fiware testbed from hardware to openstack
DESCRIPTION
FI-WARE testbed: The work carried out from hardware to the CloudTRANSCRIPT
The FI-WARE Project – Base Platform for Future Service Infrastructures
FIWARE Testbed
Henar Muñoz FrutosJose Ignacio Carretero
From hardware to Openstack
The FI-WARE Project – Base Platform for Future Service Infrastructures
FIWARE project
FI-WARE will deliver a novel service infrastructure, building upon elements (called Generic Enablers) which offer reusable and commonly shared functions making it easier to develop Future Internet Applications in multiple sectors
Testbed
The FI-WARE Project – Base Platform for Future Service Infrastructures
The hardware…
1 host in Madrid for firewalling
12 hosts in Sevilla Red.es datacenter
HP DL360 G8 E5-2609 8 cores,128 Gb RAM 2TB Hd.
Monitorización HP DL360 G8 E5-2606
1Switches de agregación HP 5820-24XG-SFP+2Switches de acceso HP 5800AF-48G
2Switch de gestion HP HI 5500-24G-4SFP
1Servidor de consolas Avocent ACS6000
1Regletas de corriente Avocent PM3008H-401
NetworkingService130.206.80.0/22
Management130.206.86.0/24ILOMs:130.206.86.101....130.206.86.112
The FI-WARE Project – Base Platform for Future Service Infrastructures
First step: install the OS
ILO https://130.206.86.103
Ubuntu 12.04.2 LTS
The FI-WARE Project – Base Platform for Future Service Infrastructures
Install hypervisor
Check if the host is KVM compatible
• egrep -c '(vmx|svm)' /proc/cpuinfo (If 1 or more it does )
• kvm-ok (KVM acceleration can be used)
Install kvm
• sudo apt-get install qemu-kvm libvirt-bin bridge-utils
› libvirt-bin provides libvirtd (to administer qemu and kvm instances using libvirt)
› qemu-kvm (kvm in Karmic and earlier) is the backend
› bridge-utils provides a bridge from your network to the virtual machines
Adding user '<username>' to group 'libvirtd
• sudo adduser `id -un` libvirtd
• groups (to check)
Verify
• virsh -c qemu:///system listhttps://help.ubuntu.com/community/KVM/Installation
The FI-WARE Project – Base Platform for Future Service Infrastructures
Some kvm/libvirt commands
VM from 0• virt-install --name testkvm --ram 1024 --disk
path=/var/lib/libvirt/images/testkvm.qcow2.img,format=qcow2 -c /var/lib/libvirt/isos/ubuntu-12.04.1-server-amd64.iso --vnc --noautoconsole --os-type linux --network=bridge:br100
VM info:• virsh dumpxml <vmname>
VM create from XML
• virsh define <vmname>
VM start
• virsh start <vmname>
VM stop
• virsh destroy < vmname >
VM delete
• Virsh undefine <vmname>
The FI-WARE Project – Base Platform for Future Service Infrastructures
KVM: Our scripts
Our scripts (Nacho’s scripts )• newInstallation: to create an image
• updateVM.sh: Updates the IP, the MAC, provides a password
• traePaca.sh: to migrate VMs
./newInstallation.sh --image ubuntu-server-12.04-1.2.img --template TemplateUbuntu1004.xml --name kvmtest2 --ram 712 --ipnum 253
The FI-WARE Project – Base Platform for Future Service Infrastructures
KVM/Networking
Install the bridge-utils package:
/ etc/network/interfaces
auto loiface lo inet loopback
auto eth0iface eth0 inet manual
auto br100iface br100 inet staticaddress 130.206.80.7gateway 130.206.80.1netmask 255.255.255.128broadcat 130.206.80.127network 130.206.80.0bridge_ports eth0bridge_fd 9bridge_maxage 12bridge_stp off
https://help.ubuntu.com/community/KVM/Networking
The FI-WARE Project – Base Platform for Future Service Infrastructures
Firewalling
INTERNETINTERNET6
Router-REDIRIS
Fiwat01(Router/FW)
VLAN209130.206.192.140/302001:720:400::1000:80/126
Eth0.209.142 :82
Br3:1130.206.80.1 130.206.81.1130.206.82.1 (4caast)2001:720:1514:80::12001:720:1514:4::12001:720:1514:5::12001:720:1514:6::12001:720:1514:7::12001:720:1514:8::12001:720:1514:11::1
IP rules (IPTables)Defined manually (or by scripts)We control all the traffic which enters
The FI-WARE Project – Base Platform for Future Service Infrastructures
Other tools
Backups
Maintenance (stap, stop VMs, hosts)
Sanity checks status
Check GEs status (in the catalogue)
The FI-WARE Project – Base Platform for Future Service Infrastructures
Current solution works but…
It requires a lot of support from testbed people• To deploy VMs
• To give access to Ips
The FI-WARE Project – Base Platform for Future Service Infrastructures
Next step: towards a Cloud Provider
The FI-WARE Project – Base Platform for Future Service Infrastructures
Openstack Capabilities
The FI-WARE Project – Base Platform for Future Service Infrastructures
Essex: Conceptual Architecture
http://docs.openstack.org/essex/openstack-compute/admin/content/overview-object-store-arch.html
The FI-WARE Project – Base Platform for Future Service Infrastructures
Logical Architecture
The FI-WARE Project – Base Platform for Future Service Infrastructures
Compute: Some concepts
Project (tenant)
Images and Instances
Flavours
Keypairs
Security Ports
Floating Ips
Ephemeral Storage/Volume Storage
The FI-WARE Project – Base Platform for Future Service Infrastructures
The FI-WARE Project – Base Platform for Future Service Infrastructures
Horizon
http://130.206.80.63
The FI-WARE Project – Base Platform for Future Service Infrastructures
Nova
nova-cert
nova-manager service list
nova-consoleauth
nova-scheduler
CONTROLER
nova-network
nova-volume
COMPUTE NODE
nova-compute
130.206.80.63130.206.80.7
The FI-WARE Project – Base Platform for Future Service Infrastructures
Deploying VMs with Openstack
Images in Glance• nova image-list
Flavours• nova flavor-list
Booting a image• nova boot myCentosServer --image "05ede472-2b54-4ca3-a600-b98d9645a07d" --
flavor 2
List• nova list
Info• nova show myCentosServer
Delete• nova delete myCentosServer
Start/Stop• nova pause/unpause
The FI-WARE Project – Base Platform for Future Service Infrastructures
VMs
Keypairs• nova keypair-add mykey > mykey.pem
Security group• nova secgroup-create test "test“
• nova secgroup-add-rule test tcp 22 22 0.0.0.0/0
Boot keypair and security ports• nova boot myCentosServer --image "05ede472-2b54-4ca3-a600-
b98d9645a07d" --flavor 2 --key_name mykey --security_groups test
Floating IPs• nova floating-ip-pool-list
• nova floating-ip-create fiprt1
• nova add-floating-ip myCentosServer 130.206.82.68
• nova floating-ip-list
The FI-WARE Project – Base Platform for Future Service Infrastructures
API
REST API…
http://docs.openstack.org/api/openstack-compute/2/content/API_Operations-d1e2068.html
http://api.openstack.org/api-ref.html
The FI-WARE Project – Base Platform for Future Service Infrastructures
Networking (nova-network)
Flat mode• There is a subnet specified
• Ips injected in the VM
• Static Ips
• Controller and computer should have the bridge
Flat DHCP mode• Openstack strats a DHCP server
• Dynamics Ips
• With Flat DHCP, the host(-s) running nova-network act as the gateway to the virtual nodes
VLAN Network mode
The FI-WARE Project – Base Platform for Future Service Infrastructures
# network specific settings--network_manager=nova.network.manager.FlatDHCPManager--public_interface=eth0--muti_host=True--flat_interface=eth0--flat_network_bridge=br100--fixed_range=172.30.5.0/24--floating_range=130.206.82.64/26--network_size=255--flat_network_dhcp_start=172.30.5.2--flat_injected=False--force_dhcp_release--iscsi_helper=tgtadm--connection_type=libvirt--root_helper=sudo nova-rootwrap--verbose
The FI-WARE Project – Base Platform for Future Service Infrastructures
Next steps
FIWARE Cloud components as part of the testbed• Service Manager
• PaaS Manager
• SDC
• …
Grizzly OpenStack version
Object storage for storing images
Network as a service with Quatum
Nagios for monitoring
Openstack maintenance tools (backups..)
Monitoring sanity checks
The FI-WARE Project – Base Platform for Future Service Infrastructures
Others…
The FI-WARE Project – Base Platform for Future Service Infrastructures
Testbed usage
Fiware Cloud
UCs Cloud
Open Innovation Lab Cloud
- The demo Fiware testbed (all enablers) managed by testbed team
- Enabler owner can deploy VM to instantiate their enablers for developing and testing
- UCs deploy VMS and instantiate enablers
- UCS access to the demo FIWARE testbed enablers
- Anyone can access to the Cloud to deploy VMS and isntantiate FIWARE enablers