Changes between Version 52 and Version 53 of deploy-am

Show
Ignore:
Timestamp:
05/09/11 18:00:06 (8 years ago)
Author:
ibaldin (IP: 152.54.9.21)
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • deploy-am

    v52 v53  
    3131 
    3232There are instruction on how [wiki:NEuca-in-orca to use NEuca with ORCA], which we will be referring to throughout this document, so it is useful to read through it. 
     33 
     34== Additional components  == 
     35 
     36In addition to Eucalyptus we have developed several components that make a Eucalyptus site more ORCA- and GENI- friendly. These components are: 
     37 
     38 * Image Proxy - permits users to post the images for their VM slivers to be posted on HTTP/FTP/bittorrent and have ORCA automatically download and register this image with each site in a slice.  
     39 * DNAT Proxy - permits public SSH access to VMs/slivers on a Eucalyptus cluster that is hosted behind a firewall (i.e. even Eucalyptus public addresses aren't truly public).  
     40 
     41Image Proxy is a mandatory component, while DNAT proxy is optional. Both components are setup separately, however from ORCA perspective their configuration is managed through $ORCA_HOME/ec2/ec2.site.properties file. The following sections describe how to set up these components.  
     42 
     43=== Image Proxy === 
     44 
     45ORCA provides the capability for the user to specify urls for the filesystem image, kernel (optional) and ramdisk (optional) in their resource request. The user images would then be used to stand up the vms across potentially multiple independent Eucalyptus sites under ORCA control. The Image proxy is used to serve this purpose.  Follow instructions on [https://code.renci.org/gf/project/networkedclouds/wiki/?pagename=ImageProxy] to setup and run Image proxy. To configure ORCA to use the Image proxy, follow instructions on [wiki:image-proxy-with-orca ImageProxy with ORCA]. 
     46 
     47Image Proxy is typically deployed into a separate Axis2 container on the Eucalyptus master host. If not, it can be deployed on a separate host that  
     48 * Has a routable path to Eucalyptus head node 
     49 * Has Eucalyptus user tools installed 
     50 
     51[[Image(image-proxy.png, 30%)]] 
     52 
     53=== ssh DNAT Proxy Tunneling and Using Shorewall === 
     54 
     55When you need access to vm instances created in a private address space separated from the public Internet, ssh proxy tunneling can be used. We support Shorewall-DNAT proxy for this purpose. Install and run Shorewall on a machine (the NAT host) that is accessible via the public internet by following instructions at [wiki:shorewall-dnat-proxy Shorewall setup]. To use Shorewall with ORCA, follow instructions for [wiki:shorewall-with-orca Shorewall configuration for ORCA].  
     56 
     57The DNAT Proxy must be installed on the host that has publicly routable IP address and has a route to the Eucalyptus head node. DNAT Proxy is only needed if the Eucalyptus head node has no publicly routable IP address or has no public IP addresses to give out to the VMs. 
     58 
     59[[Image(dnat-proxy.png, 30%)]] 
     60 
     61== ORCA Configuration == 
    3362 
    3463=== Create a MySQL database for ORCA === 
     
    75104}}} 
    76105 
    77 == Additional components  == 
    78  
    79 In addition to Eucalyptus we have developed several components that make a Eucalyptus site more ORCA- and GENI- friendly. These components are: 
    80  
    81  * Image Proxy - permits users to post the images for their VM slivers to be posted on HTTP/FTP/bittorrent and have ORCA automatically download and register this image with each site in a slice.  
    82  * DNAT Proxy - permits public SSH access to VMs/slivers on a Eucalyptus cluster that is hosted behind a firewall (i.e. even Eucalyptus public addresses aren't truly public).  
    83  
    84 Image Proxy is a mandatory component, while DNAT proxy is optional. Both components are setup separately, however from ORCA perspective their configuration is managed through $ORCA_HOME/ec2/ec2.site.properties file. The following sections describe how to set up these components.  
    85  
    86 === Image Proxy === 
    87  
    88 ORCA provides the capability for the user to specify urls for the filesystem image, kernel (optional) and ramdisk (optional) in their resource request. The user images would then be used to stand up the vms across potentially multiple independent Eucalyptus sites under ORCA control. The Image proxy is used to serve this purpose.  Follow instructions on [https://code.renci.org/gf/project/networkedclouds/wiki/?pagename=ImageProxy] to setup and run Image proxy. To configure ORCA to use the Image proxy, follow instructions on [wiki:image-proxy-with-orca ImageProxy with ORCA]. 
    89  
    90 Image Proxy is typically deployed into a separate Axis2 container on the Eucalyptus master host. If not, it can be deployed on a separate host that  
    91  * Has a routable path to Eucalyptus head node 
    92  * Has Eucalyptus user tools installed 
    93  
    94 [[Image(image-proxy.png, 30%)]] 
    95  
    96 === ssh DNAT Proxy Tunneling and Using Shorewall === 
    97  
    98 When you need access to vm instances created in a private address space separated from the public Internet, ssh proxy tunneling can be used. We support Shorewall-DNAT proxy for this purpose. Install and run Shorewall on a machine (the NAT host) that is accessible via the public internet by following instructions at [wiki:shorewall-dnat-proxy Shorewall setup]. To use Shorewall with ORCA, follow instructions for [wiki:shorewall-with-orca Shorewall configuration for ORCA].  
    99  
    100 The DNAT Proxy must be installed on the host that has publicly routable IP address and has a route to the Eucalyptus head node. DNAT Proxy is only needed if the Eucalyptus head node has no publicly routable IP address or has no public IP addresses to give out to the VMs. 
    101  
    102 [[Image(dnat-proxy.png, 30%)]] 
    103  
    104 == ORCA Configuration == 
    105106 
    106107=== $ORCA_HOME/config/config.xml ===