Appendix E. Cloud Configuration

E.1. Overview

To operate a cloud server, the following settings are required.

Select a Cloud Service Provider (CSP) file appropriate for your cloud environment from JEUS_HOME/client and place it in JEUS_HOME/lib/system.
Place the JEUS cloud license in JEUS_HOME/license.
To group cloud servers into a SCF group, set one of the following.
- Set the -Djeus.scf.group-id property to the same value.
- Set the <id> value of JEUS_HOME/domains/<DOMAIN_NAME>/config/domain.xml to the same value.

Other settings for different cloud environments are described as follows:

E.2. Kubernetes

Kubernetes is an open-source platform for automatic container management. The following describes how to use JEUS in OpenShift that provides PaaS cloud based on Docker and Kubernetes.

Execute the following before building an environment for using JEUS in OpenShift.

OpenShift installation and master and node server environment construction (https://docs.openshift.org/latest/welcome/index.html)
JEUS image download, or JEUS image creation and upload to storage (https://docs.docker.com/get-started/part2/)

To use JEUS in OpenShift, execute the following.

Start master and node servers.
Grant the authority to use the master's API server. (https://kubernetes.io/docs/reference/access-authn-authz/rbac/)

The master's API server is used to share information between JEUSs started in the container. Since OpenShift (Kubernetes) accounts are typically restricted from accessing API servers, grant them the access authority.

The following are sample configuration files. The file extension is .yaml.

<clusterRoleExample.yaml>
```
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: pod-reader
rules:
- apiGroups: [""] # "" indicates the core API group
  resources: ["*"]
  verbs: ["get", "watch", "list"]
```
<clusterRoleBindingExample.yaml>
```
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: read-pods
subjects:
- kind: Group
  name: system:serviceaccounts
  apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: ClusterRole
  name: pod-reader
  apiGroup: rbac.authorization.k8s.io
```
Set container environment variables to use the master's API server. (https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/)

The following is a sample configuration file. The file extension is .yaml.

<jeusContainerExample.yaml>
```
...
spec:
  containers:
  - name: jeus-container
    env:
    - name: API_VERSION
      value: "v1"
    - name: KUBERNETES_NAMESPACE
      value: "default"
...
```
The following describes each container environment variable used by JEUS. The variables must be registered in the pod deployment file.

Environment Variable Description
API_VERSION Version of master' API server.
KUBERNETES_NAMESPACE Pod's namespace. It can be used to get information about pods with the same namespace.
Create (deploy) the pod deployment file and confirm the pod status.

Environment Variable	Description
API_VERSION	Version of master' API server.
KUBERNETES_NAMESPACE	Pod's namespace. It can be used to get information about pods with the same namespace.

E.3. AWS

To use JEUS in PaaS cloud, build an environment with EKS resources (https://aws.amazon.com/eks), which is Kubernetes-based PaaS, and then start JEUS (refer to "E.2. Kubernetes").

The following describes tasks required to use JEUS in IaaS cloud (EC2).

JEUS cloud server gets EC2 information by using AWS API and operates based on the information. For this, execute the following.

Grant an IAM resource user the authority to access EC2 resources.

(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/ec2-api-permissions.html)
Issue the IAM resource user's access and secret keys.

(https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html)
Assign a tag with a key of 'scfGroup' to the EC2 instance. For the same SCF group, give the same value for the tag.

(https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html)

Set the following environment variables for the EC2 instance.

The following describes each environment variable used by JEUS to use AWS API server.

Environment variable	Description
AWS_ACCESS_KEY	Access key assigned by the IAM resource. It is required to create a token for using AWS API server.
AWS_SECRET_KEY	Secret key assigned by the IAM resource. It is required to create a token for using AWS API server.
AWS_SCF_GROUP	Value for the scfGroup tag.

Start EC2 resources and check SCF grouping.

E.4. vCloud

VMware vCloud Suite is an enterprise private cloud platform that supports IaaS cloud. To use JEUS in vCloud, run JEUS image in a VM. The following describes how to configure VM where JEUS is installed.

JEUS cloud server gets VM information by using VMWare vRealize Suite API and operates based on the information. For this, execute the following.

Set environment variables of VM.

Environment Variable	Description
VRA_ID	Account ID of vRealize Suite. (Example: admin@vsphere.local)
VRA_PW	Account password of vRealize Suite.
VRA_TENANT	Tenant information of vRealize Suite. (Example: tenant1)
VRA_URL	URL information of vRealize Suite. (Example: vra0.test.tmax.local)

Set hostname resolution.

If a domain is set in VRA_URL, register it to the host so that it can resolve the domain to an IP address.
Set firewall information.

If firewall is used in VM, communication is not made. Therefore, disable firewall in each VM.
```
systemctl stop firewalld
```
Set virtual multicast and SCF Group ID.
- Set virtual-multicast to true in the JEUS configuration file (domain.xml).
- Set -Djeus.scf.group-id in JEUS startup script (startCloudServer) for grouping.

Prev		Next
Appendix D. Installation Properties File in Silent Mode	Home	Index