diff --git a/source/images/icons/sunstone/plus-dark.png b/source/images/icons/sunstone/plus-dark.png new file mode 100644 index 000000000..e5885a248 Binary files /dev/null and b/source/images/icons/sunstone/plus-dark.png differ diff --git a/source/images/oneprovision-add_provider.png b/source/images/oneprovision-add_provider.png new file mode 100644 index 000000000..629dc6491 Binary files /dev/null and b/source/images/oneprovision-add_provider.png differ diff --git a/source/images/oneprovision-aws_provider_options.png b/source/images/oneprovision-aws_provider_options.png new file mode 100644 index 000000000..8cf6dd968 Binary files /dev/null and b/source/images/oneprovision-aws_provider_options.png differ diff --git a/source/images/oneprovision-edge_cluster_inputs.png b/source/images/oneprovision-edge_cluster_inputs.png new file mode 100644 index 000000000..a2ac283c8 Binary files /dev/null and b/source/images/oneprovision-edge_cluster_inputs.png differ diff --git a/source/images/oneprovision-new_aws_provider.png b/source/images/oneprovision-new_aws_provider.png new file mode 100644 index 000000000..4263abc75 Binary files /dev/null and b/source/images/oneprovision-new_aws_provider.png differ diff --git a/source/images/oneprovision-new_provision.png b/source/images/oneprovision-new_provision.png new file mode 100644 index 000000000..d460af58a Binary files /dev/null and b/source/images/oneprovision-new_provision.png differ diff --git a/source/images/oneprovision-provider.png b/source/images/oneprovision-provider.png new file mode 100644 index 000000000..8cd17f328 Binary files /dev/null and b/source/images/oneprovision-provider.png differ diff --git a/source/images/oneprovision.png b/source/images/oneprovision.png new file mode 100644 index 000000000..62f8390b0 Binary files /dev/null and b/source/images/oneprovision.png differ diff --git a/source/intro_release_notes/release_notes/whats_new.rst b/source/intro_release_notes/release_notes/whats_new.rst index d930d2dae..e766bd3c4 100644 --- a/source/intro_release_notes/release_notes/whats_new.rst +++ b/source/intro_release_notes/release_notes/whats_new.rst @@ -25,7 +25,7 @@ Remove components, no longer included in the OpenNebula distribution: - DockerHub Marketplace - Docker Registry - TurnkeyLinux -- Postgresql - TP +- PostgreSQL - TP Legacy components, included in the distribution but no longer receive updates or bug fixes: diff --git a/source/quick_start/operation_basics/provisioning_edge_cluster.rst b/source/quick_start/operation_basics/provisioning_edge_cluster.rst index 3fe64a184..308caa875 100644 --- a/source/quick_start/operation_basics/provisioning_edge_cluster.rst +++ b/source/quick_start/operation_basics/provisioning_edge_cluster.rst @@ -5,124 +5,228 @@ Provisioning an Edge Cluster ============================ -In this section you can check all the steps needed to deploy an **Edge Cluster**. This involves the OneProvision GUI and Sunstone to manage the resources created in OpenNebula. Each new provision in the OneProvision GUI creates a new OpenNebula cluster. +In the first tutorial of this Quick Start Guide, we installed an :ref:`OpenNebula Front-end ` on AWS. In this tutorial, we’ll use that Front-end to provision an **Edge Cluster** on AWS, using the Sunstone GUI for the whole process, in just a few clicks. -.. important:: This guide assumes that you have deployed the OpenNebula front-end following the :ref:`Deployment Basics guide `. Here we'll be creating a metal Edge Cluster with KVM hypervisor, suitable for deploying both Virtual Machines and K8s clusters in the following :ref:`Usage Basics section `. +The edge cluster we’ll create includes a KVM hypervisor. It’s a suitable platform for deploying both Virtual Machines and Kubernetes clusters, as described in the :ref:`Usage Basics section `. -An Edge Cluster is a group of resources in OpenNebula and the corresponding resources in AWS, that are suitable to be run in edge locations with a minimal footprint. OpenNebula provides a specification of the cluster ready to be created. +To create the cluster, we’ll follow these high-level steps: -The following resources are created in OpenNebula when a new Edge Cluster is deployed: + #. Configure AWS. + #. Create an AWS Provider in OpenNebula. + #. Provision a Metal Edge Cluster. + #. Validate the New Infrastructure. -* **Cluster**: one cluster containing all the resources is created with each provision. There is a one-to-one relationship between the provision and the cluster, so each provision can only have **one** cluster. -* **Datastore**: each provision deploys two datastores, the system and the image. This is based on :ref:`OneStor datatores ` in the case of Edge Clusters (and in Ceph in the case of HCI Clusters). -* **Host**: the user can deploy as many as he or she wants. They will be used to run VMs. -* **Virtual Network**: for private networking there is a network template ready to be instantiated with the parameters the user needs. There is also one public network that uses the elastic drivers to pre-allocate IPs, so VMs have public connectivity. +.. important:: As mentioned above, in this tutorial we’ll deploy using the OpenNebula Front-end created and deployed on AWS :ref:`previously ` in this Quick Start Guide. To complete this tutorial, you need the OpenNebula Front-end up and running, and access to its Sunstone web UI. -During the provision of the cluster all these resources and their corresponding AWS objects are created with the aid of Terraform. In particular, the following AWS resources are created: +.. _brief_overview: -* A virtual private cloud (VPC) to allocate the OpenNebula Hosts (AWS instances) -* A CIDR block for the AWS instances. This CIDR block is used to assign secondary IPs to the Hosts to allocate elastic IPs. -* An Internet Gateway to provide Internet access to the Host and VMs. -* A routing table for the previous elements. +Brief Overview of the Provision +=============================== -.. note:: Take into account that Sunstone will request Elastic IPs for the public IPs you request. If you receive an error message about not being able to request more IPs when creating a provision, please check the `limits of your account `__ in your zone. +This section explains what OpenNebula creates behind the scenes when provisioning an Edge Cluster. -We'll be using the Sunstone GUI in this guide, so please make sure you can log in to it using your Front-end IP and default port 2616, as well as your oneadmin credentials. If you require to log in as a user other than oneadmin, in order to use the provision interface the user must belong to the oneadmin group, otherwise the providers won't be shown in the wizard. +OpenNebula provides a ready-to-use specification for an Edge Cluster, which is comprised of resources in OpenNebula and their corresponding resources in AWS. Together, these resources provide the functionality for running with a minimal footprint at edge locations. During provisioning, OpenNebula creates all of the cluster’s resources in OpenNebula and, with the aid of Terraform, their corresponding objects on AWS. -.. prompt:: bash $ auto +The following resources are created *in OpenNebula*: + + * **Cluster**: each provision creates one cluster. There is a one-to-one relationship between the provision and the cluster, so each provision can only have one cluster. + * **Datastore**: each provision deploys two datastores, for the system and the image. Datastores for edge clusters are based on OpenNebula’s :ref:`Local Storage datastores `; datastores for HCI clusters are based on Ceph. + * **Hosts**: After provisioning, you can deploy as many as desired, to run VMs. + * **Virtual Networks**: To ensure that VMs have public connectivity, the provision includes a pre-configured private network, and a public network that pre-allocates elastic IPs. + +To create the OpenNebula hosts and ensure connectivity, OpenNebula creates the following resources *in AWS*: + + * A **Virtual Private Cloud** (VPC) to allocate AWS instances as OpenNebula hosts. + * A **CIDR block of IPs** to assign secondary IPs to the hosts, and to allocate elastic IPs. + * An **Internet Gateway** to provide internet access for the hosts and VMs. + * A **routing table** for directing network traffic between these elements. + +.. note:: Sunstone will request Elastic IPs for the public IPs you request. If you receive an error message about not being able to request more IPs when creating a provision, check the `limits of your account `__ in your zone. + +In the following steps, we’ll use the Sunstone GUI to create a provider and provision a Metal Edge Cluster in AWS. + +Step 1: Configure AWS +===================== + +.. important:: Creating an AWS account is covered in the previous tutorial in this Quick Start Guide, on installing an :ref:`OpenNebula Front-end on AWS `. If you completed that tutorial, you should have your AWS account already configured and ready, and can skip to the :ref:`next step `. If you haven’t, we highly recommend you follow that tutorial before completing this one. - https://:2616/fireedge/provision +As a first step, if you don’t already have one, create an account in AWS. AWS publishes a complete guide: `How do I create and activate a new AWS account? `__ +After you have created your account, you’ll need to obtain the ``access_key`` and ``secret_key`` of a user with the necessary permissions to manage instances. The relevant AWS guide is `Configure tool authentication with AWS `__. -Step 1: Configuring AWS & Required Information -================================================================================ +Next, you need to choose the region where you want to deploy the new resources. You can check the available regions in AWS’s documentation: `Regions, Availability Zones, and Local Zones `__. -As a first step, if you don't already have one, create an account in AWS. You can follow `this guide `__. +.. _Step 2 ref: -Whenever your account is ready, you need to obtain both an ``access_key`` and a ``secret_key`` of a user that has access to instances management. For this, you can follow `this guide `__. +Step 2: Create an AWS Provider in Sunstone +========================================== -Next, you need to choose the region where you want to deploy the resources. All the available regions can be checked `here `__. +When you have your AWS account set up, it’s time to log in to Sunstone and create your AWS provider in OpenNebula. We will log in as user ``oneadmin``. -.. important:: To be able to connect to the instances you deploy, you'll need SSH keys. They are installed in ``/var/lib/one/.ssh-oneprovision``. A current limitation of the edge clusters is that currently is not possible to access the VMs through the normal :ref:`Sunstone mechanisms ` to do so. +.. note:: You can log in as any other OpenNebula user, as long as the user is part of the ``oneadmin`` group (if not, Sunstone will not display the providers). -Step 2: Create an AWS provider -================================================================================ +To log in, point your browser to the OneProvision address: -To deploy a complete edge provision with oneprovision from GUI, you first need to add a remote provider using the connection parameters above and choosing the location you wish to deploy those resources +.. code:: bash -.. warning:: + https://:2616/fireedge/provision + +In the log in screen, enter the credentials for user ``oneadmin``. + +Sunstone will display the **OneProvision** screen: + +.. image:: /images/oneprovision.png + :align: center + :scale: 80% + +| + +.. .. warning:: The Hosted Cloud PoC provides users with an OpenNebula front-end that is hosted and paid for by OpenNebula Systems. Compute nodes can be provisioned using AWS and Equinix Metal public cloud resources, for which users are responsible via user-owned accounts. -First, to **create a provider**, go to provider list view: +To create a provider in AWS, open the left-hand pane (by hovering the mouse over the icons to the left of the screen), then click **Providers**. Sunstone will display the **Providers** screen: + +.. image:: /images/fireedge_cpi_provider_list1.png + :align: center + :scale: 60% + +| + +To add a new provider, click the **Plus icon** |icon1| on the right: -|image_provider_list_empty| +.. image:: /images/oneprovision-add_provider.png + :align: center + :scale: 70% -Then, **click the plus button** and fill in the form. We will be using the metal Edge Cluster type with the KVM hypervisor. +| + +Sunstone displays the **Provider template** screen, showing the **Provision type** and **Provider type** drop-down menus as well as additional information. Leave the **Provision type** drop-down on ``metal``. For **Provider type**, select ``AWS``. Then, click the box that displays the desired location for your provision, for example **aws-frankfurt**, as shown below. |image_provider_create_step1| +Click **Next**. In the next screen you can enter a description for your provider: + |image_provider_create_step2| +Click **Next**. In the final screen, you will need to provide your AWS access key and secret key: + |image_provider_create_step3| -You now have a **new provider**. +Click **FINISH**. Sunstone should now display the **Providers** screen, showing your new provider: + +.. image:: /images/oneprovision-new_aws_provider.png + :align: center + + +| + +At this point, you have registered AWS as a new provider on your OpenNebula cloud. In the next step, we will provision an edge cluster on this provider. Step 3: Provision a Metal Edge Cluster -================================================================================ +====================================== + +To provision the cluster, open the left-hand pane, select **Provisions**, and click the **Plus icon** |icon1| on the right: + +.. image:: /images/oneprovision-new_provision.png + :align: center + :scale: 80% + +| + +.. +add screenshot +.. based on image:: /images/fireedge_cpi_provider_list1.png + +Sunstone displays the **Create Provision** screen. Here you can select provision and provider type, and choose between the provision templates available for a particular provider. In this case, the AWS provider offers two provision templates: **aws-hci-cluster** and **aws-edge-cluster**: + +.. image:: /images/oneprovision-aws_provider_options.png + :align: center + :scale: 80% + +| + +Click the **aws-edge-cluster** box, then click **Next**. + +OneProvision now displays the **Provider** screen showing the available providers (in this case, the AWS provider we previously created). Click the AWS box to select it, then click **Next**. -The user needs to provide the following inputs to create the provision: +.. image:: /images/oneprovision-provider.png + :align: center + :scale: 80% -+-----------------------+------------------------------------------------------------------+ -| User Input | Description | -+=======================+==================================================================+ -| ``Provider`` | This is the provider you just created above. | -+-----------------------+------------------------------------------------------------------+ -| ``Number of Hosts`` | Number of physical Hosts to be deployed on AWS. | -+-----------------------+------------------------------------------------------------------+ -| ``Number of IPs`` | Number of public IPs to get from AWS in order to connect to VMs. | -+-----------------------+------------------------------------------------------------------+ -| ``AWS instance type`` | AWS instance type to deploy. | -+-----------------------+------------------------------------------------------------------+ -| ``Hypervisor`` | Hypervisor to install ``kvm``. | -+-----------------------+------------------------------------------------------------------+ +| -.. important:: Make sure you request at least two public IPs to correctly complete the :ref:`Usage Basics ` part of the Quick Start guide which follows this one. +In the next screen you can enter a description for your cluster, if desired: -Now let's go to **create a provision** and follow the same steps: +.. image:: /images/fireedge_cpi_provision_create3.png + :align: center + :scale: 60% -|image_provision_list_empty| +| -**Select the provider** where you will deploy the provision. You will only have the one defined in the previous step. -|image_provision_create_step1| +Click **Next**. The final screen displays the default values for the edge cluster provision, as shown below: -|image_provision_create_step2| +.. image:: /images/oneprovision-edge_cluster_inputs.png + :align: center + :scale: 70% -|image_provision_create_step3| +| -|image_provision_create_step4| +The input field **Number of public IPs to get** determines how many public IPs will be made available to the edge cluster. Make sure to set this number to at least ``2``. -After clicking finish, you will be able to see the provision card in the Provisions tab: +.. important:: Make sure to specify at least two public IPs for the edge cluster, or you will not be able to deploy VMs or Kubernetes on the cluster. -|image_provision_list| +You can leave the other values at their defaults: -Let's explore **the log and detailed information** + * **Number of AWS instances to create**: ``1`` + * **Comma-separated list of DNS servers for public network**: ``1.1.1.1`` + * **AWS instance root volume size, in GB**: ``512`` + * **Virtualization technology for the cluster hosts**: ``kvm`` + * **AWS AMI image**: ``default`` + * **AWS instance type, user bare-metal instances**: ``c5.metal`` + +To provision the cluster, click **Finish**. OneProvision will launch the provisioning process in the background. The cluster should appear in the **Provisions** tab: -|image_provision_info| +.. image:: /images/fireedge_cpi_provision_list2.png + :align: center + :scale: 50% -|image_provision_log| +| -Your provision will be ready when you see the message "Provision successfully created" in the log, followed by the ID of the recently created provision. -Step 4: Validation -================================================================================ +To see detailed information, click the provision box: -**Infrastructure Validation** +.. image:: /images/fireedge_cpi_provision_show1.png + :align: center + :scale: 50% -.. note:: The following commands should be executed under the root or the oneadmin accounts (you can use sudo to run commands as a root user). +| -Once the deployment has finished, you can check that all the objects have been correctly created: + +To see a running log of the provision, click **Log**: + +.. image:: /images/fireedge_cpi_provision_log.png + :align: center + +| + +Provisioning will take a few minutes. When it’s finished, the log will display the message ``Provision successfully created``, followed by the provision’s ID. + +At this point the Edge Cluster has been created, and is up and running. In the next step, we’ll verify that all of the specified resources for the provision (the host, datastore, network, and the cluster itself) have been correctly created and registered with OpenNebula. + + +Step 4: Validate the New Infrastructure +======================================= + +To see that all objects in the provision have been correctly created, we’ll run the ``oneprovision`` command on the Front-end node. This command should be run either as the Linux user ``oneadmin``, or as ``root``. + +First, log in to the Front-end node. + +.. tip:: If you installed the Front-end by following the :doc:`Quickstart with miniONE on AWS <../deployment_basics/try_opennebula_on_kvm>` tutorial, to log into the Front-end you will need to use the key stored in the PEM file that you obtained from AWS. For details, see :ref:`minione_log_in_to_ec2` in that tutorial. + +On the Front-end node, use the ``oneadmin`` command to perform the following actions: + +List clusters in the provision: ``oneprovision cluster list``. .. prompt:: bash $ auto @@ -130,12 +234,16 @@ Once the deployment has finished, you can check that all the objects have been c ID NAME HOSTS VNETS DATASTORES 100 aws-cluster 1 1 4 +List hosts: ``oneprovision host list``. + .. prompt:: bash $ auto $ oneprovision host list ID NAME CLUSTER TVM ALLOCATED_CPU ALLOCATED_MEM STAT 1 3.120.111.242 aws-cluste 0 0 / 7200 (0%) 0K / 503.5G (0%) on +List datastores: ``oneprovision datastore list``. + .. prompt:: bash $ auto $ oneprovision datastore list @@ -143,12 +251,52 @@ Once the deployment has finished, you can check that all the objects have been c 101 aws-cluste - - 100 0 sys - ssh on 100 aws-cluste 71.4G 90% 100 0 img fs ssh o +List networks: ``oneprovision network list``. + .. prompt:: bash $ auto $ oneprovision network list ID USER GROUP NAME CLUSTERS BRIDGE LEASES 1 oneadmin oneadmin aws-cluster-pub 100 br0 0 +.. tip:: If you want to explore further options for the command, run ``oneprovision --help``. + + +Connecting to the Edge Cluster +============================== + +Currently, it is not possible to access VMs deployed on an edge cluster through the normal :ref:`Sunstone mechanisms `. To connect to the cluster, you will need to use SSH. + +You can easily connect to the cluster from the Front-end node, as Linux user ``oneadmin`` or as Linux user ``ubuntu``, which has access to the root account via the ``sudo`` command. + +To connect to the cluster, you will need to supply the user’s identity file, which is stored on the Front-end node in the following locations: + + * For ``oneadmin``: ``/var/lib/one/.ssh/id_rsa`` + * For ``ubuntu``: ``/var/lib/one/.ssh-provision/id_rsa`` + +To log in to the edge cluster, you can use this command: + +.. code:: + + ssh -i -l + +For example: + +.. code:: + + ssh -i /var/lib/one/.ssh-provision/id_rsa -l ubuntu + +.. tip:: + + If you want root access to the edge cluster, log in as user ``ubuntu``, then ``sudo`` to root. + +Next Steps +========== + +To see all of the resources created with your new edge cluster, and how they are displayed in Sunstone, see :doc:`Operating an Edge Cluster `. + + + .. |image_provider_list_empty| image:: /images/fireedge_cpi_provider_list1.png .. |image_provider_list| image:: /images/fireedge_cpi_provider_list2.png .. |image_provider_create_step1| image:: /images/fireedge_cpi_provider_create1.png @@ -163,3 +311,4 @@ Once the deployment has finished, you can check that all the objects have been c .. |image_provision_create_step4| image:: /images/fireedge_cpi_provision_create4.png .. |image_provision_info| image:: /images/fireedge_cpi_provision_show1.png .. |image_provision_log| image:: /images/fireedge_cpi_provision_log.png +.. |icon1| image:: /images/icons/sunstone/plus-dark.png