Setting up of Eucalyptus Private Cloud on CentOS-5.7 (32 bit)

I was bit tied down due lack of proper hardware support in setting up Eucalyptus on 64-bit Operating system. Due to same reason, I could not make much headway with OpenStack as well. But, I had to setup and get going with a Private Cloud Infrastructure. After some research and guidance from Eucalyptus technical support team, I could make my private cloud up and running on 32-Bit systems. 

Here is How to set up and configure Eucalyptus Private Cloud on 32-bit CentOS-5.7 systems:
Once you install CentOS-5.7, update the packages using YUM.

A. Node:
My configuration was; 160 GB HDD, 4 GB RAM, dual core 
   processor, CentOS-5.6 (32 bit)
1. Export the Eucalyptus version to be installed. I installed 
   2.0.3;
export VERSION=2.0.3
2. Front-end, node(s), and client machine system clocks are  
   synchronized (e.g., using NTP).
yum install -y ntp
ntpdate pool.ntp.org
3. Node has a fully installed and configured installation of Xen 
   that allows controlling the hypervisor via HTTP from 
   localhost.
yum install -y xen
sed --in-place 's/#(xend-http-server no)/(xend-http-server yes)/' /etc/xen/xend-
       config.sxp 
sed --in-place 's/#(xend-address localhost)/(xend-address localhost)/'/etc/xen/  
       xend-config.sxp
/etc/init.d/xend restart
4. Yum option:
Create '/etc/yum.repos.d/euca.repo' file with the following    
   four lines:
[euca]
name=Eucalyptus
baseurl=http://www.eucalyptussoftware.com/downloads/repo/eucalyptus/2.0.3/
        yum/centos/i386/
gpgcheck=0
5. yum install eucalyptus-nc
6. Post Installation Steps:
The last step in the installation is to make sure that the  
   user 'eucalyptus', which is created at RPM installation time, 
   is configured to interact with the hypervisor through libvirt 
   on all of your compute nodes.On each node, access the libvirtd 
   configuration, /etc/libvirt/libvirtd.conf, and confirm that 
   the following lines are uncommented:
   unix_sock_group = "libvirt"
unix_sock_ro_perms = "0777"
unix_sock_rw_perms = "0770"
7. Since XEN kernel has been installed (in step 3), make the 
   appropriate changes in /etc/grub.conf to reflect system is    
   booted using the XEN kernel; 
   For example;
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-308.1.1.el5xen)
          root (hd0,0)
          kernel /xen.gz-2.6.18-308.1.1.el5
          module /vmlinuz-2.6.18-308.1.1.el5xen ro root=/dev/Cloud/LogVol02 rhgb quiet
          module /initrd-2.6.18-308.1.1.el5xen.img
title CentOS (2.6.18-238.el5PAE)
          root (hd0,0)
          kernel /vmlinuz-2.6.18-238.el5PAE ro root=/dev/Cloud/LogVol02 rhgb quiet
          initrd /initrd-2.6.18-238.el5PAE.img
8. Check loaded kernel;
# uname -r
          2.6.18-308.1.1.el5xen
9. To check that libvirt is configured and interacting properly   
   with the hypervisor, run the following command on the node:
# on XEN
su eucalyptus -c "virsh list"
The output of that command may include error messages (failed 
  to connect to xend), but as long as it includes a listing of 
  all domains (at least Domain-0), the configuration is in order.
eg.  /etc/init.d/xend restart
                restart xend:                      [  OK  ]
[root@eucalyptus ~]# su eucalyptus -c "virsh list"
              Id Name                 State
----------------------------------
              0 Domain-0             running
10. Now start up your Eucalyptus services. On the Node:
/etc/init.d/eucalyptus-nc start
    eg.
/etc/init.d/eucalyptus-nc start
  You should have at least 32 loop devices
Starting Eucalyptus services: 
Enabling IP forwarding for eucalyptus.
Enabling bridge netfiltering for eucalyptus.
done.
  (Warning of 32 loop devices can be fixed using 
   http://j.mp/sleH4S; thus it should return you like the one  
   below )
[root@eucalyptus ~]# /etc/init.d/eucalyptus-nc start
Starting Eucalyptus services: done.

Setup Eucalyptus Front-end and Register various Front-End components:

B. Front-End:

  My configuration was; 160 GB HDD, 2 GB RAM, DualCore   
   processor, CentOS-5.6 (32 bit)

1. Export the Eucalyptus version to be installed. I installed 

   2.0.3; (Same as node):

export VERSION=2.0.3

2. Front-end, node(s), and client machine system clocks are  
   synchronized (e.g., using NTP).

yum install -y ntp

ntpdate pool.ntp.org

3. Front end needs java, command to manipulate a bridge, and the  

   binaries for dhcp server (do not configure or run dhcp server 

   on the CC):

yum install -y java-1.6.0-openjdk ant ant-nodeps dhcp \

        bridge-utils perl-Convert-ASN1.noarch \

        scsi-target-utils httpd

4. Set up a YUM repository which contains all the required 
   packages for Front-End system eg. eucalyptus-cloud eucalyptus-
   cc etc. Please note the version number is 2.0.3,distro is 
   CenOS and architecture is 32 bit.

Create '/etc/yum.repos.d/euca.repo' file with the following four lines:

[euca]

name=Eucalyptus

baseurl=http://www.eucalyptussoftware.com/downloads/repo/eucalyptus/2.0.3/yum/centos/i386/

gpgcheck=0

5. Once the repository has been created in the above step, intall 

   the packages using YUM;

yum install eucalyptus-cloud eucalyptus-cc eucalyptus-walrus eucalyptus-sc

6. Once all the packages are installed, start up your Eucalyptus  
   services on the front-end:

/etc/init.d/eucalyptus-cloud start

/etc/init.d/eucalyptus-cc start

C.  Register various front end components:

If everything goes well in the above steps, now is the time to Register 
    various front end components:

    Here are the steps with actual implementation output (my Front-End systems IP 

    was 172.16.20.234 and that of Node was 172.16.20.233);

1. Register Walrus:

   Syntax: $EUCALYPTUS/usr/sbin/euca_conf --register-walrus 
   <front end IP address>

[root@eucalyptus-front home]# /usr/sbin/euca_conf --register-walrus 172.16.20.234

Adding WALRUS host 172.16.20.234

Trying rsync to sync keys with "172.16.20.234"...The authenticity of host '172.16.20.234 

        (172.16.20.234)' can't be established.

RSA key fingerprint is 6d:11:54:be:84:22:ab:7f:47:a4:0a:b3:22:17:ad:4e.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '172.16.20.234' (RSA) to the list of known hosts.

root@172.16.20.234's password: 

done.

SUCCESS: new walrus on host '172.16.20.234' successfully registered.

2. Register Cluster:

$EUCALYPTUS/usr/sbin/euca_conf --register-cluster <clustername> <front end IP address>

[root@eucalyptus-front home]# /usr/sbin/euca_conf --register-cluster eucluster 172.16.20.234

Trying rsync to sync keys with "172.16.20.234"...root@172.16.20.234's password: 

done.

SUCCESS: new cluster 'eucluster' on host '172.16.20.234' successfully registered.

3. Register SC:

$EUCALYPTUS/usr/sbin/euca_conf --register-sc <clustername> <front end IP address>

[root@eucalyptus-front home]# /usr/sbin/euca_conf --register-sc eucluster 172.16.20.234

Adding SC 172.16.20.234 to cluster eucluster

Trying rsync to sync keys with "172.16.20.234"...root@172.16.20.234's password: 

done.

SUCCESS: new SC for cluster 'eucluster' on host '172.16.20.234' successfully registered.

7. Finally, you need to register nodes with the front end. To do 
   so, run the following command on the front end,
   Syntax:$EUCALYPTUS/usr/sbin/euca_conf --register-nodes "<Node 
   0 IP address> <Node 1 IP address>... <Node N IP address>"
   Since, I have only one Node with IP address 172.16.20.233, 
   registration was done as follows;

[root@eucalyptus-front home]# /usr/sbin/euca_conf --register-nodes 172.16.20.233

INFO: We expect all nodes to have eucalyptus installed in / for key synchronization.

Trying rsync to sync keys with "172.16.20.233"...The authenticity of host '172.16.20.233 

        (172.16.20.233)' can't be established.

RSA key fingerprint is 98:56:f1:ea:68:ed:4a:54:54:3d:2b:52:6f:f8:e7:a7.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '172.16.20.233' (RSA) to the list of known hosts.

root@172.16.20.233's password: 

done.

Setting up euca2tools, Register, Bundle and Upload a Machine Image

A. On the front-end system install "euca2ools". This would be required to Bundle, Upload and  
     Register image.

Steps to install "euca2ools";

1. Export the architecture for which "euca2ools" would be installed;

  export ARCH=i386

2. Add the "euca2ools" specific lines in the /etc/yum.repos.d/euca.repo, so that it looks like the 
    following; 

[root@eucalyptus-front euca-centos-5.3-i386]# cat /etc/yum.repos.d/euca.repo 

[euca]

name=Eucalyptus

baseurl=http://www.eucalyptussoftware.com/downloads/repo/eucalyptus/2.0.3/yum/centos/i38
 6/

gpgcheck=0

[euca2ools]

name=Euca2ools

baseurl=http://www.eucalyptussoftware.com/downloads/repo/euca2ools/1.3.1/yum/centos/

enabled=1

gpgcheck=0

3. Now install "euca2ools" 

    yum install euca2ools.$ARCH

B. Download, bundle, upload and Register an image:

1. On the Front-End system, download an image from the list of Eucalyptus-certified Images as 
       displayed 

       https://172.16.20.234:8443/#extras

Download it under a directory;

eg.  /home/cloud/Downloads wget http://eucalyptussoftware.com/downloads/eucalyptus-  
       images/euca-centos-5.3-i386.tar.gz .

2. Uncompress the file;

[root@eucalyptus-front Downloads]# tar -xvzf euca-centos-5.3-i386.tar.gz

3. Move to the uncompressed directory;

[root@eucalyptus-front Downloads]# cd euca-centos-5.3-i386

Now Bundle, upload and register (repeat the process for kernel, initrd and img files;

4. Bundle, upload and register kernel (Since, we are using XEN so we would be working with  

      xen-kernel)

I. Eucalyptus Kernel Image:

a. Bundle kernel image:

[root@eucalyptus-front euca-centos-5.3-i386]# euca-bundle-image -i xen-kernel/vmlinuz-
    2.6.24-19-xen--kernel true --arch i386

i386

Checking image

Tarring image

Encrypting image

Splitting image...

Part: vmlinuz-2.6.24-19-xen.part.0

Generating manifest /tmp/vmlinuz-2.6.24-19-xen.manifest.xml

b. Upload:

[root@eucalyptus-front euca-centos-5.3-i386]# euca-upload-bundle -b kernel-bucket -m    
    /tmp/vmlinuz-2.6.24-19-xen.manifest.xml

Checking bucket: kernel-bucket

Creating bucket: kernel-bucket

Uploading manifest file

Uploading part: vmlinuz-2.6.24-19-xen.part.0

Uploaded image as kernel-bucket/vmlinuz-2.6.24-19-xen.manifest.xml

c. Register:

[root@eucalyptus-front euca-centos-5.3-i386]# euca-register kernel-bucket/vmlinuz-2.6.24-
     19-xen.manifest.xml

IMAGE eki-90461383

d. You may want to check the image which you have registered by;

[root@eucalyptus-front euca-centos-5.3-i386]# euca-describe-images

IMAGE eki-90461383 kernel-bucket/vmlinuz-2.6.24-19-xen.manifest.xml admin available

     public i386 kernel instance-store

II. Eucalyptus Ramdisk Image:

a. Bundle:

[root@eucalyptus-front euca-centos-5.3-i386]# euca-bundle-image -i xen-kernel/initrd.img-  
    2.6.24-19-xen --ramdisk true --arch i386

i386

Checking image

Tarring image

Encrypting image

Splitting image...

Part: initrd.img-2.6.24-19-xen.part.0

Generating manifest /tmp/initrd.img-2.6.24-19-xen.manifest.xml

b. Upload:

[root@eucalyptus-front euca-centos-5.3-i386]# euca-upload-bundle -b ramdisk-bucket -m 

    /tmp/initrd.img-2.6.24-19-xen.manifest.xml

Checking bucket: ramdisk-bucket

Creating bucket: ramdisk-bucket

Uploading manifest file

Uploading part: initrd.img-2.6.24-19-xen.part.0

Uploaded image as ramdisk-bucket/initrd.img-2.6.24-19-xen.manifest.xml

c. Register:

[root@eucalyptus-front euca-centos-5.3-i386]# euca-register ramdisk-bucket/initrd.img-
     2.6.24-19-xen.manifest.xml

IMAGE eri-E83A14C7

d. You may want to check the image which you have registered by;

[root@eucalyptus-front euca-centos-5.3-i386]# euca-describe-images

IMAGE eri-E83A14C7 ramdisk-bucket/initrd.img-2.6.24-19-xen.manifest.xml admin

     available public i386 ramdisk instance-store

IMAGE eki-90461383 kernel-bucket/vmlinuz-2.6.24-19-xen.manifest.xml admin available           

     public i386 kernel instance-store

III. Eucalyptus Machine Image:

a. Bundle:

[root@eucalyptus-front euca-centos-5.3-i386]# euca-bundle-image -i centos.5-3.x86.img --   
   kernel eki-90461383 --ramdisk eri-E83A14C7

Checking image

Tarring image

Encrypting image

Splitting image...

Part: centos.5-3.x86.img.part.0

Part: centos.5-3.x86.img.part.1

Part: centos.5-3.x86.img.part.2

Part: centos.5-3.x86.img.part.3

Part: centos.5-3.x86.img.part.4

Part: centos.5-3.x86.img.part.5

Part: centos.5-3.x86.img.part.6

Part: centos.5-3.x86.img.part.7

Part: centos.5-3.x86.img.part.8

Part: centos.5-3.x86.img.part.9

Part: centos.5-3.x86.img.part.10

Part: centos.5-3.x86.img.part.11

Part: centos.5-3.x86.img.part.12

Part: centos.5-3.x86.img.part.13

Part: centos.5-3.x86.img.part.14

Part: centos.5-3.x86.img.part.15

Part: centos.5-3.x86.img.part.16

Part: centos.5-3.x86.img.part.17

Part: centos.5-3.x86.img.part.18

Part: centos.5-3.x86.img.part.19

Part: centos.5-3.x86.img.part.20

Part: centos.5-3.x86.img.part.21

Part: centos.5-3.x86.img.part.22

Generating manifest /tmp/centos.5-3.x86.img.manifest.xml

b. Upload:

[root@eucalyptus-front euca-centos-5.3-i386]# euca-upload-bundle -b image-bucket -m   
    /tmp/centos.5-3.x86.img.manifest.xml

Checking bucket: image-bucket

Creating bucket: image-bucket

Uploading manifest file

Uploading part: centos.5-3.x86.img.part.0

Uploading part: centos.5-3.x86.img.part.1

Uploading part: centos.5-3.x86.img.part.2

Uploading part: centos.5-3.x86.img.part.3

Uploading part: centos.5-3.x86.img.part.4

Uploading part: centos.5-3.x86.img.part.5

Uploading part: centos.5-3.x86.img.part.6

Uploading part: centos.5-3.x86.img.part.7

Uploading part: centos.5-3.x86.img.part.8

Uploading part: centos.5-3.x86.img.part.9

Uploading part: centos.5-3.x86.img.part.10

Uploading part: centos.5-3.x86.img.part.11

Uploading part: centos.5-3.x86.img.part.12

Uploading part: centos.5-3.x86.img.part.13

Uploading part: centos.5-3.x86.img.part.14

Uploading part: centos.5-3.x86.img.part.15

Uploading part: centos.5-3.x86.img.part.16

Uploading part: centos.5-3.x86.img.part.17

Uploading part: centos.5-3.x86.img.part.18

Uploading part: centos.5-3.x86.img.part.19

Uploading part: centos.5-3.x86.img.part.20

Uploading part: centos.5-3.x86.img.part.21

Uploading part: centos.5-3.x86.img.part.22

Uploaded image as image-bucket/centos.5-3.x86.img.manifest.xml

c. Register:

[root@eucalyptus-front euca-centos-5.3-i386]# euca-register image-bucket/centos.5-

     3.x86.img.manifest.xml

IMAGE emi-3EE71249

d. You may want to check the image which you have registered by;

[root@eucalyptus-front euca-centos-5.3-i386]# euca-describe-images

IMAGE eri-E83A14C7 ramdisk-bucket/initrd.img-2.6.24-19-xen.manifest.xml admin

     available public i386 ramdisk instance-store

IMAGE emi-3EE71249 image-bucket/centos.5-3.x86.img.manifest.xml admin available

     public x86_64 machine eki-90461383 eri-E83A14C7 instance-store

IMAGE eki-90461383 kernel-bucket/vmlinuz-2.6.24-19-xen.manifest.xml admin available

     public i386 kernel instance-store

C. Configuring DHCP server on the Front-End:

On the Front-End system, configure DHCP server so that IP's could be assigned automatically   
    when an instance is run;

1. Copy the sample configuration file of DHCP under /etc/

[root@eucalyptus-front /]# cp /usr/share/doc/dhcp*/dhcpd.conf /etc/dhcpd.conf

2. Make the required changes;

eg. I made the following entries (you may configure it to your need);

/etc/dhcpd.conf

ddns-update-style interim;

ignore client-updates;

subnet 172.16.20.0 netmask 255.255.255.0 {

# --- default gateway

#

option routers 172.16.20.1;

option subnet-mask 255.255.255.0;

# option nis-domain "domain.org";

# option domain-name "domain.org";

option domain-name-servers 172.16.20.234;

# option time-offset -18000; # Eastern Standard Time

# option ntp-servers 192.168.1.1;

# option netbios-name-servers 192.168.1.1;

# --- Selects point-to-point node (default is hybrid). Don't change this unless

# -- you understand Netbios very well

# option netbios-node-type 2;

range dynamic-bootp 172.16.20.236 172.16.20.240;

default-lease-time 21600;

max-lease-time 43200;

# # we want the nameserver to appear at a fixed address

# host ns {

# next-server marvin.redhat.com;

# hardware ethernet 12:34:56:78:AB:CD;

# fixed-address 207.175.42.254;

# }

} 

3. Start the DHCP service as;

[root@eucalyptus-front /]# service dhcpd configtest

[root@eucalyptus-front /]# service dhcpd start

Running a Machine Image:

Once everything has been done, its time now to run an image. Register youself with the Eucalyptus Private cloud using the Front-End GUI form (eg. https://172.16.20.234:8443/#apply). Once applied, you would see a message like the one below;

"Thank you for signing up! Your request has been forwarded to the cloud administrator. If your application is approved, you will receive an email message (at the address you specified) with instructions for activating your account."

The administrator on the other hand upon receiving the request may either "Approve" or "Reject" your request. On approval, you would receive an email containing the "link" to access Eucalyptus Front-End GUI.

To use the system with client tools, you need to obtain user credentials. Upon login, from the 'Credentials' tab, users can obtain two types of credentials: x509 certificates and query interface credentials. Use the 'Download Credentials' button to download a zip-file with both or click on the 'Show Keys' to see the query interface credentials. You will be able to use your credentials with Euca2ools, Amazon EC2 tools and third-party tools like rightscale.com. Create a directory to store your credentials, unpack the zip-file into it, and source the included 'eucarc'.

1. Assuming that your request has been approved. Login to GUI, click on the "Download
    Credentials" button to download the x509 certificates. Now on your system; do the following;

unpack the zip-file into it, and source the included 'eucarc'.

mkdir ~/.euca

cd ~/.euca

unzip euca2-test-x509.zip/euca2-test-x509.zip

chmod 0700 ~/.euca 

chmod 0600 *

2. [root@localhost .euca]# source eucarc

3. Create a private/public key pair;

[root@localhost .euca]# euca-add-keypair my_key > my_key.private

4. chmod 0600 my_key.private
5. View the key pair that has been created;

[root@localhost .euca]# euca-describe-keypairs

KEYPAIR my_key ae:fc:15:bc:70:e0:31:e1:46:d5:66:0e:86:0c:89:80:7f:38:94:d8

6. Enter euca-authorize, followed by the name of the security group, and the options of the 
    network rules you want to apply.

euca-authorize <security_group>

I have allowed the security group default with unlimited network access using

SSH (TCP, port 22) and remote desktop (TCP, port 3389):

[root@localhost .euca]# euca-authorize -P tcp -p 22 -s 0.0.0.0/0 default

default None None tcp 22 22 0.0.0.0/0

GROUP default

PERMISSION default ALLOWS tcp 22 22 FROM CIDR 0.0.0.0/0

[root@localhost .euca]# euca-authorize -P tcp -p 3389 -s 0.0.0.0/0 default

default None None tcp 3389 3389 0.0.0.0/0

GROUP default

PERMISSION default ALLOWS tcp 3389 3389 FROM CIDR 0.0.0.0/0

7. Now, check the available images;

[root@localhost .euca]# euca-describe-images

IMAGE eri-E83A14C7 ramdisk-bucket/initrd.img-2.6.24-19-xen.manifest.xml admin available

    public i386 ramdisk instance-store

IMAGE emi-3EE71249 image-bucket/centos.5-3.x86.img.manifest.xml admin available public  
    x86_64 machine eki-90461383 eri-E83A14C7

instance-store

IMAGE eki-90461383 kernel-bucket/vmlinuz-2.6.24-19-xen.manifest.xml admin available public i386 kernel instance-store

(The value at the second column in the second row is your machine image ID, you would use    
    this ID to get into the cloud) 

8. Now run the machine image with the private key you have created;

[root@localhost .euca]# euca-run-instances -k my_key emi-3EE71249

RESERVATION r-3C1B081B test test-default

INSTANCE i-38C4066D emi-3EE71249 0.0.0.0 0.0.0.0 pending my_key 2012-04-

    17T09:57:25.031Z eki-90461383 eri-E83A14C7

9. Check the state of the instance;

[root@localhost .euca]# euca-describe-instances 

RESERVATION r-3C1B081B test default

INSTANCE i-38C4066D emi-3EE71249 172.16.20.238 172.16.20.238 running my_key 0  
    m1.small 2012-04-17T09:57:25.031Z

eucluster eki-90461383 eri-E83A14C7

10. Once you see the status as running, you can login to your Cloud Instance;

[root@localhost .euca]# ssh -i my_key.private root@172.16.20.238

The authenticity of host '172.16.20.238 (172.16.20.238)' can't be established.

RSA key fingerprint is d9:53:41:68:42:91:9a:83:3e:5e:af:72:20:7a:f3:08.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '172.16.20.238' (RSA) to the list of known hosts.

-bash-3.2# cat /etc/redhat-release 

CentOS release 5.3 (Final)

                                                                      -----***-----

                                  Cheers !!! :) 

                        Happy Cloud Computing !

Related Links:
https://engage.eucalyptus.com/customer/portal/questions/275660-how-to-create-an-instance