Build Your Own Cloud with Eucalyptus
Although it's possible to make your own custom images to run on your cloud (see Resources for a link on bundling images), it's far easier to get one from the UEC “store” (Figure 2). Simply access the cloud controller at the URL https://<cloud-controller-ip-address>:8443/, enter your login and password, click the Store tab, and you'll be presented with the UEC Store. Just find an image you'd like to install (at the time of this writing, there are only three), and push the Install button. Your image will download and install to your cluster automagically. Once that's done, you'll get a How to Run? link under the grayed-out Install button. If you click that link, you'll get the exact command line that will instantiate, or start, your selected image.
Instantiating an image requires you to use the command line on the cloud controller (or wherever you installed your credentials). Before you run your first image, you've got to create an SSH keypair so you can log in to your instance as root once it's up and running. The key is stored and is common across all your instances, so this script needs to be run only once:
if [ ! -e ~/.euca/mykey.priv ]; then touch ~/.euca/mykey.priv chmod 0600 ~/.euca/mykey.priv euca-add-keypair mykey > ~/.euca/mykey.priv fi
Next, configure the cloud to allow port 22 access (SSH) inbound for all instances. The following command will allow SSH from any source IP:
euca-authorize default -P tcp -p 22 -s 0.0.0.0/0
Now, you can fire up your first image:
bill@falcon:~$ euca-run-instances emi-DF841070 -k mykey -t c1.medium RESERVATION r-3409079E admin admin-default INSTANCE i-46780864 emi-DF841070 0.0.0.0 0.0.0.0 pending mykey 2009-12-10T06:26:09.471Z eki-F59010E3 eri-0A2A115C
The first time you instantiate a particular image, it'll be slow to start. Eucalyptus caches the image on the node controller, so there's a sizable amount of data that's got to move to the node. You can keep tabs on the status of your image by running:
watch -n5 euca-describe-instances
You'll see two IP addresses listed in the output of the euca-describe-instances command. One will be an IP on your LAN, and the other will be a private IP. Once the instance is listed as “running”, you can ssh to it on the IP listed in the output. Note that it doesn't have a user account with a password on it, so you need to use the SSH key created earlier:
bill@falcon:~$ euca-describe-instances RESERVATION r-3409079E admin default INSTANCE i-46780864 emi-DF841070 192.168.1.170 172.19.1.2 running mykey 0 c1.medium 2009-12-10T06:26:09.471Z cluster1 eki-F59010E3 eri-0A2A115C bill@falcon:~$ bill@falcon:~$ ssh -i ~/.euca/mykey.priv firstname.lastname@example.org The authenticity of host '192.168.1.170' can't be established. ... Are you sure you want to continue connecting (yes/no)? yes ... Linux 172 2.6.31-14-server #48-Ubuntu SMP Fri Oct 16 15:07:34 UTC 2009 x86_64 ... System information as of Thu Dec 10 06:32:03 UTC 2009 System load: 0.0 Memory usage: 16% Processes: 70 Usage of /: 29.6% of 1.98GB Swap usage: 0% Users logged in: 0 ... ubuntu@172:~$
At this point, you're in your instance, and it's a fully functioning system. You can apt-get packages like apache or do further system configuration if you want. When you're done, you can exit your SSH session, and then terminate the instance by finding the instance ID from the output of the euca-describe-instances command (in the example above, it's i-46780864) and running euca-terminate-instances <instanceID>. Your instance will then shut down.
This article barely scratches the surface of what's possible with the Ubuntu Enterprise Cloud. Although it's less flexible than other virtualization technologies like VMware or VirtualBox, it is API-compatible with Amazon's EC2 service, and it allows you to build networks of virtual machines far beyond what's possible with conventional virtualization solutions. If you require a scalable network of virtual systems that can be instantiated and terminated dynamically, the Ubuntu Enterprise Cloud and Eucalyptus are for you.
Bill Childers is the Virtual Editor for Linux Journal. No one really knows what that means.
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide
- Ubuntu Online Summit
- Devuan Beta Release
- The Qt Company's Qt Start-Up
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- May 2016 Issue of Linux Journal
- The US Government and Open-Source Software
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- BitTorrent Inc.'s Sync