190 lines
7.9 KiB
TeX
190 lines
7.9 KiB
TeX
\section{Running Orchestrator}
|
|
The \verb!orchestrator! command, located in the bin directory under the source that was fetched from github,
|
|
is used to start and stop an inception cloud.
|
|
The inception cloud environment consists of at least 4 Inception Control VMs (ICVMs) in the environment:
|
|
|
|
%&indent
|
|
\begin{itemize}
|
|
\item A gateway machine that will be given a public IP address and function much in the same way as the
|
|
boot-up VM being used to start the cloud.
|
|
|
|
\item A controller machine used to run the OpenStack software and to provide the OpenStack Dashboard interface.
|
|
|
|
\item A chef machine used to manage Chef installation and configuration scripts.
|
|
|
|
\item One or more worker machines used to host the inception virtual machines (iVMs).
|
|
\end{itemize}
|
|
|
|
\noindent
|
|
The following sections describe how orchestrator is used.
|
|
|
|
\begin{figure}
|
|
\centering
|
|
\includegraphics[width=\linewidth]{start_overview.pdf}
|
|
\tiny
|
|
\caption{\small The environment, after orchestrator has created ICVMs, showing the communication path between orchestrator and the ICVMs.
|
|
\label{fg_overview} \normalsize
|
|
}
|
|
\normalsize
|
|
\end{figure}
|
|
|
|
\subsection{Starting The Inception Cloud}
|
|
The \verb!orchestrator! command is located in the \verb!bin! directory within the source cloned from github.
|
|
The bin directory can be added to the path, or the command can be executed with a fully qualified path.
|
|
It will probably be necessary to add the top level inception directory to the \verb!PYTHONPATH! environment variable
|
|
if inception was not installed.
|
|
%.sp
|
|
Using the \verb!--help! option will cause all of the possible command line options to be written to the tty device.
|
|
For the most part, at least for the first time user, only a few are needed and are described below.
|
|
|
|
\dlbeg{0.85in}
|
|
\dlitem{-p prefix}{
|
|
This command line flag is required and supplies the prefix string that is used when defining the ICVM names.
|
|
}
|
|
|
|
\vspace{5pt}
|
|
\dlitem{-n n}{
|
|
Specifies the number of work ICVMs that are created. The iVMs which are created in the inception cloud are hosted
|
|
on the work VMs thus the number needed is directly related to the number of iVMs that will be created in the inception cloud.
|
|
}
|
|
|
|
\vspace{5pt}
|
|
\dlitem{-~-image=}{
|
|
Supplied the image name to be used for all ICVMs. If not supplied a base image of Ubuntu 12.04 (64 bit) is
|
|
created and used for each ICVM.
|
|
}
|
|
|
|
\vspace{5pt}
|
|
\dlitem{-~-ssh\_keyfile=}{
|
|
Provides the name of the private key that is to be injected as the user key for each of the
|
|
control VMs that are created.
|
|
}
|
|
|
|
\vspace{5pt}
|
|
\dlitem{-~-user=}{
|
|
The user name created on each node with sudo capabilities. If not given, ubuntu is used.
|
|
}
|
|
\dlend
|
|
|
|
\noindent
|
|
The following illustrates the command to start an inception cloud with one worker and a prefix of \verb!scooter0.!
|
|
|
|
\small\begin{verbatim}
|
|
orchestrator -n 1 -p scooter0 \
|
|
--ssh_keyfile=$HOME/.vmkeys/agave.shared.pk
|
|
\end{verbatim}\normalsize
|
|
\noindent
|
|
The creation and initialisation of the ICVMs takes about 20 minutes during which time a fair few messages
|
|
are written to standard error.
|
|
When orchestrator has finished, a set of messages should be written to stdout indicating success and which give the IP
|
|
addresses and URLs for various things in the newly created environment.
|
|
The following is a sample of these messages (date, time, and system indentification information has bee excluded for brevity):
|
|
|
|
\small\begin{verbatim}
|
|
Your inception cloud 'scooter0' is ready!!!
|
|
Gateway IP is 135.207.223.158
|
|
Chef server WebUI is http://192.168.254.28:4040
|
|
OpenStack dashboard is https://192.168.254.29
|
|
\end{verbatim}\normalsize
|
|
|
|
\subsection{Stopping The Inception Cloud}
|
|
The inception cloud can be stopped manually by halting all of the ICVMs, or orchestrator can be used
|
|
giving it the \verb!--cleanup! command line flag which causes it to terminate all of the ICVMs.
|
|
|
|
\small\begin{verbatim}
|
|
orchestrator -p scooter0 --cleanup
|
|
\end{verbatim}\normalsize
|
|
|
|
\subsection{Finalisation}
|
|
It will take approximately 20 minutes for orchestrator to start the inception cloud.
|
|
Once orchestrator reports that the inception cloud is ready, a small amount of housekeeping should be done.
|
|
These tasks include:
|
|
|
|
\begin{itemize}
|
|
\item Determining the network addresses of the gateway ICVM.
|
|
|
|
\item Repointing sshuttle to use the gateway ICVM and to reference the ICVM control network
|
|
|
|
\item Stopping the boot-up VM
|
|
|
|
\item Adding the controller to /etc/hosts
|
|
|
|
\item Creating credentials for your inception cloud
|
|
\end{itemize}
|
|
|
|
\subsubsection{Repointing Sshuttle}
|
|
Once the ICVMs are running, sshuttle should be "pointed" at the gateway ICVM so that the boot-up VM can be stopped.
|
|
Sshuttle must also be set to tunnel requests for the private control network that is used by the
|
|
ICVMs as this is the network on which the nova authorisation and dashboard processes listen on.
|
|
The following commands illustrate how this can be done:
|
|
|
|
\small\begin{verbatim}
|
|
nova list | grep scooter0-gateway
|
|
ssh ubuntu@yyy.yyy.yyy.yyy ifconfig eth1
|
|
sshuttle -e ssh -A -i ~/.vmkeys/agave.shared.pk -v \
|
|
-r ubuntu@yyy.yyy.yyy.yyy \
|
|
192.168.254.0/24 zzz.zzz.zzz.0/24
|
|
|
|
\end{verbatim}\normalsize
|
|
\noindent
|
|
Where:
|
|
|
|
\dlbeg{0.9in}
|
|
\dlitem{scooter0}{ Is the prefix that was given to orchestrator when the inception cloud was started.}
|
|
|
|
\vspace{5pt}
|
|
\dlitem{yyy.yyy.yyy.yyy}{ Is the public IP address for the gateway.}
|
|
|
|
\vspace{5pt}
|
|
\dlitem{zzz.zzz.zzz.0} {
|
|
Is the network address of the control network. The netmask also must be checked to determine if /24 is
|
|
the appropriate number of bits being used to represent a host id; if not it must be changed to match the netmask.
|
|
}
|
|
|
|
\vspace{5pt}
|
|
\dlitem{ubuntu}{ Is the user name that was injected onto each of the ICVMs. }
|
|
\dlend
|
|
|
|
After these commands are executed sshuttle will again be running on the workstation and managing a tunnel between the
|
|
workstation and both the virtual network and the inception cloud's private control network in the OpenStack environment.
|
|
|
|
\subsubsection{Modifying /etc/hosts}
|
|
In order to use the inception cloud OpenStack dashboard (URL given in the last set of messages generated by orchestrator),
|
|
the workstation must be able to resolve the
|
|
controller host name (e.g. \verb!scooter0-controller! using the earlier example prefix).
|
|
The easiest way to do this is to have sshuttle forward all DNS requests to the inception cloud environment for resolution.
|
|
This is done with the addition of a command line flag on the sshuttle command, however shuffling all of the workstation's DNS
|
|
traffic into the VM environment is probably not a very wise choice.
|
|
Instead, the host name of the controller, and it's control network IP address (zzz.zzz.zzz.hhh) should be added to the
|
|
\verb!/etc/hosts! file on the workstation.
|
|
|
|
|
|
\subsubsection{Setting Credentials}
|
|
Credentials must be set in the environment to allow nova to be used on the workstation to control the iVMs in the
|
|
inception cloud.
|
|
The following is a list of variables that must be exported and their approximate values (the IP address supplied for the
|
|
authorisation URL will be different as might the username).
|
|
The password was given to the user \emph{demo} via the dashboard using the \emph{admin} user ID.
|
|
|
|
\small\begin{verbatim}
|
|
export OS_AUTH_URL=http://10.251.0.3:5000/v2.0/
|
|
export OS_TENANT_NAME="demo"
|
|
export OS_USERNAME=demo
|
|
export OS_PASSWORD=demo
|
|
\end{verbatim}\normalsize
|
|
|
|
The network address given is that of the private control network.
|
|
The dashboard can be used to setup any users and\/or projects (tenants) that are needed in the inception cloud.
|
|
The admin user ID and password are admin/admin by default.
|
|
|
|
\begin{figure}
|
|
\centering
|
|
\includegraphics[width=\linewidth]{inception_final.pdf}
|
|
\caption{
|
|
\small The virtual environment after cleanup showing path of browser traffic with the dashboard.
|
|
\label{fg_final}\normalsize
|
|
}
|
|
\normalsize
|
|
\end{figure}
|
|
Following housekeeping, the environment should be as shown in figure \ref{fg_final}.
|