Tuesday, October 22, 2013

Video: Using OpenStack command line tools



This lesson, Using OpenStack command line toolsexplains how to use the OpenStack Commandline tools on the FutureGrid cluster called sierra.futuregrid.org. 

For written material, see section OpenStack Grizzly in the FutureGrid manual.

Visit FutureGrid's Massive Open Online Course (MOOCs) site for more video based learning opportunities.

Thursday, October 17, 2013

Newly Released OpenStack Havana on FutureGrid

OpenStack Havana was released today. FutureGrid is happy to announce that undergraduates 
enrolled in  a course for young computer scientists working in the field of software and 
system will be among the first to gain hands-on experience with FutureGrid's 
implementation of the new version of OpenStack on India. For more about this course, 
please visit the FG-368 project page: https://portal.futuregrid.org/projects/368

Work is underway to make OpenStack Havana available to other FutureGrid users as soon as 
possible. Queries about FutureGrid's OpenStack Havana implementation should be sent to 
FutureGrid using the ticketing system:  https://portal.futuregrid.org/help

FutureGrid will continue to make OpenStack Grizzly available on Sierra.

For an overview of key features made available by the new OpenStack Havana release, 
please visit ZDNet's article, OpenStack Havana: Open-source cloud for the enterprise:
http://www.zdnet.com/openstack-havana-open-source-cloud-for-the-enterprise-7000022086/

Tuesday, October 8, 2013

Supernova instead of Nova?

We installed Supernova on Sierra, which is a very useful tool for OpenStack. If you say yes to any of the following questions, you should try Supernova.
  • Do you have multiple projects(tenants)?
  • Do you have another OpenStack to run your instances?
So here's how to use Supernova on Sierra.
* Before you try Supernova on FutureGird, you have to have your FutureGrid account and should know how to use OpenStack. Here's the link of our OpenStack Tutorial -> http://manual.futuregrid.org/openstackgrizzly.html
Login to Sierra and load Supernova.
ssh username@sierra.futuregrid.org
module load supernova

Check your novarc file and create your ~/.supernova file like below. In this example, my account(user1) is a member of fg123 and fg456.
[fg123]
OS_AUTH_URL=https://s77r.idp.sdsc.futuregrid.org:5000/v2.0
OS_CACERT=/etc/futuregrid/openstack/sierra/cacert.pem
OS_PASSWORD=***************
OS_TENANT_NAME=fg123
OS_USERNAME=user1

[fg456]
OS_AUTH_URL=https://s77r.idp.sdsc.futuregrid.org:5000/v2.0
OS_CACERT=/etc/futuregrid/openstack/sierra/cacert.pem
OS_PASSWORD=***************
OS_TENANT_NAME=fg456
OS_USERNAME=user1

Don't forget to change the permission to make it unreadable to anyone else.
chmod 600 ~/.supernova

Now, you should be able to check your tenant list.
supernova --list
-- fg123 --------------------------------------------------------------------
  OS_AUTH_URL          : https://s77r.idp.sdsc.futuregrid.org:5000/v2.0
  OS_CACERT            : /etc/futuregrid/openstack/sierra/cacert.pem
  OS_PASSWORD          : ***************
  OS_TENANT_NAME       : fg123
  OS_USERNAME          : user1
-- fg456 --------------------------------------------------------------------
  OS_AUTH_URL          : https://s77r.idp.sdsc.futuregrid.org:5000/v2.0
  OS_CACERT            : /etc/futuregrid/openstack/sierra/cacert.pem
  OS_PASSWORD          : ***************
  OS_TENANT_NAME       : fg456
  OS_USERNAME          : user1

The usage is the same as Nova Client. You just need to replace "nova" to "supernova <tenantname>". Here's how to boot an instance on each tenant.
supernova fg123 boot --image futuregrid/ubuntu-12.04 --flavor m1.small --key-name mykey fg123vm001
supernova fg456 boot --image futuregrid/ubuntu-12.04 --flavor m1.small --key-name mykey fg456vm002
supernova fg123 list
supernova fg456 list

Very easy and very useful, isn't it?

In my work, I have multiple tenants and multiple OpenStack sets to work with, so Supernova is very very very helpful. I hope it makes your work easier, too!


Thanks,

Thursday, October 3, 2013

Nimbus/Alamo Updates

qcow2 images on Nimbus/Alamo 

Support for the qcow2 virtual machine image format has been added to Nimbus on Alamo. One feature of qcow2 is that the size of an image on disk grows only as data is added to it. This is in contrast to a raw image file that is of a fixed size (the size of the virtual disk) which we typically gzip to reduce storage space.

One of the benefits of using qcow2 images is that Nimbus does not have to perform a gzip or gunzip step when running and saving virtual machines. This reduces the time to start and save virtual machines significantly. We will be adding qcow2 images for Linux distributions over time. If you wish to use specific distributions/versions, please let us know. An important note is that the qcow2 images provided by some distributions (e.g. Ubuntu, Fedora), don't work well out of the box with Nimbus. The reason for this is that while Nimbus adds your ssh key to the root account of the virtual machine, these images do not allow direct login to the root account (they expect you to log in to a normal user account such as ubuntu or ec2-user and then use sudo).

Nimbus/Alamo networking improvements

The network device used by Nimbus virtual machines on Alamo has been changed from Realtek RTL-8139 to Virtio. After this change, our measurements show that network bandwidth to and from Nimbus virtual machines has improved by a factor of 3 or more. The Virtio device is supported by all of the existing virtual machine images that we tested. Your virtual machines should automatically detect this new device and benefit from the higher networking bandwidth. If you have any problems with networking on your virtual machines, please submit a ticket.

Nimbus/Alamo authentication changes

Due to the expiration of a CA certificate, the Nimbus services on Alamo are now using a new host certificate from a different certificate authority. We apologize for the inconvenience, but this will require that you make some changes to your Nimbus client to continue to use Alamo. The first change is to use a Nimbus cloud client that includes the CA certificates associated with our new Nimbus certificate. One way to accomplish this is to download the Nimbus cloud client version 022. An alternative is to modify your existing cloud client by manually adding the CA certificates to it. This can be accomplished by:

  1. Download the InCommon Server CA certificate and save it as nimbus-cloud-client-021/lib/certs/84df5188.0 
  2. Go to the Comodo AddTrust page and download the AddTrust External CA Root certificate. Save it as nimbus-cloud-client-021/lib/certs/3c58f906.0 
The second change is to modify your nimbus-cloud-client-022/conf/alamo.conf file to have the DN of the new certificate, like so:

  •  vws.factory.identity=/C=US/2.5.4.17=78711/ST=TX/L=Austin/2.5.4.9=1 University Station/O=The University of Texas at Austin/OU=TACC - Texas Advanced Computing Center/CN=nimbus.futuregrid.tacc.utexas.edu 
 If you encounter any problems using Nimbus on Alamo, please submit a ticket for assistance.


The response of Sierra's OpenStack is improved.

It is good news that the response of Nova Client is improved on Sierra's OpenStack.

This issue doesn't show up on Essex version, so India's OpenStack is fine. But Grizzly version has lots on Keystone's database, and it had been making the authentication process slow. We took a serious look and tuned MySQL configuration.

Here's the result of the improvement.

Before:
$ time nova list
+--------------------------------------+--------+--------+---------------------+
| ID                                   | Name   | Status | Networks            |
+--------------------------------------+--------+--------+---------------------+
| 8618a539-2162-41e6-92b1-c8177ebe100a | master | ACTIVE | private=10.35.23.9  |
| c373a455-e99c-45a6-be8f-ca75117fe9cb | node1  | ACTIVE | private=10.35.23.10 |
| 07eaa184-a8c6-4ece-9f35-5d3ba8c9c1e0 | node2  | ACTIVE | private=10.35.23.15 |
| bbc7408f-e8ba-45cb-b294-e857c53e9f7f | node3  | ACTIVE | private=10.35.23.55 |
+--------------------------------------+--------+--------+---------------------+

real    0m8.819s
user    0m0.307s
sys 0m0.127s

After:
$ time nova list
+--------------------------------------+--------+--------+---------------------+
| ID                                   | Name   | Status | Networks            |
+--------------------------------------+--------+--------+---------------------+
| 8618a539-2162-41e6-92b1-c8177ebe100a | master | ACTIVE | private=10.35.23.9  |
| c373a455-e99c-45a6-be8f-ca75117fe9cb | node1  | ACTIVE | private=10.35.23.10 |
| 07eaa184-a8c6-4ece-9f35-5d3ba8c9c1e0 | node2  | ACTIVE | private=10.35.23.15 |
| bbc7408f-e8ba-45cb-b294-e857c53e9f7f | node3  | ACTIVE | private=10.35.23.55 |
+--------------------------------------+--------+--------+---------------------+

real    0m0.929s
user    0m0.309s
sys 0m0.118s

Thanks,