Ovirt devel - Mar 2008 - Developer-only mode

All,
     After thinking about it for a little while, I think I've come up with a
way
to make "developer mode" very simple, without really making any
changes to our
source code, and without removing kerberos.  With this model, all developers
would have to do to get up and running would be to download an appliance, start
it up (this will be the management UI), and then just start up a second guest
XML booting to the network (this will be the "managed node").  Beyond
that,
there shouldn't be any configuration necessary by the user.  The details:

1.  We provide a pre-built WUI appliance.  Inside this appliance, we have
already configured Ovirt, databases, etc, along with FreeIPA with some default
realm (OVIRT.ORG).  Simplification #1: users don't have to run
ipa-server-install.

2.  Inside the appliance, we pre-configure firefox to authenticate to this
realm.  Simplification #2: Users don't have to mess with firefox.

3.  Inside the appliance, we create a default user (ovirtadmin) without a
password, and export the keytab for that user into some location into the
appliance (/usr/share/ovirt-wui/ovirt-admin.keytab).  Set up a cron job to
periodically kdestroy/kinit with this keytab.  Simplification #3: users
don't
have to kinit anymore.

4.  The whole appliance is run behind virbr0, so we can hard-code the MAC
address that we use without worrying about colliding on the real network.
Simplification #4: users won't have to muck (much) with the libvirt XML we
provide them.

5.  The "managed node" guest is also run behind virbr0, so we can
hard-code a
MAC here as well.  There's no disk to download (since we'll be pulling
the image
over PXE), just a default libvirt XML that we provide.

So, basically, I think we can do developer only mode with just configuration.  I
think this setup should be easy enough for most people to set up, assuming they
can create KVM guests (of course, Xen guests would probably work too).  I'm
going to start working on this configuration; any thoughts on it in the
meantime?

Chris Lalancette

On Fri, Mar 7, 2008 at 7:34 AM, Chris Lalancette <clalance at redhat.com>
wrote:
> All,
>     After thinking about it for a little while, I think I've come up
with
> a way
> to make "developer mode" very simple, without really making any
changes to
> our
> source code, and without removing kerberos.  With this model, all
> developers
> would have to do to get up and running would be to download an appliance,
> start
> it up (this will be the management UI), and then just start up a second
> guest
> XML booting to the network (this will be the "managed node"). 
Beyond
> that,
> there shouldn't be any configuration necessary by the user.  The
details:
>
> 1.  We provide a pre-built WUI appliance.  Inside this appliance, we have
> already configured Ovirt, databases, etc, along with FreeIPA with some
> default
> realm (OVIRT.ORG).  Simplification #1: users don't have to run
> ipa-server-install.
>
> 2.  Inside the appliance, we pre-configure firefox to authenticate to this
> realm.  Simplification #2: Users don't have to mess with firefox.
>
> 3.  Inside the appliance, we create a default user (ovirtadmin) without a
> password, and export the keytab for that user into some location into the
> appliance (/usr/share/ovirt-wui/ovirt-admin.keytab).  Set up a cron job to
> periodically kdestroy/kinit with this keytab.  Simplification #3: users
> don't
> have to kinit anymore.
>
> 4.  The whole appliance is run behind virbr0, so we can hard-code the MAC
> address that we use without worrying about colliding on the real network.
> Simplification #4: users won't have to muck (much) with the libvirt XML
we
> provide them.
>
> 5.  The "managed node" guest is also run behind virbr0, so we can
> hard-code a
> MAC here as well.  There's no disk to download (since we'll be
pulling the
> image
> over PXE), just a default libvirt XML that we provide.
>
> So, basically, I think we can do developer only mode with just
> configuration.  I
> think this setup should be easy enough for most people to set up, assuming
> they
> can create KVM guests (of course, Xen guests would probably work too).
>  I'm
> going to start working on this configuration; any thoughts on it in the
> meantime?
>
> Chris Lalancette
>
> _______________________________________________
> Ovirt-devel mailing list
> Ovirt-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/ovirt-devel
>
So everything would run on one physical host. Sounds great to me. The
VMs-within-VMs would be slow, but that's ok for a development environment.

I'll try to test this setup over the weekend.

Steve Linabery
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://listman.redhat.com/archives/ovirt-devel/attachments/20080307/3a80e587/attachment.htm>

On Fri, Mar 07, 2008 at 08:34:08AM -0500, Chris Lalancette
wrote:
> it up (this will be the management UI), and then just start up a
> second guest XML booting to the network (this will be the "managed
> node").  Beyond that, there shouldn't be any configuration
necessary
> by the user.  The details:
Did you mean to say "PXE booting from the network" there?

Do we still need a PXE boot server on the virbr0 virtual network?

Rich.

-- 
Richard Jones, Emerging Technologies, Red Hat  http://et.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines.  Boot with a
live CD or over the network (PXE) and turn machines into Xen guests.
http://et.redhat.com/~rjones/virt-p2v