:

Manage centralized Identity Management content in a newly-installed IdM environment.
Implement Identity Management clients in an enterprise environment using both manual and automated methods.

Managing IdM Server Content

Introduction to Identity Management Services

Identity Management server hosted services

Managing the IdM Server From the Command Line

Managing Users in IdM

IdM Web Console

Managing Password Policies in IdM

User Life Cycle

User life cycle

Managing User Account States

Staging users in IdM

Managing Server Content

Guided Exercise: Guided Exercise: Managing IdM Server Content

Managing IdM Clients

Installing Identity Management Clients

Installation Methods

Enrolling IdM Clients Using Kickstart

Uninstalling Clients

IdM Client Components

Hosted services on IdM clients.

Exploring the IdM Web Console

The IdM web console

Managing services with the web console

Managing users with the web console

Exploring Client Log Files

Managing IdM Clients Content

Guided Exercise: Guided Exercise: Managing IdM Clients

Lab: Lab: Centralizing Identity Management

Summary

The IdM command-line tools include the ipactl, kinit, klist, and ipa commands. Most management tasks can also be performed using the IdM web UI. The ipa subcommands take the form object-action, where common actions include add, mod, del, show, and find.
IdM clients can be installed interactively or unattended.IdM also supports non-Linux clients.The IdM client software does not use a daemon, it configures standard software such as Kerberos, LDAP, SSSD, and ntpd.

Chapter 8: Managing User Accounts and Roles

Goal: Configure user accounts using a central directory service. Assign access to resources based on job responsibilities using roles.

Objectives:

Configure Red Hat Virtualization to authenticate users based on information in a central directory service.
Control resource access and management in Red Hat Virtualization using Roles.
Explain the purposes of the User Portal and the Administration Portal, and provide a high-level overview of these user interfaces.

Integrating Users from an External LDAP Server

Describing Users in Red Hat Virtualization

Red Hat Virtualization Authentication Provider

Configuring an External LDAP Provider

Guided Exercise: Integrating Users from an External Directory Service

Controlling User Access with Roles

Managing User Access

Roles and permissions

The hierarchical layout of objects in Red Hat Virtualization

Assigning Roles to Users

Accessing configure dialog box

Adding users

Adding permissions

Accessing Resources

Accessing the resource objects

Adding Permissions

Assigning Role to users at resource level

Assigning Roles to Users Using Ansible

Resetting the Internal Administration User's Password

Guided Exercise: Controlling User Access with Roles

Navigating the VM Portal and the Administration Portal

Accessing and Using the VM Portal

VM portal

Virtual machine statistics

Accessing and Using the Administration Portal

Administration portal

Searching Resources

Guided Exercise: Navigating the VM Portal and the Administration Portal

Lab: Managing User Accounts and Roles

Summary

Using the Red Hat Enterprise Linux Identity Manager as a source for your Red Hat Virtualization environment, simplifies user and group management.
Users can be assigned roles which apply to the entire Red Hat Virtualization environment, or only to a specific object (such as a virtual machine or a data center).
The admin@internal account is created at installation time as a default user that has the system-wide SuperUser role.

Summary (continued)

The VM Portal allows for easy access to the console of a virtual machine, as well as the ability to start, stop, restart, or shutdown.
The Administration Portal is dedicated to administrators of your Red Hat Virtualization environment. This portal is designed for users who need to manage the Red Hat Virtualization environment resources.

Chapter 9: Managing RHV Networks

Goal: Separate network traffic into multiple networks on one or more interfaces to improve the performance and security of Red Hat Virtualization.

Objectives:

Create logical networks to segregate traffic in a data center.
Configure hosts to use available logical networks.
Configure RHV to use networks provided by an external OpenStack provider.

Managing Logical Networks

Networking in Red Hat Virtualization

RHV logical VM networking

Logical Network Configuration at RHV Logical Layers

Creating Logical Networks

Creating Logical Networks Using Ansible

Guided Exercise: Managing Logical Networks

Configuring Hosts to Use Logical Networks

Adding Logical Networks to RHV-H Hosts

Non Operational network state

Assigning a network to a host NIC

Viewing or Editing a Logical Network's Parameters

Adding Logical Networks to RHV-H Hosts Using Ansible

Automating Attachment Using Labels

Guided Exercise: Configuring Hosts to Use Logical Networks

Configuring External Network Providers

Integrating Virtualization and Cloud

Quiz: Configuring External Network Providers

Lab: Managing RHV Networks

Summary

Logical networks allow different types of network traffic to be separated onto different VLANs or physical networks.
Logical networks are defined in a particular data center, and assigned to one or more clusters for specific uses.
VM Networks can be used by virtual machines directly, and a Linux bridge is used by the host to connect virtual machines on a VM Network to one of its network interfaces.

Summary (continued)

Once a logical network is assigned to a cluster, it must also be associated with a specific network interface on a host so that it can be used.
Network labels can be used to automatically assign logical networks to network interfaces on hosts.

Chapter 10: Managing RHV Storage

Goal: Create and manage data storage domains.

Objectives:

Explain how data storage domains and the Storage Pool Manager work.
Create and manage data storage domains from NFS, iSCSI, and GlusterFS sources.
Explain how to configure volume and image storage from an external OpenStack provider.

Creating and Managing Storage Domains

Storage Domain Overview

Types of Storage Domain Back Ends

Describing the Storage Pool Manager

Storage Pool Manager writing metadata

Storage Domain Types

Configuring an NFS backed Storage Domain

Creating an NFS-based storage domain

Configuring an iSCSI backed Storage Domain

Creating an iSCSI backed storage domain

Configuring a GlusterFS backed Storage Domain

Red Hat Virtualization Integrated with Red Hat Gluster Storage

Storage Domain Configuration with Ansible

Storage Domain Administration with Ansible

Guided Exercise: Creating and Managing Storage Domains

Configuring External Storage Providers

Describing External Providers

Configuring External Providers

Quiz: Configuring External Storage Providers

Lab: Managing RHV Storage

Summary

The Storage Pool Manager (SPM) updates the storage domain configuration and metadata requested by Red Hat Virtualization Manager.
When creating a storage domain, the host that can access the new storage is specified in the Host to Use field.
When using iSCSI backed data domains, the SPM uses logical volume management (LVM) to configure each virtual machine disk.
The external providers help Red Hat Virtualization to use the preexisting resources from an external source.

Chapter 11: Deploying and Managing Virtual Machines

Goal: Operate virtual machines in the Red Hat Virtualization environment.

Objectives:

Install virtual machines that are optimized and configured for the Red Hat Virtualization environment.
Utilize Ansible to manage virtual machines.
Change configuration or virtual hardware of an existing virtual machine.
Create a template of a Red Hat Enterprise Linux virtual machine, and use it to deploy a new virtual machine.
Deploy a virtual machine using a template configured to use cloud-init.
Utilize Ansible to manage virtual machine templates.

Installing Virtual Machines

Describing Virtual Machines

Installing a New Virtual Machine

Creating the Virtual Machine

Installing a Virtual Machine Using an ISO Image

Run Virtual Machine(s) window

Manual Installation of Guest Drivers and Agents

Cloning a Virtual Machine

Guided Exercise: Installing Virtual Machines

Managing Virtual Machines Using Ansible

Virtual Machine Management with Ansible

Editing Virtual Machine Hardware

Editing a Virtual Machine

Edit Virtual Machine window

Configuring Virtual NUMA

Hot-Plugging Network Interfaces and Disks

Adding Network Interfaces

Adding Disks

Guided Exercise: Editing Virtual Machine Hardware

Creating and Deploying Virtual Machines with Templates

Rapid Deployments Using Templates

Creating a Template from a Virtual Machine

New Template window

Using a Template to Create a New Virtual Machine

Guided Exercise: Creating and Deploying Virtual Machines with Templates

Automating Virtual Machine Configuration with cloud-init

cloud-init Overview

Preparing the Template

Edit Template window

Using cloud-init to Configure a New Virtual Machine

Guided Exercise: Automating Virtual Machine Configuration

Using Ansible with Virtual Machine Templates

Using Ansible for Template Automation

Lab: Deploying and Managing Virtual Machines

Summary

Installing guest agents for Red Hat Enterprise Linux and Microsoft Windows allows RHV-M to see additional virtual machine information, such as the host name, IP address, and logged in users.
Advanced Options allow you to refine the hardware on your virtual machine, including specifying the number of virtual sockets, cores, threads per core, and a CPU type for the virtual machine.
A template is a copy of a virtual machine used to simplify subsequent creation of similar virtual machines.

Summary (continued)

A virtual machine that will be used as a template must be sealed by removing any configuration information, authentication keys, and data unique to the original machine.
The cloud-init tool can automate provisioning of new virtual machines to help prevent configuration conflicts.

Chapter 12: Managing Virtual Machine Images

Goal: Manage virtual machine snapshots and disk images.

Objectives:

Create, restore, and delete snapshots of virtual machine images.
Import and export virtual machine images between data centers in a Red Hat Virtualization environment.

Creating and Using Image Snapshots

Snapshots of Virtual Machines

Creating a Snapshot of a Virtual Machine

Rolling Back to an Earlier Snapshot

Cloning a Virtual Machine from a Snapshot

Deleting a Snapshot

Managing Snapshots With Ansible

Guided Exercise: Creating and Using Image Snapshots

Guided Exercise: Creating Virtual Machine Snapshots Using Ansible

Importing and Exporting Virtual Machine Images

Managing Virtual Machine Images

Importing Virtual Machine Images into RHV

Moving VM Disks to a New Data Domain

Exporting Virtual Machines to a Different Data Center

Guided Exercise: Importing and Exporting Virtual Machine Images

Lab: Managing Virtual Machine Images

Summary

A snapshot saves the state of a virtual machine at a given point in time.
Snapshots allow administrators to preserve the state of a virtual machine before making changes, and they can revert the virtual machine to that state if the changes are bad.
A new virtual machine can be cloned from any snapshot.
RHV-M can import virtual machine images using the Administration Portal.

Summary (continued)

RHV-M exports virtual machines to another data center by moving them to a separate data domain, and then reassigning the entire data domain to the new data center.
Export domains are an obsolete mechanism that can be used to import virtual machines and move them from one data center to another, and can also be used to export virtual machines from the RHV environment.

Chapter 13: Managing Red Hat Virtualization Infrastructure

Goal: Back up, restore, and upgrade the software in a Red Hat Virtualization environment.

Objectives:

Backup and restore a Red Hat Virtualization Manager (RHV-M) server.
Perform upgrades and minor updates to Red Hat Virtualization Manager and Red Hat Virtualization Hosts.

Backing Up and Restoring Red Hat Virtualization Manager

Backing Up Red Hat Virtualization Manager

Restoring Red Hat Virtualization Manager

Overwriting a RHV-M Installation

Guided Exercise: Backing Up and Restoring Red Hat Virtualization Manager

Updating and Upgrading Red Hat Virtualization

Updating RHV-M

Updating Red Hat Virtualization Hosts

Guided Exercise: Updating and Upgrading Red Hat Virtualization

Lab: Backing Up and Upgrading Red Hat Virtualization

Summary

As part of a backup strategy, the engine-backup utility can be used to back up the RHV-M database and configuration files into a single archive file that can be easily stored.
Administrators can use the host upgrade manager to update RHV-H hosts directly from the Administration Portal.
To ensure RHV-M is correctly updated without inadvertently installing incompatible versions of the RHV-M packages, a number of RHV-related packages are protected from updates and are skipped by a normal yum update command.