Revision 301294a9
b/docs/admin-guide.rst | ||
---|---|---|
16 | 16 |
between them. It is a good idea to first go through the Quick Administrator's |
17 | 17 |
Guide before proceeding. |
18 | 18 |
|
19 |
.. image:: images/synnefo-architecture1.png
|
|
19 |
.. image:: images/synnefo-arch2.png
|
|
20 | 20 |
:width: 100% |
21 |
:target: _images/synnefo-architecture1.png
|
|
21 |
:target: _images/synnefo-arch2.png
|
|
22 | 22 |
|
23 | 23 |
|
24 | 24 |
|
... | ... | |
557 | 557 |
CoW volumes. Moreover, it enables live migration of thinly-provisioned VMs with |
558 | 558 |
no physically shared storage. |
559 | 559 |
|
560 |
Architecture |
|
561 |
------------ |
|
560 |
Archipelago Architecture |
|
561 |
------------------------ |
|
562 |
|
|
562 | 563 |
.. image:: images/archipelago-architecture.png |
563 | 564 |
:width: 50% |
564 | 565 |
:target: _images/archipelago-architecture.png |
565 | 566 |
|
567 |
.. _syn+archip+rados: |
|
568 |
|
|
569 |
Overview of Synnefo + Archipelago + RADOS |
|
570 |
----------------------------------------- |
|
571 |
|
|
572 |
.. image:: images/synnefo-arch3.png |
|
573 |
:width: 100% |
|
574 |
:target: _images/synnefo-arch3.png |
|
575 |
|
|
566 | 576 |
Prereqs |
567 | 577 |
------- |
578 |
|
|
568 | 579 |
The administrator must initialize the storage backend where archipelago volume |
569 | 580 |
blocks will reside. |
570 | 581 |
|
571 |
|
|
572 | 582 |
In case of a files backend, the administrator must create two directories. One |
573 | 583 |
for the archipelago data blocks and one for the archipelago map blocks. These |
574 | 584 |
should probably be over shared storage to enable sharing archipelago volumes |
... | ... | |
579 | 589 |
for data blocks, and one for the map blocks. These pools, must be the same pools |
580 | 590 |
used in pithos, in order to enable volume creation based on pithos images. |
581 | 591 |
|
582 |
|
|
583 | 592 |
Installation |
584 | 593 |
------------ |
594 |
|
|
585 | 595 |
Archipelago consists of |
586 | 596 |
|
587 | 597 |
* ``libxseg0``: libxseg used to communicate over shared memory segments |
... | ... | |
702 | 712 |
|
703 | 713 |
* ``vlmc create <volumename> --snap <snapname> --size <size>``: creates a new |
704 | 714 |
volume named <volumename> from snapshot name <snapname> with size <size>. |
705 |
The ``--snap`` and ``--size`` are optional, but at least one of them is
|
|
706 |
mandatory. e.g:
|
|
715 |
The ``--snap`` and ``--size`` are optional, but at least one of them is |
|
716 |
mandatory. e.g: |
|
707 | 717 |
|
708 |
``vlmc create <volumename> --snap <snapname>`` creates a volume named
|
|
709 |
volumename from snapshot snapname. The size of the volume is the same as
|
|
710 |
the size of the snapshot.
|
|
718 |
``vlmc create <volumename> --snap <snapname>`` creates a volume named |
|
719 |
volumename from snapshot snapname. The size of the volume is the same as |
|
720 |
the size of the snapshot. |
|
711 | 721 |
|
712 |
``vlmc create <volumename> --size <size>`` creates an empty volume of size
|
|
713 |
<size> named <volumename>.
|
|
722 |
``vlmc create <volumename> --size <size>`` creates an empty volume of size |
|
723 |
<size> named <volumename>. |
|
714 | 724 |
|
715 | 725 |
* ``vlmc remove <volumename>``: removes the volume and all the related |
716 | 726 |
archipelago blocks from storage. |
... | ... | |
859 | 869 |
the above components, and updates the Cyclades DB accordingly. |
860 | 870 |
|
861 | 871 |
Installation |
862 |
```````````` |
|
872 |
~~~~~~~~~~~~ |
|
873 |
|
|
863 | 874 |
Please check the RabbitMQ documentation which covers extensively the |
864 | 875 |
`installation of RabbitMQ server <http://www.rabbitmq.com/download.html>`_ and |
865 | 876 |
the setup of a `RabbitMQ cluster <http://www.rabbitmq.com/clustering.html>`_. |
... | ... | |
951 | 962 |
Scaling up to multiple nodes |
952 | 963 |
============================ |
953 | 964 |
|
954 |
Here we will describe how to deploy all services, interconnected with each |
|
955 |
other, on multiple physical nodes. |
|
965 |
Here we will describe how should a large scale Synnefo deployment look like. Make |
|
966 |
sure you are familiar with Synnefo and Ganeti before proceeding with this section. |
|
967 |
This means you should at least have already set up successfully a working Synnefo |
|
968 |
deployment as described in the :ref:`Admin's Quick Installation Guide |
|
969 |
<quick-install-admin-guide>` and also read the Administrator's Guide until this |
|
970 |
section. |
|
956 | 971 |
|
957 |
synnefo components
|
|
958 |
------------------ |
|
972 |
Graph of a scale-out Synnefo deployment
|
|
973 |
---------------------------------------
|
|
959 | 974 |
|
960 |
You need to install the appropriate synnefo software components on each node, |
|
961 |
depending on its type, see :ref:`Architecture <cyclades-architecture>`. |
|
975 |
Each box in the following graph corresponds to a distinct physical node: |
|
962 | 976 |
|
963 |
Please see the page of each synnefo software component for specific |
|
964 |
installation instructions, where applicable. |
|
977 |
.. image:: images/synnefo-arch2-roles.png |
|
978 |
:width: 100% |
|
979 |
:target: _images/synnefo-arch2-roles.png |
|
980 |
|
|
981 |
The above graph is actually the same with the one at the beginning of this |
|
982 |
:ref:`guide <admin-guide>`, with the only difference that here we show the |
|
983 |
Synnefo roles of each physical node. These roles are described in the |
|
984 |
following section. |
|
985 |
|
|
986 |
Physical Node roles |
|
987 |
------------------- |
|
988 |
|
|
989 |
As appears in the previous graph, a scale-out Synnefo deployment consists of |
|
990 |
multiple physical nodes that have the following roles: |
|
991 |
|
|
992 |
* **WEBSERVER**: A web server running in front of gunicorn (e.g.: Apache, nginx) |
|
993 |
* **ASTAKOS**: The Astakos application (gunicorn) |
|
994 |
* **ASTAKOS_DB**: The Astakos database (postgresql) |
|
995 |
* **PITHOS**: The Pithos application (gunicorn) |
|
996 |
* **PITHOS_DB**: The Pithos database (postgresql) |
|
997 |
* **CYCLADES**: The Cyclades application (gunicorn) |
|
998 |
* **CYCLADES_DB**: The Cyclades database (postgresql) |
|
999 |
* **MQ**: The message queue (RabbitMQ) |
|
1000 |
* **GANETI_MASTER**: The Ganeti master of a Ganeti cluster |
|
1001 |
* **GANETI_NODE** : A VM-capable Ganeti node of a Ganeti cluster |
|
965 | 1002 |
|
966 |
Install the following synnefo components:
|
|
1003 |
You will probably also have:
|
|
967 | 1004 |
|
968 |
Nodes of type :ref:`APISERVER <APISERVER_NODE>` |
|
969 |
Components |
|
970 |
:ref:`snf-common <snf-common>`, |
|
971 |
:ref:`snf-webproject <snf-webproject>`, |
|
972 |
:ref:`snf-cyclades-app <snf-cyclades-app>` |
|
973 |
Nodes of type :ref:`GANETI-MASTER <GANETI_MASTER>` and :ref:`GANETI-NODE <GANETI_NODE>` |
|
974 |
Components |
|
975 |
:ref:`snf-common <snf-common>`, |
|
976 |
:ref:`snf-cyclades-gtools <snf-cyclades-gtools>` |
|
977 |
Nodes of type :ref:`LOGIC <LOGIC_NODE>` |
|
978 |
Components |
|
979 |
:ref:`snf-common <snf-common>`, |
|
980 |
:ref:`snf-webproject <snf-webproject>`, |
|
981 |
:ref:`snf-cyclades-app <snf-cyclades-app>`. |
|
1005 |
* **CMS**: The CMS used as a frotend portal for the Synnefo services |
|
1006 |
* **NS**: A nameserver serving all other nodes |
|
1007 |
* **CLIENT**: A machine that runs the Synnefo clients (e.g.: kamaki, Web UI), |
|
1008 |
most of the times, the end user's local machine |
|
1009 |
|
|
1010 |
From this point we will also refer to the following groups of roles: |
|
1011 |
|
|
1012 |
* **SYNNEFO**: [ **ASTAKOS**, **ASTAKOS_DB**, **PITHOS**, **PITHOS_DB**, **CYCLADES**, **CYCLADES_DB**, **MQ**, **CMS**] |
|
1013 |
* **G_BACKEND**: [**GANETI_MASTER**, **GANETI_NODE**] |
|
1014 |
|
|
1015 |
Of course, when deploying Synnefo you can combine multiple of the above roles on a |
|
1016 |
single physical node, but if you are trying to scale out, the above separation |
|
1017 |
gives you significant advantages. |
|
1018 |
|
|
1019 |
So, in the next section we will take a look on what components you will have to |
|
1020 |
install on each physical node depending on its Synnefo role. We assume the graph's |
|
1021 |
architecture. |
|
1022 |
|
|
1023 |
Components for each role |
|
1024 |
------------------------ |
|
982 | 1025 |
|
1026 |
When deploying Synnefo in large scale, you need to install different Synnefo |
|
1027 |
or/and third party components on different physical nodes according to their |
|
1028 |
Synnefo role, as stated in the previous section. |
|
1029 |
|
|
1030 |
Specifically: |
|
1031 |
|
|
1032 |
Role **WEBSERVER** |
|
1033 |
* Synnefo components: `None` |
|
1034 |
* 3rd party components: Apache |
|
1035 |
Role **ASTAKOS** |
|
1036 |
* Synnefo components: `snf-webproject`, `snf-astakos-app` |
|
1037 |
* 3rd party components: Django, Gunicorn |
|
1038 |
Role **ASTAKOS_DB** |
|
1039 |
* Synnefo components: `None` |
|
1040 |
* 3rd party components: PostgreSQL |
|
1041 |
Role **PITHOS** |
|
1042 |
* Synnefo components: `snf-webproject`, `snf-pithos-app`, `snf-pithos-webclient` |
|
1043 |
* 3rd party components: Django, Gunicorn |
|
1044 |
Role **PITHOS_DB** |
|
1045 |
* Synnefo components: `None` |
|
1046 |
* 3rd party components: PostgreSQL |
|
1047 |
Role **CYCLADES** |
|
1048 |
* Synnefo components: `snf-webproject`, `snf-cyclades-app`, `snf-vncauthproxy` |
|
1049 |
* 3rd party components: Django Gunicorn |
|
1050 |
Role **CYCLADES_DB** |
|
1051 |
* Synnefo components: `None` |
|
1052 |
* 3rd party components: PostgreSQL |
|
1053 |
Role **MQ** |
|
1054 |
* Synnefo components: `None` |
|
1055 |
* 3rd party components: RabbitMQ |
|
1056 |
Role **GANETI_MASTER** |
|
1057 |
* Synnefo components: `snf-cyclades-gtools` |
|
1058 |
* 3rd party components: Ganeti |
|
1059 |
Role **GANETI_NODE** |
|
1060 |
* Synnefo components: `snf-cyclades-gtools`, `snf-network`, `snf-image`, `nfdhcpd` |
|
1061 |
* 3rd party components: Ganeti |
|
1062 |
Role **CMS** |
|
1063 |
* Synnefo components: `snf-webproject`, `snf-cloudcms` |
|
1064 |
* 3rd party components: Django, Gunicorn |
|
1065 |
Role **NS** |
|
1066 |
* Synnefo components: `None` |
|
1067 |
* 3rd party components: BIND |
|
1068 |
Role **CLIENT** |
|
1069 |
* Synnefo components: `kamaki`, `snf-image-creator` |
|
1070 |
* 3rd party components: `None` |
|
1071 |
|
|
1072 |
Example scale out installation |
|
1073 |
------------------------------ |
|
1074 |
|
|
1075 |
In this section we describe an example of a medium scale installation which |
|
1076 |
combines multiple roles on 10 different physical nodes. We also provide a |
|
1077 |
:ref:`guide <i-synnefo>` to help with such an install. |
|
1078 |
|
|
1079 |
We assume that we have the following 10 physical nodes with the corresponding |
|
1080 |
roles: |
|
1081 |
|
|
1082 |
Node1: |
|
1083 |
**WEBSERVER**, **ASTAKOS** |
|
1084 |
Guide sections: |
|
1085 |
* :ref:`apt <i-apt>` |
|
1086 |
* :ref:`gunicorn <i-gunicorn>` |
|
1087 |
* :ref:`apache <i-apache>` |
|
1088 |
* :ref:`snf-webproject <i-webproject>` |
|
1089 |
* :ref:`snf-astakos-app <i-astakos>` |
|
1090 |
Node2: |
|
1091 |
**WEBSERVER**, **PITHOS** |
|
1092 |
Guide sections: |
|
1093 |
* :ref:`apt <i-apt>` |
|
1094 |
* :ref:`gunicorn <i-gunicorn>` |
|
1095 |
* :ref:`apache <i-apache>` |
|
1096 |
* :ref:`snf-webproject <i-webproject>` |
|
1097 |
* :ref:`snf-pithos-app <i-pithos>` |
|
1098 |
* :ref:`snf-pithos-webclient <i-pithos>` |
|
1099 |
Node3: |
|
1100 |
**WEBSERVER**, **CYCLADES** |
|
1101 |
Guide sections: |
|
1102 |
* :ref:`apt <i-apt>` |
|
1103 |
* :ref:`gunicorn <i-gunicorn>` |
|
1104 |
* :ref:`apache <i-apache>` |
|
1105 |
* :ref:`snf-webproject <i-webproject>` |
|
1106 |
* :ref:`snf-cyclades-app <i-cyclades>` |
|
1107 |
* :ref:`snf-vncauthproxy <i-cyclades>` |
|
1108 |
Node4: |
|
1109 |
**WEBSERVER**, **CMS** |
|
1110 |
Guide sections: |
|
1111 |
* :ref:`apt <i-apt>` |
|
1112 |
* :ref:`gunicorn <i-gunicorn>` |
|
1113 |
* :ref:`apache <i-apache>` |
|
1114 |
* :ref:`snf-webproject <i-webproject>` |
|
1115 |
* :ref:`snf-cloudcms <i-cms>` |
|
1116 |
Node5: |
|
1117 |
**ASTAKOS_DB**, **PITHOS_DB**, **CYCLADES_DB** |
|
1118 |
Guide sections: |
|
1119 |
* :ref:`apt <i-apt>` |
|
1120 |
* :ref:`postgresql <i-db>` |
|
1121 |
Node6: |
|
1122 |
**MQ** |
|
1123 |
Guide sections: |
|
1124 |
* :ref:`apt <i-apt>` |
|
1125 |
* :ref:`rabbitmq <i-mq>` |
|
1126 |
Node7: |
|
1127 |
**GANETI_MASTER**, **GANETI_NODE** |
|
1128 |
Guide sections: |
|
1129 |
* :ref:`apt <i-apt>` |
|
1130 |
* :ref:`general <i-backends>` |
|
1131 |
* :ref:`ganeti <i-ganeti>` |
|
1132 |
* :ref:`snf-cyclades-gtools <i-gtools>` |
|
1133 |
* :ref:`snf-network <i-network>` |
|
1134 |
* :ref:`snf-image <i-image>` |
|
1135 |
* :ref:`nfdhcpd <i-network>` |
|
1136 |
Node8: |
|
1137 |
**GANETI_NODE** |
|
1138 |
Guide sections: |
|
1139 |
* :ref:`apt <i-apt>` |
|
1140 |
* :ref:`general <i-backends>` |
|
1141 |
* :ref:`ganeti <i-ganeti>` |
|
1142 |
* :ref:`snf-cyclades-gtools <i-gtools>` |
|
1143 |
* :ref:`snf-network <i-network>` |
|
1144 |
* :ref:`snf-image <i-image>` |
|
1145 |
* :ref:`nfdhcpd <i-network>` |
|
1146 |
Node9: |
|
1147 |
**GANETI_NODE** |
|
1148 |
Guide sections: |
|
1149 |
`Same as Node8` |
|
1150 |
Node10: |
|
1151 |
**GANETI_NODE** |
|
1152 |
Guide sections: |
|
1153 |
`Same as Node8` |
|
1154 |
|
|
1155 |
All sections: :ref:`Scale out Guide <i-synnefo>` |
|
983 | 1156 |
|
984 | 1157 |
|
985 | 1158 |
Upgrade Notes |
b/docs/cyclades-api-guide.rst | ||
---|---|---|
563 | 563 |
|
564 | 564 |
This operation changes the name of the network in the Compute system. |
565 | 565 |
|
566 |
**Example Update Network Name Request: JSON**::
|
|
566 |
**Example Update Network Name Request: JSON**: |
|
567 | 567 |
|
568 | 568 |
.. code-block:: javascript |
569 | 569 |
|
b/docs/dev-guide.rst | ||
---|---|---|
3 | 3 |
Synnefo Developer's Guide |
4 | 4 |
^^^^^^^^^^^^^^^^^^^^^^^^^ |
5 | 5 |
|
6 |
This is the complete Synnefo Developer's Guide |
|
7 |
|
|
8 |
Tying it all up with kamaki |
|
9 |
=========================== |
|
10 |
|
|
11 |
kamaki |
|
12 |
------ |
|
6 |
This is the complete Synnefo Developer's Guide. Here we document all Synnefo APIs |
|
7 |
to allow external developers write independent tools that interact with Synnefo. |
|
13 | 8 |
|
14 | 9 |
IM API (Astakos) |
15 | 10 |
================ |
... | ... | |
49 | 44 |
Image API <plankton-api-guide> |
50 | 45 |
|
51 | 46 |
|
52 |
Storage API (Pithos+)
|
|
47 |
Storage API (Pithos) |
|
53 | 48 |
===================== |
54 | 49 |
|
55 |
This is the Pithos+ Object Storage API:
|
|
50 |
This is the Pithos Object Storage API: |
|
56 | 51 |
|
57 | 52 |
.. toctree:: |
58 | 53 |
:maxdepth: 2 |
... | ... | |
67 | 62 |
starting your client implementation, make sure you have thoroughly read the |
68 | 63 |
corresponding Synnefo API. |
69 | 64 |
|
70 |
Pithos+ clients
|
|
71 |
---------------
|
|
65 |
Pithos clients |
|
66 |
-------------- |
|
72 | 67 |
|
73 | 68 |
User Experience |
74 | 69 |
~~~~~~~~~~~~~~~ |
/dev/null | ||
---|---|---|
1 |
.. _i-apache: |
|
2 |
|
|
3 |
Synnefo |
|
4 |
------- |
|
5 |
|
|
6 |
:ref:`synnefo <i-synnefo>` || |
|
7 |
:ref:`ns <i-ns>` || |
|
8 |
:ref:`apt <i-apt>` || |
|
9 |
:ref:`mq <i-mq>` || |
|
10 |
:ref:`db <i-db>` || |
|
11 |
:ref:`gunicorn <i-gunicorn>` || |
|
12 |
apache || |
|
13 |
:ref:`webproject <i-webproject>` || |
|
14 |
:ref:`astakos <i-astakos>` || |
|
15 |
:ref:`cms <i-cms>` || |
|
16 |
:ref:`pithos <i-pithos>` || |
|
17 |
:ref:`cyclades <i-cyclades>` || |
|
18 |
:ref:`kamaki <i-kamaki>` || |
|
19 |
:ref:`backends <i-backends>` |
|
20 |
|
|
21 |
Apache Setup |
|
22 |
++++++++++++ |
|
23 |
|
|
24 |
The following apply to ``astakos``, ``pithos``, ``cyclades`` and ``cms`` nodes. |
|
25 |
Here we assume that these nodes have FQDM ``nodeX.example.com``. |
|
26 |
|
|
27 |
First install corresponding packet: |
|
28 |
|
|
29 |
.. code-block:: console |
|
30 |
|
|
31 |
# apt-get install apache2 |
|
32 |
|
|
33 |
In `/etc/apache2/sites-available/synnefo` add: |
|
34 |
|
|
35 |
.. code-block:: console |
|
36 |
|
|
37 |
<VirtualHost *:80> |
|
38 |
ServerName nodeX.example.com |
|
39 |
|
|
40 |
RewriteEngine On |
|
41 |
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} |
|
42 |
</VirtualHost> |
|
43 |
|
|
44 |
In `/etc/apache2/sites-available/synnefo-ssl` add: |
|
45 |
|
|
46 |
.. code-block:: console |
|
47 |
|
|
48 |
<IfModule mod_ssl.c> |
|
49 |
<VirtualHost _default_:443> |
|
50 |
ServerName nodeX.example.com |
|
51 |
|
|
52 |
Alias /static "/usr/share/synnefo/static" |
|
53 |
|
|
54 |
AllowEncodedSlashes On |
|
55 |
|
|
56 |
RequestHeader set X-Forwarded-Protocol "https" |
|
57 |
|
|
58 |
<Proxy * > |
|
59 |
Order allow,deny |
|
60 |
Allow from all |
|
61 |
</Proxy> |
|
62 |
|
|
63 |
SetEnv proxy-sendchunked |
|
64 |
SSLProxyEngine off |
|
65 |
ProxyErrorOverride off |
|
66 |
|
|
67 |
ProxyPass /static ! |
|
68 |
ProxyPass / http://localhost:8080/ retry=0 |
|
69 |
ProxyPassReverse / http://localhost:8080/ |
|
70 |
|
|
71 |
SSLEngine on |
|
72 |
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem |
|
73 |
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key |
|
74 |
</VirtualHost> |
|
75 |
</IfModule> |
|
76 |
|
|
77 |
Now enable sites and modules by running: |
|
78 |
|
|
79 |
.. code-block:: console |
|
80 |
|
|
81 |
# a2enmod ssl |
|
82 |
# a2enmod rewrite |
|
83 |
# a2dissite default |
|
84 |
# a2ensite synnefo |
|
85 |
# a2ensite synnefo-ssl |
|
86 |
# a2enmod headers |
|
87 |
# a2enmod proxy_http |
|
88 |
|
|
89 |
|
|
90 |
Test your Setup: |
|
91 |
++++++++++++++++ |
/dev/null | ||
---|---|---|
1 |
.. _i-apt: |
|
2 |
|
|
3 |
Synnefo |
|
4 |
------- |
|
5 |
|
|
6 |
:ref:`synnefo <i-synnefo>` || |
|
7 |
:ref:`ns <i-ns>` || |
|
8 |
apt || |
|
9 |
:ref:`mq <i-mq>` || |
|
10 |
:ref:`db <i-db>` || |
|
11 |
:ref:`gunicorn <i-gunicorn>` || |
|
12 |
:ref:`apache <i-apache>` || |
|
13 |
:ref:`webproject <i-webproject>` || |
|
14 |
:ref:`astakos <i-astakos>` || |
|
15 |
:ref:`cms <i-cms>` || |
|
16 |
:ref:`pithos <i-pithos>` || |
|
17 |
:ref:`cyclades <i-cyclades>` || |
|
18 |
:ref:`kamaki <i-kamaki>` || |
|
19 |
:ref:`backends <i-backends>` |
|
20 |
|
|
21 |
APT Setup |
|
22 |
+++++++++ |
|
23 |
|
|
24 |
The following apply to ``synnefo`` nodes. |
|
25 |
|
|
26 |
To be able to download all synnefo components, you need to add the following |
|
27 |
lines in `/etc/apt/sources.list.d/synnefo.list` file: |
|
28 |
|
|
29 |
.. code-block:: console |
|
30 |
|
|
31 |
deb http://apt.dev.grnet.gr squeeze main |
|
32 |
deb-src http://apt.dev.grnet.gr squeeze main |
|
33 |
deb http://apt.dev.grnet.gr squeeze-backports main |
|
34 |
deb-src http://apt.dev.grnet.gr squeeze-backports main |
|
35 |
deb http://backports.debian.org/debian-backports squeeze-backports main |
|
36 |
deb http://www.rabbitmq.com/debian/ testing main |
|
37 |
|
|
38 |
Import the additional repos' GPG key and get the packages list: |
|
39 |
|
|
40 |
.. code-block:: console |
|
41 |
|
|
42 |
# wget http://www.rabbitmq.com/rabbitmq-signing-key-public.asc |
|
43 |
# apt-key add rabbitmq-signing-key-public.asc |
|
44 |
# curl https://dev.grnet.gr/files/apt-grnetdev.pub | apt-key add - |
|
45 |
# apt-get update |
|
46 |
|
|
47 |
|
|
48 |
Test your Setup: |
|
49 |
++++++++++++++++ |
/dev/null | ||
---|---|---|
1 |
.. _i-astakos: |
|
2 |
|
|
3 |
Synnefo |
|
4 |
------- |
|
5 |
|
|
6 |
:ref:`synnefo <i-synnefo>` || |
|
7 |
:ref:`ns <i-ns>` || |
|
8 |
:ref:`apt <i-apt>` || |
|
9 |
:ref:`mq <i-mq>` || |
|
10 |
:ref:`db <i-db>` || |
|
11 |
:ref:`gunicorn <i-gunicorn>` || |
|
12 |
:ref:`apache <i-apache>` || |
|
13 |
:ref:`webproject <i-webproject>` || |
|
14 |
astakos || |
|
15 |
:ref:`cms <i-cms>` || |
|
16 |
:ref:`pithos <i-pithos>` || |
|
17 |
:ref:`cyclades <i-cyclades>` || |
|
18 |
:ref:`kamaki <i-kamaki>` || |
|
19 |
:ref:`backends <i-backends>` |
|
20 |
|
|
21 |
Astakos Setup |
|
22 |
+++++++++++++ |
|
23 |
|
|
24 |
The following apply to ``astakos`` node. In the following sections |
|
25 |
we will refer to its IP as ``accounts.example.com`` . Make sure |
|
26 |
you have db, mq, apache and gunicorn setup already. |
|
27 |
|
|
28 |
IMPORTANT: Currently if astakos coexists with cyclades/pithos roles, your setup is prone to csrf attacks. |
|
29 |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
30 |
|
|
31 |
First install the corresponding package: |
|
32 |
|
|
33 |
.. code-block:: console |
|
34 |
|
|
35 |
# apt-get install snf-astakos-app |
|
36 |
|
|
37 |
In `/etc/synnefo/astakos.conf` add: |
|
38 |
|
|
39 |
.. code-block:: console |
|
40 |
|
|
41 |
CLOUDBAR_LOCATION = 'https://accounts.example.com/static/im/cloudbar/' |
|
42 |
CLOUDBAR_SERVICES_URL = 'https://accounts.example.com/im/get_services' |
|
43 |
CLOUDBAR_MENU_URL = 'https://accounts.example.com/im/get_menu' |
|
44 |
|
|
45 |
ASTAKOS_IM_MODULES = ['local'] |
|
46 |
|
|
47 |
ASTAKOS_BASEURL = 'https://accounts.example.com' |
|
48 |
|
|
49 |
ASTAKOS_SITENAME = '~okeanos @ example.com' |
|
50 |
ASTAKOS_RECAPTCHA_PUBLIC_KEY = '6LeFidMSAAAAAM7Px7a96YQzsBcKYeXCI_sFz0Gk' |
|
51 |
ASTAKOS_RECAPTCHA_PRIVATE_KEY = '6LeFidMSAAAAAFv5U5NSayJJJhr0roludAidPd2M' |
|
52 |
|
|
53 |
ASTAKOS_RECAPTCHA_USE_SSL = True |
|
54 |
ASTAKOS_RECAPTCHA_ENABLED = True |
|
55 |
|
|
56 |
ASTAKOS_COOKIE_DOMAIN = 'example.com' |
|
57 |
|
|
58 |
If ``astakos`` is on the same node with ``cyclades`` or ``pithos``, add the following |
|
59 |
line in `/etc/synnefo/astakos.conf` but please note that your setup will be prone to |
|
60 |
csrf attacks: |
|
61 |
|
|
62 |
.. code-block:: console |
|
63 |
|
|
64 |
MIDDLEWARE_CLASSES.remove('django.middleware.csrf.CsrfViewMiddleware') |
|
65 |
|
|
66 |
Then initialize the Database and register services with: |
|
67 |
|
|
68 |
.. code-block:: console |
|
69 |
|
|
70 |
# /etc/init.d/gunicorn restart |
|
71 |
# snf-manage syncdb --noinput |
|
72 |
# snf-manage migrate im |
|
73 |
# snf-manage loaddata groups |
|
74 |
# snf-manage service-add "~okeanos home" https://cms.example.com/ home-icon.png |
|
75 |
# snf-manage service-add "cyclades" https://cyclades.example.com/ui/ |
|
76 |
# snf-manage service-add "pithos+" https://pithos.example.com/ui/ |
|
77 |
# /etc/init.d/gunicorn restart |
|
78 |
# /etc/init.d/apache2 restart |
|
79 |
|
|
80 |
Please note that in case pithos and cyclades nodes are the same node, the pithos url |
|
81 |
should be ``https://pithos.example.com/pithos/ui/`` . |
|
82 |
|
|
83 |
Let's create our first user. Go at ``http://accounts.example.com/im/`` and |
|
84 |
click the "CREATE ACCOUNT" button and fill all your data at the sign up form. |
|
85 |
Then click "SUBMIT". You should now see a green box on the top, which informs |
|
86 |
you that you made a successful request and the request has been sent to the |
|
87 |
administrators. So far so good, let's assume that you created the user with |
|
88 |
username ``user@example.com``. |
|
89 |
|
|
90 |
Now we need to activate that user. Return to a command prompt aand run: |
|
91 |
|
|
92 |
.. code-block:: console |
|
93 |
|
|
94 |
# snf-manage user-list |
|
95 |
# snf-manage user-modify --set-active 1 |
|
96 |
|
|
97 |
where 1 should be the id of the user you previously created. |
|
98 |
|
|
99 |
All this can be done with one command: |
|
100 |
|
|
101 |
.. code-block:: console |
|
102 |
|
|
103 |
# snf-manage user-add --password=12345 --active user@example.com Name LastName |
|
104 |
|
|
105 |
|
|
106 |
Test your Setup: |
|
107 |
++++++++++++++++ |
/dev/null | ||
---|---|---|
1 |
.. _i-backends: |
|
2 |
|
|
3 |
Synnefo |
|
4 |
------- |
|
5 |
|
|
6 |
:ref:`synnefo <i-synnefo>` || |
|
7 |
:ref:`ns <i-ns>` || |
|
8 |
:ref:`apt <i-apt>` || |
|
9 |
:ref:`mq <i-mq>` || |
|
10 |
:ref:`db <i-db>` || |
|
11 |
:ref:`gunicorn <i-gunicorn>` || |
|
12 |
:ref:`apache <i-apache>` || |
|
13 |
:ref:`webproject <i-webproject>` || |
|
14 |
:ref:`astakos <i-astakos>` || |
|
15 |
:ref:`cms <i-cms>` || |
|
16 |
:ref:`pithos <i-pithos>` || |
|
17 |
:ref:`cyclades <i-cyclades>` || |
|
18 |
:ref:`kamaki <i-kamaki>` || |
|
19 |
backends |
|
20 |
|
|
21 |
Backends |
|
22 |
++++++++ |
|
23 |
|
|
24 |
:ref:`ganeti <i-ganeti>` || |
|
25 |
:ref:`image <i-image>` || |
|
26 |
:ref:`gtools <i-gtools>` || |
|
27 |
:ref:`network <i-network>` |
|
28 |
|
|
29 |
The sections above, guide you though the actions needed to create a synnefo |
|
30 |
backend. Once you have at least one backend up and running you can go back to |
|
31 |
the :ref:`cyclades <i-cyclades>` section, add the backend, create a public |
|
32 |
network and have full synnefo functionality. |
|
33 |
|
|
34 |
In the following sections we will refer to the following roles: |
|
35 |
|
|
36 |
* ``ganeti`` (all nodes of a Ganeti cluster/synnefo backend) |
|
37 |
* ``master`` (ganeti master node) |
|
38 |
* ``router`` |
|
39 |
|
|
40 |
Please note that all these roles can be "played" by the same node. |
|
41 |
|
|
42 |
Prerequisites: |
|
43 |
~~~~~~~~~~~~~~ |
|
44 |
|
|
45 |
``master``: |
|
46 |
|
|
47 |
- Available master IP that resolves to FQDN (ganeti.example.com) |
|
48 |
|
|
49 |
``ganeti``: |
|
50 |
|
|
51 |
- primary interface: `eth0` with IP that resolves to FQDN (nodeX.example.com) |
|
52 |
- /etc/hosts: hostname should not resolv to 127.* address. |
|
53 |
- /etc/ssh/ssh_host_rsa_key*: must be identical among all nodes. |
|
54 |
- extra interfaces: `eth1`, `eth2` (vlans can be used too) |
|
55 |
- NFS mount point: `/srv/pithos` |
|
56 |
- lvm: Volume Group named `ganeti` |
|
57 |
|
|
58 |
``router``: |
|
59 |
|
|
60 |
- primary interface: `eth0` with public routable IP |
|
61 |
- extra interfaces: `eth1`, `eth2` (vlans can be used too) connected with ganeti nodes |
/dev/null | ||
---|---|---|
1 |
.. _i-cms: |
|
2 |
|
|
3 |
Synnefo |
|
4 |
------- |
|
5 |
|
|
6 |
:ref:`synnefo <i-synnefo>` || |
|
7 |
:ref:`ns <i-ns>` || |
|
8 |
:ref:`apt <i-apt>` || |
|
9 |
:ref:`mq <i-mq>` || |
|
10 |
:ref:`db <i-db>` || |
|
11 |
:ref:`gunicorn <i-gunicorn>` || |
|
12 |
:ref:`apache <i-apache>` || |
|
13 |
:ref:`webproject <i-webproject>` || |
|
14 |
:ref:`astakos <i-astakos>` || |
|
15 |
cms || |
|
16 |
:ref:`pithos <i-pithos>` || |
|
17 |
:ref:`cyclades <i-cyclades>` || |
|
18 |
:ref:`kamaki <i-kamaki>` || |
|
19 |
:ref:`backends <i-backends>` |
|
20 |
|
|
21 |
CMS Setup |
|
22 |
+++++++++ |
|
23 |
|
|
24 |
The following apply to ``cms`` node. In the following sections |
|
25 |
we will refer to its IP as ``cms.example.com`` . Before install make sure |
|
26 |
you have db, apache and gunicorn setup already. |
|
27 |
|
|
28 |
IMPORTANT: Currently cms cannot coexist with astakos, synnefo and pithos roles |
|
29 |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
30 |
|
|
31 |
First install the corresponding package: |
|
32 |
|
|
33 |
.. code-block:: console |
|
34 |
|
|
35 |
# apt-get install snf-cloudcms |
|
36 |
|
|
37 |
|
|
38 |
In `/etc/synnefo/cloudcms.conf` add: |
|
39 |
|
|
40 |
.. code-block:: console |
|
41 |
|
|
42 |
CLOUDBAR_ACTIVE = True |
|
43 |
CLOUDBAR_LOCATION = 'https://accounts.example.com/static/im/cloudbar/' |
|
44 |
CLOUDBAR_SERVICES_URL = 'https://accounts.example.com/im/get_services' |
|
45 |
CLOUDBAR_MENU_URL = 'https://accounts.example.com/im/get_menu' |
|
46 |
|
|
47 |
WEBPROJECT_SERVE_STATIC = True |
|
48 |
|
|
49 |
Then restart the services and initialize database: |
|
50 |
|
|
51 |
.. code-block:: console |
|
52 |
|
|
53 |
# /etc/init.d/gunicorn restart |
|
54 |
# /etc/init.d/apache2 restart |
|
55 |
# snf-manage syncdb |
|
56 |
# snf-manage migrate |
|
57 |
|
|
58 |
Here we can load some initial data. Add in `/tmp/sites.json` : |
|
59 |
|
|
60 |
.. code-block:: console |
|
61 |
|
|
62 |
[ |
|
63 |
{ |
|
64 |
"pk": 1, |
|
65 |
"model": "sites.site", |
|
66 |
"fields": { |
|
67 |
"domain": "okeanos.grnet.gr", |
|
68 |
"name": "okeanos.grnet.gr" |
|
69 |
} |
|
70 |
} |
|
71 |
] |
|
72 |
|
|
73 |
|
|
74 |
and in `/tmp/pages.json`: |
|
75 |
|
|
76 |
.. code-block:: console |
|
77 |
|
|
78 |
[ |
|
79 |
{ |
|
80 |
"fields": { |
|
81 |
"_cached_url": "/", |
|
82 |
"_content_title": "", |
|
83 |
"_page_title": "", |
|
84 |
"active": true, |
|
85 |
"creation_date": "2012-11-16 14:52:19", |
|
86 |
"in_navigation": false, |
|
87 |
"language": "en", |
|
88 |
"level": 0, |
|
89 |
"lft": 1, |
|
90 |
"meta_description": "", |
|
91 |
"meta_keywords": "", |
|
92 |
"modification_date": "2012-11-16 14:52:19", |
|
93 |
"navigation_extension": null, |
|
94 |
"override_url": "/", |
|
95 |
"parent": null, |
|
96 |
"publication_date": "2012-11-16 14:50:00", |
|
97 |
"publication_end_date": null, |
|
98 |
"redirect_to": "", |
|
99 |
"rght": 2, |
|
100 |
"site": 1, |
|
101 |
"slug": "okeanos", |
|
102 |
"symlinked_page": null, |
|
103 |
"template_key": "twocolwide", |
|
104 |
"title": "Okeanos", |
|
105 |
"translation_of": null, |
|
106 |
"tree_id": 1 |
|
107 |
}, |
|
108 |
"model": "page.page", |
|
109 |
"pk": 1 |
|
110 |
}, |
|
111 |
{ |
|
112 |
"fields": { |
|
113 |
"ordering": 0, |
|
114 |
"parent": 1, |
|
115 |
"region": "main", |
|
116 |
"text": "Welcome to Okeanos!!\r\n\r\n" |
|
117 |
}, |
|
118 |
"model": "page.rawcontent", |
|
119 |
"pk": 1 |
|
120 |
} |
|
121 |
] |
|
122 |
|
|
123 |
|
|
124 |
|
|
125 |
and finally run: |
|
126 |
|
|
127 |
.. code-block:: console |
|
128 |
|
|
129 |
# snf-manage loaddata /tmp/sites.json |
|
130 |
# snf-manage loaddata /tmp/page.json |
|
131 |
# snf-manage createsuperuser --username=admin --email=admin@example --noinput |
|
132 |
|
|
133 |
|
|
134 |
Test your Setup: |
|
135 |
++++++++++++++++ |
/dev/null | ||
---|---|---|
1 |
.. _i-cyclades: |
|
2 |
|
|
3 |
Synnefo |
|
4 |
------- |
|
5 |
|
|
6 |
|
|
7 |
:ref:`synnefo <i-synnefo>` || |
|
8 |
:ref:`ns <i-ns>` || |
|
9 |
:ref:`apt <i-apt>` || |
|
10 |
:ref:`mq <i-mq>` || |
|
11 |
:ref:`db <i-db>` || |
|
12 |
:ref:`gunicorn <i-gunicorn>` || |
|
13 |
:ref:`apache <i-apache>` || |
|
14 |
:ref:`webproject <i-webproject>` || |
|
15 |
:ref:`astakos <i-astakos>` || |
|
16 |
:ref:`cms <i-cms>` || |
|
17 |
:ref:`pithos <i-pithos>` || |
|
18 |
cyclades || |
|
19 |
:ref:`kamaki <i-kamaki>` || |
|
20 |
:ref:`backends <i-backends>` |
|
21 |
|
|
22 |
Cyclades Setup |
|
23 |
++++++++++++++ |
|
24 |
|
|
25 |
The following apply to ``cyclades`` node. In the rest of the sections |
|
26 |
we will refer to its IP with FQDN ``cyclades.example.com``.Please make sure you have |
|
27 |
db, mq, gunicorn, apache, webproject, pithos and astakos already setup. |
|
28 |
|
|
29 |
Install the corresponding package. Please note that memcache is needed for |
|
30 |
versions >= 0.13 : |
|
31 |
|
|
32 |
.. code-block:: console |
|
33 |
|
|
34 |
# apt-get install memcached |
|
35 |
# apt-get install python-memcache |
|
36 |
# apt-get install snf-cyclades-app |
|
37 |
|
|
38 |
In `/etc/synnefo/cyclades.conf` add: |
|
39 |
|
|
40 |
.. code-block:: console |
|
41 |
|
|
42 |
MAX_CIDR_BLOCK = 21 |
|
43 |
PUBLIC_USE_POOL = True |
|
44 |
|
|
45 |
CUSTOM_BRIDGED_BRIDGE = 'br0' |
|
46 |
|
|
47 |
MAX_VMS_PER_USER = 5 |
|
48 |
VMS_USER_QUOTA = { |
|
49 |
'user@example.com': 20, |
|
50 |
} |
|
51 |
MAX_NETWORKS_PER_USER = 3 |
|
52 |
NETWORKS_USER_QUOTA = { 'user@example.com': 10 } |
|
53 |
GANETI_DISK_TEMPLATES = ('blockdev', 'diskless', 'drbd', 'file', 'plain', |
|
54 |
'rbd', 'sharedfile', 'ext') |
|
55 |
ASTAKOS_URL = 'https://accounts.example.com/im/authenticate' |
|
56 |
|
|
57 |
SECRET_ENCRYPTION_KEY= "oEs0pt7Di1mkxA0P6FiK" |
|
58 |
|
|
59 |
GANETI_CREATEINSTANCE_KWARGS = { |
|
60 |
'os': 'snf-image+default', |
|
61 |
'hvparams': {'serial_console': False}, |
|
62 |
'wait_for_sync': False} |
|
63 |
|
|
64 |
GANETI_USE_HOTPLUG = True |
|
65 |
CLOUDBAR_LOCATION = 'https://accounts.example.com/static/im/cloudbar/' |
|
66 |
CLOUDBAR_ACTIVE_SERVICE = '2' |
|
67 |
CLOUDBAR_SERVICES_URL = 'https://accounts.example.com/im/get_services' |
|
68 |
CLOUDBAR_MENU_URL = 'https://accounts.example.com/im/get_menu' |
|
69 |
BACKEND_DB_CONNECTION = 'postgresql://synnefo:example_passw0rd@db.example.com:5432/snf_pithos' |
|
70 |
BACKEND_BLOCK_PATH = '/srv/pithos/data/' |
|
71 |
|
|
72 |
AMQP_HOSTS = ["amqp://synnefo:example_rabbitmq_passw0rd@mq.example.com:5672"] |
|
73 |
|
|
74 |
CACHE_BACKEND = 'memcached://127.0.0.1:11211/' |
|
75 |
VMAPI_BASE_URL = 'https://cyclades.example.com/' |
|
76 |
|
|
77 |
|
|
78 |
Restart services and initialize database: |
|
79 |
|
|
80 |
.. code-block:: console |
|
81 |
|
|
82 |
# /etc/init.d/gunicorn restart |
|
83 |
# /etc/init.d/apache2 restart |
|
84 |
# snf-manage syncdb |
|
85 |
# snf-manage migrate |
|
86 |
# snf-manage loaddata flavors |
|
87 |
|
|
88 |
Enable dispatcher: |
|
89 |
|
|
90 |
.. code-block:: console |
|
91 |
|
|
92 |
# sed -i 's/false/true/' /etc/default/snf-dispatcher |
|
93 |
# /etc/init.d/snf-dispatcher start |
|
94 |
|
|
95 |
In order end-user to have access to the VM's console: |
|
96 |
|
|
97 |
.. code-block:: console |
|
98 |
|
|
99 |
# apt-get install snf-vncauthproxy |
|
100 |
|
|
101 |
Edit `/etc/default/vncauthproxy`: |
|
102 |
|
|
103 |
.. code-block:: console |
|
104 |
|
|
105 |
CHUID="www-data:nogroup" |
|
106 |
|
|
107 |
|
|
108 |
At this point you should setup a :ref:`backend <i-backends>`. Please refer to the |
|
109 |
coresponding section. Here we assume that at least one backend is up and running, |
|
110 |
so we can add it in Cyclades with: |
|
111 |
|
|
112 |
.. code-block:: console |
|
113 |
|
|
114 |
# snf-manage backend-add --clustername=ganeti.example.com --user=synnefo --pass=example_rapi_passw0rd |
|
115 |
|
|
116 |
After 0.13 every backend added stays in drained mode (no VMs can be added). |
|
117 |
Therefore get your backend ID (propably 1) and run: |
|
118 |
|
|
119 |
.. code-block:: console |
|
120 |
|
|
121 |
# snf-manage backend-list |
|
122 |
# snf-manage backend-modify --drained=False 1 |
|
123 |
|
|
124 |
Further assumptions: |
|
125 |
|
|
126 |
- Preprovisioned Bridges: ``br0``, ``prv0``, ``prv1..prv20`` |
|
127 |
- Available "public" Subnet: ``10.0.1.0/24`` |
|
128 |
- Available "public" Gateway: ``10.0.1.1`` |
|
129 |
- Connectivity link for public network: ``br0`` |
|
130 |
|
|
131 |
|
|
132 |
Here admin has to define two different resource pools in Synnefo: |
|
133 |
|
|
134 |
- MAC prefix Pool |
|
135 |
- Bridge Pool |
|
136 |
|
|
137 |
.. code-block:: console |
|
138 |
|
|
139 |
# snf-manage pool-create --type=mac-prefix --base=aa:00:0 --size=65536 |
|
140 |
# snf-manage pool-create --type=bridge --base=prv --size=20 |
|
141 |
|
|
142 |
Add the synnefo setting in :file:`/etc/synnefo/cyclades.conf`: |
|
143 |
|
|
144 |
.. code-block:: console |
|
145 |
|
|
146 |
PRIVATE_MAC_FILTERED_BRIDGE = 'prv0' |
|
147 |
|
|
148 |
Add public network where the VM's will eventually connect to in order to |
|
149 |
access Internet: |
|
150 |
|
|
151 |
.. code-block:: console |
|
152 |
|
|
153 |
# snf-manage network-create --subnet=10.0.1.0/24 --gateway=10.0.1.1 --public --dhcp --flavor=CUSTOM --mode=bridged --link=br0 --name=Internet --backend-id=1 |
|
154 |
|
|
155 |
|
|
156 |
Test your Setup: |
|
157 |
++++++++++++++++ |
/dev/null | ||
---|---|---|
1 |
.. _i-db: |
|
2 |
|
|
3 |
Synnefo |
|
4 |
------- |
|
5 |
|
|
6 |
:ref:`synnefo <i-synnefo>` || |
|
7 |
:ref:`ns <i-ns>` || |
|
8 |
:ref:`apt <i-apt>` || |
|
9 |
:ref:`mq <i-mq>` || |
|
10 |
db || |
|
11 |
:ref:`gunicorn <i-gunicorn>` || |
|
12 |
:ref:`apache <i-apache>` || |
|
13 |
:ref:`webproject <i-webproject>` || |
|
14 |
:ref:`astakos <i-astakos>` || |
|
15 |
:ref:`cms <i-cms>` || |
|
16 |
:ref:`pithos <i-pithos>` || |
|
17 |
:ref:`cyclades <i-cyclades>` || |
|
18 |
:ref:`kamaki <i-kamaki>` || |
|
19 |
:ref:`backends <i-backends>` |
|
20 |
|
|
21 |
Database Setup |
|
22 |
++++++++++++++ |
|
23 |
|
|
24 |
The following apply to ``db`` node. For the rest of the sections we will |
|
25 |
refer to its IP as ``db.example.com`` . |
|
26 |
|
|
27 |
First install progresql: |
|
28 |
|
|
29 |
.. code-block:: console |
|
30 |
|
|
31 |
# apt-get install postgresql |
|
32 |
|
|
33 |
We create a database called ``snf_apps``, that will host all django |
|
34 |
apps related tables. We also create the user ``synnefo`` and grant him all |
|
35 |
privileges on the database. We do this by running: |
|
36 |
|
|
37 |
.. code-block:: console |
|
38 |
|
|
39 |
# su - postgres |
|
40 |
postgres:~$ psql |
|
41 |
postgres=# CREATE DATABASE snf_apps WITH ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE=template0; |
|
42 |
postgres=# CREATE USER synnefo WITH PASSWORD 'example_passw0rd'; |
|
43 |
postgres=# GRANT ALL PRIVILEGES ON DATABASE snf_apps TO synnefo; |
|
44 |
|
|
45 |
We also create the database ``snf_pithos`` needed by the pithos+ backend and |
|
46 |
grant the ``synnefo`` user all privileges on the database. |
|
47 |
|
|
48 |
.. code-block:: console |
|
49 |
|
|
50 |
postgres=# CREATE DATABASE snf_pithos WITH ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE=template0; |
|
51 |
postgres=# GRANT ALL PRIVILEGES ON DATABASE snf_pithos TO synnefo; |
|
52 |
|
|
53 |
Configure the database to listen to all network interfaces. You can do this by |
|
54 |
editting the file `/etc/postgresql/8.4/main/postgresql.conf` with: |
|
55 |
|
|
56 |
| ``listen_addresses = '*'`` |
|
57 |
|
|
58 |
Furthermore, edit `/etc/postgresql/8.4/main/pg_hba.conf` to allow the nodes |
|
59 |
to connect to the database. Add the following line: |
|
60 |
|
|
61 |
| ``host all all 4.3.2.0/24 md5`` |
|
62 |
|
|
63 |
.. code-block:: console |
|
64 |
|
|
65 |
# /etc/init.d/postgresql restart |
|
66 |
|
|
67 |
|
|
68 |
Test your Setup: |
|
69 |
++++++++++++++++ |
/dev/null | ||
---|---|---|
1 |
.. _i-ganeti: |
|
2 |
|
|
3 |
Synnefo |
|
4 |
------- |
|
5 |
|
|
6 |
:ref:`synnefo <i-synnefo>` || |
|
7 |
:ref:`ns <i-ns>` || |
|
8 |
:ref:`apt <i-apt>` || |
|
9 |
:ref:`mq <i-mq>` || |
|
10 |
:ref:`db <i-db>` || |
|
11 |
:ref:`gunicorn <i-gunicorn>` || |
|
12 |
:ref:`apache <i-apache>` || |
|
13 |
:ref:`webproject <i-webproject>` || |
|
14 |
:ref:`astakos <i-astakos>` || |
|
15 |
:ref:`cms <i-cms>` || |
|
16 |
:ref:`pithos <i-pithos>` || |
|
17 |
:ref:`cyclades <i-cyclades>` || |
|
18 |
:ref:`kamaki <i-kamaki>` || |
|
19 |
:ref:`backends <i-backends>` |
|
20 |
|
|
21 |
Backends |
|
22 |
++++++++ |
|
23 |
|
|
24 |
ganeti || |
|
25 |
:ref:`image <i-image>` || |
|
26 |
:ref:`gtools <i-gtools>` || |
|
27 |
:ref:`network <i-network>` |
|
28 |
|
|
29 |
|
|
30 |
Ganeti Setup |
|
31 |
~~~~~~~~~~~~ |
|
32 |
|
|
33 |
In ``ganeti`` nodes install GRNet specific Ganeti package and enable drbd: |
|
34 |
|
|
35 |
.. code-block:: console |
|
36 |
|
|
37 |
# apt-get install python-bitarray |
|
38 |
# apt-get install snf-ganeti ganeti-htools |
|
39 |
# modprobe drbd minor_count=255 usermode_helper=/bin/true |
|
40 |
|
|
41 |
|
|
42 |
The following apply to ``master`` node. Here we will create a Ganeti cluster with |
|
43 |
all available ``ganeti`` nodes. Please note that Ganeti needs a pair of rsa/dsa keys |
|
44 |
for the root user. If already exist in `/root/.ssh/` in all nodes then --no-ssh-init |
|
45 |
can be used. In omitted then the existing files will be overriden. Upon node add |
|
46 |
Ganeti will replace `/etc/ssh/ssh_host*` files with the master's ones: |
|
47 |
|
|
48 |
.. code-block:: console |
|
49 |
|
|
50 |
# gnt-cluster init --enabled-hypervisors=kvm \ |
|
51 |
--vg-name=ganeti \ |
|
52 |
--nic-parameters link=br0,mode=bridged \ |
|
53 |
--master-netdev eth0 \ |
|
54 |
--default-iallocator hail \ |
|
55 |
--hypervisor-parameters kvm:kernel_path=,vnc_bind_address=0.0.0.0 \ |
|
56 |
--no-ssh-init --no-etc-hosts \ |
|
57 |
ganeti.example.com |
|
58 |
|
|
59 |
# gnt-cluster modify --disk-parameters=drbd:metavg=ganeti |
|
60 |
# gnt-group modify --disk-parameters=drbd:metavg=ganeti default |
|
61 |
|
|
62 |
# for n in node2 node3 node4 node5 node6; do |
|
63 |
gnt-node add --no-ssh-key-check --master-capable=yes --vm-capable=yes $n.example.com |
|
64 |
done |
|
65 |
|
|
66 |
We need to add a rapi user to Ganeti so that Synnefo can talk with the backend: |
|
67 |
|
|
68 |
.. code-block:: console |
|
69 |
|
|
70 |
# result=$(echo -n "synnefo:Ganeti Remote API:example_rapi_passw0rd" | openssl md5) |
|
71 |
# echo "synnefo {HA1} $result" >> /var/lib/ganeti/rapi/users |
|
72 |
# /etc/init.d/ganeti restart |
|
73 |
|
|
74 |
|
|
75 |
Test your Setup: |
|
76 |
++++++++++++++++ |
/dev/null | ||
---|---|---|
1 |
.. _i-gtools: |
|
2 |
|
|
3 |
Synnefo |
|
4 |
------- |
|
5 |
|
|
6 |
:ref:`synnefo <i-synnefo>` || |
|
7 |
:ref:`ns <i-ns>` || |
|
8 |
:ref:`apt <i-apt>` || |
|
9 |
:ref:`mq <i-mq>` || |
|
10 |
:ref:`db <i-db>` || |
|
11 |
:ref:`gunicorn <i-gunicorn>` || |
|
12 |
:ref:`apache <i-apache>` || |
|
13 |
:ref:`webproject <i-webproject>` || |
|
14 |
:ref:`astakos <i-astakos>` || |
|
15 |
:ref:`cms <i-cms>` || |
|
16 |
:ref:`pithos <i-pithos>` || |
|
17 |
:ref:`cyclades <i-cyclades>` || |
|
18 |
:ref:`kamaki <i-kamaki>` || |
|
19 |
:ref:`backends <i-backends>` |
|
20 |
|
|
21 |
Backends |
|
22 |
++++++++ |
|
23 |
|
|
24 |
:ref:`ganeti <i-ganeti>` || |
|
25 |
:ref:`image <i-image>` || |
|
26 |
gtools || |
|
27 |
:ref:`network <i-network>` |
|
28 |
|
|
29 |
gtools Setup |
|
30 |
~~~~~~~~~~~~ |
|
31 |
|
|
32 |
The following apply to ``ganeti`` nodes. |
|
33 |
|
|
34 |
.. code-block:: console |
|
35 |
|
|
36 |
# apt-get install snf-cyclades-gtools |
|
37 |
|
|
38 |
Add this line in `/etc/synnefo/gtools.conf` |
|
39 |
|
|
40 |
.. code-block:: console |
|
41 |
|
|
42 |
AMQP_HOSTS = ["amqp://synnefo:example_rabbitmq_passw0rd@mq.example.com:5672"] |
|
43 |
|
|
44 |
|
|
45 |
and enable ``snf-ganeti-eventd``: |
|
46 |
|
|
47 |
.. code-block:: console |
|
48 |
|
|
49 |
# sed -i 's/false/true/' /etc/default/snf-ganeti-eventd |
|
50 |
# /etc/init.d/snf-ganeti-eventd start |
|
51 |
|
|
52 |
|
|
53 |
|
|
54 |
Test your Setup: |
|
55 |
++++++++++++++++ |
/dev/null | ||
---|---|---|
1 |
.. _i-gunicorn: |
|
2 |
|
|
3 |
Synnefo |
|
4 |
------- |
|
5 |
|
|
6 |
:ref:`synnefo <i-synnefo>` || |
|
7 |
:ref:`ns <i-ns>` || |
|
8 |
:ref:`apt <i-apt>` || |
|
9 |
:ref:`mq <i-mq>` || |
|
10 |
:ref:`db <i-db>` || |
|
11 |
gunicorn || |
|
12 |
:ref:`apache <i-apache>` || |
|
13 |
:ref:`webproject <i-webproject>` || |
|
14 |
:ref:`astakos <i-astakos>` || |
|
15 |
:ref:`cms <i-cms>` || |
|
16 |
:ref:`pithos <i-pithos>` || |
|
17 |
:ref:`cyclades <i-cyclades>` || |
|
18 |
:ref:`kamaki <i-kamaki>` || |
|
19 |
:ref:`backends <i-backends>` |
|
20 |
|
|
21 |
Gunicorn Setup |
|
22 |
++++++++++++++ |
|
23 |
|
|
24 |
The following apply to ``astakos``, ``pithos``, ``cyclades`` and ``cms`` nodes. |
|
25 |
|
|
26 |
.. code-block:: console |
|
27 |
|
|
28 |
# apt-get install -t squeeze-backports gunicorn |
|
29 |
|
|
30 |
In `/etc/gunicorn.d/synnefo` add: |
|
31 |
|
|
32 |
.. code-block:: console |
|
33 |
|
|
34 |
CONFIG = { |
|
35 |
'mode': 'django', |
|
36 |
'environment': { |
|
37 |
'DJANGO_SETTINGS_MODULE': 'synnefo.settings', |
|
38 |
}, |
|
39 |
'working_dir': '/etc/synnefo', |
|
40 |
'user': 'www-data', |
|
41 |
'group': 'www-data', |
|
42 |
'args': ( |
|
43 |
'--bind=127.0.0.1:8080', |
|
44 |
'--workers=4', |
|
45 |
'--worker-class=gevent', |
|
46 |
'--log-level=debug', |
|
47 |
), |
|
48 |
} |
|
49 |
|
|
50 |
Setting ``gevent`` for worker-class, requires webproject to support |
|
51 |
pooling and greenlets. |
|
52 |
|
|
53 |
Test your Setup: |
|
54 |
++++++++++++++++ |
/dev/null | ||
---|---|---|
1 |
.. _i-image: |
|
2 |
|
|
3 |
Synnefo |
|
4 |
------- |
|
5 |
|
|
6 |
:ref:`synnefo <i-synnefo>` || |
|
7 |
:ref:`ns <i-ns>` || |
|
8 |
:ref:`apt <i-apt>` || |
|
9 |
:ref:`mq <i-mq>` || |
|
10 |
:ref:`db <i-db>` || |
|
11 |
:ref:`gunicorn <i-gunicorn>` || |
|
12 |
:ref:`apache <i-apache>` || |
|
13 |
:ref:`webproject <i-webproject>` || |
|
14 |
:ref:`astakos <i-astakos>` || |
|
15 |
:ref:`cms <i-cms>` || |
|
16 |
:ref:`pithos <i-pithos>` || |
|
17 |
:ref:`cyclades <i-cyclades>` || |
|
18 |
:ref:`kamaki <i-kamaki>` || |
|
19 |
:ref:`backends <i-backends>` |
|
20 |
|
|
21 |
Backends |
|
22 |
++++++++ |
|
23 |
|
|
24 |
:ref:`ganeti <i-ganeti>` || |
|
25 |
image || |
|
26 |
:ref:`gtools <i-gtools>` || |
|
27 |
:ref:`network <i-network>` |
|
28 |
|
|
29 |
snf-image Setup |
|
30 |
~~~~~~~~~~~~~~~ |
|
31 |
|
|
32 |
The following apply to ``ganeti`` nodes. |
|
33 |
|
|
34 |
Firstly mount the ``pithos`` nfs mount point. Assuming that ``pithos`` node |
|
35 |
(the one who does the NFS export) is node1.example.com, append the following |
|
36 |
line in `/etc/fstab`: |
|
37 |
|
|
38 |
.. code-block:: console |
|
39 |
|
|
40 |
node1:/pithos /srv/pithos nfs4 defaults,rw,noatime,nodiratime,intr,rsize=1048576,wsize=1048576,noacl |
|
41 |
|
|
42 |
and then: |
|
43 |
|
|
44 |
.. code-block:: console |
|
45 |
|
|
46 |
apt-get install -t squeeze-backports nfs-common |
|
47 |
mkdir /srv/pithos |
|
48 |
mount /srv/pithos |
|
49 |
|
|
50 |
.. code-block:: console |
|
51 |
|
|
52 |
# apt-get install snf-image-host |
|
53 |
|
|
54 |
Append this lines in `/etc/snf-image/default` |
|
55 |
|
|
56 |
.. code-block:: console |
|
57 |
|
|
58 |
PITHOS_DB="postgresql://synnefo:example_passw0rd@db.example.com:5432/snf_pithos" |
|
59 |
PITHOS_DATA="/srv/pithos/data" |
|
60 |
PROGRESS_MONITOR='snf-progress-monitor' |
|
61 |
|
|
62 |
|
|
63 |
and create snf-image-helper with: |
|
64 |
|
|
65 |
.. code-block:: console |
|
66 |
|
|
67 |
# snf-image-update-helper -y |
|
68 |
|
|
69 |
|
|
70 |
Test your Setup: |
|
71 |
++++++++++++++++ |
/dev/null | ||
---|---|---|
1 |
.. _i-kamaki: |
|
2 |
|
|
3 |
Synnefo |
|
4 |
------- |
|
5 |
|
|
6 |
|
|
7 |
:ref:`synnefo <i-synnefo>` || |
|
8 |
:ref:`ns <i-ns>` || |
|
9 |
:ref:`apt <i-apt>` || |
|
10 |
:ref:`mq <i-mq>` || |
|
11 |
:ref:`db <i-db>` || |
|
12 |
:ref:`gunicorn <i-gunicorn>` || |
|
13 |
:ref:`apache <i-apache>` || |
|
14 |
:ref:`webproject <i-webproject>` || |
|
15 |
:ref:`astakos <i-astakos>` || |
|
16 |
:ref:`cms <i-cms>` || |
|
17 |
:ref:`pithos <i-pithos>` || |
|
18 |
:ref:`cyclades <i-cyclades>` || |
|
19 |
kamaki || |
|
20 |
:ref:`backends <i-backends>` |
|
21 |
|
|
22 |
kamaki Setup |
|
23 |
++++++++++++ |
|
24 |
|
|
25 |
The following apply to ``client`` node. Here we install a command line tool |
|
26 |
that the end-user can use instead of web UI. Prerequisites are that the |
|
27 |
client node can connect to synnefo nodes by using their FQDN and that |
|
28 |
the user has already aquired an AUTH_TOKEN from his/her profile page after |
|
29 |
signing in. |
|
30 |
|
|
31 |
Install the corresponding package: |
|
32 |
|
|
33 |
.. code-block:: console |
|
34 |
|
|
35 |
# apt-get install kamaki |
|
36 |
|
|
37 |
and build the correct config file: |
|
38 |
|
|
39 |
.. code-block:: console |
|
40 |
|
|
41 |
# kamaki config set astakos.url "https://accounts.example.com" |
|
42 |
# kamaki config set compute.url "https://cyclades.example.com/api/v1.1" |
|
43 |
# kamaki config set image.url "https://cyclades.example.com/plankton" |
|
44 |
# kamaki config set store.enable on |
|
45 |
# kamaki config set store.pithos_extensions on |
|
46 |
# kamaki config set store.url "https://pithos.example.com/v1" |
|
47 |
# kamaki config set store.account "user@example.com" |
|
48 |
|
|
49 |
# kamaki config set global.token AUTH_TOKEN |
|
50 |
|
|
51 |
|
|
52 |
Please download a Debian Base image from our repo: |
|
53 |
|
|
54 |
|
|
55 |
.. code-block:: console |
|
56 |
|
|
57 |
# wget https://pithos.okeanos.grnet.gr/public/66ke3 -O /tmp/debian_base.diskdump |
|
58 |
|
|
59 |
create a container in pithos, upload it: |
|
60 |
|
|
61 |
.. code-block:: console |
|
62 |
|
|
63 |
# kamaki store create images |
|
64 |
# kamaki store upload --container images /tmp/debian_base.diskdump debian_base.diskdump |
|
65 |
|
|
66 |
and register it to plankton: |
|
67 |
|
|
68 |
.. code-block:: console |
|
69 |
|
|
70 |
# kamaki image register "Debian Base" pithos://user@example/images/debian_base.diskdump \ |
|
71 |
--disk-format=diskdump \ |
|
72 |
--property OSFAMILY=linux \ |
|
73 |
--property ROOT_PARTITION=1 \ |
|
74 |
--property description="Debian Squeeze Base System" \ |
|
75 |
--property size=450M \ |
|
76 |
--property kernel=2.6.32 \ |
|
77 |
--property GUI="No GUI" \ |
|
78 |
--property sortorder=1 \ |
|
79 |
--property USERS=root \ |
|
80 |
--property OS=debian \ |
|
81 |
--public |
|
82 |
|
|
83 |
|
|
84 |
|
|
85 |
|
|
86 |
|
|
87 |
Test your Setup: |
|
88 |
++++++++++++++++ |
/dev/null | ||
---|---|---|
1 |
.. _i-mq: |
|
2 |
|
|
3 |
Synnefo |
|
4 |
------- |
|
5 |
|
|
6 |
:ref:`synnefo <i-synnefo>` || |
|
7 |
:ref:`ns <i-ns>` || |
|
8 |
:ref:`apt <i-apt>` || |
|
9 |
mq || |
|
10 |
:ref:`db <i-db>` || |
|
11 |
:ref:`gunicorn <i-gunicorn>` || |
|
12 |
:ref:`apache <i-apache>` || |
|
13 |
:ref:`astakos <i-astakos>` || |
|
14 |
:ref:`cms <i-cms>` || |
|
15 |
:ref:`pithos <i-pithos>` || |
|
16 |
:ref:`cyclades <i-cyclades>` || |
|
17 |
:ref:`kamaki <i-kamaki>` || |
|
18 |
:ref:`backends <i-backends>` |
|
19 |
|
|
20 |
Message Queue Setup |
|
21 |
+++++++++++++++++++ |
|
22 |
|
|
23 |
The following apply to ``mq`` node. For the rest of the sections we will refer to |
|
24 |
its IP as ``mq.example.com`` . |
|
25 |
|
|
26 |
.. code-block:: console |
|
27 |
|
|
28 |
# apt-get install rabbitmq-server |
|
29 |
|
Also available in: Unified diff