The goal of this HowTo is to have a single system setup with the Ubuntu Enterprise Cloud (UEC) and the openQRM Cloud. This system will allow to migrate services from the UEC and Amazon EC2 to the openQRM Cloud and from openQRM Cloud to UEC and Amazon EC2.
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
openQRM how-to: Setup UEC and openQRM cloud
1. The perfect server: openQRM, UEC and EC2 on Ubuntu 10.10
This documentation is brought to you by openQRM Enterprise
http://www.openqrm-enterprise.com
Document Version : 27.10.2010
openQRM Enterprise GmbH
Berrenrather Straße 188c
50937 Köln / Germany
Telefon : +49 (0) 221 995589-10
Fax : +49 (0) 221 995589-20
Mail : info@openqrm-enterprise.com
Table of Contents
The perfect server: openQRM, UEC and EC2 on Ubuntu 10.10 ..............................................................1
Hybrid Cloud Computing with openQRM.................................................................................................2
Requirements.........................................................................................................................................2
Install the system with Ubuntu 10.10 (64bit) as a "Node Controller" ..................................................2
Install openQRM from the source repository........................................................................................3
Install the Ubuntu Enterprise Cloud Controller in a KVM VM............................................................8
Configure the Ubuntu Enterprise Cloud .............................................................................................43
Import an AMI from the Ubuntu Enterprise Cloud (or Amazon EC2) ..............................................50
Run the imported AMI on a local KVM VM .....................................................................................64
Export an openQRM Image to Amazon EC2 .....................................................................................76
Thanks.................................................................................................................................................83
Urls......................................................................................................................................................83
2. Hybrid Cloud Computing with openQRM
The goal of this HowTo is to have a single system setup with the Ubuntu Enterprise Cloud
(UEC) and the openQRM Cloud. This system will allow to migrate services from the UEC and
Amazon EC2 to the openQRM Cloud and from openQRM Cloud to UEC and Amazon EC2.
Requirements
- 1 64bit system having the VT (Virtualization Technology) CPU extension
- 2 GB RAM (or more)
- 200 GB disk space (or more)
Install the system with Ubuntu 10.10 (64bit) as a "Node Controller"
• Boot the system from the Ubuntu CD
• Select "Install Ubuntu Enterprise Cloud"
• Set a static ip-address
◦ in this Howto it will be 192.168.88.100, hostname will be "perf"
• Continue with an empty (blank) Cloud Controller address
• During the Cloud package selection just select "Node Controller"
◦ deselect everything else
• In the partitioning screen
◦ Create a partiton (primary) for /
▪ in this Howto it will be /dev/sda1
◦ Create a partition (primary) for swap
▪ in this Howto it will be /dev/sda2
◦ Create a partition (primary) to be used by lvm
▪ this should be huge, in this Howto it will be /dev/sda3
After the installation finished reboot into the fresh Ubuntu 10.10 system.
Now create a iso image from the Ubuntu 10.10 CD. Insert the CD, open a terminal and run :
sudo bash
mkdir /isos
dd if=/dev/cdrom of=/isos/ubuntu-10.10.iso
3. Install openQRM from the source repository
Installing openQRM from the projects subversion repository will include the latest features.
sudo bash
apt-get install subversion nfs-kernel-server
cd
mkdir openqrm
cd openqrm
svn co https://openqrm.svn.sourceforge.net/svnroot/openqrm openqrm
cd trunk/openqrm/src
make && make install && make start
Then point your browser to http://192.168.88.100/openqrm to finalize the openQRM Server
configuration. The default username and password after a fresh installation is "openqrm" (for
user + pass). Please make sure you update this default password after first login !
In the first setup screen please select "br0" as the openQRM interface.
7. Now we are going to enable the required openQRM plugins for this HowTo.
• Enable and start the following plugins :
◦ kvm, kvm-storage, lvm-storage, hybrid-cloud, tftpd
• Just enable the "dhcpd" plugin. Do not start it (yet) !
8. We are mpw going to install the Ubuntu Enterprise Cloud Controller within a virtual machine
managed by openQRM. The virtual-machine type for the UEC CC will be "kvm-storage".
Install the Ubuntu Enterprise Cloud Controller in a KVM VM
First we need to prepare the partition dedicated as our image store (/dev/sda3).
Open a terminal and run the following commands :
sudo bash
pvcreate /dev/sda3
vgcreate lvols /dev/sda3
9. Now we are going to prepare the volume to install the UEC CC on.
• Goto Base -> Components -> Storage -> New Storage
10. • Create a new kvm-storage server (type KVM LVM Storage) using the openQRM
system as the resource
11. • Provide a name for the kvm-storage server, here we will use "kvmstorageserver"
12. • Goto Base -> Components -> Storage and click on "Mgmt" of the kvm-storage
◦ Select the "lvols" volume group
13. ◦ Create a new volume for the UEC "Cloud Controller" on the kvm-storage server.
◦ Name it "ubuntucc" and give it at least 40GB volume size.
15. • Goto Base -> Components -> Image -> New Image
◦ Select the kvm-storage server "kvmstorageserver"
16. ◦ Povide a name for the "image" object, here we will use "ubuntucc"
17. Here the Image list after we have created the Image object.
Now we are going to prepare the VM resource for the UEC CC.
18. Create the kvm-storage Hosts
• Goto Base -> Appliance -> Create and create a new kvm-storage Host appliance
using the openQRM system as the resource
19. ◦ Provide a name for the appliance, here we will use "kvmstoragehost"
◦ Select "KVM-Storage Host" as the resource type
20. Here the fresh created KVM-Storage Host in the Appliance overview.
21. Create a new kvm-storage VM:
• Goto Plugins -> Virtualization -> kvm-storage -> VM-Manager
◦ Select the kvm-storage Host
22. • Create a new kvm-storage VM on the Host by clicking on the + icon
23. ◦ Provide a name for the VM, here we will use "kvmstoragevm1"
◦ Set the VMs memory to at least 1024 MB
◦ Select "iso image" as the boot-medium and fill in the path to the ubuntu-10.10.iso
▪ /isos/ubuntu-10.10.iso
24. Creating the VM will reserve the VMs components and create a new, idle resource.
26. Now we will put the "image" and the "resource" we have created together via an "appliance".
• Goto Base -> Appliance -> Create
• Select the new created "idle" resource (the kvm-storage VM)
27. ◦ Provide a Name for the appliance, here we will use "ubuntucc"
◦ Leave the default kernel
◦ Select the "ubuntucc" image
◦ Select the resource type "KVM-Storage VM"
29. Here the started appliance
The idle resouce will now boot into the Ubuntu installation accessible via VNC .
Install vncviewer :
sudo bash apt-get install xtightvncviewer
30. You can access the Install screen via "vncviewer" on the openQRM Server.
vncviewer 192.168.88.100:50
Hints
• For kvm-storage VMs the first VNC id will be 50
• If you are logged in via ssh you need to have X-forwarding enabled
◦ e.g. ssh -X openqrm
• A remote VM console integrated into openQRM is available from openQRM Enterprise
◦ http://www.openqrm-enterprise.com
31. For the Ubuntu Enterprise Cloud Controller installation follow the steps below :
• Select "Install Ubuntu Enterprise Cloud"
• Manually configure the network device. Set a static ip-address
◦ in this HowTo it will be 192.168.88.101, hostname ubuntucc)
32. • Otherwise go with the defaults installation parameters
• Later in the installation setup the ip-addresses to be used by UEC
◦ In this Howto this will be 192.168.88.102-192.168.88.122
Rebot after the installation of the Ubuntu Enterprise Cloud Controller.
Please notice : The VM will now still try to boot from the CD and fail !
This is because the VM is still configured to boot from the iso image.
Please see the next part how to re-configure the VM to boot from local disk.
33. Before we will boot the now ready installed Ubuntu Enterprise Cloud Controller we will create
a snapshot of its disk. Then we will re-configure the "ubuntucc" appliance to use the snapshot
instead of the origing volume. This enables you to roll-back at any time in case you need a
fresh Cloud Controller.
Here how to create the snapshot :
• Goto Base -> Appliance and stop the ubuntucc appliance
34. • Goto Base -> Components -> Storage and click on "Mgmt" of the kvm-storage
◦ Select the "lvols" volume group
◦ Fill in a snapshot name (here "ccsnapshot1" and provide a size, here 20GB).
◦ Click on "snap"
36. Now we have to create a new Image from the snapshot volume:
• Goto Base -> Components -> Image -> New Image
◦ Select the kvm-storage server "kvmstorageserver"
◦ Povide a name for the new "image" object, here we will use "ccsnapshot1" and
select the "ccsnapshot1" volume as the root-device
37. • Goto Base -> Appliance and edit the ubuntucc appliance
◦ Adjust the Root-device to the “ccsnapshot1” image and save
38. Now re-configure the VM to do a localboot :
• Goto Plugins -> Virtualization and stop the VM
39. • When the VM is stopped click on "Config"
• In the config screen edit the boot-order
40. • Set the boot-order to "local boot"
• Click on back to go to the Virtual Machine list
42. • Goto Base -> Appliance and start the ubuntucc appliance again
You can now access the VM again via "vncviewer" on the openQRM Server.
vncviewer 192.168.88.100:50
to check its boot-up from local disk.
43. Configure the Ubuntu Enterprise Cloud
You can now access the UEC Configuration Panel at https://192.168.88.101:8443
The first time when connecting it will tell in the browser "This Connection is Untrusted".
Add an exception for it and it will forward you to the login panel.
The default login for the UEC is user "admin" with the password "admin".
44. Now it is a good time to download your UEC Cloud credentials.
45. Here how to install the credentials on your openQRM Server. Please open a terminal and
run :
mkdir .euca
mv euca2-admin-x509.zip .euca/
cd .euca/
unzip euca2-admin-x509.zip
. eucarc
46. After that you are able to use the UEC commandline tools e.g. euca-describe-availability-
zones
Next step is to set the password for user "eucalyptus" on the openQRM server which is also a
UEC Node Controller.
sudo bash
passwd eucalyptus
We need to have this in the following step on the UEC system itself to discover the Node
Controller.
Login to the UCE Cloud Controller (the VM at 192.168.88.101) and run :
sudo euca_conf --discover-nodes
This will automatically rsync the ssh-keys and add the Node Controller to the UEC cluster.
47. Now we go back to the UEC Admin UI and download one of the pre-made UEC Images.
For this HowTo we selected the Ubuntu Karmic 10.04 64bit. Clicking on Download will
download and install the image in the UEC Cloud.
Before we actually start an instance of this AMI we need to create a ssh keypair an open port
22 on the UEC firewall to enable ssh login.
On the openQRM Server open a terminal and run :
. .euca/eucarc
euca-add-keypair mykey > ~/.euca/mykey.priv
euca-authorize -P tcp -p 22 -s 0.0.0.0/0 default
48. Starting an instance on the UEC Cloud
Now we are going to start an instance on the Ubuntu Enterprise Cloud via the euca-run-
instances command.
Open a terminal on the openQRM server and follow the steps below :
. .euca/eucarc
euca-run-instances -k mykey emi-DEBF106A -t m1.small
Please notice that you need to get the AMI name (here emi-DEBF106A) from the image
overview in UEC.
After a short while the instances is running and we can login via ssh.
ssh -i .euca/mykey.priv ubuntu@192.168.88.102
49. To prepare the Import of this AMI into openQRM we now need to adjust the
/root/.ssh/authorized_keys file on the AMI.
Simply cat the /home/ubuntu/.ssh/authorized_keys to /root/.ssh/authorized_keys to enable
passwordless ssh login for the root user too.
50. Import an AMI from the Ubuntu Enterprise Cloud (or Amazon EC2)
First step to import from the Ubuntu Enterprise Cloud is to define the UEC credentials in
openQRM.
• Goto Plugins -> Components -> Deployment -> Hybrid-Cloud -> Accounts
◦ Provide an Account name (you can choose any name)
◦ Set the path to the UEC rc-config file
◦ Set the path to the ssh-key file
◦ Set the type of the account
51. Second step for importing the AMI of the running instance is to create a volume on storage
server in openQRM.
Create a lvm-storage (NFS) server in openQRM
• Goto Base -> Components -> Storage -> New Storage
• Create a new lvm-storage server (type LVM Storage NFS) using the openQRM
system as the resource
52. ◦ Provide a name for the lvm-storage server, here we will use "lvmstorageserver"
57. Now we have to create a new Image from the new empty volume:
• Goto Base -> Components -> Image -> New Image
◦ Select the lvm-storage server "lvmstorageserver"
58. • Povide a name for the new "image" object, here we will use "uecubuntuimport" and
select the "uecubuntuimport" volume as the root-device
Everything is prepared for the import.
59. Import the AMI
• Goto Plugins -> Deployment -> Hybrid-Cloud -> Import
◦ Select your UEC account
60. ◦ On the next screen select the running instance on the UEC
61. ◦ On the next screen select the Image to transfer the AMI to and click on "put"
62.
63. openQRM will now import the AMI. You can check the Event list for the progress.
64. Run the imported AMI on a local KVM VM
For running the imported AMI please now start the dhcpd plugin
Please notice that you make sure to only have one dhcp-server running in your setup!
Eiher have openQRM serving dhcp or the UEC Cloud Controller.
65. Now create a kvm Hosts:
• Goto Base -> Appliance -> Create and create a new kvm Host appliance using the
openQRM system as the resource
66. ◦ Provide a name for the appliance, here we will use "kvmhost"
◦ Select "KVM Host" as the resource type
67. Create a new KVM VM:
• Goto Plugins -> Virtualization -> kvm -> VM-Manager, select the kvm Host
68. • Create a new kvm VM on the Host by clicking on the + icon
69. ◦ Provide a name for the VM, here we will use "kvmvm1"
70. Creating the VM will reserve the VMs components and create a new, idle resource.
71. Now we will put the "image" (the imported AMI) and the "resource" we have created (the new
KVM VM) together via an "appliance".
• Goto Base -> Appliance -> Create
◦ Select the new created "idle" resource (the idle kvm VM)
72. ◦ Provide a Name for the appliance, here we will use "uecubuntuimport"
◦ Leave the default kernel
◦ Select the "uecubuntuimport" image
◦ Select the resource type "KVM VM"
73. • Save and start the appliance
The idle resouce will now reboot and start the "uecubuntuimport" image. The VM is now
accessible via VNC
vncviewer 192.168.88.100:1
Hints
- For kvm VMs the first VNC id will be 1
75. You can ssh to the running appliance in the same way as we did for the AMI.
ssh -i .euca/mykey.priv root@192.168.88.253
Please get the ip of the appliance in the openQRM resource overview.
The imported AMI, now available in openQRM as an “Image”, can be easily made available in
the openQRM Cloud.
HowTo setup and use the openQRM Cloud is covered in another Howto at :
http://www.openqrm-enterprise.com/news/details/article/howto-setup-your-own-openqrm-
cloud-with-kvm-on-ubuntu-lucid-lynx.html
76. Export an openQRM Image to Amazon EC2
To export an openQRM Image to Amazon EC2 (or to an Ubuntu Enterprise Cloud) we first
have to install the Amazon ec2-ami-tools and ec2-api-tools.
Download the Amazon EC2 API Tools from http://aws.amazon.com/developertools/351
Download the Amazon EC2 AMI Tools from http://aws.amazon.com/developertools/368
Install both tools on the openQRM Server at /home/[username]/aws
cd
mkdir -p aws .ec2
cp ec2-ami-tools.zip ec2-api-tools.zip aws
cd aws
unzip ec2-ami-tools.zip
unzip ec2-api-tools.zip
Please make sure to have a java jdk installed. Also you need to install ruby and curl.
sudo apt-get install ruby curl
The ec2-tools require this.
Next step is to create a Amazon rc-config file allowing the ec2-tools to work seamlessly.
A sample ec2rc config file looks like this (of course this example contains random user data):
# for java to work ok
export JAVA_HOME=/home/matt/java/jdk1.6.0_14
# aws api tools
export EC2_HOME=/home/matt/aws/ec2-api-tools-1.3-57419
# aws ami tools
export EC2_AMITOOL_HOME=/home/matt/aws/ec2-ami-tools-1.3-57676
export EC2_PRIVATE_KEY=/home/matt/.ec2/pk-123456.pem
export EC2_CERT=/home/matt/.ec2/cert-123456.pem
# EU
export EC2_URL=https://ec2.eu-west-1.amazonaws.com
# US
#export EC2_URL=https://us-east-1.ec2.amazonaws.com
# keys
export EC2_ACCESS_KEY='123456'
export EC2_SECRET_KEY='123456'
export PATH=$JAVA_HOME/bin:$PATH:$EC2_HOME/bin:
$EC2_AMITOOL_HOME/bin:/usr/games:/home/matt/scripts
# aws user id for the cmdline tools
export EC2_USER_ID="123456"
77. Please save content as /home/[username]/.ec2/ec2rc
Also please download your AWS Private-key and your AWS Certificate to /home/
[username]/.ec2/
After that please source the ec2rc and check the functionality of the ec2-tools by running
“ec2-describe-regions”.
78. With the Amazon account credentials installed we are now setting up another Hybrid-Cloud
account.
• Goto Plugins -> Components -> Deployment -> Hybrid-Cloud -> Accounts
◦ Provide an Account name (you can choose any name)
◦ Set the path to the EC2 rc-config file
◦ Set the path to the ssh-key file
◦ Set the type of the account
79. Now we are ready to export the openQRM Image.
• Goto Plugins -> Deployment -> Hybrid-Cloud -> Import
◦ Select your EC2 account
80. ◦ On the next screen select the Image to transfer to Amazon
81. ◦ On the next screen provide a S3 bucket name for the AMI and configure
region, size and architecture.
82. Clicking on "export" will start the migration.
openQRM is now transferring the Image to the Amazon Cloud as a new AMI.
It will be available for deployment after bundling and uploading the AMI finished.
You can get a detailed log about the migration at /tmp/uecubuntuexport.export.debug.log.
tail -f /tmp/uecubuntuexport.export.debug.log
Same as for the Import you can also check the Event list for the progress.
As soon as the migration finished the exported openQRM Image will be available at the
Amazon EC2 Cloud. You can start it e.g. via the EC2 commadline tools on the openQRM
Server. Open a terminal an run :
. /home/[username]/.ec2/ec2rc
ec2-run-instances [ami-name] -k [ssh-keypair]
83. Thanks
We hope you enjoyed this Howto with the focus on the hybrid-cloud features of openQRM !
Urls
UEC Installation Howto - https://help.ubuntu.com/community/UEC/CDInstall
The openQRM Project – http://www.openqrm.com
openQRM Enterprise – http://www.openqrm-enterprise.com
openQRM Documentation - http://www.openqrm-enterprise.com/news/details/article/in-depth-documentation-of-openqrm-available.html
openQRM Cloud HowTo - http://www.openqrm-enterprise.com/news/details/article/howto-setup-your-own-openqrm-cloud-with-kvm-on-ubuntu-lucid-lynx.html
This documentation is brought to you by openQRM Enterprise
http://www.openqrm-enterprise.com
Copyright 2010, Matthias Rechenburg matt@openqrm-enterprise.com