Changes between Version 83 and Version 84 of deploy-am

Show
Ignore:
Timestamp:
07/26/12 14:25:38 (7 years ago)
Author:
ibaldin (IP: 152.54.9.21)
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • deploy-am

    v83 v84  
    3333 * The cluster is given a pool of VLANs by the network administrator 
    3434 
    35 Each !OpenStack/Eucalyptus cluster is usually managed by two ORCA actors - one for creating intra-site topologies (named xxx-vm-site), which manages both the cluster and the switch ([https://wiki.exogeni.net/doku.php?id=public:software:start ExoGENI uses a more sophisticated configuration] of actors). The other (named xxx-net-site) is used for connecting to connecting slivers from this site to other sites at Layer 2, if the Eucalyptus cluster has access to a dynamic circuit network (NLR, ION, ESnet) either via direct peering or via a pool of static vlans.  
     35Each !OpenStack/Eucalyptus cluster is usually managed by two ORCA actors - one for creating intra-site topologies (named xxx-vm-site), which manages both the cluster and the switch ([https://wiki.exogeni.net/doku.php?id=public:software:start ExoGENI uses a more sophisticated configuration] of actors). The other (named xxx-net-site) is used for connecting to connecting slivers from this site to other sites at Layer 2, if the cluster has access to a dynamic circuit network (NLR, ION, ESnet) either via direct peering or via a pool of static vlans.  
    3636 
    37 === Setup Eucalyptus === 
     37=== Setup !OpenStack/Eucalyptus === 
    3838 
    39 We have [wiki:NEuca-overview modified Eucalyptus] to be more friendly to network experimenters. Follow instructions for setting up Eucalyptus with NEuca patches at [wiki:Eucalyptus-2.0-Setup Eucalyptus 2.x setup with NEuca].   
     39We have [wiki:NEuca-overview modified Eucalyptus] and !OpenStack to be more friendly to network experimenters (we call these modifications 'NEuca'). For !OpenStack, follow [https://geni-orca.renci.org/trac/wiki/OpenStack-Install these instruction]. For Eucalyptus, follow instructions for setting up Eucalyptus with NEuca patches at [wiki:Eucalyptus-2.0-Setup Eucalyptus 2.x setup with NEuca].   
    4040 
    4141There are instructions on how [wiki:NEuca-in-orca to use NEuca with ORCA], which we will be referring to throughout this document, so it is useful to read through it. 
     
    4343== Additional components  == 
    4444 
    45 We have developed several components that make a Eucalyptus site more ORCA- and GENI- friendly. These components are: 
     45We have developed several components that make a cloud site more ORCA- and GENI- friendly. These components are: 
    4646 
    47  * Image Proxy -  downloads and caches shared VM images from the network using HTTP/FTP/bittorrent, and registers them for use within the Eucalyptus site. The Image Proxy allows ORCA users to reference images from virtual appliance servers or distribute custom VM images for use at multiple cloud sites. 
    48  * DNAT Proxy - permits public SSH access to VMs/slivers even when they do not have public IP addresses (e.g., for a Eucalyptus cluster that is hosted behind a firewall).  
     47 * Image Proxy -  downloads and caches shared VM images from the network using HTTP/FTP/bittorrent, and registers them for use within the cloud site. The Image Proxy allows ORCA users to reference images from virtual appliance servers or distribute custom VM images for use at multiple cloud sites. 
     48 * DNAT Proxy - permits public SSH access to VMs/slivers even when they do not have public IP addresses (e.g., for a cluster that is hosted behind a firewall).  
    4949 
    5050Image Proxy is a mandatory component, while DNAT proxy is optional. Both components are set up separately and configured for use by ORCA through the $ORCA_HOME/ec2/ec2.site.properties file. The following sections describe how to set up these components. Be sure to match the [wiki:component-release-compatibility right versions of components] to your ORCA release. 
     
    5555The Image Proxy allows ORCA users to name these objects with URLs, and deploy images at multiple cloud sites easily, without manual registration.  Swarming protocols such as BitTorrent can be used to distribute images to many sites efficiently.  Follow instructions on [https://code.renci.org/gf/project/networkedclouds/wiki/?pagename=ImageProxy] to set up and run Image proxy.  To configure ORCA to use the Image proxy, follow instructions on [wiki:image-proxy-with-orca ImageProxy with ORCA]. 
    5656 
    57 Image Proxy is typically deployed into a separate Axis2 container on the Eucalyptus master host. If not, it can be deployed on a separate host that  
    58  * Has a routable path to Eucalyptus head node 
     57Image Proxy is typically deployed into a separate Axis2 container on the head node. If not, it can be deployed on a separate host that  
     58 * Has a routable path to the head node 
    5959 * Has Eucalyptus user tools installed 
    6060 
     
    6565When you need ''management'' access to VM instances created in a private address space separated from the public Internet, ssh proxy tunneling can be used. We support Shorewall-DNAT proxy for this purpose. Install and run Shorewall on a machine (the NAT host) that is accessible via the public Internet by following instructions at [wiki:shorewall-dnat-proxy Shorewall setup]. To use Shorewall with ORCA, follow instructions for [wiki:shorewall-with-orca Shorewall configuration for ORCA].  
    6666 
    67 The DNAT Proxy must be installed on a host that has a publicly routable IP address and has a route to the Eucalyptus head node. DNAT Proxy is only needed if the Eucalyptus head node has no publicly routable IP address or has no public IP addresses to give out to the VMs. 
     67The DNAT Proxy must be installed on a host that has a publicly routable IP address and has a route to the head node. DNAT Proxy is only needed if the head node has no publicly routable IP address or has no public IP addresses to give out to the VMs. 
    6868 
    6969[[Image(dnat-proxy.png, 30%)]] 
     
    8585Be sure to enable [wiki:configure-with-registry remote actor registry] in container.properties file.  
    8686 
    87 After that create additional directories for storing Eucalyptus site properties and credentials (ec2.site.properties, ec2.cred.properties files) and Euca site resource description files (in NDL-OWL): 
     87After that create additional directories for storing site properties and credentials (ec2.site.properties, ec2.cred.properties files) and Euca site resource description files (in NDL-OWL): 
    8888{{{ 
    8989$ mkdir $ORCA_HOME/ndl 
     
    9191}}} 
    9292 
    93 === Eucalyptus credentials === 
     93=== !OpenStack/Eucalyptus credentials === 
    9494 
    95 Create user 'orca' or similar in your Eucalyptus cluster portal. Go to the portal and download the users credentials zip file. Unzip the contents euca credentials zip file into $ORCA_HOME/ec2.  
     95Use 'nova_manage' to create user 'orca' in !OpenStack or create user 'orca' or similar in your Eucalyptus cluster portal. In Eucalyptus, go to the portal and download the users credentials zip file. Unzip the contents euca credentials zip file into $ORCA_HOME/ec2.  
    9696{{{ 
    9797$ cd $ORCA_HOME/ec2 
    9898$ unzip ~/euca2-orca-x509.zip  
    9999}}} 
    100 Comment out the first line in $ORCA_HOME/ec2/eucarc (ORCA uses native EC2 tools to talk to Eucalyptus, rather then eucalyptus user tools; the first line confuses EC2 tools): 
     100For Eucalyptus comment out the first line in $ORCA_HOME/ec2/eucarc (ORCA uses native EC2 tools to talk to Eucalyptus, rather then eucalyptus user tools; the first line confuses EC2 tools): 
    101101{{{ 
    102102#EUCA_KEY_DIR=$(dirname $(readlink -f ${BASH_SOURCE})) 
    103103}}} 
     104Note that in OpenStack, the file name is 'novarc' instead of 'eucarc' 
    104105 
    105 Generate a key-pair for Euca for the Eucalyptus 'orca' user created above. The name of this keypair is used later to populate the "ec2.ssh.key" property in ec2.site.properties file below. 
     106Generate a key-pair for ORCA for the !OpenStack/Eucalyptus 'orca' user created above. The name of this keypair is used later to populate the "ec2.ssh.key" property in ec2.site.properties file below. 
    106107{{{ 
    107108$ source $$ORCA_HOME/ec2/eucarc 
     
    110111}}} 
    111112 
    112 === Generate and store resource representations for the Eucalyptus Site === 
     113=== Generate and store resource representations for the !OpenStack/Eucalyptus Site === 
    113114 
    114 Generate the NDL resource description of the Eucalyptus site and store it in $ORCA_HOME/ndl. Example of an Eucalyptus site NDL resource description can be found [source:orca/trunk/network/src/main/resources/orca/network/rencivmsite.rdf here]. Consult RENCI staff on how to generate this. Let ORCA_SRC be the root of the downloaded ORCA source. Actor config.xml file will reference this file later. 
     115Generate the NDL resource description of the cluster site and store it in $ORCA_HOME/ndl. Example of a site NDL resource description can be found [source:orca/trunk/network/src/main/resources/orca/network/rencivmsite.rdf here]. Consult RENCI staff on how to generate this. Let ORCA_SRC be the root of the downloaded ORCA source. Actor config.xml file will reference this file later. 
    115116{{{ 
    116117$ cp $ORCA_SRC/network/src/main/resources/orca/network/rencivmsite.rdf $ORCA_HOME/ndl/. 
     
    133134=== $ORCA_HOME/config/config.xml === 
    134135 
    135 An example of a configuration file for a container with site authority actors managing an Eucalyptus/NEuca cluster and a network switch can be found [source:config-files/trunk/euca-m.renci.ben-config.xml here]. Please modify this file to tailor to your installation. At a minimum update the GUIDs (use the GUIDs generated above for each actor), names and descriptions of the two actors. Verify that  
     136An example of a configuration file for a container with site authority actors managing an !OpenStack/Eucalyptus/NEuca cluster and a network switch can be found [source:config-files/trunk/euca-m.renci.ben-config.xml here]. Please modify this file to tailor to your installation. At a minimum update the GUIDs (use the GUIDs generated above for each actor), names and descriptions of the two actors. Verify that  
    136137 * substrate.file 
    137138 * ec2.site.properties