Table of Contents
This appendix describes how to use JEUS in a cloud environment.
To operate a cloud server, the following settings are required.
Select a Cloud Service Provider (CSP) file appropriate for your cloud environment from JEUS_HOME/client and place it in JEUS_HOME/lib/system.
Place the JEUS cloud license in JEUS_HOME/license.
To group cloud servers into a SCF group, set one of the following.
Set the -Djeus.scf.group-id property to the same value.
Set the <id> value of JEUS_HOME/domains/<DOMAIN_NAME>/config/domain.xml to the same value.
Other settings for different cloud environments are described as follows:
Kubernetes is an open-source platform for automatic container management. The following describes how to use JEUS in OpenShift that provides PaaS cloud based on Docker and Kubernetes.
Execute the following before building an environment for using JEUS in OpenShift.
OpenShift installation and master and node server environment construction (https://docs.openshift.org/latest/welcome/index.html)
JEUS image download, or JEUS image creation and upload to storage (https://docs.docker.com/get-started/part2/)
To use JEUS in OpenShift, execute the following.
Start master and node servers.
Grant the authority to use the master's API server. (https://kubernetes.io/docs/reference/access-authn-authz/rbac/)
The master's API server is used to share information between JEUSs started in the container. Since OpenShift (Kubernetes) accounts are typically restricted from accessing API servers, grant them the access authority.
The following are sample configuration files. The file extension is .yaml.
<clusterRoleExample.yaml>
kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: pod-reader rules: - apiGroups: [""] # "" indicates the core API group resources: ["*"] verbs: ["get", "watch", "list"]
<clusterRoleBindingExample.yaml>
kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: read-pods subjects: - kind: Group name: system:serviceaccounts apiGroup: rbac.authorization.k8s.io roleRef: kind: ClusterRole name: pod-reader apiGroup: rbac.authorization.k8s.io
Set container environment variables to use the master's API server. (https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/)
The following is a sample configuration file. The file extension is .yaml.
<jeusContainerExample.yaml>
... spec: containers: - name: jeus-container env: - name: API_VERSION value: "v1" - name: KUBERNETES_NAMESPACE value: "default" ...
The following describes each container environment variable used by JEUS. The variables must be registered in the pod deployment file.
Environment Variable | Description |
---|---|
API_VERSION | Version of master' API server. |
KUBERNETES_NAMESPACE | Pod's namespace. It can be used to get information about pods with the same namespace. |
Create (deploy) the pod deployment file and confirm the pod status.
To use JEUS in PaaS cloud, build an environment with EKS resources (https://aws.amazon.com/eks), which is Kubernetes-based PaaS, and then start JEUS (refer to "E.2. Kubernetes").
The following describes tasks required to use JEUS in IaaS cloud (EC2).
JEUS cloud server gets EC2 information by using AWS API and operates based on the information. For this, execute the following.
Grant an IAM resource user the authority to access EC2 resources.
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/ec2-api-permissions.html)
Issue the IAM resource user's access and secret keys.
(https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html)
Assign a tag with a key of 'scfGroup' to the EC2 instance. For the same SCF group, give the same value for the tag.
(https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html)
Set the following environment variables for the EC2 instance.
The following describes each environment variable used by JEUS to use AWS API server.
Environment variable | Description |
---|---|
AWS_ACCESS_KEY | Access key assigned by the IAM resource. It is required to create a token for using AWS API server. |
AWS_SECRET_KEY | Secret key assigned by the IAM resource. It is required to create a token for using AWS API server. |
AWS_SCF_GROUP | Value for the scfGroup tag. |
Start EC2 resources and check SCF grouping.
VMware vCloud Suite is an enterprise private cloud platform that supports IaaS cloud. To use JEUS in vCloud, run JEUS image in a VM. The following describes how to configure VM where JEUS is installed.
JEUS cloud server gets VM information by using VMWare vRealize Suite API and operates based on the information. For this, execute the following.
Set environment variables of VM.
Environment Variable | Description |
---|---|
VRA_ID | Account ID of vRealize Suite. (Example: admin@vsphere.local) |
VRA_PW | Account password of vRealize Suite. |
VRA_TENANT | Tenant information of vRealize Suite. (Example: tenant1) |
VRA_URL | URL information of vRealize Suite. (Example: vra0.test.tmax.local) |
Set hostname resolution.
If a domain is set in VRA_URL, register it to the host so that it can resolve the domain to an IP address.
Set firewall information.
If firewall is used in VM, communication is not made. Therefore, disable firewall in each VM.
systemctl stop firewalld
Set virtual multicast and SCF Group ID.
Set virtual-multicast to true in the JEUS configuration file (domain.xml).
Set -Djeus.scf.group-id in JEUS startup script (startCloudServer) for grouping.