.. | ||
nginx | ||
one | ||
templates | ||
.helmignore | ||
Chart.yaml | ||
README.md | ||
values.yaml |
OpenNebula Chart
Containers to do
- oned: main api
- also needs ssh files
- scheduler
- mysql for data
- sunstone
- novnc
- nginx on 443
Storage:
- mysql pvc (prod: 65G!)
DB upgrade to be run when upgrading opennebula:
sh-4.4# onedb upgrade -S 127.0.0.1 -P 3306 -u root -d opennebula
Tests / Migration
Containers done
Scheduler
Needs /etc/one/sched.conf.
[root@opennebula-opennebula-6cbb864798-txfhf one]# /usr/bin/mm_sched Could not open file /root/.one/one_auth
[root@opennebula-opennebula-6cbb864798-txfhf one]# mkdir /root/.one
[root@opennebula-opennebula-6cbb864798-txfhf one]# vi /root/.one/one_auth
[root@opennebula-opennebula-6cbb864798-txfhf one]# /usr/bin/mm_sched
DB cleanup
- via cronjob
- maybe 1/month
ALTER TABLE vm_pool DROP INDEX ftidx;
ALTER TABLE vm_pool ADD FULLTEXT INDEX ftidx (search_token);
Oned
- Needs SSH keys
- Define secret and provide out-of-band?
certbot for nginx
nginx for sunstone
Sunstone
templates: sunstone-server - needs ssl certificates access
files:
- /var/lib/one/.one/one_auth
- /var/lib/one/.one/sunstone_auth
Maybe via latent / hanging secret?
cmd:
mkdir -p /run/lock/one
mkdir -p /run/one
ruby /usr/lib/one/sunstone/sunstone-server.rb
`` [root@opennebula-opennebula-574c564b76-h6skt /]# sunstone-server start Error, check /var/log/one/novnc.log Could not start novnc server touch: cannot touch '/var/lock/one/.sunstone.lock': No such file or directory Error creating lock file VNC server is not running [root@opennebula-opennebula-574c564b76-h6skt /]# mkdir -p /run/lock/one [root@opennebula-opennebula-574c564b76-h6skt /]# sunstone-server start VNC proxy started /usr/bin/sunstone-server: line 104: /var/run/one/sunstone.pid: No such file or directory sunstone-server started [root@opennebula-opennebula-574c564b76-h6skt /]#
SUNSTONE_CONF=/etc/one/sunstone-server.conf ``
-
Starting novnc
-
ruby $SUNSTONE_SERVER > $SUNSTONE_LOG 2>$SUNSTONE_LOG_ERROR &
SUNSTONE_PID=/var/run/one/sunstone.pid SUNSTONE_SERVER=/usr/lib/one/sunstone/sunstone-server.rb SUNSTONE_LOCK_FILE=/var/lock/one/.sunstone.lock SUNSTONE_LOG=/var/log/one/sunstone.log SUNSTONE_LOG_ERROR=/var/log/one/sunstone.error SUNSTONE_CONF=/etc/one/sunstone-server.conf NOVNC_SERVER=/usr/bin/novnc-server
-
Memcached
-
SSL cert
Sat Aug 07 11:54:42 2021 [E]: No such file or directory @ rb_sysopen - /var/lib/one/.one/sunstone_auth
serveradmin:...
Sat Aug 07 12:08:37 2021 [E]: Configuration of ':webauthn_origin' is missing
Provide the serveradmin and oneadmin credentials in the /var/lib/one/.one/.
File upload
From the website:
If you want to upload files to OpenNebula, you will have to share the uploads directory (/var/tmp by default) between Sunstone and oned. Some servers do not take into account the TMPDIR environment variable, in which case this directory must be defined in the configuration file (:tmpdir). It may also be necessary to set it in Passenger (client_body_temp_path).
We can probably do without it using the hostpath
Fireedge
- Basically a guacamole viewer, which we already have
Follow up
- Find out if DB can be cleaned up (65G is huge!)