## OpenNebula Chart

## Containers to do

- oned: main api
  - also needs ssh files
- scheduler
- mysql for data
- sunstone
- novnc
- nginx on 443

Storage:

- mysql pvc (prod: 65G!)

DB upgrade to be run when upgrading opennebula:

```
sh-4.4# onedb upgrade -S 127.0.0.1 -P 3306 -u root -d opennebula
```

## Tests / Migration


## Containers done

### Scheduler

Needs /etc/one/sched.conf.

[root@opennebula-opennebula-6cbb864798-txfhf one]# /usr/bin/mm_sched
Could not open file /root/.one/one_auth

```
[root@opennebula-opennebula-6cbb864798-txfhf one]# mkdir /root/.one
[root@opennebula-opennebula-6cbb864798-txfhf one]# vi /root/.one/one_auth
[root@opennebula-opennebula-6cbb864798-txfhf one]# /usr/bin/mm_sched
```


## DB cleanup

- via cronjob
- maybe 1/month

```
ALTER TABLE vm_pool DROP INDEX ftidx;
ALTER TABLE vm_pool ADD FULLTEXT INDEX ftidx (search_token);
```

## Oned

- Needs SSH keys
- Define secret and provide out-of-band?


## certbot for nginx

## nginx for sunstone

## Sunstone

templates: sunstone-server
    - needs ssl certificates access

files:

- /var/lib/one/.one/one_auth
- /var/lib/one/.one/sunstone_auth

Maybe via latent / hanging secret?

cmd:

```
mkdir -p /run/lock/one
mkdir -p /run/one
ruby /usr/lib/one/sunstone/sunstone-server.rb
```


``
[root@opennebula-opennebula-574c564b76-h6skt /]# sunstone-server  start
Error, check /var/log/one/novnc.log
Could not start novnc server
touch: cannot touch '/var/lock/one/.sunstone.lock': No such file or directory
Error creating lock file
VNC server is not running
[root@opennebula-opennebula-574c564b76-h6skt /]# mkdir -p /run/lock/one
[root@opennebula-opennebula-574c564b76-h6skt /]# sunstone-server  start
VNC proxy started
/usr/bin/sunstone-server: line 104: /var/run/one/sunstone.pid: No such file or directory
sunstone-server started
[root@opennebula-opennebula-574c564b76-h6skt /]#
```

```
SUNSTONE_CONF=/etc/one/sunstone-server.conf
``

- Starting novnc
-   ruby $SUNSTONE_SERVER > $SUNSTONE_LOG 2>$SUNSTONE_LOG_ERROR &

    SUNSTONE_PID=/var/run/one/sunstone.pid
    SUNSTONE_SERVER=/usr/lib/one/sunstone/sunstone-server.rb
    SUNSTONE_LOCK_FILE=/var/lock/one/.sunstone.lock
    SUNSTONE_LOG=/var/log/one/sunstone.log
    SUNSTONE_LOG_ERROR=/var/log/one/sunstone.error
    SUNSTONE_CONF=/etc/one/sunstone-server.conf
    NOVNC_SERVER=/usr/bin/novnc-server

- Memcached
- SSL cert

Sat Aug 07 11:54:42 2021 [E]: No such file or directory @ rb_sysopen - /var/lib/one/.one/sunstone_auth

serveradmin:...

Sat Aug 07 12:08:37 2021 [E]: Configuration of ':webauthn_origin' is missing

Provide the serveradmin and oneadmin credentials in the /var/lib/one/.one/.

### File upload

From the website:


If you want to upload files to OpenNebula, you will have to share the
uploads directory (/var/tmp by default) between Sunstone and
oned. Some servers do not take into account the TMPDIR environment
variable, in which case this directory must be defined in the
configuration file (:tmpdir). It may also be necessary to set it in
Passenger (client_body_temp_path).

We can probably do without it using the hostpath

## Fireedge

* Basically a guacamole viewer, which we already have

## Follow up

- Find out if DB can be cleaned up (65G is huge!)
  - https://docs.opennebula.io/6.0/installation_and_configuration/opennebula_services/database.html