“UbuntuHelp:UEC/Landscape”的版本间的差异
来自Ubuntu中文
小 (创建新页面为 '{{From|https://help.ubuntu.com/community/UEC/Landscape}} {{Languages|UbuntuHelp:UEC/Landscape}} #title Using Landscape to Manage UEC == Connecting UEC to Landscape == This page ...') |
小 |
||
| 第6行: | 第6行: | ||
== Getting Started == | == Getting Started == | ||
=== Landscape account === | === Landscape account === | ||
| − | First of all you need a Landscape account. | + | First of all you need a Landscape account. If you do not have one, you can get a 60-day trial account by registering here: http://www.canonical.com/contact/landscaperegister |
=== Ensure that connectivity is available === | === Ensure that connectivity is available === | ||
| − | * For | + | * For Landscape to be able to start instances on your cloud, it (landscape.canonical.com) needs to be able to reach the cloud controller on port 443. |
| − | * For instances to report their status to | + | * For instances to report their status to Landscape, instances need to be able to reach landscape.canonical.com on port 80 and 443. |
''Note: if you have a standalone Landscape server (LDS) installed on your network, replace landscape.canonical.com with whathever hostname your LDS can be reached at.'' | ''Note: if you have a standalone Landscape server (LDS) installed on your network, replace landscape.canonical.com with whathever hostname your LDS can be reached at.'' | ||
==== Connectivity work-around ==== | ==== Connectivity work-around ==== | ||
| − | As our firewall | + | As our firewall does not allow you to pass connections to your cloud controller (CLC) in the clear, the following workaround will allow you to open a connection via an ssl tunel. |
| + | ===== Using Apache ===== | ||
| + | One possible option is to use Apache to proxy SSL connections to Eucalyptus. | ||
<ol><li>Get an official SSL certificate from a root-trusted SSL certificate authority (CA). | <ol><li>Get an official SSL certificate from a root-trusted SSL certificate authority (CA). | ||
</li><li>Use the Apache mod_ssl instructions from your provider. In the process, you will create a key then you will get a certificate from your CA. You need both files. | </li><li>Use the Apache mod_ssl instructions from your provider. In the process, you will create a key then you will get a certificate from your CA. You need both files. | ||
| − | </li><li>Edit /etc/apache2/sites-available/default-ssl and change the lines below to reflect the location of your SSL certificate and key:</li></ol> | + | </li><li>Edit '''/etc/apache2/sites-available/default-ssl''' and change the lines below to reflect the location of your SSL certificate and key:</li></ol> |
| − | SSLCertificateFile /path/to/your/certificate | + | <pre><nowiki> |
| − | SSLCertificateKeyFile /path/to/your/key | + | SSLCertificateFile /path/to/your/certificate |
| − | <ol><li> | + | SSLCertificateKeyFile /path/to/your/key |
| − | < | + | </nowiki></pre> |
| + | <ol><li>Still in '''/etc/apache2/sites-available/default-ssl''', configure Apache to forward the connections to Eucalyptus but preserving host information (add this to</li></ol> | ||
| + | |||
| + | <pre><nowiki> | ||
| + | ProxyPreserveHost On | ||
| + | RewriteEngine on | ||
| + | RewriteRule ^/(.*) http://localhost:8773/$1 [P] | ||
| + | </nowiki></pre> | ||
| + | ===== Using stunnel ===== | ||
| + | <ol><li>Install stunnel</li></ol> | ||
<pre><nowiki> | <pre><nowiki> | ||
| 第41行: | 第52行: | ||
connect = localhost:8773 | connect = localhost:8773 | ||
</nowiki></pre> | </nowiki></pre> | ||
| − | === Register your cloud with | + | === Register your cloud with Landscape === |
In Landscape, click Cloud then Register a new cloud, under Cloud Provider choose Other then use the following URL for your endpoint: | In Landscape, click Cloud then Register a new cloud, under Cloud Provider choose Other then use the following URL for your endpoint: | ||
<ol><li>Go to your eucarc file and examine the EC2_URL value, alternatively you could do a <code><nowiki>echo $EC2_URL</nowiki></code> (as long as you have included the eucarc in your environment) and note this URL.</li></ol> | <ol><li>Go to your eucarc file and examine the EC2_URL value, alternatively you could do a <code><nowiki>echo $EC2_URL</nowiki></code> (as long as you have included the eucarc in your environment) and note this URL.</li></ol> | ||
2010年5月20日 (四) 00:38的最新版本
 |
点击翻译: |
English |
请不要直接编辑翻译本页,本页将定期与来源同步。 |
- title Using Landscape to Manage UEC
目录
Connecting UEC to Landscape
This page describes how you can connect your UEC cloud to Canonical's Landscape service.
Getting Started
Landscape account
First of all you need a Landscape account. If you do not have one, you can get a 60-day trial account by registering here: http://www.canonical.com/contact/landscaperegister
Ensure that connectivity is available
- For Landscape to be able to start instances on your cloud, it (landscape.canonical.com) needs to be able to reach the cloud controller on port 443.
- For instances to report their status to Landscape, instances need to be able to reach landscape.canonical.com on port 80 and 443.
Note: if you have a standalone Landscape server (LDS) installed on your network, replace landscape.canonical.com with whathever hostname your LDS can be reached at.
Connectivity work-around
As our firewall does not allow you to pass connections to your cloud controller (CLC) in the clear, the following workaround will allow you to open a connection via an ssl tunel.
Using Apache
One possible option is to use Apache to proxy SSL connections to Eucalyptus.
- Get an official SSL certificate from a root-trusted SSL certificate authority (CA).
- Use the Apache mod_ssl instructions from your provider. In the process, you will create a key then you will get a certificate from your CA. You need both files.
- Edit /etc/apache2/sites-available/default-ssl and change the lines below to reflect the location of your SSL certificate and key:
SSLCertificateFile /path/to/your/certificate SSLCertificateKeyFile /path/to/your/key
- Still in /etc/apache2/sites-available/default-ssl, configure Apache to forward the connections to Eucalyptus but preserving host information (add this to
ProxyPreserveHost On
RewriteEngine on
RewriteRule ^/(.*) http://localhost:8773/$1 [P]
Using stunnel
- Install stunnel
sudo apt-get install stunnel4
- Once you have your certificate and you have stunnel installed, you need to combine the two into a pem file called /etc/stunnel/stunnel.pem :
cat key.key certificate.cert > /etc/stunnel/stunnel.pem
- Then do a
sudo stunnel -d 443 -r localhost:8773
To make the change persistent across reboots add this to the bottom of /etc/stunnel/stunnel.conf :
[Eucalyptus for Landscape] accept = landscape.canonical.com:443 connect = localhost:8773
Register your cloud with Landscape
In Landscape, click Cloud then Register a new cloud, under Cloud Provider choose Other then use the following URL for your endpoint:
- Go to your eucarc file and examine the EC2_URL value, alternatively you could do a
echo $EC2_URL(as long as you have included the eucarc in your environment) and note this URL.
Note: If you followed the above connectivity workaround, you will need to change the port number from 8773 to 443
- Use the Access Key ID and Secret Access Key from your Credentials page on your UEC web interface.
- Click Save and you should be done.
