Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Capstone Paper - WordPress.com

advertisement 
Apache Virtual
Computing Lab
Capstone
Aaron Bryant
The University of
Pittsburgh at Bradford
300 Campus Drive
Bradford Pa, 16701
814-362-7660
1/16/2012
Introduction:
A VCL Server is “an open-source system used to dynamically provision and broker remote
access to a dedicated compute environment for an end-user.”
This project is a pilot project that may be used by the University of Pittsburgh at Bradford
to allow students to connect into virtual computers on campus. Students will use their
University of Pittsburgh student credentials to log into the VCL (Virtual Computing Lab)
Server and will then be brokered remote access to an open virtual computer. I used two
identical servers in the process. Each has a one terabyte HD and a limited four gigabytes
of RAM. This is adequate for testing purposes but will be replaced before being put into
operation.
The first server will be used as the management node, controlling the virtual computers
on the second server. The management node server will be created using Fedora 15 as
the operating system and the Apache VCL software to do the managing. The second
server will use VMware virtualization to hold the virtual images of each machine.
Setup:
To make the setup as secure and safe as possible during testing, the testing environment
will be enclosed behind a router and private IP addresses will be used for all components.
Even though these servers are only being used for testing, security is of the utmost
importance. Without protection, they could be compromised during any part of the
Apache Virtual Computing Lab Capstone
1
testing process. Once infected, they would be able to affect the rest of our system after
deployment. Directly behind the router, I have placed a gigabyte switch to allow ample
connections.
History:
The VCL project was created by two departments at NCSU, to meet a demand for
students to access resources on campus. In 2008, the project was accepted into the
Apache Software Foundation as an incubator project. For more information on the
project’s history, visit the link below.
http://vcl.ncsu.edu/vcl-history
Technologies Utilized:
Body of Paper:
I began the initial stages of installing operating systems and programs. It was decided
ahead of time that Wes Milliron would be working with the VMware side of the project
while I build the VCL server. I started by downloading and installing Fedora 15 on the
server. I decided that it would be best to do a basic installation with only Apache HTTP
Apache Virtual Computing Lab Capstone
2
Server without any add-ons, such as MySQL. This was decided because later on,
programs will need to be compiled together and would be much easier to do from
scratch.
Once the installation was complete, I downloaded the Apache VCL source code with the
wget command and extracted the files. I then moved on to installing MySQL Server.
Once installed, it was set to start automatically. I checked that there was nothing blocking
port 3306 which is used to pass traffic between the management node and MySQL
daemon.
With the initial configuration done, I created a database for the VCL. My background in
SQL Server made this process much easier. The database from the downloaded VCL
server files was then imported into the MySQL database just created.
The next step was to optionally install phpMyAdmin. I chose to do this to make to
process of managing the database easier. Cwiki also has a guild on installing this. At this
point the VCL server database has been created and imported. The next step will be to
install and configure the web components.
Since I installed Apache HTTP along with the Fedora install, there was no need to do so at
this step. I then began to install the required Linux packages and PHP modules. I used a
yum install to gather the required packages and modules. The only problem I occurred at
this step was that one of the PHP packages would not install and therefore crashed the
script. I did some searching online and found another place to get the required module.
Apache Virtual Computing Lab Capstone
3
After the manual installation, I ran the yum install again and finished the rest of the
required packages and modules. Once it was all installed, I configured the HTTPD server
daemon to start automatically at levels 3, 4, and 5 and started the daemon.
Now that the HTTPD web server daemon has been configured it is time for the VCL
frontend web code to be configured and installed. There is a web frontend that comes
with the VCL software located in the extracted source code. I proceeded to copy the web
frontend code to the /var/www/html/vcl/ folder. Once all files were extracted to the
html folder the software was patched. A simple wget command was used to download
the patch and then it was installed. Inside the vcl/.ht-inc folder are two PHP files used to
hold the secure information about the VCL database and private passwords. The secretsdefault.php was copied to secrets.php and then edited. Once this was configured, I
copied and configured conf.php. There is a section marked with things that need
modified.
The last thing to do for this section was to try to log in to the web front end. When I
configured the PHP files, I used the IP address, so I tested the site by accessing it through
the IP address. VCL has a built-in test PHP site which I accessed. It runs scripts to test that
things are configured properly. Unfortunately my test failed. The next step will be to
address this problem and continue onto the Management Node configuration.
Apache Virtual Computing Lab Capstone
4
My first attempt to run the TestSetup PHP page was unsuccessful. Under the test page, it
reads that there is a missing PHP extension: sysvsem. After some quick Google searching,
I found that the simple answer was to run an administrative yum install of the missing
PHP extension. Therefore to fix the problem, I ran:
sudo yum install php-sysvsem
Once the install was complete, I restarted the Apache HTTPD daemon and reran the
TestSetup PHP script. This time all extension tests were successful.
I then accessed the index.php page by the IP Address. Since the index.php file was
located inside the VCL folder, the address was http://192.168.0.2/vcl/index.php. This
was a success and the login page displayed properly in the web browser. I entered the
default administrator username and password as a local account and was granted access
to the rest of the user interface. Once logged in, the default password for the
administrator can be changed under User Preferences. At this point, it was time to add
the management node to the database.
I began by clicking the Management Nodes link on the left. I then clicked Add and
proceeded to fill in the required fields. When I came to Hostname, I chose to use vclserver.upb.pitt.edu. Although this isn’t going to work at this point in the process, it will be
used later instead of the IP Address in the web browser. For my testing environment, I
will need to build a DNS server to lookup this hostname. Later on I will also need to add
additional local accounts. This isn’t necessary at this point for my testing.
Apache Virtual Computing Lab Capstone
5
Also available in this configuration is LDAP authentication. It will be necessary for me to
enable the management node server to bind with the universities LDAP authentication
server to allow students to login with their university credentials. At this point, the
configuration was done and I submitted. The final step was to add the management node
to the management node grouping using the link on the left.
(Picture completing web components)
The first step in installing and configuring the management node was to use the already
downloaded Apache VCL source files to copy the management node directory. I chose to
place it in the typical /usr/local/vcl directory. Once this was done, it was time to install
the required Linux packages and Perl modules. Built inside the VCL management node
source files is a Perl script that does most of the work for us. When I tried this, my script
failed at Perl module: Object::InsideOut. After some Google searches, I found some
promising material and tried it. I used the following code to install the module:
yum search perl-Object-InsideOut
yum install perl-Object-InsideOut.noarch
yum info perl-Object-InsideOut.noarch
Once I ran this code to install the needed Perl module, I reran the built in Perl script to
install the rest of the modules successfully. The next step is to configure the vcld.conf file
inside the /etc/vcl directory. To do this, I first made the /etc/vcl directory, then copied
the default vcld.conf file to the directory, and finally edited the file to fit my network
Apache Virtual Computing Lab Capstone
6
setup. In this file, a FQDN is requested. I again used vcl-server.upb.pitt.edu even though I
haven’t created an entry for this.
At this point, the VMware server has been setup and two test machines have been
created: Fedora 15, and Windows 7. They have had nothing configured on them, only a
base install of the operating system and systems updates. This is when I started to be
confused by the Apache Incubator documentation. The process of creating a base image
on the VMware server is slightly confusing to get to. It isn’t in the normal installation but
in a category of its own. The biggest problem that I have with the documentation is that
they don’t describe anything they are doing, making problems much harder to address.
In the base image creation documentation, they describe how to create a base image for
VMware in general, but then become even more specific inside that documentation.
Inside the windows 7 base image documentation is where I found the software that I
need to configure the SSH between the VMware image and the management node. The
Cygwin software that needs to be configured on the windows virtual machine is a Linux
type environment for windows. This allows Linux software to be ported to Windows
machines.
Before I got too involved into configuring the SSH, It was about time to create a DNS
server. I created a Windows Server 2008 virtual machine on the VMware server to host
the DNS for the test network. After this was done, I added a reference for the Apache VCL
server’s IP address to vcl-server.upb.pitt.edu. Once this was done, I went through the
Apache Virtual Computing Lab Capstone
7
configuration files for the server and made them all reflect the new name. Additionally, I
created the hostname of vsphere.upb.pitt.edu for the VMware server.
The next step was to configure the SSH client on the management node. When I
attempted to open the SSH configuration file, it was empty. I then went into the file and
added the necessary lines. Now it was time to install and start the VCL daemon service. I
copied the service script from the source directory out into the init.d/vcld directory. The
service was then added to the chkconfig and configured to start at run time. I came
across a problem at this point when I started the service and checked the VCL daemon log
file.
“Unable to retrieve management node information from database”
After checking some of the configuration files, I was made aware that I had originally
made some of the files reference localhost and others vcl-server.upb.pitt.edu. I changed
them all to the new hostname and the log file read out correctly.
At this point in the project, I have everything configured and it is time to configure the
virtual machines. As I mentioned before, I have a Windows 7 virtual machine and a
Fedora 15 virtual machine created. For my testing, I’m going to work to get the windows
machine working and then move to the Fedora machine. The first step as mentioned last
week is configuring Cygwin on the machine. The reason for Cygwin on the Windows VM
is to allow SSH key authentication between the management node and the VM.
Apache Virtual Computing Lab Capstone
8
To allow the script to run correctly, an administrator account needs to be created on the
VM named “root”. Once created and logged on as “root”, I installed Cygwin as
administrator and followed the directions to the letter. The instructions include installing
Cygwin for all users, deleting the install files on the desktop, and installing packages. The
first package that is installed is the editor vim. I prefer to use nano as my personal editor,
so I installed both to satisfy my needs and those that will be administering with me. The
next package was openssh. This is the actual package we will be using to do the SSH
between the machines. The last package is the wget command. This command will be
used to gather a necessary script.
Now that Cygwin has been successfully installed, it is time to gather the script that will
eventually configure the SSH identity key. I used the installed wget package to get the
script from the Apache site and use the chmod command to make it executable. Finally, I
run the script with the root password encased in single quotes appended to the end.
Cygwin SSHD is now successfully started.
The next step was to access the management node and again use the wget command to
gather the server side script from the Apache site. Once finished, I made the script
executable and ran it with the IP address of the Windows 7 VM. When prompted, I
entered the root password, but the script read access denied. After some
troubleshooting, I discovered that my mistake came when I created the “root” account on
the VM. Instead of entering “root” as the username, I typed “Root”. This type of mistake
makes all the difference in Linux. Instead of chancing having problems down the road, I
Apache Virtual Computing Lab Capstone
9
created the proper account and deleted the other. Windows wouldn’t allow the creation
of another account with such a similar name so I was forced to create a third account to
use as an intermediary between creating and deleting “root” accounts.
Once the unnecessary accounts were deleted and the proper “root” account was created,
I reran the script from the management node and it was successful. I tested the
connection with the suggested script and connected using the SSH key authentication
without problems. The management node and VM have both been configured and are
ready to create a base image in the VCL server.
Critique:
Capstone Experience:
Apache Virtual Computing Lab Capstone
10
Acknowledgements:
Don Lewicki
My academic adviser and head of the CIST major. He gave me this
opportunity and provided funds.
Robert Ellison
Senior Technical Analyst at CTM Services. He provided extensive support with
the pearl scripts and database portion of the project. He also gave general help
with various problems.
Steve Ellison
Technical Analyst II at CTM Services. Provided several counts of assistance when
dealing with the Linux operating systems and getting the software to run.
Wes Milliron
Coworker. Gave general support to the project and worked mainly with the
VMware server.
Apache Virtual Computing Lab Capstone
11
Work Cited:
http://vcl.ncsu.edu/vcl-history
http://incubator.apache.org/vcl/
https://cwiki.apache.org/VCL/
Apache Virtual Computing Lab Capstone
12
Related documents
Providing Remote-yet-Restricted Access to Born
Providing Remote-yet-Restricted Access to Born
How to use Virtual Computer Lab
How to use Virtual Computer Lab
Free University-licensed Software: Virtual Computer Lab
Free University-licensed Software: Virtual Computer Lab
Módulo: Mecanizado (MEC)
Módulo: Mecanizado (MEC)
notes - Duke
notes - Duke
Setting up your Virtual Lab
Setting up your Virtual Lab
Take Home (Midterm) Exam – Summer 2015 - Rose
Take Home (Midterm) Exam – Summer 2015 - Rose
Download
advertisement