root / docs / quick-install-admin-guide.rst @ 2c85833e
History | View | Annotate | Download (55 kB)
1 | bdb83fd6 | cven | .. _quick-install-admin-guide: |
---|---|---|---|
2 | bdb83fd6 | cven | |
3 | bdb83fd6 | cven | Administrator's Quick Installation Guide |
4 | a96ec00f | Constantinos Venetsanopoulos | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
5 | a96ec00f | Constantinos Venetsanopoulos | |
6 | a96ec00f | Constantinos Venetsanopoulos | This is the Administrator's quick installation guide. |
7 | a96ec00f | Constantinos Venetsanopoulos | |
8 | a96ec00f | Constantinos Venetsanopoulos | It describes how to install the whole synnefo stack on two (2) physical nodes, |
9 | a96ec00f | Constantinos Venetsanopoulos | with minimum configuration. It installs synnefo from Debian packages, and |
10 | a96ec00f | Constantinos Venetsanopoulos | assumes the nodes run Debian Squeeze. After successful installation, you will |
11 | a96ec00f | Constantinos Venetsanopoulos | have the following services running: |
12 | a96ec00f | Constantinos Venetsanopoulos | |
13 | a96ec00f | Constantinos Venetsanopoulos | * Identity Management (Astakos) |
14 | dad708b4 | Antony Chazapis | * Object Storage Service (Pithos+) |
15 | a96ec00f | Constantinos Venetsanopoulos | * Compute Service (Cyclades) |
16 | a96ec00f | Constantinos Venetsanopoulos | * Image Registry Service (Plankton) |
17 | a96ec00f | Constantinos Venetsanopoulos | |
18 | a96ec00f | Constantinos Venetsanopoulos | and a single unified Web UI to manage them all. |
19 | a96ec00f | Constantinos Venetsanopoulos | |
20 | a96ec00f | Constantinos Venetsanopoulos | The Volume Storage Service (Archipelago) and the Billing Service (Aquarium) are |
21 | a96ec00f | Constantinos Venetsanopoulos | not released yet. |
22 | a96ec00f | Constantinos Venetsanopoulos | |
23 | dad708b4 | Antony Chazapis | If you just want to install the Object Storage Service (Pithos+), follow the guide |
24 | a96ec00f | Constantinos Venetsanopoulos | and just stop after the "Testing of Pithos+" section. |
25 | a96ec00f | Constantinos Venetsanopoulos | |
26 | a96ec00f | Constantinos Venetsanopoulos | |
27 | a96ec00f | Constantinos Venetsanopoulos | Installation of Synnefo / Introduction |
28 | a96ec00f | Constantinos Venetsanopoulos | ====================================== |
29 | a96ec00f | Constantinos Venetsanopoulos | |
30 | a96ec00f | Constantinos Venetsanopoulos | We will install the services with the above list's order. Cyclades and Plankton |
31 | a96ec00f | Constantinos Venetsanopoulos | will be installed in a single step (at the end), because at the moment they are |
32 | a96ec00f | Constantinos Venetsanopoulos | contained in the same software component. Furthermore, we will install all |
33 | a96ec00f | Constantinos Venetsanopoulos | services in the first physical node, except Pithos+ which will be installed in |
34 | a96ec00f | Constantinos Venetsanopoulos | the second, due to a conflict between the snf-pithos-app and snf-cyclades-app |
35 | a96ec00f | Constantinos Venetsanopoulos | component (scheduled to be fixed in the next version). |
36 | a96ec00f | Constantinos Venetsanopoulos | |
37 | a96ec00f | Constantinos Venetsanopoulos | For the rest of the documentation we will refer to the first physical node as |
38 | a96ec00f | Constantinos Venetsanopoulos | "node1" and the second as "node2". We will also assume that their domain names |
39 | a96ec00f | Constantinos Venetsanopoulos | are "node1.example.com" and "node2.example.com" and their IPs are "4.3.2.1" and |
40 | a96ec00f | Constantinos Venetsanopoulos | "4.3.2.2" respectively. |
41 | a96ec00f | Constantinos Venetsanopoulos | |
42 | a96ec00f | Constantinos Venetsanopoulos | |
43 | a96ec00f | Constantinos Venetsanopoulos | General Prerequisites |
44 | a96ec00f | Constantinos Venetsanopoulos | ===================== |
45 | a96ec00f | Constantinos Venetsanopoulos | |
46 | a96ec00f | Constantinos Venetsanopoulos | These are the general synnefo prerequisites, that you need on node1 and node2 |
47 | a96ec00f | Constantinos Venetsanopoulos | and are related to all the services (Astakos, Pithos+, Cyclades, Plankton). |
48 | a96ec00f | Constantinos Venetsanopoulos | |
49 | a96ec00f | Constantinos Venetsanopoulos | To be able to download all synnefo components you need to add the following |
50 | a96ec00f | Constantinos Venetsanopoulos | lines in your ``/etc/apt/sources.list`` file: |
51 | a96ec00f | Constantinos Venetsanopoulos | |
52 | d109485a | Constantinos Venetsanopoulos | | ``deb http://apt.dev.grnet.gr squeeze main`` |
53 | d109485a | Constantinos Venetsanopoulos | | ``deb-src http://apt.dev.grnet.gr squeeze main`` |
54 | a96ec00f | Constantinos Venetsanopoulos | |
55 | a96ec00f | Constantinos Venetsanopoulos | You also need a shared directory visible by both nodes. Pithos+ will save all |
56 | a96ec00f | Constantinos Venetsanopoulos | data inside this directory. By 'all data', we mean files, images, and pithos |
57 | a96ec00f | Constantinos Venetsanopoulos | specific mapping data. If you plan to upload more than one basic image, this |
58 | a96ec00f | Constantinos Venetsanopoulos | directory should have at least 50GB of free space. During this guide, we will |
59 | a96ec00f | Constantinos Venetsanopoulos | assume that node1 acts as an NFS server and serves the directory ``/srv/pithos`` |
60 | a96ec00f | Constantinos Venetsanopoulos | to node2. Node2 has this directory mounted under ``/srv/pithos``, too. |
61 | a96ec00f | Constantinos Venetsanopoulos | |
62 | a96ec00f | Constantinos Venetsanopoulos | Before starting the synnefo installation, you will need basic third party |
63 | a96ec00f | Constantinos Venetsanopoulos | software to be installed and configured on the physical nodes. We will describe |
64 | a96ec00f | Constantinos Venetsanopoulos | each node's general prerequisites separately. Any additional configuration, |
65 | a96ec00f | Constantinos Venetsanopoulos | specific to a synnefo service for each node, will be described at the service's |
66 | a96ec00f | Constantinos Venetsanopoulos | section. |
67 | a96ec00f | Constantinos Venetsanopoulos | |
68 | a96ec00f | Constantinos Venetsanopoulos | Node1 |
69 | a96ec00f | Constantinos Venetsanopoulos | ----- |
70 | a96ec00f | Constantinos Venetsanopoulos | |
71 | a96ec00f | Constantinos Venetsanopoulos | General Synnefo dependencies |
72 | a96ec00f | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
73 | a96ec00f | Constantinos Venetsanopoulos | |
74 | a96ec00f | Constantinos Venetsanopoulos | * apache (http server) |
75 | a96ec00f | Constantinos Venetsanopoulos | * gunicorn (WSGI http server) |
76 | a96ec00f | Constantinos Venetsanopoulos | * postgresql (database) |
77 | a96ec00f | Constantinos Venetsanopoulos | * rabbitmq (message queue) |
78 | a96ec00f | Constantinos Venetsanopoulos | |
79 | a96ec00f | Constantinos Venetsanopoulos | You can install the above by running: |
80 | a96ec00f | Constantinos Venetsanopoulos | |
81 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
82 | a96ec00f | Constantinos Venetsanopoulos | |
83 | bdfd94c9 | Constantinos Venetsanopoulos | # apt-get install apache2 postgresql rabbitmq-server |
84 | a96ec00f | Constantinos Venetsanopoulos | |
85 | 73ff1d54 | Constantinos Venetsanopoulos | Make sure to install gunicorn >= v0.12.2. You can do this by installing from |
86 | 73ff1d54 | Constantinos Venetsanopoulos | the official debian backports: |
87 | 73ff1d54 | Constantinos Venetsanopoulos | |
88 | 73ff1d54 | Constantinos Venetsanopoulos | .. code-block:: console |
89 | 73ff1d54 | Constantinos Venetsanopoulos | |
90 | 73ff1d54 | Constantinos Venetsanopoulos | # apt-get -t squeeze-backports install gunicorn |
91 | 73ff1d54 | Constantinos Venetsanopoulos | |
92 | 73ff1d54 | Constantinos Venetsanopoulos | On node1, we will create our databases, so you will also need the |
93 | 73ff1d54 | Constantinos Venetsanopoulos | python-psycopg2 package: |
94 | a96ec00f | Constantinos Venetsanopoulos | |
95 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
96 | a96ec00f | Constantinos Venetsanopoulos | |
97 | a96ec00f | Constantinos Venetsanopoulos | # apt-get install python-psycopg2 |
98 | a96ec00f | Constantinos Venetsanopoulos | |
99 | a96ec00f | Constantinos Venetsanopoulos | Database setup |
100 | a96ec00f | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~ |
101 | a96ec00f | Constantinos Venetsanopoulos | |
102 | a96ec00f | Constantinos Venetsanopoulos | On node1, we create a database called ``snf_apps``, that will host all django |
103 | a96ec00f | Constantinos Venetsanopoulos | apps related tables. We also create the user ``synnefo`` and grant him all |
104 | a96ec00f | Constantinos Venetsanopoulos | privileges on the database. We do this by running: |
105 | a96ec00f | Constantinos Venetsanopoulos | |
106 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
107 | a96ec00f | Constantinos Venetsanopoulos | |
108 | a96ec00f | Constantinos Venetsanopoulos | root@node1:~ # su - postgres |
109 | a96ec00f | Constantinos Venetsanopoulos | postgres@node1:~ $ psql |
110 | a96ec00f | Constantinos Venetsanopoulos | postgres=# CREATE DATABASE snf_apps WITH ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE=template0; |
111 | a96ec00f | Constantinos Venetsanopoulos | postgres=# CREATE USER synnefo WITH PASSWORD 'example_passw0rd'; |
112 | a96ec00f | Constantinos Venetsanopoulos | postgres=# GRANT ALL PRIVILEGES ON DATABASE snf_apps TO synnefo; |
113 | a96ec00f | Constantinos Venetsanopoulos | |
114 | a96ec00f | Constantinos Venetsanopoulos | We also create the database ``snf_pithos`` needed by the pithos+ backend and |
115 | a96ec00f | Constantinos Venetsanopoulos | grant the ``synnefo`` user all privileges on the database. This database could |
116 | a96ec00f | Constantinos Venetsanopoulos | be created on node2 instead, but we do it on node1 for simplicity. We will |
117 | a96ec00f | Constantinos Venetsanopoulos | create all needed databases on node1 and then node2 will connect to them. |
118 | a96ec00f | Constantinos Venetsanopoulos | |
119 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
120 | a96ec00f | Constantinos Venetsanopoulos | |
121 | 73ff1d54 | Constantinos Venetsanopoulos | postgres=# CREATE DATABASE snf_pithos WITH ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE=template0; |
122 | a96ec00f | Constantinos Venetsanopoulos | postgres=# GRANT ALL PRIVILEGES ON DATABASE snf_pithos TO synnefo; |
123 | a96ec00f | Constantinos Venetsanopoulos | |
124 | a96ec00f | Constantinos Venetsanopoulos | Configure the database to listen to all network interfaces. You can do this by |
125 | a96ec00f | Constantinos Venetsanopoulos | editting the file ``/etc/postgresql/8.4/main/postgresql.conf`` and change |
126 | a96ec00f | Constantinos Venetsanopoulos | ``listen_addresses`` to ``'*'`` : |
127 | a96ec00f | Constantinos Venetsanopoulos | |
128 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
129 | a96ec00f | Constantinos Venetsanopoulos | |
130 | a96ec00f | Constantinos Venetsanopoulos | listen_addresses = '*' |
131 | a96ec00f | Constantinos Venetsanopoulos | |
132 | a96ec00f | Constantinos Venetsanopoulos | Furthermore, edit ``/etc/postgresql/8.4/main/pg_hba.conf`` to allow node1 and |
133 | a96ec00f | Constantinos Venetsanopoulos | node2 to connect to the database. Add the following lines under ``#IPv4 local |
134 | a96ec00f | Constantinos Venetsanopoulos | connections:`` : |
135 | a96ec00f | Constantinos Venetsanopoulos | |
136 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
137 | a96ec00f | Constantinos Venetsanopoulos | |
138 | a96ec00f | Constantinos Venetsanopoulos | host all all 4.3.2.1/32 md5 |
139 | a96ec00f | Constantinos Venetsanopoulos | host all all 4.3.2.2/32 md5 |
140 | a96ec00f | Constantinos Venetsanopoulos | |
141 | a96ec00f | Constantinos Venetsanopoulos | Make sure to substitute "4.3.2.1" and "4.3.2.2" with node1's and node2's |
142 | a96ec00f | Constantinos Venetsanopoulos | actual IPs. Now, restart the server to apply the changes: |
143 | a96ec00f | Constantinos Venetsanopoulos | |
144 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
145 | a96ec00f | Constantinos Venetsanopoulos | |
146 | a96ec00f | Constantinos Venetsanopoulos | # /etc/init.d/postgresql restart |
147 | a96ec00f | Constantinos Venetsanopoulos | |
148 | a96ec00f | Constantinos Venetsanopoulos | Gunicorn setup |
149 | a96ec00f | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~ |
150 | a96ec00f | Constantinos Venetsanopoulos | |
151 | a96ec00f | Constantinos Venetsanopoulos | Create the file ``synnefo`` under ``/etc/gunicorn.d/`` containing the following: |
152 | a96ec00f | Constantinos Venetsanopoulos | |
153 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
154 | a96ec00f | Constantinos Venetsanopoulos | |
155 | a96ec00f | Constantinos Venetsanopoulos | CONFIG = { |
156 | a96ec00f | Constantinos Venetsanopoulos | 'mode': 'django', |
157 | a96ec00f | Constantinos Venetsanopoulos | 'environment': { |
158 | a96ec00f | Constantinos Venetsanopoulos | 'DJANGO_SETTINGS_MODULE': 'synnefo.settings', |
159 | a96ec00f | Constantinos Venetsanopoulos | }, |
160 | a96ec00f | Constantinos Venetsanopoulos | 'working_dir': '/etc/synnefo', |
161 | a96ec00f | Constantinos Venetsanopoulos | 'user': 'www-data', |
162 | a96ec00f | Constantinos Venetsanopoulos | 'group': 'www-data', |
163 | a96ec00f | Constantinos Venetsanopoulos | 'args': ( |
164 | a96ec00f | Constantinos Venetsanopoulos | '--bind=127.0.0.1:8080', |
165 | a96ec00f | Constantinos Venetsanopoulos | '--workers=4', |
166 | a96ec00f | Constantinos Venetsanopoulos | '--log-level=debug', |
167 | a96ec00f | Constantinos Venetsanopoulos | ), |
168 | a96ec00f | Constantinos Venetsanopoulos | } |
169 | a96ec00f | Constantinos Venetsanopoulos | |
170 | 0c40b4ac | Kostas Papadimitriou | .. warning:: Do NOT start the server yet, because it won't find the |
171 | 1ec63d8a | Kostas Papadimitriou | ``synnefo.settings`` module. We will start the server after successful |
172 | 4de94e15 | Kostas Papadimitriou | installation of astakos. If the server is running:: |
173 | a96ec00f | Constantinos Venetsanopoulos | |
174 | 4de94e15 | Kostas Papadimitriou | # /etc/init.d/gunicorn stop |
175 | a96ec00f | Constantinos Venetsanopoulos | |
176 | a96ec00f | Constantinos Venetsanopoulos | Apache2 setup |
177 | a96ec00f | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~ |
178 | a96ec00f | Constantinos Venetsanopoulos | |
179 | a96ec00f | Constantinos Venetsanopoulos | Create the file ``synnefo`` under ``/etc/apache2/sites-available/`` containing |
180 | a96ec00f | Constantinos Venetsanopoulos | the following: |
181 | a96ec00f | Constantinos Venetsanopoulos | |
182 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
183 | a96ec00f | Constantinos Venetsanopoulos | |
184 | a96ec00f | Constantinos Venetsanopoulos | <VirtualHost *:80> |
185 | a96ec00f | Constantinos Venetsanopoulos | ServerName node1.example.com |
186 | a96ec00f | Constantinos Venetsanopoulos | |
187 | a96ec00f | Constantinos Venetsanopoulos | RewriteEngine On |
188 | d2a9f85f | Sofia Papagiannaki | RewriteCond %{THE_REQUEST} ^.*(\\r|\\n|%0A|%0D).* [NC] |
189 | d2a9f85f | Sofia Papagiannaki | RewriteRule ^(.*)$ - [F,L] |
190 | a96ec00f | Constantinos Venetsanopoulos | RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} |
191 | a96ec00f | Constantinos Venetsanopoulos | </VirtualHost> |
192 | a96ec00f | Constantinos Venetsanopoulos | |
193 | a96ec00f | Constantinos Venetsanopoulos | Create the file ``synnefo-ssl`` under ``/etc/apache2/sites-available/`` |
194 | a96ec00f | Constantinos Venetsanopoulos | containing the following: |
195 | a96ec00f | Constantinos Venetsanopoulos | |
196 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
197 | a96ec00f | Constantinos Venetsanopoulos | |
198 | a96ec00f | Constantinos Venetsanopoulos | <IfModule mod_ssl.c> |
199 | a96ec00f | Constantinos Venetsanopoulos | <VirtualHost _default_:443> |
200 | a96ec00f | Constantinos Venetsanopoulos | ServerName node1.example.com |
201 | a96ec00f | Constantinos Venetsanopoulos | |
202 | a96ec00f | Constantinos Venetsanopoulos | Alias /static "/usr/share/synnefo/static" |
203 | a96ec00f | Constantinos Venetsanopoulos | |
204 | a96ec00f | Constantinos Venetsanopoulos | # SetEnv no-gzip |
205 | a96ec00f | Constantinos Venetsanopoulos | # SetEnv dont-vary |
206 | a96ec00f | Constantinos Venetsanopoulos | |
207 | 04427415 | Constantinos Venetsanopoulos | AllowEncodedSlashes On |
208 | 04427415 | Constantinos Venetsanopoulos | |
209 | a96ec00f | Constantinos Venetsanopoulos | RequestHeader set X-Forwarded-Protocol "https" |
210 | a96ec00f | Constantinos Venetsanopoulos | |
211 | a96ec00f | Constantinos Venetsanopoulos | <Proxy * > |
212 | a96ec00f | Constantinos Venetsanopoulos | Order allow,deny |
213 | a96ec00f | Constantinos Venetsanopoulos | Allow from all |
214 | a96ec00f | Constantinos Venetsanopoulos | </Proxy> |
215 | a96ec00f | Constantinos Venetsanopoulos | |
216 | a96ec00f | Constantinos Venetsanopoulos | SetEnv proxy-sendchunked |
217 | a96ec00f | Constantinos Venetsanopoulos | SSLProxyEngine off |
218 | a96ec00f | Constantinos Venetsanopoulos | ProxyErrorOverride off |
219 | a96ec00f | Constantinos Venetsanopoulos | |
220 | a96ec00f | Constantinos Venetsanopoulos | ProxyPass /static ! |
221 | a96ec00f | Constantinos Venetsanopoulos | ProxyPass / http://localhost:8080/ retry=0 |
222 | a96ec00f | Constantinos Venetsanopoulos | ProxyPassReverse / http://localhost:8080/ |
223 | a96ec00f | Constantinos Venetsanopoulos | |
224 | a96ec00f | Constantinos Venetsanopoulos | RewriteEngine On |
225 | d2a9f85f | Sofia Papagiannaki | RewriteCond %{THE_REQUEST} ^.*(\\r|\\n|%0A|%0D).* [NC] |
226 | d2a9f85f | Sofia Papagiannaki | RewriteRule ^(.*)$ - [F,L] |
227 | a96ec00f | Constantinos Venetsanopoulos | RewriteRule ^/login(.*) /im/login/redirect$1 [PT,NE] |
228 | a96ec00f | Constantinos Venetsanopoulos | |
229 | a96ec00f | Constantinos Venetsanopoulos | SSLEngine on |
230 | a96ec00f | Constantinos Venetsanopoulos | SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem |
231 | a96ec00f | Constantinos Venetsanopoulos | SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key |
232 | a96ec00f | Constantinos Venetsanopoulos | </VirtualHost> |
233 | a96ec00f | Constantinos Venetsanopoulos | </IfModule> |
234 | a96ec00f | Constantinos Venetsanopoulos | |
235 | a96ec00f | Constantinos Venetsanopoulos | Now enable sites and modules by running: |
236 | a96ec00f | Constantinos Venetsanopoulos | |
237 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
238 | a96ec00f | Constantinos Venetsanopoulos | |
239 | a96ec00f | Constantinos Venetsanopoulos | # a2enmod ssl |
240 | a96ec00f | Constantinos Venetsanopoulos | # a2enmod rewrite |
241 | a96ec00f | Constantinos Venetsanopoulos | # a2dissite default |
242 | a96ec00f | Constantinos Venetsanopoulos | # a2ensite synnefo |
243 | a96ec00f | Constantinos Venetsanopoulos | # a2ensite synnefo-ssl |
244 | a96ec00f | Constantinos Venetsanopoulos | # a2enmod headers |
245 | a96ec00f | Constantinos Venetsanopoulos | # a2enmod proxy_http |
246 | a96ec00f | Constantinos Venetsanopoulos | |
247 | 4de94e15 | Kostas Papadimitriou | .. warning:: Do NOT start/restart the server yet. If the server is running:: |
248 | a96ec00f | Constantinos Venetsanopoulos | |
249 | 4de94e15 | Kostas Papadimitriou | # /etc/init.d/apache2 stop |
250 | a96ec00f | Constantinos Venetsanopoulos | |
251 | 2c85833e | Constantinos Venetsanopoulos | .. _rabbitmq-setup: |
252 | 2c85833e | Constantinos Venetsanopoulos | |
253 | bdfd94c9 | Constantinos Venetsanopoulos | Message Queue setup |
254 | bdfd94c9 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~ |
255 | bdfd94c9 | Constantinos Venetsanopoulos | |
256 | bdfd94c9 | Constantinos Venetsanopoulos | The message queue will run on node1, so we need to create the appropriate |
257 | bdfd94c9 | Constantinos Venetsanopoulos | rabbitmq user. The user is named ``synnefo`` and gets full privileges on all |
258 | bdfd94c9 | Constantinos Venetsanopoulos | exchanges: |
259 | bdfd94c9 | Constantinos Venetsanopoulos | |
260 | bdfd94c9 | Constantinos Venetsanopoulos | .. code-block:: console |
261 | bdfd94c9 | Constantinos Venetsanopoulos | |
262 | bdfd94c9 | Constantinos Venetsanopoulos | # rabbitmqctl add_user synnefo "examle_rabbitmq_passw0rd" |
263 | bdfd94c9 | Constantinos Venetsanopoulos | # rabbitmqctl set_permissions synnefo ".*" ".*" ".*" |
264 | bdfd94c9 | Constantinos Venetsanopoulos | |
265 | bdfd94c9 | Constantinos Venetsanopoulos | We do not need to initialize the exchanges. This will be done automatically, |
266 | bdfd94c9 | Constantinos Venetsanopoulos | during the Cyclades setup. |
267 | bdfd94c9 | Constantinos Venetsanopoulos | |
268 | a96ec00f | Constantinos Venetsanopoulos | Pithos+ data directory setup |
269 | a96ec00f | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
270 | a96ec00f | Constantinos Venetsanopoulos | |
271 | a96ec00f | Constantinos Venetsanopoulos | As mentioned in the General Prerequisites section, there is a directory called |
272 | a96ec00f | Constantinos Venetsanopoulos | ``/srv/pithos`` visible by both nodes. We create and setup the ``data`` |
273 | a96ec00f | Constantinos Venetsanopoulos | directory inside it: |
274 | a96ec00f | Constantinos Venetsanopoulos | |
275 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
276 | a96ec00f | Constantinos Venetsanopoulos | |
277 | a96ec00f | Constantinos Venetsanopoulos | # cd /srv/pithos |
278 | a96ec00f | Constantinos Venetsanopoulos | # mkdir data |
279 | a96ec00f | Constantinos Venetsanopoulos | # chown www-data:www-data data |
280 | a96ec00f | Constantinos Venetsanopoulos | # chmod g+ws data |
281 | a96ec00f | Constantinos Venetsanopoulos | |
282 | a96ec00f | Constantinos Venetsanopoulos | You are now ready with all general prerequisites concerning node1. Let's go to |
283 | a96ec00f | Constantinos Venetsanopoulos | node2. |
284 | a96ec00f | Constantinos Venetsanopoulos | |
285 | a96ec00f | Constantinos Venetsanopoulos | Node2 |
286 | a96ec00f | Constantinos Venetsanopoulos | ----- |
287 | a96ec00f | Constantinos Venetsanopoulos | |
288 | a96ec00f | Constantinos Venetsanopoulos | General Synnefo dependencies |
289 | a96ec00f | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
290 | a96ec00f | Constantinos Venetsanopoulos | |
291 | a96ec00f | Constantinos Venetsanopoulos | * apache (http server) |
292 | a96ec00f | Constantinos Venetsanopoulos | * gunicorn (WSGI http server) |
293 | a96ec00f | Constantinos Venetsanopoulos | * postgresql (database) |
294 | a96ec00f | Constantinos Venetsanopoulos | |
295 | a96ec00f | Constantinos Venetsanopoulos | You can install the above by running: |
296 | a96ec00f | Constantinos Venetsanopoulos | |
297 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
298 | a96ec00f | Constantinos Venetsanopoulos | |
299 | 73ff1d54 | Constantinos Venetsanopoulos | # apt-get install apache2 postgresql |
300 | 73ff1d54 | Constantinos Venetsanopoulos | |
301 | 73ff1d54 | Constantinos Venetsanopoulos | Make sure to install gunicorn >= v0.12.2. You can do this by installing from |
302 | 73ff1d54 | Constantinos Venetsanopoulos | the official debian backports: |
303 | 73ff1d54 | Constantinos Venetsanopoulos | |
304 | 73ff1d54 | Constantinos Venetsanopoulos | .. code-block:: console |
305 | 73ff1d54 | Constantinos Venetsanopoulos | |
306 | 73ff1d54 | Constantinos Venetsanopoulos | # apt-get -t squeeze-backports install gunicorn |
307 | a96ec00f | Constantinos Venetsanopoulos | |
308 | 73ff1d54 | Constantinos Venetsanopoulos | Node2 will connect to the databases on node1, so you will also need the |
309 | 73ff1d54 | Constantinos Venetsanopoulos | python-psycopg2 package: |
310 | a96ec00f | Constantinos Venetsanopoulos | |
311 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
312 | a96ec00f | Constantinos Venetsanopoulos | |
313 | a96ec00f | Constantinos Venetsanopoulos | # apt-get install python-psycopg2 |
314 | a96ec00f | Constantinos Venetsanopoulos | |
315 | a96ec00f | Constantinos Venetsanopoulos | Database setup |
316 | a96ec00f | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~ |
317 | a96ec00f | Constantinos Venetsanopoulos | |
318 | a96ec00f | Constantinos Venetsanopoulos | All databases have been created and setup on node1, so we do not need to take |
319 | a96ec00f | Constantinos Venetsanopoulos | any action here. From node2, we will just connect to them. When you get familiar |
320 | a96ec00f | Constantinos Venetsanopoulos | with the software you may choose to run different databases on different nodes, |
321 | a96ec00f | Constantinos Venetsanopoulos | for performance/scalability/redundancy reasons, but those kind of setups are out |
322 | a96ec00f | Constantinos Venetsanopoulos | of the purpose of this guide. |
323 | a96ec00f | Constantinos Venetsanopoulos | |
324 | a96ec00f | Constantinos Venetsanopoulos | Gunicorn setup |
325 | a96ec00f | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~ |
326 | a96ec00f | Constantinos Venetsanopoulos | |
327 | a96ec00f | Constantinos Venetsanopoulos | Create the file ``synnefo`` under ``/etc/gunicorn.d/`` containing the following |
328 | a96ec00f | Constantinos Venetsanopoulos | (same contents as in node1; you can just copy/paste the file): |
329 | a96ec00f | Constantinos Venetsanopoulos | |
330 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
331 | a96ec00f | Constantinos Venetsanopoulos | |
332 | a96ec00f | Constantinos Venetsanopoulos | CONFIG = { |
333 | a96ec00f | Constantinos Venetsanopoulos | 'mode': 'django', |
334 | a96ec00f | Constantinos Venetsanopoulos | 'environment': { |
335 | a96ec00f | Constantinos Venetsanopoulos | 'DJANGO_SETTINGS_MODULE': 'synnefo.settings', |
336 | a96ec00f | Constantinos Venetsanopoulos | }, |
337 | a96ec00f | Constantinos Venetsanopoulos | 'working_dir': '/etc/synnefo', |
338 | a96ec00f | Constantinos Venetsanopoulos | 'user': 'www-data', |
339 | a96ec00f | Constantinos Venetsanopoulos | 'group': 'www-data', |
340 | a96ec00f | Constantinos Venetsanopoulos | 'args': ( |
341 | a96ec00f | Constantinos Venetsanopoulos | '--bind=127.0.0.1:8080', |
342 | a96ec00f | Constantinos Venetsanopoulos | '--workers=4', |
343 | a96ec00f | Constantinos Venetsanopoulos | '--log-level=debug', |
344 | 699c8773 | Sofia Papagiannaki | '--timeout=43200' |
345 | a96ec00f | Constantinos Venetsanopoulos | ), |
346 | a96ec00f | Constantinos Venetsanopoulos | } |
347 | a96ec00f | Constantinos Venetsanopoulos | |
348 | 0c40b4ac | Kostas Papadimitriou | .. warning:: Do NOT start the server yet, because it won't find the |
349 | 1ec63d8a | Kostas Papadimitriou | ``synnefo.settings`` module. We will start the server after successful |
350 | 4de94e15 | Kostas Papadimitriou | installation of astakos. If the server is running:: |
351 | a96ec00f | Constantinos Venetsanopoulos | |
352 | 4de94e15 | Kostas Papadimitriou | # /etc/init.d/gunicorn stop |
353 | bdb83fd6 | cven | |
354 | a96ec00f | Constantinos Venetsanopoulos | Apache2 setup |
355 | a96ec00f | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~ |
356 | 5b6feb88 | Vangelis Koukis | |
357 | a96ec00f | Constantinos Venetsanopoulos | Create the file ``synnefo`` under ``/etc/apache2/sites-available/`` containing |
358 | a96ec00f | Constantinos Venetsanopoulos | the following: |
359 | 5b6feb88 | Vangelis Koukis | |
360 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
361 | a96ec00f | Constantinos Venetsanopoulos | |
362 | a96ec00f | Constantinos Venetsanopoulos | <VirtualHost *:80> |
363 | a96ec00f | Constantinos Venetsanopoulos | ServerName node2.example.com |
364 | a96ec00f | Constantinos Venetsanopoulos | |
365 | a96ec00f | Constantinos Venetsanopoulos | RewriteEngine On |
366 | d2a9f85f | Sofia Papagiannaki | RewriteCond %{THE_REQUEST} ^.*(\\r|\\n|%0A|%0D).* [NC] |
367 | d2a9f85f | Sofia Papagiannaki | RewriteRule ^(.*)$ - [F,L] |
368 | a96ec00f | Constantinos Venetsanopoulos | RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} |
369 | a96ec00f | Constantinos Venetsanopoulos | </VirtualHost> |
370 | a96ec00f | Constantinos Venetsanopoulos | |
371 | a96ec00f | Constantinos Venetsanopoulos | Create the file ``synnefo-ssl`` under ``/etc/apache2/sites-available/`` |
372 | a96ec00f | Constantinos Venetsanopoulos | containing the following: |
373 | a96ec00f | Constantinos Venetsanopoulos | |
374 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
375 | a96ec00f | Constantinos Venetsanopoulos | |
376 | a96ec00f | Constantinos Venetsanopoulos | <IfModule mod_ssl.c> |
377 | a96ec00f | Constantinos Venetsanopoulos | <VirtualHost _default_:443> |
378 | a96ec00f | Constantinos Venetsanopoulos | ServerName node2.example.com |
379 | a96ec00f | Constantinos Venetsanopoulos | |
380 | a96ec00f | Constantinos Venetsanopoulos | Alias /static "/usr/share/synnefo/static" |
381 | a96ec00f | Constantinos Venetsanopoulos | |
382 | a96ec00f | Constantinos Venetsanopoulos | SetEnv no-gzip |
383 | a96ec00f | Constantinos Venetsanopoulos | SetEnv dont-vary |
384 | 04427415 | Constantinos Venetsanopoulos | AllowEncodedSlashes On |
385 | a96ec00f | Constantinos Venetsanopoulos | |
386 | a96ec00f | Constantinos Venetsanopoulos | RequestHeader set X-Forwarded-Protocol "https" |
387 | a96ec00f | Constantinos Venetsanopoulos | |
388 | a96ec00f | Constantinos Venetsanopoulos | <Proxy * > |
389 | a96ec00f | Constantinos Venetsanopoulos | Order allow,deny |
390 | a96ec00f | Constantinos Venetsanopoulos | Allow from all |
391 | a96ec00f | Constantinos Venetsanopoulos | </Proxy> |
392 | a96ec00f | Constantinos Venetsanopoulos | |
393 | a96ec00f | Constantinos Venetsanopoulos | SetEnv proxy-sendchunked |
394 | a96ec00f | Constantinos Venetsanopoulos | SSLProxyEngine off |
395 | a96ec00f | Constantinos Venetsanopoulos | ProxyErrorOverride off |
396 | a96ec00f | Constantinos Venetsanopoulos | |
397 | a96ec00f | Constantinos Venetsanopoulos | ProxyPass /static ! |
398 | a96ec00f | Constantinos Venetsanopoulos | ProxyPass / http://localhost:8080/ retry=0 |
399 | a96ec00f | Constantinos Venetsanopoulos | ProxyPassReverse / http://localhost:8080/ |
400 | a96ec00f | Constantinos Venetsanopoulos | |
401 | a96ec00f | Constantinos Venetsanopoulos | SSLEngine on |
402 | a96ec00f | Constantinos Venetsanopoulos | SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem |
403 | a96ec00f | Constantinos Venetsanopoulos | SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key |
404 | a96ec00f | Constantinos Venetsanopoulos | </VirtualHost> |
405 | a96ec00f | Constantinos Venetsanopoulos | </IfModule> |
406 | a96ec00f | Constantinos Venetsanopoulos | |
407 | a96ec00f | Constantinos Venetsanopoulos | As in node1, enable sites and modules by running: |
408 | a96ec00f | Constantinos Venetsanopoulos | |
409 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
410 | a96ec00f | Constantinos Venetsanopoulos | |
411 | a96ec00f | Constantinos Venetsanopoulos | # a2enmod ssl |
412 | a96ec00f | Constantinos Venetsanopoulos | # a2enmod rewrite |
413 | a96ec00f | Constantinos Venetsanopoulos | # a2dissite default |
414 | a96ec00f | Constantinos Venetsanopoulos | # a2ensite synnefo |
415 | a96ec00f | Constantinos Venetsanopoulos | # a2ensite synnefo-ssl |
416 | a96ec00f | Constantinos Venetsanopoulos | # a2enmod headers |
417 | a96ec00f | Constantinos Venetsanopoulos | # a2enmod proxy_http |
418 | a96ec00f | Constantinos Venetsanopoulos | |
419 | 4de94e15 | Kostas Papadimitriou | .. warning:: Do NOT start/restart the server yet. If the server is running:: |
420 | a96ec00f | Constantinos Venetsanopoulos | |
421 | 4de94e15 | Kostas Papadimitriou | # /etc/init.d/apache2 stop |
422 | a96ec00f | Constantinos Venetsanopoulos | |
423 | a96ec00f | Constantinos Venetsanopoulos | We are now ready with all general prerequisites for node2. Now that we have |
424 | a96ec00f | Constantinos Venetsanopoulos | finished with all general prerequisites for both nodes, we can start installing |
425 | a96ec00f | Constantinos Venetsanopoulos | the services. First, let's install Astakos on node1. |
426 | a96ec00f | Constantinos Venetsanopoulos | |
427 | a96ec00f | Constantinos Venetsanopoulos | |
428 | a96ec00f | Constantinos Venetsanopoulos | Installation of Astakos on node1 |
429 | a96ec00f | Constantinos Venetsanopoulos | ================================ |
430 | a96ec00f | Constantinos Venetsanopoulos | |
431 | a96ec00f | Constantinos Venetsanopoulos | To install astakos, grab the package from our repository (make sure you made |
432 | a96ec00f | Constantinos Venetsanopoulos | the additions needed in your ``/etc/apt/sources.list`` file, as described |
433 | a96ec00f | Constantinos Venetsanopoulos | previously), by running: |
434 | a96ec00f | Constantinos Venetsanopoulos | |
435 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
436 | a96ec00f | Constantinos Venetsanopoulos | |
437 | a96ec00f | Constantinos Venetsanopoulos | # apt-get install snf-astakos-app |
438 | a96ec00f | Constantinos Venetsanopoulos | |
439 | a96ec00f | Constantinos Venetsanopoulos | After successful installation of snf-astakos-app, make sure that also |
440 | a96ec00f | Constantinos Venetsanopoulos | snf-webproject has been installed (marked as "Recommended" package). By default |
441 | a96ec00f | Constantinos Venetsanopoulos | Debian installs "Recommended" packages, but if you have changed your |
442 | a96ec00f | Constantinos Venetsanopoulos | configuration and the package didn't install automatically, you should |
443 | a96ec00f | Constantinos Venetsanopoulos | explicitly install it manually running: |
444 | a96ec00f | Constantinos Venetsanopoulos | |
445 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
446 | a96ec00f | Constantinos Venetsanopoulos | |
447 | a96ec00f | Constantinos Venetsanopoulos | # apt-get install snf-webproject |
448 | a96ec00f | Constantinos Venetsanopoulos | |
449 | a96ec00f | Constantinos Venetsanopoulos | The reason snf-webproject is "Recommended" and not a hard dependency, is to give |
450 | a96ec00f | Constantinos Venetsanopoulos | the experienced administrator the ability to install synnefo in a custom made |
451 | a96ec00f | Constantinos Venetsanopoulos | django project. This corner case concerns only very advanced users that know |
452 | a96ec00f | Constantinos Venetsanopoulos | what they are doing and want to experiment with synnefo. |
453 | a96ec00f | Constantinos Venetsanopoulos | |
454 | a96ec00f | Constantinos Venetsanopoulos | Configuration of Astakos |
455 | a96ec00f | Constantinos Venetsanopoulos | ======================== |
456 | a96ec00f | Constantinos Venetsanopoulos | |
457 | a96ec00f | Constantinos Venetsanopoulos | Conf Files |
458 | a96ec00f | Constantinos Venetsanopoulos | ---------- |
459 | a96ec00f | Constantinos Venetsanopoulos | |
460 | a96ec00f | Constantinos Venetsanopoulos | After astakos is successfully installed, you will find the directory |
461 | a96ec00f | Constantinos Venetsanopoulos | ``/etc/synnefo`` and some configuration files inside it. The files contain |
462 | a96ec00f | Constantinos Venetsanopoulos | commented configuration options, which are the default options. While installing |
463 | a96ec00f | Constantinos Venetsanopoulos | new snf-* components, new configuration files will appear inside the directory. |
464 | a96ec00f | Constantinos Venetsanopoulos | In this guide (and for all services), we will edit only the minimum necessary |
465 | a96ec00f | Constantinos Venetsanopoulos | configuration options, to reflect our setup. Everything else will remain as is. |
466 | a96ec00f | Constantinos Venetsanopoulos | |
467 | a96ec00f | Constantinos Venetsanopoulos | After getting familiar with synnefo, you will be able to customize the software |
468 | a96ec00f | Constantinos Venetsanopoulos | as you wish and fits your needs. Many options are available, to empower the |
469 | a96ec00f | Constantinos Venetsanopoulos | administrator with extensively customizable setups. |
470 | a96ec00f | Constantinos Venetsanopoulos | |
471 | a96ec00f | Constantinos Venetsanopoulos | For the snf-webproject component (installed as an astakos dependency), we |
472 | a96ec00f | Constantinos Venetsanopoulos | need the following: |
473 | a96ec00f | Constantinos Venetsanopoulos | |
474 | a96ec00f | Constantinos Venetsanopoulos | Edit ``/etc/synnefo/10-snf-webproject-database.conf``. You will need to |
475 | a96ec00f | Constantinos Venetsanopoulos | uncomment and edit the ``DATABASES`` block to reflect our database: |
476 | a96ec00f | Constantinos Venetsanopoulos | |
477 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
478 | a96ec00f | Constantinos Venetsanopoulos | |
479 | a96ec00f | Constantinos Venetsanopoulos | DATABASES = { |
480 | a96ec00f | Constantinos Venetsanopoulos | 'default': { |
481 | a96ec00f | Constantinos Venetsanopoulos | # 'postgresql_psycopg2', 'postgresql','mysql', 'sqlite3' or 'oracle' |
482 | a96ec00f | Constantinos Venetsanopoulos | 'ENGINE': 'postgresql_psycopg2', |
483 | a96ec00f | Constantinos Venetsanopoulos | # ATTENTION: This *must* be the absolute path if using sqlite3. |
484 | a96ec00f | Constantinos Venetsanopoulos | # See: http://docs.djangoproject.com/en/dev/ref/settings/#name |
485 | a96ec00f | Constantinos Venetsanopoulos | 'NAME': 'snf_apps', |
486 | a96ec00f | Constantinos Venetsanopoulos | 'USER': 'synnefo', # Not used with sqlite3. |
487 | a96ec00f | Constantinos Venetsanopoulos | 'PASSWORD': 'examle_passw0rd', # Not used with sqlite3. |
488 | a96ec00f | Constantinos Venetsanopoulos | # Set to empty string for localhost. Not used with sqlite3. |
489 | a96ec00f | Constantinos Venetsanopoulos | 'HOST': '4.3.2.1', |
490 | a96ec00f | Constantinos Venetsanopoulos | # Set to empty string for default. Not used with sqlite3. |
491 | a96ec00f | Constantinos Venetsanopoulos | 'PORT': '5432', |
492 | a96ec00f | Constantinos Venetsanopoulos | } |
493 | a96ec00f | Constantinos Venetsanopoulos | } |
494 | a96ec00f | Constantinos Venetsanopoulos | |
495 | a96ec00f | Constantinos Venetsanopoulos | Edit ``/etc/synnefo/10-snf-webproject-deploy.conf``. Uncomment and edit |
496 | a96ec00f | Constantinos Venetsanopoulos | ``SECRET_KEY``. This is a django specific setting which is used to provide a |
497 | a96ec00f | Constantinos Venetsanopoulos | seed in secret-key hashing algorithms. Set this to a random string of your |
498 | a96ec00f | Constantinos Venetsanopoulos | choise and keep it private: |
499 | a96ec00f | Constantinos Venetsanopoulos | |
500 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
501 | a96ec00f | Constantinos Venetsanopoulos | |
502 | a96ec00f | Constantinos Venetsanopoulos | SECRET_KEY = 'sy6)mw6a7x%n)-example_secret_key#zzk4jo6f2=uqu!1o%)' |
503 | a96ec00f | Constantinos Venetsanopoulos | |
504 | a96ec00f | Constantinos Venetsanopoulos | For astakos specific configuration, edit the following options in |
505 | 73ff1d54 | Constantinos Venetsanopoulos | ``/etc/synnefo/20-snf-astakos-app-settings.conf`` : |
506 | a96ec00f | Constantinos Venetsanopoulos | |
507 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
508 | a96ec00f | Constantinos Venetsanopoulos | |
509 | a96ec00f | Constantinos Venetsanopoulos | ASTAKOS_IM_MODULES = ['local'] |
510 | a96ec00f | Constantinos Venetsanopoulos | |
511 | a96ec00f | Constantinos Venetsanopoulos | ASTAKOS_COOKIE_DOMAIN = '.example.com' |
512 | a96ec00f | Constantinos Venetsanopoulos | |
513 | a96ec00f | Constantinos Venetsanopoulos | ASTAKOS_BASEURL = 'https://node1.example.com' |
514 | a96ec00f | Constantinos Venetsanopoulos | |
515 | a96ec00f | Constantinos Venetsanopoulos | ASTAKOS_SITENAME = '~okeanos demo example' |
516 | a96ec00f | Constantinos Venetsanopoulos | |
517 | a96ec00f | Constantinos Venetsanopoulos | ASTAKOS_CLOUD_SERVICES = ( |
518 | a96ec00f | Constantinos Venetsanopoulos | { 'url':'https://node1.example.com/im/', 'name':'~okeanos home', 'id':'cloud', 'icon':'home-icon.png' }, |
519 | a96ec00f | Constantinos Venetsanopoulos | { 'url':'https://node1.example.com/ui/', 'name':'cyclades', 'id':'cyclades' }, |
520 | a96ec00f | Constantinos Venetsanopoulos | { 'url':'https://node2.example.com/ui/', 'name':'pithos+', 'id':'pithos' }) |
521 | a96ec00f | Constantinos Venetsanopoulos | |
522 | a96ec00f | Constantinos Venetsanopoulos | ASTAKOS_RECAPTCHA_PUBLIC_KEY = 'example_recaptcha_public_key!@#$%^&*(' |
523 | a96ec00f | Constantinos Venetsanopoulos | ASTAKOS_RECAPTCHA_PRIVATE_KEY = 'example_recaptcha_private_key!@#$%^&*(' |
524 | 5b6feb88 | Vangelis Koukis | |
525 | a96ec00f | Constantinos Venetsanopoulos | ASTAKOS_RECAPTCHA_USE_SSL = True |
526 | 5b6feb88 | Vangelis Koukis | |
527 | a96ec00f | Constantinos Venetsanopoulos | ``ASTAKOS_IM_MODULES`` refers to the astakos login methods. For now only local |
528 | a96ec00f | Constantinos Venetsanopoulos | is supported. The ``ASTAKOS_COOKIE_DOMAIN`` should be the base url of our |
529 | a96ec00f | Constantinos Venetsanopoulos | domain (for all services). ``ASTAKOS_BASEURL`` is the astakos home page. |
530 | a96ec00f | Constantinos Venetsanopoulos | ``ASTAKOS_CLOUD_SERVICES`` contains all services visible to and served by |
531 | a96ec00f | Constantinos Venetsanopoulos | astakos. The first element of the dictionary is used to point to a generic |
532 | a96ec00f | Constantinos Venetsanopoulos | landing page for your services (cyclades, pithos). If you don't have such a |
533 | a96ec00f | Constantinos Venetsanopoulos | page it can be omitted. The second and third element point to our services |
534 | a96ec00f | Constantinos Venetsanopoulos | themselves (the apps) and should be set as above. |
535 | 5b6feb88 | Vangelis Koukis | |
536 | a96ec00f | Constantinos Venetsanopoulos | For the ``ASTAKOS_RECAPTCHA_PUBLIC_KEY`` and ``ASTAKOS_RECAPTCHA_PRIVATE_KEY`` |
537 | a96ec00f | Constantinos Venetsanopoulos | go to https://www.google.com/recaptcha/admin/create and create your own pair. |
538 | 5b6feb88 | Vangelis Koukis | |
539 | d189d11c | Constantinos Venetsanopoulos | If you are an advanced user and want to use the Shibboleth Authentication method, |
540 | d189d11c | Constantinos Venetsanopoulos | read the relative :ref:`section <shibboleth-auth>`. |
541 | d2a9f85f | Sofia Papagiannaki | |
542 | a96ec00f | Constantinos Venetsanopoulos | Servers Initialization |
543 | a96ec00f | Constantinos Venetsanopoulos | ---------------------- |
544 | 5b6feb88 | Vangelis Koukis | |
545 | a96ec00f | Constantinos Venetsanopoulos | After configuration is done, we initialize the servers on node1: |
546 | 5b6feb88 | Vangelis Koukis | |
547 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
548 | a96ec00f | Constantinos Venetsanopoulos | |
549 | a96ec00f | Constantinos Venetsanopoulos | root@node1:~ # /etc/init.d/gunicorn restart |
550 | a96ec00f | Constantinos Venetsanopoulos | root@node1:~ # /etc/init.d/apache2 restart |
551 | a96ec00f | Constantinos Venetsanopoulos | |
552 | a96ec00f | Constantinos Venetsanopoulos | Database Initialization |
553 | a96ec00f | Constantinos Venetsanopoulos | ----------------------- |
554 | a96ec00f | Constantinos Venetsanopoulos | |
555 | a96ec00f | Constantinos Venetsanopoulos | Then, we initialize the database by running: |
556 | 5b6feb88 | Vangelis Koukis | |
557 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
558 | a96ec00f | Constantinos Venetsanopoulos | |
559 | a96ec00f | Constantinos Venetsanopoulos | # snf-manage syncdb |
560 | a96ec00f | Constantinos Venetsanopoulos | |
561 | a96ec00f | Constantinos Venetsanopoulos | At this example we don't need to create a django superuser, so we select |
562 | a96ec00f | Constantinos Venetsanopoulos | ``[no]`` to the question. After a successful sync, we run the migration needed |
563 | a96ec00f | Constantinos Venetsanopoulos | for astakos: |
564 | 5b6feb88 | Vangelis Koukis | |
565 | 5b6feb88 | Vangelis Koukis | .. code-block:: console |
566 | 5b6feb88 | Vangelis Koukis | |
567 | a96ec00f | Constantinos Venetsanopoulos | # snf-manage migrate im |
568 | a96ec00f | Constantinos Venetsanopoulos | |
569 | d2a9f85f | Sofia Papagiannaki | Finally we load the pre-defined user groups |
570 | d2a9f85f | Sofia Papagiannaki | |
571 | d2a9f85f | Sofia Papagiannaki | .. code-block:: console |
572 | d2a9f85f | Sofia Papagiannaki | |
573 | d2a9f85f | Sofia Papagiannaki | # snf-manage loaddata groups |
574 | d2a9f85f | Sofia Papagiannaki | |
575 | a96ec00f | Constantinos Venetsanopoulos | You have now finished the Astakos setup. Let's test it now. |
576 | a96ec00f | Constantinos Venetsanopoulos | |
577 | a96ec00f | Constantinos Venetsanopoulos | |
578 | a96ec00f | Constantinos Venetsanopoulos | Testing of Astakos |
579 | a96ec00f | Constantinos Venetsanopoulos | ================== |
580 | a96ec00f | Constantinos Venetsanopoulos | |
581 | a96ec00f | Constantinos Venetsanopoulos | Open your favorite browser and go to: |
582 | a96ec00f | Constantinos Venetsanopoulos | |
583 | a96ec00f | Constantinos Venetsanopoulos | ``http://node1.example.com/im`` |
584 | a96ec00f | Constantinos Venetsanopoulos | |
585 | a96ec00f | Constantinos Venetsanopoulos | If this redirects you to ``https://node1.example.com/im`` and you can see |
586 | a96ec00f | Constantinos Venetsanopoulos | the "welcome" door of Astakos, then you have successfully setup Astakos. |
587 | a96ec00f | Constantinos Venetsanopoulos | |
588 | a96ec00f | Constantinos Venetsanopoulos | Let's create our first user. At the homepage click the "CREATE ACCOUNT" button |
589 | a96ec00f | Constantinos Venetsanopoulos | and fill all your data at the sign up form. Then click "SUBMIT". You should now |
590 | a96ec00f | Constantinos Venetsanopoulos | see a green box on the top, which informs you that you made a successful request |
591 | caa6c07d | Constantinos Venetsanopoulos | and the request has been sent to the administrators. So far so good, let's assume |
592 | caa6c07d | Constantinos Venetsanopoulos | that you created the user with username ``user@example.com``. |
593 | a96ec00f | Constantinos Venetsanopoulos | |
594 | a96ec00f | Constantinos Venetsanopoulos | Now we need to activate that user. Return to a command prompt at node1 and run: |
595 | a96ec00f | Constantinos Venetsanopoulos | |
596 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
597 | a96ec00f | Constantinos Venetsanopoulos | |
598 | a96ec00f | Constantinos Venetsanopoulos | root@node1:~ # snf-manage listusers |
599 | a96ec00f | Constantinos Venetsanopoulos | |
600 | a96ec00f | Constantinos Venetsanopoulos | This command should show you a list with only one user; the one we just created. |
601 | a96ec00f | Constantinos Venetsanopoulos | This user should have an id with a value of ``1``. It should also have an |
602 | a96ec00f | Constantinos Venetsanopoulos | "active" status with the value of ``0`` (inactive). Now run: |
603 | a96ec00f | Constantinos Venetsanopoulos | |
604 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
605 | a96ec00f | Constantinos Venetsanopoulos | |
606 | a96ec00f | Constantinos Venetsanopoulos | root@node1:~ # snf-manage modifyuser --set-active 1 |
607 | a96ec00f | Constantinos Venetsanopoulos | |
608 | a96ec00f | Constantinos Venetsanopoulos | This modifies the active value to ``1``, and actually activates the user. |
609 | a96ec00f | Constantinos Venetsanopoulos | When running in production, the activation is done automatically with different |
610 | a96ec00f | Constantinos Venetsanopoulos | types of moderation, that Astakos supports. You can see the moderation methods |
611 | a96ec00f | Constantinos Venetsanopoulos | (by invitation, whitelists, matching regexp, etc.) at the Astakos specific |
612 | f846d8df | Constantinos Venetsanopoulos | documentation. In production, you can also manually activate a user, by sending |
613 | f846d8df | Constantinos Venetsanopoulos | him/her an activation email. See how to do this at the :ref:`User |
614 | f846d8df | Constantinos Venetsanopoulos | activation <user_activation>` section. |
615 | a96ec00f | Constantinos Venetsanopoulos | |
616 | a96ec00f | Constantinos Venetsanopoulos | Now let's go back to the homepage. Open ``http://node1.example.com/im`` with |
617 | a96ec00f | Constantinos Venetsanopoulos | your browser again. Try to sign in using your new credentials. If the astakos |
618 | a96ec00f | Constantinos Venetsanopoulos | menu appears and you can see your profile, then you have successfully setup |
619 | a96ec00f | Constantinos Venetsanopoulos | Astakos. |
620 | a96ec00f | Constantinos Venetsanopoulos | |
621 | a96ec00f | Constantinos Venetsanopoulos | Let's continue to install Pithos+ now. |
622 | a96ec00f | Constantinos Venetsanopoulos | |
623 | a96ec00f | Constantinos Venetsanopoulos | |
624 | a96ec00f | Constantinos Venetsanopoulos | Installation of Pithos+ on node2 |
625 | a96ec00f | Constantinos Venetsanopoulos | ================================ |
626 | a96ec00f | Constantinos Venetsanopoulos | |
627 | 138253bc | Constantinos Venetsanopoulos | To install pithos+, grab the packages from our repository (make sure you made |
628 | a96ec00f | Constantinos Venetsanopoulos | the additions needed in your ``/etc/apt/sources.list`` file, as described |
629 | a96ec00f | Constantinos Venetsanopoulos | previously), by running: |
630 | a96ec00f | Constantinos Venetsanopoulos | |
631 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
632 | a96ec00f | Constantinos Venetsanopoulos | |
633 | a96ec00f | Constantinos Venetsanopoulos | # apt-get install snf-pithos-app |
634 | a96ec00f | Constantinos Venetsanopoulos | |
635 | a96ec00f | Constantinos Venetsanopoulos | After successful installation of snf-pithos-app, make sure that also |
636 | a96ec00f | Constantinos Venetsanopoulos | snf-webproject has been installed (marked as "Recommended" package). Refer to |
637 | a96ec00f | Constantinos Venetsanopoulos | the "Installation of Astakos on node1" section, if you don't remember why this |
638 | 138253bc | Constantinos Venetsanopoulos | should happen. Now, install the pithos web interface: |
639 | a96ec00f | Constantinos Venetsanopoulos | |
640 | 138253bc | Constantinos Venetsanopoulos | .. code-block:: console |
641 | 138253bc | Constantinos Venetsanopoulos | |
642 | 138253bc | Constantinos Venetsanopoulos | # apt-get install snf-pithos-webclient |
643 | 138253bc | Constantinos Venetsanopoulos | |
644 | 138253bc | Constantinos Venetsanopoulos | This package provides the standalone pithos web client. The web client is the |
645 | 138253bc | Constantinos Venetsanopoulos | web UI for pithos+ and will be accessible by clicking "pithos+" on the Astakos |
646 | 138253bc | Constantinos Venetsanopoulos | interface's cloudbar, at the top of the Astakos homepage. |
647 | a96ec00f | Constantinos Venetsanopoulos | |
648 | caa6c07d | Constantinos Venetsanopoulos | |
649 | a96ec00f | Constantinos Venetsanopoulos | Configuration of Pithos+ |
650 | a96ec00f | Constantinos Venetsanopoulos | ======================== |
651 | a96ec00f | Constantinos Venetsanopoulos | |
652 | a96ec00f | Constantinos Venetsanopoulos | Conf Files |
653 | a96ec00f | Constantinos Venetsanopoulos | ---------- |
654 | a96ec00f | Constantinos Venetsanopoulos | |
655 | a96ec00f | Constantinos Venetsanopoulos | After pithos+ is successfully installed, you will find the directory |
656 | a96ec00f | Constantinos Venetsanopoulos | ``/etc/synnefo`` and some configuration files inside it, as you did in node1 |
657 | a96ec00f | Constantinos Venetsanopoulos | after installation of astakos. Here, you will not have to change anything that |
658 | a96ec00f | Constantinos Venetsanopoulos | has to do with snf-common or snf-webproject. Everything is set at node1. You |
659 | 138253bc | Constantinos Venetsanopoulos | only need to change settings that have to do with pithos+. Specifically: |
660 | a96ec00f | Constantinos Venetsanopoulos | |
661 | a96ec00f | Constantinos Venetsanopoulos | Edit ``/etc/synnefo/20-snf-pithos-app-settings.conf``. There you need to set |
662 | a96ec00f | Constantinos Venetsanopoulos | only the two options: |
663 | a96ec00f | Constantinos Venetsanopoulos | |
664 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
665 | a96ec00f | Constantinos Venetsanopoulos | |
666 | a96ec00f | Constantinos Venetsanopoulos | PITHOS_BACKEND_DB_CONNECTION = 'postgresql://synnefo:example_passw0rd@node1.example.com:5432/snf_pithos' |
667 | a96ec00f | Constantinos Venetsanopoulos | |
668 | a96ec00f | Constantinos Venetsanopoulos | PITHOS_BACKEND_BLOCK_PATH = '/srv/pithos/data' |
669 | bdfd94c9 | Constantinos Venetsanopoulos | |
670 | 01bd066a | Sofia Papagiannaki | PITHOS_AUTHENTICATION_URL = 'https://node1.example.com/im/authenticate' |
671 | 01bd066a | Sofia Papagiannaki | PITHOS_AUTHENTICATION_USERS = None |
672 | a96ec00f | Constantinos Venetsanopoulos | |
673 | bdfd94c9 | Constantinos Venetsanopoulos | The ``PITHOS_BACKEND_DB_CONNECTION`` option tells to the pithos+ app where to |
674 | bdfd94c9 | Constantinos Venetsanopoulos | find the pithos+ backend database. Above we tell pithos+ that its database is |
675 | bdfd94c9 | Constantinos Venetsanopoulos | ``snf_pithos`` at node1 and to connect as user ``synnefo`` with password |
676 | bdfd94c9 | Constantinos Venetsanopoulos | ``example_passw0rd``. All those settings where setup during node1's "Database |
677 | bdfd94c9 | Constantinos Venetsanopoulos | setup" section. |
678 | a96ec00f | Constantinos Venetsanopoulos | |
679 | bdfd94c9 | Constantinos Venetsanopoulos | The ``PITHOS_BACKEND_BLOCK_PATH`` option tells to the pithos+ app where to find |
680 | bdfd94c9 | Constantinos Venetsanopoulos | the pithos+ backend data. Above we tell pithos+ to store its data under |
681 | a96ec00f | Constantinos Venetsanopoulos | ``/srv/pithos/data``, which is visible by both nodes. We have already setup this |
682 | a96ec00f | Constantinos Venetsanopoulos | directory at node1's "Pithos+ data directory setup" section. |
683 | a96ec00f | Constantinos Venetsanopoulos | |
684 | 8f85321e | Sofia Papagiannaki | The ``PITHOS_AUTHENTICATION_URL`` option tells to the pithos+ app in which URI |
685 | bdfd94c9 | Constantinos Venetsanopoulos | is available the astakos authentication api. If not set, pithos+ tries to |
686 | 8f85321e | Sofia Papagiannaki | authenticate using the ``PITHOS_AUTHENTICATION_USERS`` user pool. |
687 | 8f85321e | Sofia Papagiannaki | |
688 | 138253bc | Constantinos Venetsanopoulos | Then we need to setup the web UI and connect it to astakos. To do so, edit |
689 | 138253bc | Constantinos Venetsanopoulos | ``/etc/synnefo/20-snf-pithos-webclient-settings.conf``: |
690 | 138253bc | Constantinos Venetsanopoulos | |
691 | 138253bc | Constantinos Venetsanopoulos | .. code-block:: console |
692 | 138253bc | Constantinos Venetsanopoulos | |
693 | 138253bc | Constantinos Venetsanopoulos | PITHOS_UI_LOGIN_URL = "https://node1.example.com/im/login?next=" |
694 | 138253bc | Constantinos Venetsanopoulos | PITHOS_UI_FEEDBACK_URL = "https://node1.example.com/im/feedback" |
695 | 138253bc | Constantinos Venetsanopoulos | |
696 | 138253bc | Constantinos Venetsanopoulos | The ``PITHOS_UI_LOGIN_URL`` option tells the client where to redirect you, if |
697 | 138253bc | Constantinos Venetsanopoulos | you are not logged in. The ``PITHOS_UI_FEEDBACK_URL`` option points at the |
698 | 138253bc | Constantinos Venetsanopoulos | pithos+ feedback form. Astakos already provides a generic feedback form for all |
699 | 138253bc | Constantinos Venetsanopoulos | services, so we use this one. |
700 | 138253bc | Constantinos Venetsanopoulos | |
701 | 138253bc | Constantinos Venetsanopoulos | Then edit ``/etc/synnefo/20-snf-pithos-webclient-cloudbar.conf``, to connect the |
702 | 138253bc | Constantinos Venetsanopoulos | pithos+ web UI with the astakos web UI (through the top cloudbar): |
703 | 138253bc | Constantinos Venetsanopoulos | |
704 | 138253bc | Constantinos Venetsanopoulos | .. code-block:: console |
705 | 138253bc | Constantinos Venetsanopoulos | |
706 | 138253bc | Constantinos Venetsanopoulos | CLOUDBAR_LOCATION = 'https://node1.example.com/static/im/cloudbar/' |
707 | bdfd94c9 | Constantinos Venetsanopoulos | PITHOS_UI_CLOUDBAR_ACTIVE_SERVICE = 'pithos' |
708 | 138253bc | Constantinos Venetsanopoulos | CLOUDBAR_SERVICES_URL = 'https://node1.example.com/im/get_services' |
709 | 138253bc | Constantinos Venetsanopoulos | CLOUDBAR_MENU_URL = 'https://node1.example.com/im/get_menu' |
710 | 138253bc | Constantinos Venetsanopoulos | |
711 | 138253bc | Constantinos Venetsanopoulos | The ``CLOUDBAR_LOCATION`` tells the client where to find the astakos common |
712 | 138253bc | Constantinos Venetsanopoulos | cloudbar. |
713 | 138253bc | Constantinos Venetsanopoulos | |
714 | bdfd94c9 | Constantinos Venetsanopoulos | The ``PITHOS_UI_CLOUDBAR_ACTIVE_SERVICE`` registers the client as a new service |
715 | bdfd94c9 | Constantinos Venetsanopoulos | served by astakos. It's name should be identical with the ``id`` name given at |
716 | bdfd94c9 | Constantinos Venetsanopoulos | the astakos' ``ASTAKOS_CLOUD_SERVICES`` variable. Note that at the Astakos "Conf |
717 | 138253bc | Constantinos Venetsanopoulos | Files" section, we actually set the third item of the ``ASTAKOS_CLOUD_SERVICES`` |
718 | bdfd94c9 | Constantinos Venetsanopoulos | list, to the dictionary: ``{ 'url':'https://nod...', 'name':'pithos+', |
719 | bdfd94c9 | Constantinos Venetsanopoulos | 'id':'pithos }``. This item represents the pithos+ service. The ``id`` we set |
720 | bdfd94c9 | Constantinos Venetsanopoulos | there, is the ``id`` we want here. |
721 | 138253bc | Constantinos Venetsanopoulos | |
722 | 138253bc | Constantinos Venetsanopoulos | The ``CLOUDBAR_SERVICES_URL`` and ``CLOUDBAR_MENU_URL`` options are used by the |
723 | 138253bc | Constantinos Venetsanopoulos | pithos+ web client to get from astakos all the information needed to fill its |
724 | bdfd94c9 | Constantinos Venetsanopoulos | own cloudbar. So we put our astakos deployment urls there. |
725 | 138253bc | Constantinos Venetsanopoulos | |
726 | a96ec00f | Constantinos Venetsanopoulos | Servers Initialization |
727 | a96ec00f | Constantinos Venetsanopoulos | ---------------------- |
728 | a96ec00f | Constantinos Venetsanopoulos | |
729 | a96ec00f | Constantinos Venetsanopoulos | After configuration is done, we initialize the servers on node2: |
730 | a96ec00f | Constantinos Venetsanopoulos | |
731 | a96ec00f | Constantinos Venetsanopoulos | .. code-block:: console |
732 | a96ec00f | Constantinos Venetsanopoulos | |
733 | a96ec00f | Constantinos Venetsanopoulos | root@node2:~ # /etc/init.d/gunicorn restart |
734 | a96ec00f | Constantinos Venetsanopoulos | root@node2:~ # /etc/init.d/apache2 restart |
735 | a96ec00f | Constantinos Venetsanopoulos | |
736 | a96ec00f | Constantinos Venetsanopoulos | You have now finished the Pithos+ setup. Let's test it now. |
737 | a96ec00f | Constantinos Venetsanopoulos | |
738 | a96ec00f | Constantinos Venetsanopoulos | |
739 | a96ec00f | Constantinos Venetsanopoulos | Testing of Pithos+ |
740 | a96ec00f | Constantinos Venetsanopoulos | ================== |
741 | a96ec00f | Constantinos Venetsanopoulos | |
742 | bdfd94c9 | Constantinos Venetsanopoulos | Open your browser and go to the Astakos homepage: |
743 | bdfd94c9 | Constantinos Venetsanopoulos | |
744 | bdfd94c9 | Constantinos Venetsanopoulos | ``http://node1.example.com/im`` |
745 | bdfd94c9 | Constantinos Venetsanopoulos | |
746 | bdfd94c9 | Constantinos Venetsanopoulos | Login, and you will see your profile page. Now, click the "pithos+" link on the |
747 | bdfd94c9 | Constantinos Venetsanopoulos | top black cloudbar. If everything was setup correctly, this will redirect you |
748 | bdfd94c9 | Constantinos Venetsanopoulos | to: |
749 | bdfd94c9 | Constantinos Venetsanopoulos | |
750 | bdfd94c9 | Constantinos Venetsanopoulos | ``https://node2.example.com/ui`` |
751 | bdfd94c9 | Constantinos Venetsanopoulos | |
752 | bdfd94c9 | Constantinos Venetsanopoulos | and you will see the blue interface of the Pithos+ application. Click the |
753 | bdfd94c9 | Constantinos Venetsanopoulos | orange "Upload" button and upload your first file. If the file gets uploaded |
754 | bdfd94c9 | Constantinos Venetsanopoulos | successfully, then this is your first sign of a successful Pithos+ installation. |
755 | bdfd94c9 | Constantinos Venetsanopoulos | Go ahead and experiment with the interface to make sure everything works |
756 | bdfd94c9 | Constantinos Venetsanopoulos | correctly. |
757 | bdfd94c9 | Constantinos Venetsanopoulos | |
758 | bdfd94c9 | Constantinos Venetsanopoulos | You can also use the Pithos+ clients to sync data from your Windows PC or MAC. |
759 | bdfd94c9 | Constantinos Venetsanopoulos | |
760 | bdfd94c9 | Constantinos Venetsanopoulos | If you don't stumble on any problems, then you have successfully installed |
761 | bdfd94c9 | Constantinos Venetsanopoulos | Pithos+, which you can use as a standalone File Storage Service. |
762 | bdfd94c9 | Constantinos Venetsanopoulos | |
763 | bdfd94c9 | Constantinos Venetsanopoulos | If you would like to do more, such as: |
764 | bdfd94c9 | Constantinos Venetsanopoulos | |
765 | bdfd94c9 | Constantinos Venetsanopoulos | * Spawning VMs |
766 | bdfd94c9 | Constantinos Venetsanopoulos | * Spawning VMs from Images stored on Pithos+ |
767 | bdfd94c9 | Constantinos Venetsanopoulos | * Uploading your custom Images to Pithos+ |
768 | bdfd94c9 | Constantinos Venetsanopoulos | * Spawning VMs from those custom Images |
769 | bdfd94c9 | Constantinos Venetsanopoulos | * Registering existing Pithos+ files as Images |
770 | 7a8df455 | Constantinos Venetsanopoulos | * Connect VMs to the Internet |
771 | 7a8df455 | Constantinos Venetsanopoulos | * Create Private Networks |
772 | 7a8df455 | Constantinos Venetsanopoulos | * Add VMs to Private Networks |
773 | bdfd94c9 | Constantinos Venetsanopoulos | |
774 | bdfd94c9 | Constantinos Venetsanopoulos | please continue with the rest of the guide. |
775 | a96ec00f | Constantinos Venetsanopoulos | |
776 | caa6c07d | Constantinos Venetsanopoulos | |
777 | 7a8df455 | Constantinos Venetsanopoulos | Cyclades (and Plankton) Prerequisites |
778 | 7a8df455 | Constantinos Venetsanopoulos | ===================================== |
779 | bc055d09 | Constantinos Venetsanopoulos | |
780 | caa6c07d | Constantinos Venetsanopoulos | Before proceeding with the Cyclades (and Plankton) installation, make sure you |
781 | caa6c07d | Constantinos Venetsanopoulos | have successfully set up Astakos and Pithos+ first, because Cyclades depends |
782 | caa6c07d | Constantinos Venetsanopoulos | on them. If you don't have a working Astakos and Pithos+ installation yet, |
783 | caa6c07d | Constantinos Venetsanopoulos | please return to the :ref:`top <quick-install-admin-guide>` of this guide. |
784 | bc055d09 | Constantinos Venetsanopoulos | |
785 | caa6c07d | Constantinos Venetsanopoulos | Besides Astakos and Pithos+, you will also need a number of additional working |
786 | caa6c07d | Constantinos Venetsanopoulos | prerequisites, before you start the Cyclades installation. |
787 | bc055d09 | Constantinos Venetsanopoulos | |
788 | caa6c07d | Constantinos Venetsanopoulos | Ganeti |
789 | 7a8df455 | Constantinos Venetsanopoulos | ------ |
790 | bc055d09 | Constantinos Venetsanopoulos | |
791 | caa6c07d | Constantinos Venetsanopoulos | `Ganeti <http://code.google.com/p/ganeti/>`_ handles the low level VM management |
792 | caa6c07d | Constantinos Venetsanopoulos | for Cyclades, so Cyclades requires a working Ganeti installation at the backend. |
793 | caa6c07d | Constantinos Venetsanopoulos | Please refer to the |
794 | caa6c07d | Constantinos Venetsanopoulos | `ganeti documentation <http://docs.ganeti.org/ganeti/2.5/html>`_ for all the |
795 | bc055d09 | Constantinos Venetsanopoulos | gory details. A successful Ganeti installation concludes with a working |
796 | caa6c07d | Constantinos Venetsanopoulos | :ref:`GANETI-MASTER <GANETI_NODES>` and a number of :ref:`GANETI-NODEs |
797 | caa6c07d | Constantinos Venetsanopoulos | <GANETI_NODES>`. |
798 | caa6c07d | Constantinos Venetsanopoulos | |
799 | caa6c07d | Constantinos Venetsanopoulos | The above Ganeti cluster can run on different physical machines than node1 and |
800 | caa6c07d | Constantinos Venetsanopoulos | node2 and can scale independently, according to your needs. |
801 | caa6c07d | Constantinos Venetsanopoulos | |
802 | caa6c07d | Constantinos Venetsanopoulos | For the purpose of this guide, we will assume that the :ref:`GANETI-MASTER |
803 | caa6c07d | Constantinos Venetsanopoulos | <GANETI_NODES>` runs on node1 and is VM-capable. Also, node2 is a |
804 | caa6c07d | Constantinos Venetsanopoulos | :ref:`GANETI-NODE <GANETI_NODES>` and is Master-capable and VM-capable too. |
805 | caa6c07d | Constantinos Venetsanopoulos | |
806 | caa6c07d | Constantinos Venetsanopoulos | We highly recommend that you read the official Ganeti documentation, if you are |
807 | caa6c07d | Constantinos Venetsanopoulos | not familiar with Ganeti. If you are extremely impatient, you can result with |
808 | caa6c07d | Constantinos Venetsanopoulos | the above assumed setup by running: |
809 | caa6c07d | Constantinos Venetsanopoulos | |
810 | caa6c07d | Constantinos Venetsanopoulos | .. code-block:: console |
811 | caa6c07d | Constantinos Venetsanopoulos | |
812 | caa6c07d | Constantinos Venetsanopoulos | root@node1:~ # apt-get install ganeti2 |
813 | caa6c07d | Constantinos Venetsanopoulos | root@node1:~ # apt-get install ganeti-htools |
814 | caa6c07d | Constantinos Venetsanopoulos | root@node2:~ # apt-get install ganeti2 |
815 | caa6c07d | Constantinos Venetsanopoulos | root@node2:~ # apt-get install ganeti-htools |
816 | caa6c07d | Constantinos Venetsanopoulos | |
817 | caa6c07d | Constantinos Venetsanopoulos | We assume that Ganeti will use the KVM hypervisor. After installing Ganeti on |
818 | caa6c07d | Constantinos Venetsanopoulos | both nodes, choose a domain name that resolves to a valid floating IP (let's say |
819 | caa6c07d | Constantinos Venetsanopoulos | it's ``ganeti.node1.example.com``). Make sure node1 and node2 have root access |
820 | caa6c07d | Constantinos Venetsanopoulos | between each other using ssh keys and not passwords. Also, make sure there is an |
821 | caa6c07d | Constantinos Venetsanopoulos | lvm volume group named ``ganeti`` that will host your VMs' disks. Finally, setup |
822 | caa6c07d | Constantinos Venetsanopoulos | a bridge interface on the host machines (e.g:: br0). Then run on node1: |
823 | caa6c07d | Constantinos Venetsanopoulos | |
824 | caa6c07d | Constantinos Venetsanopoulos | .. code-block:: console |
825 | caa6c07d | Constantinos Venetsanopoulos | |
826 | caa6c07d | Constantinos Venetsanopoulos | root@node1:~ # gnt-cluster init --enabled-hypervisors=kvm --no-ssh-init |
827 | caa6c07d | Constantinos Venetsanopoulos | --no-etc-hosts --vg-name=ganeti |
828 | caa6c07d | Constantinos Venetsanopoulos | --nic-parameters link=br0 --master-netdev eth0 |
829 | caa6c07d | Constantinos Venetsanopoulos | ganeti.node1.example.com |
830 | caa6c07d | Constantinos Venetsanopoulos | root@node1:~ # gnt-cluster modify --default-iallocator hail |
831 | caa6c07d | Constantinos Venetsanopoulos | root@node1:~ # gnt-cluster modify --hypervisor-parameters kvm:kernel_path= |
832 | caa6c07d | Constantinos Venetsanopoulos | root@node1:~ # gnt-cluster modify --hypervisor-parameters kvm:vnc_bind_address=0.0.0.0 |
833 | caa6c07d | Constantinos Venetsanopoulos | |
834 | caa6c07d | Constantinos Venetsanopoulos | root@node1:~ # gnt-node add --no-node-setup --master-capable=yes |
835 | caa6c07d | Constantinos Venetsanopoulos | --vm-capable=yes node2.example.com |
836 | caa6c07d | Constantinos Venetsanopoulos | |
837 | caa6c07d | Constantinos Venetsanopoulos | For any problems you may stumble upon installing Ganeti, please refer to the |
838 | caa6c07d | Constantinos Venetsanopoulos | `official documentation <http://docs.ganeti.org/ganeti/2.5/html>`_. Installation |
839 | caa6c07d | Constantinos Venetsanopoulos | of Ganeti is out of the scope of this guide. |
840 | caa6c07d | Constantinos Venetsanopoulos | |
841 | caa6c07d | Constantinos Venetsanopoulos | .. _cyclades-install-snfimage: |
842 | caa6c07d | Constantinos Venetsanopoulos | |
843 | caa6c07d | Constantinos Venetsanopoulos | snf-image |
844 | 7a8df455 | Constantinos Venetsanopoulos | --------- |
845 | caa6c07d | Constantinos Venetsanopoulos | |
846 | caa6c07d | Constantinos Venetsanopoulos | Installation |
847 | 7a8df455 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~ |
848 | caa6c07d | Constantinos Venetsanopoulos | For :ref:`Cyclades <cyclades>` to be able to launch VMs from specified Images, |
849 | caa6c07d | Constantinos Venetsanopoulos | you need the :ref:`snf-image <snf-image>` OS Definition installed on *all* |
850 | caa6c07d | Constantinos Venetsanopoulos | VM-capable Ganeti nodes. This means we need :ref:`snf-image <snf-image>` on |
851 | caa6c07d | Constantinos Venetsanopoulos | node1 and node2. You can do this by running on *both* nodes: |
852 | caa6c07d | Constantinos Venetsanopoulos | |
853 | caa6c07d | Constantinos Venetsanopoulos | .. code-block:: console |
854 | caa6c07d | Constantinos Venetsanopoulos | |
855 | caa6c07d | Constantinos Venetsanopoulos | # apt-get install snf-image-host |
856 | caa6c07d | Constantinos Venetsanopoulos | |
857 | caa6c07d | Constantinos Venetsanopoulos | Now, you need to download and save the corresponding helper package. Please see |
858 | caa6c07d | Constantinos Venetsanopoulos | `here <https://code.grnet.gr/projects/snf-image/files>`_ for the latest package. Let's |
859 | caa6c07d | Constantinos Venetsanopoulos | assume that you installed snf-image-host version 0.3.5-1. Then, you need |
860 | caa6c07d | Constantinos Venetsanopoulos | snf-image-helper v0.3.5-1 on *both* nodes: |
861 | caa6c07d | Constantinos Venetsanopoulos | |
862 | caa6c07d | Constantinos Venetsanopoulos | .. code-block:: console |
863 | caa6c07d | Constantinos Venetsanopoulos | |
864 | caa6c07d | Constantinos Venetsanopoulos | # cd /var/lib/snf-image/helper/ |
865 | caa6c07d | Constantinos Venetsanopoulos | # wget https://code.grnet.gr/attachments/download/1058/snf-image-helper_0.3.5-1_all.deb |
866 | caa6c07d | Constantinos Venetsanopoulos | |
867 | caa6c07d | Constantinos Venetsanopoulos | .. warning:: Be careful: Do NOT install the snf-image-helper debian package. |
868 | caa6c07d | Constantinos Venetsanopoulos | Just put it under /var/lib/snf-image/helper/ |
869 | caa6c07d | Constantinos Venetsanopoulos | |
870 | caa6c07d | Constantinos Venetsanopoulos | Once, you have downloaded the snf-image-helper package, create the helper VM by |
871 | caa6c07d | Constantinos Venetsanopoulos | running on *both* nodes: |
872 | caa6c07d | Constantinos Venetsanopoulos | |
873 | caa6c07d | Constantinos Venetsanopoulos | .. code-block:: console |
874 | caa6c07d | Constantinos Venetsanopoulos | |
875 | caa6c07d | Constantinos Venetsanopoulos | # ln -s snf-image-helper_0.3.5-1_all.deb snf-image-helper.deb |
876 | caa6c07d | Constantinos Venetsanopoulos | # snf-image-update-helper |
877 | caa6c07d | Constantinos Venetsanopoulos | |
878 | caa6c07d | Constantinos Venetsanopoulos | This will create all the needed files under ``/var/lib/snf-image/helper/`` for |
879 | caa6c07d | Constantinos Venetsanopoulos | snf-image-host to run successfully. |
880 | caa6c07d | Constantinos Venetsanopoulos | |
881 | caa6c07d | Constantinos Venetsanopoulos | Configuration |
882 | 7a8df455 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~ |
883 | caa6c07d | Constantinos Venetsanopoulos | snf-image supports native access to Images stored on Pithos+. This means that |
884 | caa6c07d | Constantinos Venetsanopoulos | snf-image can talk directly to the Pithos+ backend, without the need of providing |
885 | caa6c07d | Constantinos Venetsanopoulos | a public URL. More details, are described in the next section. For now, the only |
886 | caa6c07d | Constantinos Venetsanopoulos | thing we need to do, is configure snf-image to access our Pithos+ backend. |
887 | caa6c07d | Constantinos Venetsanopoulos | |
888 | caa6c07d | Constantinos Venetsanopoulos | To do this, we need to set the corresponding variables in |
889 | caa6c07d | Constantinos Venetsanopoulos | ``/etc/default/snf-image``, to reflect our Pithos+ setup: |
890 | caa6c07d | Constantinos Venetsanopoulos | |
891 | caa6c07d | Constantinos Venetsanopoulos | .. code-block:: console |
892 | caa6c07d | Constantinos Venetsanopoulos | |
893 | caa6c07d | Constantinos Venetsanopoulos | PITHOS_DB="postgresql://synnefo:example_passw0rd@node1.example.com:5432/snf_pithos" |
894 | caa6c07d | Constantinos Venetsanopoulos | |
895 | caa6c07d | Constantinos Venetsanopoulos | PITHOS_DATA="/srv/pithos/data" |
896 | caa6c07d | Constantinos Venetsanopoulos | |
897 | caa6c07d | Constantinos Venetsanopoulos | If you have installed your Ganeti cluster on different nodes than node1 and node2 make |
898 | caa6c07d | Constantinos Venetsanopoulos | sure that ``/srv/pithos/data`` is visible by all of them. |
899 | caa6c07d | Constantinos Venetsanopoulos | |
900 | caa6c07d | Constantinos Venetsanopoulos | If you would like to use Images that are also/only stored locally, you need to |
901 | caa6c07d | Constantinos Venetsanopoulos | save them under ``IMAGE_DIR``, however this guide targets Images stored only on |
902 | caa6c07d | Constantinos Venetsanopoulos | Pithos+. |
903 | caa6c07d | Constantinos Venetsanopoulos | |
904 | caa6c07d | Constantinos Venetsanopoulos | Testing |
905 | 7a8df455 | Constantinos Venetsanopoulos | ~~~~~~~ |
906 | caa6c07d | Constantinos Venetsanopoulos | You can test that snf-image is successfully installed by running on the |
907 | caa6c07d | Constantinos Venetsanopoulos | :ref:`GANETI-MASTER <GANETI_NODES>` (in our case node1): |
908 | caa6c07d | Constantinos Venetsanopoulos | |
909 | caa6c07d | Constantinos Venetsanopoulos | .. code-block:: console |
910 | caa6c07d | Constantinos Venetsanopoulos | |
911 | caa6c07d | Constantinos Venetsanopoulos | # gnt-os diagnose |
912 | caa6c07d | Constantinos Venetsanopoulos | |
913 | caa6c07d | Constantinos Venetsanopoulos | This should return ``valid`` for snf-image. |
914 | caa6c07d | Constantinos Venetsanopoulos | |
915 | caa6c07d | Constantinos Venetsanopoulos | If you are interested to learn more about snf-image's internals (and even use |
916 | caa6c07d | Constantinos Venetsanopoulos | it alongside Ganeti without Synnefo), please see |
917 | caa6c07d | Constantinos Venetsanopoulos | `here <https://code.grnet.gr/projects/snf-image/wiki>`_ for information concerning |
918 | caa6c07d | Constantinos Venetsanopoulos | installation instructions, documentation on the design and implementation, and |
919 | caa6c07d | Constantinos Venetsanopoulos | supported Image formats. |
920 | caa6c07d | Constantinos Venetsanopoulos | |
921 | caa6c07d | Constantinos Venetsanopoulos | snf-image's actual Images |
922 | 7a8df455 | Constantinos Venetsanopoulos | ------------------------- |
923 | caa6c07d | Constantinos Venetsanopoulos | |
924 | caa6c07d | Constantinos Venetsanopoulos | Now that snf-image is installed successfully we need to provide it with some |
925 | caa6c07d | Constantinos Venetsanopoulos | Images. :ref:`snf-image <snf-image>` supports Images stored in ``extdump``, |
926 | caa6c07d | Constantinos Venetsanopoulos | ``ntfsdump`` or ``diskdump`` format. We recommend the use of the ``diskdump`` |
927 | caa6c07d | Constantinos Venetsanopoulos | format. For more information about snf-image's Image formats see `here |
928 | caa6c07d | Constantinos Venetsanopoulos | <https://code.grnet.gr/projects/snf-image/wiki/Image_Format>`_. |
929 | caa6c07d | Constantinos Venetsanopoulos | |
930 | caa6c07d | Constantinos Venetsanopoulos | :ref:`snf-image <snf-image>` also supports three (3) different locations for the |
931 | caa6c07d | Constantinos Venetsanopoulos | above Images to be stored: |
932 | caa6c07d | Constantinos Venetsanopoulos | |
933 | caa6c07d | Constantinos Venetsanopoulos | * Under a local folder (usually an NFS mount, configurable as ``IMAGE_DIR`` in |
934 | caa6c07d | Constantinos Venetsanopoulos | :file:`/etc/default/snf-image`) |
935 | caa6c07d | Constantinos Venetsanopoulos | * On a remote host (accessible via a public URL e.g: http://... or ftp://...) |
936 | caa6c07d | Constantinos Venetsanopoulos | * On Pithos+ (accessible natively, not only by its public URL) |
937 | caa6c07d | Constantinos Venetsanopoulos | |
938 | caa6c07d | Constantinos Venetsanopoulos | For the purpose of this guide, we will use the `Debian Squeeze Base Image |
939 | caa6c07d | Constantinos Venetsanopoulos | <https://pithos.okeanos.grnet.gr/public/9epgb>`_ found on the official |
940 | caa6c07d | Constantinos Venetsanopoulos | `snf-image page |
941 | caa6c07d | Constantinos Venetsanopoulos | <https://code.grnet.gr/projects/snf-image/wiki#Sample-Images>`_. The image is |
942 | caa6c07d | Constantinos Venetsanopoulos | of type ``diskdump``. We will store it in our new Pithos+ installation. |
943 | caa6c07d | Constantinos Venetsanopoulos | |
944 | caa6c07d | Constantinos Venetsanopoulos | To do so, do the following: |
945 | caa6c07d | Constantinos Venetsanopoulos | |
946 | caa6c07d | Constantinos Venetsanopoulos | a) Download the Image from the official snf-image page (`image link |
947 | caa6c07d | Constantinos Venetsanopoulos | <https://pithos.okeanos.grnet.gr/public/9epgb>`_). |
948 | caa6c07d | Constantinos Venetsanopoulos | |
949 | caa6c07d | Constantinos Venetsanopoulos | b) Upload the Image to your Pithos+ installation, either using the Pithos+ Web UI |
950 | caa6c07d | Constantinos Venetsanopoulos | or the command line client `kamaki |
951 | caa6c07d | Constantinos Venetsanopoulos | <http://docs.dev.grnet.gr/kamaki/latest/index.html>`_. |
952 | caa6c07d | Constantinos Venetsanopoulos | |
953 | caa6c07d | Constantinos Venetsanopoulos | Once the Image is uploaded successfully, download the Image's metadata file |
954 | caa6c07d | Constantinos Venetsanopoulos | from the official snf-image page (`image_metadata link |
955 | caa6c07d | Constantinos Venetsanopoulos | <https://pithos.okeanos.grnet.gr/public/gwqcv>`_). You will need it, for |
956 | caa6c07d | Constantinos Venetsanopoulos | spawning a VM from Ganeti, in the next section. |
957 | caa6c07d | Constantinos Venetsanopoulos | |
958 | caa6c07d | Constantinos Venetsanopoulos | Of course, you can repeat the procedure to upload more Images, available from the |
959 | caa6c07d | Constantinos Venetsanopoulos | `official snf-image page |
960 | caa6c07d | Constantinos Venetsanopoulos | <https://code.grnet.gr/projects/snf-image/wiki#Sample-Images>`_. |
961 | caa6c07d | Constantinos Venetsanopoulos | |
962 | caa6c07d | Constantinos Venetsanopoulos | Spawning a VM from a Pithos+ Image, using Ganeti |
963 | 7a8df455 | Constantinos Venetsanopoulos | ------------------------------------------------ |
964 | caa6c07d | Constantinos Venetsanopoulos | |
965 | caa6c07d | Constantinos Venetsanopoulos | Now, it is time to test our installation so far. So, we have Astakos and |
966 | caa6c07d | Constantinos Venetsanopoulos | Pithos+ installed, we have a working Ganeti installation, the snf-image |
967 | caa6c07d | Constantinos Venetsanopoulos | definition installed on all VM-capable nodes and a Debian Squeeze Image on |
968 | caa6c07d | Constantinos Venetsanopoulos | Pithos+. Make sure you also have the `metadata file |
969 | caa6c07d | Constantinos Venetsanopoulos | <https://pithos.okeanos.grnet.gr/public/gwqcv>`_ for this image. |
970 | caa6c07d | Constantinos Venetsanopoulos | |
971 | caa6c07d | Constantinos Venetsanopoulos | Run on the :ref:`GANETI-MASTER's <GANETI_NODES>` (node1) command line: |
972 | caa6c07d | Constantinos Venetsanopoulos | |
973 | caa6c07d | Constantinos Venetsanopoulos | .. code-block:: console |
974 | caa6c07d | Constantinos Venetsanopoulos | |
975 | caa6c07d | Constantinos Venetsanopoulos | # gnt-instance add -o snf-image+default --os-parameters |
976 | caa6c07d | Constantinos Venetsanopoulos | img_passwd=my_vm_example_passw0rd, |
977 | caa6c07d | Constantinos Venetsanopoulos | img_format=diskdump, |
978 | caa6c07d | Constantinos Venetsanopoulos | img_id="pithos://user@example.com/pithos/debian_base-6.0-7-x86_64.diskdump", |
979 | caa6c07d | Constantinos Venetsanopoulos | img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}' |
980 | caa6c07d | Constantinos Venetsanopoulos | -t plain --disk 0:size=2G --no-name-check --no-ip-check |
981 | caa6c07d | Constantinos Venetsanopoulos | testvm1 |
982 | caa6c07d | Constantinos Venetsanopoulos | |
983 | caa6c07d | Constantinos Venetsanopoulos | In the above command: |
984 | caa6c07d | Constantinos Venetsanopoulos | |
985 | caa6c07d | Constantinos Venetsanopoulos | * ``img_passwd``: the arbitrary root password of your new instance |
986 | caa6c07d | Constantinos Venetsanopoulos | * ``img_format``: set to ``diskdump`` to reflect the type of the uploaded Image |
987 | caa6c07d | Constantinos Venetsanopoulos | * ``img_id``: If you want to deploy an Image stored on Pithos+ (our case), this |
988 | caa6c07d | Constantinos Venetsanopoulos | should have the format |
989 | caa6c07d | Constantinos Venetsanopoulos | ``pithos://<username>/<container>/<filename>``: |
990 | caa6c07d | Constantinos Venetsanopoulos | * ``username``: ``user@example.com`` (defined during Astakos sign up) |
991 | caa6c07d | Constantinos Venetsanopoulos | * ``container``: ``pithos`` (default, if the Web UI was used) |
992 | caa6c07d | Constantinos Venetsanopoulos | * ``filename``: the name of file (visible also from the Web UI) |
993 | caa6c07d | Constantinos Venetsanopoulos | * ``img_properties``: taken from the metadata file. Used only the two mandatory |
994 | caa6c07d | Constantinos Venetsanopoulos | properties ``OSFAMILY`` and ``ROOT_PARTITION``. `Learn more |
995 | caa6c07d | Constantinos Venetsanopoulos | <https://code.grnet.gr/projects/snf-image/wiki/Image_Format#Image-Properties>`_ |
996 | caa6c07d | Constantinos Venetsanopoulos | |
997 | caa6c07d | Constantinos Venetsanopoulos | If the ``gnt-instance add`` command returns successfully, then run: |
998 | caa6c07d | Constantinos Venetsanopoulos | |
999 | caa6c07d | Constantinos Venetsanopoulos | .. code-block:: console |
1000 | caa6c07d | Constantinos Venetsanopoulos | |
1001 | caa6c07d | Constantinos Venetsanopoulos | # gnt-instance info testvm1 | grep "console connection" |
1002 | caa6c07d | Constantinos Venetsanopoulos | |
1003 | caa6c07d | Constantinos Venetsanopoulos | to find out where to connect using VNC. If you can connect successfully and can |
1004 | caa6c07d | Constantinos Venetsanopoulos | login to your new instance using the root password ``my_vm_example_passw0rd``, |
1005 | caa6c07d | Constantinos Venetsanopoulos | then everything works as expected and you have your new Debian Base VM up and |
1006 | caa6c07d | Constantinos Venetsanopoulos | running. |
1007 | caa6c07d | Constantinos Venetsanopoulos | |
1008 | caa6c07d | Constantinos Venetsanopoulos | If ``gnt-instance add`` fails, make sure that snf-image is correctly configured |
1009 | caa6c07d | Constantinos Venetsanopoulos | to access the Pithos+ database and the Pithos+ backend data. Also, make sure |
1010 | caa6c07d | Constantinos Venetsanopoulos | you gave the correct ``img_id`` and ``img_properties``. If ``gnt-instance add`` |
1011 | caa6c07d | Constantinos Venetsanopoulos | succeeds but you cannot connect, again find out what went wrong. Do *NOT* |
1012 | caa6c07d | Constantinos Venetsanopoulos | proceed to the next steps unless you are sure everything works till this point. |
1013 | caa6c07d | Constantinos Venetsanopoulos | |
1014 | 2f6143c9 | Constantinos Venetsanopoulos | If everything works, you have successfully connected Ganeti with Pithos+. Let's |
1015 | 2f6143c9 | Constantinos Venetsanopoulos | move on to networking now. |
1016 | caa6c07d | Constantinos Venetsanopoulos | |
1017 | 2f6143c9 | Constantinos Venetsanopoulos | .. warning:: |
1018 | 7a8df455 | Constantinos Venetsanopoulos | You can bypass the networking sections and go straight to |
1019 | 2c85833e | Constantinos Venetsanopoulos | :ref:`Cyclades Ganeti tools <cyclades-gtools>`, if you do not want to setup |
1020 | 2c85833e | Constantinos Venetsanopoulos | the Cyclades Network Service, but only the Cyclades Compute Service |
1021 | 2c85833e | Constantinos Venetsanopoulos | (recommended for now). |
1022 | 2f6143c9 | Constantinos Venetsanopoulos | |
1023 | 2f6143c9 | Constantinos Venetsanopoulos | Network setup overview |
1024 | 7a8df455 | Constantinos Venetsanopoulos | ---------------------- |
1025 | 2f6143c9 | Constantinos Venetsanopoulos | |
1026 | 2f6143c9 | Constantinos Venetsanopoulos | This part is deployment-specific and must be customized based on the specific |
1027 | 2f6143c9 | Constantinos Venetsanopoulos | needs of the system administrator. However, to do so, the administrator needs |
1028 | 2f6143c9 | Constantinos Venetsanopoulos | to understand how each level handles Virtual Networks, to be able to setup the |
1029 | 2f6143c9 | Constantinos Venetsanopoulos | backend appropriately, before installing Cyclades. |
1030 | 2f6143c9 | Constantinos Venetsanopoulos | |
1031 | 2f6143c9 | Constantinos Venetsanopoulos | Network @ Cyclades level |
1032 | 7a8df455 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~ |
1033 | 2f6143c9 | Constantinos Venetsanopoulos | |
1034 | 2f6143c9 | Constantinos Venetsanopoulos | Cyclades understands two types of Virtual Networks: |
1035 | 2f6143c9 | Constantinos Venetsanopoulos | |
1036 | 2f6143c9 | Constantinos Venetsanopoulos | a) One common Public Network (Internet) |
1037 | 2f6143c9 | Constantinos Venetsanopoulos | b) One or more distinct Private Networks (L2) |
1038 | 2f6143c9 | Constantinos Venetsanopoulos | |
1039 | 2f6143c9 | Constantinos Venetsanopoulos | a) When a new VM is created, it instantly gets connected to the Public Network |
1040 | 2f6143c9 | Constantinos Venetsanopoulos | (Internet). This means it gets a public IPv4 and IPv6 and has access to the |
1041 | 2f6143c9 | Constantinos Venetsanopoulos | public Internet. |
1042 | 2f6143c9 | Constantinos Venetsanopoulos | |
1043 | 2f6143c9 | Constantinos Venetsanopoulos | b) Then each user, is able to create one or more Private Networks manually and |
1044 | 2f6143c9 | Constantinos Venetsanopoulos | add VMs inside those Private Networks. Private Networks provide Layer 2 |
1045 | 2f6143c9 | Constantinos Venetsanopoulos | connectivity. All VMs inside a Private Network are completely isolated. |
1046 | 2f6143c9 | Constantinos Venetsanopoulos | |
1047 | 2f6143c9 | Constantinos Venetsanopoulos | From the VM perspective, every Network corresponds to a distinct NIC. So, the |
1048 | 2f6143c9 | Constantinos Venetsanopoulos | above are translated as follows: |
1049 | 2f6143c9 | Constantinos Venetsanopoulos | |
1050 | 2f6143c9 | Constantinos Venetsanopoulos | a) Every newly created VM, needs at least one NIC. This NIC, connects the VM |
1051 | 2f6143c9 | Constantinos Venetsanopoulos | to the Public Network and thus should get a public IPv4 and IPv6. |
1052 | 2f6143c9 | Constantinos Venetsanopoulos | |
1053 | 2f6143c9 | Constantinos Venetsanopoulos | b) For every Private Network, the VM gets a new NIC, which is added during the |
1054 | 2f6143c9 | Constantinos Venetsanopoulos | connection of the VM to the Private Network (without an IP). This NIC should |
1055 | 2f6143c9 | Constantinos Venetsanopoulos | have L2 connectivity with all other NICs connected to this Private Network. |
1056 | 2f6143c9 | Constantinos Venetsanopoulos | |
1057 | 2f6143c9 | Constantinos Venetsanopoulos | To achieve the above, first of all, we need Network and IP Pool management support |
1058 | 2f6143c9 | Constantinos Venetsanopoulos | at Ganeti level, for Cyclades to be able to issue the corresponding commands. |
1059 | 2f6143c9 | Constantinos Venetsanopoulos | |
1060 | 2f6143c9 | Constantinos Venetsanopoulos | Network @ Ganeti level |
1061 | 7a8df455 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~ |
1062 | 2f6143c9 | Constantinos Venetsanopoulos | |
1063 | 2f6143c9 | Constantinos Venetsanopoulos | Currently, Ganeti does not support IP Pool management. However, we've been |
1064 | 2f6143c9 | Constantinos Venetsanopoulos | actively in touch with the official Ganeti team, who are reviewing a relatively |
1065 | 2f6143c9 | Constantinos Venetsanopoulos | big patchset that implements this functionality (you can find it at the |
1066 | 2f6143c9 | Constantinos Venetsanopoulos | ganeti-devel mailing list). We hope that the functionality will be merged to |
1067 | 2f6143c9 | Constantinos Venetsanopoulos | the Ganeti master branch soon and appear on Ganeti 2.7. |
1068 | 2f6143c9 | Constantinos Venetsanopoulos | |
1069 | 2f6143c9 | Constantinos Venetsanopoulos | Furthermore, currently the `~okeanos service <http://okeanos.grnet.gr>`_ uses |
1070 | 2f6143c9 | Constantinos Venetsanopoulos | the same patchset with slight differencies on top of Ganeti 2.4.5. Cyclades |
1071 | 2f6143c9 | Constantinos Venetsanopoulos | 0.9 are compatible with this old patchset and we do not guarantee that will |
1072 | 2f6143c9 | Constantinos Venetsanopoulos | work with the updated patchset sent to ganeti-devel. |
1073 | 2f6143c9 | Constantinos Venetsanopoulos | |
1074 | 2f6143c9 | Constantinos Venetsanopoulos | We do *NOT* recommend you to apply the patchset yourself on the current Ganeti |
1075 | 2f6143c9 | Constantinos Venetsanopoulos | master, unless you are an experienced Cyclades and Ganeti integrator and you |
1076 | 2f6143c9 | Constantinos Venetsanopoulos | really know what you are doing. |
1077 | 2f6143c9 | Constantinos Venetsanopoulos | |
1078 | 2f6143c9 | Constantinos Venetsanopoulos | Instead, be a little patient and we hope that everything will work out of the |
1079 | 2f6143c9 | Constantinos Venetsanopoulos | box, once the patchset makes it into the Ganeti master. When so, Cyclades will |
1080 | 2f6143c9 | Constantinos Venetsanopoulos | get updated to become compatible with that Ganeti version. |
1081 | 2f6143c9 | Constantinos Venetsanopoulos | |
1082 | 2f6143c9 | Constantinos Venetsanopoulos | Network @ Physical host level |
1083 | 7a8df455 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
1084 | 2f6143c9 | Constantinos Venetsanopoulos | |
1085 | 2f6143c9 | Constantinos Venetsanopoulos | We talked about the two types of Network from the Cyclades perspective, from the |
1086 | 2f6143c9 | Constantinos Venetsanopoulos | VMs perspective and from Ganeti's perspective. Finally, we need to talk about |
1087 | 2f6143c9 | Constantinos Venetsanopoulos | the Networks from the physical (VM container) host's perspective. |
1088 | 2f6143c9 | Constantinos Venetsanopoulos | |
1089 | 2f6143c9 | Constantinos Venetsanopoulos | If your version of Ganeti supports IP pool management, then you need to setup |
1090 | 2f6143c9 | Constantinos Venetsanopoulos | your physical hosts for the two types of Networks. For the second type |
1091 | 2f6143c9 | Constantinos Venetsanopoulos | (Private Networks), our reference installation uses a number of pre-provisioned |
1092 | 2f6143c9 | Constantinos Venetsanopoulos | bridges (one for each Network), which are connected to the corresponding number |
1093 | 2f6143c9 | Constantinos Venetsanopoulos | of pre-provisioned vlans on each physical host (node1 and node2). For the first |
1094 | 2f6143c9 | Constantinos Venetsanopoulos | type (Public Network), our reference installation uses routing over one |
1095 | 2f6143c9 | Constantinos Venetsanopoulos | preprovisioned vlan on each host (node1 and node2). It also uses the `NFDHCPD` |
1096 | 2f6143c9 | Constantinos Venetsanopoulos | package for dynamically serving specific public IPs managed by Ganeti. |
1097 | 2f6143c9 | Constantinos Venetsanopoulos | |
1098 | 2f6143c9 | Constantinos Venetsanopoulos | Public Network setup |
1099 | 7a8df455 | Constantinos Venetsanopoulos | -------------------- |
1100 | 2f6143c9 | Constantinos Venetsanopoulos | |
1101 | 2f6143c9 | Constantinos Venetsanopoulos | Physical hosts' public network setup |
1102 | 7a8df455 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
1103 | 2f6143c9 | Constantinos Venetsanopoulos | |
1104 | 2f6143c9 | Constantinos Venetsanopoulos | The physical hosts' setup is out of the scope of this guide. |
1105 | 2f6143c9 | Constantinos Venetsanopoulos | |
1106 | 2f6143c9 | Constantinos Venetsanopoulos | However, two common cases that you may want to consider (and choose from) are: |
1107 | 2f6143c9 | Constantinos Venetsanopoulos | |
1108 | 2f6143c9 | Constantinos Venetsanopoulos | a) One public bridge, where all VMs' public tap interfaces will connect. |
1109 | 2f6143c9 | Constantinos Venetsanopoulos | b) IP-less routing over the same vlan on every host. |
1110 | 2f6143c9 | Constantinos Venetsanopoulos | |
1111 | 2f6143c9 | Constantinos Venetsanopoulos | When you setup your physical hosts (node1 and node2) for the Public Network, |
1112 | 2f6143c9 | Constantinos Venetsanopoulos | then you need to inform Ganeti about the Network's IP range. |
1113 | 2f6143c9 | Constantinos Venetsanopoulos | |
1114 | 2f6143c9 | Constantinos Venetsanopoulos | Add the public network to Ganeti |
1115 | 7a8df455 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
1116 | 2f6143c9 | Constantinos Venetsanopoulos | |
1117 | 2f6143c9 | Constantinos Venetsanopoulos | Once you have Ganeti with IP pool management up and running, you need to choose |
1118 | 2f6143c9 | Constantinos Venetsanopoulos | the public network for your VMs and add it to Ganeti. Let's assume, that you |
1119 | 2f6143c9 | Constantinos Venetsanopoulos | want to assign IPs from the ``5.6.7.0/27`` range to your new VMs, with |
1120 | 2f6143c9 | Constantinos Venetsanopoulos | ``5.6.7.1`` as their gateway. You can add the network by running: |
1121 | 2f6143c9 | Constantinos Venetsanopoulos | |
1122 | 2f6143c9 | Constantinos Venetsanopoulos | .. code-block:: console |
1123 | 2f6143c9 | Constantinos Venetsanopoulos | |
1124 | 2f6143c9 | Constantinos Venetsanopoulos | # gnt-network add --network=5.6.7.0/27 --gateway=5.6.7.1 public_network |
1125 | 2f6143c9 | Constantinos Venetsanopoulos | |
1126 | 2f6143c9 | Constantinos Venetsanopoulos | Then, connect the network to all your nodegroups. We assume that we only have |
1127 | 2f6143c9 | Constantinos Venetsanopoulos | one nodegroup (``default``) in our Ganeti cluster: |
1128 | 2f6143c9 | Constantinos Venetsanopoulos | |
1129 | 2f6143c9 | Constantinos Venetsanopoulos | .. code-block:: console |
1130 | 2f6143c9 | Constantinos Venetsanopoulos | |
1131 | 2f6143c9 | Constantinos Venetsanopoulos | # gnt-network connect public_network default public_link |
1132 | 2f6143c9 | Constantinos Venetsanopoulos | |
1133 | 2f6143c9 | Constantinos Venetsanopoulos | Your new network is now ready from the Ganeti perspective. Now, we need to setup |
1134 | 2f6143c9 | Constantinos Venetsanopoulos | `NFDHCPD` to actually reply with the correct IPs (that Ganeti will choose for |
1135 | 2f6143c9 | Constantinos Venetsanopoulos | each NIC). |
1136 | 2f6143c9 | Constantinos Venetsanopoulos | |
1137 | 2f6143c9 | Constantinos Venetsanopoulos | NFDHCPD |
1138 | 7a8df455 | Constantinos Venetsanopoulos | ~~~~~~~ |
1139 | 2f6143c9 | Constantinos Venetsanopoulos | |
1140 | 2f6143c9 | Constantinos Venetsanopoulos | At this point, Ganeti knows about your preferred network, it can manage the IP |
1141 | 2f6143c9 | Constantinos Venetsanopoulos | pool and choose a specific IP for each new VM's NIC. However, the actual |
1142 | 2f6143c9 | Constantinos Venetsanopoulos | assignment of the IP to the NIC is not done by Ganeti. It is done after the VM |
1143 | 2f6143c9 | Constantinos Venetsanopoulos | boots and its dhcp client makes a request. When this is done, `NFDHCPD` will |
1144 | 2f6143c9 | Constantinos Venetsanopoulos | reply to the request with Ganeti's chosen IP. So, we need to install `NFDHCPD` |
1145 | 2f6143c9 | Constantinos Venetsanopoulos | on all VM-capable nodes of the Ganeti cluster (node1 and node2 in our case) and |
1146 | 2f6143c9 | Constantinos Venetsanopoulos | connect it to Ganeti: |
1147 | 2f6143c9 | Constantinos Venetsanopoulos | |
1148 | 2f6143c9 | Constantinos Venetsanopoulos | .. code-block:: console |
1149 | 2f6143c9 | Constantinos Venetsanopoulos | |
1150 | 2f6143c9 | Constantinos Venetsanopoulos | # apt-get install nfdhcpd |
1151 | 2f6143c9 | Constantinos Venetsanopoulos | |
1152 | 2f6143c9 | Constantinos Venetsanopoulos | Edit ``/etc/nfdhcpd/nfdhcpd.conf`` to reflect your network configuration. At |
1153 | 2f6143c9 | Constantinos Venetsanopoulos | least, set the ``dhcp_queue`` variable to ``42`` and the ``nameservers`` |
1154 | 2f6143c9 | Constantinos Venetsanopoulos | variable to your DNS IP/s. Those IPs will be passed as the DNS IP/s of your new |
1155 | 2f6143c9 | Constantinos Venetsanopoulos | VMs. Once you are finished, restart the server on all nodes: |
1156 | 2f6143c9 | Constantinos Venetsanopoulos | |
1157 | 2f6143c9 | Constantinos Venetsanopoulos | .. code-block:: console |
1158 | 2f6143c9 | Constantinos Venetsanopoulos | |
1159 | 2f6143c9 | Constantinos Venetsanopoulos | # /etc/init.d/nfdhcpd restart |
1160 | 2f6143c9 | Constantinos Venetsanopoulos | |
1161 | 2f6143c9 | Constantinos Venetsanopoulos | If you are using ``ferm``, then you need to run the following: |
1162 | 2f6143c9 | Constantinos Venetsanopoulos | |
1163 | 2f6143c9 | Constantinos Venetsanopoulos | .. code-block:: console |
1164 | 2f6143c9 | Constantinos Venetsanopoulos | |
1165 | 2f6143c9 | Constantinos Venetsanopoulos | # echo "@include 'nfdhcpd.ferm';" >> /etc/ferm/ferm.conf |
1166 | 2f6143c9 | Constantinos Venetsanopoulos | # /etc/init.d/ferm restart |
1167 | 2f6143c9 | Constantinos Venetsanopoulos | |
1168 | 2f6143c9 | Constantinos Venetsanopoulos | Now, you need to connect `NFDHCPD` with Ganeti. To do that, you need to install |
1169 | 2f6143c9 | Constantinos Venetsanopoulos | a custom KVM ifup script for use by Ganeti, as ``/etc/ganeti/kvm-vif-bridge``, |
1170 | 2f6143c9 | Constantinos Venetsanopoulos | on all VM-capable GANETI-NODEs (node1 and node2). A sample implementation is |
1171 | 2f6143c9 | Constantinos Venetsanopoulos | provided along with `snf-cyclades-gtools <snf-cyclades-gtools>`, that will |
1172 | 2f6143c9 | Constantinos Venetsanopoulos | be installed in the next sections, however you will probably need to write your |
1173 | 2f6143c9 | Constantinos Venetsanopoulos | own, according to your underlying network configuration. |
1174 | 2f6143c9 | Constantinos Venetsanopoulos | |
1175 | 2f6143c9 | Constantinos Venetsanopoulos | Testing the Public Network |
1176 | 7a8df455 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~~ |
1177 | 2f6143c9 | Constantinos Venetsanopoulos | |
1178 | 2f6143c9 | Constantinos Venetsanopoulos | So, we have setup the bridges/vlans on the physical hosts appropriately, we have |
1179 | 2f6143c9 | Constantinos Venetsanopoulos | added the desired network to Ganeti, we have installed nfdhcpd and installed the |
1180 | 2f6143c9 | Constantinos Venetsanopoulos | appropriate ``kvm-vif-bridge`` script under ``/etc/ganeti``. |
1181 | 2f6143c9 | Constantinos Venetsanopoulos | |
1182 | 2f6143c9 | Constantinos Venetsanopoulos | Now, it is time to test that the backend infrastracture is correctly setup for |
1183 | 2f6143c9 | Constantinos Venetsanopoulos | the Public Network. We assume to have used the (b) method on setting up the |
1184 | 2f6143c9 | Constantinos Venetsanopoulos | physical hosts. We will add a new VM, the same way we did it on the previous |
1185 | 2f6143c9 | Constantinos Venetsanopoulos | testing section. However, now will also add one NIC, configured to be managed |
1186 | 2f6143c9 | Constantinos Venetsanopoulos | from our previously defined network. Run on the GANETI-MASTER (node1): |
1187 | 2f6143c9 | Constantinos Venetsanopoulos | |
1188 | 2f6143c9 | Constantinos Venetsanopoulos | .. code-block:: console |
1189 | 2f6143c9 | Constantinos Venetsanopoulos | |
1190 | 2f6143c9 | Constantinos Venetsanopoulos | # gnt-instance add -o snf-image+default --os-parameters |
1191 | 2f6143c9 | Constantinos Venetsanopoulos | img_passwd=my_vm_example_passw0rd, |
1192 | 2f6143c9 | Constantinos Venetsanopoulos | img_format=diskdump, |
1193 | 2f6143c9 | Constantinos Venetsanopoulos | img_id="pithos://user@example.com/pithos/debian_base-6.0-7-x86_64.diskdump", |
1194 | 2f6143c9 | Constantinos Venetsanopoulos | img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}' |
1195 | 2f6143c9 | Constantinos Venetsanopoulos | -t plain --disk 0:size=2G --no-name-check --no-ip-check |
1196 | 2f6143c9 | Constantinos Venetsanopoulos | --net 0:ip=pool,mode=routed,link=public_link |
1197 | 2f6143c9 | Constantinos Venetsanopoulos | testvm2 |
1198 | 2f6143c9 | Constantinos Venetsanopoulos | |
1199 | 2f6143c9 | Constantinos Venetsanopoulos | If the above returns successfully, connect to the new VM and run: |
1200 | 2f6143c9 | Constantinos Venetsanopoulos | |
1201 | 2f6143c9 | Constantinos Venetsanopoulos | .. code-block:: console |
1202 | 2f6143c9 | Constantinos Venetsanopoulos | |
1203 | 2f6143c9 | Constantinos Venetsanopoulos | root@testvm2:~ # ifconfig -a |
1204 | 2f6143c9 | Constantinos Venetsanopoulos | |
1205 | 2f6143c9 | Constantinos Venetsanopoulos | If a network interface appears with an IP from you Public Network's range |
1206 | 2f6143c9 | Constantinos Venetsanopoulos | (``5.6.7.0/27``) and the corresponding gateway, then you have successfully |
1207 | 2f6143c9 | Constantinos Venetsanopoulos | connected Ganeti with `NFDHCPD` (and ``kvm-vif-bridge`` works correctly). |
1208 | 2f6143c9 | Constantinos Venetsanopoulos | |
1209 | 2f6143c9 | Constantinos Venetsanopoulos | Now ping the outside world. If this works too, then you have also configured |
1210 | 2f6143c9 | Constantinos Venetsanopoulos | correctly your physical hosts' networking. |
1211 | 2f6143c9 | Constantinos Venetsanopoulos | |
1212 | 547c78f6 | Constantinos Venetsanopoulos | Later, Cyclades will create the first NIC of every new VM by issuing an |
1213 | 547c78f6 | Constantinos Venetsanopoulos | analogous command. The first NIC of the instance will be the NIC connected to |
1214 | 547c78f6 | Constantinos Venetsanopoulos | the Public Network. The ``link`` variable will be set accordingly in the |
1215 | 547c78f6 | Constantinos Venetsanopoulos | Cyclades conf files later on the guide. |
1216 | 547c78f6 | Constantinos Venetsanopoulos | |
1217 | 547c78f6 | Constantinos Venetsanopoulos | Make sure everything works as expected, before proceeding with the Private |
1218 | 2f6143c9 | Constantinos Venetsanopoulos | Networks setup. |
1219 | 2f6143c9 | Constantinos Venetsanopoulos | |
1220 | 2f6143c9 | Constantinos Venetsanopoulos | Private Networks setup |
1221 | 7a8df455 | Constantinos Venetsanopoulos | ---------------------- |
1222 | 2f6143c9 | Constantinos Venetsanopoulos | |
1223 | 2f6143c9 | Constantinos Venetsanopoulos | Physical hosts' private networks setup |
1224 | 7a8df455 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
1225 | 2f6143c9 | Constantinos Venetsanopoulos | |
1226 | 547c78f6 | Constantinos Venetsanopoulos | At the physical host's level, it is the administrator's responsibility to |
1227 | 547c78f6 | Constantinos Venetsanopoulos | configure the network appropriately, according to his/her needs (as for the |
1228 | 547c78f6 | Constantinos Venetsanopoulos | Public Network). |
1229 | 547c78f6 | Constantinos Venetsanopoulos | |
1230 | 547c78f6 | Constantinos Venetsanopoulos | However we propose the following setup: |
1231 | 547c78f6 | Constantinos Venetsanopoulos | |
1232 | 547c78f6 | Constantinos Venetsanopoulos | For every possible Private Network we assume a pre-provisioned bridge interface |
1233 | 547c78f6 | Constantinos Venetsanopoulos | exists on every host with the same name. Every Private Network will be |
1234 | 547c78f6 | Constantinos Venetsanopoulos | associated with one of the pre-provisioned bridges. Then the instance's new NIC |
1235 | 547c78f6 | Constantinos Venetsanopoulos | (while connecting to the Private Network) will be connected to that bridge. All |
1236 | 547c78f6 | Constantinos Venetsanopoulos | instances' tap interfaces that reside in the same Private Network will be |
1237 | 547c78f6 | Constantinos Venetsanopoulos | connected in the corresponding bridge of that network. Furthermore, every |
1238 | 547c78f6 | Constantinos Venetsanopoulos | bridge will be connected to a corresponding vlan. So, lets assume that our |
1239 | 547c78f6 | Constantinos Venetsanopoulos | Cyclades installation allows for 20 Private Networks to be setup. We should |
1240 | 547c78f6 | Constantinos Venetsanopoulos | pre-provision the corresponding bridges and vlans to all the hosts. We can do |
1241 | 547c78f6 | Constantinos Venetsanopoulos | this by running on all VM-capable Ganeti nodes (in our case node1 and node2): |
1242 | 547c78f6 | Constantinos Venetsanopoulos | |
1243 | 547c78f6 | Constantinos Venetsanopoulos | .. code-block:: console |
1244 | 547c78f6 | Constantinos Venetsanopoulos | |
1245 | 547c78f6 | Constantinos Venetsanopoulos | # $iface=eth0 |
1246 | 547c78f6 | Constantinos Venetsanopoulos | # for prv in $(seq 1 20); do |
1247 | 547c78f6 | Constantinos Venetsanopoulos | vlan=$prv |
1248 | 547c78f6 | Constantinos Venetsanopoulos | bridge=prv$prv |
1249 | 547c78f6 | Constantinos Venetsanopoulos | vconfig add $iface $vlan |
1250 | 547c78f6 | Constantinos Venetsanopoulos | ifconfig $iface.$vlan up |
1251 | 547c78f6 | Constantinos Venetsanopoulos | brctl addbr $bridge |
1252 | 547c78f6 | Constantinos Venetsanopoulos | brctl setfd $bridge 0 |
1253 | 547c78f6 | Constantinos Venetsanopoulos | brctl addif $bridge $iface.$vlan |
1254 | 547c78f6 | Constantinos Venetsanopoulos | ifconfig $bridge up |
1255 | 547c78f6 | Constantinos Venetsanopoulos | done |
1256 | 547c78f6 | Constantinos Venetsanopoulos | |
1257 | 547c78f6 | Constantinos Venetsanopoulos | The above will do the following (assuming ``eth0`` exists on both hosts): |
1258 | 547c78f6 | Constantinos Venetsanopoulos | |
1259 | 547c78f6 | Constantinos Venetsanopoulos | * provision 20 new bridges: ``prv1`` - ``prv20`` |
1260 | 547c78f6 | Constantinos Venetsanopoulos | * provision 20 new vlans: ``eth0.1`` - ``eth0.20`` |
1261 | 547c78f6 | Constantinos Venetsanopoulos | * add the corresponding vlan to the equivelant bridge |
1262 | 547c78f6 | Constantinos Venetsanopoulos | |
1263 | 547c78f6 | Constantinos Venetsanopoulos | You can run ``brctl show`` on both nodes to see if everything was setup |
1264 | 547c78f6 | Constantinos Venetsanopoulos | correctly. |
1265 | 547c78f6 | Constantinos Venetsanopoulos | |
1266 | 547c78f6 | Constantinos Venetsanopoulos | Everything is now setup to support the 20 Cyclades Private Networks. Later, |
1267 | 547c78f6 | Constantinos Venetsanopoulos | we will configure Cyclades to talk to those 20 pre-provisioned bridges. |
1268 | 547c78f6 | Constantinos Venetsanopoulos | |
1269 | 2f6143c9 | Constantinos Venetsanopoulos | Testing the Private Networks |
1270 | 7a8df455 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
1271 | caa6c07d | Constantinos Venetsanopoulos | |
1272 | 547c78f6 | Constantinos Venetsanopoulos | To test the Private Networks, we will create two instances and put them in the |
1273 | 547c78f6 | Constantinos Venetsanopoulos | same Private Network (``prv1``). This means that the instances will have a |
1274 | 547c78f6 | Constantinos Venetsanopoulos | second NIC connected to the ``prv1`` pre-provisioned bridge. |
1275 | 547c78f6 | Constantinos Venetsanopoulos | |
1276 | 547c78f6 | Constantinos Venetsanopoulos | We run the same command as in the Public Network testing section, but with one |
1277 | 547c78f6 | Constantinos Venetsanopoulos | more argument for the second NIC: |
1278 | 547c78f6 | Constantinos Venetsanopoulos | |
1279 | 547c78f6 | Constantinos Venetsanopoulos | .. code-block:: console |
1280 | 547c78f6 | Constantinos Venetsanopoulos | |
1281 | 547c78f6 | Constantinos Venetsanopoulos | # gnt-instance add -o snf-image+default --os-parameters |
1282 | 547c78f6 | Constantinos Venetsanopoulos | img_passwd=my_vm_example_passw0rd, |
1283 | 547c78f6 | Constantinos Venetsanopoulos | img_format=diskdump, |
1284 | 547c78f6 | Constantinos Venetsanopoulos | img_id="pithos://user@example.com/pithos/debian_base-6.0-7-x86_64.diskdump", |
1285 | 547c78f6 | Constantinos Venetsanopoulos | img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}' |
1286 | 547c78f6 | Constantinos Venetsanopoulos | -t plain --disk 0:size=2G --no-name-check --no-ip-check |
1287 | 547c78f6 | Constantinos Venetsanopoulos | --net 0:ip=pool,mode=routed,link=public_link |
1288 | 547c78f6 | Constantinos Venetsanopoulos | --net 1:ip=none,mode=bridged,link=prv1 |
1289 | 547c78f6 | Constantinos Venetsanopoulos | testvm3 |
1290 | 547c78f6 | Constantinos Venetsanopoulos | |
1291 | 547c78f6 | Constantinos Venetsanopoulos | # gnt-instance add -o snf-image+default --os-parameters |
1292 | 547c78f6 | Constantinos Venetsanopoulos | img_passwd=my_vm_example_passw0rd, |
1293 | 547c78f6 | Constantinos Venetsanopoulos | img_format=diskdump, |
1294 | 547c78f6 | Constantinos Venetsanopoulos | img_id="pithos://user@example.com/pithos/debian_base-6.0-7-x86_64.diskdump", |
1295 | 547c78f6 | Constantinos Venetsanopoulos | img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}' |
1296 | 547c78f6 | Constantinos Venetsanopoulos | -t plain --disk 0:size=2G --no-name-check --no-ip-check |
1297 | 547c78f6 | Constantinos Venetsanopoulos | --net 0:ip=pool,mode=routed,link=public_link |
1298 | 547c78f6 | Constantinos Venetsanopoulos | --net 1:ip=none,mode=bridged,link=prv1 |
1299 | 547c78f6 | Constantinos Venetsanopoulos | testvm4 |
1300 | 547c78f6 | Constantinos Venetsanopoulos | |
1301 | 547c78f6 | Constantinos Venetsanopoulos | Above, we create two instances with their first NIC connected to the Public |
1302 | 547c78f6 | Constantinos Venetsanopoulos | Network and their second NIC connected to the first Private Network (``prv1``). |
1303 | 547c78f6 | Constantinos Venetsanopoulos | Now, connect to the instances using VNC and make sure everything works as |
1304 | 547c78f6 | Constantinos Venetsanopoulos | expected: |
1305 | 547c78f6 | Constantinos Venetsanopoulos | |
1306 | 547c78f6 | Constantinos Venetsanopoulos | a) The instances have access to the public internet through their first eth |
1307 | 547c78f6 | Constantinos Venetsanopoulos | interface (``eth0``), which has been automatically assigned a public IP. |
1308 | 547c78f6 | Constantinos Venetsanopoulos | |
1309 | 547c78f6 | Constantinos Venetsanopoulos | b) Setup the second eth interface of the instances (``eth1``), by assigning two |
1310 | 547c78f6 | Constantinos Venetsanopoulos | different private IPs (e.g.: ``10.0.0.1`` and ``10.0.0.2``) and the |
1311 | 547c78f6 | Constantinos Venetsanopoulos | corresponding netmask. If they ``ping`` each other successfully, then |
1312 | 547c78f6 | Constantinos Venetsanopoulos | the Private Network works. |
1313 | 547c78f6 | Constantinos Venetsanopoulos | |
1314 | 547c78f6 | Constantinos Venetsanopoulos | Repeat the procedure with more instances connected in different Private Networks |
1315 | 547c78f6 | Constantinos Venetsanopoulos | (``prv{1-20}``), by adding more NICs on each instance. e.g.: We add an instance |
1316 | 547c78f6 | Constantinos Venetsanopoulos | connected to the Public Network and Private Networks 1, 3 and 19: |
1317 | 547c78f6 | Constantinos Venetsanopoulos | |
1318 | 547c78f6 | Constantinos Venetsanopoulos | .. code-block:: console |
1319 | 547c78f6 | Constantinos Venetsanopoulos | |
1320 | 547c78f6 | Constantinos Venetsanopoulos | # gnt-instance add -o snf-image+default --os-parameters |
1321 | 547c78f6 | Constantinos Venetsanopoulos | img_passwd=my_vm_example_passw0rd, |
1322 | 547c78f6 | Constantinos Venetsanopoulos | img_format=diskdump, |
1323 | 547c78f6 | Constantinos Venetsanopoulos | img_id="pithos://user@example.com/pithos/debian_base-6.0-7-x86_64.diskdump", |
1324 | 547c78f6 | Constantinos Venetsanopoulos | img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}' |
1325 | 547c78f6 | Constantinos Venetsanopoulos | -t plain --disk 0:size=2G --no-name-check --no-ip-check |
1326 | 547c78f6 | Constantinos Venetsanopoulos | --net 0:ip=pool,mode=routed,link=public_link |
1327 | 547c78f6 | Constantinos Venetsanopoulos | --net 1:ip=none,mode=bridged,link=prv1 |
1328 | 547c78f6 | Constantinos Venetsanopoulos | --net 2:ip=none,mode=bridged,link=prv3 |
1329 | 547c78f6 | Constantinos Venetsanopoulos | --net 3:ip=none,mode=bridged,link=prv19 |
1330 | 547c78f6 | Constantinos Venetsanopoulos | testvm5 |
1331 | 547c78f6 | Constantinos Venetsanopoulos | |
1332 | 547c78f6 | Constantinos Venetsanopoulos | If everything works as expected, then you have finished the Network Setup at the |
1333 | 547c78f6 | Constantinos Venetsanopoulos | backend for both types of Networks (Public & Private). |
1334 | 547c78f6 | Constantinos Venetsanopoulos | |
1335 | 2c85833e | Constantinos Venetsanopoulos | .. _cyclades-gtools: |
1336 | 2c85833e | Constantinos Venetsanopoulos | |
1337 | 2c85833e | Constantinos Venetsanopoulos | Cyclades Ganeti tools |
1338 | 2c85833e | Constantinos Venetsanopoulos | --------------------- |
1339 | 2c85833e | Constantinos Venetsanopoulos | |
1340 | 2c85833e | Constantinos Venetsanopoulos | In order for Ganeti to be connected with Cyclades later on, we need the |
1341 | 2c85833e | Constantinos Venetsanopoulos | `Cyclades Ganeti tools` available on all Ganeti nodes (node1 & node2 in our |
1342 | 2c85833e | Constantinos Venetsanopoulos | case). You can install them by running in both nodes: |
1343 | 2c85833e | Constantinos Venetsanopoulos | |
1344 | 2c85833e | Constantinos Venetsanopoulos | .. code-block:: console |
1345 | 2c85833e | Constantinos Venetsanopoulos | |
1346 | 2c85833e | Constantinos Venetsanopoulos | # apt-get install snf-cyclades-gtools |
1347 | 2c85833e | Constantinos Venetsanopoulos | |
1348 | 2c85833e | Constantinos Venetsanopoulos | This will install the following: |
1349 | 2c85833e | Constantinos Venetsanopoulos | |
1350 | 2c85833e | Constantinos Venetsanopoulos | * ``snf-ganeti-eventd`` (daemon to publish Ganeti related messages on RabbitMQ) |
1351 | 2c85833e | Constantinos Venetsanopoulos | * ``snf-ganeti-hook`` (all necessary hooks under ``/etc/ganeti/hooks``) |
1352 | 2c85833e | Constantinos Venetsanopoulos | * ``snf-progress-monitor`` (used by ``snf-image`` to publish progress messages) |
1353 | 2c85833e | Constantinos Venetsanopoulos | * ``kvm-vif-bridge`` (installed under ``/etc/ganeti`` to connect Ganeti with |
1354 | 2c85833e | Constantinos Venetsanopoulos | NFDHCPD) |
1355 | 2c85833e | Constantinos Venetsanopoulos | |
1356 | 2c85833e | Constantinos Venetsanopoulos | Configure ``snf-cyclades-gtools`` |
1357 | 2c85833e | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
1358 | 2c85833e | Constantinos Venetsanopoulos | |
1359 | 2c85833e | Constantinos Venetsanopoulos | The package will install the ``/etc/synnefo/20-snf-cyclades-gtools.conf`` |
1360 | 2c85833e | Constantinos Venetsanopoulos | configuration file. At least we need to set the RabbitMQ endpoint for all tools |
1361 | 2c85833e | Constantinos Venetsanopoulos | that need it: |
1362 | 2c85833e | Constantinos Venetsanopoulos | |
1363 | 2c85833e | Constantinos Venetsanopoulos | .. code-block:: console |
1364 | 2c85833e | Constantinos Venetsanopoulos | |
1365 | 2c85833e | Constantinos Venetsanopoulos | RABBIT_HOST = "node1.example.com:5672" |
1366 | 2c85833e | Constantinos Venetsanopoulos | RABBIT_USERNAME = "synnefo" |
1367 | 2c85833e | Constantinos Venetsanopoulos | RABBIT_PASSWORD = "example_rabbitmq_passw0rd" |
1368 | 2c85833e | Constantinos Venetsanopoulos | |
1369 | 2c85833e | Constantinos Venetsanopoulos | The above variables should reflect your :ref:`Message Queue setup |
1370 | 2c85833e | Constantinos Venetsanopoulos | <rabbitmq-setup>`. This file should be editted in all Ganeti nodes. |
1371 | 2c85833e | Constantinos Venetsanopoulos | |
1372 | 2c85833e | Constantinos Venetsanopoulos | Connect ``snf-image`` with ``snf-progress-monitor`` |
1373 | 2c85833e | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
1374 | 2c85833e | Constantinos Venetsanopoulos | |
1375 | 2c85833e | Constantinos Venetsanopoulos | Finally, we need to configure ``snf-image`` to publish progress messages during |
1376 | 2c85833e | Constantinos Venetsanopoulos | the deployment of each Image. To do this, we edit ``/etc/default/snf-image`` and |
1377 | 2c85833e | Constantinos Venetsanopoulos | set the corresponding variable to ``snf-progress-monitor``: |
1378 | 2c85833e | Constantinos Venetsanopoulos | |
1379 | 2c85833e | Constantinos Venetsanopoulos | .. code-block:: console |
1380 | 2c85833e | Constantinos Venetsanopoulos | |
1381 | 2c85833e | Constantinos Venetsanopoulos | PROGRESS_MONITOR="snf-progress-monitor" |
1382 | 2c85833e | Constantinos Venetsanopoulos | |
1383 | 2c85833e | Constantinos Venetsanopoulos | This file should be editted in all Ganeti nodes. |
1384 | 2c85833e | Constantinos Venetsanopoulos | |
1385 | 7a8df455 | Constantinos Venetsanopoulos | .. _rapi-user: |
1386 | 7a8df455 | Constantinos Venetsanopoulos | |
1387 | caa6c07d | Constantinos Venetsanopoulos | Synnefo RAPI user |
1388 | 7a8df455 | Constantinos Venetsanopoulos | ----------------- |
1389 | caa6c07d | Constantinos Venetsanopoulos | |
1390 | 7a8df455 | Constantinos Venetsanopoulos | As a last step before installing Cyclades, create a new RAPI user that will |
1391 | caa6c07d | Constantinos Venetsanopoulos | have ``write`` access. Cyclades will use this user to issue commands to Ganeti, |
1392 | 2c85833e | Constantinos Venetsanopoulos | so we will call the user ``cyclades`` with password ``example_rapi_passw0rd``. |
1393 | 2c85833e | Constantinos Venetsanopoulos | You can do this, by first running: |
1394 | 2c85833e | Constantinos Venetsanopoulos | |
1395 | 2c85833e | Constantinos Venetsanopoulos | .. code-block:: console |
1396 | 2c85833e | Constantinos Venetsanopoulos | |
1397 | 2c85833e | Constantinos Venetsanopoulos | # echo -n 'cyclades:Ganeti Remote API:example_rapi_passw0rd' | openssl md5 |
1398 | 2c85833e | Constantinos Venetsanopoulos | |
1399 | 2c85833e | Constantinos Venetsanopoulos | and then putting the output in ``/var/lib/ganeti/rapi/users`` as follows: |
1400 | caa6c07d | Constantinos Venetsanopoulos | |
1401 | caa6c07d | Constantinos Venetsanopoulos | .. code-block:: console |
1402 | caa6c07d | Constantinos Venetsanopoulos | |
1403 | 2c85833e | Constantinos Venetsanopoulos | cyclades {HA1}55aec7050aa4e4b111ca43cb505a61a0 write |
1404 | caa6c07d | Constantinos Venetsanopoulos | |
1405 | caa6c07d | Constantinos Venetsanopoulos | More about Ganeti's RAPI users `here. |
1406 | caa6c07d | Constantinos Venetsanopoulos | <http://docs.ganeti.org/ganeti/2.5/html/rapi.html#introduction>`_ |
1407 | bc055d09 | Constantinos Venetsanopoulos | |
1408 | 7a8df455 | Constantinos Venetsanopoulos | You have now finished with all needed Prerequisites for Cyclades (and |
1409 | 7a8df455 | Constantinos Venetsanopoulos | Plankton). Let's move on to the actual Cyclades installation. |
1410 | 7a8df455 | Constantinos Venetsanopoulos | |
1411 | 7a8df455 | Constantinos Venetsanopoulos | |
1412 | 7a8df455 | Constantinos Venetsanopoulos | Installation of Cyclades (and Plankton) on node1 |
1413 | 7a8df455 | Constantinos Venetsanopoulos | ================================================ |
1414 | 7a8df455 | Constantinos Venetsanopoulos | |
1415 | 7a8df455 | Constantinos Venetsanopoulos | This section describes the installation of Cyclades. Cyclades is Synnefo's |
1416 | 7a8df455 | Constantinos Venetsanopoulos | Compute service. Plankton (the Image Registry service) will get installed |
1417 | 7a8df455 | Constantinos Venetsanopoulos | automatically along with Cyclades, because it is contained in the same Synnefo |
1418 | 7a8df455 | Constantinos Venetsanopoulos | component right now. |
1419 | 7a8df455 | Constantinos Venetsanopoulos | |
1420 | bc055d09 | Constantinos Venetsanopoulos | |
1421 | bc055d09 | Constantinos Venetsanopoulos | .. _cyclades-install-vncauthproxy: |
1422 | bc055d09 | Constantinos Venetsanopoulos | |
1423 | bc055d09 | Constantinos Venetsanopoulos | vncauthproxy |
1424 | 7a8df455 | Constantinos Venetsanopoulos | ------------ |
1425 | bc055d09 | Constantinos Venetsanopoulos | |
1426 | bc055d09 | Constantinos Venetsanopoulos | To support OOB console access to the VMs over VNC, the vncauthproxy |
1427 | bc055d09 | Constantinos Venetsanopoulos | daemon must be running on every :ref:`APISERVER <APISERVER_NODE>` node. |
1428 | bc055d09 | Constantinos Venetsanopoulos | |
1429 | bc055d09 | Constantinos Venetsanopoulos | .. note:: The Debian package for vncauthproxy undertakes all configuration |
1430 | bc055d09 | Constantinos Venetsanopoulos | automatically. |
1431 | bc055d09 | Constantinos Venetsanopoulos | |
1432 | bc055d09 | Constantinos Venetsanopoulos | Download and install the latest vncauthproxy from its own repository, |
1433 | bc055d09 | Constantinos Venetsanopoulos | at `https://code.grnet.gr/git/vncauthproxy`, or a specific commit: |
1434 | bc055d09 | Constantinos Venetsanopoulos | |
1435 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
1436 | bc055d09 | Constantinos Venetsanopoulos | |
1437 | bc055d09 | Constantinos Venetsanopoulos | $ bin/pip install -e git+https://code.grnet.gr/git/vncauthproxy@INSERT_COMMIT_HERE#egg=vncauthproxy |
1438 | bc055d09 | Constantinos Venetsanopoulos | |
1439 | bc055d09 | Constantinos Venetsanopoulos | Create ``/var/log/vncauthproxy`` and set its permissions appropriately. |
1440 | bc055d09 | Constantinos Venetsanopoulos | |
1441 | bc055d09 | Constantinos Venetsanopoulos | Alternatively, build and install Debian packages. |
1442 | bc055d09 | Constantinos Venetsanopoulos | |
1443 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
1444 | bc055d09 | Constantinos Venetsanopoulos | |
1445 | bc055d09 | Constantinos Venetsanopoulos | $ git checkout debian |
1446 | bc055d09 | Constantinos Venetsanopoulos | $ dpkg-buildpackage -b -uc -us |
1447 | bc055d09 | Constantinos Venetsanopoulos | # dpkg -i ../vncauthproxy_1.0-1_all.deb |
1448 | bc055d09 | Constantinos Venetsanopoulos | |
1449 | bc055d09 | Constantinos Venetsanopoulos | .. warning:: |
1450 | bc055d09 | Constantinos Venetsanopoulos | **Failure to build the package on the Mac.** |
1451 | bc055d09 | Constantinos Venetsanopoulos | |
1452 | bc055d09 | Constantinos Venetsanopoulos | ``libevent``, a requirement for gevent which in turn is a requirement for |
1453 | bc055d09 | Constantinos Venetsanopoulos | vncauthproxy is not included in `MacOSX` by default and installing it with |
1454 | bc055d09 | Constantinos Venetsanopoulos | MacPorts does not lead to a version that can be found by the gevent |
1455 | bc055d09 | Constantinos Venetsanopoulos | build process. A quick workaround is to execute the following commands:: |
1456 | bc055d09 | Constantinos Venetsanopoulos | |
1457 | bc055d09 | Constantinos Venetsanopoulos | $ cd $SYNNEFO |
1458 | bc055d09 | Constantinos Venetsanopoulos | $ sudo pip install -e git+https://code.grnet.gr/git/vncauthproxy@5a196d8481e171a#egg=vncauthproxy |
1459 | bc055d09 | Constantinos Venetsanopoulos | <the above fails> |
1460 | bc055d09 | Constantinos Venetsanopoulos | $ cd build/gevent |
1461 | bc055d09 | Constantinos Venetsanopoulos | $ sudo python setup.py -I/opt/local/include -L/opt/local/lib build |
1462 | bc055d09 | Constantinos Venetsanopoulos | $ cd $SYNNEFO |
1463 | bc055d09 | Constantinos Venetsanopoulos | $ sudo pip install -e git+https://code.grnet.gr/git/vncauthproxy@5a196d8481e171a#egg=vncauthproxy |
1464 | bc055d09 | Constantinos Venetsanopoulos | |
1465 | bc055d09 | Constantinos Venetsanopoulos | .. todo:: Mention vncauthproxy bug, snf-vncauthproxy, inability to install using pip |
1466 | bc055d09 | Constantinos Venetsanopoulos | .. todo:: kpap: fix installation commands |
1467 | bc055d09 | Constantinos Venetsanopoulos | |
1468 | a96ec00f | Constantinos Venetsanopoulos | |
1469 | a96ec00f | Constantinos Venetsanopoulos | Configuration of Cyclades (and Plankton) |
1470 | a96ec00f | Constantinos Venetsanopoulos | ======================================== |
1471 | 5b6feb88 | Vangelis Koukis | |
1472 | bc055d09 | Constantinos Venetsanopoulos | This section targets the configuration of the prerequisites for cyclades, |
1473 | bc055d09 | Constantinos Venetsanopoulos | and the configuration of the associated synnefo software components. |
1474 | bc055d09 | Constantinos Venetsanopoulos | |
1475 | bc055d09 | Constantinos Venetsanopoulos | synnefo components |
1476 | bc055d09 | Constantinos Venetsanopoulos | ------------------ |
1477 | bc055d09 | Constantinos Venetsanopoulos | |
1478 | bc055d09 | Constantinos Venetsanopoulos | cyclades uses :ref:`snf-common <snf-common>` for settings. |
1479 | bc055d09 | Constantinos Venetsanopoulos | Please refer to the configuration sections of |
1480 | bc055d09 | Constantinos Venetsanopoulos | :ref:`snf-webproject <snf-webproject>`, |
1481 | bc055d09 | Constantinos Venetsanopoulos | :ref:`snf-cyclades-app <snf-cyclades-app>`, |
1482 | bc055d09 | Constantinos Venetsanopoulos | :ref:`snf-cyclades-gtools <snf-cyclades-gtools>` for more |
1483 | bc055d09 | Constantinos Venetsanopoulos | information on their configuration. |
1484 | bc055d09 | Constantinos Venetsanopoulos | |
1485 | bc055d09 | Constantinos Venetsanopoulos | Ganeti |
1486 | bc055d09 | Constantinos Venetsanopoulos | ~~~~~~ |
1487 | bc055d09 | Constantinos Venetsanopoulos | |
1488 | bc055d09 | Constantinos Venetsanopoulos | Set ``GANETI_NODES``, ``GANETI_MASTER_IP``, ``GANETI_CLUSTER_INFO`` based on |
1489 | bc055d09 | Constantinos Venetsanopoulos | your :ref:`Ganeti installation <cyclades-install-ganeti>` and change the |
1490 | bc055d09 | Constantinos Venetsanopoulos | `BACKEND_PREFIX_ID`` setting, using an custom ``PREFIX_ID``. |
1491 | bc055d09 | Constantinos Venetsanopoulos | |
1492 | bc055d09 | Constantinos Venetsanopoulos | Database |
1493 | bc055d09 | Constantinos Venetsanopoulos | ~~~~~~~~ |
1494 | bc055d09 | Constantinos Venetsanopoulos | |
1495 | bc055d09 | Constantinos Venetsanopoulos | Once all components are installed and configured, |
1496 | bc055d09 | Constantinos Venetsanopoulos | initialize the Django DB: |
1497 | bc055d09 | Constantinos Venetsanopoulos | |
1498 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
1499 | bc055d09 | Constantinos Venetsanopoulos | |
1500 | bc055d09 | Constantinos Venetsanopoulos | $ snf-manage syncdb |
1501 | bc055d09 | Constantinos Venetsanopoulos | $ snf-manage migrate |
1502 | bc055d09 | Constantinos Venetsanopoulos | |
1503 | bc055d09 | Constantinos Venetsanopoulos | and load fixtures ``{users, flavors, images}``, |
1504 | bc055d09 | Constantinos Venetsanopoulos | which make the API usable by end users by defining a sample set of users, |
1505 | bc055d09 | Constantinos Venetsanopoulos | hardware configurations (flavors) and OS images: |
1506 | bc055d09 | Constantinos Venetsanopoulos | |
1507 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
1508 | bc055d09 | Constantinos Venetsanopoulos | |
1509 | bc055d09 | Constantinos Venetsanopoulos | $ snf-manage loaddata /path/to/users.json |
1510 | bc055d09 | Constantinos Venetsanopoulos | $ snf-manage loaddata flavors |
1511 | bc055d09 | Constantinos Venetsanopoulos | $ snf-manage loaddata images |
1512 | bc055d09 | Constantinos Venetsanopoulos | |
1513 | bc055d09 | Constantinos Venetsanopoulos | .. warning:: |
1514 | bc055d09 | Constantinos Venetsanopoulos | Be sure to load a custom users.json and select a unique token |
1515 | bc055d09 | Constantinos Venetsanopoulos | for each of the initial and any other users defined in this file. |
1516 | bc055d09 | Constantinos Venetsanopoulos | **DO NOT LEAVE THE SAMPLE AUTHENTICATION TOKENS** enabled in deployed |
1517 | bc055d09 | Constantinos Venetsanopoulos | configurations. |
1518 | bc055d09 | Constantinos Venetsanopoulos | |
1519 | bc055d09 | Constantinos Venetsanopoulos | sample users.json file: |
1520 | bc055d09 | Constantinos Venetsanopoulos | |
1521 | bc055d09 | Constantinos Venetsanopoulos | .. literalinclude:: ../../synnefo/db/fixtures/users.json |
1522 | bc055d09 | Constantinos Venetsanopoulos | |
1523 | bc055d09 | Constantinos Venetsanopoulos | `download <../_static/users.json>`_ |
1524 | bc055d09 | Constantinos Venetsanopoulos | |
1525 | bc055d09 | Constantinos Venetsanopoulos | RabbitMQ |
1526 | bc055d09 | Constantinos Venetsanopoulos | ~~~~~~~~ |
1527 | bc055d09 | Constantinos Venetsanopoulos | |
1528 | bc055d09 | Constantinos Venetsanopoulos | Change ``RABBIT_*`` settings to match your :ref:`RabbitMQ setup |
1529 | bc055d09 | Constantinos Venetsanopoulos | <cyclades-install-rabbitmq>`. |
1530 | bc055d09 | Constantinos Venetsanopoulos | |
1531 | bc055d09 | Constantinos Venetsanopoulos | .. include:: ../../Changelog |
1532 | bc055d09 | Constantinos Venetsanopoulos | |
1533 | 5b6feb88 | Vangelis Koukis | |
1534 | a96ec00f | Constantinos Venetsanopoulos | Testing of Cyclades (and Plankton) |
1535 | a96ec00f | Constantinos Venetsanopoulos | ================================== |
1536 | 5b6feb88 | Vangelis Koukis | |
1537 | 5b6feb88 | Vangelis Koukis | |
1538 | a96ec00f | Constantinos Venetsanopoulos | General Testing |
1539 | a96ec00f | Constantinos Venetsanopoulos | =============== |
1540 | 5b6feb88 | Vangelis Koukis | |
1541 | 5b6feb88 | Vangelis Koukis | |
1542 | a96ec00f | Constantinos Venetsanopoulos | Notes |
1543 | a96ec00f | Constantinos Venetsanopoulos | ===== |