This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

News About EucaStack

Eucalyptus 5 FastStart Ansible Playbook

A new Ansible based FastStart install for single host Eucalyptus clouds is now available for early access to Eucalyptus 5 pre-releases.

A FastStart deployment requires a CentOS 7.5-7.7 host with 16G memory and 100G disk as the recommended host minimums. Ansible FastStart installs Eucalyptus with Walrus object storage, overlay block storage, and vpcmido network mode. The deployment is from Eucalyptus 5 nightly builds, so will always have the latest pre-release functionality.

FastStart install

To install Eucalyptus 5 using the Ansible FastStart run (as root):

> bash <(curl -Ls https://go.euca.me/5eav)

The interactive installer will check system prerequisites and prompt for the one required configuration item, the VPC public IP address CIDR. Currently the installer requires between a /24 (~256 addresses) and a /28 (~16 addresses) block, for example:

  • 192.168.100.0/24 for addresses 192.168.100.1 - 192.168.100.254
  • 192.168.1.128/25 for addresses 192.168.1.129 - 192.168.1.254
  • 192.168.2.192/26 for addresses 192.168.2.193 - 192.168.2.254
  • 192.168.3.224/27 for addresses 192.168.3.225 - 192.168.3.254
  • 192.168.4.240/28 for addresses 192.168.4.241 - 192.168.4.254

If the target hosts IP was 10.20.30.40/24 then the CIDR used could be 10.20.30.240/28.

These addresses should not currently be in use, they will be used by instances in the deployment.

Post install

Once the installation completes a few configuration items are listed as next steps. You could install machine images (ami/emi) using the new wrapper script:

> eucalyptus-images

or get started with the management console by configuring the administrator login:

> euare-useraddloginprofile --as-account eucalyptus -u admin -p PASSWORD

The installer also sets up the AWS CLI for use with Eucalyptus:

>
> aws s3 ls
2020-03-07 00:46:33 eucalyptus-service-image-v5.0.100
>
> aws ec2 describe-availability-zones
AVAILABILITYZONES	cloud-1	available	cloud-1a
>
> aws ec2 describe-account-attributes
ACCOUNTATTRIBUTES	supported-platforms
ATTRIBUTEVALUES	VPC
ACCOUNTATTRIBUTES	default-vpc
ATTRIBUTEVALUES	vpc-6b1e517c04915806c
>

You might want to review the Eucalyptus 5 beta 1 announcement for more details on the release.

Feedback

Please report any issues you find with the installer or Eucalyptus 5 to help improve the final release.

Announcing the AWS CLI plugin for Eucalyptus

A new AWS CLI plugin with support for Eucalyptus Cloud deployments is now available.

The initial release of the plugin simplifies using the AWS CLI with your cloud deployment by removing the need to specify the endpoint with each command or using other plugins with more complex configuration.

Getting started

To get started with the plugin, the first step is installation.

You can either install using the pypi package:

> pip install awscli-plugin-eucalyptus

or if using a Eucalyptus 5 early access release then you can install the RPM package:

> yum install eucalyptus-awscli-plugin

Either way, the plugin will be installed and ready to for the next step.

Configuration tells the AWS CLI to use the new plugin and also controls which profiles it is active for.

The simplest approach is to enable for the default profile:

> cat .aws/config 
[plugins]
eucalyptus = awscli_plugin_eucalyptus

[default]
ufshost = euca-10-10-10-10.euca.me
ufsport = 8773
verify_ssl = yes
output = text
region = eucalyptus

The ufshost identifies the domain for the cloud and is used along with other configuration settings to derive the service endpoints such as https://ec2.euca-10-10-10-10.euca.me:8773/.

Change verify_ssl to no if your Eucalyptus deployment does not have a valid HTTPS certificate.

Using the CLI

Once configured you can use the AWS CLI as you would against AWS:

> aws ec2 describe-availability-zones
AVAILABILITYZONES	cloud-1	available	cloud-1a

Next steps

As covered in the earlier post on using the AWS CLI with Eucalyptus you can set up command completion for the AWS CLI:

> complete -C aws_completer aws

which makes it easier to discover commands and their options.

Thanks!

Thanks for giving the AWS CLI plugin for Eucalyptus a try and please use github issues to report any problems you encounter to help improve the plugin.

Using the AWS CLI with Eucalyptus

The AWS Command Line Interface is a unified tool to manage AWS services. You would use the CLI to run EC2 instances, upload objects for storage in S3, and to manage users in IAM.

In this post we examine how the CLI, and higher level tooling, can be used with your Eucalyptus cloud.

Get started with the CLI

The first step is to get the latest AWS CLI. These instructions will differ depending on your OS, we will assume that CentOS/RHEL 7 is in use as that is the OS used with Eucalyptus. You may need to alter for your package manager, or to use pip3 rather than pip.

The AWS CLI can be installed using pip, if you do not have pip available you can install it using yum (or apt-get, dnf, etc):

> yum install python-pip
>
> pip install awscli

We then need to configure a few options to allow use of the CLI with Eucalyptus clouds:

> aws configure set s3.signature_version s3v4
> aws configure set region eucalyptus
> aws configure set output text

We’ve used the region name eucalyptus, but you can use any region name for your Eucalyptus cloud. We set the output of the CLI to text rather than the JSON default so it is easier to read.

The CLI comes with support for TAB completion of commands let’s enable it for our current shell:

> complete -C aws_completer aws

With this configuration we can run commands by specifying the --endpoint option and using credentials from the environment. This is not very convenient, but fortunately we can do better by making use of the endpoint plugin.

Enter the Endpoint plugin

The AWS CLI Endpoint plugin can also be installed using pip and allows us to configure the service endpoints we want to use for our Eucalyptus cloud.

> pip install awscli-plugin-endpoint
>
> aws configure set plugins.endpoint awscli_plugin_endpoint

This installs and enables the plugin.

Next we configure the endpoints, making use of a euca2ools command to generate environment variables based on euca2ools existing configuration:

> eval $(euca-generate-environment-config)
>
> aws configure set autoscaling.endpoint_url ${AWS_AUTO_SCALING_URL}
> aws configure set cloudformation.endpoint_url ${AWS_CLOUDFORMATION_URL}
> aws configure set cloudwatch.endpoint_url ${AWS_CLOUDWATCH_URL}
> aws configure set ec2.endpoint_url ${EC2_URL}
> aws configure set elb.endpoint_url ${AWS_ELB_URL}
> aws configure set iam.endpoint_url ${AWS_IAM_URL}
> aws configure set s3.endpoint_url ${S3_URL}
> aws configure set s3api.endpoint_url ${S3_URL}
> aws configure set sts.endpoint_url ${TOKEN_URL}

Here we have configured the default endpoints used by the various AWS CLI subcommands. A subcommand is a little different from a service, notably we configure the Eucalyptus S3 endpoint for the s3 and s3api subcommands as these both use S3 compatible services.

AWS CLI in action

Now that the CLI is fully configured let’s try out a few of the services:

> aws ec2 describe-account-attributes
ACCOUNTATTRIBUTES	supported-platforms
ATTRIBUTEVALUES	EC2
ACCOUNTATTRIBUTES	default-vpc
ATTRIBUTEVALUES	none
>
> aws iam list-users
USERS	arn:aws:iam::000855590299:user/narwhal	2018-07-08T01:37:46.321Z	/	AIDAAMZJOPZULQOJTH5F5	narwhal
USERS	arn:aws:iam::000855590299:user/walrus	2018-07-08T01:37:22.949Z	/	AIDAAWRRN2HWUF3DKLQFP	walrus
USERS	arn:aws:iam::000855590299:user/admin	2018-07-08T01:36:29.632Z	/	AIDAAX6G7F7VLGONP3LJK	admin
>
> aws s3 ls
2018-07-07 18:39:04 narwhal
2018-07-07 18:39:15 walrus
>
> aws sts get-caller-identity
000855590299	arn:aws:iam::000855590299:user/admin	AIDAAX6G7F7VLGONP3LJK
>

This shows examples of using the ec2, s3, and iam services without having to specify the endpoint for each command.

Using the shell

Now that we have the basics working we can try out the AWS CLI shell

> pip install aws-shell

The shell uses the AWS CLI and provides additional functionality such as command completion and inline documentation.

SVG animation, see more examples on the aws-shell site

As shown here, the shell provides a more interactive experience.

All the clouds

The basic configuration we have so far is a good start, but if you use multiple Eucalyptus clouds, or if use both AWS and Eucalyptus you may need more control over your credentials and endpoints.

AWS CLI profiles offer a solution. When exporting the euca2ools configuration you can use the --region option for euca-generate-environment-config to select the credentials and endpoints for export. You then use the --profile option with the CLI:

> aws --profile euca-profile-1 configure
> 
> eval $(euca-generate-environment-config --region euca-region-1)
>
> aws configure --profile euca-profile-1 set s3.endpoint_url ${S3_URL}
> aws configure --profile euca-profile-1 set s3api.endpoint_url ${S3_URL}

The initial configure command will interactively configure the region and credentials to use for the profile. The endpoint configuration will then set up the endpoints for the profile, above we only show configuration for the S3 endpoint.

If you have any issues with this configuration you may need to remove the [plugins] section from the ~/.aws/config file. If you do so, be sure to add it back in once the endpoints are configured.

With this configuration you can now specify the profile to use for each command or you can switch between CLI profiles by setting an environment variable:

> aws --profile euca-profile-1 s3 ls
>
> export AWS_PROFILE=euca-profile-1
> aws s3 ls

Using this approach to configuration you can more easily use the AWS CLI with both AWS and multiple Eucalyptus clouds.