145 lines
3.3 KiB
Markdown
145 lines
3.3 KiB
Markdown
## OpenNebula Chart
|
|
|
|
## Containers to do
|
|
|
|
- oned: main api
|
|
- also needs ssh files
|
|
- scheduler
|
|
- mysql for data
|
|
- sunstone
|
|
- novnc
|
|
- nginx on 443
|
|
|
|
Storage:
|
|
|
|
- mysql pvc (prod: 65G!)
|
|
|
|
DB upgrade to be run when upgrading opennebula:
|
|
|
|
```
|
|
sh-4.4# onedb upgrade -S 127.0.0.1 -P 3306 -u root -d opennebula
|
|
```
|
|
|
|
## Tests / Migration
|
|
|
|
|
|
## Containers done
|
|
|
|
### Scheduler
|
|
|
|
Needs /etc/one/sched.conf.
|
|
|
|
[root@opennebula-opennebula-6cbb864798-txfhf one]# /usr/bin/mm_sched
|
|
Could not open file /root/.one/one_auth
|
|
|
|
```
|
|
[root@opennebula-opennebula-6cbb864798-txfhf one]# mkdir /root/.one
|
|
[root@opennebula-opennebula-6cbb864798-txfhf one]# vi /root/.one/one_auth
|
|
[root@opennebula-opennebula-6cbb864798-txfhf one]# /usr/bin/mm_sched
|
|
```
|
|
|
|
|
|
## DB cleanup
|
|
|
|
- via cronjob
|
|
- maybe 1/month
|
|
|
|
```
|
|
ALTER TABLE vm_pool DROP INDEX ftidx;
|
|
ALTER TABLE vm_pool ADD FULLTEXT INDEX ftidx (search_token);
|
|
```
|
|
|
|
## Oned
|
|
|
|
- Needs SSH keys
|
|
- Define secret and provide out-of-band?
|
|
|
|
|
|
## certbot for nginx
|
|
|
|
## nginx for sunstone
|
|
|
|
## Sunstone
|
|
|
|
templates: sunstone-server
|
|
- needs ssl certificates access
|
|
|
|
files:
|
|
|
|
- /var/lib/one/.one/one_auth
|
|
- /var/lib/one/.one/sunstone_auth
|
|
|
|
Maybe via latent / hanging secret?
|
|
|
|
cmd:
|
|
|
|
```
|
|
mkdir -p /run/lock/one
|
|
mkdir -p /run/one
|
|
ruby /usr/lib/one/sunstone/sunstone-server.rb
|
|
```
|
|
|
|
|
|
``
|
|
[root@opennebula-opennebula-574c564b76-h6skt /]# sunstone-server start
|
|
Error, check /var/log/one/novnc.log
|
|
Could not start novnc server
|
|
touch: cannot touch '/var/lock/one/.sunstone.lock': No such file or directory
|
|
Error creating lock file
|
|
VNC server is not running
|
|
[root@opennebula-opennebula-574c564b76-h6skt /]# mkdir -p /run/lock/one
|
|
[root@opennebula-opennebula-574c564b76-h6skt /]# sunstone-server start
|
|
VNC proxy started
|
|
/usr/bin/sunstone-server: line 104: /var/run/one/sunstone.pid: No such file or directory
|
|
sunstone-server started
|
|
[root@opennebula-opennebula-574c564b76-h6skt /]#
|
|
```
|
|
|
|
```
|
|
SUNSTONE_CONF=/etc/one/sunstone-server.conf
|
|
``
|
|
|
|
- Starting novnc
|
|
- ruby $SUNSTONE_SERVER > $SUNSTONE_LOG 2>$SUNSTONE_LOG_ERROR &
|
|
|
|
SUNSTONE_PID=/var/run/one/sunstone.pid
|
|
SUNSTONE_SERVER=/usr/lib/one/sunstone/sunstone-server.rb
|
|
SUNSTONE_LOCK_FILE=/var/lock/one/.sunstone.lock
|
|
SUNSTONE_LOG=/var/log/one/sunstone.log
|
|
SUNSTONE_LOG_ERROR=/var/log/one/sunstone.error
|
|
SUNSTONE_CONF=/etc/one/sunstone-server.conf
|
|
NOVNC_SERVER=/usr/bin/novnc-server
|
|
|
|
- Memcached
|
|
- SSL cert
|
|
|
|
Sat Aug 07 11:54:42 2021 [E]: No such file or directory @ rb_sysopen - /var/lib/one/.one/sunstone_auth
|
|
|
|
serveradmin:...
|
|
|
|
Sat Aug 07 12:08:37 2021 [E]: Configuration of ':webauthn_origin' is missing
|
|
|
|
Provide the serveradmin and oneadmin credentials in the /var/lib/one/.one/.
|
|
|
|
### File upload
|
|
|
|
From the website:
|
|
|
|
|
|
If you want to upload files to OpenNebula, you will have to share the
|
|
uploads directory (/var/tmp by default) between Sunstone and
|
|
oned. Some servers do not take into account the TMPDIR environment
|
|
variable, in which case this directory must be defined in the
|
|
configuration file (:tmpdir). It may also be necessary to set it in
|
|
Passenger (client_body_temp_path).
|
|
|
|
We can probably do without it using the hostpath
|
|
|
|
## Fireedge
|
|
|
|
* Basically a guacamole viewer, which we already have
|
|
|
|
## Follow up
|
|
|
|
- Find out if DB can be cleaned up (65G is huge!)
|
|
- https://docs.opennebula.io/6.0/installation_and_configuration/opennebula_services/database.html
|