The document provides an introduction to building an OCCI-compatible cloud with OpenNebula. It discusses installing and configuring OpenNebula, including planning the installation, adding host systems, creating images, networks and templates, and instantiating virtual machines. The tutorial aims to demonstrate how to set up a basic OpenNebula environment and manage its core resources.
1. Cloud Interoperability Week – Hands-On Tutorial
Madrid, Spain, September 18th, 2013
1/16Creative Commons Attribution-NonCommercial-ShareAlike License
Build your OCCI-compatible Cloud with
OpenNebula
Daniel Molina Carlos Martín
Boris Parak
The research leading to these results has received funding from Comunidad de Madrid through research grant
MEDIANET S2009/TIC-1468,
Acknowledgments
2. 2An Introduction to Cloud Computing with OpenNebula
Agenda
Build your OCCI-compatible Cloud with OpenNebula!
● Introduction and Architecture
● Installation and Basic Usage
● rOCCI on top of OpenNebula
3. Cloud Interoperability Week – Hands-On Tutorial
Madrid, Spain, September 18th, 2013
Build your OCCI-compatible Cloud with OpenNebula
1/16Creative Commons Attribution-NonCommercial-ShareAlike License
An Introduction to Cloud Computing with
OpenNebula
Daniel Molina & Carlos Martín
Project Engineers
The research leading to these results has received funding from Comunidad de Madrid through research grant
MEDIANET S2009/TIC-1468,
Acknowledgments
4. 2An Introduction to Cloud Computing with OpenNebula
Agenda
An Introduction to Cloud Computing with OpenNebula!
● Infrastructure as a Service
● The OpenNebula Model
● The Anatomy of the Cloud
5. 3An Introduction to Cloud Computing with OpenNebula
Infrastructure as a Service
Types of Cloud Services!
What Who
On-demand access
to any application
End-user
(does not care about hw or sw)
Platform for building
and delivering web
applications
Developer
(no managing of the underlying hw &
swlayers)
Raw computer
infrastructure
System Administrator
(complete management of the
computer infrastructure)
Software as a Service
Platform as a Service
Infrastructure as a
Service
Physical Infrastructure
6. 4An Introduction to Cloud Computing with OpenNebula
Infrastructure as a Service
Types of Cloud Deployments!
• Simple Web Interface
• Raw Infrastructure Resources
• Pay-as-you-go (On-demand access)
• Elastic & “infinite” Capacity
Public Cloud
7. 5An Introduction to Cloud Computing with OpenNebula
• Simple Web Interface
• Raw Infrastructure Resources
• Pay-as-you-go (On-demand access)
• Elastic & “infinite” Capacity
Public Cloud
A “Public Cloud behind the firewall”
• Simplify internal operations
• Dynamic allocation of resources
• Higher utilization & operational savings
• Security concerns
Private Cloud
Infrastructure as a Service
Types of Cloud Deployments!
8. 6An Introduction to Cloud Computing with OpenNebula
• Simple Web Interface
• Raw Infrastructure Resources
• Pay-as-you-go (On-demand access)
• Elastic & “infinite” Capacity
Public Cloud
A “Public Cloud behind the firewall”
• Simplify internal operations
• Dynamic allocation of resources
• Higher utilization & operational savings
• Security concerns
Private Cloud
• Supplement the capacity of the Private Cloud
• Utility Computing dream made a reality!
Hybrid Cloud
Infrastructure as a Service
Types of Cloud Deployments!
9. 7An Introduction to Cloud Computing with OpenNebula
• Simple Web Interface
• Raw Infrastructure Resources
• Pay-as-you-go (On-demand access)
• Elastic & “infinite” Capacity
Public Cloud
A “Public Cloud behind the firewall”
• Simplify internal operations
• Dynamic allocation of resources
• Higher utilization & operational savings
• Security concerns
Private Cloud
• Suplement the capacity of the Private Cloud
• Utility Computing dream made a reality!
Hybrid Cloud
Infrastructure as a Service
Types of Cloud Deployments!
10. 8An Introduction to Cloud Computing with OpenNebula
Infrastructure as a Service
Challenges of IaaS Clouds!
● How do I provision a new VM?
Image Management & Context
● Where do I store the disks?
Storage
● How do I set up networking for a multitier service?
Network & VLANs
● Where do I put my web server VM?
Monitoring & Scheduling
● How do I manage any hypervisor?
Virtualization
● Who has access to the Cloud’s resources?
User & Role Management
● How do I manage my distributed infrastructure?
Interfaces & APIs
11. 9An Introduction to Cloud Computing with OpenNebula
● How do I provision a new VM?
Image Management & Context
● Where do I store the disks?
Storage
● How do I set up networking for a multitier service?
Network & VLANs
● Where do I put my web server VM?
Monitoring & Scheduling
● How do I manage any hypervisor?
Virtualization
● Who has access to the Cloud’s resources?
User & Role Management
● How do I manage my distributed infrastructure?
Interfaces & APIs
Uniform management layer that
orchestrates multiple technologies
Infrastructure as a Service
Challenges of IaaS Clouds!
12. 10An Introduction to Cloud Computing with OpenNebula
An Uniform Management Layer!
Infrastructure as a Service
13. 11An Introduction to Cloud Computing with OpenNebula
The OpenNebula Model
● Adaptable: Integration capabilities to fit into any data center
● Enterprise-ready: Upgrade process and commercial support
● No Lock-in: Broad infrastructure and platform independent
● Light: Efficient & simple
● Proven: Rigorously tested, mature and widely used
● Powerful: Advanced features for virtualized
● Scalable: single instance & multi-tier architectures
● Be interoperable! rich set of API's & Interfaces
● Open Source: Apache License v2
An Enterprise-ready Open-source Platform to Manage Cloud Data Centers!
14. 12An Introduction to Cloud Computing with OpenNebula
Widely Used to Build Enterprise Private Clouds in Medium and Large Data Centers!
Reference Users
Survey Q2/Q3 2012 (2,500 users http://c12g.com/resources/survey/)
The OpenNebula Model
15. 13An Introduction to Cloud Computing with OpenNebula
Story
A Project Aimed at Building the Industry Standard Open Cloud Management Tool!
2005
2008 2009 2010 2011 2012
• Develop & innovate
• Support the community
• Collaborate
Large-scale production
deployment: 16,000 VMs
5,000 downloads/
month
20142013
Research
Project
TP v1.0 v1.2 v1.4 v2.0 v2.2 v3.0 v3.2 v3.4 v3.6 v3.8 v4.0 V4.2
16. 14An Introduction to Cloud Computing with OpenNebula
The Anatomy of the Cloud
Different Perspectives of the Cloud – Demands from the Different Communities!
Cloud Consumer
Cloud
Administrator
Cloud Integrator
Cloud Application
Developer
17. 15An Introduction to Cloud Computing with OpenNebula
The Anatomy of the Cloud
OpenNebula Architecture - Infrastructure Agnostic and Highly Customizable!
OpenNebula core
Virtualization Images
Storage Network
Auth
Monitoring
Scheduler
XML-RPC API
OCA (Ruby, Java)
CLI GUI
Cloud
Servers
DB
Languages
18. 16An Introduction to Cloud Computing with OpenNebula
The Anatomy of the Cloud
Cloud Architecture - The Internals of the Cloud!
Interfaces, Tools & API
• CLI & Sunstone (GUI)
• API
• Cloud (EC2,OCCI)
• Service Management & Catalogs
Compute Hosts
• Grouped into logical clusters
• Multiple hypervisors
• Monitoring
Storage
• VM disks (file & block)
• Image Distribution
• Multiple Backends
Multi-tenancy
• AAA Services
• Scheduling
• Permissions & roles
Network
• VLAN
• Firewalling
• Multiple Technologies
19. 17An Introduction to Cloud Computing with OpenNebula
The Anatomy of the Cloud
Basic OpenNebula Deployment!
• Repository of VM images
• Multiple Backends (LVM, Ceph)
Monitoring,Virtualization,
Storage and Network
• Provides physical resources for the VMs
• Must have a hypervisor installed
20. 18An Introduction to Cloud Computing with OpenNebula
We Will Be Happy to Clarify Any Question !
Questions?
21. Cloud Interoperability Week – Hands-On Tutorial
Madrid, Spain, September 18th, 2013
Build your OCCI-compatible Cloud with OpenNebula
1/16Creative Commons Attribution-NonCommercial-ShareAlike License
Installation and Basic Usage
Daniel Molina & Carlos Martín
Project Engineer
The research leading to these results has received funding from Comunidad de Madrid through research grant
MEDIANET S2009/TIC-1468,
Acknowledgments
22. 2Installing and Basic Usage
Agenda
Installing and Basic Usage!
● Planning the Installation
● Virtual Lab Configuration
● Basic Usage
● Managing Hosts
● Images, Networks, Templates and VMs
● Managing Users, Quotas and ACLs
● Logging & Debugging
● Configuration Files
● Appendix A - Installation
23. 3Installing and Basic Usage
A Typical OpenNebula Environment
Planning the Installation!
• Repository of VM images
• Multiple Backends (LVM, Ceph)
Monitoring,Virtualization,
Storage and Network
• Provides physical resources for the VMs
• Must have a hypervisor installed
28. 8Installing and Basic Usage
CLI – node1
Basic Usage!
● Get the Sunstone Login information
● Try out sunstone!
http://localhost:9869
# (as oneadmin)
$ cat ~/.one/one_auth
oneadmin:<password>
29. 9Installing and Basic Usage
Adding Hosts - Sunstone
Basic Usage – Hosts!
Hands on! (Sunstone)
● Create one host in Sunstone: node1
● Virtualization: KVM
● Information: KVM
● Network: dummy
● Cluster: none
● Watch transition INIT ! ON
● Click on the row for more information
● Automatic gathering of monitoring data
● Take a look at the graphs
30. 10Installing and Basic Usage
Adding Hosts - CLI
Basic Usage – Hosts!
Hands on! (CLI)
(always as oneadmin in the Frontend – node 1)
$ onehost -help
$ onehost create -help
$ ssh node2 ls /var/tmp/one
$ onehost create node2 -i kvm -v kvm -n dummy
$ onehost list
$ onehost top
# Wait for ON ... and then CTRL-C
$ ssh node2 ls /var/tmp/one
$ onehost show node2
$ onehost show 1
$ onehost show -x 1
31. 11Installing and Basic Usage
Adding Images
Basic Usage – Images!
Hands on! (Sunstone)
● Create an Image in Sunstone
● Name: tty
● Provide a Path: /var/tmp/tutorial/ttylinux.qcow2.img
● Advanced ! Driver: qcow2
● Datastore: default
● Create!
● Watch transition LOCKED ! READY
● Ownership and Permissions (ala Unix!), Size, Driver...
Hands on! (CLI)
$ oneimage list
$ oneimage show tty
# DO NOT EXECUTE THE FOLLOWING COMMAND
$ oneimage create --name tty --driver qcow2
--path /var/tmp/tutorial/ttylinux.qcow2.img -d default
32. 12Installing and Basic Usage
System Datastore
Basic Usage – Datastores!
Hands on! (Sunstone)
● Inspect each Datastore:
● The system datastore:
● Holds images for running VMs
● The TM_MAD (transfer manager driver) is shared which means:
33. 13Installing and Basic Usage
Shared Datastore
Basic Usage – Datastores!
Hands on! (Sunstone)
● The default datastore:
● Holds images ready to be cloned or linked for VMs
● The DS_MAD is fs because our image is a regular file
● The TM_MAD (transfer manager driver) is shared which means:
34. 14Installing and Basic Usage
Adding Networks
Basic Usage – Networks!
Hands on! (Sunstone)
● Create a new Network
● Name: private
● Type: Fixed Network
● IP: 192.168.0.1 -> [ENTER] -> repeat ... -> 192.168.0.4
● Network Model: default
● Bridge: br1
br1
VM VM
Node 1
eth1
br1
Node 2
eth1
VM VM
35. 15Installing and Basic Usage
Adding Networks
Basic Usage – Networks!
Hands on! (Sunstone)
● Network extended information:
● Lease Management ! Add, Hold and Remove Leases
Hands on! (CLI)
$ cat private2.net
NAME = private2
TYPE = fixed
BRIDGE = br1
LEASES = [ IP = 10.0.0.1 ]
LEASES = [ IP = 10.0.0.2 ]
$ onevnet create private2
$ onevnet list
$ onevnet show private
$ onevnet addleases private 192.168.0.105
$ onevnet hold private 192.168.0.105
36. 16Installing and Basic Usage
Adding Templates
Basic Usage – Template!
Hands on! (Sunstone)
● A template is a Virtual Machine definition ready to be instantiated
● It has CPU, Memory, Disks, NIC, Graphical Ports, etc...
● Create a new Template:
● Name: ttylinux
● CPU: 0.1
● Memory: 64M
● Storage: tty
● Network: private
● Input/Output: VNC
● Random values in Context ! Custom Variables
● Create!
38. 18Installing and Basic Usage
Instantiating
Basic Usage – VMs!
Hands on! (Sunstone)
● Instantiate the template
● Deploy 2 VMs
● Leave the name blank
● Watch the transition PENDING ! RUNNING
● In which host is running each VM?
● vnc (node1) ! root / password
● ifconfig ! configured using context
● ping the other machine (node2)
● Migrate / live-migrate (node2)
39. 19Installing and Basic Usage
Main VM actions
Basic Usage – VMs!
suspend VM state saved. Kept in the host.
power off (--hard) Powers off a VM. Kept in the host.
stop VM state saved. Taken to the system datastore.
undeploy (--hard) Powers off a VM. Taken to the system datastore.
reboot (--hard) Reboots the VM.
delete --recreate Cleans the VM and moves it to PENDING.
shutdown (--hard) Powers off a VM, cleans host and VM is removed
from OpenNebula.
delete VM is immediately destroyed regardless of state.
Recommended only for oneadmin.
40. 20Installing and Basic Usage
Other VM actions
Basic Usage – VMs!
Hands on! (Sunstone)
● VM extended information tab
● Capacity - Resize VM capacity (power off –hard, first)
● Storage
● Network - Attach new nic
● create a new network ! attach nic ! reboot
● Snapshot
● create a file using VNC
● Take snapshot
● Modify the file
● Revert
● Placement
● Actions - Schedule action
● Template
● Log
41. 21Installing and Basic Usage
Managing Users
Basic Usage – Users!
Hands on! (Sunstone)
● Create new user: testuser / testpass
● Click on new user ! Update Quotas
● Enforce 1 Max VMs ! Add/edit quota
● Other possible options
● limit the use of a Datastore
● limit the use of an Image
● limit the use of a Network
● Apply changes!
● Create new ACL
● We can customize any rule extending the functionality provided by the
Unix ownership/group/permissions schema.
42. 22Installing and Basic Usage
Logs
Basic Usage – Logging and Debugging!
● Logs are kept under /var/log/one
● oned.log: all the information related to the oned daemon. Every
request, actions and driver errors will be here.
The verbosity is set by DEBUG_LEVEL in /etc/one/oned.conf
● sched.log:has all the information related to the placement of Virtual
Machines. If a VM is not being deployed (kept in PENDING state), this
log will explain why.
● <id>.log: the log of each VM. Also accessible through Sunstone.
43. 23Installing and Basic Usage
oned.conf
Configuration!
/etc/one/oned.conf (open this file and take a look!)
● OpenNebula Daemon:
● LOG, PORT, DB
● Monitoring Intervals:
● MANAGER_TIMER, MONITORING_INTERVAL
● Configuration options for VMs:
● VNC_BASE_PORT
● MAC_PREFIX (MAC " IP)
● DEFAULT_DEVICE_PREFIX = "hd“ (or vd, xvd, etc…)
● Drivers:
● IM_MAD, VMM_MAD, TM_MAD, DATASTORE_MAD, HM_MAD,
AUTH_MAD
● Resources:
● DEFAULT_UMASK
● VM_RESTRICTED_ATTR, IMAGE_RESTRICTED_ATTR
44. 24Installing and Basic Usage
sched.conf
Configuration!
/etc/one/sched.conf (open this file and take a look!)
● Scheduler Daemon:
● ONED_PORT, SCHED_INTERVAL, LOG
● Dispatch Options
● MAX_VM, MAX_DISPATCH, MAX_HOST, LIVE_RESCHEDS
● Policy
● DEFAULT_SCHED (packing, striping, load-aware, custom)
46. 26Installing and Basic Usage
Appendix A
Installation
This is just a reference of what have been done to configure the frontend_node1 and
node2 images
47. 27Installing and Basic Usage
Installation node 1 - Frontend
Installing!
● Activate repo and Install Packages
● Add QEMU drivers
● Configure NFS Server
# cp /var/tmp/tutorial/opennebula.repo /etc/
yum.repos.d/
# yum clean all
# yum install opennebula-server opennebula-sunstone
opennebula-node-kvm
# Change VM_MAD type from kvm to qemu
# cat /etc/exports
/var/lib/one
*(rw,sync,no_subtree_check,root_squash,anonuid=9869,anongid=9869)
48. 28Installing and Basic Usage
Installation node 1 - Frontend
Installing!
● Configure Sunstone
● Start Services
● Quick overview of the CLI
# service nfs start
# service libvirtd start
# service opennebula start
# service opennebula-sunstone start
# chkconfig nfs on
# gpasswd -a oneadmin wheel
# su - oneadmin
$ oneuser show
$ oneuser -help
# sed -i 's/127.0.0.1/0.0.0.0/' /etc/one/sunstone-server.conf
49. 29Installing and Basic Usage
Installation node 2 – Worker Node
Installing!
● Activate repo and Install Packages
● Configure Network, Hostname, NFS and sudo
# cp /var/tmp/tutorial/opennebula.repo /etc/yum.repos.d/
# yum clean all
# yum install opennebula-node-kvm
# chkconfig NetworkManager off
# service NetworkManager stop
# echo HOSTNAME=node2 > /etc/sysconfig/network
# hostname node2
# sed -i 's/1.1.1.1/1.1.1.2/' /etc/sysconfig/network-
scripts/ifcfg-br1
# ifconfig br1 1.1.1.2/24 up
# mount –t nfs 1.1.1.1:/var/lib/one /var/lib/one
# gpasswd -a oneadmin wheel
# service libvirtd start
50. 30Installing and Basic Usage
Configure Password-less SSH
Installing!
● OpenNebula needs passwordless ssh access to
all the nodes from all the nodes:
# (as oneadmin)
$ ssh-keyscan node1 node2 > ~/.ssh/known_hosts
# test it!
$ ssh node2
$ exit
$ ssh node1
$ exit
51. EGI-InSPIRE
Build your OCCI-compatible cloud with
OpenNebula and rOCCI
Boris Parák, CESNET
EGI Technical Forum 2013, Madrid, ES 1
EGI-InSPIRE RI-261323 www.egi.eu
53. Introduction – OCCI
• OCCI æ Open Cloud Computing Interface
• text-based protocol and API focusing on interoperability in
the cloud
• originally designed for IaaS clouds, but is extensible
• works with resources, links and mixins
EGI Technical Forum 2013, Madrid, ES 3
EGI-InSPIRE RI-261323 www.egi.eu
54. Introduction – rOCCI
What is rOCCI?
• a framework implementing OCCI in Ruby
• a client providing shell-based user interface
• an open source project hosted on GitHub
• consists of rOCCI-core, rOCCI-api and rOCCI-cli
What is rOCCI-server?
• a server-side implementation leveraging rOCCI
• a bridge between OpenNebula and the world of OCCI
• stateless proxy delegating authentication, authorization
and functionality to OpenNebula
EGI Technical Forum 2013, Madrid, ES 4
EGI-InSPIRE RI-261323 www.egi.eu
57. Requirements
• OpenNebula, v3.4 - v4.2
• Ruby 1.9.3
• Rubygems
• optionally, Apache2 as an application server for production
deployments
EGI Technical Forum 2013, Madrid, ES 7
EGI-InSPIRE RI-261323 www.egi.eu
58. rOCCI-server – Installation
• rOCCI-server can be installed directly from its git
repository or from a zip archive
• should use a separate user account
• can be installed and distributed as a separate
ready-to-launch appliance
rOCCI-server is already installed in your VMs.
EGI Technical Forum 2013, Madrid, ES 8
EGI-InSPIRE RI-261323 www.egi.eu
59. rOCCI-server – Configuration
# configure authentication with OpenNebula
[oneadmin]$ oneuser create rocci $RANDOM
--driver server_cipher
[oneadmin]$ oneuser chgrp rocci oneadmin
# provide default backend configuration
[rocci]$ cd /var/tmp/rOCCI-server
[rocci]$ cp etc/backend/opennebula/opennebula.json
etc/backend/default.json
# update credentials for the rocci user
[rocci]$ vim etc/backend/default.json
EGI Technical Forum 2013, Madrid, ES 9
EGI-InSPIRE RI-261323 www.egi.eu
60. rOCCI-server – Start-up
# start the passenger
[rocci]$ cd /var/tmp/rOCCI-server
[rocci]$ bundle exec passenger start
# ... and that’s it!
EGI Technical Forum 2013, Madrid, ES 10
EGI-InSPIRE RI-261323 www.egi.eu
61. rOCCI-cli – Installation
• ordinary Rubygem, available as ’occi-cli’
• provides shell-based user interface
• supports basic, digest, X.509 and VOMS authentication
# check whether the client is present and works
# (run this OUTSIDE the /var/tmp/rOCCI-server directory)
[rocci]$ occi -d -v
EGI Technical Forum 2013, Madrid, ES 11
EGI-InSPIRE RI-261323 www.egi.eu
62. rOCCI-cli – Usage
# all ’occi’ commands mentioned from now on
# have to be executed under the rocci user account
$ occi --help
EGI Technical Forum 2013, Madrid, ES 12
EGI-InSPIRE RI-261323 www.egi.eu
63. Showcase – List
$ occi --endpoint http://localhost:3000/ --auth basic
--username oneadmin --password $PASSWD
--action list --resource storage
$ occi --endpoint http://localhost:3000/ --auth basic
--username oneadmin --password $PASSWD
--action list --resource network
$ occi --endpoint http://localhost:3000/ --auth basic
--username oneadmin --password $PASSWD
--action list --resource compute
EGI Technical Forum 2013, Madrid, ES 13
EGI-InSPIRE RI-261323 www.egi.eu
66. References
What to read if you want to know more?
• http://occi-wg.org
• https://github.com/gwdg/rOCCI-server
• https://github.com/gwdg/rOCCI-core
• https://github.com/gwdg/rOCCI-api
• https://github.com/gwdg/rOCCI-cli
Do you have any questions?
• ask directly at parak@cesnet.cz
• ask in the mailing lists rocci@gwdg.de or
inspire-mp-rocci@mailman.egi.eu
EGI Technical Forum 2013, Madrid, ES 16
EGI-InSPIRE RI-261323 www.egi.eu
67. Appendix – rOCCI-server
# create a user
$ useradd rocci
$ usermod -L rocci
# check Ruby version
$ su - rocci
[rocci]$ ruby -v
# install a few native dependencies
$ yum install expat-devel libxml2-devel libxslt-devel
EGI Technical Forum 2013, Madrid, ES 17
EGI-InSPIRE RI-261323 www.egi.eu
68. Appendix – rOCCI-server
# install the rOCCI-server itself
[rocci]$ cd /opt
[rocci]$ git clone
https://github.com/gwdg/rOCCI-server.git
# install rOCCI-server’s dependencies
[rocci]$ cd /opt/rOCCI-server
[rocci]$ bundle install
# configure authentication with OpenNebula
[oneadmin]$ oneuser create rocci $RANDOM
--driver server_cipher
[oneadmin]$ oneuser chgrp rocci oneadmin
EGI Technical Forum 2013, Madrid, ES 18
EGI-InSPIRE RI-261323 www.egi.eu
69. Appendix – rOCCI-server
# provide default backend configuration
[rocci]$ cd /opt/rOCCI-server
[rocci]$ cp etc/backend/opennebula/opennebula.json
etc/backend/default.json
# update credentials for the rocci user
[rocci]$ vim etc/backend/default.json
# start the passenger
[rocci]$ cd /opt/rOCCI-server
[rocci]$ bundle exec passenger start
EGI Technical Forum 2013, Madrid, ES 19
EGI-InSPIRE RI-261323 www.egi.eu
70. Appendix – rOCCI-cli
# install a few native dependencies
$ yum install expat-devel libxml2-devel libxslt-devel
# install the client itself
$ gem install occi-cli
# check whether it works
$ occi -d -v
EGI Technical Forum 2013, Madrid, ES 20
EGI-InSPIRE RI-261323 www.egi.eu