Implementing On-Premise Private and Hybrid Clouds

Eucalyptus Cloud Journal

Subscribe to Eucalyptus Cloud Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Eucalyptus Cloud Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Working on Ubuntu Enterprise Cloud, I  was wondering if both CC and NC could run on a single machine. Ofcourse, this is not a recommended UEC topology for production use, but thought of giving it a try. Moreover, for experimenting purposes this would be an ideal case, not requiring too many hardware resources. So here goes the process….

Eucalyptus Packages
The eucalyptus packages that form the core part of UEC are:

  • eucalyptus-cloud – Elastic Utility Computing Architecture – Cloud controller
  • eucalyptus-cc – Elastic Utility Computing Architecture – Cluster controller
  • eucalyptus-walrus – Elastic Utility Computing Architecture – Walrus (S3)
  • eucalyptus-sc – Elastic Utility Computing Architecture – Storage controller
  • eucalyptus-nc – Elastic Utility Computing Architecture – Node controller

Cluster Controller Installation
1. Install UEC using Ubuntu Server 9.10 CD.
2. During installation, select Cluster installation. NC installation can be done after this.
3. Select the same “eth0″ interface as public and private interface.
4. Specify some arbitrary IP address range for Public IPs (say 192.168.1.101-192.168.1.200). This can later be changed in /etc/eucalyptus/eucalyptus.conf.

As I selected to install Ubuntu Enterprise Cloud. So eucalyptus-cloud, eucalyptus-cc, eucalyptus-walrus, eucalyptus-sc packages will be automatically installed. If Install Ubuntu Server is selected, these packages need to be installed after installing Ubuntu Server using apt-get.

$ sudo apt-get install eucalyptus-cloud eucalyptus-cc eucalyptus-walrus eucalyptus-sc

Post-Installation
1. Install system updates.

 $ sudo apt-get update
 $ sudo apt-get dist-upgrade

2. For convinence, I installed vim (vim looks more comfortable than vi… :) ).

 $ sudo apt-get install vim

Network Configuration
NC expects a bridge, so created a bridge and added eth0 as an interface. Configured the bridge for a static IP.

auto eth0
 iface eth0 inet manual
auto br0
 iface br0 inet static
 address A.B.C.D
 netmask 255.255.255.0
 network A.B.C.0
 broadcast A.B.C.255
 gateway A.B.C.1
 dns-nameservers W.X.Y.Z
 dns-search mydomain.com
 bridge_ports eth0
 bridge_fd 9
 bridge_hello 2
 bridge_maxage 12
 bridge_stp off

Node Controller Installation
1. Install Node Controller

$ sudo apt-get install eucalyptus-nc

UEC Web Console
The CC can be accessed via a web console with the IP https://A.B.C.D:8443. Using the web console, you would be able to:

  • download the account credentials
  • view currently installed images
  • make available or disable the installed images
  • browse through the store and install available images
  • add/edit/delete/enable/disable users
  • change the CC configuration
  • access external links of Ubuntu and Eucalyptus community
  • register the cloud with Landscape or RightScale

Retreiving Credentials
After installing CC and NC, users of the cloud will need to retrieve their credentials. This can be done either from a web browser or from command line.
I used command line and executed the following commands:

$ mkdir -p ~/.euca
$ chmod 700 ~/.euca
$ cd ~/.euca
$ sudo euca_conf --get-credentials mycreds.zip
$ unzip mycreds.zip
$ cd -

Using Your Credentials
After obtaining the credentials, we need to setup EC2 API and AMI tools on the server using X.509 certificates. For this, source the included “eucarc” file to set up the Eucalyptus environment

$ . ~/.euca/eucarc

This can be added to the ~/.bashrc file, so that the Eucalyptus environment is set up automatically when you log in.

$ echo "[ -r ~/.euca/eucarc ] && . ~/.euca/eucarc" >> ~/.bashrc

Node Registration
Execute following command to register the node:

$ sudo euca_conf --no-rsync --discover-nodes

The above command will prompt for adding the discovered nodes

New node found on A.B.C.D; add it? [Yn]

Since I was interested on running both CC and NC on a single machine, I added only that machine as the node and ignored other nodes present in my network.

Now euca-describe-availability-zones cleanly reports the node registration

$ euca-describe-availability-zones verbose
AVAILABILITYZONE        uec-cloud       A.B.C.D
AVAILABILITYZONE        |- vm types     free / max   cpu   ram  disk
AVAILABILITYZONE        |- m1.small     0002 / 0002   1    128     2
AVAILABILITYZONE        |- c1.medium    0002 / 0002   1    256     5
AVAILABILITYZONE        |- m1.large     0001 / 0001   2    512    10
AVAILABILITYZONE        |- m1.xlarge    0001 / 0001   2   1024    20
AVAILABILITYZONE        |- c1.xlarge    0000 / 0000   4   2048    20

Install store image
I installed the Ubuntu 9.10 – Karmic Koala (i386) image available from the store. After installing from the store euca-describe-images shows the image details.

$ euca-describe-images
IMAGE   eri-0D4D117E    image-store-1268999725/ramdisk.manifest.xml     adminavailable       public  x86_64  ramdisk
IMAGE   eki-F8BF1114    image-store-1268999725/kernel.manifest.xml      adminavailable       public  x86_64  kernel
IMAGE   emi-E2861098    image-store-1268999725/image.manifest.xml       adminavailable       public  x86_64  machine

Test… Test… Test
Before running an instance of this image, we should first create a keypair that can be used to log into the instance. Create a SSH keypair using the command:

if [ ! -e ~/.euca/mykey.priv ]; then
    touch ~/.euca/mykey.priv
    chmod 0600 ~/.euca/mykey.priv
    euca-add-keypair mykey > ~/.euca/mykey.priv
fi

The default security group should be configured to allow SSH access (port 22). I also plan to run Windows VM for which I have allowed access to RDP.

$ euca-describe-groups
$ euca-authorize default -P tcp -p 22 -s 0.0.0.0/0
$ euca-authorize default -P tcp -p 3389 -s 0.0.0.0/0
$ euca-describe-groups
GROUP   admin   default default group
PERMISSION      admin   default ALLOWS  tcp     3389    3389    FROM    CIDR0.0.0.0/0
PERMISSION      admin   default ALLOWS  tcp     22      22      FROM    CIDR0.0.0.0/0

So all set to launch the instance…

From euca-describe-images, get the EMI ID.

$ euca-describe-images
IMAGE   eri-0D4D117E    image-store-1268999725/ramdisk.manifest.xml     adminavailable       public  x86_64  ramdisk
IMAGE   eki-F8BF1114    image-store-1268999725/kernel.manifest.xml      adminavailable       public  x86_64  kernel
IMAGE   emi-E2861098    image-store-1268999725/image.manifest.xml       adminavailable       public  x86_64  machine

Now launch the instance….

$ euca-run-instances emi-E2861098 -k mykey

Alternatively you can launch the instance using Hybridfox.I haven’t tested using ElasticFox.

My eucalyptus.conf

EUCALYPTUS=”/”
EUCA_USER=”eucalyptus”
DISABLE_DNS=”Y”
ENABLE_WS_SECURITY=”Y”
LOGLEVEL=”DEBUG”
CC_PORT=”8774″
SCHEDPOLICY=”ROUNDROBIN”
POWER_IDLETHRESH=”300″
POWER_WAKETHRESH=”300″
NODES=” A.B.C.D”
NC_SERVICE=”axis2/services/EucalyptusNC”
NC_PORT=”8775″
HYPERVISOR=”kvm”
INSTANCE_PATH=”/var/lib/eucalyptus/instances”
VNET_PUBINTERFACE=”br0″
VNET_PRIVINTERFACE=”br0″
VNET_BRIDGE=”br0″
VNET_DHCPDAEMON=”/usr/sbin/dhcpd3″
VNET_DHCPUSER=”dhcpd”
VNET_MODE=”SYSTEM”

# network configuration from the input configuration file
#VNET_MODE=”MANAGED-NOVLAN”
#VNET_SUBNET=”172.19.0.0″
#VNET_NETMASK=”255.255.0.0″
#VNET_DNS=”10.10.6.3″
#VNET_ADDRSPERNET=”32″
#VNET_PUBLICIPS=”A.B.C.xxx-A.B.C.yyy”

I was able to get both SYSTEM and MANAGED_NOVLAN modes. Remember to do a cleanstop and cleanstart of eucalyptus services between changing network modes.

$ sudo service eucalyptus stop CLEAN=1
$ sudo service eucalyptus-nc stop CLEAN=1
$ sudo service eucalyptus start CLEAN=1
$ sudo service eucalyptus-nc start CLEAN=1

Issues: One notable issue that I faced was, some how the directory /var/lib/eucalyptus/instances was having root:root ownership, due to which was preventing the instance from coming up.  Changing the ownership of /var/lib/eucalyptus/instances to eucalyptus:eucalyptus fixed the issue. I need to probe this further to see if this is always the case.


Filed under: Cloud Computing, Eucalyptus

Read the original blog entry...

More Stories By Kiran Murari

Kiran Murari works at CSS Corp. Earlier, he was into the domain of Embedded Networking and has worked on developing software for ARM and MIPS based routers, porting Linux kernel and Linux applications to various hardware platforms like Intel IXP4xx, Xscale and OMAP3. As a part of developing software for routers, he was involved in developing the firewall and IDS/IPS modules. His current interests include Virtualization, Cloud Computing and Embedded devices.