#******************************************************************************* # OpenNebula Configuration file #******************************************************************************* #******************************************************************************* # Daemon configuration attributes #------------------------------------------------------------------------------- # MANAGER_TIMER: Time in seconds the core uses to evaluate periodical functions. # HOST_MONITORING_INTERVAL and VM_POLLING_INTERVAL can not have smaller values # than MANAGER_TIMER. # # HOST_MONITORING_INTERVAL: Time in seconds between host monitorization. # HOST_PER_INTERVAL: Number of hosts monitored in each interval. # # VM_POLLING_INTERVAL: Time in seconds between virtual machine monitorization. # (use 0 to disable VM monitoring). # VM_PER_INTERVAL: Number of VMs monitored in each interval. # # VM_DIR: Remote path to store the VM images, it should be shared between all # the cluster nodes to perform live migrations. This variable is the default # for all the hosts in the cluster. VM_DIR IS ONLY FOR THE NODES AND *NOT* THE # FRONT-END # # SCRIPTS_REMOTE_DIR: Remote path to store the monitoring and VM management # scripts. # # PORT: Port where oned will listen for xmlrpc calls. # # DB: Configuration attributes for the database backend # backend : can be sqlite or mysql (default is sqlite) # server : (mysql) host name or an IP address for the MySQL server # port : (mysql) port for the connection to the server. # If set to 0, the default port is used. # user : (mysql) user's MySQL login ID # passwd : (mysql) the password for user # db_name : (mysql) the database name # # VNC_BASE_PORT: VNC ports for VMs can be automatically set to VNC_BASE_PORT + # VMID # # DEBUG_LEVEL: 0 = ERROR, 1 = WARNING, 2 = INFO, 3 = DEBUG #******************************************************************************* #MANAGER_TIMER = 30 HOST_MONITORING_INTERVAL = 600 #HOST_PER_INTERVAL = 15 VM_POLLING_INTERVAL = 600 #VM_PER_INTERVAL = 5 #VM_DIR=/srv/cloud/one/var SCRIPTS_REMOTE_DIR=/var/tmp/one PORT = 2633 DB = [ backend = "sqlite" ] # Sample configuration for MySQL # DB = [ backend = "mysql", # server = "localhost", # port = 0, # user = "oneadmin", # passwd = "oneadmin", # db_name = "opennebula" ] VNC_BASE_PORT = 5900 DEBUG_LEVEL = 3 #******************************************************************************* # Physical Networks configuration #******************************************************************************* # NETWORK_SIZE: Here you can define the default size for the virtual networks # # MAC_PREFIX: Default MAC prefix to be used to create the auto-generated MAC # addresses is defined here (this can be overrided by the Virtual Network # template) #******************************************************************************* NETWORK_SIZE = 254 MAC_PREFIX = "02:00" #******************************************************************************* # Image Repository Configuration #******************************************************************************* # DEFAULT_IMAGE_TYPE: This can take values # OS Image file holding an operating system # CDROM Image file holding a CDROM # DATABLOCK Image file holding a datablock, # always created as an empty block # DEFAULT_DEVICE_PREFIX: This can be set to # hd IDE prefix # sd SCSI # xvd XEN Virtual Disk # vd KVM virtual disk #******************************************************************************* DEFAULT_IMAGE_TYPE = "OS" DEFAULT_DEVICE_PREFIX = "hd" #******************************************************************************* # Information Driver Configuration #******************************************************************************* # You can add more information managers with different configurations but make # sure it has different names. # # name : name for this information manager # # executable: path of the information driver executable, can be an # absolute path or relative to $ONE_LOCATION/lib/mads (or # /usr/lib/one/mads/ if OpenNebula was installed in /) # # arguments : for the driver executable, usually a probe configuration file, # can be an absolute path or relative to $ONE_LOCATION/etc (or # /etc/one/ if OpenNebula was installed in /) #******************************************************************************* #------------------------------------------------------------------------------- # KVM Information Driver Manager Configuration # -r number of retries when monitoring a host # -t number of threads, i.e. number of hosts monitored at the same time #------------------------------------------------------------------------------- IM_MAD = [ name = "im_kvm", executable = "one_im_ssh", arguments = "-r 0 -t 15 kvm" ] #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- # XEN Information Driver Manager Configuration # -r number of retries when monitoring a host # -t number of threads, i.e. number of hosts monitored at the same time #------------------------------------------------------------------------------- #IM_MAD = [ # name = "im_xen", # executable = "one_im_ssh", # arguments = "xen" ] #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- # EC2 Information Driver Manager Configuration #------------------------------------------------------------------------------- #IM_MAD = [ # name = "im_ec2", # executable = "one_im_ec2", # arguments = "im_ec2/im_ec2.conf" ] #------------------------------------------------------------------------------- #----------------------------------------------------------------------------- # Ganglia Information Driver Manager Configuration #----------------------------------------------------------------------------- #IM_MAD = [ # name = "im_ganglia", # executable = "one_im_sh", # arguments = "ganglia" ] #----------------------------------------------------------------------------- #------------------------------------------------------------------------------- # Dummy Information Driver Manager Configuration #------------------------------------------------------------------------------- #IM_MAD = [ name="im_dummy", executable="one_im_dummy"] #------------------------------------------------------------------------------- #******************************************************************************* # Virtualization Driver Configuration #******************************************************************************* # You can add more virtualization managers with different configurations but # make sure it has different names. # # name : name of the virtual machine manager driver # # executable: path of the virtualization driver executable, can be an # absolute path or relative to $ONE_LOCATION/lib/mads (or # /usr/lib/one/mads/ if OpenNebula was installed in /) # # arguments : for the driver executable # # default : default values and configuration parameters for the driver, can # be an absolute path or relative to $ONE_LOCATION/etc (or # /etc/one/ if OpenNebula was installed in /) # # type : driver type, supported drivers: xen, kvm, xml #******************************************************************************* #------------------------------------------------------------------------------- # KVM Virtualization Driver Manager Configuration # -r number of retries when monitoring a host # -t number of threads, i.e. number of hosts monitored at the same time # -l actions executed locally, command can be # overridden for each action. # Valid actions: deploy, shutdown, cancel, save, restore, migrate, poll # An example: "-l migrate,poll=poll_ganglia,save" #------------------------------------------------------------------------------- VM_MAD = [ name = "vmm_kvm", executable = "one_vmm_exec", arguments = "-t 15 -r 0 kvm", default = "vmm_exec/vmm_exec_kvm.conf", type = "kvm" ] #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- # XEN Virtualization Driver Manager Configuration # -r number of retries when monitoring a host # -t number of threads, i.e. number of hosts monitored at the same time # -l actions executed locally, command can be # overridden for each action. # Valid actions: deploy, shutdown, cancel, save, restore, migrate, poll # An example: "-l migrate,poll=poll_ganglia,save" #------------------------------------------------------------------------------- #VM_MAD = [ # name = "vmm_xen", # executable = "one_vmm_exec", # arguments = "-t 15 -r 0 xen", # default = "vmm_exec/vmm_exec_xen.conf", # type = "xen" ] #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- # EC2 Virtualization Driver Manager Configuration # arguments: default values for the EC2 driver, can be an absolute path or # relative to $ONE_LOCATION/etc (or /etc/one/ if OpenNebula was # installed in /). #------------------------------------------------------------------------------- #VM_MAD = [ # name = "vmm_ec2", # executable = "one_vmm_ec2", # arguments = "vmm_ec2/vmm_ec2.conf", # type = "xml" ] #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- # Dummy Virtualization Driver Configuration #------------------------------------------------------------------------------- #VM_MAD = [ name="vmm_dummy", executable="one_vmm_dummy", type="xml" ] #------------------------------------------------------------------------------- #******************************************************************************* # Transfer Manager Driver Configuration #******************************************************************************* # You can add more transfer managers with different configurations but make # sure it has different names. # name : name for this transfer driver # # executable: path of the transfer driver executable, can be an # absolute path or relative to $ONE_LOCATION/lib/mads (or # /usr/lib/one/mads/ if OpenNebula was installed in /) # # arguments : for the driver executable, usually a commands configuration file # , can be an absolute path or relative to $ONE_LOCATION/etc (or # /etc/one/ if OpenNebula was installed in /) #******************************************************************************* #------------------------------------------------------------------------------- # NFS Transfer Manager Driver Configuration #------------------------------------------------------------------------------- TM_MAD = [ name = "tm_nfs", executable = "one_tm", arguments = "tm_nfs/tm_nfs.conf" ] #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- # SSH Transfer Manager Driver Configuration #------------------------------------------------------------------------------- #TM_MAD = [ # name = "tm_ssh", # executable = "one_tm", # arguments = "tm_ssh/tm_ssh.conf" ] #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- # Dummy Transfer Manager Driver Configuration #------------------------------------------------------------------------------- #TM_MAD = [ # name = "tm_dummy", # executable = "one_tm", # arguments = "tm_dummy/tm_dummy.conf" ] #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- # LVM Transfer Manager Driver Configuration #------------------------------------------------------------------------------- #TM_MAD = [ # name = "tm_lvm", # executable = "one_tm", # arguments = "tm_lvm/tm_lvm.conf" ] #------------------------------------------------------------------------------- #******************************************************************************* # Image Manager Driver Configuration #******************************************************************************* # Drivers to manage the image repository, specialized for the storage backend # executable: path of the transfer driver executable, can be an # absolute path or relative to $ONE_LOCATION/lib/mads (or # /usr/lib/one/mads/ if OpenNebula was installed in /) # # arguments : for the driver executable #******************************************************************************* #------------------------------------------------------------------------------- # FS based Image Manager Driver Configuration # -t number of threads, i.e. number of repo operations at the same time #------------------------------------------------------------------------------- IMAGE_MAD = [ executable = "one_image", arguments = "fs -t 15" ] #------------------------------------------------------------------------------- #******************************************************************************* # Hook Manager Configuration #******************************************************************************* # The Driver (HM_MAD), used to execute the Hooks # executable: path of the hook driver executable, can be an # absolute path or relative to $ONE_LOCATION/lib/mads (or # /usr/lib/one/mads/ if OpenNebula was installed in /) # # arguments : for the driver executable, can be an absolute path or relative # to $ONE_LOCATION/etc (or /etc/one/ if OpenNebula was installed # in /) # # Virtual Machine Hooks (VM_HOOK) defined by: # name : for the hook, useful to track the hook (OPTIONAL) # on : when the hook should be executed, # - CREATE, when the VM is created (onevm create) # - PROLOG, when the VM is in the prolog state # - RUNNING, after the VM is successfully booted # - SHUTDOWN, after the VM is shutdown # - STOP, after the VM is stopped (including VM image transfers) # - DONE, after the VM is deleted or shutdown # - FAILED, when the VM enters the failed state # command : path is relative to $ONE_LOCATION/var/remotes/hook # (self-contained) or to /var/lib/one/remotes/hook (system-wide). # That directory will be copied on the hosts under # SCRIPTS_REMOTE_DIR. It can be an absolute path that must exist # on the target host # arguments : for the hook. You can access to VM information with $ # - $VMID, the ID of the virtual machine # - $TEMPLATE, the VM template in xml and base64 encoded # remote : values, # - YES, The hook is executed in the host where the VM was # allocated # - NO, The hook is executed in the OpenNebula server (default) # # # Host Hooks (HOST_HOOK) defined by: # name : for the hook, useful to track the hook (OPTIONAL) # on : when the hook should be executed, # - CREATE, when the Host is created (onehost create) # - ERROR, when the Host enters the error state # - DISABLE, when the Host is disabled # command : path is relative to $ONE_LOCATION/var/remotes/hook # (self-contained) or to /var/lib/one/remotes/hook (system-wide). # That directory will be copied on the hosts under # SCRIPTS_REMOTE_DIR. It can be an absolute path that must exist # on the target host. # arguments : for the hook. You can use the following Host information: # - $HID, the ID of the host # - $TEMPLATE, the Host template in xml and base64 encoded # remote : values, # - YES, The hook is executed in the host # - NO, The hook is executed in the OpenNebula server (default) #------------------------------------------------------------------------------- HM_MAD = [ executable = "one_hm" ] #------------------------------------------------------------------------------- #******************************************************************************* # Fault Tolerance Hooks #******************************************************************************* # This hook is used to perform recovery actions when a host fails. The VMs # running in the host can be deleted (use -d option) or resubmitted (-r) in # other host # Last argument (force) can be "y", so suspended VMs in the host will be # resubmitted/deleted, or "n", so suspended VMs in the host will be ignored # #HOST_HOOK = [ # name = "error", # on = "ERROR", # command = "ft/host_error.rb", # arguments = "$HID -r n", # remote = "no" ] #------------------------------------------------------------------------------- # These two hooks can be used to automatically delete or resubmit VMs that reach # the "failed" state. This way, the administrator doesn't have to interact # manually to release its resources or retry the deployment. # # # Only one of them should be uncommented. #------------------------------------------------------------------------------- # #VM_HOOK = [ # name = "on_failure_delete", # on = "FAILED", # command = "/usr/bin/env onevm delete", # arguments = "$VMID" ] # #VM_HOOK = [ # name = "on_failure_resubmit", # on = "FAILED", # command = "/usr/bin/env onevm resubmit", # arguments = "$VMID" ] #------------------------------------------------------------------------------- #******************************************************************************* # Networking Hooks #******************************************************************************* # The following network hooks can be activated in order to manage network # isolation and firewalls. #******************************************************************************* #------------------------------------------------------------------------------- # Firewall #------------------------------------------------------------------------------- # # Firewalling rules activated in the physical host executing the VM. Can be used # to filter TCP and UDP ports, and to define a policy for ICMP connections. To # use it specify under the NIC section of the VM one or more of the following # attributes: # # - WHITE_PORTS_TCP = iptables_range # Permits access to the VM only through the specified ports in the TCP # protocol. Supersedes BLACK_PORTS_TCP if defined. # # - BLACK_PORTS_TCP = iptables_range # Doesn't permit access to the VM through the specified ports in the TCP # protocol. Superseded by WHITE_PORTS_TCP if defined. # # - WHITE_PORTS_UDP = iptables_range # Permits access to the VM only through the specified ports in the UDP # protocol. Supersedes BLACK_PORTS_UDP if defined. # # - BLACK_PORTS_UDP = iptables_range # Doesn't permit access to the VM through the specified ports in the UDP # protocol. Superseded by WHITE_PORTS_UDP if defined. # # - ICMP = no | drop # Blocks ICMP connections to the VM. By default it's enabled. # # This hook requires the sudoers file to be configured so oneadmin can execute # iptables without a password. # #------------------------------------------------------------------------------- # # VM_HOOK = [ # name = "firewall-on", # on = "RUNNING", # command = "vnm/firewall", # arguments = "on $TEMPLATE", # remote = "yes" ] # # VM_HOOK = [ # name = "firewall-off", # on = "DONE", # command = "vnm/firewall", # arguments = "off $TEMPLATE", # remote = "yes" ] #------------------------------------------------------------------------------- # Host-managed VLANs #------------------------------------------------------------------------------- # # Network isolation provided through host-managed vlans. This hook will create a # bridge for each OpenNebula virtual network and attach a tagged network # interface to the bridge. # # For this hook to be effective you need to specify the attribute PHYDEV in your # VNET template, which should contain the name of the physical network interface # each VM should be attached to. If BRIDGE is not defined it will be # automatically generated. # # In order to use this hook you need to: # - load module 8021q # - install vconfig # - configure passwordless sudo in the worker nodes for oneadmin for these # commands: brctl, ip, vconfig. # #------------------------------------------------------------------------------- # # VM_HOOK = [ # name = "hm-vlan", # on = "PROLOG", # command = "vnm/hm-vlan", # arguments = "$TEMPLATE", # remote = "yes" ] # #------------------------------------------------------------------------------- # Ebtables Network Isolation #------------------------------------------------------------------------------- # # Network isolation provided through ebtables rules applied on the bridges. This # method will only permit isolation with a mask of 255.255.255.0. # # This hook requires the sudoers file to be configured so oneadmin can execute # ebtables without a password, and the ebtables package to be installed. # #------------------------------------------------------------------------------- # # VM_HOOK = [ # name = "ebtables-vlan-on", # on = "RUNNING", # command = "vnm/ebtables-vlan", # arguments = "on $TEMPLATE", # remote = "yes" ] # # VM_HOOK = [ # name = "ebtables-vlan-off", # on = "DONE", # command = "vnm/ebtables-vlan", # arguments = "off $TEMPLATE", # remote = "yes" ] # #------------------------------------------------------------------------------- # Open vSwitch Network Isolation #------------------------------------------------------------------------------- # # Network isolation provided through Open vSwitch. Each virtual network # interface will receive an VLAN tag enabling network isolation. # # This hook requires Open vSwitch to be installed along with the Open vSwitch # compatibility layer for Linux bridging, on each worker node. # See http://openvswitch.org/ for more information. # # Passwordless sudo permissions for oneadmin to execute ovs_vsctl. # #------------------------------------------------------------------------------- # # VM_HOOK = [ # name = "openvswitch-vlan", # on = "RUNNING", # command = "vnm/openvswitch-vlan", # arguments = "$TEMPLATE", # remote = "yes" ] # #------------------------------------------------------------------------------- #******************************************************************************* # Auth Manager Configuration #******************************************************************************* # The Driver (AUTH_MAD) that will be used to authenticate (authn) and # authorize (authz) OpenNebula requests. If defined OpenNebula will use the # built-in auth policies. # # executable: path of the auth driver executable, can be an # absolute path or relative to $ONE_LOCATION/lib/mads (or # /usr/lib/one/mads/ if OpenNebula was installed in /) # # arguments : # --authn: list of authentication modules separated by commas, if not # defined all the modules available will be enabled # --authz: authorization module #------------------------------------------------------------------------------- #AUTH_MAD = [ # executable = "one_auth_mad", # arguments = "--authz quota --authn plain,ssh,x509" #]