guug hamburg opennebula
DESCRIPTION
Lecture about OpenNebula at GUUG HamburgTRANSCRIPT
![Page 1: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/1.jpg)
© Martin Alfke - 2014
OpenNebulapublic and private cloud management
!Martin Alfke
GUUG Hamburg 12.06.2014
![Page 2: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/2.jpg)
© Martin Alfke - 2014
• Freelancer - Berlin/Germany
• Automation and Cfg Mgmt
• ePost Development GmbH
• Migration von HW auf VM
• Umzug Bonn —> Berlin
Martin Alfke - at home
OpenNebula - Martin Alfke -
![Page 3: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/3.jpg)
© Martin Alfke - 2014
OpenNebula - Agenda -
• Allgemein
• Backends
• Planung
• Komponenten
• Workflow
• Management (GUI/CLI)
• Live Demo
![Page 4: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/4.jpg)
© Martin Alfke - 2014
OpenNebula - Allgemein -
• Management von Virtualisierern
• Management von Netzwerk Interfaces
• Management von VM’s
![Page 5: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/5.jpg)
© Martin Alfke - 2014
OpenNebula - Allgemein -
![Page 6: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/6.jpg)
© Martin Alfke - 2014
OpenNebula - Backends -
• Netzwerk
• Storage
• Virtualisierung
• Image
![Page 7: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/7.jpg)
© Martin Alfke - 2014
OpenNebula - Netzwerk Backends -
• Unterstütze Netzwerk Backends
• 802.1q
• ebtables / iptables
• ovswitch
• dummy (NAT)
![Page 8: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/8.jpg)
© Martin Alfke - 2014
OpenNebula - Storage Backends -
• Unterstütze Storage Backends
• Lokale Storage
• NFS
• Ceph
• Gluster
• iSCSI (Community Plugin)
![Page 9: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/9.jpg)
© Martin Alfke - 2014
OpenNebula - Storage Backends -
• ssh (Kopieren auf den Virtualisierer)
!
!
![Page 10: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/10.jpg)
© Martin Alfke - 2014
OpenNebula - Storage Backends -
• ssh (Kopieren auf den Virtualisierer)
• shared (Kopieren von Shared Storage)
!
![Page 11: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/11.jpg)
© Martin Alfke - 2014
OpenNebula - Storage Backends -
• ssh (Kopieren auf den Virtualisierer)
• shared (Kopieren von Shared Storage)
• lvm copy (LVM cluster FS)
![Page 12: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/12.jpg)
© Martin Alfke - 2014
OpenNebula - Virtualisierung -
• Unterstütze Virtualizierer
• KVM
• VMware
• Xen
• Public Clouds (AWS/Rackspace/…)
![Page 13: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/13.jpg)
© Martin Alfke - 2014
OpenNebula - Image Backends -
• Unterstütze Image Backends
• LVM
• qcow2
• ceph blocks
![Page 14: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/14.jpg)
© Martin Alfke - 2014
OpenNebula - Planung -
• Cluster
• Over Commitment
• Storage
![Page 15: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/15.jpg)
© Martin Alfke - 2014
OpenNebula - Planung -
• Cluster
• Trennung und Gruppierung von Virtualisieren
• Verteilung nach Kriterien:
• Anzahl von VM’s
• Last
• Individuelle User Berechtigungen
![Page 16: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/16.jpg)
© Martin Alfke - 2014
OpenNebula - Planung -
![Page 17: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/17.jpg)
© Martin Alfke - 2014
OpenNebula - Planung -
• Over Commitment
• RAM Over Commitment - benötigt KSM
• Benötigt eine Code Änderung in OpenNebula (reserved RAM)
• CPU Over Commitment - vCPU im Template
!
!
![Page 18: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/18.jpg)
© Martin Alfke - 2014
OpenNebula - Planung -
• Storage
• Lokale Storage - VM Images müssen via SSH kopiert werden
• Shared Image Storage - VM Images werden lokal kopiert (cp)
• Shared OpenNebula Installation - VM Images werden gelinkt (ln -s)
!
![Page 19: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/19.jpg)
© Martin Alfke - 2014
OpenNebula - Komponenten -
• Management Node
• Virtualisierer
![Page 20: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/20.jpg)
© Martin Alfke - 2014
OpenNebula - Komponenten -
• Management Node
• Opennebula (notwendig)
• Apache + Passenger (sunstone web gui - optional)
• VNC Proxy (optional)
• MySQL DB (notwendig - sqlite für Tests)
• User: oneadmin + ssh key (notwendig)
![Page 21: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/21.jpg)
© Martin Alfke - 2014
OpenNebula - Komponenten -
• Virtualisierer (KVM)
• libvirtd
• User: oneadmin + authorized key file
• sudoers (bridgectl, …)
• policykit (RH) / User Berechtigungen für /dev/qemu (Debian)
![Page 22: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/22.jpg)
© Martin Alfke - 2014
OpenNebula - Komponenten -
![Page 23: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/23.jpg)
© Martin Alfke - 2014
OpenNebula - Workflow -
• Netzwerk
• Image
• Kontextualisierung
• Template
• VM
• Hooks
![Page 24: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/24.jpg)
© Martin Alfke - 2014
OpenNebula - Workflow -
• Netzwerk
• Image
• Kontextualisierung
• Template
• VM
• Hooks
• 802.1q
• ebtables
• open vswitch
• dummy (nat)
![Page 25: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/25.jpg)
© Martin Alfke - 2014
OpenNebula - Workflow -
• Netzwerk
• Image
• Kontextualisierung
• Template
• VM
• Hooks
• Muss vorab angefertigt werden
• Braucht one-context Package oder cloud-init (v0.7.3 oder neuer)
• Hinweis: Image erst auf Management Node kopieren
![Page 26: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/26.jpg)
© Martin Alfke - 2014
OpenNebula - Workflow -
• Netzwerk
• Image
• Kontextualisierung
• Template
• VM
• Hooks
• Anpassungen des Images (hostname, Netzwerk Konfiguration, ssh pub key, …
• Kann durch eigene Skripte erweitert werden
• VM erhält ein CD-ROM mit den Kontext Informationen
![Page 27: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/27.jpg)
© Martin Alfke - 2014
OpenNebula - Workflow -
• Netzwerk
• Image
• Kontextualisierung
• Template
• VM
• Hooks
![Page 28: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/28.jpg)
© Martin Alfke - 2014
OpenNebula - Workflow -
• Netzwerk
• Image
• Kontextualisierung
• Template
• VM
• Hooks
• Zusammenfassung von Netzwerk, CPU, RAM und Image
• Hardware Spezifika (z.B. ACPID)
• Dient als Vorlage für VM
![Page 29: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/29.jpg)
© Martin Alfke - 2014
OpenNebula - Workflow -
• Netzwerk
• Image
• Kontextualisierung
• Template
• VM
• Hooks
• VM wird auf Basis eines Templates initialisiert
![Page 30: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/30.jpg)
© Martin Alfke - 2014
OpenNebula - Workflow -
• Netzwerk
• Image
• Kontextualisierung
• Template
• VM
• Hooks
• Hooks werden bei bestimmten VM Stati ausgeführt
• DNS (nsupdate), Puppet Zertifikatsmanagement, PuppetDB remove
• Anmelden einer VM an einem Dritt-System
![Page 31: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/31.jpg)
© Martin Alfke - 2014
OpenNebula - Workflow -
• Netzwerk
• Image
• Kontextualisierung
• Template
• VM
• Hooks
#!/bin/bash set -e NAME=`onevm show $1 | \ grep HOSTNAME | cut -d '"' -f2` !DOMAIN=`echo $NAME | cut -d '.' -f2-` !curl -k -X DELETE -H "Accept: pson" https://puppet.$DOMAIN:8140/production/certificate_status/$NAME
![Page 32: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/32.jpg)
© Martin Alfke - 2014
OpenNebula - GUI / CLI -
• CLI
• User braucht eine Token Datei ~/.one_auth.conf
• Verschiedene Kommandos (one*)
• GUI
• Sunstone Web Interface
• Anbindung an LDAP möglich
• Verwendet ebenfalls eine Token Datei
![Page 33: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/33.jpg)
© Martin Alfke - 2014
OpenNebula - GUI / CLI -
![Page 34: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/34.jpg)
© Martin Alfke - 2014
OpenNebula - GUI / CLI -
![Page 35: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/35.jpg)
© Martin Alfke - 2014
OpenNebula - GUI / CLI -
![Page 36: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/36.jpg)
© Martin Alfke - 2014
OpenNebula - GUI / CLI -
![Page 37: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/37.jpg)
© Martin Alfke - 2014
OpenNebula - GUI / CLI -
![Page 38: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/38.jpg)
© Martin Alfke - 2014
OpenNebula - GUI / CLI -
![Page 39: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/39.jpg)
© Martin Alfke - 2014
OpenNebula - GUI / CLI -
![Page 40: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/40.jpg)
© Martin Alfke - 2014
# Context variables generated by OpenNebula DISK_ID='1' ETH0_DNS='10.175.4.11' ETH0_GATEWAY='10.175.16.1' ETH0_IP='10.175.24.1' ETH0_MASK='255.255.240.0' ETH0_NETWORK='10.175.16.0' FILES_DS='/var/lib/one/datastores/2/ef48a35be2d8723ef7788175be6087eb:'\''init.sh'\'' ' HOSTNAME='martin.xxxxxxxxx' NETWORK='YES' TARGET='hdb'
OpenNebula - Kontextualisierung -
![Page 41: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/41.jpg)
© Martin Alfke - 2014
#! /usr/bin/python # based on script of Chris Usher June 2009 # import xmlrpclib re hashlib !server = 'http://<opennebula>:2633/RPC2' user = "oneadmin" password = "<password>" one_auth = '{0}:{1}'.format(user, password) !def getVMInfo(id): response = xmlrpclib.ServerProxy(server).one.vm.info(one_auth,id) return response[1] !print getVMInfo(24)
OpenNebula - XML RPC API -
![Page 42: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/42.jpg)
© Martin Alfke - 2014
OpenNebula
• Demo
![Page 43: GUUG Hamburg OpenNebula](https://reader033.vdocuments.mx/reader033/viewer/2022052321/5564b1d8d8b42a98268b4f44/html5/thumbnails/43.jpg)
© Martin Alfke - 2014
OpenNebulaDanke schön.
Fragen?