Version 11 (modified by anirban, 8 years ago)


Deploying an Authority


Covers types of authorities

Deploying an Eucalyptus/NEuca authority

DOCUMENTATION IN PROGRESS !!! Please come back later

Setup euca/Neuca


Set $ORCA_HOME. Change ownership of this directory to the user on whose behalf the euca site authority is going to run. $ export ORCA_HOME=/opt/orca

Make directories for storing Eucalyptus credentials, ORCA configuration files, Euca site resource description files.

$ mkdir $ORCA_HOME/runtime
$ mkdir $ORCA_HOME/config
$ mkdir $ORCA_HOME/ndl

Set up tomcat

wget tomcat.tar.gz edit and

Generate Resource Representation for the Eucalyptus Site

Put full site rdf in the following directory - $ORCA_HOME/ndl

Runtime credentials

Generate guids and certificates for all the actors in your container. Suppose you have three actors in your container - one for managing the Eucalyptus vms, one for managing the vlans inside the eucalyptus cluster and one for managing vlans when you want to connect your euca cluster to external resources through network transit domains. You need to do the following for each of the three actors in your container. Store the guids, which will be used for configuring the actors.

$ cd $ORCA_SRC/tools/config
$ ant guid
$ ant -Dactor=<guid_output_from_previous_command>

Store runtime credentials in $ORCA_HOME.

$ cp -r $ORCA_SRC/tools/config/runtime/* $ORCA_HOME/runtime/.


$ORCA_HOME/config . Refer to the config files in the repository - config.xml and name it 'config.xml'. $ORCA_HOME/config/config.xml . Remember to insert the correct guids generated in the last step for eac of the actors. . Refer to and name it ''. $ORCA_HOME/config/

Image proxy

ORCA provides the capability for the user to specify urls for the filesystem image, kernel (optional) and ramdisk (optional) in their resource request. The user images would then be used to stand up the vms. The ImageProxy? is used to serve this purpose. Image Proxy with Eucalyptus/NEuca Follow instructions on to setup and run ImageProxy?. To configure ORCA to use the ImageProxy?, follow instructions on ImageProxy with ORCA.

ssh Proxy Tunneling and Using ShoreWall?

When you need access to vm instances created in a private address space separated from the public Internet, ssh proxy tunneling can be used. DNAT Proxy We support Shorewall-DNAT proxy for this purpose. Install and run Shorewall on a machine (the NAT host) that is accessible via the public internet by following instructions at Shorewall setup. To use Shorewall with ORCA, follow instructions for Shorewall configuration for ORCA.

Final Deployment

tomcat restart, state_recovery lock file, deploy to the machine

Some troubleshooting tips