Amazon EC2 Driver 4.0
Considerations & Limitations
You should take into account the following technical considerations when using the EC2 cloud with OpenNebula:
- There is no direct access to the dom0, so it cannot be monitored (we don't know where the VM is running on the EC2 cloud).
- The usual OpenNebula functionality for snapshotting, restoring, or migration is not available with EC2.
- By default OpenNebula will always launch small instances, unless otherwise specified.
Please refer to the EC2 documentation to obtain more information about Amazon instance types and image management:
VM templates with a EC2 section cannot define local disks (DISK=..), since this will trigger the TM drivers even if the VM is placed in a EC2 host.
EC2 Configuration
You must have a working account for AWS and signup for EC2 and S3 services, and also download and unpack the EC2 API tools provided, do some manual test to verify everything works before start configuring OpenNebula for EC2 support.
Please note that EC2 has to be installed only in the cluster front-end.
Driver Files
The driver consists of the following files:
/usr/lib/one/mads/one_im_ec2.rb: This file is accessed by the Information Manager to get the maximum memory and cpu constraints for EC2 allocations.
/usr/lib/one/mads/one_vmm_ec2.rb: This is the main ruby program file that invokes EC2 actions like deploy, shutdown…
/etc/one/im_ec2/im_ec2.conf: In this file we define the maximum capacity that we want to allocate in EC2.
# Max number of instances that can be launched into EC2 SMALL_INSTANCES=5 LARGE_INSTANCES= EXTRALARGE_INSTANCES=
/etc/one/vmm_ec2/vmm_ec2.conf: In this file we define default configurations for the VM placed in EC2, for example the “instancetype” attribute.
<!-- Default configuration attributes for the EC2 driver (all domains will use these values as defaults) Valid atributes are: - ec2[keypair,authorizedports,instancetype] Use XML syntax to specify defaults, note elements are UPCASE Example: <TEMPLATE> <EC2> <KEYPAIR>gsg-keypair</KEYPAIR> <AUTHORIZEDPORTS>22</AUTHORIZEDPORTS> <INSTANCETYPE>m1.small</INSTANCETYPE> </EC2> </TEMPLATE> --> <TEMPLATE> <EC2> <INSTANCETYPE>m1.small</INSTANCETYPE> </EC2> </TEMPLATE>
/etc/one/vmm_ec2/vmm_ec2rc: In this file we configure the account that will be used to launch instances on EC2, these are the environment variables needed by the EC2 API.
Configuration
OpenNebula Configuration
Uncomment the EC2 IM and VMM drivers from /etc/one/oned.conf file in order to use the driver.
IM_MAD = [ name = "ec2", executable = "one_im_ec2", arguments = "im_ec2/im_ec2.conf" ] VM_MAD = [ name = "ec2", executable = "one_vmm_ec2", arguments = "<ec2_configuration_options> vmm_ec2/vmm_ec2.conf", type = "xml" ]
where <ec2_configuration_options> can be used to set up the EC2 environment. It can be any number of the following flags, each corresponding to one EC2 environmental variable:
| FLAG | SETs |
|---|---|
| -u | EC2_URL |
| -h | EC2_HOME |
| -k | EC2_PRIVATE_KEY |
| -c | EC2_CERT |
For instance, the following line will make the driver use a specific certificate to communicate with EC2:
arguments = "-c /home/user/.ec2/ec2-cert.pem vmm_ec2/vmm_ec2.conf",
Make sure that the default configuration file (vmm_ec2.conf) is passed as the last argument.
After OpenNebula is restarted, you need to create a new cluster that will use a custom system datastore with “dummy” Transfer Manager drivers. To do so, follow these steps:
<xterm> $ cat system.ds NAME = ec2_ds TM_MAD = dummy SYSTEM = yes
$ onedatastore create system.ds ID: 100
$ onecluster create ec2 ID: 100
$ onecluster adddatastore ec2 ec2 </xterm>
Now create a new Host that uses the ec2 drivers, and add it to the new “ec2” cluster:
<xterm> $ onehost create ec2 –im ec2 –vm ec2 –net dummy –cluster ec2 </xterm>
Driver Configuration
Additionally you must configure the location of your EC2 certificates and EC2 API installation path, for this edit the file /etc/one/vmm_ec2/vmm_ec2rc and add:
EC2_HOME="<path_to_your_ec2_installation>" EC2_PRIVATE_KEY="<path_to_your_private_key>" EC2_CERT="<path_to_your_public_cert>"
Also you must configure the maximum capacity that you want OpenNebula to deploy on the EC2, for this edit the file /etc/one/im_ec2/im_ec2.conf , in this example we say that we want at much 4 small and 1 large instances launched into EC2:
# Max number of instances that can be launched into EC2 SMALL_INSTANCES=4 LARGE_INSTANCES=1 EXTRALARGE_INSTANCES=
EC2 Specific Template Attributes
| ATTRIBUTES | DESCRIPTION |
|---|---|
AMI | Unique ID of a machine image, returned by a call to ec2-describe-images. |
AKI | The ID of the kernel with which to launch the instance. |
BLOCKDEVICEMAPPING | Defines a block device mapping for the instance. |
CLIENTTOKEN | Unique, case-sensitive identifier you provide to ensure idempotency of the request. |
INSTANCETYPE | Specifies the instance type. |
KEYPAIR | The name of the key pair, later will be used to execute commands like ssh -i id_keypair or scp -i id_keypair |
LICENSEPOOL | –license-pool |
PLACEMENTGROUP | Name of the placement group. |
PRIVATEIP | If you're using Amazon Virtual Private Cloud, you can optionally use this parameter to assign the instance a specific available IP address from the subnet. |
RAMDISK | The ID of the RAM disk to select. |
SUBNETID | If you're using Amazon Virtual Private Cloud, this specifies the ID of the subnet you want to launch the instance into. This parameter is also passed to the command ec2-associate-address -i i-0041230 -a elasticip. |
TENANCY | The tenancy of the instance you want to launch. |
USERDATA | Specifies Base64-encoded MIME user data to be made available to the instance(s) in this reservation. |
USERDATAFILE | Specifies the filename of the user data to be made available to the instance(s) in this reservation. |
SECURITYGROUPS | Name of the security group. You can specify more than one security group (comma separated). |
ELASTICIP | EC2 Elastic IP address to assign to the instance. This parameter is passed to the command ec2-associate-address -i i-0041230 elasticip. |
AUTHORIZEDPORTS | For TCP or UDP, this specifies the range of ports to allow. You can specify more than one range of ports (comma separated). This parameter is passed to the command ec2-authorize default -p port, and must be in the form of a number “22” or a range “22-90”, |
TAGS | Key and optional value of the tag, separated by an equals sign ( = ).You can specify more than one tag (comma separated). This parameter is passed to the command ec2-create-tag i-0041230 -t tags. |
AVAILABILITYZONE | The Availability Zone in which to run the instance. |
For more information on these attributes check the official Amazon documentation
EC2 = [ AMI="ami-00bafcb5", KEYPAIR="gsg-keypair", ELASTICIP="75.101.155.97", AUTHORIZED_PORTS="22", INSTANCETYPE=m1.small]
Default values for all these attributes can be defined in the /etc/one/vmm_ec2/vmm_ec2.conf file.
Multi EC2 Site Support
It is possible to define various EC2 sites to allow opennebula the managing of EC2 availability zones or even the use of various private clouds offering EC2 interfaces.
To properly configure multiple EC2 sites, you need to follow these steps:
- define one VMM driver for each EC2 site, like:
VM_MAD = [ name = "vmm_amazon_eu_west", executable = "one_vmm_ec2", arguments = "-u https://eu-west-1.ec2.amazonaws.com vmm_ec2/vmm_ec2.conf", type = "xml" ]
- create a host that uses the MAD defined above. The EC2 site will be incarnated in this host for OpenNebula. We will use the EC2 IM driver, the ad-hoc defined VM mad and the system DS with dummy TM (all images for EC2 must have been uploaded previously on S3):
<xterm> $ onehost create ec2_eu_west –im ec2 –vm vmm_amazon_eu_west –net dummy –cluster ec2 </xterm>
- create a VM template with an EC2 section targeting the created EC2 site. OpenNebula uses the CLOUD attribute in the template's EC2 section for this purpose. You can create multiple EC2 sections so with one template you can define different AMIs depending on which host it is scheduled.
EC2 = [ CLOUD="ec2_eu_west", AMI="ami-0022c769", AUTHORIZED_PORTS="22" ] EC2 = [ CLOUD="ec2_eu_east", AMI="ami-03324cc9", AUTHORIZED_PORTS="22" ]
If you create another EC2 host called ec2_eu_east then you will have ami-0022c769 launched when this VM template is sent to host ec2_eu_west and ami-03324cc9 whenever the VM template is sent to host ec2_eu_east.
If only one EC2 site is defined, the EC2 driver will deploy all EC2 templates onto it, not paying attention to the CLOUD attribute.
Testing
You must create a template file containing the information of the AMIs you want to launch, its important to note that when deploying VMs on EC2 with OpenNebula, the template file should contain the attributes AMI and KEYPAIR used by the EC2 VMM Mad.
Additionally if you have an elastic IP address you want to use with your EC2 instances, you can specify it as an optional parameter.
CPU = 0.5 MEMORY = 128 #Xen or KVM template machine, this will be use when submitting this VM to local resources OS = [kernel="/vmlinuz",initrd= "/initrd.img",root="sda1" ] DISK = [ IMAGE_ID = 3 ] NIC = [ NETWORK_ID = 7 ] #EC2 template machine, this will be use wen submitting this VM to EC2 EC2 = [ AMI="ami-00bafcb5", KEYPAIR="gsg-keypair", ELASTICIP="75.101.155.97", AUTHORIZED_PORTS="22", INSTANCETYPE=m1.small] #Add this if you want to use only EC2 cloud #REQUIREMENTS = 'HOSTNAME = "ec2"'
You only can submit and control the template using the OpenNebula interface:
<xterm> $ onevm create ec2template </xterm>
Now you can monitor the state of the VM with
<xterm>
$ onevm list
ID USER GROUP NAME STAT CPU MEM HOSTNAME TIME 0 oneadmin oneadmin one-0 runn 0 0K ec2 0d 07:03
</xterm>
Also you can see information (like IP address) related to the amazon instance launched via the command
<xterm> $ onevm show 0 VIRTUAL MACHINE 0 INFORMATION ID : 0 NAME : one-0 STATE : ACTIVE LCM_STATE : RUNNING START TIME : 07/17 19:15:17 END TIME : - DEPLOY ID: : i-53ad943a
VIRTUAL MACHINE TEMPLATE EC2=[
AMI=ami-acc723c5, AUTHORIZED_PORTS=22 ]
IP=ec2-174-129-94-206.compute-1.amazonaws.com NAME=one-0 VMID=0 </xterm>