GWM2 is a project mainly written in PYTHON and JAVASCRIPT, based on the GPL-2.0, Unknown licenses found.
Ganeti Web Manager is a Django based web application that allows administrators and clients access to their ganeti clusters.
Ganeti compatibility:
=2.2.x - supported 2.1.x - mostly supported 2.0.x - unsupported but may work 1.x - unsupported
Browser compatibility:
The VNC console requires websockets or flash support and HTML5 support in the browser.
Project page: http://code.osuosl.org/projects/ganeti-webmgr Mailing List: http://groups.google.com/group/ganeti-webmgr IRC: #ganeti-webmgr on freenode.net Twitter: http://twitter.com/ganetiwebmgr
Install Dependencies
Deploy this code somewhere (i.e. /var/lib/django/ganeti_webmgr)
Install libaries needed for pip installs
sudo apt-get install python-dev
Run Fabric deployment
cd ./ganeti_webmgr fab dev deploy
or a production deployment:
fab prod deploy
Activate Virtual Environment
source bin/activate
Copy settings.py.dist to settings.py
Create a database and configure your settings:
DATABASE_ENGINE = '' <-- Change This to 'mysql', 'postgresql', 'postgresql_psycopg2' or 'sqlite3' DATABASE_NAME = '' <-- Change this to a database name, or a file for SQLite DATABASE_USER = '' <-- Change this (not needed for SQLite) DATABASE_PASSWORD = '' <-- Change this (not needed for SQLite) DATABASE_HOST = '' <-- Change this (not needed if database is localhost) DATABASE_PORT = '' <-- Change this (not needed if database is localhost)
SITE_ID = 1
SITE_NAME = 'Ganeti Web Manager' SITE_DOMAIN = 'localhost:8000'
Initialize the database
./manage.py syncdb --migrate
Build the search indexes
./manage.py rebuild_index
NOTE: running ./manage.py update_index on a regular basis ensures that the search indexes stay up-to-date when models change in Ganeti Web Manager.
Run the server
Development:
./manage.py runserver
Production:
Change your SECRET_KEY and WEB_MGR_API_KEY to unique (and hopefully unguessable) strings in your settings.py.
For versions >= 0.5 you may need to add the full filesystem path to your templates directory to TEMPLATE_DIRS and remove the relative reference to 'templates'. We've had issues using wsgi not working correctly unless this change has been made.
Ensure the server has the ability to send emails or you have access to an SMTP server. Set EMAIL_HOST, EMAIL_PORT, and DEFAULT_FROM_EMAIL in settings.py. For more complicated outgoing mail setups, please refer to the django email documentation [1].
Follow the django guide to deploy [2] with apache. Here is an example mod_wsgi file:
import os import sys
path = '/var/lib/django/ganeti_webmgr'
activate_this = '%s/bin/activate_this.py' % path execfile(activate_this, dict(file=activate_this))
if path not in sys.path: sys.path.append(path)
os.environ['DJANGO_SETTINGS_MODULE'] = 'settings'
import django.core.handlers.wsgi application = django.core.handlers.wsgi.WSGIHandler()
Enable periodic cache updater [3].
twistd --pidfile=tmp/gwm_cache.pid gwm_cache
[1] http://docs.djangoproject.com/en/1.2/topics/email/ [2] http://docs.djangoproject.com/en/1.2/howto/deployment/ [3] http://code.osuosl.org/projects/ganeti-webmgr/wiki/Cache_System#Periodic-Cache-Refresh
Also see: http://code.osuosl.org/projects/ganeti-webmgr/wiki/Install
Before you can start using Ganeti Web Manager you will need to create a user and password on the Ganeti cluster.
Here is an example with a user jack and password abc123:
echo -n 'jack:Ganeti Remote API:abc123' | openssl md5
Add the hash to the RAPI users file and restart ganeti-rapi. Depending on the
version of Ganeti you are running, you will need to either use
/var/lib/ganeti/rapi_users
(Ganeti <=2.3.x ) or
/var/lib/ganeti/rapi/users
(Ganeti >=2.4.x ).
An example hash entry might look like the following:
# Hashed password for jack
jack {HA1}54c12257ee9be413f2f3182435514aae write
Also see: http://code.osuosl.org/projects/ganeti-webmgr/wiki/Managing_Clusters#Ganeti-RAPI-users-and-passwords
When the cluster is created it will automatically synchronize the list of Virtual Machines with information from the ganeti cluster.
Also see: http://code.osuosl.org/projects/ganeti-webmgr/wiki/Importing_a_Cluster
Permissions may be granted to both clusters and virtual machines. The permissions system is intended to allow users to manage themselves. Any object that can have its permissions edited will have a Users tab.
Adding users to objects:
Updating permissions:
Deleting permissions:
Deleting a user will remove all permissions, and other properties associated with the user such as cluster quotas.
Users may belong to any number of user groups. User groups can be assigned permissions and quotas just like users. Users inherit permissions from groups and may act on their behalf to create virtual machines.
Also see: http://code.osuosl.org/projects/ganeti-webmgr/wiki/Permissions
Quotas restrict the usage of cluster resources by users and groups. Default quotas can be set by editing clusters, if no quota is set unlimited access is allowed. This will affect all users and groups.
The default quota can be overridden on the cluster users page:
Leaving a value empty specifies unlimited access for that resource.
Also see: http://code.osuosl.org/projects/ganeti-webmgr/wiki/Permissions#Quotas
You can find VirtualMachines with no permissions via Admin -> Orphaned VMs. This will force a synchronization of all clusters and display VirtualMachines that do not have any permissions assigned.
You only need to grant permissions directly on virtual machines if you are granting access to non-admin users.
Also see: http://code.osuosl.org/projects/ganeti-webmgr/wiki/Managing_Clusters#Orphaned-Virtual-Machines
Ganeti Web Manager uses a cache system that stores information about ganeti clusters in the database. This allows the following:
--- Ganeti ---
/ \
/ \
Cluster -> <- Bulk Model <- cache <- Updater
* Permissions are stored in the database and are associated to the cached
objects
* The cached data can be searched and or filtered
* Limits the amount of traffic between the webserver and ganeti cluster.
The cache system is transparent and will load cached data automatically when the object is initialized.
Also see: http://code.osuosl.org/projects/ganeti-webmgr/wiki/Cache_System
Ganeti Web Manager provides an in browser console using noVNC [1], an HTML5 client. noVNC requires WebSockets to function. Support for older browsers is provided through a flash applet that is used transparently in the absence of WebSockets.
[1] https://github.com/kanaka/noVNC
Also see: http://code.osuosl.org/projects/ganeti-webmgr/wiki/VNC
VNC Auth proxy [1] is required for the console tab to function. VNC servers do not speak websockets and our proxy allows your ganeti cluster to sit behind a firewall, VPN, or NAT.
Set the host and port that the proxy will be running at with the VNC_PROXY setting. For development this is typically "localhost:8888" but for production you would use the name of the server its running on. See the instructions in settings.py for more details.
Twisted VNC Authproxy is started with twistd, the twisted daemon. Eventually we will include init.d scripts for better managing the daemon. You may want to open port 8888 in your firewall for production systems.
twistd --pidfile=/tmp/proxy.pid -n vncap
Browsers that do not support WebSockets natively are supported through the use of a flash applet. Flash applets that make use of sockets must retrieve a policy file from the server they are connecting to. Twisted VNCAuthProxy includes a policy server. It must be run separately since it requires a root port. You may want to open port 843 in your firewall for production systems.
Start the policy server with twistd
sudo twistd --pidfile=/tmp/policy.pid -n flashpolicy
You may encounter an issue where twisted fails to start and gives you an error. This is usually caused by the environment variable PYTHONPATH not being exported correctly if you sudo up to root. To fix it type:
export PYTHONPATH="."
Try executing twisted again and it should work.
[1] http://code.osuosl.org/projects/twisted-vncauthproxy
Also see: http://code.osuosl.org/projects/ganeti-webmgr/wiki/VNC#VNC-Authproxy
Ganeti Web Manager allows users to store SSH Keys. Each virtual machine has a view that will return SSH keys for users with access. This can be used as a Ganeti post-install hook to deploy user's keys on the VMs.
To allow VMs to copy keys, copy util/hooks/sshkeys.sh to the instance definition hooks directory on every node in the clsuter and make the file executable. Next, add the required variables to the variant config file or main instance definition config file. The config file can be found in util/hooks/sshkeys.conf and includes documentation for each variable.
Also see: http://code.osuosl.org/projects/ganeti-webmgr/wiki/PermissionsSSHKeys