[one-users] application integration (service publishing) in OpenNebula?

[Fabian Wenk]

Hello Biro

On 15.12.2011 09:54, biro lehel wrote:
> Hello Fabian. Thanks again for your reply. I really appreciate
> you for taking the time.

You're welcome.

> I read what you wrote a couple of times, and (I think) it
> helped me to clarify some things. But still, I have a few
> questions and issues for which I am looking for a clear
> answer. I put them in bullets:

I do not see any bullets, this is probably only available when 
viewed in HTML. I read (and also write) e-mails as text only, so 
the part below looks quite confusing to me and those it is very 
hard to answer, but I try.

> As I understand so far, OpenNebula has two types of users: the
> administrator, who basically has control over "everything",

Only everything regarding the management of the VMs, but 
depending on who did the installation of the OS (Operating 
System) inside the VM, he may not have access to it. But as he 
can control the virtual hardware (the VM), he could eventually 
circumvent security measures done inside the OS of the VM.

> and the users, who can authenticate securely, instantiate some
> VM's, and do the work necessary for them. My question: can
> OpenNebula have another "layer" of users, some kind of
> "end-users"? What I mean is: suppose I, as a user of

This is not the duty of OpenNebula, this is something which needs 
to be done by the administrator of the OS inside the VM. This 
depends a lot of the used OS inside this VMs, but tools should be 
available.

> OpenNebula, using my created VM's, create a Web Service, which
> I publish on the Internet. Can anyone access this (someone who
> has no idea about the private cloud, someone who is simply
> accessing the URL), and by this way uses my Web Service
> (created on the VM's by the means of OpenNebula), so,
> basically, uses OpenNebula "remotely" (without knowing it)? Or

As above, this service provisioning and user management of the 
web service depends on the person who creates and runs this web 
service. This is independent of OpenNebula, as OpenNebula only 
provides the VMs to run any OS in it. As I already wrote, 
OpenNebula is just an abstraction layer between physical computer 
hardware and the OS you run inside the VM. Without the OpenNebula 
cloud platform you would just install physical computers with the 
OS of your choice and the services and applications you would 
like to run. There you also need to create the necessary system / 
application to manage end users visiting your web service.

> this just doesn't make sense, since the whole idea of a
> private cloud is not to provide/publish information and
> services to the outside world, and this is not even possible
> since the virtual context?Are the most important reasons for

The private cloud does just provide you with virtual computers to 
run your OS and application of choice on it. This helps to better 
use the physical computer with more virtual machines on it. It 
gives you more flexibility with the available hardware resources 
to run more then one OS installation a the same time.

> installing OpenNebula the performance needs? Is there any

OpenNebula does reduce the performance of your hardware a little 
bit, as the additional layer also needs some capacity of the 
physical hardware, but I guess this can be ignored. Your hardware 
can be used more flexible with OpenNebula (or any other cloud 
abstraction layer), as you can use more then one OS (in a VM) in 
parallel on the same hardware.

> other reason because of which I may want to install it,
> besides the fact that I might need multiple VM's (that I can
> manage) to perform a task (and to achieve platform
> interoperability)? I mean this has be the main point of it,
> right?When the load reaches its maximum (on a task which a
> user tries to perform on OpenNebula VM's), are new VM's
> created automatically (it the physical resources allow this)
> to support the performace needs? Or the only way of creating

No, OpenNebula does not out of the box start new VMs when the 
currently running VMs are at a capacity limit. You need to build 
your own monitoring system, which does monitor your web service 
and act on the needs of more performance. This monitoring can 
then use OpenNebula to start additional VMs with your service / 
application. But additional VMs can only be started when there is 
enough physical hardware (eg. cluster nodes) available to support 
more VMs. It can not give you more raw hardware power as when 
your service / application would run directly on several physical 
servers instead. But it gives you more flexibility.

> VM's is the "manual" one?Can OpenNebula be installed on any
> type of physical network, or does it have some special needs?

The front end can be any i386 or amd64 (preferred) compatible 
computer which supports a current Linux distribution. But for the 
cluster nodes it would probably help if you use a CPU with VT 
support. Check the needs through the "Virtualization Subsystem 
3.0" [1] with the details of the type of virtualization you would 
like to use.

   [1] http://www.opennebula.org/documentation:rel3.0:vmmg

> Suppose I have an intranet in a company environment, with more
> interconnected physical machine that I'm actually going to
> use, does this change anything? Do I have to set up a separate
> physical network for the physical machines that I'm planning
> to include in the private cloud?

Depending on the amount of data which will be moved between the 
front end (or storage) and the cluster node, it could help to 
have a different physical network available for this, but it does 
also work in the same existing company network.

> That's it for now, I don't want to ask for too much
> information all at once.:) I really hope that these questions
> are easy-to-answer for a professional, and will not take much
> time (for you Fabian, or for anyone else who thinks that can
> help me).

Every answer takes time, and it even takes more time when the 
questions are more philosophical (or about how the design of your 
platform / application / web service should be) then clear 
technical questions. Somehow I get the impression, that you do 
not have the necessary system engineering experience, to be able 
to build such an application / web service platform on your own.

> Thank you, and waiting for your response,

You're welcome


bye
Fabian