http://localhost:3000/http://localhost:3000/favicon.ico?16699092332020-01-09T09:17:13Zungleich redmineOpen Infrastructure - Task #7591: uncloud production checklist 2020-01http://localhost:3000/issues/7591?journal_id=307092020-01-09T09:17:13ZNico Schotteliusnico.schottelius@ungleich.ch
<ul><li><strong>Description</strong> updated (<a title="View differences" href="/journals/30709/diff?detail_id=30718">diff</a>)</li><li><strong>Status</strong> changed from <i>New</i> to <i>In Progress</i></li></ul> Open Infrastructure - Task #7591: uncloud production checklist 2020-01http://localhost:3000/issues/7591?journal_id=307102020-01-09T09:18:27ZNico Schotteliusnico.schottelius@ungleich.ch
<ul><li><strong>Description</strong> updated (<a title="View differences" href="/journals/30710/diff?detail_id=30720">diff</a>)</li></ul> Open Infrastructure - Task #7591: uncloud production checklist 2020-01http://localhost:3000/issues/7591?journal_id=307122020-01-09T09:19:55ZAhmed Bilal
<ul></ul><a name="InstallationSetup"></a>
<h1 >Installation/Setup<a href="#InstallationSetup" class="wiki-anchor">¶</a></h1>
<p>Allow etcd prefix for developer role<br /><pre><code class="shell syntaxhl" data-language="shell">ungleich-etcdctl-root role grant-permission <span class="nt">--prefix</span><span class="o">=</span><span class="nb">true </span>developer readwrite /server11/
ungleich-etcdctl-root role grant-permission <span class="nt">--prefix</span><span class="o">=</span><span class="nb">true </span>developer readwrite /server12/
</code></pre></p>
<p>server{11,12}.place6</p>
<p>Replace server12 with server11 when setting up server11</p>
<pre><code class="shell syntaxhl" data-language="shell">
<span class="c"># The following commands with ~# prompt are run as root</span>
~# tmux
~# userdel <span class="nt">-r</span> uncloud <span class="nt">-f</span>
~# useradd <span class="nt">-m</span> uncloud
~# <span class="nb">echo</span> <span class="s2">"uncloud ALL=(ALL) NOPASSWD: ALL"</span> <span class="o">>></span> /etc/sudoers
~# apt <span class="nb">install </span>python3-pip chrony qemu <span class="nb">sudo</span>
~# update-rc.d chrony <span class="nb">enable</span>
<span class="c"># Check whether time synchronization is successful</span>
~# chronyc tracking
~# su - uncloud
<span class="c"># correcting prompt</span>
<span class="nb">exec </span>bash
<span class="c"># Setting up uncloud</span>
git clone https://code.ungleich.ch/uncloud/uncloud.git
<span class="nb">cd </span>uncloud
pip3 <span class="nb">install</span> <span class="nb">.</span>
<span class="nb">echo</span> <span class="s2">"alias uncloud='/home/uncloud/.local/bin/uncloud'"</span> <span class="o">>></span> ~/.bashrc
<span class="nb">source</span> ~/.bashrc
<span class="c"># Setting up etcd connection</span>
<span class="c"># Creating directory for etcd certificates. Manually upload etcd certs into it</span>
<span class="nb">mkdir</span> ~/certs
<span class="c"># Put your OTP credentials in following command where it says replace me</span>
<span class="nb">cat</span> <span class="o">></span> /home/uncloud/uncloud/uncloud.conf <span class="o"><<</span><span class="no">EOF</span><span class="sh">
[etcd]
url = etcd1.ungleich.ch
port = 2379
base_prefix = /server12/
ca_cert = /home/uncloud/certs/ca.pem
cert_cert = /home/uncloud/certs/developer.pem
cert_key = /home/uncloud/certs/developer-key.pem
[client]
name = replace_me
realm = replace_me
seed = replace_me
api_server = http://localhost:5000
</span><span class="no">EOF
</span><span class="c"># Configuring uncloud (OTP, Netbox, Storage, Network)</span>
uncloud configure otp <span class="nt">--verification-controller-url</span> https://otp.ungleich.ch/ungleichotp/verify/ <span class="nt">--auth-name</span> replace_me <span class="nt">--auth-realm</span> ungleich-auth <span class="nt">--auth-seed</span> replace_me
uncloud configure netbox <span class="nt">--url</span> https://netbox.ungleich.ch/ <span class="nt">--token</span> replace_me
uncloud configure storage <span class="nt">--file-dir</span> /home/uncloud/backend/files/ filesystem <span class="nt">--vm-dir</span> /home/uncloud/backend/vms/ <span class="nt">--image-dir</span> /home/uncloud/backend/images/
uncloud configure network <span class="nt">--prefix-length</span> 64 <span class="nt">--prefix</span> 2a0a:e5c0:50::/48 <span class="nt">--vxlan-phy-dev</span> enp4s0f0
<span class="c"># Creating backend directories</span>
<span class="nb">mkdir</span> <span class="nt">-p</span> /home/uncloud/backend/files/
<span class="nb">mkdir</span> <span class="nt">-p</span> /home/uncloud/backend/vms/
<span class="nb">mkdir</span> <span class="nt">-p</span> /home/uncloud/backend/images/
<span class="c"># Downloading alpine qcow2 file. We would make an image out of it.</span>
<span class="nb">mkdir</span> <span class="nt">-p</span> /home/uncloud/backend/files/ahmedbilal-admin
wget https://cloud.ungleich.ch/s/qTb5dFYW5ii8KsD/download <span class="nt">-O</span> /home/uncloud/backend/files/ahmedbilal-admin/alpine-ucloud.qcow2
<span class="c"># Run filescanner to track our files</span>
uncloud filescanner
<span class="c"># Create image store</span>
python3 ~/uncloud/uncloud/api/create_image_store.py
<span class="c"># Run uncloud api</span>
uncloud api
<span class="c"># Create image (replace uuid with uuid of your file)</span>
uncloud cli image create <span class="nt">--name</span> alpine <span class="nt">--uuid</span> c3919922-3ff8-4557-a579-b6a7cdf5b654 <span class="nt">--image-store</span> images
<span class="c"># Run uncloud imagescanner</span>
uncloud imagescanner
<span class="c"># Verify that the image is created successfully</span>
uncloud cli image list
<span class="c"># Create host</span>
uncloud cli host create <span class="nt">--hostname</span> server12.place6.ungleich.ch <span class="nt">--cpu</span> 64 <span class="nt">--ram</span> <span class="s1">'64GB'</span> <span class="nt">--os-ssd</span> <span class="s1">'128GB'</span>
<span class="c"># Start uncloud host</span>
uncloud host <span class="nt">--hostname</span> server12.place6.ungleich.ch
<span class="c"># Create VM</span>
uncloud cli vm create <span class="nt">--vm-name</span> meow <span class="nt">--cpu</span> 1 <span class="nt">--ram</span> <span class="s1">'1gb'</span> <span class="nt">--os-ssd</span> <span class="s1">'4gb'</span> <span class="nt">--image</span> images:alpine
<span class="c"># Create Network (non-global fd00:/8)</span>
uncloud cli network create <span class="nt">--network-name</span> simple <span class="nt">--network-type</span> vxlan
<span class="c"># Create VM with non-global network</span>
uncloud cli vm create <span class="nt">--vm-name</span> meow2 <span class="nt">--cpu</span> 1 <span class="nt">--ram</span> <span class="s1">'1gb'</span> <span class="nt">--os-ssd</span> <span class="s1">'4gb'</span> <span class="nt">--image</span> images:alpine <span class="nt">--network</span> simple
</code></pre> Open Infrastructure - Task #7591: uncloud production checklist 2020-01http://localhost:3000/issues/7591?journal_id=307132020-01-09T09:26:29ZAhmed Bilal
<ul></ul><p><strong>Can all required components be deployed (checking on server11) -- document the installation procedures</strong></p>
<p>Documented</p>
<p><strong>Is the API secure from outside? I am able to connect without otp at the moment</strong></p>
<p>I am not sure about what do you mean by it. You can connect to API from outside but you would need valid OTP credentials to perform most of authorized functions like create/deleting/starting/stopping/migrating vm etc.</p>
<p><strong>Is the client / cli usable?</strong><br />Yes</p>
<p><strong>Is there documentation on how to use or recreate the current installation?</strong><br />The instructions how to recreate current installations are mentioned above. For usage, see <a class="external" href="https://ungleich.ch/uncloud/">https://ungleich.ch/uncloud/</a> or ping ahmedbilal</p>
<p><strong>Can networks be created?</strong><br />Yes, but global won't work as no one make it routable and i don't know how to add ip prefix to a server correctly.</p>
<p><strong>Can VMs be migrated from one host to another?</strong><br />Yes, but I have setup server11 and server12 individually. It mean they cannot interact with each other. It is very easy to make them talk to each other. Just ping me and I would do it.</p> Open Infrastructure - Task #7591: uncloud production checklist 2020-01http://localhost:3000/issues/7591?journal_id=307142020-01-09T09:32:30ZAhmed Bilal
<ul></ul><p>Also, please note</p>
<p>uncloud deployed at server{11, 12}. There are still some issues that would be problem for reliably running uncloud for longer period of time. e.g<br />1. <a class="external" href="https://redmine.ungleich.ch/issues/7583">https://redmine.ungleich.ch/issues/7583</a> (As, soon as etcd leader changes or etcd become temporarily unavailable our uncloud components start dying ;)</p>
<p>Although, if a VM is running it wouldn't be hurt. Thanks, to our shiny new vmm.</p>
<p>Also, see <a class="external" href="https://redmine.ungleich.ch/issues/7590">https://redmine.ungleich.ch/issues/7590</a></p> Open Infrastructure - Task #7591: uncloud production checklist 2020-01http://localhost:3000/issues/7591?journal_id=307242020-01-10T09:58:04ZNico Schotteliusnico.schottelius@ungleich.ch
<ul><li><strong>Description</strong> updated (<a title="View differences" href="/journals/30724/diff?detail_id=30726">diff</a>)</li></ul> Open Infrastructure - Task #7591: uncloud production checklist 2020-01http://localhost:3000/issues/7591?journal_id=307252020-01-10T09:59:21ZNico Schotteliusnico.schottelius@ungleich.ch
<ul><li><strong>Description</strong> updated (<a title="View differences" href="/journals/30725/diff?detail_id=30727">diff</a>)</li></ul> Open Infrastructure - Task #7591: uncloud production checklist 2020-01http://localhost:3000/issues/7591?journal_id=307262020-01-10T13:58:34ZNico Schotteliusnico.schottelius@ungleich.ch
<ul><li><strong>Description</strong> updated (<a title="View differences" href="/journals/30726/diff?detail_id=30728">diff</a>)</li></ul> Open Infrastructure - Task #7591: uncloud production checklist 2020-01http://localhost:3000/issues/7591?journal_id=404912021-12-06T23:54:18ZNico Schotteliusnico.schottelius@ungleich.ch
<ul><li><strong>Status</strong> changed from <i>In Progress</i> to <i>Rejected</i></li></ul>