开spa馆需要什么设备:Nimbus环境搭建

来源:百度文库 编辑:偶看新闻 时间:2024/04/27 21:54:24
Nimbus环境搭建(一) 以前花了很多时间配置出来的,写出来供搭建参考,希望有人更深入的学习了解。

目录

 

 

 

目录... 1

nimbus简单测试环境的搭建... 3

一、环境介绍... 3

二、环境部署... 5

我们先在nimbus server进行安装部署... 5

1.安装java和apache-ant,及XML-Parser. 5

2. 安装GT. 6

3.创建配置证书... 6

(1)创建CA.. 6

(2)配置CA.. 9

(3)创建主机证书... 9

(4)签发主机证书... 10

(5)创建用户证书... 11

(6)签发用户证书... 12

(7)确保主机证书可以被容器访问... 12

(8)为用户增加授权... 13

(9)验证基础安全... 13

4. 配置gridftp服务... 14

5. 验证调整GT. 15

6.安装Nimbus-TP2.2. 16

7. 配置nimbus-tp2.2. 17

(1)配置nimbus server端和VMM节点的globus用户无需密码互登陆... 17

(2)配置nimbus 18

(3)添加xen虚机的网络地址... 26

(4)调整一些云的设置... 26

8.创建云目录... 30

我们在nimbus client进行安装部署... 30

我们对VMM进行安装部署... 34

一.安装配置nimbus-control 34

二. 创建半虚拟化镜像... 36

1.用于半虚拟化安装NFS. 36

2.半虚拟化安装rhel5.2. 38

3. 创建我们所需的镜像... 52

三、环境测试... 54

四、实现One Click Clusters 60

1. 介绍... 60

2. 安装部署... 61

在nimbus server上进行的操作... 61

(1)安装 nimbus-context-broker. 61

(2)配置无密码的CA Certificates 61

(3)配置jndi-config.xml文件... 61

(4)重启container. 62

在虚机镜像中执行的操作... 63

3. 验证... 64

五、 总结... 67

1. 一些机制的认识... 67

(1)nimbus如何分配VMM资源?... 67

(2)如何处理手工关掉的vm... 68

(3)Cloud Schedule的一些理解... 68

2. 一些不足... 70

(1)nimbus目前不支持高可用... 70

(2)nimbus的镜像不能使windows 70

(3)镜像根分区必须挂载到sda1. 70

(4)nimbus支持的vm,只能在启动时dhcp配置一个网卡... 71

v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} st1\:*{behavior:url(#ieooui) }


nimbus简单测试环境的搭建

 

 

 

Nimbus(workspace.globus.org)是基于Globus(www.globus.org)网格软件包GT中的java core(ws-core)组件而开发的IaaS平台软件。

 

 

一、环境介绍

 

这里为了搭建一个简单的环境,我们选取了三台机器:

Role

Hostname

IP

OS

User

Software

nimbus client

wang135.hrwang.com

172.20.86.135

RHEL5.2/CentOS5.2

nimbus

jdk-1_5_0_17-linux

nimbus-cloud-client-011.tar.gz

nimbus server

wang136.hrwang.com

172.20.86.136

RHEL5.2/CentOS5.2

globus

nimbus

jdk-1_5_0_17-linux

apache-ant-1.7.1-bin.tar.gz

XML-Parser-2.36.tar.gz

gt4.0.8-all-source-installer.tar.bz2

nimbus-TP2.2.tar.gz

VMM

cloud.jsgl.com

172.20.86.174

RHEL5.2/CentOS5.2

globus

dhcpd

python2.3+

sudo

ebtables-v2.0.8-2.tar.gz

nimbus-controls-TP2.2.tar.gz

  

 

 

 

 

 

 

 

结合上面的结构图,wang135.hrwang.com可以当做cloud-client; wang136.hrwang.com可以当做Workspace Service+Repository; node可以当做VMMs。

 

 

 

 

 

 

 

 

 

 

 

 

 

 

二、环境部署

 

下面以#开头的命令是root用户执行的,以$开头的命令是普通用户执行的。

首先确保,每台机器的/etc/hosts内容都如下:

172.20.86.135   wang135.hrwang.com wang135

172.20.86.136   wang136.hrwang.com wang136

172.20.86.169   cloud.jsgl.com cloud

 

另外将相应的用户在相应的机器上创建起来。

 

 

我们先在nimbus server进行安装部署

 

1.安装javaapache-ant,及XML-Parser

 

[root@wang136 opt]# pwd

/opt

[root@wang136 opt]# ./jdk-1_5_0_17-linux-amd64.bin              解压安装

[root@wang136 opt]# tar zxvf apache-ant-1.7.1-bin.tar.gz            解压安装

 

[root@wang136 opt]# vi /etc/profile                         在文件末添加环境变量

export ANT_HOME=/opt/apache-ant-1.7.1/

PATH=/opt/apache-ant-1.7.1/bin:/opt/jdk1.5.0_17/bin:/opt/jdk1.5.0_17/jre/bin:$PATH

JAVA_HOME=/opt/jdk1.5.0_17

CLASSPATH=/opt/jdk1.5.0_17/lib:/opt/jdk1.5.0_17/jre/lib:/opt/apache-ant-1.7.1/lib

export PATH

export JAVA_HOME

export CLASSPATH

 

[root@wang136 opt]# source /etc/profile                        生效环境变量

 

[root@wang136 opt]# java –version                            验证

java version "1.5.0_17"

Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_17-b04)

Java HotSpot(TM) 64-Bit Server VM (build 1.5.0_17-b04, mixed mode)

[root@wang136 opt]# ant -version

Apache Ant version 1.7.1 compiled on June 27 2008

 

[root@wang136 opt]# tar zxvf XML-Parser-2.36.tar.gz       安这个包是为了以后装GRAM

[root@wang136 opt]# cd XML-Parser-2.36

[root@wang136 XML-Parser-2.36]# perl Makefile.PL

[root@wang136 XML-Parser-2.36]# make

[root@wang136 XML-Parser-2.36]# make install

 

2. 安装GT

 

[root@wang136 ~]# useradd globus                        创建globus用户

[root@wang136 ~]# passwd globus

 

[root@wang136 ~]# mkdir /usr/local/globus-4.0.8             创建安装目录

[root@wang136 ~]# chown -R globus:globus /usr/local/globus-4.0.8

 

[root@wang136 ~]# cd /opt/                              软件放在opt目录下

[root@wang136 opt]# tar jxvf gt4.0.8-all-source-installer.tar.bz2

[root@wang136 opt]# chown -R globus:globus gt4.0.8-all-source-installer

 

切换到globus登陆的终端

[globus@wang136 gt4.0.8-all-source-installer]$ pwd

/opt/gt4.0.8-all-source-installer

[globus@wang136 gt4.0.8-all-source-installer]$ export GLOBUS_LOCATION=/usr/local/globus-4.0.8                  (将这行添加到/home/globus/.bash_profile的末尾)

 

[globus@wang136 gt4.0.8-all-source-installer]$ ./configure --prefix=/usr/local/globus-4.0.8

[globus@wang136 gt4.0.8-all-source-installer]$ make wsjava gridftp

[globus@wang136 gt4.0.8-all-source-installer]$ make wsjava gridftp install

 

3.创建配置证书

 

(1)创建CA

使用globus用户执行下面的操作

[globus@wang136 gt4.0.8-all-source-installer]$ cd /usr/local/globus-4.0.8/   

[globus@wang136 globus-4.0.8]$ sh etc/globus-user-env.sh     

将下面这行添加到/home/globus/.bash_profile的末尾:

source /usr/local/globus-4.0.8/etc/globus-user-env.sh

 

[globus@wang136 globus-4.0.8]$ ./setup/globus/setup-simple-ca             生成CA

 

WARNING: GPT_LOCATION not set, assuming:

         GPT_LOCATION=/usr/local/globus-4.0.8

 

 

 

    C e r t i f i c a t e    A u t h o r i t y    S e t u p

 

This script will setup a Certificate Authority for signing Globus

users certificates.  It will also generate a simple CA package

that can be distributed to the users of the CA.

 

The CA information about the certificates it distributes will

be kept in:

 

/home/globus/.globus/simpleCA/

 

The unique subject name for this CA is:

 

cn=Globus Simple CA, ou=simpleCA-wang136.hrwang.com, ou=GlobusTest, o=Grid

 

Do you want to keep this as the CA subject (y/n) [y]:y

 

Enter the email of the CA (this is the email where certificate

requests will be sent to be signed by the CA):wanghongrui@ceopen.cn

 

The CA certificate has an expiration date. Keep in mind that

once the CA certificate has expired, all the certificates

signed by that CA become invalid.  A CA should regenerate

the CA certificate and start re-issuing ca-setup packages

before the actual CA certificate expires.  This can be done

by re-running this setup script.  Enter the number of DAYS

the CA certificate should last before it expires.

[default: 5 years (1825 days)]:

 

Enter PEM pass phrase:

Verifying - Enter PEM pass phrase:

 

 

st1\:*{behavior:url(#ieooui) }

creating CA config package...done.

 

 

A self-signed certificate has been generated

for the Certificate Authority with the subject:

 

/O=Grid/OU=GlobusTest/OU=simpleCA-wang136.hrwang.com/CN=Globus Simple CA

 

If this is invalid, rerun this script

 

./setup/globus/setup-simple-ca

 

and enter the appropriate fields.

 

-------------------------------------------------------------------

 

The private key of the CA is stored in /home/globus/.globus/simpleCA//private/cakey.pem

The public CA certificate is stored in /home/globus/.globus/simpleCA//cacert.pem

 

The distribution package built for this CA is stored in

 

/home/globus/.globus/simpleCA//globus_simple_ca_2f982487_setup-0.19.tar.gz

 

This file must be distributed to any host wishing to request

certificates from this CA.

 

CA setup complete.

 

The following commands will now be run to setup the security

configuration files for this CA:

 

$GLOBUS_LOCATION/sbin/gpt-build /home/globus/.globus/simpleCA//globus_simple_ca_2f982487_setup-0.19.tar.gz

 

$GLOBUS_LOCATION/sbin/gpt-postinstall

-------------------------------------------------------------------

 

 

setup-ssl-utils: Configuring ssl-utils package

Running setup-ssl-utils-sh-scripts...

 

***************************************************************************

 

Note: To complete setup of the GSI software you need to run the

following script as root to configure your security configuration

directory:

 

/usr/local/globus-4.0.8/setup/globus_simple_ca_2f982487_setup/setup-gsi

 

For further information on using the setup-gsi script, use the -help

option.  The -default option sets this security configuration to be

the default, and -nonroot can be used on systems where root access is

not available.

 

***************************************************************************

 

setup-ssl-utils: Complete

 

注1: 上面选择的都是默认答案,只有邮箱和密码根据情况填写。

 

(2)配置CA

使用root执行:

[root@wang136 opt]# export GLOBUS_LOCATION=/usr/local/globus-4.0.8

[root@wang136 opt]# /usr/local/globus-4.0.8/setup/globus_simple_ca_2f982487_setup/setup-gsi -default

setup-gsi: Configuring GSI security

Making /etc/grid-security...

mkdir /etc/grid-security

Making trusted certs directory: /etc/grid-security/certificates/

mkdir /etc/grid-security/certificates/

Installing /etc/grid-security/certificates//grid-security.conf.2f982487...

Running grid-security-config...

Installing Globus CA certificate into trusted CA certificate directory...

Installing Globus CA signing policy into trusted CA certificate directory...

setup-gsi: Complete

如何搭建php环境 如何搭建s60编程环境 如何搭建电子商务平台实验环境? 如何搭建wince编程环境 php环境搭建问题请教!! jbuilder怎么搭建环境 详细点 如何入手搭建WINDOWS测试环境 谁知道搭建flash media server环境? 怎样搭建.net的开发环境 新太ivr模拟测试环境如何搭建? eclipse3.1.2+tomcat5.5+myeclipse4.1.1环境怎么搭建 为什么nimbus这个词有rain的含义? JAVA高手请回答:如何搭建JAVA的开发环境,以及要使用到的软件 我在windowsxp sp1操作系统下怎样搭建一个完善的asp.net环境? 开发基于WIINDOWS的WEB服务程序,该如何搭建开发环境 谁能告诉我搭建jsp环境的软件的下载地址吗? 搭建无线网络 搭建金字塔 网络搭建!! 环境.......... 怎样搭建网站 MDaemon搭建邮件安全网关 帐篷怎么搭建!? 如何搭建文件服务器