|Main||Roadmap and Innovation||Technology||For Users||For Resource Providers||Media|
OpenNebula Resource Provider Deployment guide
A new Resource Provider using OpenNebula or OpenNebula-based CMF has to take the following steps to technically join the EGI Cloud Federation. There is only one prerequisite and that is fully functional OpenNebula installation capable of deploying, sustaining and shutting down virtual machines. There are no requirements for the underlying architecture. Resource Providers in question may choose the virtualization platform, network and storage configuration according to their preferences and needs. It is highly recommended to install OpenNebula v4.12.x where x denotes the latest security update and coordinate any future upgrades with other Task members to avoid infrastructure fragmentation. Resource providers installing OpenNebula from scratch should follow its step-by-step installation and configuration guides available online.
The technical integration with the EGI Cloud Federation consists of the following steps:
- Additional OpenNebula configuration
- rOCCI-server installation and configuration
- Integration with VO management service -- Perun
- Integration with accounting service -- APEL
- Integration with VM Image management service -- vmcaster/vmcatcher
- Integration with information system -- LDAP/BDII
- Registration of deployed services in GOCDB
Each of the above-mentioned steps is a requirement for every Resource Provider wishing to join the EGI Cloud Federation. Resource Providers are welcome to deploy and offer additional services such as object storage (CDMI) but this is not a requirement at this time. Detailed description of the listed steps is as follows.
Additional OpenNebula configuration
Integration with EGI Cloud Federation requires the use of X.509 authentication mechanism in communication with OpenNebula. Resource Providers are encouraged to follow the step-by-step configuration guide provided by OpenNebula developers available online. There is no need to change authentication driver for the oneadmin user or create any user accounts manually at this time.
rOCCI-server installation and configuration
The EGI Cloud Federation uses OCCI as its VM management protocol. It is necessary to install a fully compliant OCCI 1.1 server on top of RP’s existing OpenNebula installation. OpenNebula’s OCCI implementation is not compliant with the OCCI 1.1 specification. This functionality is provided by the rOCCI-server project. Detailed installation and configuration instructions are available online in the Task Wiki.
Integration with Perun
The current rOCCI-server implementation doesn’t handle user management and identity propagation hence integration with a third-party service is necessary. The Perun VO management server developed and maintained by CESNET is used to provide user management capabilities for OpenNebula Resource Providers. It uses locally installed scripts (fully under the control of the Resource Provider in question) to propagate changes in the user pool to all registered Resource Providers. They are required to install and configure (if need be) these scripts and report back to EGI Cloud Federation for registration in Perun. Installation and configuration details are available online in the Task’s repository on GitHub.
Integration with APEL
One of the required integration points is accounting. The EGI Cloud Federation employs the APEL framework with extended accounting records. Every Resource Provider is required to install the APEL SSM client and OpenNebula accounting script. Installation and configuration details are available online in EGI AppDB.
Integration with VM Image Management infrastructure
Resource Providers are required to integrate their OpenNebula with an image management service used within the federation. As with the previous cases, installation and configuration details are available online in the wiki. This service ensures that all images are trusted and up-to-date for all Resource Providers across the federation.
Integration with TopBDII
Details about services offered by the Resource Provider in question are advertised to the rest of the EGI Cloud Federation using an LDAP server -- BDII. Resource Providers are encouraged to follow instructions available online in the Wiki.
Registration in GOCDB
The procedure for registration of a resource provider within GOCDB is as per other types of resources within the EGI infrastructure.
- ↑ http://docs.opennebula.org/4.12/
- ↑ http://docs.opennebula.org/4.12/administration/authentication/x509_auth.html
- ↑ https://wiki.egi.eu/wiki/Fedcloud-tf:WorkGroups:_Federated_AAI:OpenNebula
- ↑ https://perun.metacentrum.cz/perun-gui-cert/
- ↑ https://github.com/EGI-FCTF/fctf-perun
- ↑ https://appdb.egi.eu/store/software/oneacct.export/releases/0.2.x/
- ↑ https://wiki.egi.eu/wiki/Fedcloud-tf:WorkGroups:Scenario8:Configuration#VMcatcher
- ↑ https://wiki.egi.eu/wiki/Fedclouds_BDII_instructions
- ↑ https://wiki.egi.eu/wiki/GOCDB/Input_System_User_Documentation