OpenNebula Workshop

The following Workshop will guide you through the installation and configuration procedures for the cloud manager
OpenNebula. The Workshop is structured into the following parts:
1.
2.
3.
4.

Setup & configuration of the infrastructure

Preparation, installation and configuration of OpenNebula 2.2 beta
Administration of OpenNebula
Interfaces to OpenNebula like SunStone Webinterface and Amazon EC2 Interface

Setup & configuration of the infrastructure

For this workshop we need at least the following resources:

a host to install OpenNebula

at least one host to run the Virtual Machines (this can be the same as the one running OpenNebula, but it is
not recommended)

Install and configure the Operating System for all hosts. A minimal server installation with an activated SSH Server
is sufficient. An additional DHCP server is also recommended, but will be provided for this workshop. The DHCP
server in this workshop will also provide a NAT between a local network and a public network. All OpenNebula
hosts will have interfaces for the public and the private network. The VM Hosts will only have one interface for the
local network.

Configure OpenNebula host

Login to your OpenNebula Host via SSH and create a user for OpenNebula:
sudo mkdir -p /srv/cloud/ sudo groupadd -g 10000 cloud sudo useradd -u 10000
-g cloud -m oneadmin -d /srv/cloud/one -s /bin/bash sudo passwd oneadmin sudo
chown -R oneadmin:cloud /srv/cloud/ su -l oneadmin

Install a nfs server

sudo apt-get install nfs-kernel-server
Export /srv/cloud/one by editing /etc/exports
sudo vi /etc/exports /srv/cloud/one 172.16.18.0/24(rw,sync,no_subtree_check)
sudo /etc/init.d/nfs-kernel-server start
Due to the complex setup of NFSv4, disable it by changing the following line in /etc/defaults/nfs-kernel-server
sudo vi /etc/defaults/nfs-kernel-server RPCNFSDCOUNT='8 --no-nfs-version 4'
Now you need to create an SSH key for oneadmin and disable host key checking or make all hostkeys known on
the OpenNebula node.
su -l oneadmin ssh-keygen cat ~/.ssh/id_rsa.pub > ~/.ssh/authorized_keys echo
"StrictHostKeyChecking no" > ~/.ssh/config

Configure VM host(s)
To start the virtual machines, one or more VM hosts are required. All basic features except live-migration will work
with one host.
The VM hosts need to be able to access the home directory of the OpenNebula user. Therefore install NFS common
sudo apt-get install nfs-common
and add an NFS entry for /srv/cloud/one in /etc/fstab (change 172.16.18.2 to the local IP of your OpenNebula host):
sudo vi /etc/fstab 172.16.18.2:/srv/cloud/one /srv/cloud/one nfs defaults 0 0
Now create and mount the directory:
sudo mkdir -p /srv/cloud/one sudo mount /srv/cloud/one
Create oneadmin user:
sudo groupadd -g 10000 cloud sudo useradd -u 10000 -g cloud -m oneadmin -s
/bin/bash sudo usermod -d /srv/cloud/one oneadmin sudo passwd oneadmin sudo
chown oneadmin:cloud /srv/cloud/
Install packages for the KVM hypervisor
sudo apt-get install qemu-kvm libvirt-bin ubuntu-vm-builder bridge-utils ruby
Configure libvirt to allow users from the group cloud to manage virtual machines
sudo vi /etc/libvirt/libvirtd.conf unix_sock_group = "cloud"
Configure VNC to be accessible from the outside. For a production environment, VNC should be secured by TLS
certificates (see below):
sudo vi /etc/libvirt/qemu.conf vnc_listen = "0.0.0.0" sudo service libvirtbin restart

Change group ownership for /var/run/libvirt/libvirt-sock to allow access by users of the cloud group
sudo chown :cloud /var/run/libvirt/libvirt-sock
For live migration and secured VNC, Transport Layer Security needs to be set up. A step by step guide can be found
in the TLS Setup Guid of Libvirt.

OPTIONAL: Configure VMWare

This section is experimental. Please do NOT start configuring VMware until you have spoken to the workshop
supervisor.
You need at least libvirt version 0.8.3 with ESX support. As there are no official packages with ESX support, you
need to build your own version:
apt-get install libxml2-dev libgnutls-dev libdevmapper-dev libnl-dev wget
http://libvirt.org/sources/libvirt-0.8.8.tar.gz tar xzf libvirt-0.8.8.tar.gz
cd libvirt-0.8.8 ./configure --with-esx make make install
TODO: Complete VMware instructions
Download and install the VMware extension:
wget http://dev.opennebula.org/attachments/download/243/vmware-1.0.tar.gz
tar xzf vmware-1.0.tar.gz ./install.sh

Preparation, installation and configuration of OpenNebula

2.2 beta
To install OpenNebula several dependent packages need to be installed. In the following the installation procedure is
shown for Ubuntu 10.10 Server. Informations on other Operating Systems can be found in Plattform Notes for
OpenNebula 2.2.
Install the following packages:
sudo apt-get install libsqlite3-dev libxmlrpc-c3-dev g++ ruby libopenssl-ruby
libssl-dev ruby-dev sudo apt-get install libxml2-dev libmysqlclient-dev
libmysql++-dev libsqlite3-ruby libexpat1-dev sudo apt-get install rake
rubygems libxml-parser-ruby1.8 libxslt1-dev genisoimage scons
A couple of ruby gems need to be installed as well:
sudo gem install nokogiri rake xmlparser
OpenNebula can use a SQLite or a MySQL database. For improved performance and additional features like
VMWare support, a MySQL database should be used. Install MySQL:
sudo apt-get install mysql-server
Now configure a user and a database for OpenNebula:
mysql -u root -p CREATE USER 'oneadmin'@'localhost' IDENTIFIED BY 'oneadmin';
CREATE DATABASE opennebula; GRANT ALL PRIVILEGES ON opennebula.* TO
'oneadmin' IDENTIFIED BY 'oneadmin'; quit;
Now youre ready to install OpenNebula. First download the latest (beta) version 2.2:

su -l oneadmin wget
http://dev.opennebula.org/attachments/download/303/opennebula-2.1.80.tar.gz
tar xzf opennebula-2.1.80.tar.gz cd opennebula-2.1.80
Then, configure and build OpenNebula with mysql support
scons sqlite=no mysql=yes
Finally you can install OpenNebula in /srv/cloud/one
./install.sh -u oneadmin -g cloud -d /srv/cloud/one
OpenNebula needs some environment variables. Add them to ~/.bash_profile
vi ~/.bash_profile export ONE_LOCATION=/srv/cloud/one export
ONE_AUTH=$ONE_LOCATION/.one/one_auth export
ONE_XMLRPC=http://localhost:2633/RPC2 export
PATH=$ONE_LOCATION/bin:/usr/local/bin:/var/lib/gems/1.8/bin/:$PATH
Now source ~/.bash_profile to initialize those variables
source ~/.bash_profile
Create a file containing the OpenNebula user and password:
mkdir ~/.one echo "oneadmin:oneadmin" > ~/.one/one_auth
Configure OpenNebula by editing ~/etc/oned.conf and especially change the following sections (adapt to your
configuration):
# DB = [ backend = "sqlite" ] # Sample configuration for MySQL DB = [
backend = "mysql",
server = "localhost",
port
=
0,
user
= "oneadmin",
passwd = "oneadmin",
db_name =
"opennebula" ]
Start OpenNebula
one start

Administration of OpenNebula
First add a host
onehost create HOSTNAME im_kvm vmm_kvm tm_nfs
Download pre-configured VM
mkdir one-templates cd one-templates wget
http://dev.opennebula.org/attachments/download/170/ttylinux.tar.gz tar xzf
ttylinux.tar.gz
Adapt the network and vm templates to your needs. More information can be found in the official OpenNebula
documentation. Then create the network
onevnet create network.vnet
then youre ready to create your first VM

onevm create template.one

SunStone Webinterface
Starting with OpenNebula 2.2 a nice Webinterface called SunStone can be used. Currently it still lacks some
features but otherwise is quite impressive.
Install additional ruby gems:
sudo gem install json sinatra thin
Then start the SunStone server:
$ONE_LOCATION/bin/sunstone-server start

Amazon EC2 Interface

For the Amazon EC2 Interface additional packages and gems are needed.
sudo apt-get install libcurl4-gnutls-dev sudo gem install amazon-ec2 sinatra
thin curb sqlite3-ruby uuid
Configure EC2 by editing the following config file:
vi $ONE_LOCATION/etc/econe.conf
Adjust the default template to your needs
vi etc/ec2query_templates/m1.small.erb
As there seems to be a bug (see OpenNebula Mailinglist) with the password encryption, change line 144 in
$ONE_LOCATION/lib/ruby/cloud/econe/EC2QueryClient.rb to:
"SignatureMethod"

=> 'HmacSHA256'

Start EC2 Interface (be sure to stop other services before e.g.SunStone Server):
$ONE_LOCATION/bin/econe-server start
Use e.g. Elastic Fox to access the EC2 Interface. More information can be found on the OpenNebula EC2
Ecosystem Webpage.