ungleich-k8s/apps/opennebula/README.md

## OpenNebula Chart

## Containers to do

- oned: main api
  - also needs ssh files
- scheduler
- mysql for data
- sunstone
- novnc
- nginx on 443

Storage:

- mysql pvc (prod: 65G!)

DB upgrade to be run when upgrading opennebula:

```
sh-4.4# onedb upgrade -S 127.0.0.1 -P 3306 -u root -d opennebula
```

## Tests / Migration


## Containers done

### Scheduler

Needs /etc/one/sched.conf.

[root@opennebula-opennebula-6cbb864798-txfhf one]# /usr/bin/mm_sched
Could not open file /root/.one/one_auth

```
[root@opennebula-opennebula-6cbb864798-txfhf one]# mkdir /root/.one
[root@opennebula-opennebula-6cbb864798-txfhf one]# vi /root/.one/one_auth
[root@opennebula-opennebula-6cbb864798-txfhf one]# /usr/bin/mm_sched
```


## DB cleanup

- via cronjob
- maybe 1/month

```
ALTER TABLE vm_pool DROP INDEX ftidx;
ALTER TABLE vm_pool ADD FULLTEXT INDEX ftidx (search_token);
```

## Oned

- Needs SSH keys
- Define secret and provide out-of-band?


## certbot for nginx

## nginx for sunstone

## Sunstone

templates: sunstone-server
    - needs ssl certificates access

files:

- /var/lib/one/.one/one_auth
- /var/lib/one/.one/sunstone_auth

Maybe via latent / hanging secret?

cmd:

```
mkdir -p /run/lock/one
mkdir -p /run/one
ruby /usr/lib/one/sunstone/sunstone-server.rb
```


``
[root@opennebula-opennebula-574c564b76-h6skt /]# sunstone-server  start
Error, check /var/log/one/novnc.log
Could not start novnc server
touch: cannot touch '/var/lock/one/.sunstone.lock': No such file or directory
Error creating lock file
VNC server is not running
[root@opennebula-opennebula-574c564b76-h6skt /]# mkdir -p /run/lock/one
[root@opennebula-opennebula-574c564b76-h6skt /]# sunstone-server  start
VNC proxy started
/usr/bin/sunstone-server: line 104: /var/run/one/sunstone.pid: No such file or directory
sunstone-server started
[root@opennebula-opennebula-574c564b76-h6skt /]#
```

```
SUNSTONE_CONF=/etc/one/sunstone-server.conf
``

- Starting novnc
-   ruby $SUNSTONE_SERVER > $SUNSTONE_LOG 2>$SUNSTONE_LOG_ERROR &

    SUNSTONE_PID=/var/run/one/sunstone.pid
    SUNSTONE_SERVER=/usr/lib/one/sunstone/sunstone-server.rb
    SUNSTONE_LOCK_FILE=/var/lock/one/.sunstone.lock
    SUNSTONE_LOG=/var/log/one/sunstone.log
    SUNSTONE_LOG_ERROR=/var/log/one/sunstone.error
    SUNSTONE_CONF=/etc/one/sunstone-server.conf
    NOVNC_SERVER=/usr/bin/novnc-server

- Memcached
- SSL cert

Sat Aug 07 11:54:42 2021 [E]: No such file or directory @ rb_sysopen - /var/lib/one/.one/sunstone_auth

serveradmin:...

Sat Aug 07 12:08:37 2021 [E]: Configuration of ':webauthn_origin' is missing

Provide the serveradmin and oneadmin credentials in the /var/lib/one/.one/.

### File upload

From the website:


If you want to upload files to OpenNebula, you will have to share the
uploads directory (/var/tmp by default) between Sunstone and
oned. Some servers do not take into account the TMPDIR environment
variable, in which case this directory must be defined in the
configuration file (:tmpdir). It may also be necessary to set it in
Passenger (client_body_temp_path).

We can probably do without it using the hostpath

## Fireedge

* Basically a guacamole viewer, which we already have

## Follow up

- Find out if DB can be cleaned up (65G is huge!)
  - https://docs.opennebula.io/6.0/installation_and_configuration/opennebula_services/database.html
[opennebula] initial commit 2021-08-10 19:29:40 +00:00			`## OpenNebula Chart`

			`## Containers to do`

			`- oned: main api`
			`- also needs ssh files`
			`- scheduler`
			`- mysql for data`
			`- sunstone`
			`- novnc`
			`- nginx on 443`

			`Storage:`

			`- mysql pvc (prod: 65G!)`

[opennebula] ++notes 2021-08-13 16:23:35 +00:00			`DB upgrade to be run when upgrading opennebula:`

			```
			`sh-4.4# onedb upgrade -S 127.0.0.1 -P 3306 -u root -d opennebula`
			```

			`## Tests / Migration`


[opennebula] initial commit 2021-08-10 19:29:40 +00:00			`## Containers done`

			`### Scheduler`

			`Needs /etc/one/sched.conf.`

			`[root@opennebula-opennebula-6cbb864798-txfhf one]# /usr/bin/mm_sched`
			`Could not open file /root/.one/one_auth`

			```
			`[root@opennebula-opennebula-6cbb864798-txfhf one]# mkdir /root/.one`
			`[root@opennebula-opennebula-6cbb864798-txfhf one]# vi /root/.one/one_auth`
			`[root@opennebula-opennebula-6cbb864798-txfhf one]# /usr/bin/mm_sched`
			```


			`## DB cleanup`

			`- via cronjob`
			`- maybe 1/month`

			```
			`ALTER TABLE vm_pool DROP INDEX ftidx;`
			`ALTER TABLE vm_pool ADD FULLTEXT INDEX ftidx (search_token);`
			```

			`## Oned`

			`- Needs SSH keys`
			`- Define secret and provide out-of-band?`


			`## certbot for nginx`

			`## nginx for sunstone`

			`## Sunstone`

			`templates: sunstone-server`
			`- needs ssl certificates access`

			`files:`

			`- /var/lib/one/.one/one_auth`
			`- /var/lib/one/.one/sunstone_auth`

			`Maybe via latent / hanging secret?`

			`cmd:`

			```
			`mkdir -p /run/lock/one`
			`mkdir -p /run/one`
			`ruby /usr/lib/one/sunstone/sunstone-server.rb`
			```


			``
			`[root@opennebula-opennebula-574c564b76-h6skt /]# sunstone-server start`
			`Error, check /var/log/one/novnc.log`
			`Could not start novnc server`
			`touch: cannot touch '/var/lock/one/.sunstone.lock': No such file or directory`
			`Error creating lock file`
			`VNC server is not running`
			`[root@opennebula-opennebula-574c564b76-h6skt /]# mkdir -p /run/lock/one`
			`[root@opennebula-opennebula-574c564b76-h6skt /]# sunstone-server start`
			`VNC proxy started`
			`/usr/bin/sunstone-server: line 104: /var/run/one/sunstone.pid: No such file or directory`
			`sunstone-server started`
			`[root@opennebula-opennebula-574c564b76-h6skt /]#`
			```

			```
			`SUNSTONE_CONF=/etc/one/sunstone-server.conf`
			``

			`- Starting novnc`
			`- ruby $SUNSTONE_SERVER > $SUNSTONE_LOG 2>$SUNSTONE_LOG_ERROR &`

			`SUNSTONE_PID=/var/run/one/sunstone.pid`
			`SUNSTONE_SERVER=/usr/lib/one/sunstone/sunstone-server.rb`
			`SUNSTONE_LOCK_FILE=/var/lock/one/.sunstone.lock`
			`SUNSTONE_LOG=/var/log/one/sunstone.log`
			`SUNSTONE_LOG_ERROR=/var/log/one/sunstone.error`
			`SUNSTONE_CONF=/etc/one/sunstone-server.conf`
			`NOVNC_SERVER=/usr/bin/novnc-server`

			`- Memcached`
			`- SSL cert`

			`Sat Aug 07 11:54:42 2021 [E]: No such file or directory @ rb_sysopen - /var/lib/one/.one/sunstone_auth`

			`serveradmin:...`

			`Sat Aug 07 12:08:37 2021 [E]: Configuration of ':webauthn_origin' is missing`

			`Provide the serveradmin and oneadmin credentials in the /var/lib/one/.one/.`

			`### File upload`

			`From the website:`


			`If you want to upload files to OpenNebula, you will have to share the`
			`uploads directory (/var/tmp by default) between Sunstone and`
			`oned. Some servers do not take into account the TMPDIR environment`
			`variable, in which case this directory must be defined in the`
			`configuration file (:tmpdir). It may also be necessary to set it in`
			`Passenger (client_body_temp_path).`

			`We can probably do without it using the hostpath`

			`## Fireedge`

			`* Basically a guacamole viewer, which we already have`

			`## Follow up`

			`- Find out if DB can be cleaned up (65G is huge!)`
			`- https://docs.opennebula.io/6.0/installation_and_configuration/opennebula_services/database.html`