Deploy OpenNebula 5.0 Centos 7 basic bridge lab

We will deploy Opennebula 5.0 as POC based on CentOS 7. Our deployment will consist of one front end system called front.local and one KVM hosts called back.local.

this type of installation only suitable for LAB environment and should not be deployed as production system. It lucks security and any redundancy.


Prerequisites
On each system install CentOS 7 minimal. front.local can be virtual or physical system.
On each system
Disable selinux

vi /etc/selinux/config
selinux=disabled

Disable firewalld

systemctl disable firewalld

Setup host file

vi /etc/hosts
x.x.x.x     front.local
y.y.y.y      back.local   

Run updates

yum update -y 

On back.local system we will need at least 2 NIC cards with 2 network connections. For testing purpuses we will leave them on the same network. One of the NIC’s will be part of the bridge and in our case called eno3. It will be setup as follows
Bridge

vi /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
BOOTPROTO=static
IPADDR=x.x.x.x
NETMASK=255.255.255.0
ONBOOT=yes
TYPE=Bridge

eno3

vi /etc/sysconfig/network-scripts/ifcfg-eno3
DEVICE=eno3
HWADDR=A4:BA:xB:x3:E6:18
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
BRIDGE=br0

Front-end Installation
1. Add OpenNebula repository

cat << EOT > /etc/yum.repos.d/opennebula.repo
[opennebula]
name=opennebula
baseurl=http://downloads.opennebula.org/repo/5.0/CentOS/7/x86_64
enabled=1
gpgcheck=0
EOT

2. Activate EPEL repo

yum install epel-release -y

3. Install OpenNebula front-end

yum install opennebula-server opennebula-sunstone opennebula-ruby opennebula-gate opennebula-flow

4. Install Ruby-runtime

/usr/share/one/install_gems

note: make sure you select >> 1. CentOS/RedHat/Scientific
5. Setup admin password

su oneadmin
cd
echo "oneadmin:mypassword" > ~/.one/one_auth

6. Start the services

service opennebula start
service opennebula-sunstone start

7. At this point you should be able to access Sunstone
http://front.local:9869

Back.local KVM host installation
1. Add OpenNebula repository

cat << EOT > /etc/yum.repos.d/opennebula.repo
[opennebula]
name=opennebula
baseurl=http://downloads.opennebula.org/repo/5.0/CentOS/7/x86_64
enabled=1
gpgcheck=0
EOT

2. Install the node package and restart libvirt

yum install opennebula-node-kvm -y
service libvirtd restart

This step is very important. We will need to configure passwordless login via SSH on both servers
On front-end server

ssh-keyscan front.local back.local >> /var/lib/one/.ssh/known_hosts
# front.local SSH-2.0-OpenSSH_6.6.1
# front.local SSH-2.0-OpenSSH_6.6.1
# back.local SSH-2.0-OpenSSH_6.6.1
# back.local SSH-2.0-OpenSSH_6.6.1

copy the directory /var/lib/one/.ssh to all the nodes

[root@front ~]# scp -rp /var/lib/one/.ssh front.local:/var/lib/one/
The authenticity of host 'front.local (x.x.x.x)' can't be established.
ECDSA key fingerprint is 39:2f:d0:4c:76:12:0c:45:95:6e:23:55:30:3f:bd:45.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'front.local,x.x.x.x' (ECDSA) to the list of known hosts.
root@front.local's password: 
id_rsa                                        100% 1675     1.6KB/s   00:00    
id_rsa.pub                                    100%  402     0.4KB/s   00:00    
authorized_keys                               100%  402     0.4KB/s   00:00    
known_hosts                                   100% 1130     1.1KB/s   00:00    
[root@front ~]# scp -rp /var/lib/one/.ssh back.local:/var/lib/one/
The authenticity of host 'back.local (y.y.y.y)' can't be established.
ECDSA key fingerprint is fd:45:61:86:aa:c0:a2:e9:7c:0a:0f:e8:93:71:d2:b4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'back.local,y.y.y.y' (ECDSA) to the list of known hosts.
root@back.local's password: 
id_rsa                                        100% 1675     1.6KB/s   00:00    
id_rsa.pub                                    100%  402     0.4KB/s   00:00    
authorized_keys                               100%  402     0.4KB/s   00:00    
known_hosts                                   100% 1130     1.1KB/s   00:00    
[root@front ~]# 

Note: You have to make sure /var/lib/one/.ssh directory and all files inside owned by oneadmin on both servers. In case you need to run it.

chown oneadmin:oneadmin /var/lib/one/.ssh

BY default uses the local storage of the Front-end to store Images, and the local storage of the hypervisors as storage for the running VMs.

Adding KVM host to Opennebula
This can be done from Sunstone or CLI interface. We will add it from CLI.
Run this command on front.local

onehost create back.local -i kvm -v kvm
ID: 0

Make sure back.local is added and in on state

 onehost list
  ID NAME            CLUSTER   RVM      ALLOCATED_CPU      ALLOCATED_MEM STAT  
   0 back.local      default     0      0 / 1600 (0%)    0K / 11.6G (0%) on

Setup Networking
In Sunstone under Network – Virtual Networks add your network with bridge name br0 as we created.
Opennebula network
Opennebula network2

Using NFS
1. Create NFS shares with no_root_squash option.

2. On front and back servers install nfs client

 yum install nfs-utils

3. Enable rpcbind to start on boot

systemctl enable rpcbind
systemctl start rpcbind

3. Add the following to your fstab file on front and all your KVM hosts. In some cases you may need to move folders from datastore to nfs share. (In this example storage.Local is the name of NFS server and vms is NFS share )

storage.local:/vms /var/lib/one/datastores nfs rsize=32768,wsize=32768,soft,intr

 
KVM Contextualization
Lets pre-pair virtual image for Centos 7 vm.


wget https://github.com/OpenNebula/addon-context-linux/releases/download/v5.0.1/one-context_5.0.1.rpm


rpm -Uvh one-context*rpm
yum install -y epel-release
yum install ruby # only needed for onegate command
yum install -y cloud-utils-growpart

Now we need to shutdown this image and transfer to OpenNebula