B. Front-End:
done.
Setting up euca2tools, Register, Bundle and Upload a Machine Image
A. On the front-end system install "euca2ools". This would be required to Bundle, Upload and
Register image.
Steps to install "euca2ools";
1. Export the architecture for which "euca2ools" would be installed;
export ARCH=i386
2. Add the "euca2ools" specific lines in the /etc/yum.repos.d/euca.repo, so that it looks like the
following;
[root@eucalyptus-front euca-centos-5.3-i386]# cat /etc/yum.repos.d/euca.repo
[euca]
name=Eucalyptus
baseurl=http://www.eucalyptussoftware.com/downloads/repo/eucalyptus/2.0.3/yum/centos/i38
6/
gpgcheck=0
[euca2ools]
name=Euca2ools
baseurl=http://www.eucalyptussoftware.com/downloads/repo/euca2ools/1.3.1/yum/centos/
enabled=1
gpgcheck=0
3. Now install "euca2ools"
yum install euca2ools.$ARCH
B. Download, bundle, upload and Register an image:
1. On the Front-End system, download an image from the list of Eucalyptus-certified Images as
displayed
https://172.16.20.234:8443/#extras
Download it under a directory;
eg. /home/cloud/Downloads wget http://eucalyptussoftware.com/downloads/eucalyptus-
images/euca-centos-5.3-i386.tar.gz .
2. Uncompress the file;
[root@eucalyptus-front Downloads]# tar -xvzf euca-centos-5.3-i386.tar.gz
3. Move to the uncompressed directory;
[root@eucalyptus-front Downloads]# cd euca-centos-5.3-i386
Now Bundle, upload and register (repeat the process for kernel, initrd and img files;
4. Bundle, upload and register kernel (Since, we are using XEN so we would be working with
xen-kernel)
I. Eucalyptus Kernel Image:
a. Bundle kernel image:
[root@eucalyptus-front euca-centos-5.3-i386]# euca-bundle-image -i xen-kernel/vmlinuz-
2.6.24-19-xen--kernel true --arch i386
i386
Checking image
Tarring image
Encrypting image
Splitting image...
Part: vmlinuz-2.6.24-19-xen.part.0
Generating manifest /tmp/vmlinuz-2.6.24-19-xen.manifest.xml
b. Upload:
[root@eucalyptus-front euca-centos-5.3-i386]# euca-upload-bundle -b kernel-bucket -m
/tmp/vmlinuz-2.6.24-19-xen.manifest.xml
Checking bucket: kernel-bucket
Creating bucket: kernel-bucket
Uploading manifest file
Uploading part: vmlinuz-2.6.24-19-xen.part.0
Uploaded image as kernel-bucket/vmlinuz-2.6.24-19-xen.manifest.xml
c. Register:
[root@eucalyptus-front euca-centos-5.3-i386]# euca-register kernel-bucket/vmlinuz-2.6.24-
19-xen.manifest.xml
IMAGE eki-90461383
d. You may want to check the image which you have registered by;
[root@eucalyptus-front euca-centos-5.3-i386]# euca-describe-images
IMAGE eki-90461383 kernel-bucket/vmlinuz-2.6.24-19-xen.manifest.xml admin available
public i386 kernel instance-store
II. Eucalyptus Ramdisk Image:
a. Bundle:
[root@eucalyptus-front euca-centos-5.3-i386]# euca-bundle-image -i xen-kernel/initrd.img-
2.6.24-19-xen --ramdisk true --arch i386
i386
Checking image
Tarring image
Encrypting image
Splitting image...
Part: initrd.img-2.6.24-19-xen.part.0
Generating manifest /tmp/initrd.img-2.6.24-19-xen.manifest.xml
b. Upload:
[root@eucalyptus-front euca-centos-5.3-i386]# euca-upload-bundle -b ramdisk-bucket -m
/tmp/initrd.img-2.6.24-19-xen.manifest.xml
Checking bucket: ramdisk-bucket
Creating bucket: ramdisk-bucket
Uploading manifest file
Uploading part: initrd.img-2.6.24-19-xen.part.0
Uploaded image as ramdisk-bucket/initrd.img-2.6.24-19-xen.manifest.xml
c. Register:
[root@eucalyptus-front euca-centos-5.3-i386]# euca-register ramdisk-bucket/initrd.img-
2.6.24-19-xen.manifest.xml
IMAGE eri-E83A14C7
d. You may want to check the image which you have registered by;
[root@eucalyptus-front euca-centos-5.3-i386]# euca-describe-images
IMAGE eri-E83A14C7 ramdisk-bucket/initrd.img-2.6.24-19-xen.manifest.xml admin
available public i386 ramdisk instance-store
IMAGE eki-90461383 kernel-bucket/vmlinuz-2.6.24-19-xen.manifest.xml admin available
public i386 kernel instance-store
III. Eucalyptus Machine Image:
a. Bundle:
[root@eucalyptus-front euca-centos-5.3-i386]# euca-bundle-image -i centos.5-3.x86.img --
kernel eki-90461383 --ramdisk eri-E83A14C7
Checking image
Tarring image
Encrypting image
Splitting image...
Part: centos.5-3.x86.img.part.0
Part: centos.5-3.x86.img.part.1
Part: centos.5-3.x86.img.part.2
Part: centos.5-3.x86.img.part.3
Part: centos.5-3.x86.img.part.4
Part: centos.5-3.x86.img.part.5
Part: centos.5-3.x86.img.part.6
Part: centos.5-3.x86.img.part.7
Part: centos.5-3.x86.img.part.8
Part: centos.5-3.x86.img.part.9
Part: centos.5-3.x86.img.part.10
Part: centos.5-3.x86.img.part.11
Part: centos.5-3.x86.img.part.12
Part: centos.5-3.x86.img.part.13
Part: centos.5-3.x86.img.part.14
Part: centos.5-3.x86.img.part.15
Part: centos.5-3.x86.img.part.16
Part: centos.5-3.x86.img.part.17
Part: centos.5-3.x86.img.part.18
Part: centos.5-3.x86.img.part.19
Part: centos.5-3.x86.img.part.20
Part: centos.5-3.x86.img.part.21
Part: centos.5-3.x86.img.part.22
Generating manifest /tmp/centos.5-3.x86.img.manifest.xml
b. Upload:
[root@eucalyptus-front euca-centos-5.3-i386]# euca-upload-bundle -b image-bucket -m
/tmp/centos.5-3.x86.img.manifest.xml
Checking bucket: image-bucket
Creating bucket: image-bucket
Uploading manifest file
Uploading part: centos.5-3.x86.img.part.0
Uploading part: centos.5-3.x86.img.part.1
Uploading part: centos.5-3.x86.img.part.2
Uploading part: centos.5-3.x86.img.part.3
Uploading part: centos.5-3.x86.img.part.4
Uploading part: centos.5-3.x86.img.part.5
Uploading part: centos.5-3.x86.img.part.6
Uploading part: centos.5-3.x86.img.part.7
Uploading part: centos.5-3.x86.img.part.8
Uploading part: centos.5-3.x86.img.part.9
Uploading part: centos.5-3.x86.img.part.10
Uploading part: centos.5-3.x86.img.part.11
Uploading part: centos.5-3.x86.img.part.12
Uploading part: centos.5-3.x86.img.part.13
Uploading part: centos.5-3.x86.img.part.14
Uploading part: centos.5-3.x86.img.part.15
Uploading part: centos.5-3.x86.img.part.16
Uploading part: centos.5-3.x86.img.part.17
Uploading part: centos.5-3.x86.img.part.18
Uploading part: centos.5-3.x86.img.part.19
Uploading part: centos.5-3.x86.img.part.20
Uploading part: centos.5-3.x86.img.part.21
Uploading part: centos.5-3.x86.img.part.22
Uploaded image as image-bucket/centos.5-3.x86.img.manifest.xml
c. Register:
[root@eucalyptus-front euca-centos-5.3-i386]# euca-register image-bucket/centos.5-
3.x86.img.manifest.xml
IMAGE emi-3EE71249
d. You may want to check the image which you have registered by;
[root@eucalyptus-front euca-centos-5.3-i386]# euca-describe-images
IMAGE eri-E83A14C7 ramdisk-bucket/initrd.img-2.6.24-19-xen.manifest.xml admin
available public i386 ramdisk instance-store
IMAGE emi-3EE71249 image-bucket/centos.5-3.x86.img.manifest.xml admin available
public x86_64 machine eki-90461383 eri-E83A14C7 instance-store
IMAGE eki-90461383 kernel-bucket/vmlinuz-2.6.24-19-xen.manifest.xml admin available
public i386 kernel instance-store
C. Configuring DHCP server on the Front-End:
On the Front-End system, configure DHCP server so that IP's could be assigned automatically
when an instance is run;
1. Copy the sample configuration file of DHCP under /etc/
[root@eucalyptus-front /]# cp /usr/share/doc/dhcp*/dhcpd.conf /etc/dhcpd.conf
2. Make the required changes;
eg. I made the following entries (you may configure it to your need);
/etc/dhcpd.conf
ddns-update-style interim;
ignore client-updates;
subnet 172.16.20.0 netmask 255.255.255.0 {
# --- default gateway
#
option routers 172.16.20.1;
option subnet-mask 255.255.255.0;
# option nis-domain "domain.org";
# option domain-name "domain.org";
option domain-name-servers 172.16.20.234;
# option time-offset -18000; # Eastern Standard Time
# option ntp-servers 192.168.1.1;
# option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
range dynamic-bootp 172.16.20.236 172.16.20.240;
default-lease-time 21600;
max-lease-time 43200;
# # we want the nameserver to appear at a fixed address
# host ns {
# next-server marvin.redhat.com;
# hardware ethernet 12:34:56:78:AB:CD;
# fixed-address 207.175.42.254;
# }
}
3. Start the DHCP service as;
[root@eucalyptus-front /]# service dhcpd configtest
[root@eucalyptus-front /]# service dhcpd start
Running a Machine Image:
Once everything has been done, its time now to run an image. Register youself with the Eucalyptus Private cloud using the Front-End GUI form (eg. https://172.16.20.234:8443/#apply). Once applied, you would see a message like the one below;
"Thank you for signing up! Your request has been forwarded to the cloud administrator. If your application is approved, you will receive an email message (at the address you specified) with instructions for activating your account."
The administrator on the other hand upon receiving the request may either "Approve" or "Reject" your request. On approval, you would receive an email containing the "link" to access Eucalyptus Front-End GUI.
To use the system with client tools, you need to obtain user credentials. Upon login, from the 'Credentials' tab, users can obtain two types of credentials: x509 certificates and query interface credentials. Use the 'Download Credentials' button to download a zip-file with both or click on the 'Show Keys' to see the query interface credentials. You will be able to use your credentials with Euca2ools, Amazon EC2 tools and third-party tools like rightscale.com. Create a directory to store your credentials, unpack the zip-file into it, and source the included 'eucarc'.
1. Assuming that your request has been approved. Login to GUI, click on the "Download
Credentials" button to download the x509 certificates. Now on your system; do the following;
unpack the zip-file into it, and source the included 'eucarc'.
mkdir ~/.euca
cd ~/.euca
unzip euca2-test-x509.zip/euca2-test-x509.zip
chmod 0700 ~/.euca
chmod 0600 *
2. [root@localhost .euca]# source eucarc
3. Create a private/public key pair;
[root@localhost .euca]# euca-add-keypair my_key > my_key.private
4. chmod 0600 my_key.private
5. View the key pair that has been created;
[root@localhost .euca]# euca-describe-keypairs
KEYPAIR my_key ae:fc:15:bc:70:e0:31:e1:46:d5:66:0e:86:0c:89:80:7f:38:94:d8
6. Enter euca-authorize, followed by the name of the security group, and the options of the
network rules you want to apply.
euca-authorize <security_group>
I have allowed the security group default with unlimited network access using
SSH (TCP, port 22) and remote desktop (TCP, port 3389):
[root@localhost .euca]# euca-authorize -P tcp -p 22 -s 0.0.0.0/0 default
default None None tcp 22 22 0.0.0.0/0
GROUP default
PERMISSION default ALLOWS tcp 22 22 FROM CIDR 0.0.0.0/0
[root@localhost .euca]# euca-authorize -P tcp -p 3389 -s 0.0.0.0/0 default
default None None tcp 3389 3389 0.0.0.0/0
GROUP default
PERMISSION default ALLOWS tcp 3389 3389 FROM CIDR 0.0.0.0/0
7. Now, check the available images;
[root@localhost .euca]# euca-describe-images
IMAGE eri-E83A14C7 ramdisk-bucket/initrd.img-2.6.24-19-xen.manifest.xml admin available
public i386 ramdisk instance-store
IMAGE emi-3EE71249 image-bucket/centos.5-3.x86.img.manifest.xml admin available public
x86_64 machine eki-90461383 eri-E83A14C7
instance-store
IMAGE eki-90461383 kernel-bucket/vmlinuz-2.6.24-19-xen.manifest.xml admin available public i386 kernel instance-store
(The value at the second column in the second row is your machine image ID, you would use
this ID to get into the cloud)
8. Now run the machine image with the private key you have created;
[root@localhost .euca]# euca-run-instances -k my_key emi-3EE71249
RESERVATION r-3C1B081B test test-default
INSTANCE i-38C4066D emi-3EE71249 0.0.0.0 0.0.0.0 pending my_key 2012-04-
17T09:57:25.031Z eki-90461383 eri-E83A14C7
9. Check the state of the instance;
[root@localhost .euca]# euca-describe-instances
RESERVATION r-3C1B081B test default
INSTANCE i-38C4066D emi-3EE71249 172.16.20.238 172.16.20.238 running my_key 0
m1.small 2012-04-17T09:57:25.031Z
eucluster eki-90461383 eri-E83A14C7
10. Once you see the status as running, you can login to your Cloud Instance;
[root@localhost .euca]# ssh -i my_key.private root@172.16.20.238
The authenticity of host '172.16.20.238 (172.16.20.238)' can't be established.
RSA key fingerprint is d9:53:41:68:42:91:9a:83:3e:5e:af:72:20:7a:f3:08.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.20.238' (RSA) to the list of known hosts.
-bash-3.2# cat /etc/redhat-release
CentOS release 5.3 (Final)
-----***-----
Cheers !!! :)