...
*
...
Apply
...
for
...
account
...
at
...
Maggelan:
...
http://magellan.nersc.gov/?page_id=564
...
*
...
Sign
...
on
...
to
...
the
...
forum:
...
https://mailman.nersc.gov/mailman/listinfo/eucalyptus-discuss
...
*
...
Login
...
to
...
web
...
interface:
...
https://mageuca.nersc.gov:8443/
...
* Upload euca2tols tool kit form http://open.eucalyptus.com/wiki/Euca2oolsGuide
...
http://open.eucalyptus.com/wiki/Euca2oolsGuide
...
*
...
list
...
of
...
all
...
commands:
...
http://blogs.plexibus.com/2010/06/17/eucalyptus-euca2ools/
...
in
...
particular
...
I
...
followed
...
'/Euca2oolsInstallJaunty_v1.1'
...
for
...
my
...
Ubuntu
...
VM
...
deployment,
...
but
...
skip
...
step
...
about
...
updating
...
/etc/apt/sources.list
...
with
...
'deb
...
http://www.eucalyptussoftware.com/downloads/repo/euca2ools/1.1/ubuntu
...
jaunty
...
universe'
...
I
...
did:
...
sudo
...
apt-get
...
update
...
sudo
...
apt-get
...
install
...
euca2ools
...
Check
...
euca2ools
...
by
...
executing
...
e.g.:
...
euca2ools
...
should
...
complain
...
about
...
missing
...
keys
...
but
...
program
...
must
...
be
...
found
...
*
...
Generate
...
one
...
time
...
keys
...
for
...
Eucalyptus
...
form
...
the
...
interface:
...
https://mageuca.nersc.gov:8443
...
upload
...
keys
...
to
...
local
...
machine
...
in
...
to
...
.euca
...
directory
...
Bundle & upload to Eucalyptus my VM 'from within'
* copy private key & certificate to some directory you do NOT want to distribute those with the VM image. Make sure you do not leve them somewhere else on VM - the whole world will hack you later
sudo mkdir /mnt/eucaBuild/
*
...
copy
...
there
...
euca2-yourName-e3e764-cert.pem
...
euca2-yourName-e3f64-pk.pem
...
cloud-cert.pem
...
eucars.csh
...
*
...
set
...
enviromental
...
variables
...
by
...
source
...
eucars.csh
*
...
setup
...
working
...
directory
...
for
...
the
...
bundle
...
which
...
will
...
be
...
excluded
...
from
...
the
...
bundle
...
sudo
...
mkdir
...
/image
*
...
Bundle
...
local
...
VM
...
,
...
will
...
take
...
1-2
...
hours
...
...,
...
you
...
may
...
need
...
to
...
specify
...
the
...
kernel
...
&
...
ramdisk
...
(values
...
below
...
worked
...
in
...
November
...
2010).
...
For
...
the
...
64-bit
...
VM
...
is
...
generated
...
below:
...
>
...
sudo
...
euca-bundle-vol
...
-c
...
$EC2_CERT
...
-k
...
$EC2_PRIVATE_KEY
...
-u
...
$EC2_USER_ID
...
--ec2cert
...
$EUCALYPTUS_CERT
...
-d
...
/image
...
-e
...
/image
...
--no-inherit
...
-r
...
x86_64
...
--kernel
...
eki-AEC117E0
...
--ramdisk
...
eri-175C1933
...
--
...
fstab /mnt/eucaBuild/euca-vfstab
...
...
USE of existing images
* query existing images:
> euca-describe-images
...
|
...
grep
...
emi
...
|
...
grep
...
-i
...
ubuntu
...
OUTPUT:
...
IMAGE emi-39DF160F
...
ubuntu-image-bucket/ubuntu.9-04.x86-64.img.manifest.xml
...
admin
...
available
...
public
...
x86_64
...
machine
* create key-pair
...
for
...
one
...
Eucalyptus
...
session
...
>
...
euca-add-keypair
...
balewski-euca
...
>
...
balewski-euca.private
...
>
...
chmod
...
0600
...
balewski-euca.private
...
>euca-describe-keypairs
...
euca-describe-keypairs
...
*
...
launch
...
an
...
instance
...
you
...
want.
...
The
...
default
...
image
...
has
...
10GB
...
limit,
...
if
...
you
...
need
...
larger
...
add
...
'
...
-t
...
m1.xlarge
...
'
...
or even '-t
...
c1.xlarge
...
'
...
for
...
CPUs/20G
...
memory/20
...
G
...
disk.
...
>
...
euca-run-instances
...
-k
...
balewski-euca
...
emi-
...
39DF160F -t
...
m1.xlarge
...
OUTPUT:
...
RESERVATION r-470107EF
...
balewski
...
balewski-default
...
INSTANCE
...
i-31D50646
...
emi-39DF160F
...
0.0.0.0
...
0.0.0.0
...
pending
...
balewski-euca
...
2010-10-22T16:05:53.609Z
...
eki-AEC117E0
...
eri-175C1933
...
*
...
check
...
if
...
instance
...
is
...
running
...
(after
...
few
...
minutes,
...
depends
...
on
...
the
...
size
...
of
...
the
...
image)
...
>
...
euca-describe-instances
...
i-31D50646
...
OUTPUT:
...
RESERVATION r-470107EF
...
balewski
...
default
INSTANCE i-31D50646
...
emi-39DF160F
...
128.55.56.51
...
192.168.4.2
...
running
...
balewski-euca
...
0
...
m1.small
...
2010-10-22T16:05:53.609Z
...
euca
...
eki-AEC117E0
...
eri-175C1933
...
*
...
Set
...
security
...
group
...
prior
...
to
...
connecting
...
to
...
the
...
instance
...
(see
...
'Potential
...
problems'
...
above
...
-
...
private
...
key
...
may
...
be
...
wrong.)
...
>
...
euca-authorize
...
-P
...
tcp
...
-p
...
22
...
-s
...
0.0.0.0/0
...
default
OUTPUT:
...
GROUP default
PERMISSION default ALLOWS tcp 22 22 FROM CIDR 0.0.0.0/0
...
* Connect to the instance
> ssh -i ./balewski-euca.private
...
root@128.55.56.57
...
* Terminate instance
> euca-terminate-instances
...
i-31D50646
...
OUTPUT:
...
INSTANCE i-31D50646
...
after
...
~10
...
seconds
...
the
...
same
...
command
...
results
...
with
...
nothing
...
...
--
...
-
...
-
...
...
notes
...
from
...
failing
...
installation
...
of
...
euca2tol
...
on
...
SL5.3
...
- instruction
...
- page
...
- is
...
- as
...
- for
...
...
- set
...
- system
...
- variables
...
export
...
- VERSION=1.2
...
export
...
- ARCH=x86_64
...
export
...
- http_proxy="http://aaa:bbb"
...
- (
...
- do
...
- not
...
- forget
...
- the
...
- prefix
...
- 'http://'
...
- )
...
to
...
- get
...
- 'yum'
...
- to
...
- work
...
- from
...
- BNL
...
- one
...
- needs
...
- to
...
- setup
...
- proxy
...
- be
...
- setting
...
- above
...
- create
...
- file
...
- /etc/yum.repos.d/euca.repo
...
- as
...
- in
...
- Centos
...
- instruction
...
in
...
- my
...
- case
...
- I
...
- hardcoded
...
- '1.2'
...
- instead
...
- of
...
- '$VERSION'
...
- because
...
- yum
...
- did
...
- not
...
- wanted
...
- to
...
- pick
...
- it
...
- up
...
- from
...
- the
...
- system
...
- variable
...
- set
...
- by
...
- the
...
- export
...
- command.
...
- It
...
- looks
...
- now
...
- like
...
- this
...
Code Block
...
cat /etc/yum.repos.d/euca.repo [euca2ools] name=Euca2ools baseurl=http://www.eucalyptussoftware.com/downloads/repo/euca2ools/1.2/yum/centos/ enabled=1
...
- execute
yum install euca2ools.$ARCH
...
- --nogpgcheck
...
- Problems
- bundling would quit after ~15 minutes of work with the message:
Code Block euca-bundle-vol -c $EC2_CERT -k $EC2_PRIVATE_KEY -u $EC2_USER_ID --ec2cert $EUCALYPTUS_CERT -d /image -e /image --no-inherit -r x86_64 --kernel eki-AEC117E0 --ramdisk eri-175C1933 1+0 records in 1+0 records out 1048576 bytes (1.0 MB) copied, 0.131823 seconds, 8.0 MB/s ...... ...... ...... Writing inode tables: done Creating journal (32768 blocks): done Writing superblocks and filesystem accounting information: done This filesystem will be automatically checked every 27 mounts or 180 days, whichever comes first. Use tune2fs \-c or \-i to override. Unable to copy files
- bundling would quit after ~15 minutes of work with the message:
...
SOLUTION:
...
- edit
...
- python
...
- script
...
- /usr/lib/python2.5/site-packages/euca2ools/
...
- _init
...
- _.py
...
look
...
- for
...
- line
...
- 1013
...
- and
...
- add
...
...
- output"
...
- so
...
- it
...
- looks
...
- like:
...
Code Block
...
if output[1]: print output raise CopyError
...
Then
...
- you'll
...
- see
...
- what's
...
- causing
...
- problems
...
- and
...
- exclude
...
- it.
...
- in
...
- my
...
- case
...
- it
...
- was
...
- ~3
...
- screen-dump
...
Code Block
...
('', 'selinux: rsync_xal_set: lsetxattr security.selinux failed: Permission denied\nselinux/avc: rsync_xal_set: lsetxattr security.selinux failed: Permission denied\nselinux/booleans: rsync_xal_set: lsetxattr security.selinux failed: Permission denied\nselinux/.access.5oRT2N: rsync_xal_set: lsetxattr security.selinux failed: Permission denied\nselinux/.checkreqprot.b5ebHI: rsync_xal_set: lsetxattr security.selinux failed: Permission denied\nselinux/.commit_pending_bools.1c9ulD: rsync_xal_set: lsetxattr security.selinux failed: Permission denied\nselinux/.compat_net.JYYQZx: rsync_xal_set: lsetxattr security.selinux failed: Permission .....
...
Which
...
- means
...
- I
...
- should
...
- 'disable
...
- selinux'
...
- by
...
- execution
...
- of
...
- the
...
- following
...
- command
...
echo
...
- 0
...
- >/selinux/enforce
...
- I
...
- run
...
- bundling
...
- again
...
- and
...
- got
...
- one
...
- more
...
- error
...
- mentioning
...
Code Block
...
/var/run/cups
...
The
...
- solution
...
- to
...
- that
...
- is
...
- to
...
- exclude
...
- /var/run/cups
...
- from
...
- bundling
...
- by
...
- adding
...
*-e
...
- /var/run/cups
...
- *
...
- in
...
- to
...
- euca-bundle-vol
...
- command
- now bundling finished successfully
Code Block ...... ...... Part: image.part.130 Part: image.part.131 Part: image.part.132 Generating manifest /image/image.manifest.xml
...
After
...
- which
...
- I
...
- have
...
- enabled
...
- back
...
- selinux
...
echo
...
- 1
...
- >/selinux/enforce
...
SCRATCH
...
------------------------------------
...
-
...
euca-register
...
-a
...
$EC2_ACCESS_KEY
...
-s
...
$EC2_SECRET_KEY
...
--url
...
$EC2_URL
...
jan7-Sl5.3-x86_64-12GB-external-build/image.manifest.xml
...
-bash-3.2$
...
ls
...
-l
...
/global/common/carver/tig/euca2ools/1.2/bin/
...
|grep
...
key
For 32-bit
...
image
...
change
...
kernel
...
to:
...
>
...
sudo
...
euca-bundle-vol
...
-c
...
$EC2_CERT
...
-k
...
$EC2_PRIVATE_KEY
...
-u
...
$EC2_USER_ID
...
--ec2cert
...
$EUCALYPTUS_CERT
...
-d
...
/image
...
-e
...
/image
...
--no-inherit
...
-r
...
i386
...
--kernel
...
eki-B15217F6
...
--ramdisk
...
eri-19791933
...
OUTPUT:
...
....
...
Part:
...
image.part.245
...
Part:
...
image.part.246
...
Part:
...
image.part.247
...
Generating
...
manifest
* uplad
...
bundle
...
to
...
Eucalyptus
...
with
...
name
...
'star-vm-SL10c-ubuntu-i386',
...
will
...
take
...
many
...
hours
...
depending
...
on
...
connection
...
&
...
total
...
size
...
>
...
sudo
...
euca-upload-bundle
...
-a
...
$EC2_ACCESS_KEY
...
-s
...
$EC2_SECRET_KEY
...
--url
...
$S3_URL
...
--ec2cert
...
$EUCALYPTUS_CERT
...
-m
...
/image/image.manifest.xml
...
-b
...
star-vm-SL10c-ubuntu-64bit
...
OUTPUT:
...
....
...
Uploading
...
part:
...
image.part.246
...
Uploading
...
part:
...
image.part.247
...
Uploaded image as star-vm-SL10c-ubuntu-i386/image.manifest.xml
...
* register 'star-vm-SL10c-ubuntu-i386'
...
with
...
Eucalyptus
...
>
...
euca-register
...
-a
...
$EC2_ACCESS_KEY
...
-s
...
$EC2_SECRET_KEY
...
--url
...
$EC2_URL
...
star-vm-SL10c-ubuntu-64bit/image.manifest.xml
...
OUTPUT:
IMAGE emi-344D1244
Potential problems:
- synchronization of local clock, can be fixed with command
> sudo ntpdate hickory.nersc.gov
...
- check
...
- if
...
- key-pair
...
- generation
...
- succeded,
...
- list
...
- content
...
- of
...
- 'balewski-euca.private'
...
- if
...
- it
...
- does
...
- not
...
- look
...
- like
...
- a
...
- valid
...
- key
...
- and
...
- you
...
- can't
...
- find
...
- the
...
- old
...
- key
...
- you
...
- can
...
- remove
...
- the
...
- old
...
- public
...
- key
...
- from
...
- Eucalyptus
...
- using
...
- command
...
- euca-delete-keypair
...
- if
...
- you
...
- can't
...
- ssh
...
- to
...
- a
...
- custom
...
- made
...
- VM
...
- and
...
- see
...
- the
...
- error
...
ssh:
...
- connect
...
- to
...
- host
...
- 128.55.56.63
...
- port
...
- 22:
...
- Connection
...
- refused
...
verify
...
- the
...
- ssh
...
- server
...
- is
...
- running
...
- on
...
- a
...
- local
...
- copy
...
- on
...
- this
...
- VM
...
- by
...
- typing:
...
ssh
...
- localhost
...
If
...
- you
...
- see
...
- the
...
- same
...
- error
...
- install
...
- ssh
...
- server
...
- -
...
- on
...
- Ubuntu
...
- do:
...
sudo
...
- apt-get
...
- install
...
- openssh-server
...
- openssh-client
...
- ssh
...
- fails:
...
- check content of the console: euca-get-console-output
...
- 'image-id'
...