Single System Test Cloud

UPDATE: I’ve posted an easier way to do this. Check out my other post Single System Test Cloud, Take 2 for the instructions.

When first trying out Eucalyptus, the requirement of having two systems at a minimum can become a blocker. What if you only want to test out running a couple VMs? Well for that use case a system such as the ECC might be just fine. But what if you are looking to try out the installation process or see what a Cloud Administrator needs to deal with? For this, it would be nice if a single machine could be used for some basic testing and if those tests are good then more resources could be purchased for a more proper proof-of-concept configuration. My coworker Graziano tried this out by using two VMs in his blog Developer Cloud but that requires that your CPU allows for nested virtualization.

For a single system configuration the Eucalyptus Front-end (CLC, Walrus, CC, SC) will be installed in a VM on the bare metal host that will run the Eucalyptus NC. A private network subnet will be setup that only the bare metal system and the VM can use to communicate. Two bridges will be used for the communication between the front-end (VM) and the NC (bare metal).

First start off with a stock CentOS 6 installation on your bare metal system. Install and setup KVM and libvirtd. Also make sure that you have enough room for a VM to run a Eucalyptus front-end (50GB minimum) along with any instances that you might wish to run (50GB minimum).

To allow for us to use the MANAGED-NOVLAN networking mode we will be setting up two network bridges. One of these bridges will be our public network and the other will be our private network. The IP addresses and subnet should not be routed on the rest of the network. For example, if we were going to have the interface br0 use the IP address 172.16.1.7 with a netmask of 255.255.255.0 we would use the following configuration:

DEVICE=br0
TYPE=Bridge
ONBOOT=yes
DELAY=0
NETWORK=172.16.1.0
NETMASK=255.255.255.0
IPADDR=172.16.1.7

To make sure that the Eucalyptus VM has access to the Internet will need to make sure that we have a NAT setup. First add the following IPTables rules (Note: You may need to change the interfaces if you system is not setup in the same way):

/sbin/iptables -A FORWARD -i br0 -o em1 -j ACCEPT
/sbin/iptables -A FORWARD -i em1 -o br0 -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o em1 -j MASQUERADE

Next the bare metal system needs to forward packets. To do this edit /etc/sysctl.conf and make the following edit:

net.ipv4.ip_forward = 1

To make sure that we have a fully functioning cloud that we can use all of the available features with we need to shut off Zeroconf which causes issues with the metadata service of Eucalyptus. To do this add the following to /etc/syconfig/network

NOZEROCONF=true

Now restart networking and the Eucalyptus VM will now be able to access the Internet (that is if it is currently accessible by the other machines on your network).

service network restart

Now a CentOS 6 VM will need to be installed on the bare metal system. When setting up the VM both of the bridges will be used as interfaces for the VM. The defaults of the installer will work. You will want to use a static address for the networking. Below is an example libvirt XML file:

<domain type='kvm'>
  <name>frontend</name>
  <memory unit="GiB">2</memory>
  <description>Front End</description>
  <cpu match='exact'>
    <model>core2duo</model>
    <feature policy='require' name='vmx'/>
  </cpu>
  <os>
    <type arch="x86_64">hvm</type>
    <boot dev='hd'/> 
  </os>
  <features>
    <acpi/>
  </features>
  <clock sync="localtime"/>
  <devices>
    <emulator>/usr/libexec/qemu-kvm</emulator>
    <disk type='file' device='disk'>
      <source file='/media/extra/frontend.img'/>
      <target dev='vda' bus='virtio'/>
    </disk>
    <disk type='file' device='cdrom'>
      <source file='/media/extra/CentOS-6.3-x86_64-minimal.iso'/>
      <target dev='hdc'/>
    </disk>
    <interface type='bridge'>
      <source bridge="br0"/>
      <mac address='00:16:3e:21:52:45'/>
      <model type='virtio'/>
    </interface>
    <interface type='bridge'>
      <source bridge="br1"/>
      <mac address='00:16:3e:21:52:46'/>
      <model type='virtio'/>
    </interface>
    <serial type='pty'>
      <target port='0'/>
    </serial>
    <console type='pty'>
      <target type='serial' port='0'/>
    </console>
    <graphics type='vnc' port='-1'/>
  </devices>
</domain>

Note: You may need to change the MAC addresses above if these two already exist on your network. Using MAC addresses from the 00:16:3e:XX:XX:XX pool will be a safe bet as these are registered to be used by VMs. This blog post here has some more information if you are interested.

After the VM’s OS is installed, follow the Eucalyptus Installation Guide to install all components (CLC, CC, SC, Walrus) on the VM. Install the Eucalyptus NC on the bare metal system.

When Eucalyptus is setup and running on the VM add the following IPtables rules to make sure that you are able to access the API and WebUI from the bare metal host.

iptables -t nat -I PREROUTING 1 -p tcp -i em1 --dport 8443 -j DNAT --to-destination **VM_IP**:8443
iptables -t nat -I PREROUTING 1 -p tcp -i em1 --dport 8773 -j DNAT --to-destination **VM_IP**:8773

Now a fully functioning cloud should be setup and ready for you to try out.