Fiware testbed from hardware to openstack

The FI-WARE Project – Base Platform for Future
Service Infrastructures
FIWARE Testbed
Henar Muñoz Frutos
Jose Ignacio Carretero
From hardware to
Openstack

FIWARE project
FI-WARE will deliver a novel service infrastructure, building upon
elements (called Generic Enablers) which offer reusable and commonly
shared functions making it easier to develop Future Internet Applications
in multiple sectors
Testbed

The hardware…
 1 host in Madrid for firewalling
 12 hosts in Sevilla Red.es datacenter
HP DL360 G8 E5-2609
8 cores,
128 Gb RAM
2TB Hd.
Monitorización HP DL360 G8 E5-2606
1Switches de agregación HP 5820-24XG-
SFP+
2Switches de acceso HP 5800AF-48G
2Switch de gestion HP HI 5500-24G-4SFP
1Servidor de consolas Avocent ACS6000
1Regletas de corriente Avocent PM3008H-401
Networking
Service
130.206.80.0/22
Management
130.206.86.0/24
ILOMs:
130.206.86.101
....
130.206.86.112

First step: install the OS
 ILO https://130.206.86.103
Ubuntu 12.04.2 LTS

Install hypervisor
Check if the host is KVM compatible
• egrep -c '(vmx|svm)' /proc/cpuinfo (If 1 or more it does )
• kvm-ok (KVM acceleration can be used)
Install kvm
• sudo apt-get install qemu-kvm libvirt-bin bridge-utils
› libvirt-bin provides libvirtd (to administer qemu and kvm instances using libvirt)
› qemu-kvm (kvm in Karmic and earlier) is the backend
› bridge-utils provides a bridge from your network to the virtual machines
Adding user '<username>' to group 'libvirtd
• sudo adduser `id -un` libvirtd
• groups (to check)
 Verify
• virsh -c qemu:///system list
https://help.ubuntu.com/community/KVM/Installation

Some kvm/libvirt commands
VM from 0
• virt-install --name testkvm --ram 1024 --disk
path=/var/lib/libvirt/images/testkvm.qcow2.img,format=qcow2 -c /var/lib/libvirt/isos/ubuntu-12.04.1-
server-amd64.iso --vnc --noautoconsole --os-type linux --network=bridge:br100
VM info:
• virsh dumpxml <vmname>
VM create from XML
• virsh define <vmname>
VM start
• virsh start <vmname>
VM stop
• virsh destroy < vmname >
VM delete
• Virsh undefine <vmname>

KVM: Our scripts
Our scripts (Nacho’s scripts )
• newInstallation: to create an image
• updateVM.sh: Updates the IP, the MAC, provides a password
• traePaca.sh: to migrate VMs
./newInstallation.sh --image ubuntu-server-12.04-1.2.img --template
TemplateUbuntu1004.xml --name kvmtest2 --ram 712 --ipnum 253

KVM/Networking
Install the bridge-utils package:
/ etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet manual
auto br100
iface br100 inet static
address 130.206.80.7
gateway 130.206.80.1
netmask 255.255.255.128
broadcat 130.206.80.127
network 130.206.80.0
bridge_ports eth0
bridge_fd 9
bridge_maxage 12
bridge_stp off
https://help.ubuntu.com/community/KVM/Networking

Firewalling
INTERNET
INTERNET6
Router-
REDIRI
S
Fiwat01
(Router/FW)
VLAN209
130.206.192.140/30
2001:720:400::1000:80/126
Eth0.209
.142 :82
Br3:1
130.206.80.1
130.206.81.1
130.206.82.1 (4caast)
2001:720:1514:80::1
2001:720:1514:4::1
2001:720:1514:5::1
2001:720:1514:6::1
2001:720:1514:7::1
2001:720:1514:8::1
2001:720:1514:11::1
IP rules (IPTables)
Defined manually (or by scripts)
We control all the traffic which
enters

Other tools
Backups
Maintenance (stap, stop VMs, hosts)
Sanity checks status
Check GEs status (in the catalogue)

Current solution works but…
It requires a lot of support from testbed people
• To deploy VMs
• To give access to Ips

Next step: towards a Cloud Provider

Openstack Capabilities

Essex: Conceptual Architecture
http://docs.openstack.org/essex/openstack-compute/admin/content/overview-object-store-arch.html

Logical Architecture

Compute: Some concepts
Project (tenant)
Images and Instances
Flavours
Keypairs
Security Ports
Floating Ips
Ephemeral Storage/Volume Storage

Horizon
http://130.206.80.63

Nova
nova-cert
nova-manager service list
nova-consoleauth
nova-scheduler
CONTROLER
nova-network
nova-volume
COMPUTE NODE
nova-compute
130.206.80.63130.206.80.7

Deploying VMs with Openstack
Images in Glance
• nova image-list
Flavours
• nova flavor-list
Booting a image
• nova boot myCentosServer --image "05ede472-2b54-4ca3-a600-b98d9645a07d" --
flavor 2
List
• nova list
Info
• nova show myCentosServer
Delete
• nova delete myCentosServer
Start/Stop
• nova pause/unpause

VMs
Keypairs
• nova keypair-add mykey > mykey.pem
Security group
• nova secgroup-create test "test“
• nova secgroup-add-rule test tcp 22 22 0.0.0.0/0
Boot keypair and security ports
• nova boot myCentosServer --image "05ede472-2b54-4ca3-a600-
b98d9645a07d" --flavor 2 --key_name mykey --security_groups test
Floating IPs
• nova floating-ip-pool-list
• nova floating-ip-create fiprt1
• nova add-floating-ip myCentosServer 130.206.82.68
• nova floating-ip-list

API
REST API…
http://docs.openstack.org/api/openstack-
compute/2/content/API_Operations-d1e2068.html
http://api.openstack.org/api-ref.html

Networking (nova-network)
Flat mode
• There is a subnet specified
• Ips injected in the VM
• Static Ips
• Controller and computer should have the bridge
Flat DHCP mode
• Openstack strats a DHCP server
• Dynamics Ips
• With Flat DHCP, the host(-s) running nova-network act as the gateway to the
virtual nodes
VLAN Network mode

# network specific settings
--
network_manager=nova.network.manager.FlatDHCPManage
r
--public_interface=eth0
--muti_host=True
--flat_interface=eth0
--flat_network_bridge=br100
--fixed_range=172.30.5.0/24
--floating_range=130.206.82.64/26
--network_size=255
--flat_network_dhcp_start=172.30.5.2
--flat_injected=False
--force_dhcp_release
--iscsi_helper=tgtadm
--connection_type=libvirt
--root_helper=sudo nova-rootwrap
--verbose

Next steps
FIWARE Cloud components as part of the testbed
• Service Manager
• PaaS Manager
• SDC
• …
Grizzly OpenStack version
Object storage for storing images
Network as a service with Quatum
Nagios for monitoring
Openstack maintenance tools (backups..)
Monitoring sanity checks

Others…

Testbed usage
Fiware Cloud
UCs Cloud
Open Innovation Lab Cloud
- The demo Fiware testbed (all
enablers) managed by testbed
team
- Enabler owner can deploy VM to
instantiate their enablers for
developing and testing
- UCs deploy VMS and
instantiate enablers
- UCS access to the demo
FIWARE testbed enablers
- Anyone can access to the
Cloud to deploy VMS and
isntantiate FIWARE enablers

Fiware testbed from hardware to openstack

More Related Content

What's hot

Similar to Fiware testbed from hardware to openstack

Recently uploaded

Fiware testbed from hardware to openstack