EGI-InSPIRE Building an OpenNebula Cloud Compliant with EGI FedCloud Boris Parák, CESNET 2014-05-23, EGI Community Forum 2014, Helsinki 1 EGI-InSPIRE RI-261323 www.egi.eu
Agenda • OpenNebula in the EGI Federated Cloud • Introduction into OCCI • The rOCCI framework and its components • Hands-on part • Installation & configuration of rOCCI-server • Installation & configuration of rOCCI-cli • Basic VM life-cycle management tasks • Q & A 2014-05-23, EGI Community Forum 2014, Helsinki 2 EGI-InSPIRE RI-261323 www.egi.eu
OCCI What is OCCI? • OCCI → Open Cloud Computing Interface • OGF standard; Core, Infrastructure and HTTP rendering (GFD.183 - 185) • text-based protocol and API focusing on interoperability in the cloud • designed with IaaS clouds in mind • extensible; used for PaaS, SaaS, Brokering, . . . 2014-05-23, EGI Community Forum 2014, Helsinki 3 EGI-InSPIRE RI-261323 www.egi.eu
OCCI Core 2014-05-23, EGI Community Forum 2014, Helsinki 4 EGI-InSPIRE RI-261323 www.egi.eu
OCCI Infrastructure 2014-05-23, EGI Community Forum 2014, Helsinki 5 EGI-InSPIRE RI-261323 www.egi.eu
OCCI IaaS Capabilities 7. Attaching block storage to VMs 1. Creating VMs 8. Detaching block storage 2. Querying VMs from VMs 3. Destroying VMs 9. Attaching network interfaces 4. Triggering basic actions on to VMs VMs 10. Detaching network 5. Creating block storage interfaces from VMs 6. Destroying block storage 11. Using contextualization to modify VMs on boot 2014-05-23, EGI Community Forum 2014, Helsinki 6 EGI-InSPIRE RI-261323 www.egi.eu
OCCI The rOCCI framework 2014-05-23, EGI Community Forum 2014, Helsinki 7 EGI-InSPIRE RI-261323 www.egi.eu
Hands-on Beware 2014-05-23, EGI Community Forum 2014, Helsinki 8 EGI-InSPIRE RI-261323 www.egi.eu
Before Installation Repositories ~# EPEL=http://dl.fedoraproject.org/pub/epel ~# rpm -ivh $EPEL/6/x86_64/epel-release-6-8.noarch.rpm ~# yum install -y gcc-c++ curl-devel httpd \ httpd-devel apr-devel apr-util-devel mod_ssl \ policycoreutils-python mod_security memcached \ openssl-devel zlib-devel git ~# APPDB=http://repository.egi.eu/community/software/rocci.server ~# wget $APPDB/1.0.x/releases/repofiles/sl-6-x86_64.repo \ -O /etc/yum.repos.d/rocci-server-sl-6-x86_64.repo ~# APPDB=http://repository.egi.eu/community/software/rocci.cli ~# wget $APPDB/4.2.x/releases/repofiles/sl-6-x86_64.repo \ -O /etc/yum.repos.d/rocci-cli-sl-6-x86_64.repo 2014-05-23, EGI Community Forum 2014, Helsinki 9 EGI-InSPIRE RI-261323 www.egi.eu
Installation rOCCI-server ~# yum install -y occi-server ~# /opt/occi-server/embedded/bin/passenger-install-apache2-module \ --auto --languages ruby ~# /opt/occi-server/embedded/bin/passenger-install-apache2-module \ --snippet > /etc/httpd/conf.d/passenger.conf ~# echo "Listen 11443" >> /etc/httpd/conf/httpd.conf ~# sed -i 's/SELINUX\s*=\s*enforcing/SELINUX=permissive/' \ /etc/selinux/config ~# setenforce 0 2014-05-23, EGI Community Forum 2014, Helsinki 10 EGI-InSPIRE RI-261323 www.egi.eu
Configuration rOCCI-server I. ~# su - oneadmin ~$ oneuser create rocci '<actual_password_edited_out>' \ --driver server_cipher ~$ oneuser chgrp rocci oneadmin ~$ exit ~# vim /etc/httpd/conf.d/occi-ssl Remove SSL directives, change protocol to http , authentication method to basic , hostname to localhost , and the backend to opennebula . Fill in the authentication information for ONE. ~# service httpd restart 2014-05-23, EGI Community Forum 2014, Helsinki 11 EGI-InSPIRE RI-261323 www.egi.eu
Configuration rOCCI-server II. # configuration for rOCCI-server ## common SetEnv ROCCI_SERVER_LOG_DIR /var/log/occi-server SetEnv ROCCI_SERVER_ETC_DIR /etc/occi-server SetEnv ROCCI_SERVER_PROTOCOL http SetEnv ROCCI_SERVER_HOSTNAME localhost SetEnv ROCCI_SERVER_PORT 11443 SetEnv ROCCI_SERVER_AUTHN_STRATEGIES "basic" SetEnv ROCCI_SERVER_HOOKS dummy SetEnv ROCCI_SERVER_BACKEND opennebula SetEnv ROCCI_SERVER_LOG_LEVEL debug SetEnv ROCCI_SERVER_LOG_REQUESTS_IN_DEBUG yes SetEnv ROCCI_SERVER_TMP /tmp/occi_server SetEnv ROCCI_SERVER_MEMCACHES localhost:11211 ## ONE backend SetEnv ROCCI_SERVER_ONE_XMLRPC http://localhost:2633/RPC2 SetEnv ROCCI_SERVER_ONE_USER rocci SetEnv ROCCI_SERVER_ONE_PASSWD herebedragonsandasupersecretpassword;) 2014-05-23, EGI Community Forum 2014, Helsinki 12 EGI-InSPIRE RI-261323 www.egi.eu
Installation rOCCI-cli ~# yum install occi-cli ~# /opt/occi-cli/bin/occi -d -v ~# ln -sf /opt/occi-cli/bin/occi /usr/bin/occi If you have RVM installed, disable it before running packaged rOCCI-cli! 2014-05-23, EGI Community Forum 2014, Helsinki 13 EGI-InSPIRE RI-261323 www.egi.eu
Usage rOCCI-cli Using the onetest-admin user account as a placeholder. Insert a valid username & password as needed! ~# occi --endpoint http://localhost:11443/ --action list \ --resource os_tpl --auth basic --username onetest-admin \ --password onetest-admin ~# occi --endpoint http://localhost:11443/ --action list \ --resource resource_tpl --auth basic --username onetest-admin \ --password onetest-admin ~# occi --endpoint http://localhost:11443/ --action create \ --resource compute --mixin os_tpl#uuid_ttylinux_0 \ --attribute occi.core.title="My rOCCI VM" \ --auth basic --username onetest-admin \ --password onetest-admin ~# occi ... --action describe --resource /compute/0 ... ~# occi ... --action delete --resource /compute/0 ... 2014-05-23, EGI Community Forum 2014, Helsinki 14 EGI-InSPIRE RI-261323 www.egi.eu
References OCCI & rOCCI • OCCI http://occi-wg.org/ • rOCCI-cli https://github.com/EGI-FCTF/rOCCI-cli • rOCCI-server https://github.com/EGI-FCTF/rOCCI-server • rOCCI-cli packages https://appdb.egi.eu/store/software/rocci.cli • rOCCI-server packages https://appdb.egi.eu/store/software/rocci.server 2014-05-23, EGI Community Forum 2014, Helsinki 15 EGI-InSPIRE RI-261323 www.egi.eu
References EGI FedCloud • EGI FedCloud https://wiki.egi.eu/wiki/Fedcloud-tf • rOCCI-cli with VOMS https://wiki.egi.eu/wiki/Fedcloud-tf:CLI_Environment 2014-05-23, EGI Community Forum 2014, Helsinki 16 EGI-InSPIRE RI-261323 www.egi.eu
Q & A ? parak@cesnet.cz sustr4@cesnet.cz 2014-05-23, EGI Community Forum 2014, Helsinki 17 EGI-InSPIRE RI-261323 www.egi.eu
Recommend
More recommend
