getting started hacking opennebula - fosdem-2013
Post on 22-Nov-2014
1.607 Views
Preview:
DESCRIPTION
TRANSCRIPT
Fosdem 2013Brussels, Belgium, February 3rd, 2013
© OpenNebula Project. Creative Commons Attribution-NonCommercial-ShareAlike License
Getting Started Hacking OpenNebula
Jaime MelisProject Engineer
The OpenNebula Project
What is OpenNebula?
Simple Web Interface
Infrastructure Resources
Elastic & “infinite”
Public Cloud
A Cloud behind a firewall
Security Concerns
Improve Operations
Private Cloud
Hybrid Cloud / CloudBursting
Supplement Capacity
of the Private Cloud
The OpenNebula Project
What is OpenNebula?
Interfaces, Tools & API● CLI & Sunstone (GUI)● API● Cloud (EC2,OCCI)● Service Management & Catalogs
Compute Hosts● Grouped into logical clusters● Multiple hypervisors● Monitoring
Storage● VM disks (file & block)● Image Distribution● Multiple Backends
Multi-tenancy● AAA Services● Scheduling● Permissions & roles
Network● VLAN● Firewalling● Multiple Technologies
The OpenNebula Project
What is OpenNebula?
● Flexible: One solution can not fit all data-centers
● Provide basic components, but easily hacked by others
● Simple: just-what-you-need components & simple protocols
● Scalable: single instance & multi-tier architectures
● Be interoperable! rich set of API's & Interfaces
● Open Source: Apache License v2.0000
Design Principles
The OpenNebula Project
What is OpenNebula?
Physical Hardware
Hypervisor
VM VM VM VM
Host
...Physical Hardware
Hypervisor
VM VM VM VM
Host
Simplicity
The OpenNebula Project
The Cloud Integrator Perspective
The Cloud Integrator Perspective
OpenNebula core
Virtualization Images
Storage Network
Auth
Monitoring
Scheduler
XML-RPC API
OCA (Ruby, Java)
CLI GUI Cloud Servers
DB
Languages
The OpenNebula Project
The Cloud Integrator Perspective
How to Develop Drivers
OpenNebula core
Virtualization Images
Storage Network
Auth
Monitoring
Scheduler
XML-RPC API
OCA (Ruby, Java)
CLI GUI Cloud Servers
DB
Easy to adaptEasy to create new onesEasy to maintain
Drivers
● Small scripts for each action● Any language (shell, Ruby, Python,...)● Different drivers can co-exist in
heterogeneous environments
The OpenNebula Project
The Cloud Integrator Perspective
How to Develop Drivers Virtualization Drivers
● Translate the OpenNebula VM life-cycle management into specific hypervisor operations
Monitoring Drivers
● Gather information about the physical host and hypervisor status
Hybrid Cloud Drivers
● Interact with an external provider instead of a hypervisor
OpenNebula core
Virtualization Images
Storage Network
Auth
Monitoring
Scheduler
XML-RPC API
OCA (Ruby, Java)
CLI GUI Cloud Servers
DB
OpenNebula distribution Community contributions
The OpenNebula Project
The Cloud Integrator Perspective
Virtual Machine Manager Drivers
Deployment flow for KVM
Core Deployment file
ssh $host:bash kvm/deploy
● write deployment file● virsh create
<domain type='kvm'><name>one-1</name><cputune>
<shares>103</shares></cputune><memory>65536</memory><os>
<type arch='i686'>hvm
</type><boot dev='hd'/>
</os><devices>...</devices>
</domain>
[...]domain=$1
mkdir -p `dirname $domain`
cat > $domain
data=`virsh --connect $LIBVIRT_URI create $domain`
if [ "x$?" = "x0" ]; then echo $data | sed 's/Domain //' | \
sed 's/ created from .*$//'else
error_message "Could not create" \ " domain from $domain"
exit -1fi
The OpenNebula Project
The Cloud Integrator Perspective
Virtual Machine Manager Drivers
Virtualization Driver Example:Hypervisor: XenAction: migrateDescription: live-migrates a running VM to the specified Host
The OpenNebula Project
The Cloud Integrator Perspective
Creating a new set of drivers
Adapting KVM drivers for QEMU1. $ cp -r /var/lib/one/remotes/vmm/kvm /var/lib/one/remotes/vmm/qemu
2. qemu/deploy: type = 'kvm' => type = 'qemu' and call kvm/deploy
3. fix poll script to detect qemu
sed "s/type='kvm'/type='qemu'/" | $(dirname $0)/../kvm/deploy $@
qemu/deploy
@@ -269,7 +269,7 @@
if !hypervisor
case $0
- when %r{/vmm\/kvm/}
+ when %r{/vmm\/(qemu|kvm)/}
hypervisor=KVM
qemu/poll (diff)
The OpenNebula Project
The Cloud Integrator Perspective
How to Develop Drivers Image & Storage Drivers● Create or Import new Images into the
Image Repository● File management between the Image
Repository and the physical hosts
OpenNebula core
Virtualization Images
Storage Network
Auth
Monitoring
Scheduler
XML-RPC API
OCA (Ruby, Java)
CLI GUI Cloud Servers
DB
OpenNebula distribution
● Shared FS (nfs, gluster, lustre, ...)
● LVM
● iSCSI (tgt)
● SSH
● HTTP
Community contributions
CDMI APIMooseFS
Swift/Glance
The OpenNebula Project
The Cloud Integrator Perspective
Image & Storage Drivers
Datastore
● cp
● stat
● mkfs
● clone
● rm
Transfer Manager
● clone
● ln
● mkimage
● mkswap
● mv
● mvds
● context
● delete
● postmigrate
● premigrate
The OpenNebula Project
The Cloud Integrator Perspective
Image & Storage Drivers
Datastore iscsi / cp
# Create LV and Setup tgt LUNREGISTER_CMD=$(cat <<EOF set -e $SUDO $LVCREATE -L${SIZE}M ${VG_NAME} -n ${LV_NAME}
$SUDO $(tgt_setup_lun "$IQN" "$DEV") $SUDO $(tgt_admin_dump_config "$TARGET_CONF")EOF)
ssh_exec_and_log "$DST_HOST" "$REGISTER_CMD"
# Dumpexec_and_log "eval $DUMP | \
$SSH $DST_HOST $SUDO $DD of=$DEV bs=2M"
CoreImage
template base64
bash iscsi/cpssh $DST_HOST:● create LV● create tgt lun● dump image
The OpenNebula Project
The Cloud Integrator Perspective
How to Develop Drivers Networking drivers● Manage network configuration in
the hosts
● Firewalling rules
● Network Isolation
● Bridge creationOpenNebula core
Virtualization Images
Storage Network
Auth
Monitoring
Scheduler
XML-RPC API
OCA (Ruby, Java)
CLI GUI Cloud Servers
DB
OpenNebula distribution
● VLAN, 802.1Q
● OpenvSwitch
● ebtables
● FLAT
● firewall*
Structure● pre● post● clean
quantum
Community contributions
The OpenNebula Project
The Cloud Integrator Perspective
Network Drivers
802.1Q / pre
require 'HostManaged'
hm = OpenNebulaHM.from_base64(ARGV[0])exit hm.activate
Core VM template base64
ssh $DST_HOST:bash 802.1Q/pre
● create bridge● tag phy dev● attach to bridge
Strategy● what hypervisor?
● name of the vnet device?
● create bridge, tag, ...
The OpenNebula Project
The Cloud Integrator Perspective
How to Develop DriversAuthentication drivers
● Strong security● Flexibility
Authorization drivers● Add any limitations to the user actions
OpenNebula core
Virtualization Images
Storage Network
Auth
Monitoring
Scheduler
XML-RPC API
OCA (Ruby, Java)
CLI GUI Cloud Servers
DB
OpenNebula distribution Community contributions● SSH Keypairs
● x509 Certificates
● LDAP
● Active Directory
● ACLs
● Quotas
The OpenNebula Project
The Cloud Integrator Perspective
How to Interact with OpenNebulaXML-RPC
● Simple, fast● Works in any language
OCA (OpenNebula Cloud API)● High level bindings● Complete functionality● Ruby, Java, PythonOpenNebula core
Virtualization Images
Storage Network
Auth
Monitoring
SchedulerOCA (Ruby, Java)
XML-RPC API
CLI GUI Cloud Servers
DB
Community Contributions
Cloud APIs
Administrator GUI User GUI
OpenNebula distribution
●OCCI
●OVF
●CDMI
The OpenNebula Project
The Cloud Integrator Perspective
How to Interact with OpenNebula
OCA Ruby Example:Shutdown all my Virtual Machines
The OpenNebula Project
Tools for Users and Administrators
OpenNebulaApps
Automatic installation of software stacks
Manage services Host your own marketplace
{"name": "my_service", "deployment": "straight", "roles": [ { "name": "frontend", "vm_template": 0 }, { "name": "db_master", "parents": [ "frontend" ], "vm_template": 1 }]}
{"name": "wordpress", "run_list": [ "recipe[mysql::server]", "recipe[wordpress]" ], "wordpress": { "db": { "database": "${WP_DB_NAME}", "user": "${WP_DB_USER}", "password": "${WP_DB_PASSWORD}" } }, "mysql": { "server_root_password": "${DB_PASSWORD}" }}
Service Example App Example
The OpenNebula Project
Join our growing community!
Help us make OpenNebula even better by...
● Use OpenNebula! give us feedback● Join our mailing list● Report bugs or features at development at dev.
opennebula.org● Translate OpenNebula● Share your Virtual Appliances● Use 'master'● Write howto's● Share your use cases● Submit patches● Maintain OpenNebula in your distro of choice
IRC Channel
● #opennebula on irc.freenode.net
I Like OpenNebula, what can I do?
Community Activity
● Contributions by users: RIM, Akamai, Logica, FermiLab, SARA, Terradue…
● > 100 in opennebula.org/about:contributors
● ~ 500 in dev.opennebula.org
● Sunstone in 17 languages
● Components in the ecosystem by RIM, China Mobile…
The OpenNebula Project
What is OpenNebula?
opennebula.org/cloud:tryoutAvailable Platforms
● Amazon● VirtualBox● VMWare● KVM
Cloud Sandbox - Virtual Appliance
A real cloud in your laptop under 5 minutes by downloading a pre-configured automated installation of OpenNebula.
Try OpenNebula
The OpenNebula Project
Want more?
More OpenNebula @FOSDEM
Enabling cloud for e-Science with OpenNebula11:30. Chavanne. Zeeshan Ali
BuildSys and QA in CentOS using a Private Cloud: OpenNebula12:00. H.1302. Karanbir Singh & Jaime Melis
Raindrops13:00. H.1301. Karanbir Singh & Jaime Melis
The OpenNebula Project
We Will Be Happy to Answer any Question
Questions?
@opennebula
TL; DR: OpenNebula is awesome, go check it out!
The OpenNebula Project
About the Project
Differentiating Factors in the Market
● Focus on enterprise data center virtualization
● Rich functionality for private clouds: on-demand provision of virtual data centers, self-service portal and catalog, clustering, fault tolerance…
● Wide integration capabilities with data center services: monitoring, computing, storage, networking, chargeback, authentication…
● Service management with automatic installation and configuration of software stacks, multi-tier service catalog and provision…
● External cloud connectors for hybrid cloud computing
● Delivered as a production-proven, packaged product with single installing and upgrade process
● Direct support from developers
top related