How to Install Archipel on Linux Ubuntu

What is Archipel

Archipel is a solution to manage and supervise virtual machines. No matter if you have a few locally on your computer or thousands through data centers, Archipel is a central solution to manage them all.

How To Install Archipel on Ubuntu

0. Set hostname

hostname icloud.blackonsole.org
echo icloud.blackonsole.org > /etc/hostname

1. install dependencies

echo "deb https://apt.jabber.at trusty ejabberd" > /etc/apt/sources.list.d/jabber.at.list
wget -qO- https://apt.jabber.at/gpg-key | apt-key add -
apt-get update
apt-get install -y git ejabberd build-essential qemu-kvm libvirt-bin libvirt-dev python-setuptools python-numpy python-imaging python-apscheduler python-sqlalchemy python-libvirt subversion python-dev

2. Config eJabberd

vim /etc/ejabberd/ejabberd.yml

Setting ejabberd some like this:

###
###             ejabberd configuration file
###         Archipel Sample default condiguration

###     =========
###     DEBUGGING

# Increase this if you want sone insane erlang debug
loglevel: 3

###     ================
###     SERVED HOSTNAMES

# Change it for you icloud.blackonsole.org
hosts:
    - "icloud.blackonsole.org"

###     ===============
###     LISTENING PORTS

listen:
    -
      #it's a good idea to put xmlrpc behing a reverse proxy
      #because you can't use tls directly, make it listen to localhost
      #ip : 127.0.0.1
      # and read the Security section on the wiki
      port: 4560
      module: ejabberd_xmlrpc
      access_commands:
            xmlrpcaccess:
                all : []

## ejabberd c2s
    -
      port: 5222
      module: ejabberd_c2s
      ##
      ## If you installed a SSL
      ## certificate, specify the full path to the
      ## file and uncomment this line:
      ##
      ## certfile: "/etc/ejabberd/ejabberd.pem"
      ## starttls: true
      max_stanza_size: 65536000
      shaper: c2s_shaper
      access: c2s

## ejabbed s2s
    -
      port: 5269
      module: ejabberd_s2s_in
      max_stanza_size: 65536000

## ejabberd http/s and websocket/s
    -
      port: 5280
      module: ejabberd_http
      request_handlers:
        "/xmpp": ejabberd_http_ws
      # if you want to use starttls with websock
      # the URI will be wss://
      # please be sure that the certificate belong
      # to a trusted AC in your browser
      # certfile: "/etc/ejabberd/ejabberd.pem"
      # tls: true
      web_admin: true
      http_bind: true

###     ===
###     S2S
s2s_policy: s2s_access
s2s_use_starttls: optional
#s2s_certfile: "/etc/ejabberd/ejabberd.pem"

## domain_certfile: Specify a different certificate for each served hostname.
##
## host_config:
##   "example.org":
##     domain_certfile: "/path/to/example_org.pem"
##   "example.com":
##     domain_certfile: "/path/to/example_com.pem"

###     ==============
###     AUTHENTICATION

auth_method: internal

###     ===============
###     TRAFFIC SHAPERS

shaper:
  # in B/s
  normal: 1000
  fast: 50000000

###     ====================
###     ACCESS CONTROL LISTS

acl:
    admin:
        user:
            - "admin": "icloud.blackonsole.org"
    local:
        user_regexp: ""


###     ============
###     ACCESS RULES

access:
    max_user_sessions:
        all: 10
    local:
        local: allow
    c2s:
        blocked: deny
        all: allow
    c2s_shaper:
        admin: none
        all: fast
    s2s_shaper:
        all: fast
    s2s_access:
        all: allow
    announce:
        admin: allow
    configure:
        admin: allow
    muc_admin:
        admin: allow
    muc_create:
        local: allow
    muc:
        all: allow
    pubsub_createnode:
        all: allow
    register:
        all: allow
    xmlrpcaccess:
        admin : allow

### Frequency of account registration
registration_timeout: infinity

###     ================
###     DEFAULT LANGUAGE

language: "en"

###     =======
###     MODULES

modules:
    mod_adhoc: []
    mod_announce:
        access: announce
    mod_caps: []
    mod_configure: []
    mod_disco: []
    mod_http_bind:
        max_inactivity: 400 # timeout valie for BOSH usefull for a large number of VM
    mod_irc: []
    mod_last: []
    mod_muc:
        access: muc
        access_create: muc_create
        access_persistent: muc_create
        access_admin: muc_admin
    mod_offline: []
    mod_privacy: []
    mod_private: []
    mod_pubsub:
        access_createnode: pubsub_createnode
        ignore_pep_from_offline: true
        last_item_cache: false
        max_items_node: 1000
        plugins:
            - "flat"
            - "hometree"
            - "pep"
    mod_register:
        access: register
    mod_roster: []
    mod_shared_roster: []
    mod_time: []
    mod_vcard: []
    mod_version: []
    mod_admin_extra: []

Then restarting eJabberd

/etc/init.d/ejabberd restart

3. Install Archipel Agent

This agent can install in all hypervisor server

cd /usr/local/src
git clone https://github.com/ArchipelProject/Archipel.git
cd Archipel
./pull.sh
easy_install apscheduler sqlalchemy numpy
cd ArchipelAgent
./buildAgent -d
archipel-initinstall

4. Register user admin in ejabberd and archipel

ejabberdctl register admin icloud.blackonsole.org 4dMinPassWD
archipel-tagnode -j [email protected] -p 4dMinPassWD --create
archipel-rolesnode -j [email protected] -p 4dMinPassWD --create
archipel-adminaccounts -j [email protected] -p 4dMinPassWD --create

5. Config Archipel-Agent

vim /etc/archipel/archipel.conf

Config some like this:

#
# archipel.conf
#
# Copyright (C) 2010 Antoine Mercadal 
#               2014 Cyril Peponnet 
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see .


###############################################################################
###############################################################################

#
# General configuration. You should just need to edit these values
#
[DEFAULT]

# the default XMPP server to user
xmpp_server                 = icloud.blackonsole.org

# archipel's data folder
archipel_folder_lib         = /var/lib/archipel/

# this UUID will be used to identify the hypervisor
# internally. It MUST be different foreach one over
# your platform. You can generate a new one using
# uuidgen command
archipel_general_uuid       = b01ae4ae-0497-4356-b958-daHQ223B4jqJ

# the base working folder, where virtual machine related
# stuff will be stored
archipel_folder_data        = /vm/



###############################################################################
###############################################################################

#
# This is the main configuration parameters
#
[GLOBAL]

# jid of the xmpp pubsub server
xmpp_pubsub_server          = pubsub.%(xmpp_server)s

# jids of the root administrator separated with spaces
archipel_root_admins        = admin@%(xmpp_server)s tox@%(xmpp_server)s

# the ip of this machine. It can be :
# - auto : the IP if found using a Internet request.
# - gateway_interface : Using ip address configured on default gateway interface
# - X.X.X.X : manual ip
machine_ip                  = 1.2.3.4

# if set to True, XMPP layer uses avatars
use_avatar                  = True

# Folder of the avatars
machine_avatar_directory    = %(archipel_folder_lib)s/avatars

# the uri of hypervisor
libvirt_uri                 = qemu:///system

# [OPTIONAL] if set, this parameter is send to other hypervisors as migration UI
# migration_uri               = qemu+ssh://mydomain/system

# path were modules configuration are stored (*.conf)
modules_configuration_path = /etc/archipel/modules.d/

# default loading module policy
# - permissive : if no entry are found in the conf file in section MODULES, the module will be loaded anyway
# - restrictive: you need to explicitely declare what modules to load in MODULES
module_loading_policy       = restrictive

# [OPTIONAL] This parameters makes Archipel able to run in stateless mode.
# stateless mode needs some kernel parameters. please read the documentation (which is not available now :)
# about it, or leave it set to False
stateless_node              = False

#
# VCARD information - They CANNOT be empty
#
[VCARD]
orgname     = Archipel Corp
orgunit     = Dev
userid      = [email protected]
locality    = San Francisco
url         = //archipelproject.org
categories  = Archipel


#
# The hypervisor configuration
#
[HYPERVISOR]

# the JID of this hypervisor. It MUST be different foreach one over
# your platform.
# If this account not exists, it will be created on the fly
hypervisor_xmpp_jid         = icloud@%(xmpp_server)s

# the XMPP password of this hypervisor
hypervisor_xmpp_password    = uFp97vJ7U6

# the vCard name of hypervisor. if set to "auto"
# the hostname is used
hypervisor_name             = auto

# the sqlite3 db file to store hypervisor informations
hypervisor_database_path    = %(archipel_folder_lib)s/hypervisor.sqlite3

# the default avatar to use for hypervisor, relative to
# GLOBAL:machine_avatar_directory and if GLOBAL:use_avatar is set to True
hypervisor_default_avatar   = defaulthypervisor.png

# the file contaning auto generated names for virtual machine creation
# must be a text file containing one name per line
name_generation_file        = %(archipel_folder_lib)s/names.txt

# the database file for storing permissions (full path required)
hypervisor_permissions_database_path = %(archipel_folder_lib)s/permissions.sqlite3

#
# The virtual machines configuration
#
[VIRTUALMACHINE]

# the base folder to use to store virtual machine's own
# informations (drives, etc...)
vm_base_path                    = %(archipel_folder_data)s/drives

# [OPTIONAL] the base folder to store virtual machine permissions
# if not set, permissions are stored in the base folder
# vm_perm_path                    = %(archipel_folder_data)s/drives

# the default avatar to use for virtual machine, relative to
# GLOBAL:machine_avatar_directory and if GLOBAL:use_avatar is set to True
vm_default_avatar               = defaultvm.png

# the size of the random generated XMPP password
xmpp_password_size              = 32

# the maximum lifetime of a lock (in seconds)
maximum_lock_time               = 1

# the database file for storing permissions (relative path required)
vm_permissions_database_path    = /permissions.sqlite3

# if set to false, all space in virtual machine names will be replaced by a '-'
# note that for xen backend this option has no effect as xen does'nt handle spaces in names.
allow_blank_space_in_vm_name    = True

# [OPTIONAL] this will allow to block access to block devices
# when defining virtual machines
enable_block_device_access      = True

# [OPTIONAL] this will disable the screenshot feature. Libvirt 0.9.5+ is bugged
# If you use these versions, set this value to True. Default value (i.e not set) is False
disable_screenshot              = False



#
# Logging configuration
#
[LOGGING]

# minimal log level. it can be in order:
# - debug
# - info
# - warning
# - error
# - critical
logging_level               = debug

# max life time of a log node in the pubsub
log_pubsub_item_expire      = 3600

# max number of stored log in the pubsub log node
log_pubsub_max_items        = 1000

# the path of file to store logs
logging_file_path           = /var/log/archipel/archipel.log

# max size in bytes of a log file before rotation
logging_max_bytes           = 5000000

# number of log backup file to keep
logging_backup_count        = 5

# the date format to use in log file.
# See //docs.python.org/library/logging.html#formatter-objects
logging_date_format         = %Y-%m-%d %H:%M:%S

# the log format to use in log file.
# See //docs.python.org/library/datetime.html?highlight=date#strftime-and-strptime-behavior
logging_formatter           = %(levelname)s::%(asctime)s.%(msecs)03d::%(filename)s:%(lineno)s::%(message)s

# If this is True, xmpppy will be in debug mode
xmpppy_debug                = False

[MODULES]

action_scheduler            = True
centraldb                   = True
geolocalization             = True
hypervisor_health           = True
hypervisor_network          = True
hypervisor_vmcasts          = True
iphone_notification         = False
oomkiller                   = True
snapshoting                 = True
storage                     = True
virtualmachine_appliance    = True
vnc                         = True
xmppserver                  = True
vmparking                   = True  # needs centraldb to be activated

[CENTRALAGENT]
# centralagent can be :
#  - auto (default) : will be central agent if there is none already started
#  - force : will be central agent (be careful to configure only one of your hypervisors this way)
centralagent               = auto

[VNC]
vnc_certificate_file                        = None
vnc_only_ssl                                = False
vnc_enable_websocket_debug                  = True

Restarting Archipel

/etc/init.d/archipel restart

6. Add iso files to Archipel

mkdir /vm/iso/
chmod 777 /vm/iso
cd /vm/iso
wget //de.releases.ubuntu.com/14.04.3/ubuntu-14.04.3-server-amd64.iso

7. Install Archipel Client

This can install in local or where you will access the Archipel

wget //nightlies.archipelproject.org/latest-archipel-client.tar.gz
tar -xzf latest-archipel-client.tar.gz
cd Archipel/
python -m SimpleHTTPServer

Play with Archipel Client

Open //localhost:8000 in web browser.
0. Log in with admin@ user in installation
1. Add contact and then add [email protected]
2. Create VM in Archipel VMs
3. Configure hdd, cdrom, Nic for VM
4. Run the VM

Ref

o Google
o Archipel