Page History

]

\* Sign on to the forum: [https://mailman.nersc.gov/mailman/listinfo/eucalyptus-discuss

]

\* Login to web interface: [https://mageuca.nersc.gov:8443/

|https://mageuca.nersc.gov:8443/]

\* Upload euca2tols tool kit form [http://open.eucalyptus.com/wiki/Euca2oolsGuide

]

[http://open.eucalyptus.com/wiki/Euca2oolsGuide]\* list of all commands:

 [http://blogs.plexibus.com/2010/06/17/eucalyptus-euca2ools/

]
in particular I followed '/Euca2oolsInstallJaunty_v1.1'  for my Ubuntu VM deployment,

but skip step about updating /etc/apt/sources.list with 'deb [http://www.eucalyptussoftware.com/downloads/repo/euca2ools/1.1/ubuntu] jaunty universe'

I did:

*sudo apt-get update

*
*sudo apt-get install euca2ools

*

Check  euca2ools by executing e.g.:  euca2ools

should complain about missing keys but program must be found

\* Generate one time keys for Eucalyptus form the interface: [https://mageuca.nersc.gov:8443

]

upload keys to local machine in to .euca

 directory

----
*Bundle & upload to Eucalyptus my VM 'from within'*
\* copy private key & certificate to some  directory you do NOT want to distribute those with the VM image. Make sure you do not leve them somewhere else on VM - the whole world will hack you later

*sudo mkdir /mnt/eucaBuild/*
\* copy there euca2-yourName-e3e764-cert.pem  euca2-yourName-e3f64-pk.pem cloud-cert.pem eucars.csh

\* set enviromental variables by *source eucars.csh

*

\* setup working directory for the bundle which will be excluded from the bundle

*sudo mkdir /image

*

\* *Bundle* local VM , will take 1-2 hours ..., you may need to specify the kernel & ramdisk (values below worked in November 2010). {color:#0000ff}For{color} {color:#0000ff}the{color} {color:#0000ff}64-bit VM is generated below:

{color}
>*sudo euca-bundle-vol \-c $EC2_CERT \-k $EC2_PRIVATE_KEY \-u $EC2_USER_ID \--ec2cert $EUCALYPTUS_CERT  \-d /image \-e /image \--no-inherit \-r x86_64 \--kernel eki-AEC117E0 \--ramdisk eri-175C1933* \--

fstab  /mnt/eucaBuild/euca-vfstab

----
USE of existing images

\* query existing images:
> *euca-describe-images \| grep emi \| grep \-i ubuntu

*

_OUTPUT:

_
_IMAGE   emi-39DF160F    ubuntu-image-bucket/ubuntu.9-04.x86-64.img.manifest.xml admin   available       public  x86_64

  machine_

\* create  key-pair for one Eucalyptus session

> *euca-add-keypair balewski-euca > balewski-euca.private

*
> *chmod 0600 balewski-euca.private

*

*>euca-describe-keypairs

*

euca-describe-keypairs

\* launch an instance you want. The default image has 10GB limit, if you need larger add '*\-t m1.xlarge*'

 or even  '*\-t c1.xlarge*' for CPUs/20G memory/20 G disk.

> *euca-run-instances \-k balewski-euca* *emi-

39DF160F **\-t m1.xlarge

*




_OUTPUT:

_
_RESERVATION     r-470107EF      balewski        balewski-default

_
_INSTANCE i-31D50646 emi-39DF160F 0.0.0.0 0.0.0.0 pending balewski-euca 2010-10-22T16:05:53.609Z eki-AEC117E0 eri-175C1933

_

\* check if instance is running (after few minutes, depends on the size of the image)

> *euca-describe-instances  i-31D50646

*
_OUTPUT:

_
_RESERVATION     r-470107EF      balewski

        default_
_INSTANCE i-31D50646 emi-39DF160F 128.55.56.51 192.168.4.2 running balewski-euca 0 m1.small 2010-10-22T16:05:53.609Z euca eki-AEC117E0 eri-175C1933

_

\* Set security group prior to connecting to the instance (see 'Potential problems' above - private key may be wrong.)

> *euca-authorize \-P tcp \-p 22 \-s 0.0.0.0/0

 default*



_OUTPUT:

_
_GROUP   default_
_PERMISSION      default ALLOWS  tcp     22      22      FROM    CIDR    0.0.0.0/0

_

\* {color:#ff0000}Connect to the instance{color}
{color:#ff0000}>{color} {color:#ff0000}{*}ssh \-i ./balewski-euca.private root@128.55.56.57

{*}{color}


\* Terminate instance
> *euca-terminate-instances   i-31D50646

*

_OUTPUT:

_
_INSTANCE        i-31D50646

_

after \~10 seconds the same command results with nothing

---\-
----

*notes from failing installation of euca2tol on SL5.3

*
* *instruction page* is as for [http://open.eucalyptus.com/wiki/Euca2oolsCentosInstall_v1.1

]
* set system variables

export VERSION=1.2

export ARCH=x86_64

export http_proxy="http://aaa:bbb"  ( _do not forget the prefix 'http://'_)

to get 'yum' to work from BNL  one needs to setup proxy be setting above

* create file */etc/yum.repos.d/euca.repo* as in Centos instruction

in my case I hardcoded '1.2' instead of '$VERSION' because yum did not wanted to pick it up from the system variable set by the export command. It looks now like this

{code

}cat  /etc/yum.repos.d/euca.repo
[euca2ools]
name=Euca2ools
baseurl=http://www.eucalyptussoftware.com/downloads/repo/euca2ools/1.2/yum/centos/
enabled=1 

{code}
\\

* execute
yum install euca2ools.$ARCH \--nogpgcheck

* Problems
*# bundling  would quit after \~15 minutes of work with the message:
{code}
euca-bundle-vol -c $EC2_CERT -k $EC2_PRIVATE_KEY -u $EC2_USER_ID --ec2cert $EUCALYPTUS_CERT -d /image -e /image --no-inherit -r x86_64 --kernel eki-AEC117E0 --ramdisk eri-175C1933
1+0 records in
1+0 records out
1048576 bytes (1.0 MB) copied, 0.131823 seconds, 8.0 MB/s
......
......
......
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 27 mounts or
180 days, whichever comes first.  Use tune2fs \-c or \-i to override.
Unable to copy files

{code}
*SOLUTION:

*
*## edit python script  /usr/lib/python2.5/site-packages/euca2ools/\__init_\_.py

look for line 1013 and add "print output" so it looks like:

{code

}       if output[1]:
           print output
           raise CopyError

{code}
Then you'll see what's causing problems and exclude it.

*## in my case it was \~3 screen-dump

{code

}('', 'selinux: rsync_xal_set: lsetxattr security.selinux failed: Permission denied\nselinux/avc: rsync_xal_set: lsetxattr security.selinux failed: Permission denied\nselinux/booleans: rsync_xal_set: lsetxattr security.selinux failed: Permission denied\nselinux/.access.5oRT2N: rsync_xal_set: lsetxattr security.selinux failed: Permission denied\nselinux/.checkreqprot.b5ebHI: rsync_xal_set: lsetxattr security.selinux failed: Permission denied\nselinux/.commit_pending_bools.1c9ulD: rsync_xal_set: lsetxattr security.selinux failed: Permission denied\nselinux/.compat_net.JYYQZx: rsync_xal_set: lsetxattr security.selinux failed: Permission
.....
{code}

Which means I should 'disable selinux' by execution of the following command

*echo 0 >/selinux/enforce

*
*## I run bundling again and got one more error mentioning

{code

} /var/run/cups

{code}The solution to that is to exclude  /var/run/cups  from bundling by adding

\*-e  /var/run/cups * in to _euca-bundle-vol

_ command
*## now bundling finished successfully
{code}
......
......
Part: image.part.130
Part: image.part.131
Part: image.part.132
Generating manifest /image/image.manifest.xml

{code}
After which I have enabled back selinux

*echo 1 >/selinux/enforce

*

SCRATCH \------------------------------------\-

euca-register \-a $EC2_ACCESS_KEY \-s $EC2_SECRET_KEY \--url $EC2_URL jan7-Sl5.3-x86_64-12GB-external-build/image.manifest.xml

\-bash-3.2$ ls \-l /global/common/carver/tig/euca2ools/1.2/bin/\|grep

 key

{color:#0000ff}For 32-bit image change kernel to:

{color}
>*sudo euca-bundle-vol \-c $EC2_CERT \-k $EC2_PRIVATE_KEY \-u $EC2_USER_ID  \--ec2cert $EUCALYPTUS_CERT  \-d /image \-e /image \--no-inherit \-r* *i386* *\--kernel* *eki-B15217F6* *\--ramdisk* *eri-19791933

*
_OUTPUT:

_
_....

_
_Part: image.part.245

_
_Part: image.part.246

_
_Part: image.part.247

_
_Generating

 manifest_


\* *uplad* bundle to Eucalyptus with name 'star-vm-SL10c-ubuntu-i386', will take many hours depending on connection & total size

> *sudo euca-upload-bundle \-a $EC2_ACCESS_KEY \-s $EC2_SECRET_KEY \--url $S3_URL \--ec2cert $EUCALYPTUS_CERT \-m /image/image.manifest.xml* *\-b star-vm-SL10c-ubuntu-64bit

*
_OUTPUT:

_
_....

_
_Uploading part: image.part.246

_
_Uploading part: image.part.247

_
{color:#ff0000}{_}Uploaded image as star-vm-SL10c-ubuntu-i386/image.manifest.xml

{_}{color}

\* register  'star-vm-SL10c-ubuntu-i386' with Eucalyptus

> *euca-register \-a $EC2_ACCESS_KEY \-s $EC2_SECRET_KEY \--url $EC2_URL star-vm-SL10c-ubuntu-64bit/image.manifest.xml

*
{color:#ff0000}{_}OUTPUT:_{color}
{color:#ff0000}IMAGE	emi-344D1244{color}


*Potential problems*:
* synchronization of local clock, can be fixed with command
> *sudo ntpdate hickory.nersc.gov

*
* check if key-pair generation succeded, list content of 'balewski-euca.private'

  if it does not look like a valid key and you can't find the old key you can remove the old public key from Eucalyptus using command *euca-delete-keypair

*
* if you can't ssh to a custom made VM and see the error

_ssh: connect to host 128.55.56.63 port 22: Connection refused

_
verify the ssh server is running on a local copy on this VM by typing:

*ssh localhost

*
If you see the same error install ssh server\- on Ubuntu do:

*sudo apt-get install openssh-server openssh-client

*
* ssh fails:

  check content of the console: * euca-get-console-output 'image-id'*