Tak je najvy\u0161\u0161\u00ed \u010das spr\u00edstupni\u0165 webov\u00e9 rozhranie. Bez toho si nik nedok\u00e1\u017ee „cloud“ predstavi\u0165. Open Nebula m\u00e1 mana\u017ement web z menom SunStone. A ten si nain\u0161talujeme. Z\u00e1klad je jednoduch\u00fd. Potrebujeme SunStone a ke\u010f\u017ee ten nevie SSL tak e\u0161te nejak\u00fd proxy server. Na str\u00e1nke opennebuly je pop\u00edsan\u00fd postup z lighttpd.<\/p>\n
Najprv si nain\u0161talujeme bal\u00edky na oba n\u00f3dy:<\/p>\n
apt-get install opennebula-sunstone lighttpd<\/pre>\nN\u00e1sledne vygenerujeme SSL certifik\u00e1t: (toto je prikaz na selfsigned) Len na jednom n\u00f3de na druh\u00fd sa vytvoren\u00fd s\u00fabor prekop\u00edruje.<\/p>\n
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt\ncat server.key server.crt > \/etc\/lighttpd\/server.pem\nchmod 750<\/pre>\nNa oboch n\u00f3doch nakonfigurujeme lighttpd ako proxy: (\u010dervenou ozna\u010den\u00e9 pridan\u00e9 riadky)<\/p>\n
server.modules = (\n\u00a0\u00a0 \u00a0\"mod_access\",\n\u00a0\u00a0 \u00a0\"mod_alias\",\n\u00a0\u00a0 \u00a0\"mod_compress\",\n\u00a0\u00a0\u00a0 \u00a0\"mod_redirect\",\n#\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \"mod_rewrite\",\n\u00a0\u00a0 \u00a0\"mod_proxy\",<\/span>\n\u00a0\u00a0 \u00a0\"mod_accesslog\",<\/span>\n)\n\nserver.document-root\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = \"\/var\/www\"\nserver.upload-dirs\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = ( \"\/var\/cache\/lighttpd\/uploads\" )\nserver.errorlog\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = \"\/var\/log\/lighttpd\/error.log\"\nserver.pid-file\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = \"\/var\/run\/lighttpd.pid\"\nserver.username\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = \"www-data\"\nserver.groupname\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = \"www-data\"\nserver.port\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = 443\n\nindex-file.names\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = ( \"index.php\", \"index.html\", \"index.lighttpd.html\" )\nurl.access-deny\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = ( \"~\", \".inc\" )\nstatic-file.exclude-extensions = ( \".php\", \".pl\", \".fcgi\" )\n\ncompress.cache-dir\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = \"\/var\/cache\/lighttpd\/compress\/\"\ncompress.filetype\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = ( \"application\/javascript\", \"text\/css\", \"text\/html\", \"text\/plain\" )\n\n#### proxy module<\/span>\n## read proxy.txt for more info<\/span>\nproxy.server\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = ( \"\" =><\/span>\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 (\"\" =><\/span>\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 (<\/span>\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \"host\" => \"127.0.0.1\",<\/span>\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \"port\" => 9869<\/span>\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 )<\/span>\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 )<\/span>\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 )<\/span>\n\n#### SSL engine<\/span>\nssl.engine\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = \"enable\"<\/span>\nssl.pemfile\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = \"\/etc\/lighttpd\/server.pem\"<\/span>\n\n# default listening port for IPv6 falls back to the IPv4 port\ninclude_shell \"\/usr\/share\/lighttpd\/use-ipv6.pl \" + server.port\ninclude_shell \"\/usr\/share\/lighttpd\/create-mime.assign.pl\"\ninclude_shell \"\/usr\/share\/lighttpd\/include-conf-enabled.pl\"<\/pre>\nPozn\u00e1mka: Ke\u010f\u017ee sunstone server nie je mo\u017en\u00e9 bez \u00faprav skriptov prida\u0165 do HA clustra nech\u00e1me ich st\u00e1le zapnut\u00e9. Ich syst\u00e9mov\u00e9 po\u017eiadavky s\u00fa ve\u013emi mal\u00e9. A ich u\u0161etrenie mi nestoj\u00ed za n\u00e1mahu.<\/p>\n
A nastav\u00edme HA cluster. V princ\u00edpe prid\u00e1me len \u010fal\u0161iu IP. (pridan\u00e9 \u010dasti s\u00fa \u010derven\u00e9)<\/p>\n
node nfs1.cloud.mavipet.sk\nnode nfs2.cloud.mavipet.sk\nprimitive OneIP ocf:heartbeat:IPaddr2 \n\u00a0\u00a0 \u00a0params ip=\"172.16.1.100\" cidr_netmask=\"24\" \n\u00a0\u00a0 \u00a0op monitor interval=\"30s\"\nprimitive OpenNebula lsb:opennebula \n\u00a0\u00a0 \u00a0meta target-role=\"Started\" \n\u00a0\u00a0 \u00a0op monitor interval=\"30s\"\nprimitive SunStoneIP ocf:heartbeat:IPaddr2 <\/span>\n\u00a0\u00a0 \u00a0params ip=\"10.215.143.128\" cidr_netmask=\"24\" <\/span>\n\u00a0\u00a0 \u00a0op monitor interval=\"30s\"<\/span>\ncolocation one_ip inf: OneIP OpenNebula\ncolocation sun_ip inf: OpenNebula SunStoneIP<\/span>\norder nebula-after-ip inf: OneIP OpenNebula\norder sunstoneip-after-nebula inf: OpenNebula SunStoneIP<\/span>\nproperty $id=\"cib-bootstrap-options\" \n\u00a0\u00a0 \u00a0dc-version=\"1.1.7-ee0730e13d124c3d58f00016c3376a1de5323cff\" \n\u00a0\u00a0 \u00a0cluster-infrastructure=\"openais\" \n\u00a0\u00a0 \u00a0expected-quorum-votes=\"2\" \n\u00a0\u00a0 \u00a0last-lrm-refresh=\"1368645600\" \n\u00a0\u00a0 \u00a0stonith-enabled=\"false\" \n\u00a0\u00a0 \u00a0no-quorum-policy=\"ignore\"\n\n<\/pre>\nTeraz je u\u017e v\u0161etko pripraven\u00e9 na spr\u00e1vu z webu.<\/p>\n","protected":false},"excerpt":{"rendered":"
Tak je najvy\u0161\u0161\u00ed \u010das spr\u00edstupni\u0165 webov\u00e9 rozhranie. Bez toho si nik nedok\u00e1\u017ee „cloud“ predstavi\u0165. Open Nebula m\u00e1 mana\u017ement web z menom SunStone. A ten si nain\u0161talujeme. Z\u00e1klad je jednoduch\u00fd. Potrebujeme SunStone a ke\u010f\u017ee ten nevie SSL tak e\u0161te nejak\u00fd proxy … Pokra\u010dova\u0165 v \u010d\u00edtan\u00ed