Install and use the Ganeti Web Manager.
You could choose to install GWM on a server separate from your Ganeti nodes, or you could install it inside a VM. If it is installed in a VM it needs to be connected to your management network or able to route traffic there.
It's not a good idea to install it directly on the host server, but for the purposes of this host it is sufficient; or if you have a running Debian VM instance you can install it there.
Ganeti web manager is best installed in its own virtual host with its own domain name. In this example we will use "hostX.ws.nsrc.org", but replace it with your own hostname.
The DNS must be set up so that this name resolves to the IP address of the server running ganeti web manager. (If you are installing into a VM instance, check with the instructors that the IP you are using has a resolvable hostname in the DNS)
Ganeti Web Manager is a python/django web application, and is a little tricky to install and deploy the first time.
As there is no installable package, you will have to install from source. These instructions are suitable for an Ubuntu or Debian host.
Note: don't follow the instructions on the osuosl.org wiki as these are stale. The current documentation is at
The instructions below are for Ganeti Web Manager v. 0.11rc1.
For this exercise you should be root. It's also helpful for debugging if you log your entire session into a file.
$ sudo -s
# script install.log
# A transcript of the subsequent session is written to install.log until you type exit.
# apt-get install python-virtualenv wget sudo git libffi-dev python-dev \
mysql-server libmysqlclient-dev libssl-dev lsb-releaseIf this is the first time you've installed mysql you'll be asked to choose a mysql root password. Use the class password for this.
Fetch the ganeti-webmgr source tarball, preferably from a local copy to save time and bandwidth.
Note: In case the file isn't available for download from www.ws.nsrc.org, the original file can be found at:
https://code.osuosl.org/attachments/download/3387/ganeti-webmgr-0.11.0-rc1.tar.gz
# cd /usr/local/src
# mkdir gwm
# cd gwm
# wget http://www.ws.nsrc.org/downloads/ganeti/ganeti-webmgr-0.11.0-rc1.tar.gz
# tar -xvzf ganeti-webmgr-0.11.0-rc1.tar.gz
# ./scripts/setup.sh -D mysqlThis last step will take a while as dependencies are downloaded and installed.
# cd /opt/ganeti_webmgr/configWe need to generate two random keys to put in the configuration file we're about to create.
In another window (terminal), run the following commands, copy the output, and paste them into the config at the places indicated below.
These random strings don't need to be remembered or stored anywhere else.
# head -c18 /dev/urandom | base64 # this will be random string 1
# head -c18 /dev/urandom | base64 # this will be random string 2ganeti webmgr also needs its own password to talk to the database; we'll use the class password for this.
Create the file config.yml
DATABASES:
default:
ENGINE: django.db.backends.mysql
NAME: ganeti_webmgr
USER: ganeti_webmgr
PASSWORD: '<class_password>'
SECRET_KEY: '<randomstring1>' # Use random string 1
WEB_MGR_API_KEY: '<randomstring2>' # Use random string 2
VNC_PROXY: 'hostX.ws.nsrc.org:8888'
SITE_DOMAIN: 'hostX.ws.nsrc.org'We now need to "activate" the virtual environment where ganeti_webmgr is installed:
# source /opt/ganeti_webmgr/bin/activateThe prompt changes to:
(ganeti_webmgr)root@ganeti:~#... to keep things easy to read, we just write # below.
Type this command as well to set an environment variable:
# export DJANGO_SETTINGS_MODULE="ganeti_webmgr.ganeti_web.settings"Connect to the database as the root user (you will be prompted for the database root password, which you created earlier)
# mysql -u root -pNow create a database and give access to a new user with a password of your choice. This is the password that the application will use to connect to the database. For security it should be different to the root password. For this lab, you may use the usual class password, it is up to you.
mysql> create database ganeti_webmgr;
mysql> grant all on ganeti_webmgr.* to 'ganeti_webmgr'@'localhost'
identified by '<class_password>';
mysql> exit;Test that the database has been created properly:
# mysql -u ganeti_webmgr -p ganeti_webmgr
Enter password:Type the password you set.
You should be back at the database prompt:
mysql> exitThis creates the tables and also creates the first username/password which you will use to login to the web interface later.
# cd /opt/ganeti_webmgr
# django-admin.py syncdb --migrateYou should see something similar:
[ ... output about creating tables ...]
You just installed Django's auth system, which means you don't have any
superusers defined.
Would you like to create one now? (yes/no): Answer `yes`
Username (leave blank to use 'root'): Answer `admin`
E-mail address: Answer with your own E-mail address
Password: Password you will use to login to web interface
Password (again): If there is a problem with creating the superuser, then you can retry just that step using:
# cd /opt/ganeti_webmgr
# source /opt/ganeti_webmgr/bin/activate
# django-admin.py createsuperuserContinue with the following commands:
# django-admin.py rebuild_index
WARNING: This will irreparably remove EVERYTHING from your search index.
Your choices after this are to restore from backups or rebuild via the `rebuild_index` command.
Are you sure you wish to continue? [y/N] y
...Then:
# django-admin.py collectstatic
You have requested to collect static files at the destination
location as specified in your settings.
This will overwrite existing files!
Are you sure you want to do this?
Type 'yes' to continue, or 'no' to cancel: yesThe whoosh_index directory created by rebuild_index needs to be writable by Apache.
# chown -R www-data:www-data /opt/ganeti_webmgr/whoosh_index# apt-get install apache2 libapache2-mod-wsgiIn the following steps, remember to change hostX.ws.nsrc.org to the hostname you are using for the ganeti web manager.
Create file /etc/apache2/sites-available/ganeti_webmgr containing:
<VirtualHost *:80>
ServerName hostX.ws.nsrc.org
WSGIDaemonProcess ganeti_webmgr processes=4 threads=1 python-path=/opt/ganeti_webmgr/lib/python2.7/site-packages
WSGIProcessGroup ganeti_webmgr
WSGIScriptAlias / /opt/ganeti_webmgr/lib/python2.7/site-packages/ganeti_webmgr/ganeti_web/wsgi.py
ErrorLog /var/log/apache2/ganeti-error.log
CustomLog /var/log/apache2/ganeti-access.log common
Alias /static/ /opt/ganeti_webmgr/collected_static/
<Directory /opt/ganeti_webmgr/collected_static>
Order deny,allow
Allow from all
</Directory>
<Directory /opt/ganeti_webmgr>
<Files wsgi.py>
Order allow,deny
Allow from all
</Files>
</Directory>
</VirtualHost>Enable the virtual host:
# a2ensite ganeti_webmgr
# service apache2 reload# cd /usr/local/src/gwm
# cp scripts/vncauthproxy/init-ubuntu /etc/init.d/vncauthproxy
# update-rc.d vncauthproxy defaults# service vncauthproxy startYou should see a warning about limited TLS support, then:
Daemon started successfullyPoint web browser at http://hostX.ws.nsrc.org/
If you just get "It works!" then disable the default site:
# a2dissite default
# service apache2 reloadthen try again. You should get the Ganeti web manager login page.
If, at this point, things don't work, jump straight down to the Troubleshooting section.
If everything works, you should get a login page where you can login with the admin username and password you created earlier. So you now want to connect to the cluster(s) you wish to manage.
You need to set up a password for ganeti_webmgr to talk to the ganeti cluster daemons using the ganeti remote API (RAPI).
On the ganeti master node, generate a strong random password like this:
# head -c18 /dev/urandom | base64
0GReg6zUJqIGZ77FkK7+QiuaTake a careful note of this raw password, e.g. by pasting it into a file on your laptop, as you will need to enter it into ganeti web manager.
Now take a specially-formatted hash of this password (use your random password in place of 0GReg...):
# echo -n 'ganeti_webmgr:Ganeti Remote API:0GReg6zUJqIGZ77FkK7+Qiua' | openssl md5
<< the response will be something like this >>
(stdin)= 2e6d881bf6a705413bf6a88a051af17eFinally, as root create a file /var/lib/ganeti/rapi/users containing this one line (use your hash in place of 2e6d8...)
ganeti_webmgr {HA1}2e6d881bf6a705413bf6a88a051af17e writeand replicate it to the other nodes:
# gnt-cluster copyfile /var/lib/ganeti/rapi/usersYou don't need to remember this hash, only the original random password.
If the page doesn't refresh, click on "Clusters" in the left menu again, then click on the name of you cluster. You should now see an overview of the cluster details.
Click on the "Refresh" button to update all the information in the ganeti web manager database (this may be necessary if some changes to the cluster were made via the gnt command line)
Click on the "Nodes" tab to see the state of the individual nodes in the cluster, and the "Virtual Machines" tab to see VMs.
If you cannot get the console to work in the web interface, it may be because you have set a VNC password. If you intend to use the ganeti web manager for console access, you should turn this off.
On your cluster master:
gnt-cluster modify -H kvm:vnc_password_file=,vnc_bind_address=With snf-image 0.15.1 and later you can define OS variants such as snf-image+wheezy which can be selected from the drop-down in the GWM instance creation wizard.
Here's a sample file for wheezy, found in /etc/ganeti/snf-image/variants/wheezy.conf. You may have created such a file on your cluster nodes during the snf-image lab.
IMG_PASSWD=abc123
IMG_FORMAT=diskdump
IMG_ID=debian_base-7.0-x86_64
IMG_PROPERTIES='{"OSFAMILY":"linux","ROOT_PARTITION":"1","USERS":"root"}'Create one of these for each available OS type. You will also need to edit /etc/ganeti/snf-image/variants.list to list your available variants.
A future version of snf-image will allow you to store a hashed version of the password instead of cleartext:
IMG_PASSWD_HASH='$1$zzzz$2H9FclhReiwMQ4x.16GH0/'Things may not have gone smoothly! If you get an error when you try to access Ganeti Web Manager in the browser, take a look at the steps below.
If you get a python error involving AES keys then ensure that the two random keys you generated in config.yml are exactly 16, 24 or 32 characters long.
If you get a python error about getlocale returning null then try typing
export LANG=en_USand then re-run the command which gave the error.
Other locale errors can be fixed by:
apt-get install locales
vi /etc/locale.gen # uncomment the line "en_US.UTF-8 UTF-8" and save
locale-gen
update-locale LANG="en_US.UTF-8" LANGUAGE="en_US:en"If you forget the mysql password which you gave to the ganeti_webmgr account, you can reset it using the mysql root password.
# mysql -u root -p
<< enter the mysql root password >>
mysql> set password for 'ganeti_webmgr'@'localhost' = PASSWORD('SomePassWord');
mysql> exit;If you have forgotten the mysql root password, follow these instructions
If you get "Internal Server Error" then start by looking at /var/log/apache2/ganeti-error.log - the problem may be with the length of the SECRET_KEY and WEB_MGR_API_KEY keys, which must be 16, 24 or 32 characters as stated above.
If you still get the default webserver page, then edit /etc/apache2/sites-available/default and insert the following line after <VirtualHost *:80>
ServerName localhostThen reload apache (service apache2 reload)
If you get an error involving sqlite3 then you probably forgot to change the ENGINE value in config.yml. Go back, change this setting, then re-run the commands under the heading "Populate the database"
If you get a login page but the username/password does not work, you can (re)create the user account using
# cd /opt/ganeti_webmgr
# django-admin.py createsuperuserNote: consult the configuration settings page for a list of supported settings you can adjust on Ganeti Web Manager.