EucalyptusUserGuide v1 Final 03 23

Eucalyptus
Cloud Computing Platform User Guide

Version 1.6

Eucalyptus Systems, Inc.

2010
Copyright 2010 Eucalyptus Systems, Inc. All rights reserved. Eucalyptus is a registered trademark of Eucalyptus Systems, Inc.
Eucalyptus 1.6 User Guide
Not for resale. Not for redistribution. Copyright 2010 Eucalyptus Systems, Inc.
Table of Contents
Table of Contents
Part I - Introduction to Cloud Computing......................................................................6 Section 1: Overview .....................................................................................................7 The IT Balancing Act: Increasing Innovation, Decrease Spending .....................................................7 What is Cloud Computing? ...................................................................................................................................7 Cloud Computing: Improved Efficiencies ......................................................................................................7 The Efficiency Benefits of Cloud Computing ................................................................................................8 Understanding Cloud Types ................................................................................................................................9 About Cloud Service Styles................................................................................................................................11 Private Clouds: The Benefits of Automated Self-service...................................................................... 12 The Role of Open Source .................................................................................................................................... 12 About Linux ..............................................................................................................................................................13 Open Source Business Model.............................................................................................................................13 Benefits of transparency and extensibility .................................................................................................13 Section 2: The Eucalyptus Open Source Private Cloud ................................................14 A secure cloud.........................................................................................................................................................14 Carefully engineered for compatibility........................................................................................................ 14 Technology...............................................................................................................................................................14 Eucalyptus Components..................................................................................................................................... 15 Cloud Controller (CLC) ........................................................................................................................................15 Cluster Controller (CC) ........................................................................................................................................16 Node Controller (NC) ...........................................................................................................................................16 Storage Controller (SC).......................................................................................................................................16 Walrus ........................................................................................................................................................................16 Management Platform ........................................................................................................................................17 Benefits of the Eucalyptus cloud ....................................................................................................................17 Part II Eucalyptus User Guide ..................................................................................20 Section 3: Using Eucalyptus........................................................................................21 3.1 Installing command-line tools .................................................................................................................21 3.2 Signing up for an account...........................................................................................................................22 3.3 Obtaining Credentials .................................................................................................................................. 24 3.4 Eucalyptus QuickStart ................................................................................................................................. 26 3.4.1 Querying the System..................................................................................................................................26 3.4.2 Creating Keypairs.......................................................................................................................................26 3.4.3 Instantiating a virtual machine (VM) ...............................................................................................27 3.4.4 Authorizing security groups ..................................................................................................................28 3.4.5 Logging into a VM instance....................................................................................................................28 3.4.6 Terminating an instance .........................................................................................................................28 Section 4: Installing and Using ElasticFox....................................................................30 4.1 Installing ElasticFox ..................................................................................................................................... 30 4.2 Configuring ElasticFox................................................................................................................................. 31 4.3 Providing Credentials .................................................................................................................................. 32 Section 5: Using Euca2ools .........................................................................................34 5.1 Summary of Euca2ools Features.............................................................................................................34 5.1.1 Using Euca2tools - Overview ................................................................................................................35
Not for resale. Not for redistribution. Copyright 2010 Eucalyptus Systems, Inc. Eucalyptus 1.6 User Guide
Table of Contents

5.1.2 Important! Before you start...................................................................................................................35 5.1.3 Getting Help ..................................................................................................................................................36 5.2 Installing Euca2ools ..................................................................................................................................... 37 5.2.1 Installing from source...............................................................................................................................37 5.2.2 Installing binary packages .....................................................................................................................38 5.3 Image Management....................................................................................................................................... 39 5.3.1 Adding Images .............................................................................................................................................39 5.3.2 Associating kernels and ramdisks with VM instances ................................................................40 5.3.3 Deleting Images...........................................................................................................................................40 5.3.4 Bundling images .........................................................................................................................................41 5.3.5 Uploading an image ..................................................................................................................................41 5.3.6 Registering an image ................................................................................................................................42 5.3.7 Downloading an image ............................................................................................................................42 5.3.8 Deleting a bundled image .......................................................................................................................42 5.3.9 Unbundling an image ...............................................................................................................................43 5.4 Virtual Machine (VM) Control..................................................................................................................44 5.4.1 Displaying currently running instances ...........................................................................................44 5.4.2 Running instances ......................................................................................................................................44 5.4.3 Shutting down instances .........................................................................................................................44 5.4.4 Rebooting instances ..................................................................................................................................45 5.5 Networking and Security............................................................................................................................46 5.5.1 Allocating and associating IP addresses ..........................................................................................46 5.5.2 Disassociating and releasing addresses............................................................................................46 5.5.3 Creating a security group .......................................................................................................................46 5.5.4 Adding networking rules to security groups ..................................................................................47 5.5.5 Revoking networking rules from security groups ........................................................................47 5.5.6 Deleting a security group........................................................................................................................47 5.6 Using Dynamic Block Volumes (Block Storage) ...............................................................................48 5.6.1 Creating a volume ......................................................................................................................................48 5.6.2 Creating a volume from a snapshot ...................................................................................................49 5.6.3 Attaching a volume to an instance .....................................................................................................49 5.6.4 Detaching a volume...................................................................................................................................49 5.6.5 Deleting a volume.......................................................................................................................................50 5.6.6 Creating a snapshot...................................................................................................................................50 5.6.7 Deleting a snapshot ...................................................................................................................................50
Glossary .....................................................................................................................52
Eucalyptus 1.6 User Guide Not for resale. Not for redistribution. Copyright 2010 Eucalyptus Systems, Inc.
Section 1: Overview
Contacting Eucalyptus Please send any comments, questions, or suggestions for this user guide to documentation@eucalyptus.com. We are always looking to improve our training materials and your feedback is welcome!
Part I - Introduction to Cloud Computing
Part I provides a broad overview of cloud computing and introduces the Eucalyptus open source private cloud. It explains the characteristics that define cloud computing, as a uniquely efficient model for delivering compute resources within the enterprise; describes cloud types (public, private, hybrid) and service styles (Iaas, PaaS, SaaS); and goes into the details of Eucalyptus cloud components.
Who should read Part I?
The material in Part I is targeted at prospective Eucalyptus cloud users at all levels, including CIOs, system administrators, IT professionals, end-users, and others interested in understanding the fundamentals of cloud computing and the basic components of Eucalyptus.
Part I discusses these topics:

What is cloud computing? Cloud types (public, private, and hybrid) Cloud service styles (IaaS, PaaS, SaaS, etc.) Eucalyptus components The benefits of the Eucalyptus cloud
Section 1: Overview
Section 1: Overview

The IT Balancing Act: Increasing Innovation, Decrease Spending

Tasked with seemingly contradictory objectives, todays CIOs face a difficult challenge: They must continue to deliver the productivity-enhancing technical innovation that gives the enterprise its competitive edge, while simultaneously streamlining their IT organizations in response to severe budgetary constraints. As a result, rather than replacing infrastructure with expensive purchases, CIOs are pursuing innovative ways to improve IT efficiency and thus enhance the performance and longevity of existing IT resources.
What is Cloud Computing?
Cloud computing is the delivery of computer resources through a Web service interface (e.g., SOAP or REST) on an as-needed basis. The term cloud refers to the organization of the underlying physical infrastructure remaining opaque (not visible) to the end user. In other words, cloud computing gives a user access to computer resources (i.e. machines, storage, operating systems, application development environments, application programs) over a network (Internet or intranet) through Web services, while the actual physical location and organization of the equipment hosting these resourcesbe it in the next room or spread across the globeis not necessarily known to the user. As such, these resources appear to the user as being in the cloud.
Cloud Computing: Improved Efficiencies

All types of cloud computingpublic clouds, private clouds, and hybrid clouds share an intrinsic set of characteristics. These characteristics help define cloud computing as a uniquely efficient model for delivering computer resources: Underlying organization of physical computing resources unknown to end user, or in the cloud Computing resources available as-needed Web-services-based interfaces Dynamic Scalability (a.k.a. Elasticity) Automated resource provisioning Self-service
The Efficiency Benefits of Cloud Computing
The above characteristics of cloud computing work synergistically to bring a high level of efficiency to IT operations and significant benefits to the enterprise, as follows: Computing resources located in the cloud Regardless of the type of cloud, public, private, or hybrid, redesigning the IT organization to provide computing resources from a cloud can provide substantial efficiency benefits. In the case of public clouds, the IT organization simply facilitates access to the cloud for users through Web service protocols. Thus capital that may otherwise be invested into building an internal data center infrastructure goes instead to paying for rental of the public cloud. In the case of private and hybrid clouds, existing data center infrastructure is highly optimized by consolidation and virtualization. This translates into reduced power consumption and enhanced server longevity, and thus reduced infrastructure-related expense. Computing resources available as-needed With computing resources available on an as-needed basis, cloud- computing customers simply use the resources they need when they need them. In the case of public clouds, such as AWS (Amazon Web Services), there are no proprietary license agreements required. Customers simply pay via credit card on a per time-unit basis. When services are no longer required, they are simply discontinued and no further charges incurred. In the case of private clouds, as-needed means that resources are provided to users when they are needed, then efficiently redistributed to other users when need ceases. Web-services-based interfaces Using standard Web-based interface enables users to easily access computing resources over common networks using universally accepted network communication protocols. These protocols are highly compatible with existing networking devices. Thus cloud systems are designed for efficient operation over both the public Internet and private enterprise intranets.
Section 1: Overview
Dynamic Scalability (a.k.a. Elasticity) In a cloud system, computing resources are highly scalable. This means that many resources can be committed to a single application or user. Elasticity refers to the ability to scale up (add resources) or scale down (decommission them) on the fly, dynamically in response to changing application or user needs. Elasticity gives the enterprise the ability to repurpose resources immediately as demand (generated by users or auto- scaling applications) fluctuates. Automated resource provisioning Clouds perform the distribution of computer resources immediately and automatically without direct human intervention. Thus users can quickly access the resources they require, while IT staff is freed from many repetitive acquisition, configuration, and servicing tasks. Self-service In a cloud setup, the end user directly selects the computer resources desired through a self-service Web interface. This gives the user direct control over computer resource deployment and configuration, and it helps assure that the users needs are more closely met. Self-service also frees the user from waiting in long IT service queues, and can thus enhance the productivity of the enterprise workforce.
In addition, SLAs (service-level agreements) combined with auditing and metrics tools help assure that users receive the computing resources expected.
Understanding Cloud Types
While all cloud types share the same fundamental characteristics, there are some important distinctions. Each cloud type addresses a different set of needs for an organization: Public Clouds Public clouds provide computing resources over the Internet to the general public on a pay-as-you-go basis. Computing resources are provided to customers through self-serve interfaces. Customers generally rent access to resources as needed, on a per time-unit basis (e.g., per hour), or in some cases through subscription. Payments are generally made online via credit card.
10
Public clouds address the needs of an organization requiring access to highly scalable computing resources on a temporary or periodic basis. The main advantage of the public cloud is the ability to acquire access to high-quality pools of resources immediately and with minimal capital investment. The public cloud can thus serve the needs of individuals, small companies, or startups with limited finances; or any organization with periodic spikes in demand that require access to large-scale computing resources. The disadvantage of the public cloud is that expenses accrue over time, and for an organization with significant computing needs the public cloud can become expensive. In addition, though encryption protocols can be used both for communication and storage, the current virtual machine technology requires that code and data be made available un-encrypted when it is executed and processed respectively. That is, if the data is processed in a public cloud, it must be in the clear when it is processed, as must the code that processes it, even if both are transmitted and stored in encrypted form. This requirement makes it impossible to create a chain of trust that does not involve the public cloud provider; hence public clouds are potentially inappropriate for particularly sensitive data and applications. Well-known public cloud providers include Amazon Web Services (AWS), Google Apps, Microsoft, IBM, Rackspace, and Salesforce.com. Private Clouds Private clouds provide computing resources to users within an enterprise over an intranet. Computing resources are distributed through an automated provisioning system accessed by users via a self-serve interface, just as they are in public clouds. Private clouds address the needs of organizations requiring a more efficient IT infrastructure as well as a high level of security over sensitive data. In a private cloud, data center resources are consolidated through virtualization and highly optimized to reduce operational expense. Automated resource provisioning and user self-service let the IT workforce shift focus to planning and customization projects that support a more productive enterprise workforce. And because a private cloud operates within the security perimeter of the enterprise, it uses the physical and electronic security measures in place in the data center to ensure the security of code and data. Private clouds are limited however by the resource capacity of the enterprises data center, which might be an issue during large spikes in demand. In this case, a hybrid cloud that offers the ability to spill out or burst into one or more public clouds is a viable option. In addition, it is important to note that due to the entrenched nature of many IT organizational practices, some resistance could be met by IT staff to the fundamental process changes required to successfully implement a private cloud
Section 1: Overview
11
within an enterprise. While private clouds share many common characteristics with virtualized data centers, their scaling and self-service characteristics often require organizational process and policy changes where simply virtualizing data center resources does not. Hybrid Clouds Hybrid clouds combine elements of both private and public clouds. In a hybrid cloud, users inside an organization with a private cloud can breakthrough the boundaries of the enterprise firewall or cloudburst to access additional computing resources in the public cloud. Hybrid clouds address the needs of organizations that require periodic access to highly scalable computing resources beyond the capacity of the enterprises existing data center infrastructure. Organizations benefit from the enhanced efficiency and security of the private cloud, but are prepared for large and unexpected spikes in demand.
About Cloud Service Styles

Computing resources accessed via any type of cloud are usually grouped into service styles according to the kind of resources providedsoftware, platform, or infrastructure. These styles correspond to different levels of programming and/or operational abstraction that applications deployed in each style must use. The three most common cloud service styles are generally referred to by the following acronyms: SaaS (Software as a Service): Provides network accessible access to software application programs. PaaS (Platform as a Service): Provides network accessible access to a programming or runtime environment with scalable compute and data structures embedded in it. IaaS (Infrastructure as a Service): Provides access to virtualized computer hardware resources, including machines, network resources, and storage. Many public cloud companies tailor their market offerings to address specific needs of customers according to these service styles. As a SaaS example, Salesforce.com provides access to hosted business application software packages through network facing APIs. Googles App Engine (GAE) is a PaaS offering that allows users to upload Python or Java programs so that they can take advantage of Googles Big Table infrastructure through a set of hosted interfaces. Finally, Amazon.coms Amazon Web Services (AWS) is an example of IaaS style cloud computing, offering time-limited rental of virtualized machine collections via network accessible web services.
12
Private Clouds: The Benefits of Automated Self-service
Automated resource provisioning and user self-service allow users to access computer resources as needed through a simple Web-interface, without assistance from IT staff. Giving users direct control over resource provisioning helps ensure that users needs are more closely met. And it promotes smooth workflow by minimizing time spent by users waiting for help in long service queues. For IT staff, automated resource provisioning and self-service means a reduction in time spent servicing user requests, as well as a degree of freedom from manual acquisition, setup, configuration, and service tasks. IT staff can focus instead on more innovative pursuits that further enhance efficiency and user productivity, including such things as data center capacity planning, enhancing automation, image management, maintaining archival provenance and automated legacy support, and providing users with customized Web interfaces and resource allocation options. Automated resource provisioning and self-service deliver efficiency benefits through outsourcing responsibility for user service from IT staff directly to the end user. This increases the concurrency of the IT service system, which significantly improves its efficiency. Another concept with roots in the e-commerce business model, concurrency refers to the simultaneous processing of multiple user requests. Increasing concurrency in the IT service system allows for multiple user requests to be processed immediately and simultaneously and thus reduces or eliminates long IT service queues. For example, if ten users each have a provisioning request that will take IT one-hour to complete, a user might wait ten hours before receiving helpthen wait another hour for the task to be completed. With the increased concurrency of a self-service automated provisioning system, all ten users can be serviced immediately and simultaneously.
The Role of Open Source
Seeking more cost-effective options that provide greater adaptability and flexibility, IT professionals have gravitated towards open source. The term open source refers to software source code that is human-readable (as opposed to machine-readable) and thus open to use and change as desired by developers. Due to open sources unrestricted and highly malleable quality, Linux-based open source operating systems have become the platform of choice for many IT organizations, as well as a very active and innovative open source developer community.
Section 1: Overview
13
About Linux Many groups and companies provide and support one or more of the standard distributions of Linux, including Ubuntu, CentOS, RHEL, OpenSUSE, Debian, and Fedora. Most of these can be downloaded for free over the Internet. As a result of these efforts, Linux has become a stable, reliable, and cost-effective operating system platform and a viable alternative to more well-known proprietary operating systems. Open Source Business Model Open source solutions are generally available in both source code and binary forms on-line and without charge. Communities of users and developers contribute the labor necessary to maintain them. Often, however, a principle entity (a person or a company) coordinates and manages each specific open source system (the Linux kernel being a notable exception). Companies that create open source software generally give-away their core product, and instead generate income by offering paid support services and customized versions that extend the baseline capabilities of the core. This business model keeps the software open to the value-adding creativity and innovations of the open source developer community. Benefits of transparency and extensibility The transparency and extensibility of Linux-based open source solutions make them highly adaptable and flexible to the needs of IT organizations, as follows: Transparency Transparency refers to the ability to look into and fix elements of a system if necessary. Providing unrestricted human-readable code that can be modified by developers makes open source solutions highly transparent and thus highly adaptable and compatible with the broadest range of existing data center technologies. Extensibility Extensibility refers to extending the capabilities of a system. Open source systems are highly extensible and can be freely built-upon by developers as desired. This extensibility promotes experimentation and innovation developers can build customized add-on features that extend the usefulness and value of a program. Open sources extensibility thus lets IT organizations develop efficiency-enhancing customizations that better serve the organization and users.

14
Part One Introduction to Cloud Computing
Section 2: The Eucalyptus Open Source Private Cloud
Eucalyptus is a Linux-based open source software architecture that implements efficiency-enhancing private and hybrid clouds within an enterprises existing IT Infrastructure.
A secure cloud
A Eucalyptus private cloud is deployed across an enterprises on-premise data center infrastructure and is accessed by users over enterprise intranet. Thus sensitive data remains entirely secure from external intrusion behind the enterprise firewall.
Carefully engineered for compatibility
Initially developed to support the high performance computing (HPC) research of Professor Rich Wolskis research group at the University of California, Santa Barbara, Eucalyptus is engineered according to design principles that ensure compatibility with existing Linux-based data center installations. Eucalyptus can be deployed without modification on all major Linux OS distributions, including Ubuntu, RHEL, Centos, and Debian. And Ubuntu distributions now include the Eucalyptus software core as the key component of the Ubuntu Enterprise Cloud.
Technology
Eucalyptus was designed from the ground up to be easy to install and as non- intrusive as possible. The software framework is highly modular, with industry- standard, language-agnostic communication. Eucalyptus is also unique by providing a virtual network overlay that both isolates network traffic of different users and allows two or more clusters to appear to belong to the same Local Area Network (LAN). The external interface to Eucalyptus can also be leveraged to be compatible with multiple public clouds (Amazon EC2, Sun Cloud, etc.).
15
Eucalyptus Components
Eucalyptus implements each high-level system component as a stand-alone Web service. This has the following advantages: First, each Web service exposes a well defined language-agnostic API in the form of a WSDL document containing both the operations that the service can perform and the input/output data structures. Second, we leverage existing Web-service features such as security policies (WSS) for secure communication between components and rely on industry-standard web-services software packages.
Figure 1.1
There are five high-level components, each with its own Web-service interface, that comprise a Eucalyptus installation (Figure 1.1). A brief description of the components within the Eucalyptus system follows: Cloud Controller (CLC) The Cloud Controller (CLC) is the entry-point into the cloud for administrators, developers, project managers, and end-users. The CLC is responsible for querying the node managers for information about resources, making high level scheduling
16
decisions, and implementing them by making requests to cluster controllers. The CLC, as shown in Figure 1, is also the interface to the management platform. In essence, the CLC is responsible for exposing and managing the underlying virtualized resources (servers, network, and storage) via a well-defined industry standard API (Amazon EC2) and a Web-based user interface. Cluster Controller (CC) The Cluster Controller (CC) generally executes on a cluster front-end machine, or any machine that has network connectivity to both the nodes running NCs and to the machine running the CLC. CCs gather information about a set of VMs and schedules VM execution on specific NCs. The CC also manages the virtual instance network and participates in the enforcement of SLAs as directed by the CLC. All nodes served by a single CC must be in the same broadcast domain (Ethernet). Node Controller (NC) The Node Controller (NC) is executed on every node that is designated for hosting VM instances. NCs control the execution, inspection, and termination of VM instances on the host where it runs, fetches and cleans up local copies of instance images (the kernel, the root file system, and the ramdisk image), and queries and controls the system software on its node (host OS and the hypervisor) in response to queries and control requests from the cluster controller. The Node controller is also responsible for the management of the virtual network endpoint. Storage Controller (SC) The Storage Controller (SC) provides functionality similar to the Amazon Elastic Block Storage (EBS) and is capable of interfacing with various storage systems (NFS, iSCSI, etc.). Elastic block storage is a block device that can be attached to an instance file system. An EBS cannot be shared across instances but does allow a snap-shot to be created and stored in a central storage system such as Walrus, the Eucalyptus storage service. Walrus Walrus allows users to store persistent data, organized as buckets and objects. It allows one to create, delete, list buckets, put, get, delete objects, and set access control policies. Walrus is interface compatible with Amazons S3, providing a mechanism for storing and accessing virtual machine images and user data.
17
Management Platform Eucalyptus provides an interface to various modules implemented at the CLC. These features can include VM management, storage management, user/group management, accounting, monitoring, SLA definition and enforcement, cloud- bursting, provisioning, etc. This lets users manage multiple clusters of possibly different hypervisors with a unified one-stop management console and customizable client interfaces to cater to users with varied degrees of privileges (admins, developers, managers, external partners, etc.)
Benefits of the Eucalyptus cloud
The Eucalyptus open source private cloud gives IT organizations the features so essential to improving the efficiency of an IT infrastructure, including the following: Data center optimization. Eucalyptus optimizes existing data center resources with consolidation through virtualization of all data center elements, including machines, storage and network. Eucalyptus is compatible with most widely used virtualization technologies, including Xen and KVM hypervisors. Automated self-service. Eucalyptus automates computer resource provisioning by allowing users to access their own flexible configurations of machines, storage, and networking devices as needed through a convenient self-service Web interface. Customizable Web-interface. Eucalyptus uses universally accepted Web- based network communication protocols that allow users to access computing resources through a highly customizable Web-interface. Scalable data center infrastructure. Eucalyptus clouds are highly scalable, which enables an organization to efficiently scale-up or scale-down data center resources according to the needs of the enterprise. Elastic resource configuration. The elasticity of a Eucalyptus cloud allows users to flexibly reconfigure computing resources as requirements change. This helps the enterprise workforce remain adaptable to sudden changes in business needs. Open source innovation. Highly transparent and extensible, Eucalyptus open source core architecture remains entirely open and available for value- adding customizations and innovations provided by the open source development community. The Eucalyptus open source software core is available for free download at www.eucalyptus.com.
18
Hybrid cloud capability. Engineered to emulate Amazon Web Services (AWS), Eucalyptus interacts seamlessly with Amazon public cloud services, including EC2 and S3, with no software modification required. This allows IT organizations to quickly cloudburst into the public cloud space without purchasing additional data center hardware during very large spikes in enterprise resource demand. The vibrant eco system built around the Amazon AWS can be leveraged. For example, RightScale, CohesiveFT, Zmanda, rPath are just a few of the partners that deliver solutions for Amazon AWS that in turn work seamlessly with Eucalyptus

19

20
Part II Eucalyptus User Guide
Part II shows you how to get started using a Eucalyptus cloud. You will learn how to apply for a Eucalyptus account via the Eucalyptus Web interface. You will also learn how to install and use Euca2ools (Eucalyptus command line tools) and ElasticFox (Web GUI) to manage VM images, run VM instances, configure virtual network settings, and manage block storage volumes in the Eucalyptus cloud.
Who should read Part II?
The material in Part II is directed towards end-users of Eucalyptus who wish to develop the necessary skills to run and manage VMs, configure networking security, and use Eucalyptus block storage volumes.
Part II discusses these topics:

Signing up for an account Credentials and keypairs Installing command line tools (Euca2ools) Installing and Using ElasticFox Querying the system Managing VMs Running Instances Configuring Network and Security Using Block Storage
Section 3: Using Eucalyptus
21
These instructions will walk you through the essential steps for using a Eucalyptus- based cloud. Those who have worked with Amazon's EC2 system will find most of these instructions familiar. In fact, you may continue using Amazon's command- line tools with Eucalyptus.
3.1 Installing command-line tools

The following instructions rely on Euca2ools (Eucalyptus command-line tools1) distributed by the Eucalyptus Team. Please install Euca2ools if you haven't done so already. For complete Euca2ools installation instructions, see Section 5.2: Installing Euca2ools.
Command line tools Eucalyptus Linux-based text commands (Euca2ools) let you control and manage cloud operations via a standard Terminal interface window.
1
22
3.2 Signing up for an account

Before you can log in to Eucalyptus, you must first sign up for an account. To sign up for an account: 1. Open your browser to the Web page of your Eucalyptus cloud installation. Ask your system administrator for the URL if you don't know it. (The URL will look like this: https://YourCloudServer:8443/, where YourCloudServer is likely to be the front-end of the cluster.) 2. Click the Apply for account link to access the application form (Figure 3.1). Figure 3.1. Eucalyptus sign in window. Click Apply to open the account application form. 3. Fill out the Eucalyptus account application form provided (Figure 3.2). An approval email is sent to your mailbox. Note: You may not be able to use Eucalyptus until the (human) administrator receives notification of your application and approves it. The more information you supply the easier it may be for the administrator to make the decision.
23
4. Load the confirmation URL that you receive in the approval email message from the cloud administrator. 5. Log in to the system with the login and password that you chose when filling out the application form.
Not for resale. Not for redistribution. Copyright 2010 Eucalyptus Systems, Inc. Eucalyptus 1.6 User Guide Figure 3.2. Eucalyptus account application form. Fill out this form and click Sign up to create a to a new Eucalyptus account. An approval email will be sent to your inbox from the cloud administrator.
24
3.3 Obtaining Credentials

Once you have logged in, you will see the Download Credentials button under the Credentials tab of the Your Eucalyptus Cloud page. Generating a certificate for your account is necessary before you can use Amazon's EC2 command-line tools for querying and controlling Eucalyptus instances. Currently, the Web interface to Eucalyptus is limited hence the use of command-line tools is necessary. To obtain credentials: 1. Click the Download Credentials button to obtain the certificate and save it (Figure 3.3). You can keep these keys in a secure place on any host. The following command-line instructions apply to any Unix-flavored machine with bash (not necessarily the cluster where Eucalyptus was installed). (See Amazon's Getting Started Guide for the similar instructions to use under Windows.)

Figure 3.3. User account information window. Click the Download Credentials button to obtain your credential keys.
2. Unzip your credential keys using the following command and protect them from exposure. (The zip-file contains two files with the .pem extension; these are your public and private keys):
25

$ $ $ $ $ mkdir ~/.euca cd ~/.euca unzip name-of-the-key-zip.zip chmod 0700 ~/.euca chmod 0600 ~/.euca/*
2. Source the eucarc file2 to set the appropriate environmental variables. (Some client tools such as euca2ools or ec2 tools use these environmental variables to obtain the necessary information about the Eucalyptus cloud and user credentials):
$ . ~/.euca/euca2-*/eucarc

Sourcing the eucarc file (by typing . eucarc at the command line) to set appropriate environmental variables and validates required user authentications for your Eucalyptus cloud.
2
26
3.4 Eucalyptus QuickStart

Now you can begin running VM instances in the Eucalyptus cloud. Using Euca2ools command-line tools, you can learn about installed images, start VM instances using those images, describe the running instances, and terminate them when you're finished with them. 3.4.1 Querying the System The following EC2 commands let you query the system to view important information about your Eucalyptus cloud:
euca-describe-instances euca-describe-availability-zones euca-describe-keypairs
3.4.2 Creating Keypairs Before starting a VM, you need to create at least one key pair using the euca-addkeypair command. This key pair will be injected into the VM, allowing you to log in to the VM instance using the SSH command. Below we use the handle mykey as an example, but you may choose any string you like instead. To create a keypair: 1. Enter the following:
euca-add-keypair mykey >mykey.private
2. Change access permissions to enable your private key : chmod 0600 mykey.private
27
3.4.3 Instantiating a virtual machine (VM) In order to run a VM instance, you must first identify a VM image, then instantiate the VM from that image as follows: To instantiate a VM: 1. Query the system to view available VM images: euca-describe-images 2. Identify the specific VM image you wish to instantiate. Note that VM image names begin with the prefix emi- followed by an eight-character string (e.g., emi-A68D0F4F)(Figure 3.4):
Figure 3.4. Output of euca-describe-images query showing available machine, kernel and ramdisk images.
3. Instantiate the VM, where n is the number of instances and <emi-id> is the specific image you wish to instantiate, as follows:
euca-run-instances -k mykey -n <number of instances to start> <emi-id>
4. Query the system to view information about your VM instance(s) and verify that the VM instance is running (Figure 3.5) as follows: euca-describe-instances
Figure 3.5. Output of euca-describe-instances query shows information about your VM instances. Active instances are shown as running. Note the IP addresses assigned to the instance listed here as well.
28
3.4.4 Authorizing security groups A security group is a set of VM instances, access to which is controlled by networking rules applied to the group. When you create a VM, it is assigned to a default security group, denying incoming network traffic from all sources. Thus, before logging in and using a VM instance, you must authorize network access to the default security group using the euca-authorize command as follows: euca-authorize P tcp p 22 s 0.0.0.0/0 default For more information about networking rules and security groups, see Section 5.5 Networking and Security. 3.4.5 Logging into a VM instance Once the VM instance is shown as running it will also show two IP addresses that are assigned to it (see Figure 3.5). Log into the IP address with the SSH key that you created as follows:
ssh -i mykey.private root@<ip-address>
You should now be logged in and ready to use your VM instance. 3.4.6 Terminating an instance To terminate VM instances input the following command, where <instance-id> is the VM instance(s) you wish to terminate:
euca-terminate-instances <instance-id1> <instance-id2> ... <instance-idn>
Please, see Amazon's EC2 Getting Started Guide3 for more information about these command-line tools. Keep in mind that, depending on how the administrator has configured Eucalyptus, some tools/operations may not be supported (e.g., security groups/elastic IPs). Consult your administrator for more information.
Amazons EC2 Getting Started Guide is available at http://docs.amazonwebservices.com/AWSEC2/2008-12- 01/GettingStartedGuide/
3
29

30
Section 4: Installing and Using ElasticFox
ElasticFox is a graphical interface that lets you manage both Amazon EC2 and Eucalyptus accounts. Elasticfox is distributed as a Firefox plug-in, which you can download at the following URL: https://s3.amazonaws.com/ec2-downloads/elasticfox.xpi
4.1 Installing ElasticFox
To install ElasticFox: 1. Download and save the above elasticfox.xpi file 2. Click on the Firefox Tools menu, and choose Add-ons. 3. Drag and drop elasticfox.xpi into the Add-ons window. 4. Click Install. 5. Restart Firefox.
31
4.2 Configuring ElasticFox

ElasticFox comes pre-configured to communicate with AWS. Thus it is necessary to reconfigure ElasticFox to communicate with Eucalyptus, as follows: To configure ElasticFox for Eucalyptus: 1. Open Firefox. 2. In the main menu select Tools > ElasticFox. Elasticfox opens and asks if you would like to provide your AWS credentials. 3. Click No. 4. In the Firefox URL bar, enter: about:config 5. In the Filter field, enter: ec2ui.url (Figure 4.1).
6. Double-click and replace the default URL with: http://<ip of cloud controller>/services/Eucalyptus (Figure 4.2).
Figure 4.1
Figure 4.2
32
4.3 Providing Credentials

ElasticFox needs your Eucalyptus query credentials to communicate with the various web services. 1. Log into the Cloud Controller administrative interface and fetch query credential values (Figure 4.3):
Figure 4.3
2. Copy and paste these two values into a temporary location such as Notepad, or open the page in a new Firefox window. 3. Next, open ElasticFox (Figure 4.4):
Figure 4.4
4. Click on the Credentials button on the ElasticFox toolbar. Enter a name for the account, and then paste in the two values: the access key, and the secret key, and press Add (Figure 4.5).
33
5. Click on Account IDs. The actual account ID is irrelevant to Eucalyptus, so enter 0000-0000-0000 and a name for the ID, and press Add (Figure 4.6).
Figure 4.5
Figure 4.6
6. Click on Security Groups and press the refresh button (blue). You should see one item in the list (Figure 4.7).
Figure 4.7
You are now ready to use ElasticFox with your Eucalyptus cloud!
34
Section 5: Using Euca2ools
Euca2ools are command-line tools for interacting with Web services that export a REST/Query-based API4 compatible with Amazon EC2 and S3 services. The tools can be used with both Amazon's services and with installations of the Eucalyptus open source cloud computing infrastructure. The tools were inspired by command- line tools distributed by Amazon (api-tools and ami-tools) and largely accept the same options and environmental variables. However, Eucalyptus tools were implemented from scratch in Python, relying on the Boto library and M2Crypto toolkit.
5.1 Summary of Euca2ools Features

Query of availability zones (i.e. clusters in Eucalyptus) SSH key management (add, list, delete) VM management (start, list, stop, reboot, get console output) Security group management Volume and snapshot management (attach, list, detach, create, bundle, delete) Image management (bundle, upload, register, list, deregister) IP address management (allocate, associate, list, release)

REST/Query-based API Web service interface using HTTP-based representational messaging architecture to conduct client-server (request and response) interactions. Eucalyptus 1.6 User Guide Not for resale. Not for redistribution. Copyright 2010 Eucalyptus Systems, Inc.
35
5.1.1 Using Euca2tools - Overview

Euca2ools use encrypted credentials for authentication. Two types of credentials are issued by EC2- and S3-compatible services: x509 certificates and keys. While some commands only require the latter, it is best to always specify both types of credentials. In addition, unless the Web services reside on 'localhost', the URLs of the EC2- and S3-compatible service endpoints must also be specified. The credentials and URLs can be specified via the command line option or by setting environment variables as follows: Variable Option Explanation EC2_URL S3_URL EC2_ACCESS_KEY EC2_SECRET_KEY EC2_CERT -U or --url [url] -U or --url [url] -a or --access-key [key] -s or --secret-key [key] -c or --cert [file] http://host:8773/services/Eucalyptus http://host:8773/services/Walrus Access Key ID / Query ID Secret Access Key / Secret Key user's PEM-encoded certificate user's PEM-encoded private key OPTIONAL path to cloud cert
EC2_PRIVATE_KEY -k or --privatekey [file] EUCALYPTUS_CERT --ec2cert_path [file]
If you are running Euca2ools against Eucalyptus, sourcing the eucarc file that is included as part of the credentials zip-file that you downloaded from the Eucalyptus Web interface should be enough to set up all of the above variables correctly. 5.1.2 Important! Before you start The following instructions rely on the Euca2ools command-line tools distributed by Eucalyptus Systems, Inc. Please install them if you have not done so already. For installation instructions, see Section 5.2: Installing Euca2ools. In addition, make sure you have sourced your eucarc file (by entering . eucarc at the command line) before running the following commands. For instructions on sourcing eucarc, see Section 3.3: Obtaining Credentials.
36
5.1.3 Getting Help There are two types of help messages available for Eucalyptus commands, a help page and a man page, as follows: To see a help page, enter euca- <command name> --help To see a man page, enter man euca-<command name> For example, to get help for the euca-bundle-image command, enter either of the following: $ euca-bundle-image --help (shows a help page) $ man euca-bundle-image (shows the man page)
37
5.2 Installing Euca2ools
Euca2ools can be installed from source or as a binary package (DEB or RPM). You can download the latest tarball and binary packages at the following address: http://open.eucalyptus.com/downloads Please download the source tarball or the correct binary package for your distribution. 5.2.1 Installing from source Euca2ools are written in Python, relying on the Boto and M2Crypto libraries. The acceptable versions for the dependencies are: Python 2.5 (dev) or higher Boto 1.8d or higher M2Crypto 0.19.1 or higher Before installing from source you must download euca2ools-1.1-src-deps.tar.gz, which contains boto 1.8d.tar.gz and M2Crypto-0.19.1.tar.gz files. You must also install python-dev, swig, help2man, and libssl-dev (from the appropriate Linux distribution) to build Boto and M2Crypto libraries. To install from source: 1. Download euca2ools-1.1.tar.gz and euca2ools-1.1-src-deps.tar.gz. (Below, we will assume that these tarballs are located in the current directory.) 2. Install Boto: tar zvxf euca2ools-1.1-src-deps.tar.gz cd euca2ools-1.1-src-deps tar zxvf boto-1.8d.tar.gz cd boto-1.8c sudo python setup.py install cd .. 3. Install M2Crypto: tar zxvf M2Crypto-0.19.1.tar.gz cd M2Crypto-0.19.1 sudo python setup.py install cd ..
38
4. Install Euca2ools in /usr/local/bin, adding it to your $PATH, if necessary: cd .. tar zxvf euca2tools-1.1.tar.gz cd euca2tools-1.1 sudo make export PATH=/usr/local/bin:$PATH To uninstall: sudo make uninstall You may also wish to delete euca2ools, Boto and M2Crypto from your python package installation directory. 5.2.2 Installing binary packages You can install Euca2ools as binary packages (DEB or RPM) on several Linux distributions, including Ubuntu, RHEL, Centos, Debian, and OpenSUSE. For example, to install Euca2ools to RHEL 5/Centos 5, download the appropriate tarball from http://open.eucalyptus.com/downloads, as follows: For 32-bit machines, get euca2ools-1.1-centos-i386.tar.gz For 64-bit machines, get euca2ools-1.1-centos-amd64.tar.gz Untar the bundle in a temporary location, install Python 2.5, and install euca2ools: tar zxvf euca2ools-1.1-*.tar.gz cd euca2ools-1.1-* (Replace this with the actual directory name) sudo -s yum install -y swig rpm -Uvh python25-2.5.1-bashton1.x86_64.rpm python25-libs 2.5.1-bashton1.x86_64.rpm euca2ools-1.1-1.x86_64.rpm (replace x86_64 with i386 for 32-bit hosts) NOTE: please use '-Uvh' and not '-i'. For information on installing Euca2ools as binary packages to Ubuntu, Debian, and OpenSUSE, see http://open.eucalyptus.com/wiki/Euca2oolsGuide_v1.1.
39
5.3 Image Management

To run VM instances in Eucalyptus, you must first add the VM images you download (or create) by bundling these images with your Eucalyptus credentials, then uploading and registering them. Euca2ools provides commands that let you perform these steps and other important tasks in Eucalyptus. (Note that while all users may upload and register images, the Eucalyptus administrator can control which images a user can access, and only the administrator has the required permissions to upload/register kernels or ramdisks.) 5.3.1 Adding Images To enable a VM image as an executable entity, the Eucalyptus administrator must add a root filesystem image and a kernel/ramdisk pair5 (ramdisk may be optional) to Walrus (bucket storage) and register the uploaded data with Eucalyptus. Each image is added to Walrus and registered with Eucalyptus separately, using three EC2-compatible commands. The following example uses the provided test image (unpack it to any directory): Add the root filesystem image to Walrus: euca-bundle-image -i <vm image file> euca-upload-bundle -b <image bucket> -m /tmp/<vm image file>.manifest.xml euca-register <image bucket>/<vm image file>.manifest.xml Next, add the kernel to Walrus and register it with Eucalyptus (WARNING: your bucket6 names must not end with a slash!): euca-bundle-image -i <kernel file> --kernel true euca-upload-bundle -b <kernel bucket> -m /tmp/<kernel file>.manifest.xml euca-register <kernel-bucket>/<kernel file>.manifest.xml If the administrator would like to add a kernel/ramdisk pair, the procedure is similar to the above (our test kernel does not require a ramdisk to boot) : euca-bundle-image -i <initrd file> --ramdisk true euca-upload-bundle -b <initrd bucket> -m <initrd file>.manifest.xml euca-register <initrd bucket>/<initrd file>.manifest.xml
kernel/ramdisk pair ramdisk contains drivers that direct the kernel to launch appropriate system files when instantiating a virtual machine. 6 bucket A storage container that accepts objects via PUT and GET commands.
5
40
5.3.2 Associating kernels and ramdisks with VM instances There are three ways that one can associate a kernel (and ramdisk) with a VM instance. 1. A user may associate a specific kernel/ramdisk identifier with an image at the 'euca-bundle-image' step: euca-bundle-image -i <vm image file> --kernel <eki-XXXXXXXX> --ramdisk <eri-XXXXXXXX> 2. A user may choose a specific kernel/ramdisk at instance run time as an option to 'euca-run-instances' euca-run-instances --kernel <eki-XXXXXXXX> --ramdisk <eri
XXXXXXXX> <emi-XXXXXXXX>
3. The administrator can set 'default' registered kernel/ramdisk identifiers that will be used if a kernel/ramdisk is unspecified by either of the above options. This is accomplished by logging in to the administrative interface (https://your.cloud.server:8443), clicking on the 'Configuration' tab, and adding an <eki-xxxxxxxx> and optionally an <eri-xxxxxxxx> as the respective kernel/ramdisk defaults to be used.
5.3.3 Deleting Images To delete an image, you must first de-register the image:
euca-deregister <emi-XXXXXXXX> Then, you can remove the files stored in your bucket. Assuming you have sourced your 'eucarc' to set up EC2 client tools: euca-delete-bundle -a $EC2_ACCESS_KEY -s $EC2_SECRET_KEY --url $S3_URL -b <bucket> -p <file prefix> If you would like to remove the image and the bucket, add the '--clear' option: euca-delete-bundle -a $EC2_ACCESS_KEY -s $EC2_SECRET_KEY --url $S3_URL -b <bucket> -p <file prefix> --clear
41
5.3.4 Bundling images The euca-bundle-image command lets you bundle7 an image for use with Eucalyptus or Amazon. A bundled image consists of an XML manifest file and several image parts. The manifest file contains metadata that references the image. The image file is separated into multiple parts to facilitate ease of uploading. When you bundle an image file, the manifest file and image files are stored by default in the /tmp (or $TMPDIR) directory. For example, to bundle an image "image.img" for user id "123456789111" in the directory "image-dir" use: euca-bundle-image -i image.img -u 12345678111 -d image-dir If you wish to specify credentials separately, where "cert-xyz.pem" and "pk- xyz.pem" are the user certificate and private key PEM files, respectively: euca-bundle-image -i image.img -u 123456789111 -d image-dir -c cert-xyz.pem -k pk-xyz.pem To bundle an image for use with Amazon, make sure you locate the Amazon ec2 cert file that is provided as part of the EC2 AMI tools. This file is generally located in $EC2_AMITOOL_HOME/etc/ec2/amitools/cert-ec2.pem
euca-bundle-image -i image.img -u 123456789111 -d image-dir -c cert-abc.pem -k pk-abc.pem --ec2cert $EC2_AMITOOL_HOME/etc/ec2/amitools/cert-ec2.pem
Make sure that the "cert-abc.pem" and "pk-abc.pem" files in the above example are your Amazon credentials (not your Eucalyptus credentials). 5.3.5 Uploading an image To upload an image bundled with "euca-bundle-image" you can use "euca-upload- bundle." For example, to upload the bundle corresponding to the manifest "image.img.manifest.xml" to the bucket "image-bucket," input the following command:
Bundling a virtual machine image actually separates the image into multiple image parts to facilitate ease of uploading. It also generates an XML manifest file containing metadata referencing the image, including image parts and kernel, which is used to assemble instances of the image.
7
42

euca-upload-bundle -b image-bucket -m image.img.manifest.xml
5.3.6 Registering an image Bundled images that have been uploaded to the cloud need to be registered with the cloud prior to running instances. For example, to register a bundled image referenced by the manifest file "image.img.manifest.xml" that has been uploaded to the bucket "image-bucket," input the following command: euca-register image-bucket/image.img.manifest.xml 5.3.7 Downloading an image Bundled images that have been uploaded may also be downloaded and deleted from the cloud. For example, to download the image(s) that have been uploaded to the bucket "image-bucket" you may use the following command: euca-download-bundle -b image-bucket
5.3.8 Deleting a bundled image To delete a bundled image, use the euca-delete-bundle command. For example, to delete the images in bucket "image-bucket," input the following command: euca-delete-bundle -b image-bucket You can also specify a manifest using the "-m" or "--manifest" argument if you wish to delete a specific bundle. To delete the bucket after deleting the bundled image:
euca-delete-bundle -b image-bucket --clear
A bucket can only be deleted when it is empty.

43
5.3.9 Unbundling an image To unbundle8 a previously bundled image, use the euca-unbundle command. For example, to unbundle the bundled image referenced by the manifest "image.img.manifest.xml" to the directory image-dir, use the following command:
euca-unbundle -m image.img.manifest.xml -d image-dir

Unbundling is necessary if you wish to share an image with additional users whose credentials were not included when an image was initially bundled.
8
44
5.4 Virtual Machine (VM) Control
Eucalyptus allows users to control virtual machine instances using uploaded images as a template. The following commands can be used to control VM instances. 5.4.1 Displaying currently running instances To display a list of all currently running instances:
euca-describe-instances
To get information about a specific instance, you can use the instance id as an argument to a euca-describe-instances query, for example:
euca-describe-instances i-43035890
5.4.2 Running instances The euca-run-instances command lets you deploy VM instances of images that have been previously uploaded to Eucalyptus. For example, to run an instance of the image with id "emi-53444344" with the kernel "eki-34323333" the ramdisk "eri-33344234" and the keypair "testkey" you can use the following command: euca-run-instances -k testkey --kernel eki-34323333 --ramdisk eri-33344234 emi-53444344 To run more than one instance, you may use the "-n" or "--instance-count" option. 5.4.3 Shutting down instances You may shut down running instances using the euca-terminate-instances command. For example, to terminate an instance "i-34523332" enter the following: euca-terminate-instances i-34523332
45
5.4.4 Rebooting instances To reboot running instances, you can use the euca-reboot-instances command. For example, to reboot the instance "i-34523332," input the following: euca-reboot-instances i-34523332 A reboot will preserve the root filesystem for the instance across restarts.
46
5.5 Networking and Security

Eucal2ools provides commands for managing virtual network access and security, including tools that let you dynamically assign IP addresses to VM instances, create security groups9, and add networking rules to security groups. 5.5.1 Allocating and associating IP addresses The euca-allocate-address and euca-associate-address commands let you allocate IP addresses and associate public IP addresses with instances, respectively. For example, to allocate an IP address and associate it with the instance "i- 56785678: euca-allocate-address ADDRESS a.b.c.d euca-associate-address -i i-56785678 a.b.c.d 5.5.2 Disassociating and releasing addresses You may use euca-disassociate-address and euca-release-address to disassociate an IP address from an instance and to release the IP address to the global pool. For example, to release and disassociate the address "a.b.c.d":
euca-disassociate-address a.b.c.d euca-release-address a.b.c.d
5.5.3 Creating a security group You can create a security group using the euca-add-group command. For example, to create a group named "mygroup": euca-add-group -d "mygroup description" mygroup You can also create a security group when running VM instances with the eucarun-instances command using the "-g" parameter.
9
Security groups let you apply ingress rules to isolate and control network access to VM instances. Not for resale. Not for redistribution. Copyright 2010 Eucalyptus Systems, Inc.
47
5.5.4 Adding networking rules to security groups By default, a security group denies incoming network traffic from all sources. You may add networking related rules to security groups using the euca-authorize command. For example, to allow all incoming SSH (port 22)10 traffic access to the security group "mygroup," use the euca-authorize command and specify parameters for a protocol (tcp), a port (22), and a CIDR11 source network (0.0.0.0/0, which refers to any source): euca-authorize -P tcp -p 22 -s 0.0.0.0/0 mygroup Instead of specifying a CIDR source, you can specify another security group, which allows port 22 connections to and from the other security group, as follows: euca-authorize --source-group someothergroup --source-group user someotheruser -P tcp -p 22 mygroup 5.5.5 Revoking networking rules from security groups Revocation works the same as addition (i.e. the command takes the same parameters). To revoke networking rules from a security group, use the eucarevoke command, as follows:
euca-revoke -P tcp -p 22 -s 0.0.0.0/0 mygroup
5.5.6 Deleting a security group You may use the euca-delete-group command to delete a security group. For example, to delete the security group "mygroup, input the following:
euca-delete-group mygroup

SSH (port 22) - SSH is the Linux/Unix secure shell command. Used for secure log in to shell accounts on remote machines. TCP port 22 is the assigned standard port for contacting SSH servers. 11 CIDR CIDR (Classless Inter-Domain Routing) is a scalable methodology for allocating IP addresses and routing Internet Protocol packets.
10
48
5.6 Using Dynamic Block Volumes (Block Storage)
Eucalyptus lets you create dynamic block volumes, which are analogous to raw block storage devices. Once you have created a volume, you can attach it to a VM instance, create a filesystem on top of the attached volume (aka formatting), and mount it inside the instance as a block device. You can also detach volumes, delete volumes, create instantaneous snapshots12 from volumes, and create new volumes from snapshots. (Eucalyptus dynamic block volumes emulate and are interface compatible with AWS elastic block store. Hence you can use either Euca2ools or EC2 commands to interact with Eucalyptus dynamic block volumes.) 5.6.1 Creating a volume You can create a new volume using the euca-create-volume command. When you create a volume you must specify a volume size (e.g. 1 GB) and availability zone13 name. Users can create volumes of any size up to the maximum size limit set by the system administrator. To create a volume: 1. Query the system to view information about current availability zones: euca-describe-availability-zones 2. Identify the name of the availability zone where you wish the new volume to reside (Figure 5.1):
Figure 5.1 Output of euca-describe-availability-zones query showing availability zone name wind and corresponding IP address.
3. Create a volume, where size is the size of the volume you wish to create, and z is the name of the availability zone where you wish the volume to reside, as follows: euca-create-volume --size <size of volume> -z <name of availability zone>
Snapshot- A snapshot is a copy of the total existing state of a volume. In Eucalyptus, you can create snapshots from a volume then create an entirely new volume from that snapshot. 13 Availability zones refer to subsets of the cloud that share a local area network. Each availability zone has its own cluster controller and storage controller.
12
49
4. Query the system to view information about your volumes and confirm that your new volume is available (Figure 5.2), as follows: euca-describe-volumes
Figure 5.2 Output of euca-describe-volumes query showing information about a volume, including volume ID, size, availability, date, and time.
5.6.2 Creating a volume from a snapshot You can also create a volume from an existing snapshot. For example, to create a volume from the snapshot "snap-33453345" in the zone "myzone" try the following command: euca-create-volume --snapshot snap-33453345 -z myzone 5.6.3 Attaching a volume to an instance You may attach block volumes to instances using the euca-attach-volume command. You will need to specify a local block device name (this will be used inside the instance) and the instance identified. For example, to attach a volume "vol-33534456" to the instance "i-99838888" at "/dev/sdb" use the following command: euca-attach-volume -i i-99838888 -d /dev/sdb vol-33534456 Note that a volume can be attached to only one instance at a given time. 5.6.4 Detaching a volume To detach a previously attached volume, use the euca-detach-volume command. For example, to detach the volume "vol-33534456," input the following: euca-detach-volume vol-33534456 WARNING: You must detach a volume before terminating an instance or deleting a volume. If you fail to detach a volume, it may leave the volume in an inconsistent state and you risk losing data.
50
5.6.5 Deleting a volume To delete a volume, use the euca-delete-volume command. For example, to delete the volume "vol-33534456" use the following command: euca-delete-volume vol-33534456 Note that you can only delete volumes that are not currently attached to instances. 5.6.6 Creating a snapshot The euca-create-snapshot command lets you create an instantaneous snapshot of a volume. A volume could be attached and in use during a snapshot operation. For example, to create a snapshot of the volume "vol-33534456, input the following command: euca-create-snapshot vol-33534456 5.6.7 Deleting a snapshot To delete a snapshot, use the euca-delete-snapshot command. For example, to delete the snapshot snap-33453345, input the following command: euca-delete-snapshot snap-33453345
51
52
Glossary
Glossary
ami- Abbreviation for Amazon Machine Image. Used as a prefix in naming Amazon machine image files. ATA (Advanced Technology Attachment) - Computer bus technology used primarily for transferring data to and from hard drives. availability zones An availability zone for Amazon denotes a large subset of their Cloud environment. Within Eucalyptus, we refine this definition to denote a subset of the cloud that shares a local area network. Each availability zone has its own cluster controller and storage controller. Administrators can view detailed information on availability zones with the following command: euca-describe-availability-zones verbose bridge names: To properly configure Eucalyptus networking modes you must specify the correct bridge name for your system. Bridge names for systems using Xen or KVM hypervisors include the following: Xen 3.2: eth0; Xen 3.0 or earlier: xenbr0; kvm: br0 bucket A bucket is a storage container that stores objects. Objects are added or removed from a bucket via the PUT and GET commands. Any number of objects can be added to a bucket up to the maximum storage capacity of the bucket. bundling Bundling prepares a VM image to be uploaded into the cloud. (Before you can run an instance you must first bundle the image (euca-bundle-image); then upload the bundled image (euca-upload-bundle). Bundling an image separates the image into multiple image parts and generates an XML manifest file containing metadata about the image. When you run an instance of the image (euca-run-instances manifest.xml), Eucalyptus uses the manifest file to reference image parts and kernel in assembling the virtual machine. cloudburst Cloudburst refers to the capability for private cloud users to extend beyond the enterprise firewall and access computing resources in the public cloud. Eucalyptus hybrid cloud capability lets users seamlessly cloudburst into the AWS public cloud should additional resources be required. cluster - In Eucalyptus, a cluster is a physical collection of a number of resources within single network segment. Each cluster contains a Cluster Controller, Storage Controller and a number of computer resources. An availability zone is a virtual abstraction of a cluster.
Glossary
53
command-line tools (e.g., Euca2ools)- Text commands that let you control and manage VMs and other Eucalyptus cloud operations via a standard Terminal interface window. credentials Credentials refer to data values that are used to authenticate a user. Credentials can be provided in some cases by certificates and in other cases by keypairs. daemon - A daemon is a process that runs in the background to perform a specific function or system task. The CLC, CC, etc. are daemons that are part of the Eucalyptus Cloud environment. ElasticFox ElasticFox is an add-on for Firefox that lets you configure and manage both Amazon EC2 and Eucalyptus accounts through a graphical interface. eki- - Abbreviation for Eucalyptus Kernel Image. Used as prefix in naming Eucalyptus kernel image files. emi- Abbreviation for Eucalyptus Machine Image. Used as prefix in naming Eucalyptus machine image files. eri- - Abbreviation for Eucalyptus Ramdisk Image. Used as prefix in naming Eucalyptus ramdisk image files. eucarc The eucarc file is a resource configuration file included with the credentials zip-file you download through the Eucalyptus Web interface. Before you can run Euca2ools against Eucalyptus you must first source the eucarc file via a ssh-compatible shell (by entering . eucarc at the command line). By sourcing this file, a set of environment variables is defined to provide user-specific information to Euca2ools command line tools. front-end The front-end refers to the physical machine that hosts the Cloud Controller (CLC) and in most cases the Cluster Controller (CC) components. As such, the front end is the entry point into the cloud providing an interface through which underlying virtualized resources (servers, network, and storage) can be evaluated and managed. hypervisor A hypervisor (e.g., Xen, KVM) is a piece of software that enables multiple operating systems to run concurrently on a single host computer. Type 1 (aka native or bare-metal) hypervisors, including Xen, run directly on a host machines hardware. KVM (Kernel-based Virtual Machine) is a variation on a Type 1 hypervisor that embeds in a platforms firmware. This way KVM transforms the Linux kernel into a hypervisor. Type 2 hypervisors are software applications that allow multiple operating systems to run on top of conventional operating systems.
54
Glossary
instance An instance refers to an actively running virtual machine. Instances are deployed by instantiating virtual machine images. Multiple identical VM instances can be instantiated from a single virtual machine image. instantiate (aka running instances) Instantiate refers to the process of deploying a running virtual machine instance from an encrypted virtual machine image. To instantiate a virtual machine image in Eucalyptus use the following command:
euca-run-instances k <private key) n <number> <emi-id>
kernel The kernel is the central software component of a computer operating system. Kernels facilitate the functioning of application programs; and they bridge application processes with underlying data processing and management functions performed at the computer hardware level. keypair Keypairs are used in Eucalyptus to authenticate a users identity. Before running a VM instance, you must first create a keypair as follows:
euca-add-keypair mykey >mykey.private
A pair of keys are created; one public key and one private key. The public key, mykey is stored in Eucalyptus. The private key mykey.private is stored within a file on a local machine. After creating a keypair, you must change access permissions to enable the private key in your local directory as follows:
chmod 0600 mykey.private
(Note: Use the file mykey.private when logging into VMs via the ssh command) KVM (Kernel-based Virtual Machine) KVM is a Linux kernel-based hypervisor that supports the instantiation of virtual machine instances and other virtualized computing resources. libvirt libvirt is a library, accessible via a C API. The library manages and supports the virtualization capabilities of Linux and other operating systems. libvirt virsh Command-line utility used for managing user domains via the libvirt library. Linux Linux refers to Unix-like operating systems based on the open source Linux kernel. Standard distributions of Linux include Ubuntu, CentOS, RHEL, OpenSUSE, Debian and Fedora. Most Linux distributions can be downloaded for free over the Internet.
Glossary
55
manifest file The manifest file (manifest.xml) is a file generated when bundling images prior to uploading them to the cloud. The manifest file contains metadata used by Eucalyptus to reference associated image parts and kernel when instantiating a virtual machine. networking mode: Networking modes, including SYSTEM, STATIC, MANAGED, and MANAGED-NOVLAN, offer the administrator varying degrees of control over VM network access and security. Each mode contains a unique set of configuration parameters and features. System mode is the default mode. Managed mode offers the greatest number of network configurable features. node A node is a single physical machine on which any number of VM instances can be hosted and managed. In Eucalyptus, the Node Controller (NC) executes on each node designated for hosting VM instances. The NC manages all VM operations on a particular node via query and control requests from the Eucalyptus Cluster Controller. open source - open source refers to software source code that is human-readable (as opposed to machine-readable) and thus open to use and change as desired by the general public. Due to open sources unrestricted and highly malleable quality, Linux-based open source operating systems have become the platform of choice for many IT organizations, as well as a very active and innovative open source developer community. persistent data persistent data refers to data that remains in an unchanged state regardless of the change in state of the software or processes that created that data. PEM (Privacy Enhanced Mail) PEM is an ASCII Base64 encryption format frequently used for creating standard X.509 digital certificates and public keys. ramdisk ramdisk contains a set of drivers loaded temporarily into memory that instructs the kernel to launch appropriate system files when instantiating a virtual machine. reservation In Eucalyptus, a reservation refers to an ID tag that is created each time one or more VM instances are instantiated using the euca-run-instances command. You can view reservation ID tags associated with VM instances by querying the system with the euca-describe-instances command. REST REST (Representational State Transfer) is an HTTP-based query method used by Web services that uses encoded representational messages to conduct client-server (request and response) interactions. Rest/Query APIs use common directory-like URLs containing these encoded messages to prescribe specific service requests and subsequent responses returned in any number of formats, including HTML, XML, media files, etc.
56
Glossary
root directory In Unix-based operating systems that use a hierarchical file system, root is the directory containing all other directories within a file system. The root directory in Unix-based systems is represented with a forward slash (/). RPM RPM is a software package file format used by Linux distributions. Initially developed by Red Hat for Red Hat Linux (RHEL), RPM is now used by many Linux- based open source distributions, including Centos, OpenSUSE, Fedora, and others. security group A security group is a set of VM instances that allow an administrator to control access to and usage of the associated VMs. SLA (Service Level Agreement) An SLA is an agreement that formally defines a measurable degree of service a customer can expect from a service provider. SLAs are frequently used to specify minimum and/or target levels of availability, performance, operation, and other service-related attributes, including accounting and billing. SOAP (Simple Object Access Protocol) SOAP is a structured messaging protocol used by Web services to exchange data over computer networks. SOAP messages generally rely on XML and HTTP protocols for message specification, transmission, and negotiation. source code source code refers to the original human-readable computer program written by a programmer in any programming language. To execute a program its source code must be compiled and translated into machine-readable code understood by computers. sourcing a file (. eucarc) - When a file is sourced (by typing either source filename or . filename at the command line), the lines of code in the file are executed as if they were entered at the command line. Sourcing the eucarc file (Eucalyptus resource configuration file) establishes necessary environmental variables and validates required user authentications for your Eucalyptus cloud. SSH (TCP, port 22) The Unix/Linux shell is used to make a secure connection between two network devices. By default, SSH utilizes TCP port 22. snapshot A snapshot is a copy of the total existing state of a volume. Eucalyptus lets you create instantaneous snapshots of a volume (euca-create-snapshot <vol-xxxxxxxx>). You can then create a new volume (with identical file system and/or data) from that snapshot (euca-create-volume --snapshot <snapshot id> -z <zone). YUM (Yellowdog Updater, Modified) YUM is a metapackage management utility that computes dependencies and implements processes that install and maintain RPM based Linux distributions.
Glossary
57
Ubuntu Enterprise Cloud The Ubuntu Enterprise Cloud (UEC) is an open source cloud computing platform included with the Ubuntu Linux distributions. The Eucalyptus open source software core is the key component of UEC. virtual machine image A virtual machine image provides the root file system for a virtual machine instance. Machine images can be created from a variety of Linux operating systems, including Ubuntu, Centos, RHEL, OpenSUSE, Debian, and Fedora. You can create your own images or use one of the pre-made images available from the Eucalyptus Web interface or a variety of other sources. virtual network A virtual network is an abstraction of a computer network that combines hardware and software network resources and network functionality into a single, software-based administrative entity. virtualization Virtualization is a general term that refers to the abstraction of computer resources in software (or a combination of software and hardware). virtual machine (VM) A virtual machine is an abstraction of computer hardware within software. As such, virtual machines execute programs as if they were actual physical machines. Web service A Web service is a software system that supports automated machine-to-machine interaction over a network. Web services use interfaces described in Web Services Description Language (WSDL). Other systems interact with Web services using SOAP or REST messages via HTTP with XML and other web-related standards.

58

Comments, questions, or suggestions for this User Guide? Please write us at documentation@eucalyptus.com. Thank you!

EucalyptusUserGuide v1 Final 03 23

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

EucalyptusUserGuide v1 Final 03 23

Uploaded by

Copyright:

Available Formats

Eucalyptus

Cloud Computing Platform User Guide

Eucalyptus Systems, Inc.

Eucalyptus 1.6 User Guide

Eucalyptus 1.6 User Guide

Part I - Introduction to Cloud Computing

Part I - Introduction to Cloud Computing

Who should read Part I?

Part I discusses these topics:

Eucalyptus 1.6 User Guide

The IT Balancing Act: Increasing Innovation, Decrease Spending

What is Cloud Computing?

Cloud Computing: Improved Efficiencies

Part I - Introduction to Cloud Computing

The Efficiency Benefits of Cloud Computing

Eucalyptus 1.6 User Guide

Understanding Cloud Types

Part I - Introduction to Cloud Computing

About Cloud Service Styles

Part I - Introduction to Cloud Computing

Private Clouds: The Benefits of Automated Self-service

The Role of Open Source

Part One Introduction to Cloud Computing

Section 2: The Eucalyptus Open Source Private Cloud

Carefully engineered for compatibility

Eucalyptus 1.6 User Guide

Section 2: The Eucalyptus Open Source Private Cloud

Part One Introduction to Cloud Computing

Eucalyptus 1.6 User Guide

Section 2: The Eucalyptus Open Source Private Cloud

Benefits of the Eucalyptus cloud

Part One Introduction to Cloud Computing

Part II Eucalyptus User Guide

Part II Eucalyptus User Guide

Who should read Part II?

Part II discusses these topics:

Eucalyptus 1.6 User Guide

Section 3: Using Eucalyptus

Section 3: Using Eucalyptus

3.1 Installing command-line tools

Eucalyptus 1.6 User Guide

Part II Eucalyptus User Guide

3.2 Signing up for an account

Section 3: Using Eucalyptus

Part II Eucalyptus User Guide

3.3 Obtaining Credentials

Section 3: Using Eucalyptus

Eucalyptus 1.6 User Guide

Part II Eucalyptus User Guide

3.4 Eucalyptus QuickStart

Section 3: Using Eucalyptus

Eucalyptus 1.6 User Guide

Part II Eucalyptus User Guide

Eucalyptus 1.6 User Guide

Section 3: Using Eucalyptus

Part II Eucalyptus User Guide

Section 4: Installing and Using ElasticFox

4.1 Installing ElasticFox

Section 4: Installing and Using ElasticFox

4.2 Configuring ElasticFox

Eucalyptus 1.6 User Guide

Part II Eucalyptus User Guide

4.3 Providing Credentials