User Guide: the EGI Federated Cloud - gridpp/user-guides GitHub Wiki

##Overview

1. Get a grid certificate
2. Register with the EGI Federated Cloud testbed VO
3. Prepare your workspace
4. Create a VM
5. Log in to your VM
6. Destroy your VM

##Detailed instructions

###Get a grid certificate For UK users, instructions are available on the UK National Grid Service (NGS) Certification Authority (CA) Website: https://ca.grid-support.ac.uk/ There are also more detailed instructions on the GridPP wiki.

Note: you will need to install your certificate in your web browser. We recommend Mozilla Firefox.

###Register with the EGI Federated Cloud testbed VO In order to use the EGI Federated Cloud, you need to be a member of a Virtual Organisation (VO) that has access to Federated Cloud resources. VOs can be registered with the FedCloud, but for now we'll use the "testbed" VO fedcloud.egi.eu which gives you six months to experiment with what's on offer.

To join the fedcloud.egi.eu VO, submit a request here.

Note: the SHA public key you can provide on this form can be used to log in to Virtual Machines (VMs) you create in the steps below. However, it is also possible to ship a public key when you create a VM.

###Prepare your workspace For now, the FedCloud lets you manage Virtual Machines (VMs) via a command line interface. Your workspace/environment will need to be able to do two things:

• Generate VOMS proxies;
• Submit OCCI commands via the occi command line tool.

Ironically, it's often easier to do this on a clean VM where you have root permissions and know exactly what's been installed previously. But however you do it, you'll need to install the following tools:

####VOMS client tools First check if these have been installed already; if you can run voms-proxy-info from your command line, you're golden. If not, there is a detailed guide for installing the VOMS tools available on the FedCloud wiki. Basically, after installing the EGI UMD repository you need to run:

yum install voms-clients # Red Hat Linux 6 / Scientific Linux 6

If the installation is successful, you should now be able run voms-proxy-info and voms-proxy-init from the command line.

####Configuring the VOMS information for the FedCloud VO To be able to generate proxies for the FedCloud VO, you'll need to configure:

• The vomsdir information;
• The vomses file

for your environment. Usually this is done by your system/cluster administrator (in /etc/grid-security/vomsdir/[VO name] and /etc/vomses respectively, but if you're flying solo you'll need to do this yourself. There are full instructions and configuration files on the EGI Federated Cloud wiki. If you don't have access to /etc/* you can put the files/directories in a custom location and specify them when you submit your proxy initialisation.

export MY_FEDCLOUD_VOMSDIR=[your fedcloud.egi.eu directory]
export MY_FEDCLOUD_VOMSES=[the full path to your custom vomses file]

####Generating a FedCloud VOMS proxy All being well, you should be able to generate a VOMS proxy that'll give you access to the EGI Federated Cloud:

voms-proxy-init --vomsdir $MY_FEDCLOUD_VOMSDIR --vomses $MY_FEDCLOUD_VOMSES --voms fedcloud.egi.eu
Enter GRID pass phrase for this identity:

Created proxy in [proxy location].

Your proxy is valid until [date and time etc.]

It's worth storing the proxy location in an environment variable for later use:

export FEDCLOUD_USER_CRED=[proxy location]

You can check the information about your proxy at any time with the voms-proxy-info command:

$ voms-proxy-info
[bla bla bla]

If you have problems with not being recognised by the VO (or indeed, anything related to the FedCloud) you should submit a GGUS ticket, selecting Federated Cloud from the Type of problem drop down menu.

####Setup the rOCCI command line interface The rOCCI command line tools are written in Ruby, so you'll need to get that set up on your system. RVM manages the Ruby versions you've installed.

$ curl -L get.rvm.io | bash -s stable
$ rvm requirements
$ rvm install 1.9.3
$ rvm use 1.9.3 --default
$ gem install bundler
$ gem install occi-cli
$ occi --help
Usage: occi [OPTIONS]
[etc.]

###Create a VM Now that you can create proxies and use the occi command line tool, you're ready to managing Virtual Machines (VMs) on the EGI Federated Cloud. Firstly, you need to find a host site. You can find a full list here. For now, we will use CESGA:

export FEDCLOUD_ENDPOINT=https://cloud.cesga.es:3202/

To create a VM you will need to specify:

• an operating system template - the image on which your VM will be based, and;
• a resource template - the properties of the VM (size, memory, etc.).

You can find out what's available at a given site with the following commands:

$ occi --endpoint $FEDCLOUD_ENDPOINT --action list --resource os_tpl --auth x509 --user-cred $FEDCLOUD_USER_CRED --voms
[List of images available]
$ occi --endpoint $FEDCLOUD_ENDPOINT --action list --resource resource_tpl --auth x509 --user-cred $FEDCLOUD_USER_CRED --voms
[List of resource templates available]

We will create a small SL6 image. Again, it is useful to set environment variables:

$ export MY_FEDCLOUD_OSTPL="os_tpl#uuid_sl6_4_213"
$ export MY_FEDCLOUD_RESTPL="resource_tpl#small"

And you're ready to create your first VM on the EGI Federated Cloud:

$ occi --endpoint $FEDCLOUD_ENDPOINT --action create --resource compute --mixin $MY_FEDCLOUD_OSTPL --mixin $MY_FEDCLOUD_RESTPL --auth x509 --user-cred $FEDCLOUD_USER_CRED --voms --attribute occi.core.title="fed-cloud-vm001"
[Your newly created VM ID]
$ export MY_FIRST_VM="/compute/[number from the end of the VM ID received after the previous command]"

Congratulations! You've got your very own VM up and running on the EGI Federated Cloud. You can list all of the VMs you have running on a given site with the following command:

$ occi --endpoint $FEDCLOUD_ENDPOINT --action list --resource compute --auth x509 --user-cred $FEDCLOUD_USER_CRED --voms
[A list of IDs of the VMs running at the site specified by --endpoint]

$ occi --endpoint $FEDCLOUD_ENDPOINT --action describe --auth x509 --user-cred $FEDCLOUD_USER_CRED --voms --resource $MY_FIRST_VM

Delete a VM

$ occi --endpoint $FEDCLOUD_ENDPOINT --action delete --auth x509 --user-cred $FEDCLOUD_USER_CRED --voms --resource /compute/VMID

##Useful links

• The EGI Federated Cloud FAQ;
• Managing Virtual Servers -- tutorial presented at the EGI Community Forum 2014.

##Acknowledgments

• Huge thanks to Boris Parak (CESNET) for running the rOCCI tutorial during #EGICF14 and for general technical support with the occi tool.