Shulou(Shulou.com)06/01 Report--

This article mainly shows you "how to use CloudStack to configure and manage cloud environment", the content is easy to understand, clear, hope to help you solve your doubts, let the editor lead you to study and learn "how to use CloudStack to configure and manage cloud environment" this article.

CloudStack, formerly a commercial product of cloud.com, was acquired by Ctrix for more than $200m in 2011 and then donated to the Apache Foundation this year. The move to open source this product has caused some controversy in the market about the development path of IaaS, such as its competition and cooperation with another open source product, OpenStack.

OpenStack, an IaaS developed by Rackspace and NASA, has a larger user base, including large companies such as HP,IBM,Dell and Redhat. Table 1 lists some comparisons between CloudStack and OpenStack.

Table 1.CloudStack and OpenStack comparison

Attachment: as of mid-2012, the corresponding software versions are CloudStack 3 and OpenStack Essex.

It can be considered that the two IaaS platforms, CloudStack and OpenStack, have different functions, customers and development routes in the market. the former, as a former commercial software, has been proved to be reliable for production systems, while the latter, although it lacks a wide range of real users, has more support from large companies. This is the remarkable difference between them.

However, technically speaking, the source code contributors behind them are not necessarily different, and developers from the same company often submit code for the two open source projects. From this point of view, the merger of the two platforms one day will not be surprising.

There are many other IaaS products (such as Eucalyptus,Nebula, etc.), which can be found in the references at the end of this article. Overall, CloudStack and OpenStack are the most similar and controversial of these products, and an article in Resources mentions an interesting debate that has occurred recently.

CloudStack architecture diagram

CloudStack uses a typical hierarchical structure: the client, the core engine, and the resource layer. It provides different access methods for different types of customers: Web Console, Command Shell and Web Service API. Through them, users can manage and use the underlying computing resources (divided into host, network and storage) to complete functions such as allocating virtual machines on the host, allocating virtual disks and so on. See figure 1.

Figure 1. System architecture diagram

If the virtual machine uses Xen and KVM, CloudStack Agent needs to be installed to support its interaction with the management server. On the other hand, the interaction between the management server and Xen Server depends on XAPI, and the interaction with vCenter and ESX depends on HTTP.

When deploying CloudStack, you need to understand its hierarchy and storage management, as shown in figure 2.

Figure 2. Deployment diagram

Zone:Zone corresponds to a real data center, which is the largest unit in CloudStack.

The Pod:Pod corresponds to a rack. Machines in the same pod are in the same subnet (network segment).

Cluster:Cluster is a cluster of hosts. Hosts in the same cluster have the same hardware, the same Hypervisor, and share the same storage. Virtual machines in the same cluster can be migrated from one host to another without interruption.

Host:Host is the host running the virtual machine (VM).

That is, in terms of inclusion relationship, a zone contains multiple pod, a pod contains multiple cluster, and a cluster contains multiple host.

There are two types of storage in CloudStack:

Primary storage: primary storage is associated with cluster and provides disk volumes for all virtual machines of hosts in that cluster. An cluster has at least one primary storage and is deployed close to the host to provide high performance.

Secondary storage: secondary storage is associated with zone, which stores template files, ISO images, and disk volume snapshots.

Template: you can start the operating system image of the virtual machine and include other configuration information such as installed applications.

ISO image: a disk image that contains operating system data or boot media.

Disk volume snapshot: a saved copy of virtual machine data that can be used for data recovery or for creating new templates.

Install CloudStack

Environmental preparation

A complete CloudStack environment consists of two parts:

Management Server (Management Server)

Virtual Machine Manager (Hypervisor)

PS: there is usually another name for the hypervisor of CloudStack, such as host (host), agent (agent), etc. This article is unified as hypervisor.

In the installation steps in this article, what you want to configure is a simple network, that is, all managed virtual machines are located in one network segment. The corresponding hardware is as follows:

Table 2. Software and hardware environment

The version of CloudStack in this installation is: Red Hat Enterprise Linux/CentOS 6.2

Hypervisor is KVM.

The management server needs more storage space because NFS is also built on it. For more detailed installation requirements, please refer to the guide on CloudStack's official website. The questions that need to be highlighted here are:

Q1: which hardware and software factors in the installation requirements of the official website can easily lead to the failure of CloudStack installation?

The host where Hypervisor is located requires CPU and motherboard to support hardware virtualization (my machine is a DELL desktop computer, and you need to set Intel-VT to enable in the BIOS of the motherboard).

The operating system must be 64-bit, and centos 6.2 is recommended (currently the latest CloudStack 3 supports 6.2). If you are using version 5. 5 or 6. 0, be sure to choose a matching CloudStack installation package. Ubuntu currently has only a distribution running on the 10.04 platform, and the release is not the latest CloudStack. It is strongly recommended that new users choose the same operating system (recommended centos/redhat) and the same version of CloudStack software for both Managment Server and Hypervisor hosts, and note that OS must be claimed to be supported by the official release, so as to avoid many detours. For example, there are people who can successfully deploy CloudStack on Ubuntu 12.04 or centos 6.3 (official support has not been announced in September 2012), but with a lot of effort.

The host of Hypervisor cannot have any running virtual machines, or you will encounter failures in subsequent add host operations. The best recommendation is that the operating system on the hypervisor host is freshly installed and that no remaining virtual machines are deployed.

Whether it is the management server or the host where the hypervisor resides, you need to log in with root for CloudStack installation.

Management Server and Hypervisor hosts must be hosts with separate static IP. Otherwise, the subsequent installation will cause abnormal IP status due to the change of service address.

After CentOS is installed, the default network configuration is DHCP, which needs to be modified to manually assign IP. This should be done on both cloud-server and cloud-agent machines:

Click the network icon in the upper right corner of the desktop to edit the network:

Figure 3

Method was originally "DHCP", changed to "Manual", and then enter static IP address, mask, gateway, DNS server information.

Figure 4

Install Management Server

Log in to cloud-server.squirrel.org as root.

Run "hostname-fqdn" to check that the format returned must include the full name of the domain name (for example, cloud-server.squirrel.org). Hostname is best set up when you install centos, otherwise you need to modify it in both / etc/hosts and / etc/sysconfig/network files to take effect permanently.

Set up the SELinux. Change "SELINUX=enforcing" to "SELINUX=permissive" in / etc/selinux/config and run "setenforce permissive" in shell to take effect immediately.

Go to the downloaded and unzipped CloudStack installation directory (/ home/squirrel/mybox/cloud/CloudStack-oss-3.0.2-1-rhel6.2 here), run the command ". / install.sh", and select "M" to install the Management Server software.

Run the following command to start the NFS and rpcbind services, and set them to boot:

# service rpcbind start # service nfs start # chkconfig nfs on # chkconfig rpcbind on

Run the command ". / install.sh" again and select "D" to install the database mysql.

Edit / etc/my.cnf, and add something under [mysqld]:

Innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections=350 log-bin=mysql-bin binlog-format = 'ROW'

After restarting the database, set the root user password.

# service mysqld restart # mysql-u root mysql > SET PASSWORDPASSWORD = PASSWORD (''); mysql > exit

Run the CloudStack script to automatically configure the database:

# cloud-setup-databases cloud:@localhost\-- deploy-as=root:

This means to generate the database as the root user, which belongs to the newly created cloud user (the password dbpassword can be left blank).

Finally, the following command completes the settings for the operating systems iptables and sudoers (CloudStack itself has security requirements and is not infinitely exposed to the network, but also requires some administrative permissions to run its own services, so you need to set these two), and start the management server:

# cloud-setup-management

Use "service cloud-management status" to view the running status.

Q2: when you run the "hostname-fqdn" command in step 2, make sure that the machine is in a networked state before you can return the correct host name.

Q3: if you plan to install hypervisor on the same host of management server later, you need to configure the corresponding information in / etc/sysconfig/network-scripts/ifcfg-.

At the same time, if the hypervisor is KVM, you need to modify / etc/sudoers by adding the following line:

Defaults:cloud! requiretty

Configure NFS

As mentioned earlier, CloudStack needs two types of storage (primary storage and secondary storage) to support its cluster and host, which are provided by NFS in this section, so start the NFS service in the previous steps. At the same time, for convenience's sake, NFS Server is also served by cloud-server.squirrel.org.

Log in to cloud-server.squirrel.org as root.

Create two directories as primary and secondary storage:

# mkdir-p / export/primary # mkdir-p / export/secondary

Edit the file / etc/exports and add:

/ export * (rw,async,no_root_squash)

Then export the / export directory:

# exportfs-a

Edit the / etc/sysconfig/nfs file and uncomment the following lines (or add the following lines directly at the end of the file):

LOCKD_TCPPORT=32803 LOCKD_UDPPORT=32769 MOUNTD_PORT=892 RQUOTAD_PORT=875 STATD_PORT=662 STATD_OUTGOING_PORT=2020

Edit the firewall settings file / etc/sysconfig/iptables and add the following rules at the top of the input section:

-An INPUT-m state-- state NEW-p udp-- dport 111j ACCEPT-An INPUT-m state-- state NEW-p tcp-- dport 111j ACCEPT-An INPUT-m state-- state NEW-p tcp-- dport 2049-j ACCEPT-An INPUT-m state-- state NEW-p tcp-- dport 32803-j ACCEPT-An INPUT-m state-state NEW-p udp-dport 32769-j ACCEPT-An INPUT-m state-state NEW-p tcp-dport 892-j ACCEPT -An INPUT-m state-- state NEW-p udp-- dport 892-j ACCEPT-An INPUT-m state-- state NEW-p tcp-- dport 875-j ACCEPT-An INPUT-m state-- state NEW-p udp-- dport 875-j ACCEPT-An INPUT-m state-- state NEW-p tcp-- dport 662j ACCEPT-An INPUT-m state-state NEW-p udp-dport 662-j ACCEPT

Restart the firewall and save the changes:

# service iptables restart # service iptables save

On the management server (cloud-server.squirrel.org) and hypervisor host (cloud-agent.squirrel.org), modify the file / etc/idmapd.conf by adding the following:

Domain = squirrel.org

Restart the host of the management server, and then test and mount the NFS. Create a directory / primarymount on the cloud-agent.squirrel.org machine, run the following command and verify that it is successful:

Mount-t nfs 192.168.1.4:/export/primary / primarymount

Q4: if the KVM hypervisor machine runs the showmount command using hostname, such as "showmount-e cloud-server.squirrel.org", and fails with an error of "clnt_create: RPC: Program not registered", try using IP instead of "showmount-e 192.168.1.4". Or edit the native / etc/hosts to join the IP- hostname mapping of the other server (but lose flexibility):

192.168.1.4 cloud-server.squirrel.org

Q5: the order of the newly added rules in the firewall configuration file in step 5 is important for the success of NFS share. Be sure to join the first part of the INPUT area, that is, the original input entry in the system must be after the newly added line, otherwise it may appear when running showmount-e 192.168.1.4

Clnt_create: RPC: Port mapper failure-Unable to receive: errno 113 (No route to host) error.

Q6: how to deal with the error mount.nfs: access denied by server while mounting 192.168.1.4:/export/primary?

Sometimes when running "showmount-e cloud-server.squirrel.org" there is a "clnt_create: RPC: Port mapper failure-Unable to receive: errno 111 (Connection refused)" error message, and then mount nfs fails, there will be an error message on the title, which may be related to the way NFS is established, and sometimes it has something to do with firewalls. Need to check log:

Tail-200 / var/log/messages refused mount request from 192.168.1.5 for / export/primary (/ export): illegal port 1024

Then consider trying the following methods:

Vi / etc/exports

Modify the original line as follows:

/ export * (rw,async,insecure,no_root_squash)

Then:

Exportfs-rv service nfs restart

Rerun the command on cloud-agent.squirrel.org:

Mount-t nfs 192.168.1.4:/export/primary / primarymount

There is no hint, it should be successful, you can confirm:

Mount | grep primary OK!

Prepare the system virtual machine template

The system virtual machine template (System VM Template) is stored on secondary storage and is used to create system virtual machines on the cloud platform.

Log in to cloud-server.squirrel.org as root.

Download the KVM template here, and run the following command to install it:

# / usr/lib64/cloud/agent/scripts/storage/secondary/cloud-install-sys-tmplt-m / export/secondary-u http://download.cloud.com/templates/acton/acton-systemvm-02062012.qcow2.bz2-h kvm-F

Depending on the speed of the network, this process takes from a few minutes to a few hours (the author's download speed is shown on 2M~3M/s, and it takes about three minutes to complete the download and installation).

Q7: here are two points to note:

The disk partition must be large enough.

Do not omit the download and installation of the virtual machine template, otherwise you will fail to add secondary storage to the console later.

The system virtual machine is different from the virtual machine on the ordinary hypervisor host, it is the vm that the CloudStack comes with to complete some tasks related to its own system. There are two kinds of it:

Secondary storage virtual machine (Secondary Storage VM): download upload template, download image, copy template from secondary storage to primary storage and automatically create snapshots when creating a virtual machine for the first time.

Console proxy virtual machine (Console Proxy VM): used to display the console on the web interface.

It should be noted that the virtual machine of the system is a Debian 32-bit operating system, and CloudStack administrators can log in using SSH. At the same time, you can view them in the / var/lib/libvirt/images of the host, as shown in figure 5:

Figure 5. View the installed VMs

Install KVM Hypervisor

Log in to the hypervisor host cloud-agent.squirrel.org as root.

Make sure that the hostname is complete with a domain name, and modify it in the same way as in step 1 of managing the server.

Run "yum erase qemu-kvm" to delete the qemu-kvm that comes with OS.

Enter the downloaded and unzipped CloudStack installation directory, run the command ". / install.sh", and select "A" to install agent.

After the installation is complete, run the following command to start the nfs and rpcbind services and set them to boot:

# service rpcbind start # service nfs start # chkconfig nfs on # chkconfig rpcbind on

Q8: how to deal with the failure of CloudStack Agent startup because there is no enable VT?

Check the log:/var/log/cloud/agent/ carefully. If the startup failure is caused by the fact that BIOS's VT is not open, you need to reinstall agent after turning on VT support. Run the command:

# service cloud-agent status

If it is displayed:

Cloud-agent (pid 4188) is running...

It means that it has been run successfully.

Install NTP, time synchronization

Run "yum install ntp" to install the NTP service.

Edit the configuration file / etc/ntp.conf and join the following servers:

Server 0.xenserver.pool.ntp.org server 1.xenserver.pool.ntp.org server 2.xenserver.pool.ntp.org server 3.xenserver.pool.ntp.org

Restart NTP and set it to boot and run automatically:

# service ntpd restart # chkconfig ntpd on

Configuring Virtualization Resources in Management Console

After the above management server and hypervisor are installed, you can log in to the UI console of CloudStack to configure and deploy the resources.

Compared with several competitors, such as Eucalyptus's compatibility with AWS from the beginning and OpenStack's system architecture design for loosely coupled components, one of the features of CloudStack is that it has the most friendly user interface, that is, the control console.

First open the browser and log in to URL:

Http://192.168.1.4:8080/client username / password: admin/password

Select "Continue with basic installation" and then change the CloudStack administrator password.

Figure 6. Add zone

Figure 7. Add pod

Figure 8. Add client network

Figure 9. Add cluster

Figure 10. Add host

Figure 11. Add primary storage

Figure 12. Add secondary storage

Finally, click "Launch" to start the CloudStack cloud platform and start initialization.

Figure 13. Initializing

Until a success message appears. With such a simple cloud environment built, we can then perform the task of managing computing resources on this console. The following two pictures show the console display interface.

Figure 14.Overview

Figure 15.Infrastructure

Q9: sometimes for various reasons, such as some data is misconfigured in the console and needs to be reinitialized, you can delete the CloudStack database as follows:

Under the command line:

Mysql-u root mysql > drop database cloud; drop database cloud_usage; # cloud-setup-databases cloud:@localhost-- deploy-as=root: # cloud-setup-management

Then repeat the actions in this section.

Attachment: the Web Console interface of CloudStack can be customized.

Use CloudStack API

Like AWS API, CloudStack API is based on Web Service and can be written in any language that supports HTTP calls, such as Java,PHP.

The calling code (caller) first needs to be authenticated at the management server. Currently, CloudStack uses two authentication methods:

Session certification: through login API, get a JSESSIONID cookie and a SESSIONKEY token.

API Key certification.

The code example in this article uses API Key for authentication. The process is as follows:

The administrator assigns API Key and Security Key to the caller (generated by Admin through web console or with registerUserKeys in the program).

The caller uses Security Key to generate a signature for API Key + Command String using the HMAC SHA-1 hash algorithm.

The last API Request=Base URL+API Path+Command String+Signature.

The following generates two key specifically for admin users:

First log in to the management desk: http://192.168.1.4:8080/client.

Click accounts, select admin, click users tab, and find admin.

You can see API Key and Security Key. If the two boxes have no values, click the small key icon on the toolbar, "Generate Keys", as shown in figure 16.

Figure 16. Generate API Key and Security Key

The results of the two Key generation are as follows:

Table API Key and Security Key of 3.Admin users

Next, use CloudStack's Restful API to generate a virtual machine. The call URL is as follows:

Http://192.168.1.4:8080/client/api?command=deployVirtualMachine&\ serviceofferingid=1&templateid=4&zoneid=1

The contents of the command parameter can be found in API Reference: CloudStack, which is not discussed here. It is important to note that each parameter in URL is arranged alphabetically, which is necessary to generate a signature.

The following shows how to generate a signature and assemble a complete URL.

First download a perl script here, and we'll use it to help generate signatures. Place it in the appropriate directory and type at the command line:

$. / generate-url.pl-f 1-u "command=deployvirtualmachine&serviceofferingid=1&templateid=4\ & zoneid=1"-a TEBBqfXkV-9blsxpkjFLAxNUmnvMsFEq7WKwPOMT_nuce69bmcElXz1\ izsN1qJFK58ye5U5hWWN2ckscsysodg-s 7VJx0QfxvJQZBYZbLdct2QFck8lV6hwLMvo9\ YCJ97pVou8f_aDSHdhEqBaY2CtFI6_MULP0eYqr_Z7D2Jon8nQ

The number 1 after-f means to generate url, and-an is followed by API Key,-s and Security Key. The command parameters after-u have been changed to lowercase letters (this step cannot be omitted). The command finishes running and generates a string:

Http://*.*.*.*/client/api?command=deployvirtualmachine&serviceofferingid=1\&zoneid=1&templateid=4&apikey=Kn7rrPjdXDWTrcjCTLs7hZM22o0X6aKSZ4Cy4\ GDUHD1TmoVw3e-oNxjRTCBXchffju5OFTqW4zPIik-HKxH7-w&signature=%2BQMXTBOoicZJG\ 6EosCcRGvO7OWU%3D

Then replace IP with the above url, and restore the lowercase letters in command to the original correct API name. The result is as follows:

Http://192.168.1.4:8080/client/api?command=listVirtualMachines&account=\admin&domainId=1&apikey=Kn7rrPjdXDWTrcjCTLs7hZM22o0X6aKSZ4Cy4GDUHD1TmoVw3e-o\ NxjRTCBXchffju5OFTqW4zPIik-HKxH7-w&signature=i5%2FQxBf7FIGc6GvAfNcpFnVKpEw%3D

If you type the URL into the browser, you can successfully execute it and return a XML response:

D29a98f2-610c-4e4e-9331-18c133c5bdb3 a5c9f26d-98be-4a81-9883-da9dd8dfda47

If you go back to the instance tab in the console interface, you can see that a new vm instance has been created.

In the same way, use the following command to list all the virtual machines under the Admin user.

Http://192.168.1.4:8080/client/api?command=listVirtualMachines&account= admin&domainId=1&apikey=Kn7rrPjdXDWTrcjCTLs7hZM22o0X6aKSZ4Cy4GDUHD1TmoVw3e-\ oNxjRTCBXchffju5OFTqW4zPIik-HKxH7-w&signature=%2BQMXTBOoicZJG6EosCcRGvO7OWU%3D

Q10:CentOS needs to install the perl development environment to run the script above. If an error similar to the cannot locate WWW/Mechanize class occurs during command execution, you need to install cpan first:

Yum install cpan

Then install the missing module with cpan:

Cpan install WWW::Mechanize

If any module is missing, install the module with cpan until all the packages used are loaded.

Overall, CloudStack's API provides very flexible and powerful features, and through CloudBridge, it is compatible with Amazon EC2 API.

Present situation and prospect

CloudStack is also updated quickly on the Apache site, and the latest 4.0 has been released, providing inter-VLAN routing (VPC) capabilities, saving metadata for management resources, adding new types of storage, and supporting Ubuntu 12.04 and REHL6.3.

In China, large enterprises such as China Telecom, as well as some small and medium-sized enterprises, are rapidly using CloudStack to build their public cloud or private cloud, hybrid cloud platform. In the practice of these users, CloudStack's rich variety of Hypervisor, support for storage types, strong scalability and network capabilities, good security design, and flexible API calls are all impressive.

The competition with OpenStack will be an unavoidable problem for CloudStack in the next few years. Compared with the backwardness advantage of competitors, CloudStack puts more emphasis on mature product applications. But with its own open source, the future IaaS market may go further in seeking common ground.

The above is all the contents of the article "how to configure and manage a cloud environment with CloudStack". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.