1. Warnings

Important The current guide contains the necessary commands to make a mononode QVD installation, where all the components will installed into the same machine. In a multinode installation will exist additional steps and network configuration may be different.
Important During the process, some packages will be installed and the network configuration will be affected. It is recommended use a testing environment.
Important For practical purposes, the hostname will be identified with the name qvdhost, in your case you must replace it with the name corresponding to your server.

2. Requirements

2.1. Operating System

To download Rocky Linux 8.5 you can go directly to the website rockylinux.org/ to its section downloads. It is recommended to use the minimal version.

2.2. Hardware

  • 2 CPU cores

  • 2 GB of RAM

  • Hard disk at least 20GB

2.3. Database

  • PostgreSQL 13 or higher

2.4. HKD

3. Pre-installation

Open the ports that will be necessary to perform the configuration:

firewall-cmd --zone=public --add-service=ssh --permanent
firewall-cmd --zone=public --add-service=https --permanent
firewall-cmd --reload
Note If the server has a graphical environment and the tests are going to be carried out on it, it is not necessary to open these ports.
rpm --import https://www.theqvd.com/packages/key/public.key
dnf install -y yum-utils
yum-config-manager --add-repo https://www.theqvd.com/packages/rockylinux/8.5/QVD-4.2.0/
dnf update -y

Install the necessary tools

dnf install -y bridge-utils

4. Database installation and configuration

dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm
dnf install -y postgresql-server postgresql-contrib
/usr/bin/postgresql-setup initdb
systemctl enable --now postgresql

4.1. Create a user account

su - postgres
postgres@qvdhost:~$ createuser -SDRP qvd
Enter password for new role: passw0rd
Enter it again: passw0rd

4.2. Create the QVD database

postgres@qvdhost:~$ createdb -O qvd qvddb
postgres@qvdhost:~$ exit

4.3. Change the PostgreSQL configuration

Edit the file /var/lib/pgsql/data/pg_hba.conf and add the following line to the beginning of the section:

# TYPE  DATABASE        USER            ADDRESS                 METHOD
host    qvddb           qvd             127.0.0.1/32            md5

Edit the file /var/lib/pgsql/data/postgresql.conf and set the following parameters:

listen_addresses = '*'
default_transaction_isolation = 'serializable'

Restart PostgreSQL.

systemctl restart postgresql

5. HKD installation

dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
dnf install -y perl-QVD-HKD

Enable HKD service:

systemctl enable --now qvd-hkd

5.1. Basic configuration

Disable SELINUX

setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

Copy the example configuration file to the /etc/qvd/ directory, save it as node.conf, and modify the permissions on it:

cp -v /usr/lib/qvd/config/sample-node.conf /etc/qvd/node.conf
chown root:root /etc/qvd/node.conf
chmod 0640 /etc/qvd/node.conf

Edit the file /etc/qvd/node.conf and modify/add the following entries:

nodename=qvdhost
database.host=127.0.0.1
database.name=qvddb
database.user=qvd
database.password=passw0rd

5.2. QVD tables population

/usr/lib/qvd/bin/qvd-deploy-db.pl

6. Administration tools installation

6.1. SSL Configuration

Note If you already have a certificate signed by a third party, you can skip the auto signed certificate creation and use your signed certificate instead.
Auto signed certificate creation
mkdir /etc/qvd/certs
cd /etc/qvd/certs

Generate a private key.

openssl genrsa 2048 > key.pem

Create a self signed certificate.

openssl req -new -x509 -nodes -sha256 -days 365 -key key.pem > cert.pem
Note OpenSSL will prompt you to enter the various fields that it requires for the certificate. In the field Common Name you must insert the fully qualified domain name of the host that will be running your QVD node.

6.2. API

dnf install -y perl-QVD-API

Create the file /etc/qvd/api.conf with the following content:

database.host=127.0.0.1
database.name=qvddb
database.user=qvd
database.password=passw0rd
api.user=root
api.group=root
path.api.ssl=/etc/qvd/certs

To execute either the CLI as the WAT we must enable the API.

systemctl enable --now qvd-api

Calling to the endpoint info from the browser or using the following command, we will check that the API is working.

curl -k https://localhost:443/api/info

It should return a JSON with system information.

6.3. CLI

dnf install -y perl-QVD-Admin4

Create the file /etc/qvd/qa.conf with the following content:

qa.url=https://localhost:443/
qa.tenant=*
qa.login=superadmin
qa.password=superadmin
qa.format=TABLE
qa.insecure=1
Caution This is just a testing installation guide. Never for be using in production environment. The parameter qa.insecure must be replaced by the parameter qa.ca with your Authority certification path.

With the following command we will check that qa4 is working.

qa4 admin get

It should return the two administrators of the system: admin and superadmin.

.----+------------+----------+-------.
| id | name       | language | block |
+----+------------+----------+-------+
|  1 | superadmin | auto     |    10 |
|  2 | admin      | auto     |    10 |
'----+------------+----------+-------'
Total: 2

6.4. WAT

dnf install -y qvd-wat
Executing the WAT

Visit https://localhost:443

Credentials:

  • username: superadmin@*

  • password: superadmin

7. Basic and indispensable configuration

7.1. Network configuration

7.1.1. Set dnsmasq to be controlled by QVD

rpm -q dnsmasq

If it is not installed:

dnf install -y dnsmasq
[ `systemctl is-enabled dnsmasq.service` == "enabled" ] && systemctl disable dnsmasq.service || echo "success disabled"

7.1.2. Configure IP forwarding

Edit the file /etc/sysctl.d/qvd-sysctl.conf and uncomment the line:

net.ipv4.ip_forward=1

Execute:

sysctl -p

7.1.3. Configure a network bridge

Check if the bridge module is loaded with the command:

modinfo bridge

If it is not loaded, execute:

modprobe --first-time bridge

Creating the Network Bridge

nmcli connection add ifname qvdnet0 connection.type bridge ipv4.addresses 10.3.15.1/24 ipv4.method manual

7.1.4. Configure QVD for your network

qa4 config set tenant_id=-1,key=vm.network.ip.start,value=10.3.15.50
qa4 config set tenant_id=-1,key=vm.network.netmask,value=24
qa4 config set tenant_id=-1,key=vm.network.gateway,value=10.3.15.1
qa4 config set tenant_id=-1,key=vm.network.dns_server,value=10.3.15.254
qa4 config set tenant_id=-1,key=vm.network.bridge,value=qvdnet0

7.2. Configure QVD to use the SSL certificates

qa4 config ssl key=/etc/qvd/certs/key.pem, cert=/etc/qvd/certs/cert.pem
openssl version -d

The previous command may return the following response by default:

OPENSSLDIR: "/etc/pki/tls"
Note If other directory is returned, use it instead /etc/pki/tls for the following steps.

The trusted certificates are stored in /etc/pki/tls/certs.

trusted_ssl_path=/etc/pki/tls/certs
cert_path=/etc/qvd/certs/cert.pem
cert_name=`openssl x509 -noout -hash -in $cert_path`.0
cp $cert_path $trusted_ssl_path/QVD-L7R-cert.pem
ln -s $trusted_ssl_path/QVD-L7R-cert.pem $trusted_ssl_path/$cert_name

7.3. Configure HKD Node

Now, add the node to the solution by running:

qa4 host new name=qvdhost,address=10.3.15.1

8. And now, what?

Should you have any issue, please check the full QVD installation guide.

If you have already done all the steps of this guide, congratulations, you already have a solution QVD installed. Now you should:

  • Configure your fist OSF

  • Install your first image

  • Add your first user

  • Add a VM for your user

We recommend to you to continue with the WAT guide to do these steps.

Once finished, you will only have to connect and try the solution.

Check the Quick guide to install the QVD client in your system.

If you have any question or need additional support, visit our website at http://theqvd.com/ or contact with us at info@theqvd.com.