The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
Difference between revisions of "HOWTO11 How to use the rOCCI Client"
Jump to navigation
Jump to search
| Line 4: | Line 4: | ||
= How to use The rOCCI Client = | = How to use The rOCCI Client = | ||
The OCCI gem includes a client you can use directly from shell with the following auth methods: x509 (with --password, --user-cred and --ca-path), basic (with --username and --password), digest (with --username and --password), none. If you won't set a password using --password, the client will ask for it later on. | The OCCI gem includes a client you can use directly from shell with the following auth methods: x509 (with --password, --user-cred and --ca-path), basic (with --username and --password), digest (with --username and --password), none. If you won't set a password using --password, the client will ask for it later on. | ||
== How to install rOCCI Client == | == How to install rOCCI Client == | ||
| Line 85: | Line 50: | ||
ln -s /opt/occi-cli/bin/occi /usr/bin/occi | ln -s /opt/occi-cli/bin/occi /usr/bin/occi | ||
</pre> | |||
== How to create a VOMS fedcloud.egi.eu proxy == | |||
In order to use the Federated Cloud, you will need to create a fedcloud.egi.eu VO proxy. The [[Federated_Cloud_user_support#How_to_use_the_FedCloud.3F|Federates Cloud User support page]] includes information on how to get a certificate if you don't have one and how to join this VO. | |||
You will also need to install and configure a VOMS client, follow [http://italiangrid.github.io/voms/documentation/voms-clients-guide VOMS documentation] to install the software. Below you can find specific setup instructions for fedcloud.egi.eu: | |||
<pre> | |||
# mkdir -p /etc/grid-security/vomsdir/fedcloud.egi.eu | |||
# cd /etc/grid-security/vomsdir/fedcloud.egi.eu | |||
# cat >voms1.egee.cesnet.cz.lsc <<EOF | |||
/DC=org/DC=terena/DC=tcs/OU=Domain Control Validated/CN=voms1.egee.cesnet.cz | |||
/C=NL/O=TERENA/CN=TERENA eScience SSL CA | |||
EOF | |||
# cat >voms2.grid.cesnet.cz <<EOF | |||
/DC=org/DC=terena/DC=tcs/OU=Domain Control Validated/CN=voms2.grid.cesnet.cz | |||
/C=NL/O=TERENA/CN=TERENA eScience SSL CA | |||
EOF | |||
# cd /etc | |||
# cat >>vomses <<EOF | |||
"fedcloud.egi.eu" "voms1.egee.cesnet.cz" "15002" "/DC=org/DC=terena/DC=tcs/OU=Domain Control Validated/CN=voms1.egee.cesnet.cz" "fedcloud.egi.eu" "24" | |||
"fedcloud.egi.eu" "voms2.grid.cesnet.cz" "15002" "/DC=org/DC=terena/DC=tcs/OU=Domain Control Validated/CN=voms2.grid.cesnet.cz" "fedcloud.egi.eu" "24" | |||
EOF | |||
</pre> | |||
Finally you can create a proxy with <code>voms-proxy-init</code> as follows, be sure to include the <code>--rfc</code> option: | |||
<pre> | |||
$ voms-proxy-init -voms fedcloud.egi.eu --rfc | |||
Enter GRID pass phrase for this identity: | |||
Created proxy in /tmp/x509up_u501. | |||
Your proxy is valid until Thu Apr 04 04:02:38 CEST 2013 | |||
</pre> | </pre> | ||
Revision as of 17:18, 11 May 2015
| Main | EGI.eu operations services | Support | Documentation | Tools | Activities | Performance | Technology | Catch-all Services | Resource Allocation | Security |
| Documentation menu: | Home • | Manuals • | Procedures • | Training • | Other • | Contact ► | For: | VO managers • | Administrators |
How to use The rOCCI Client
The OCCI gem includes a client you can use directly from shell with the following auth methods: x509 (with --password, --user-cred and --ca-path), basic (with --username and --password), digest (with --username and --password), none. If you won't set a password using --password, the client will ask for it later on.
How to install rOCCI Client
rOCCI github page includes installation instructions for different OS. Packages are also available from AppDB rOCCI CLI entry, below you can find detailed instructions for several Linux distributions:
Ubuntu 12.04 LTS
sudo -s wget -O /etc/apt/sources.list.d/occi-cli-ubuntu-precise-amd64.list http://repository.egi.eu/community/software/rocci.cli/4.3.x/releases/repofiles/ubuntu-precise-amd64.list wget -qO - http://repository.egi.eu/community/keys/APPDBCOMM-DEB-PGP-KEY.asc | apt-key add - apt-get update apt-get -y install occi-cli ln -s /opt/occi-cli/bin/occi /usr/bin/occi
Debian 6
sudo -s wget -O /etc/apt/sources.list.d/occi-cli-debian-squeeze-amd64.list http://repository.egi.eu/community/software/rocci.cli/4.3.x/releases/repofiles/debian-squeeze-amd64.list wget -qO - http://repository.egi.eu/community/keys/APPDBCOMM-DEB-PGP-KEY.asc | apt-key add - apt-get update apt-get -y install occi-cli ln -s /opt/occi-cli/bin/occi /usr/bin/occi
Debian 7
sudo -s wget -O /etc/apt/sources.list.d/occi-cli-debian-wheezy-amd64.list http://repository.egi.eu/community/software/rocci.cli/4.3.x/releases/repofiles/debian-wheezy-amd64.list wget -qO - http://repository.egi.eu/community/keys/APPDBCOMM-DEB-PGP-KEY.asc | apt-key add - apt-get update apt-get -y install occi-cli ln -s /opt/occi-cli/bin/occi /usr/bin/occi
RedHat 6 or SL6
sudo -s wget -O /etc/yum.repos.d/rocci-cli.repo http://repository.egi.eu/community/software/rocci.cli/4.3.x/releases/repofiles/sl-6-x86_64.repo yum install -y occi-cli ln -s /opt/occi-cli/bin/occi /usr/bin/occi
How to create a VOMS fedcloud.egi.eu proxy
In order to use the Federated Cloud, you will need to create a fedcloud.egi.eu VO proxy. The Federates Cloud User support page includes information on how to get a certificate if you don't have one and how to join this VO.
You will also need to install and configure a VOMS client, follow VOMS documentation to install the software. Below you can find specific setup instructions for fedcloud.egi.eu:
# mkdir -p /etc/grid-security/vomsdir/fedcloud.egi.eu # cd /etc/grid-security/vomsdir/fedcloud.egi.eu # cat >voms1.egee.cesnet.cz.lsc <<EOF /DC=org/DC=terena/DC=tcs/OU=Domain Control Validated/CN=voms1.egee.cesnet.cz /C=NL/O=TERENA/CN=TERENA eScience SSL CA EOF # cat >voms2.grid.cesnet.cz <<EOF /DC=org/DC=terena/DC=tcs/OU=Domain Control Validated/CN=voms2.grid.cesnet.cz /C=NL/O=TERENA/CN=TERENA eScience SSL CA EOF # cd /etc # cat >>vomses <<EOF "fedcloud.egi.eu" "voms1.egee.cesnet.cz" "15002" "/DC=org/DC=terena/DC=tcs/OU=Domain Control Validated/CN=voms1.egee.cesnet.cz" "fedcloud.egi.eu" "24" "fedcloud.egi.eu" "voms2.grid.cesnet.cz" "15002" "/DC=org/DC=terena/DC=tcs/OU=Domain Control Validated/CN=voms2.grid.cesnet.cz" "fedcloud.egi.eu" "24" EOF
Finally you can create a proxy with voms-proxy-init as follows, be sure to include the --rfc option:
$ voms-proxy-init -voms fedcloud.egi.eu --rfc Enter GRID pass phrase for this identity: Created proxy in /tmp/x509up_u501. Your proxy is valid until Thu Apr 04 04:02:38 CEST 2013
How to find out more about available options and defaults use
occi --help
How to create a proxy with VOMS extension
$ voms-proxy-init --voms fedcloud.egi.eu --rfc --dont_verify_ac Enter GRID pass phrase for this identity: Contacting voms1.egee.cesnet.cz:15002 [/DC=org/DC=terena/DC=tcs/C=CZ/O=CESNET/CN=voms1.egee.cesnet.cz] "fedcloud.egi.eu"... Remote VOMS server contacted succesfully. Created proxy in /tmp/x509up_u504. Your proxy is valid until Sat Jun 14 01:09:06 CEST 2014
How to list the compute resources available in a site
$ occi --endpoint https://prisma-cloud.ba.infn.it:8787/ --action list --resource os_tpl --auth x509 --user-cred /tmp/x509up_u504 --voms http://schemas.openstack.org/template/os#72ada03a-5694-4a79-8e7e-069516a31a59 http://schemas.openstack.org/template/os#d5b97735-747f-4f08-ab0b-1f84fe417714 http://schemas.openstack.org/template/os#ec4bb03e-d6df-4964-a490-ae0ef57536e7 http://schemas.openstack.org/template/os#d07a5f26-5f2e-453f-98f2-d0a8784ae980 http://schemas.openstack.org/template/os#f92e0a8b-1f34-424b-8682-1ba93799072d http://schemas.openstack.org/template/os#39f2bed2-5a4f-419e-b4fb-33832e47d5af http://schemas.openstack.org/template/os#f835d4a5-cb08-4350-b60e-3fdd0dc703a4 http://schemas.openstack.org/template/os#c0a2f9e0-081a-419c-b9a5-8cb03b1decb5 http://schemas.openstack.org/template/os#02f8cd09-7c79-4b3a-923a-51cd16496a6f http://schemas.openstack.org/template/os#5364f77a-e1cb-4a6c-862e-96dc79c4ef67 http://schemas.openstack.org/template/os#7cfba655-f692-406f-a659-79b0224290cc http://schemas.openstack.org/template/os#ff718bea-602b-4f13-91d2-58d134c45476 http://schemas.openstack.org/template/os#7664db29-e51f-4ab8-b4e7-3adfccee3150
How to get the description of a compute resource
$ occi --endpoint https://prisma-cloud.ba.infn.it:8787/ --action describe --resource os_tpl#72ada03a-5694-4a79-8e7e-069516a31a59 --auth x509 --user-cred /tmp/x509up_u504 --voms ######################################################################################################################################################################################################## [[ http://schemas.openstack.org/template/os#72ada03a-5694-4a79-8e7e-069516a31a59 ]] title: Image: Ubuntu-14.04-amd64 term: 72ada03a-5694-4a79-8e7e-069516a31a59 location: /72ada03a-5694-4a79-8e7e-069516a31a59/ ########################################################################################################################################################################################################
How to get the list of available resource templates
$ occi --endpoint https://prisma-cloud.ba.infn.it:8787/ --action list --resource resource_tpl --auth x509 --user-cred /tmp/x509up_u504 --voms http://schemas.openstack.org/template/resource#1cpu-1gb-10dsk http://schemas.openstack.org/template/resource#m1-xlarge http://schemas.openstack.org/template/resource#2cpu-4gb-20dsk http://schemas.openstack.org/template/resource#2cpu-4gb-50dsk http://schemas.openstack.org/template/resource#16cpu-32gb-40dsk http://schemas.openstack.org/template/resource#8cpu-8gb-30dsk http://schemas.openstack.org/template/resource#16cpu-32gb-10dsk http://schemas.openstack.org/template/resource#m1-large http://schemas.openstack.org/template/resource#16cpu-32gb-20dsk http://schemas.openstack.org/template/resource#1cpu-1gb-20dsk http://schemas.openstack.org/template/resource#1cpu-4gb-10dsk http://schemas.openstack.org/template/resource#8cpu-16gb-20dsk http://schemas.openstack.org/template/resource#16cpu-32gb-60dsk http://schemas.openstack.org/template/resource#8cpu-32gb-20dsk http://schemas.openstack.org/template/resource#4cpu-8gb-20dsk http://schemas.openstack.org/template/resource#m1-tiny http://schemas.openstack.org/template/resource#16cpu-16gb-10dsk http://schemas.openstack.org/template/resource#8cpu-8gb-20dsk http://schemas.openstack.org/template/resource#medium http://schemas.openstack.org/template/resource#16cpu-32gb-80dsk http://schemas.openstack.org/template/resource#1cpu-2gb-50-dsk http://schemas.openstack.org/template/resource#8cpu-8gb-50dsk http://schemas.openstack.org/template/resource#extra_large http://schemas.openstack.org/template/resource#m1-small http://schemas.openstack.org/template/resource#8cpu-16gb-10dsk http://schemas.openstack.org/template/resource#small http://schemas.openstack.org/template/resource#4cpu-8gb-50dsk http://schemas.openstack.org/template/resource#large http://schemas.openstack.org/template/resource#4cpu-8gb-40dsk http://schemas.openstack.org/template/resource#1cpu-512mb-25dsk http://schemas.openstack.org/template/resource#4cpu-8gb-10dsk http://schemas.openstack.org/template/resource#2cpu-2gb-10dsk http://schemas.openstack.org/template/resource#8cpu-16gb-40dsk http://schemas.openstack.org/template/resource#8cpu-8gb-10dsk http://schemas.openstack.org/template/resource#m1-medium
How to get the description of a resource template
$ occi --endpoint https://prisma-cloud.ba.infn.it:8787/ --action describe --resource resource_tpl#2cpu-4gb-20dsk --auth x509 --user-cred /tmp/x509up_u504 --voms ######################################################################################################################################################################################################## [[ http://schemas.openstack.org/template/resource#2cpu-4gb-20dsk ]] title: Flavor: 2cpu-4GB-20dsk term: 2cpu-4gb-20dsk location: /2cpu-4gb-20dsk/ ########################################################################################################################################################################################################
How to create a key pair to access the VMs via SSH
In order to login into the server, you need to have a set of SSH keys. To generate a set of authentication keys, in a Linux machine, you can run
ssh-keygen -t rsa -b 2048 -f tmpfedcloud
You can use the contextualisation to configure VMs with your SSH key.
A basic contextualization script is needed to configure your access credentials into the server. You can use the following commands to create the script
cat > tmpfedcloud.login << EOF
#cloud-config
users:
- name: cloudadm
sudo: ALL=(ALL) NOPASSWD:ALL
lock-passwd: true
ssh-import-id: cloudadm
ssh-authorized-keys:
- `cat tmpfedcloud.pub`
EOF
How to create a compute resource with mixins use
$ occi --endpoint https://prisma-cloud.ba.infn.it:8787/ --action create --resource compute --attribute occi.core.title="MyFirstVM" --mixin os_tpl#72ada03a-5694-4a79-8e7e-069516a31a59 --mixin resource_tpl#2cpu-4gb-20dsk --context user_data="file://$PWD/tmpfedcloud.login" --auth x509 --user-cred /tmp/x509up_u504 --voms https://prisma-cloud.ba.infn.it:8787/compute/86ae3606-d753-4421-b415-e697b1670879
How to get the description of a compute resource
$ occi --endpoint https://prisma-cloud.ba.infn.it:8787 --action describe --resource https://prisma-cloud.ba.infn.it:8787/compute/86ae3606-d753-4421-b415-e697b1670879 --voms --auth x509 --user-cred /tmp/x509up_u504
########################################################################################################################################################################################################
[[ http://schemas.ogf.org/occi/infrastructure#compute ]]
>> location: /compute/86ae3606-d753-4421-b415-e697b1670879
occi.core.id = 86ae3606-d753-4421-b415-e697b1670879
occi.compute.architecture = x86
occi.compute.cores = 2
occi.compute.hostname = myfirstvm
occi.compute.memory = 4.0
occi.compute.speed = 0.0
occi.compute.state = active
org.openstack.compute.console.vnc = http://prisma-cloud.ba.infn.it:6080/vnc_auto.html?token=c495f33c-3eb4-4558-9eba-4608ae152080
org.openstack.compute.state = active
Links:
[[ http://schemas.ogf.org/occi/infrastructure#networkinterface ]]
>> location: /network/interface/18047596-098d-4ce4-af75-ca7f908fbc09
occi.networkinterface.gateway = 90.147.102.1
occi.networkinterface.mac = fa:16:3e:c9:b1:a0
occi.networkinterface.interface = eth0
occi.networkinterface.state = active
occi.networkinterface.allocation = static
occi.networkinterface.address = 90.147.102.223
occi.core.source = /compute/86ae3606-d753-4421-b415-e697b1670879
occi.core.target = /network/admin
occi.core.id = /network/interface/18047596-098d-4ce4-af75-ca7f908fbc09
Mixins:
[[ http://schemas.openstack.org/compute/instance#os_vms ]]
title:
term: os_vms
location: /os_vms/
[[ http://schemas.openstack.org/template/os#72ada03a-5694-4a79-8e7e-069516a31a59 ]]
title: Image: Ubuntu-14.04-amd64
term: 72ada03a-5694-4a79-8e7e-069516a31a59
location: /72ada03a-5694-4a79-8e7e-069516a31a59/
Actions:
[[ http://schemas.ogf.org/occi/infrastructure/compute/action#stop ]]
[[ http://schemas.ogf.org/occi/infrastructure/compute/action#suspend ]]
[[ http://schemas.ogf.org/occi/infrastructure/compute/action#restart ]]
########################################################################################################################################################################################################
How to attach a public ip address to a compute resource
Some sites do not automatically assign a public IP address to a VM during the creation phase. In this case, you could need to attach it to the VM after the creation.
occi --endpoint <site_endpoint> --action link --resource <vm_id> --link /network/public --auth x509 --user-cred <path_to_your_proxy> --voms
How to access the compute resource through SSH
$ ssh -i tmpfedcloud cloudadm@90.147.102.223
The authenticity of host '90.147.102.223 (90.147.102.223)' can't be established.
RSA key fingerprint is 31:76:97:09:d1:6b:3f:c0:21:02:36:9e:63:b5:f6:06.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '90.147.102.223' (RSA) to the list of known hosts.
Enter passphrase for key 'tmpfedcloud':
Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.13.0-24-generic x86_64)
* Documentation: https://help.ubuntu.com/
System information as of Fri Jun 13 11:19:46 UTC 2014
System load: 0.08 Processes: 79
Usage of /: 55.4% of 1.32GB Users logged in: 0
Memory usage: 2% IP address for eth0: 90.147.102.223
Swap usage: 0%
Graph this data and manage this system at:
https://landscape.canonical.com/
Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud
0 packages can be updated.
0 updates are security updates.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
$
How to delete the compute resource
$ occi --endpoint https://prisma-cloud.ba.infn.it:8787/ --action delete --resource https://prisma-cloud.ba.infn.it:8787/compute/86ae3606-d753-4421-b415-e697b1670879 --auth x509 --user-cred /tmp/x509up_u504 --voms
References
For more information, please, visit the rOCCI client GitHub repository