# Agenda: ex-ganeti-install.htm

Line
1<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2<html xmlns="http://www.w3.org/1999/xhtml">
4  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
5  <meta http-equiv="Content-Style-Type" content="text/css" />
6  <meta name="generator" content="pandoc" />
7  <title>Ganeti basic installation</title>
8  <style type="text/css">code{white-space: pre;}</style>
11<body>
13<h1 class="title">Ganeti basic installation</h1>
14</div>
15<div id="TOC">
16<ul>
17<li><a href="#objectives"><span class="toc-section-number">1</span> Objectives</a></li>
18<li><a href="#become-root"><span class="toc-section-number">2</span> Become root</a></li>
19<li><a href="#configure-the-hostname"><span class="toc-section-number">3</span> Configure the Hostname</a></li>
20<li><a href="#logical-volume-manager"><span class="toc-section-number">4</span> Logical Volume Manager</a></li>
21<li><a href="#configure-the-network"><span class="toc-section-number">5</span> Configure the Network</a><ul>
22<li><a href="#synchronize-the-clock"><span class="toc-section-number">5.1</span> Synchronize the clock</a></li>
23</ul></li>
24<li><a href="#install-the-ganeti-software"><span class="toc-section-number">6</span> Install the Ganeti software</a><ul>
25<li><a href="#debian"><span class="toc-section-number">6.1</span> Debian</a></li>
26<li><a href="#ubuntu"><span class="toc-section-number">6.2</span> Ubuntu</a></li>
27</ul></li>
28<li><a href="#setup-drbd"><span class="toc-section-number">7</span> Setup DRBD</a></li>
30<li><a href="#create-script-to-create-vm-users"><span class="toc-section-number">9</span> Create script to create VM users</a></li>
31<li><a href="#write-script-to-create-vm-users"><span class="toc-section-number">10</span> Write script to create VM users</a></li>
32<li><a href="#execute-user-creation-script-on-local-node"><span class="toc-section-number">11</span> Execute user creation script on local node</a></li>
33<li><a href="#execute-user-creation-script-on-remote-nodes-optional"><span class="toc-section-number">12</span> Execute user creation script on remote nodes (optional)</a></li>
34<li><a href="#initialize-the-cluster---master-node-only"><span class="toc-section-number">13</span> Initialize the cluster - MASTER NODE ONLY</a><ul>
35<li><a href="#adding-nodes-to-the-cluster---master-node-only"><span class="toc-section-number">13.1</span> Adding nodes to the cluster - MASTER NODE ONLY</a></li>
36<li><a href="#verify-the-configuration-of-your-cluster"><span class="toc-section-number">13.2</span> Verify the configuration of your cluster</a></li>
37</ul></li>
38<li><a href="#securing-the-vnc-consoles"><span class="toc-section-number">14</span> Securing the VNC consoles</a></li>
39<li><a href="#optional-burn-in"><span class="toc-section-number">15</span> Optional: Burn-in</a></li>
40</ul>
41</div>
43<p>You will each of you install the Ganeti virtualization cluster management software on your Linux server.</p>
44<ul>
45<li>Configure the network</li>
46<li>Install the Ganeti software</li>
47<li>Use the Ganeti command line tools to initialize the cluster, with groups of machines working in a cluster configuration</li>
48</ul>
49<p>You will build clusters of three of four hosts, depending on how the instructor wishes to organise the classroom. For example, a lab with 15 hosts might be organised like this:</p>
50<table>
53<th align="left">cluster IP</th>
54<th align="left">master node</th>
56</tr>
58<tbody>
59<tr class="odd">
60<td align="left">gnt1.ws.nsrc.org</td>
61<td align="left">host1.ws.nsrc.org</td>
62<td align="left">host2.ws.nsrc.org, host3.ws.nsrc.org</td>
63</tr>
64<tr class="even">
65<td align="left">gnt2.ws.nsrc.org</td>
66<td align="left">host4.ws.nsrc.org</td>
67<td align="left">host5.ws.nsrc.org, host6.ws.nsrc.org</td>
68</tr>
69<tr class="odd">
70<td align="left">gnt3.ws.nsrc.org</td>
71<td align="left">host7.ws.nsrc.org</td>
72<td align="left">host8.ws.nsrc.org, host9.ws.nsrc.org</td>
73</tr>
74<tr class="even">
75<td align="left">gnt4.ws.nsrc.org</td>
76<td align="left">host10.ws.nsrc.org</td>
77<td align="left">host11.ws.nsrc.org, host12.ws.nsrc.org</td>
78</tr>
79<tr class="odd">
80<td align="left">gnt5.ws.nsrc.org</td>
81<td align="left">host13.ws.nsrc.org</td>
82<td align="left">host14.ws.nsrc.org, host15.ws.nsrc.org</td>
83</tr>
84</tbody>
85</table>
86<p>Note that ganeti requires you to use fully-qualified domain names, and these must resolve to the correct IP addresses (either in the DNS or in the <code>/etc/hosts</code> file on every node)</p>
87<p>Your host's static IP address is 10.10.0.X, where X is your host number (e.g. host 4 is 10.10.0.4)</p>
88<h1 id="become-root"><a href="#become-root"><span class="header-section-number">2</span> Become root</a></h1>
89<p>All of the actions in this exercise are done as &quot;root&quot;, so if you are not root already type:</p>
90<pre><code>$sudo -s 91#</code></pre> 92<h1 id="configure-the-hostname"><a href="#configure-the-hostname"><span class="header-section-number">3</span> Configure the Hostname</a></h1> 93<p>Look at the contents of the file <code>/etc/hostname</code> and check it contains the fully-qualified domain name, i.e.</p> 94<pre><code>hostX.ws.nsrc.org</code></pre> 95<p>(where X is your machine number). If not, then edit it so that it looks like that, then get the system to re-read this file:</p> 96<pre><code># hostname -F /etc/hostname</code></pre> 97<p>Also check <code>/etc/hosts</code> to ensure that you have the both the fully-qualified name and the short name there, pointing to your static IP address:</p> 98<pre><code>127.0.0.1 localhost 9910.10.0.X hostX.ws.nsrc.org hostX</code></pre> 100<h1 id="logical-volume-manager"><a href="#logical-volume-manager"><span class="header-section-number">4</span> Logical Volume Manager</a></h1> 101<!-- ONLY FOR NESTED-VIRT SETUPS WHERE THE BOOT DISK IS NON-LVM 102Type the following command: 103 104~~~ 105# vgs 106~~~ 107 108If it shows you have a volume group called 'ganeti' then skip to the next 109section, "Configure the Network" 110 111If the command is not found, then install the lvm2 package: 112 113~~~ 114# apt-get install lvm2 115~~~ 116 117Now, your host machine should have either a spare partition or a spare 118hard drive which you will use for LVM. If it's a second hard drive it will 119be /dev/vdb or /dev/sdb. 120Check which you have: 121 122~~~ 123# ls /dev/vd* 124# ls /dev/sd* 125~~~ 126 127The following instructions assume the spare drive is /dev/vdb but please 128adjust them as necessary. 129 130Turning this drive into a physical volume for LVM will destroy any data which 131is on it, so double-check that the drive is not in use, by looking at what 132filesystems are currently mounted: 133 134~~~ 135# mount 136~~~ 137 138For example, you may see /dev/vda1 mounted (which means the first partition on 139device /dev/vda is in use) 140 141Assuming /dev/vdb is spare, let's mark it as a physical volume for LVM: 142 143~~~ 144# pvcreate /dev/vdb 145# pvs # should show the physical volume 146~~~ 147 148Now we need to create a volume group called ganeti containing just this 149one physical volume. (Volume groups can be extended later by adding more 150physical volumes) 151 152~~~ 153# vgcreate ganeti /dev/vdb 154# vgs 155 VG #PV #LV #SN Attr VSize VFree 156 ganeti 1 0 0 wz--n- 24.00g 24.00g 157~~~ 158 159You should see that the volume group has been created, it consists of 160one Physical Volume (PV), and no Logical Volumes (LV) have been created 161within it, so all the space is free. 162 163More detailed information can be seen by typing vgdisplay 164 165If you want to create, extend and delete a logical volume called "foo", 166these are the commands you would use. If you have not used them before, 167this is a good time to try them out. 168 169~~~ 170# lvcreate --size 1G --name foo ganeti # create volume called "foo" of 1GB 171# lvs 172# ls -l /dev/ganeti 173# blockdev --getsize64 /dev/ganeti/foo # shows device size in bytes 174# lvextend --size +1G /dev/ganeti/foo # grow by 1GB 175# blockdev --getsize64 /dev/ganeti/foo # shows device size in bytes 176# vgs # check free space in VG 177# lvremove /dev/ganeti/foo 178# vgs 179~~~ 180--> 181 182<p>You don't need to do this for the lab, but on a production Ganeti server it is recommended to configure LVM not to scan DRBD devices for physical volumes. The documentation suggests editing <code>/etc/lvm/lvm.conf</code> and adding a reject expression to the filter variable, like this:</p> 183<pre><code>filter = [ &quot;r|/dev/cdrom|&quot;, &quot;r|/dev/drbd[0-9]+|&quot; ]</code></pre> 184<p>You can tighten this further by allowing only devices which match the expected pattern. If you know that all your attached physical disks start with <code>/dev/sd</code> then you can accept only those and reject everything else:</p> 185<pre><code>filter = [ &quot;a|^/dev/sd|&quot;, &quot;r|.*|&quot; ]</code></pre> 186<h1 id="configure-the-network"><a href="#configure-the-network"><span class="header-section-number">5</span> Configure the Network</a></h1> 187<p>We need a software bridge on our machine, so that VMs can connect to it and have shared access to the physical ethernet port on the host.</p> 188<p>You may already have built your machine with a bridge interface and static IP address - if so you can skip this section.</p> 189<p>If not, then check that the bridge management utilities are installed:</p> 190<pre><code># apt-get install bridge-utils</code></pre> 191<p>Then edit the file <code>/etc/network/interfaces</code> so that it looks like this:</p> 192<pre><code># The loopback network interface 193auto lo 194iface lo inet loopback 195 196# Management interface 197auto eth0 198iface eth0 inet manual 199 200auto br-lan 201iface br-lan inet static 202 address 10.10.0.X 203 netmask 255.255.255.0 204 gateway 10.10.0.254 205 dns-nameservers 10.10.0.241 206 bridge_ports eth0 207 bridge_stp off 208 bridge_fd 0 209 bridge_maxwait 0</code></pre> 210<p>If you changed this file, the safest thing to do now is to reboot so that the network interfaces are brought up according to these settings.</p> 211<p>Then check that the bridge interface has been created:</p> 212<pre><code># brctl show 213# ifconfig br-lan</code></pre> 214<p>Verify that your colleagues have finished their configuration, and test that you can ping their 10.10.0.X addresses.</p> 215<p>If you have problems:</p> 216<ul> 217<li>verify <code>/etc/network/interfaces</code></li> 218<li>run <code>brctl show</code> and <code>ifconfig</code></li> 219<li>ask a neighbor, or your instructors, for assistance.</li> 220</ul> 221<p>As a final check of networking and DNS, test that you can resolve the following hostnames using the <code>dig</code> command:</p> 222<pre><code>dig +short host1.ws.nsrc.org 223dig +short host2.ws.nsrc.org 224.. 225dig +short gnt1.ws.nsrc.org 226dig +short gnt2.ws.nsrc.org 227..</code></pre> 228<h2 id="synchronize-the-clock"><a href="#synchronize-the-clock"><span class="header-section-number">5.1</span> Synchronize the clock</a></h2> 229<p>It's important that the nodes have synchronized time, so install the NTP daemon on every node:</p> 230<pre><code># apt-get install ntp ntpdate</code></pre> 231<h1 id="install-the-ganeti-software"><a href="#install-the-ganeti-software"><span class="header-section-number">6</span> Install the Ganeti software</a></h1> 232<p>Now install the software from the right package repository. How to do this depends on whether your machine is running Debian or Ubuntu.</p> 233<h2 id="debian"><a href="#debian"><span class="header-section-number">6.1</span> Debian</a></h2> 234<p>On Debian, the available version of ganeti is too old, but fortunately the current version is available in a <code>backports</code> repository <sup><a href="#fn1" class="footnoteRef" id="fnref1">1</a></sup>.</p> 235<p>As root, create a file <code>/etc/apt/sources.list.d/wheezy-backports.list</code> containing this one line:</p> 236<pre><code>deb http://cdn.debian.net/debian/ wheezy-backports main</code></pre> 237<p>Then refresh the index of available packages:</p> 238<pre><code># apt-get update</code></pre> 239<p>Now, install the <code>Ganeti</code> software package. Note that the backports packages are not used unless you ask for them explicitly.</p> 240<pre><code># apt-get install ganeti/wheezy-backports</code></pre> 241<p>This will install the current released version of Ganeti on your system; but any dependencies it pulls in will be the stable versions.</p> 242<p>The ganeti-htools package is installed as a dependency. This provides the instance allocator (&quot;hail&quot;) which can automatically place VMs for you.</p> 243<h2 id="ubuntu"><a href="#ubuntu"><span class="header-section-number">6.2</span> Ubuntu</a></h2> 244<p>For server applications you are recommended to use a Long Term Support (LTS) version of Ubuntu. The current LTS versions are 12.04 and 14.04.</p> 245<p>The version of Ganeti provided in Ubuntu 12.04 is very old; the version in Ubuntu 14.04 is newer (Ganeti 2.9.x), but it's still better to work with up-to-date code. Also, Ganeti 2.10 introduced a <a href="http://docs.ganeti.org/ganeti/master/html/design-upgrade.html">mechanism to make upgrades to later versions much easier</a>.</p> 246<p>Luckily, a newer version of Ganeti is available for Ubuntu 12.04 and 14.04, via a &quot;Private Package Archive&quot; (PPA).</p> 247<p><a href="https://launchpad.net/~pkg-ganeti-devel/+archive/lts">https://launchpad.net/~pkg-ganeti-devel/+archive/lts</a></p> 248<p>To add the necessary information to the our list of packages sources (<code>/etc/apt/sources.list</code>), run the following commands:</p> 249<pre><code># apt-get install python-software-properties 250# add-apt-repository ppa:pkg-ganeti-devel/lts</code></pre> 251<p>The second command will prompt you:</p> 252<pre><code>You are about to add the following PPA to your system: 253 This PPA contains stable versions of Ganeti backported to Ubuntu LTS. Currently 254 it covers 12.04 LTS (Precise) and 14.04 LTS (Trusty). 255 More info: https://launchpad.net/~pkg-ganeti-devel/+archive/lts 256Press [ENTER] to continue or ctrl-c to cancel adding it</code></pre> 257<p>Just press <code>[ENTER]</code></p> 258<p>The package archive will now be available. We still need to update the list of available packages:</p> 259<pre><code># apt-get update</code></pre> 260<p>Now, install the <code>Ganeti</code> software package:</p> 261<pre><code># apt-get install ganeti</code></pre> 262<p>This will install the current released version of Ganeti on your system.</p> 263<h1 id="setup-drbd"><a href="#setup-drbd"><span class="header-section-number">7</span> Setup DRBD</a></h1> 264<p>We'll now set up DRBD (Distributed Replicated Block Device), which will make it possible for VMs to have redundant storage across two physical machines.</p> 265<p>DRBD was already installed when we installed Ganeti, but we still need to change the configuration:</p> 266<pre><code># echo &quot;options drbd minor_count=128 usermode_helper=/bin/true&quot; &gt;/etc/modprobe.d/drbd.conf 267# echo &quot;drbd&quot; &gt;&gt;/etc/modules 268# rmmod drbd # ignore error if the module isn't already loaded 269# modprobe drbd</code></pre> 270<p>The entry in <code>/etc/modules</code> ensures that drbd is loaded at boot time.</p> 271<h1 id="create-a-root-password-ubuntu-servers-only"><a href="#create-a-root-password-ubuntu-servers-only"><span class="header-section-number">8</span> Create a root password [Ubuntu servers only]</a></h1> 272<p>Ganeti will need to log in as <code>root</code> to the other nodes in the cluster so it can set up the configuration files there. After the first login, SSH keys are used (and therefore no password is used), but for the first connection, we need to set a root password.</p> 273<p>For Ubuntu servers only: you need to set a root password on each node. (For Debian servers, this will have already been done at installation time)</p> 274<p>Note: You only need to do this on the <code>slave</code> nodes in each cluster of servers.</p> 275<pre><code># passwd root 276Enter new UNIX password: 277Retype new UNIX password: 278passwd: password updated successfully</code></pre> 279<p>Use the in-class password!</p> 280<p>Finally, create a directory for SSH keys to be stored for the <code>root</code> user:</p> 281<pre><code># mkdir /root/.ssh 282# chmod 700 /root/.ssh</code></pre> 283<h1 id="create-script-to-create-vm-users"><a href="#create-script-to-create-vm-users"><span class="header-section-number">9</span> Create script to create VM users</a></h1> 284<pre><code># vi ~/create_users.sh</code></pre> 285<h1 id="write-script-to-create-vm-users"><a href="#write-script-to-create-vm-users"><span class="header-section-number">10</span> Write script to create VM users</a></h1> 286<pre><code>#!/bin/bash 287 288for i in seq 120 130; 289do 290 useradd -u$i -s /bin/false -M kvm-\$i
291
292done</code></pre>
293<h1 id="execute-user-creation-script-on-local-node"><a href="#execute-user-creation-script-on-local-node"><span class="header-section-number">11</span> Execute user creation script on local node</a></h1>
294<pre><code>chmod 700 create_users.sh &amp;&amp; ./create_users.sh</code></pre>
295<h1 id="execute-user-creation-script-on-remote-nodes-optional"><a href="#execute-user-creation-script-on-remote-nodes-optional"><span class="header-section-number">12</span> Execute user creation script on remote nodes (optional)</a></h1>
296<pre><code>ssh host1 &quot;bash -s&quot; &lt; ./create_users.sh</code></pre>
297<h1 id="initialize-the-cluster---master-node-only"><a href="#initialize-the-cluster---master-node-only"><span class="header-section-number">13</span> Initialize the cluster - MASTER NODE ONLY</a></h1>
298<p>We are now ready to run the commands that will create the Ganeti cluster. Do this only on the MASTER node of the cluster.</p>
299<pre><code># gnt-cluster init --master-netdev=br-lan --enabled-hypervisors=kvm \
300  --uid-pool=120-130 --prealloc-wipe-disks=yes -H kvm:security_model=pool,use_chroot=true \
301  -N link=br-lan --vg-name ganeti gnt1.ws.nsrc.org
302
304<p>where X is the number of your <em>host</em> (like host1, host2 etc), and Z is the number of your <em>cluster</em> (gnt1, gnt2 etc)</p>
305<p>Explanation of the above parameters:</p>
306<ul>
307<li><p><code>--master-netdev</code> =&gt; a Ganeti cluster has an extra IP address for cluster management. This IP address is created as an IP alias on whichever node is the master at that time. In our case, our management network is <code>br-lan</code>, thus we set <code>master-netdev</code> to be br-lan.</p></li>
308<li><p><code>--enabled-hypervisors</code> =&gt; We are using KVM as our hypervisor</p></li>
309<li><p><code>--uid-pool=120-130</code> =&gt; We are setting our user pool for VM execution to the users we created for VMs</p></li>
310<li><p><code>--prealloc-wipe-disks=yes</code> =&gt; This flag tells Ganeti to wipe disks prior to allocating space for new VMs. This will prevent a new VM from being able to recover latent data off block devices. If you are using SSD drives, then you should <em>not</em> use this feature as it will take a long time and is not necessary.</p></li>
311<li><p><code>-H kvm:security_model=pool,use_chroot=true</code> =&gt; These options configure the KVM hypervisor to execute VMs from within a chroot jail (to limit the KVM processes access to the host filesystem). It also configures KVM to execute VMs as users from the pool we created.</p></li>
312<li><p><code>-N link</code> =&gt; Here we set the default network to which the virtual machines we create will be attached. In our case, this will be <code>br-lan</code></p></li>
313<li><p><code>--vg-name</code> =&gt; This tells Ganeti the name of the Volume Group in which it can create Logical Volumes. If you don't specify it, for historical reasons it will expect a volume group called <code>xenvg</code></p></li>
314<li><p>Finally <code>gntZ.ws.nsrc.org</code> is the name of the cluster you are creating, and resolves to the cluster management IP address.</p></li>
315</ul>
316<p>If everything goes well, the command <code>gnt-cluster init</code> will take 5-6 seconds to complete. It will not output anything unless a problem occurred.</p>
317<p>The second command sets some hypervisor default parameters (<code>-H</code>):</p>
318<ul>
319<li><p><code>kernel_path</code> and <code>initrd_path</code> are set to empty string, so that instances boot like normal PCs, using the Master Boot Record</p></li>
320<li><p><code>vnc_bind_address</code> set to 0.0.0.0 allows VNC consoles to accept connections across the network</p></li>
321</ul>
322<p>These will be used by all instances that don't explicitly override them.</p>
323<p>Observe that there is an interface <code>br-lan:0</code> now configured:</p>
324<pre><code># ifconfig br-lan:0</code></pre>
325<p>The IP address should be that which the hostname <code>gntZ.ws.nsrc.org</code> resolves to.</p>
326<p>During the cluster creation, the node you ran the command on (the master node) was automatically added to the cluster. So we don't need to do that and can proceed directly to adding the other nodes in the cluster.</p>
328<p>So let's run the command to add the other nodes.</p>
329<p>Run this command only on the MASTER node of the cluster.</p>
331<p>You will be warned that the command will replace the SSH keys on the destination machine (the node you are adding) with new ones. This is normal.</p>
332<pre><code>-- WARNING --
333Performing this operation is going to replace the ssh daemon keypair
334on the target machine (hostY) with the ones of the current one
336<p>When asked if you want to continue connection, say <code>yes</code>:</p>
337<pre><code>The authenticity of host 'hostY (10.10.0.Y)' can't be established.
339Are you sure you want to continue connecting (yes/no)? yes</code></pre>
340<p>When prompted for the root password for hostY, enter it:</p>
341<pre><code>Warning: Permanently added 'hostY' (ECDSA) to the list of known hosts.
343<p>You may see the following informational message; you can ignore it:</p>
344<pre><code>Restarting OpenBSD Secure Shell server: sshd.
345Rather than invoking init scripts through /etc/init.d, use the service(8)
346utility, e.g. service ssh restart
347
348Since the script you are attempting to invoke has been converted to an
349Upstart job, you may also use the stop(8) and then start(8) utilities,
350e.g. stop ssh ; start ssh. The restart(8) utility is also available.
351ssh stop/waiting
352ssh start/running, process 2921</code></pre>
353<p>The last message you should see is this:</p>
354<pre><code>Tue Jan 14 01:07:40 2014  - INFO: Node will be a master candidate</code></pre>
355<p>This means that the machine you have just added into the node (hostY) can take over the role of configuration master for the cluster, should the master (hostX) crash or be unavailable.</p>
356<p>Repeat to add the third and/or fourth nodes of your cluster, again always running the commands on the master node.</p>
358<p>Again only on the MASTER node of the cluster:</p>
359<pre><code># gnt-cluster verify</code></pre>
360<p>This will tell you if there are any errors in your configuration. It is possible you will see errors about &quot;orphan volumes&quot;:</p>
361<pre><code>Thu Feb  6 05:02:47 2014 * Verifying orphan volumes
362Thu Feb  6 05:02:47 2014   - ERROR: node hostX.ws.nsrc.org: volume ganeti/swap is unknown
363Thu Feb  6 05:02:47 2014   - ERROR: node hostX.ws.nsrc.org: volume ganeti/var is unknown
364Thu Feb  6 05:02:47 2014   - ERROR: node hostX.ws.nsrc.org: volume ganeti/root is unknown</code></pre>
365<p>This means logical volumes which were already created in the volume group but which ganeti does not know about or manage. You can avoid this error by telling ganeti to ignore those logical volumes:</p>
366<pre><code># gnt-cluster modify --reserved-lvs=ganeti/root,ganeti/swap,ganeti/var
367# gnt-cluster verify</code></pre>
368<p>If you still have any errors, please talk to the instructors.</p>
369<p>To see detailed information on how your cluster is configured, try these commands:</p>
370<pre><code># gnt-cluster info | more</code></pre>
371<p>Look at the output.</p>
372<pre><code># gnt-node list
373# gnt-node list-storage</code></pre>
374<p>You are done with the basic installation!</p>
375<h1 id="securing-the-vnc-consoles"><a href="#securing-the-vnc-consoles"><span class="header-section-number">14</span> Securing the VNC consoles</a></h1>
376<p>It would be good idea to make sure that the VNC consoles for the VMs are protected by a password.</p>
377<p>To do this, we can create a <em>cluster-wide</em> password for every VM console.</p>
378<p>This can later be overridden (changed) for each instance (VM).</p>
379<p>To create the cluster-wide password, run this command on the master:</p>
383<p>You will probably see an error message:</p>
384<pre><code>Failure: command execution error:
386<p>Hmm, we just added the file - but wait! It's telling us that the file is missing from the <em>slave</em> nodes.</p>
387<p>That's because we only created <code>/etc/ganeti/vnc-cluster-password</code> on the master node. It needs to be on every node (host) since any one of them could become a cluster master in the future.</p>
388<p>There's a great command for this in ganeti: <code>gnt-cluster copyfile</code></p>
389<p><code>gnt-cluster copyfile</code> will take a file as a parameter, and will take care of copying it to every node in the cluster.</p>
390<p>In this case, we want our file <code>/etc/ganeti/vnc-cluster-password</code> to be copied.</p>
391<p>To do this (on the master host - you will get a complaint if you try and run this on the other nodes):</p>
393<p>You can now re-run the command from earlier:</p>
395<p>That's it! Next up, we'll create some instances (VMs) and test migration.</p>
396<h1 id="optional-burn-in"><a href="#optional-burn-in"><span class="header-section-number">15</span> Optional: Burn-in</a></h1>
397<p>If you have spare time, you can run a &quot;burn-in&quot;. This is a comprehensive self-test which will check your cluster's ability to create, migrate and destroy virtual machines. It takes about half an hour, and reports its progress as it runs.</p>
398<p>The name of the VM to create (here &quot;testvm&quot;) should be unique. If you have any existing VM with this name, it will be destroyed. It also needs to resolve, so on each cluster node create an <code>/etc/hosts</code> entry like this:</p>
399<pre><code>192.0.2.1       testvm</code></pre>
400<p>Then run this on the cluster master node:</p>
401<pre><code># /usr/lib/ganeti/tools/burnin -o debootstrap+default \
402   -H kvm:kernel_path=/vmlinuz,initrd_path=/initrd.img \
403   --disk-size 1024m --no-name-check --no-ip-check testvm</code></pre>
404<div class="footnotes">
405<hr />
406<ol>
407<li id="fn1"><p><code>backports</code> are newer versions of the third party software originally packaged for your version of the operating system. These newer versions, packaged for a newer releases of Debian (or Ubuntu), have been made available (or backported) to the version of Debian we are using.<a href="#fnref1"></a></p></li>
408</ol>
409</div>
410</body>
411</html>