Using AWS CodeDeploy with Eucalyptus Cloudformation for On-Premise Application Deployments

Originally posted on More Mind Spew-age from Harold Spencer Jr.:


Recently, Amazon Web Services (AWS) announced that their CodeDeploy service supports on-premise instances.  This is extremely valuable – especially for developers and administrators to allow utilization of existing on-premise resources.

For teams who are using HP Helion Eucalyptus 4.1 (or who want to use Eucalyptus), this is even better news.  This feature – along with HP Helion Eucalyptus 4.1 Cloudformation – developers can deploy applications within a private cloud environment of HP Helion Eucalyptus.  This makes it even easier for developers and administrators to separate out and maintain production (AWS) versus development (HP Helion Eucalyptus) environments (or vice versa).  In addition, since HP Helion Eucalyptus strives for AWS compatibility, the Cloudformation templates used on Eucalyptus, can be used with AWS – with just a couple of modifications.

The Setup

To leverage on-premise instances with AWS CodeDeploy, please reference the AWS documentation entitled “Configure Existing On-Premises Instances…

View original 798 more words

Eucalyptus 4.0 OSG Bucket ACLs and Object Lifecycle Management using Python Boto and s3cmd

Originally posted on More Mind Spew-age from Harold Spencer Jr.:


My last few blogs have discussed how Eucalyptus 4.0 supports similar Amazon Web Services, such as Elastic Compute Cloud (EC2), Simple Storage Services (S3), Elastic Load Balancing (ELB) and Security Token Services (STS) features. Using third party tools, such as python boto and s3cmd, features such as listing buckets and objects, listing running instances and assuming IAM roles were covered.  This blog entry is yet another example as to how Eucalyptus provides AWS compatible features in a private, on-premise cloud environment.

A couple of little known AWS-like features provided by the Eucalyptus 4.0.x Object Storage Gateway (OSG) that are barely discussed are the following:

Both of these features help cloud users implement cross-account bucket and object access, and define how long an object lives in a bucket.  Keeping consistent with the earlier blog entries and continuing to promote…

View original 1,671 more words

Eucalyptus Block Storage Service with Ceph RBD

Press: HP acquires Eucalyptus :)

Embracing open source technology is not something new to us and here at Eucalyptus we practice this everyday. In Eucalyptus 4.1.0, we chose this beautiful commodity storage technology Ceph for our Block Storage Service. yay! While the product is under heavy development, I am happy to give update about how Ceph can be used as a block storage backend for Eucalyptus Storage Controller (SC).

First thing first, so to use Ceph as a block storage manager, we need a basic Ceph cluster deployed. Apart from having several automation technologies to deploy Ceph, it also has a beautiful tool called ceph-deploy. We found it really pleasing while deploying Ceph clusters with ceph-deploy. But as our requirement is to be able to deploy Ceph clusters of different sizes on-demand for testing ceph+eucalyptus setup, so we needed some automation for this. After giving some thought about our use case, we decided to take the a newer path which would be easily maintainable for us. So, we decided to write a small chef cookbook to deploy a Ceph cluster with ceph-deploy, fun isn’t it? ;-)


For those who want to take a quick taste of Eucalyptus and Ceph at it’s early phase here is how you do it:

To deploy using ceph-cookbook which uses ceph-deploy,

1. clone the cookbook from (tested with 1x Monitor node and 2x OSDs, should work with a large number of OSDs)

2. upload the cookbook to your Chef server

3. update the environment file and upload it to the Chef server

4. Deploy Ceph cluster using Motherbrain

mb ceph-deploy bootstrap bootstrap.json --environment ceph_cluster -v

To add Ceph cluster as block storage backend for Eucalyptus, we will need a newer kernel with RBD module support and Ceph installed on the Eucalyptus Storage Controller (SC). For this demo we will use the LT kernel from ELRepo.

yum install ceph
yum --enablerepo=elrepo-kernel install kernel-lt

You may need to reboot the host by setting up the proper default value in grub.conf.

Now on your MON node, copy ceph.conf and ceph.client.admin.keyring from /root/mycluster directory and place those into /etc/ceph/ directory of the Eucalyptus SC host.

Register Eucalyptus Storage Controller and set the <cluster>.storage.blockstoragemanager property to “ceph”, e.g

euca-modify-property -p

At this point your Eucalyptus Storage Controller should be ready to be used with Ceph as a storage backend!

Now test your Eucalyptus SC with Ceph RBD by creating volumes and snapshots.

To check the ongoing events on your Ceph cluster, run `ceph -w` on the Monitor node.

Happy Cephing with Eucalyptus!

Even though it’s under heavy development, we will love to hear your experience with Ceph+Eucalyptus.

Join us at #eucalyptus on Freenode.

Update: My colleague and good friend Swathi Gangisetty pointed out that for Eucalyptus Storage Controller to be operational no newer kernel is required. Currently, for librbd, SC interacts with Ceph via JNA bindings that are packaged as jar and comes with Eucalyptus.

Installing Apache Hadoop on Eucalyptus using Hortonworks Data Platform stack and Apache Ambari

This post demonstrates Hadoop deployment on Eucalyptus using Apache Ambari on Horton Data Platform stack. Bits and pieces:

  1. Eucalyptus 4.0.0
  2. Hortonworks Data Platform (HDP) stack
  3. Apache Ambari
  4. 4 instance-store/EBS-backed instances
    1. 2 vcpus, 1024MB memory, 20GB disk space
    2. CentOS 6.5 base image

For this is demo we tried to use very minimum resources. Our Eucalyptus deployment topology looks like below, 1x (Cloud Controller + Walrus + Storage Controller + Cluster Controller) 1x (Node Controller + Object Storage Gateway) To meet our instance requirement, we changed the instance-type according to our need.

AVAILABILITYZONE|- m1.xlarge   0003 / 0004   2   1024    20

Preparation Run an instance of m1.xlarge or any other instance type that meets the above requirement. When the instance is running copy the keypair that is used to run this instance at .ssh/id_rsa, we will be using this same keypair for all the instances.

[root@b-11 ~]# euca-describe-instances
RESERVATION	r-46725ad6	691659499425	default
INSTANCE	i-b65be3ed	emi-a4aac1df	euca-172-27-227-26.eucalyptus.internal	running	sshlogin	0		m1.xlarge	2014-06-25T10:39:37.952Z	PARTI00				monitoring-disabled			instance-store					hvm			sg-57c0750a
TAG	instance	i-b65be3ed	euca:node

[root@b-11 ~]# scp -i sshlogin sshlogin

Run three more instance of same type with same keypair and image and copy their private IPs for later use. Add security group rules for Apache Ambari,

[root@b-11 ~]# euca-authorize -P tcp -p 8080 default
[root@b-11 ~]# euca-authorize -P tcp -p 0-65535 -s default

Set Apache Ambari and HDP repository inside the instance,

P. S. [root@euca-172-27-227-26 ~] refers to the Eucalyptus instance

[root@euca-172-27-227-26 ~]# wget -O /etc/yum.repos.d/ambari.repo

[root@euca-172-27-227-26 ~]# wget -O /etc/yum.repos.d/hdp.repo

Install Apache Ambari,

[root@euca-172-27-227-26 ~]# yum install ambari-server -y

Configure Apache Ambari,

[root@euca-172-27-227-26 ~]# ambari-server setup

[Select all default options, unless necessary] Start the Apache Ambari server,

[root@euca-172-27-227-26 ~]# ambari-server start

Our Apache Ambari installation is completed. Now login to the Ambari dashboard with username ‘admin’ and password ‘admin’ at http://instance-public-ip:8080 Installing Hadoop using HDP stack

  • Add a cluster name
  • From Select Stack menu, select HDP 2.1 stack
  • In Install Options menu, add the private IPs/hostnames and private key that we copied previously at .ssh/id_rsa
Ambari Hadoop Installation

Ambari Hadoop Installation

  • Confirm Hosts view will check the hosts availability status and reports back. All green indicates that we are good to go.
Ambari Hadoop Installation

Ambari Hadoop Installation

  • For this demo select all services from Choose Services view
  • In Assign Masters view Ambari will be suggesting a reasonable settings, for this demo we will be using the defaults
  • Again, in Assign Slaves and Clients view, we will stick with the defaults
Ambari Hadoop Installation

Ambari Hadoop Installation

  • In the Customize Services view set the credentials for Hive, Oozie and Nagios.
  • Review and then Install, Start and Test
Ambari Hadoop Installation

Ambari Hadoop Installation

And there is our Hadoop cluster with Hortonworks HDP stack on top of Eucalyptus. Happy Hadooping!

Eucalyptus FourZero (4.0)

Eucalyptus 4.0 is one of the biggest releases in Eucalyptus history with several major architectural changes. Lots of new re-engineered components and some behavioral changes have landed with this new release.

Major changes in Eucalyptus 4.0


Service Separation

This is the biggest one and probably the one many of us were waiting for a long time. From 4.0 CLC DB and user-facing services can be installed/registered in different hosts. With that said, now it is also possible to have multiple user-facing services (UFS).

UFS registration command looks like this,

euca_conf --register-service --service-type user-api --host --service-name API_110

And describe UFS command is given below,

euca-describe-services -T user-api


SERVICE user-api API_110 API_110 ENABLED 45 arn:euca:bootstrap:API_110:user-api:API_110/
SERVICE user-api API_112 API_112 ENABLED 45 arn:euca:bootstrap:API_112:user-api:API_112/
SERVICE user-api API_119 API_119 ENABLED 45 arn:euca:bootstrap:API_119:user-api:API_119/
SERVICE user-api API_179 API_179 ENABLED 45 arn:euca:bootstrap:API_179:user-api:API_179/

Object Storage Gateway (OSG)

Another attractive feature in Eucalyptus 4.0. With this new service, it is possible to use different object storage backends. For now OSG has complete support for RiakCS and WalrusBackend as object storage backends. Other object storages like Ceph should be pluggable as well with OSG, but is not fully tested.

More about Object Storage Gateway and RiakCS were discussed in previous posts.

Image Management

This is another great addition to Eucalyptus. Now image management was never been so fun than this. One important thing is, from 4.0 Eustore has been replaced with couple of other interesting commands in the toolset.

Installing an HVM image was never been easier,

euca-install-image -i /root/precise-server-cloudimg-amd64-disk1.img -n "demoimage" -r x86_64 --virtualization-type hvm -b demobucket

Another interesting fact is, now it is possible to get an EBS backed image from HVM image with just one single command,

euca-import-volume /root/precise-server-cloudimg-amd64-disk1.img --format raw \
--availability-zone PARTI00 --bucket demobucket --owner-akid $EC2_ACCESS_KEY \
--owner-sak $EC2_SECRET_KEY --prefix demoimportvol --description "demo import volume"

Run the following command to check the conversion task status,


When completed create a snapshot from the volume Id in the describe result and register the EBS-backed image.

Heads up: an imaging worker instance will appear running the conversion task is started.

There is another super handy command that will create an EBS backed image from a HVM image and run an instance with provided detail,

euca-import-instance /root/precise-server-cloudimg-amd64-disk1.img --format raw \
--architecture x86_64 --platform Linux --availability-zone PARTI00 --bucket ibucket \
--owner-akid $EC2_ACCESS_KEY \ --owner-sak $EC2_SECRET_KEY --prefix image-name-prefix \
--description "textual description" --key sshlogin --instance-type m1.small

EDGE Networking Mode

EDGE is a new networking mode which was introduced in 3.4 as a tech-preview feature. The main reason behind this networking mode is to remove the need of Cluster Controller to be in the data for all the running VMs. Also, this helps to eradicate the need of tagging VLAN packets to achieve Layer 2 isolation between the VMs. With this network mode, now there will be a new standalone component called eucanetd will be running on the Node Controller. In EDGE networking mode eucanetd running on the Node Controller maintains the networking and ensures any single point of failure.

Re-engineered Eucalyptus Console

This is one of the biggest changes that happened in 4.0. We said goodbye to the Eucalyptus Admin UI (https://<CLC_IP_address&gt;:8443), Eucalyptus User Console and welcomed the newly designed EucaConsole with the administrative features.

EucaConsole 4.0.0

EucaConsole 4.0

Tech-Preview of CloudFormation

CloudFormation!!! Yes, CloudFormation feature has been implemented and released in Eucalyptus 4.0 as a tech-preview, though the implementation is pretty well.

In the currently implementation of CloudFormation, the service does not come with other user-facing services, it needs to be registered separately on the same host with CLC/DB (EUCA-9505).

euca_conf --register-service -T CloudFormation -H -N API_11

Here is a basic CloudFormation template just to try it out right away,

  "Parameters" : {
    "KeyName" : {
      "Description" : "The EC2 Key Pair to allow SSH access to the instance",
      "Type" : "String"
  "Resources" : {
    "Ec2Instance" : {
      "Type" : "AWS::EC2::Instance",
      "Properties" : {
        "SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" }, "default" ],
        "KeyName" : { "Ref" : "KeyName"},
        "ImageId" : "emi-3c17bd33"

    "InstanceSecurityGroup" : {
      "Type" : "AWS::EC2::SecurityGroup",
      "Properties" : {
        "GroupDescription" : "Enable SSH access via port 22",
        "SecurityGroupIngress" : [ {
          "IpProtocol" : "tcp",
          "FromPort" : "22",
          "ToPort" : "22",
          "CidrIp" : ""
        } ]

The following command can be used to validate the template,

euform-validate-template --template-file cloudformationdemo.template

Then create a stack with the template,

euform-create-stack --template-file cloudformationdemo.template --parameter KeyName=demokey MyDemoStack

Check CloudFormation stack status,

euform-describe-stacks MyDemoStack

STACK MyDemoStack CREATE_COMPLETE Complete! 2014-06-04T14:02:27.38Z

Check CF stack resources,

euform-describe-stack-resources -n MyDemoStack

More FourZero

Apart from those, another big improvement was with Administrative Roles. There are now pre-defined roles for Eucalyptus admin account, e.g Cloud Account Admin, Cloud Resource Admin, Infrastructure Admin. ELB supports session stickiness, modify attributes of instances is supported and so on. Also many AWS compatibility issues have been fixed in this Fantastic release.

Installing Eucalyptus is now easier than ever. You can start with a CentOS 6.5 minimal server and get your own Amazon compatible Eucalyptus cloud.

To get started run the following command and have your own private cloud up and running,

bash <(curl -Ls

Enjoy Eucalyptus 4.0!!!

Clustered Riak CS with Eucalyptus Object Storage Gateway

In the last post, we have installed Riak CS on a single node. For production, a deployment of five or more nodes is required for better performance, reliability. Riak has a default three times data replication mechanism and in smaller deployment the replication requirement may not be met properly and also it may compromise the fault-tolerance ability of the cluster. Fewer nodes will have higher workloads.

According to the documentation:

If you have 3 nodes, and require all 3 to replicate, 100% of your nodes will respond to a single request. If you have 5, only 60% need respond.

In this post, we will use 5 nodes to create a Riak cluster for our Eucalyptus setup. Since we will be using Riak CS, we will be installing Riak CS in each node. We will also need a Stanchion server.

Overall, our setup will look like below:

a) 5x Riak nodes
b) 5x Riak CS nodes (one in each Riak node)
c) 1x Stanchion node
d) 1x Riak Control
e) 1x Riak CS Control
f) 1x Nginx server for load balancing between the Riak CS nodes

First we will install Riak, Riak CS on all the nodes,

yum install -y
yum install riak riak-cs -y

Configure Riak:

Modify the following lines from /etc/riak/app.config with the host IP address,

{pb, [ {"", 8087 } ]}

{http, [ {"", 8098 } ]},

Find the following line from /etc/riak/app.config and replace it with multi backend setup,


{storage_backend, riak_kv_bitcask_backend},


            {add_paths, ["/usr/lib64/riak-cs/lib/riak_cs-1.4.5/ebin"]},
            {storage_backend, riak_cs_kv_multi_backend},
            {multi_backend_prefix_list, [{<<"0b:">>, be_blocks}]},
            {multi_backend_default, be_default},
            {multi_backend, [
              {be_default, riak_kv_eleveldb_backend, [
                {max_open_files, 50},
                {data_root, "/var/lib/riak/leveldb"}
              {be_blocks, riak_kv_bitcask_backend, [
                {data_root, "/var/lib/riak/bitcask"}

And add the following line to riak_core section in the config file,

{default_bucket_props, [{allow_mult, true}]},

Change the following line from /etc/riak/vm.args with host IP address,

-name riak@

Configure Riak CS:

Modify the following lines from /etc/riak-cs/app.config with the host IP address,

{cs_ip, ""},

{riak_ip, ""},

{stanchion_ip, ""},

We are going to have to create an admin user, modify the following line and set the value to true for now, change it back before going into production,

{anonymous_user_creation, false},

Change the following line from /etc/riak-cs/vm.args with host IP address,

-name riak@

Follow the same procedure for rest of the nodes.

Configure Stanchion:

Install Stanchion in one of the servers,

yum install stanchion -y

Modify the following lines from /etc/stanchion/app.config with the host IP address,

{stanchion_ip, ""},

{riak_ip, ""},

Modify the following lines from /etc/stanchion/vm.args with the host IP address,

-name stanchion@

Start Riak components on the server where Stanchion is installed:

riak start
riak-cs start
stanchion start

Create admin user:

curl -H 'Content-Type: application/json' \
--data '{"email":"", "name":"admin"}'

From the output save the following two variables,


In production system, you may want to change the anonymous_user_creation settings to false after creating the admin user.

From /etc/riak-cs/app.config and /etc/stanchion/app.config change the following two values with key_id and key_secret,

{admin_key, "admin-key"},
{admin_secret, "admin-secret"},

Restart both riak-cs and stanchion.

Setting up Riak Cluster:

Now we will join all the nodes. Run the following from each node (for this guide, I kept the stanchion node’s IP constant)

riak-admin cluster join riak@<node-ip>
riak-admin cluster plan
riak-admin cluster commit

Activate Riak Control:

Modify the following lines from /etc/riak/app.config with the host IP address,

{https, [{ "", 8098 }]},

Uncomment the ssl configuration and set file path as appropriate,

{ssl, [
       {certfile, "/etc/riak/cert.pem"},
       {keyfile, "/etc/riak/key.pem"}

Follow this guideline to create self-signed certificate,

Set the following to true from riak_control section,

{enabled, false},

and set username/password,

{userlist, [{"user", "pass"}

Login to the following url to access Riak Control web interface,


Riak Control

Riak Control

Install and Configure Nginx:

We will use Nginx as a load balancer between the nodes. It can be installed on any node or on an external server as well which can work as a load balancer between the Riak CS nodes.

We will be installing Riak CS Control which seems to be using HTTP 1.1 version (available from Nginx 1.1.4). So, we will be using latest stable version of Nginx on our Nginx server.

yum install -y
yum install nginx -y

Nginx config file will look like this [source],

upstream riak_cs_host {
  server :8080;
  server :8080;
  server :8080;
  server :8080;
  server :8080;

server {
  listen   80;
  server_name  _;
  access_log  /var/log/nginx/riak_cs.access.log;
  client_max_body_size 0;

location / {
  proxy_set_header Host $http_host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_redirect off;

  proxy_connect_timeout      90;
  proxy_send_timeout         90;
  proxy_read_timeout         90;
  proxy_buffer_size    128k;
  proxy_buffers     4 256k;
  proxy_busy_buffers_size 256k;
  proxy_temp_file_write_size 256k;
  proxy_http_version    1.1;

  proxy_pass http://riak_cs_host;

Install and Configure Riak CS Control:

Run the following command to install Riak CS Control,

yum install -y

Modify the following lines from /etc/riak-cs-control/app.config with the Nginx server’s IP address and proxy,

{cs_proxy_host, "" },
{cs_proxy_port, 8080 },

Set the admin creds downloaded above in /etc/riak-cs-control/app.config file.

Riak CS Control

Riak CS Control

Configure Eucalyptus:

Now as usual, set the Riak CS property to use as Eucalyptus Object Storage Gateway’s (OSG) backend,


Instead of using Riak CS admin account since it has special admin privileges, we need to create a regular Riak CS account, via Riak CS Control or command line (like above) and use it for Eucalyptus.

euca-modify-property -p objectstorage.s3provider.s3endpoint=NGINX-IP

euca-modify-property -p objectstorage.s3provider.s3accesskey=ACCESS-KEY

euca-modify-property -p objectstorage.s3provider.s3secretkey=SECRET-KEY

Enjoy multi-clustered Riak CS with Eucalyptus!


James Iry’s history of programming languages (illustrated with pictures and large fonts)

Originally posted on The Quick Word:

jacquardAda LovelaceAlan Turing04-church05-bartik06-backus07-mccarthy08-hopper09-kemeney-kutz10-steele11-wirth12-ritchie-thompson13-colmerauer14-milner15-kay16-ichbah17-stroustrup18-cox19-wall20-haskell21-rossum22-lerdorf23-hansson24-eich25-gosling26-hejlsberg26-odersky

–This post is a tribute to James Iry’s fantastic One Div Zero blog.

View original