Juju + OpenNebula?

Clint Byrum clint at ubuntu.com
Fri Aug 10 17:21:24 UTC 2012 

Excerpts from Thomas Leonard's message of 2012-08-10 02:24:23 -0700:
> On 2012-07-31 19:03, Clint Byrum wrote:
> > Excerpts from Thomas Leonard's message of 2012-07-31 03:07:05 -0700:
> >> Hi,
> >>
> >> Is it possible to connect Juju to OpenNebula?
> >>
> >> I tried enabling OpenNebula's EC2 interface, but I don't see what to put for
> >> Juju's s3-uri option.
> >>
> >
> > Juju needs a place to store the charms, and some data so clients can
> > find the zookeeper server.
> >
> > Really the provider should be called "aws" not "ec2" because it must
> > have S3, and the S3 and compute must share auth details.
> >
> > You probably could hack together an opennebula provider which extended
> > the EC2 provider and used some other S3-compatible object store. But its
> > not going to work without code of some kind to resolve opennebula's auth
> > with the S3 auth.
> 
> What is the security model? It looks like PUT is generally restricted, but 
> I'm not sure whether GETs are supposed to be (from a brief look, it seems 
> that the ec2 provider does restrict access, but the orchestra one doesn't).
> 

Orchestra is a proof of concept experiment, and should probably not be
referenced for future implementations.

The objects should be protected in their storage against arbitrary
entities discovering and downloading them, as the contents could be
considered sensitive (though official charm store policy doesn't allow
this, users may want to create charms that embed passwords or keys
and such.

> Would it be possible to run a StorageServer on the master, using scp to 
> upload the files?
> 

Certainly. You only need to be able to put/get files from any node. The
agent will have access to the ZK environment configs, so you can have
the agents generate SSH keys and push the public ones in for the storage
server to scrape out, or just have a single shared key that lives in ZK.

The way to get this working is to have the bootstrap method in the
provider set the storage server up.

You'll need to address the way to find the zookeeper node as well.
Right now the EC2 provider stores where the zookeeper server is in
an S3 object.  It would be relatively easy, however, to just look for
instances in the security group juju-${envname}-0.

More information about the Juju mailing list