|
Size: 3117
Comment:
|
Size: 3118
Comment: typo
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 13: | Line 13: |
| First of all you need a Landscape account. I you do not have one, you can get a 60-day trial account by registering here: http://www.canonical.com/contact/landscaperegister | First of all you need a Landscape account. If you do not have one, you can get a 60-day trial account by registering here: http://www.canonical.com/contact/landscaperegister |
|
Connecting UEC to Landscape
This page describes how you can connect your UEC cloud to Canonical's Landscape service.
Getting Started
Landscape account
First of all you need a Landscape account. If you do not have one, you can get a 60-day trial account by registering here: http://www.canonical.com/contact/landscaperegister
Ensure that connectivity is available
- For landscape to be able to start instances on your cloud, it (landscape.canonical.com) needs to be able to reach the cloud controller on port 443.
- For instances to report their status to landscape, instances need to be able to reach landscape.canonical.com on port 80 and 443.
Note: if you have a standalone Landscape server (LDS) installed on your network, replace landscape.canonical.com with whathever hostname your LDS can be reached at.
Connectivity work-around
As our firewall do not allow to pass connection to your cloud controller (CLC) in clear, the following workaround will allow you to open a connection via an ssl tunel:
- Get an official SSL certificate from a root-trusted SSL certificate authority (CA).
- Use the Apache mod_ssl instructions from your provider. In the process, you will create a key then you will get a certificate from your CA. You need both files.
- Edit /etc/apache2/sites-available/default-ssl and change the lines below to reflect the location of your SSL certificate and key: SSLCertificateFile /path/to/your/certificate SSLCertificateKeyFile /path/to/your/key
Do a sudo service eucalyptus restart
- You need stunnel in order to communicate with Landscape:
sudo apt-get install stunnel4
- Once you have your certificate and you have stunnel installed, you need to combine the two into a pem file called /etc/stunnel/stunnel.pem :
cat key.key certificate.cert > /etc/stunnel/stunnel.pem
- Then do a
sudo stunnel -d 443 -r localhost:8773
To make the change persistent across reboots add this to the bottom of /etc/stunnel/stunnel.conf :
[Eucalyptus for Landscape] accept = landscape.canonical.com:443 connect = localhost:8773
Register your cloud with landscape
In Landscape, click Cloud then Register a new cloud, under Cloud Provider choose Other then use the following URL for your endpoint:
Go to your eucarc file and examine the EC2_URL value, alternatively you could do a echo $EC2_URL (as long as you have included the eucarc in your environment) and note this URL.
Note: If you followed the above connectivity workaround, you will need to change the port number from 8773 to 443
- Use the Access Key ID and Secret Access Key from your Credentials page on your UEC web interface.
- Click Save and you should be done.