1 Objectives

Install and use the Ganeti Web Manager.

2 Choose server

You could choose to install GWM on a server separate from your Ganeti nodes, or you could install it inside a VM. If it is installed in a VM it needs to be connected to your management network or able to route traffic there.

It's not a good idea to install it directly on the host server, but for the purposes of this host it is sufficient; or if you have a running Debian VM instance you can install it there.

3 Choose hostname

Ganeti web manager is best installed in its own virtual host with its own domain name. In this example we will use "vmX.ws.nsrc.org", but replace it with your own hostname.

The DNS must be set up so that this name resolves to the IP address of the server running ganeti web manager. (If you are installing into a VM instance, check with the instructors that the IP you are using has a resolvable hostname in the DNS)

4 Installation

Ganeti Web Manager is a python/django web application, and is a little tricky to install and deploy the first time.

As there is no installable package, you will have to install from source. These instructions are suitable for an Ubuntu or Debian host.

Note: don't follow the instructions on the osuosl.org wiki as these are stale. The current documentation is on readthedocs.org

4.1 Install dependencies

# apt-get install build-essential git wget curl
# apt-get install python-dev python-setuptools python-pip python-memcache memcached
# pip install setuptools --no-use-wheel --upgrade
# pip install pip fabric virtualenv --upgrade
# apt-get install python-mysqldb mysql-server mysql-client

(Note that fabric and virtualenv are available as packages but they are too old, so we use 'pip' to fetch the latest ones)

If this is the first time that mysql server has been installed, it will prompt you for a root password. Give the class root password.

4.2 Unpack and build the source

Login as root. Fetch the ganeti-webmgr source tarball, preferably from a local copy to save time and bandwidth.

# cd /tmp
# wget http://www.ws.nsrc.org/src/ganeti-webmgr-0.10.2.tar.gz
# cd /var/lib
# tar -xvzf /tmp/ganeti-webmgr-0.10.2.tar.gz
# cd ganeti_webmgr
# fab deploy

The "fab deploy" step automatically fetches and builds all the dependencies.

Some packages exist in the system but are not in the python virtual environment (venv) so as a workaround add some symlinks.

cd /var/lib/ganeti_webmgr/venv/lib/python2.7
ln -s /usr/lib/python2.7/dist-packages/_mysql.so .
ln -s /usr/lib/python2.7/dist-packages/_mysql_exceptions.py .
ln -s /usr/lib/python2.7/dist-packages/MySQLdb .
ln -s /usr/lib/python2.7/dist-packages/memcache.py .
cd /var/lib/ganeti_webmgr

4.4 Create a database

Connect to the database as the root user (you will be prompted for the database root password)

# mysql -uroot -p

Now create a database and give access to a new user with a password of your choice. This is the password that the application will use to connect to the database. For security it should be different to the root password.

mysql> create database ganeti_webmgr;
mysql> grant all on ganeti_webmgr.* to 'ganeti_webmgr'@'localhost'
       identified by 'SomePassWord';
mysql> exit

4.5 Create settings

# cd /var/lib/ganeti_webmgr
# cp settings.py.dist settings.py
# vi settings.py

In another window generate two more random strings, and copy-paste them into the config at the places shown. These random strings don't need to be remembered or stored anywhere else.

# head -c18 /dev/urandom | base64
# head -c18 /dev/urandom | base64

Change these settings: note especially the ENGINE change from sqlite3 to mysql.

...
        'ENGINE': 'django.db.backends.mysql',

         # Or path to database file if using sqlite3.
        'NAME': 'ganeti_webmgr',
        'USER': 'ganeti_webmgr',
        'PASSWORD': 'SomePassWord',    # Use your own database password
...
SITE_DOMAIN = 'vmX.ws.nsrc.org'
...
SECRET_KEY = '<randomstring1>'
...
VNC_PROXY = 'vmX.ws.nsrc.org:8888'
...
WEB_MGR_API_KEY = "<randomstring2>"   # Use your own random API key

And add the following to the end of settings.py:

# Django caching framework
CACHES = {
    'default': {
        'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
        'LOCATION': '127.0.0.1:11211',
    },
}

ALLOWED_HOSTS = [
    'vmX.ws.nsrc.org',
]

4.6 Populate the database

# cd /var/lib/ganeti_webmgr
# source venv/bin/activate
# ./manage.py syncdb --migrate
...
You just installed Django's auth system, which means you don't have any superusers defined.
Would you like to create one now? (yes/no): yes
Username (leave blank to use 'nsrc'): admin
E-mail address: yourmail@yourdomain
Password:
Password (again):

...

# ./manage.py rebuild_index
WARNING: This will irreparably remove EVERYTHING from your search index.
Your choices after this are to restore from backups or rebuild via the `rebuild_index` command.
Are you sure you wish to continue? [y/N] y

...

# ./manage.py collectstatic
You have requested to collect static files at the destination
location as specified in your settings.

This will overwrite existing files!
Are you sure you want to do this?

Type 'yes' to continue, or 'no' to cancel: yes

If you have an error with the superuser step, you can repeat using ./manage.py createsuperuser

4.7 Set permissions

The whoosh_index directory created by rebuild_index needs to be writable by Apache.

# chown -R www-data:www-data /var/lib/ganeti_webmgr/whoosh_index

4.8 Install web server

# apt-get install apache2 libapache2-mod-wsgi

Create file /var/lib/ganeti_webmgr/django.wsgi containing:

import os
import sys

path = '/var/lib/ganeti_webmgr'

# activate virtualenv
activate_this = '%s/venv/bin/activate_this.py' % path
execfile(activate_this, dict(__file__=activate_this))

# add project to path
if path not in sys.path:
    sys.path.append(path)

# configure django environment
os.environ['DJANGO_SETTINGS_MODULE'] = 'settings'

import django.core.handlers.wsgi
application = django.core.handlers.wsgi.WSGIHandler()

Create file /etc/apache2/sites-available/ganeti_webmgr containing:

<VirtualHost *:80>
ServerName vmX.ws.nsrc.org
DocumentRoot "/var/lib/ganeti_webmgr/static"
ErrorLog /var/log/apache2/ganeti-error.log
CustomLog /var/log/apache2/ganeti-access.log common

Alias /robots.txt /var/lib/ganeti_webmgr/static/robots.txt
Alias /favicon.ico /var/lib/ganeti_webmgr/static/favicon.ico

AliasMatch ^/([^/]*\.css) /var/lib/ganeti_webmgr/static/styles/$1

Alias /media/ /var/lib/ganeti_webmgr/media/
Alias /static/ /var/lib/ganeti_webmgr/static/

<Directory /var/lib/ganeti_webmgr/static>
Order deny,allow
Allow from all
</Directory>

<Directory /var/lib/ganeti_webmgr/media>
Order deny,allow
Allow from all
</Directory>

WSGIScriptAlias / /var/lib/ganeti_webmgr/django.wsgi
WSGIDaemonProcess vmX.ws.nsrc.org python-path=/var/lib/ganeti_webmgr:/var/lib/ganeti_webmgr/venv/lib/python2.7/site-packages processes=2 threads=15 display-name=%{GROUP}
WSGIProcessGroup vmX.ws.nsrc.org

<Directory /var/lib/ganeti_webmgr>
<Files django.wsgi>
Order allow,deny
Allow from all
</Files>
</Directory>

</VirtualHost>

Enable the virtual host:

# a2ensite ganeti_webmgr
# service apache2 reload

4.9 Start VNC auth proxy

For VNC access to instances, the VNC auth proxy needs to be started. (TODO: set this up in a startup script e.g. /etc/rc.local)

# /var/lib/ganeti_webmgr/venv/bin/twistd --pidfile=/tmp/proxy.pid -n vncap \
        -c tcp:8888:interface=0.0.0.0 &

4.10 Test

Point web browser at http://vmX.ws.nsrc.org/

If you get "Internal Server Error" then start by looking at /var/log/apache2/ganeti-error.log

5 Adding clusters

If everything works, you should get a login page where you can login with the admin username and password you created earlier. So you now want to connect to the cluster(s) you wish to manage.

5.1 Create a RAPI key

You need to set up a password for ganeti_webmgr to talk to the ganeti cluster daemons using the ganeti remote API (RAPI).

On the ganeti master node, generate a strong random password like this:

# head -c18 /dev/urandom | base64
0GReg6zUJqIGZ77FkK7+Qiua

Take a careful note of this raw password, e.g. by pasting it into a file on your laptop, as you will need to enter it into ganeti web manager.

Now take a specially-formatted hash of this password (use your random password in place of 0GReg...):

# echo -n 'ganeti_webmgr:Ganeti Remote API:0GReg6zUJqIGZ77FkK7+Qiua' | openssl md5
(stdin)= 2e6d881bf6a705413bf6a88a051af17e

Finally, as root create a file /var/lib/ganeti/rapi/users containing this one line (use your hash in place of 2e6d8...)

ganeti_webmgr {HA1}2e6d881bf6a705413bf6a88a051af17e write

and replicate it to the other nodes:

# gnt-cluster copyfile /var/lib/ganeti/rapi/users

You don't need to remember this hash, only the original random password.

5.2 Add cluster in web interface

At this point you should see an overview of the cluster details. Click on the "Refresh" button to update all the information in the ganeti web manager database (this may be necessary if some changes to the cluster were made via the gnt command line)

Click on the "Nodes" tab to see the state of the individual nodes in the cluster, and the "Virtual Machines" tab to see VMs.