cloud matrix book

8/18/2019 Cloud Matrix Book

1/265

loud Matrix Book

reated by : Meruvian loud Team


2/265

Daftar Isi

Daftar isi...............................................................................................................................2

Chapter 1 : IaaS (Infrastructure as a Service)..................................................................

BAB I...................................................................................................................................7

1.Pengenalan IaaS (Infrastructure as a Service)..................................................................7

2. IaaS Provider....................................................................................................................9

BAB II................................................................................................................................14

Installasi dan Konfigurasi IaaS..........................................................................................14

1. indo!s A"ure .............................................................................................................14

2. #$enStac% .....................................................................................................................19

A. Install Pa%et &ta'a #$enStac% ........................................................................21

B. Install Dataase (*S+,) ...............................................................................2-

. Install Ke*stone ................................................................................................24

D. Install /lance ...................................................................................................20

. Install ova ......................................................................................................20

3. Install ori"on ..................................................................................................27

-. loudStac% ....................................................................................................................25A. Konfigurasi anage'ents Server ....................................................................25

B. Konfigurasi Devcloud ......................................................................................-4

. Setu$ loudStac% .............................................................................................-9

BAB III .............................................................................................................................01

Ad'inistrasi 6 Dala' IaaS ...........................................................................................01

1. indo!s A"ure..............................................................................................................01

2. #$enStac%......................................................................................................................0-

A. I'age ....................................................................................................................0-

B. Securit* .................................................................................................................04

e'uat Securit* /rou$ ......................................................................................04

ena'a%an 8ule...............................................................................................04

Meruvian Cloud Team 2


3/265

eliat 8ule Pada Securit* /rou$.......................................................................00

enga$us 8ule ..................................................................................................00

. Instance .................................................................................................................0

e'uat Ke*$air .................................................................................................0

en:alan%an Instance;6irtual acine.................................................................07

D. 3lavor ....................................................................................................................<

. et!or% .................................................................................................................1

3. I'$ort I'age .........................................................................................................2

-. loudStac% ....................................................................................................................0

A. e'uat Instance;6irtual acine.......................................................................0

B. eliat Infor'asi =er%ait Instance;6irtual acine.............................................71

. A%ses Instance;6irtual acine............................................................................72

Chapter 2 : PaaS (Platform as a Service) .........................................................................

BAB I ................................................................................................................................70

Pengenalan PaaS (Platfor' as a Service)..........................................................................70

1. Pengenalan ....................................................................................................................70

2. PaaS Provider ................................................................................................................7

BAB II................................................................................................................................79

Installasi #$enSource PaaS ..............................................................................................79

1. loud 3oundr*...............................................................................................................79

Dengan A$t>/et.................................................................................................................5<

A. Konfigurasi 8e$ositor*....................................................................................5<

B. Konfigurasi ost..............................................................................................5<

. Installasi dan Konfigurasi Pa%et loud 3oundr* Server .................................51

Dengan 3 ...........................................................................................................?....54

A. Installasi dan Konfigurasi /it lone dan url.........................................?....54 B. en:alan%an loud 3oundr*....................................................................?....57

2. #$enSift...............................................................................................................?....59

Platfor' Server.......................................................................................................59

A. Installasi dan Konfigurasi Bro%er....................................................................59

Meruvian Cloud Team -


4/265

a. Pengaturan Sin%ronisasi................................................................................59

. 8e'ote Server (SS)....................................................................................9<

c. Konfigurasi 8e$ositor*.................................................................................9<

d. Do'ain (DS)..............................................................................................91

e. Konfigurasi DP dan ostna'e ....................................................... ........95

f. Konfigurasi Dataase (ongoDB) ..............................................................95

g. Konfigurasi Active + ..............................................................................1


5/265


6/265

Chapter 1

IaaS (Infrastructure as a Service)


7/265

"#" I

Pen$enalan IaaS (Infrastructure as a Service)

1. Pen$enalan

IaaS ( Infrastructure as Service ) adala agian siste' dala' loud o'$uting *ang 'en*edia%an

seluru %eutuan infrastru%tur 'ulai dari storageC ard!areC se'uan*a infrastru%tur tela di sedia%an

ole $rovider cloud terseut. :adi :i%a custo'er 'e'utu%an $en*i'$anan data (data center)C $rovider

cloud 'en*edia%an virtual storage *ang isa diguna%an ole custo'er cloud dengan %a$asitas sesuai *ang

diutu%an. usto'er tida% $erlu 'e'eli ard!are %o'$uter server dan segala al

$endu%ungn*a.usto'er an*a $erlu 'enga%ses 'edia $en*i'$anann*a secara virtual 'elalui internet.

Gambar 1.1 Arsitektur Infrastructure as Service

isal%an :uga custo'er ingin 'engelola servern*a sendiri untu% i'$le'entasi tertentuC 'a%a $rovider

isa 'en*edia%an virtual $rivate server dengan resource sesuai %eutuan *ang di%elola custo'er 'elaluiinternet. adi custo'er isa 'e'ili%i server tan$a 'e'ili%i ard!are terseut.Berdasar%an $en:elasan di

atas terliat a!a IaaS a'$ir sa'a dengan te%nologi %PS (%irtual Private Server) *ang 'e'ang $ada

dasarn*a sa'a>sa'a 'enci$ta%an seua 6irtual acine untu% $ela*anann*a.=a$i terda$at eera$a

$eredaan se$erti eri%ut



8/265

&itur IaaS (Infrastructure asService)

%PS (%irtual Private Server)

Service Self Service Self Service

8esource &sage Se'ua resource (server Cstorage C net!or%Cdll) diguna%ansecara saring agar leie%ono'is

=erda$at $ilian untu% saringatau an*a dedicated

S%alailitas S%alailitas da$at dieri%an%a$an sa:a seingga $ena'aanresource da$at dila%u%an %a$ansa:a

S%alailitas dila%u%an secara'anual C setela resourcedita'a 'a%a s*ste' arusdi%onfigurasi ulang dan do!nti'e.

Pe'a*aran Pengguna an*a 'e'a*arsesuai a$a *ang diguna%an

Pengguna 'e'a*ar sesuai a$a*ang diguna%an dengan

$ara'eter :u'la P& C %artu :aringan dan IP address *angdiguna%an

A%ses Da$at dia%ses %a$an$un dandi'ana$un ai% secara $ulicatau$un $rivate

Da$at dia%ses %a$an$un dandi'ana$un ai% secara $ulicatau$un $rivate

Dari tael di atas da$at diliat a!a te%nologi IaaS ta'$a%n*a lei ai% dari$ada 6PS dan tida%

'enutu$ %e'ung%inan a!a te%nologi 6PS seentar lagi a%an tergeser dengan te%nologi IaaS.



9/265

2. IaaS Provider

Dari !a%tu %e !a%tu seiring er%e'ang dan tu'un*a te%nologi loud o'$uting C tela an*a% :uga

$rovider IaaS *ang saling ersaing untu% 'enari% custo'er. Se$erti dala' tael seelu'n*aCsiste'

arga;$e'a*aran *ang diguna%an ole IaaS Provider tida% egitu ereda dengan 6PS. IaaS 'e'ato%

arga a!al sesuai dengan %eutuan $engguna C dan :i%a $engguna 'ena'a%an resource C 'a%a a%an

di%ena%an ta'aan ia*a sesuai resource *ang dita'a%an tadi.

Beri%ut adala eera$a IaaS Provider era*ar *ang tela ter%enal

• 'indo!s #ure

indo!s A"ure seagai 'edia loud Platfor' *ang %o'$le% *ang di%e'ang%an ole icrosfot :uga

'en*edia%an fasilitas IaaS Provider di'ana 'e'ung%in $engguna untu% 'e'uat seua virtualisasi

dengan #S se$erti indo!s Server dan ,inu@ Server di atasn*a C'e'ung%in $enggunan*a untu%

'engguna%an fasilitas IaaS *ang disedia%an 'elalui e Interface *ang tentun*a user friendl*.=ida%

an*a IaaS C indo!s A"ure :uga 'e'eri%an la*anan loud lain se$erti PaaS (Platform as Service)

dan SaaS (Soft!are as Service) .

• #maon C2 (lastic Compute Cloud )

A'a"on 2 adala agian uta'a dari loud Platfor' dari A'a"on.co'Es loud dan AS (A'a"on

e Service) .2 'e'ung%in%an $engguna 'e'uat 6irtual acine untu% 'en:alan%an service*ang diiingin%an dengan $ilian eragai #S *ang ada.

• *o *rid

Sa'a aln*a dengan IaaS $rovider *ang lain C /o grid :uga 'en*edia%an 6irtual acine *ang da$at

diguna%an ole $engguna dengan $ilian #S ervariasi.

• +ac,space

8ac%s$ace.co' :uga 'ena!ar%an $erang%at Infrastructuren*a.8ac%s$ace :uga 'e'ung%in%an

$engguna untu% 'e'uat ratusan cloud server secara langsung dengan te%nologi 6irtual acine *ang

didu%ung soft!are virtualisasi [email protected]%s$ace 'en*edia%an Processor +uad ore untu% loud

Server dengan alo%asi 'e'or* antara 1>-2 /B dan %a$asitas ardis% 'ulai 12< /B. uga dengan

$ilian eragai #S *ang da$at diguna%an.

Ada :uga loud Provider *ang ersifat -pen Source C di'ana 'ere%a 'e'u%a dan 'en*ear>



10/265

luas%an source code uilder loud>n*a %e$ada $ulic C *ang da$at di:adi%an seagai s*ste'

ased;core;%ernel;Platfor' agi $engguna *ang :uga ingin 'e'angun loud Servern*a

sendiri.Beera$a diantaran*a *ang ter%enal adala

• -penStac,

#$enStac% adala seua soft!are o$en source dala' cloud

co'$uting *ang erorientasi di idang Infrastructure as Service

(IaaS).#$enStac% 'engendali%an $roses %o'$utasi dan su'er

da*a :aringan dala' seua datacenter 'elalui dasoard *ang

'e'eri%an %ontrol ad'instrasi se%aligus 'e'eri%an a% a%ses

$ada $engguna 'elalui antar'u%a !e (!e

interface).#$enStac%'en*edia%an siste' o$erasi cloud untu% $ulic dan $rivate cloud di

a!a A$ace ,icense. Saat ini tela didu%ung ole lei dari < co'$an* *ang

er%ontriusi untu% 'enge'ang%an te%nologi ini

Gambar 1.2 Openstack Architecture



11/265

Saat ini #$enstac% terdiri dari - $ro:ect

-penStac, Compute (codename:/ova)

Adala #$en souce Soft!are *ang di desain untu% 'e>'anage :aringan>:aringan s%ala esarC

virtual 'esin serta 'enci$ta%an $latfor' *ang scalale untu% cloud>co'$uting.

-penStac, -0ect Stora$e (codename:S!ift)

Adala #$en source Soft!are untu% 'e'uat data storage *ang scalale 'engguna%an cluster

server untu% 'en*i'$an data dengan s%ala $eta*tes.

-penStac, Ima$e Service (codename:*lance)

Adala sala satu $rodu% dari #$enStac% *ang diguna%an untu% la*anan virtual dis% i'ages.



12/265

• CloudStac,

loudStac% adala seua a$li%asi ersifat #$en Source *ang

ergera% di idang loud o'$uting %ususn*a Infrastructure as

Service (IaaS) *ang di%e'ang%an ole cloud.co' di taun

2


13/265

Secondar3 Stora$e

Adala 'edia $en*i'$anan *ang diguna%an ole siste' loudStac% untu% 'en*i'$an

te'$lateCi'age IS# dan Sna$sots.engguna%an 3S dala' $engo$erasiann*a . Da$at

dire$li%asi dan tersedia untu% se'ua "ona.

loudStac% sa'$ai se%arang tela 'erilis versi teraru loudStac% versi 4.< *ang :uga didu%ung

ole A$ace dengan na'a A$acge loudStac% Incuator.Ada$un versi stail adala loudStac%

versi -.< *ang 'en*edia%an Mana$ement Server4#$ent45sa$e Monitor dan Data0ase Server.

Meruvian Cloud Team 1-


14/265

"#" II

Installasi dan 6onfi$urasi IaaS

Se$erti *ang tela di:elas%an di atas er'aca'>'aca' IaaS ai% *ang era*ar atau$un *ang tida%

era*ar.Di a ini a%an di:elas%an cara installasi dan $e'uatan Instance;6irtual acine di dala'n*a.

1. 'indo!s #ure

indo!s A"ure seagai 'edia loud Platfor' *ang %o'$le% *ang

di%e'ang%an ole icrosfot :uga 'en*edia%an fasilitas untu% 'e'uat

seua virtualisasi di atasn*a C'e'ung%in $enggunan*a untu% 'engguna%an

fasilitas IaaS *ang disedia%an.indo!s A"ure 'e'eri%an eera$ $ilian #S

se$erti icrosoft Bi"tal% ServerC icrosoft S+, Server C indo!s Server dan

,inu@ (entos C &untu dan #$enSuse) ,ang%a>lang%a 'e'uat seua

6irtual acine di atas indo!s A"ure C %ali ini #S *ang diguna%an adala

,inu@ &untu 12.


15/265

Kli% to'ol /e! $ada sidear di agian %iri

Gambar 1.! "#$ %ew

Kli% Compute 7 %irtual Machine4 lalu $ili &rom *aller3.

Gambar 1.& membuat 'irtua( )achine

Ke'udian a%an 'uncul dialog untu% 'e'ili #$erating S*ste' *ang a%an diguna%an seagai 6irtual

acine.Pili #$erating S*ste' *ang a%an diguna%anCdala' al ini adala &untu 12.


16/265

Gambar 1.* +i(ih OS

Selan:utn*a isi%an infor'asi 'engenai nama %irtual Machine4 username4 pass!ord serta resource *ang

a%an %ita guna%an untu% 6irtual acine terseut.

Gambar 1., -onfiurasi 'irtua( )achine



17/265

Kli% to'ol /e8t (9) di $o:o% %iri a!a.Ke'udian 'uncul !indo! untu% %onfigurasi DSCstorage

acount dan $ilian 8egion di'ana leta% data center *ang a%an di:adi%an seagai te'$at $en*i'$anan .

Gambar 1./ -onfiurasi 'irtua( )achine

&ntu% 'enguung%an seua 6irtual acine dengan 6irtual acine lain $ili o$si onnect to an

e8istin$ %irtual Machine atau $ili Standalone %irtual Machine untu% 'en:alan%an 6irtual acine

seagai Standalone 6irtual acine.Dala' al ini C o$si *ang diguna%an adala Standalone 6irtual

acine.Pili storage account *ang di'ili%i guna%an use an automaticall3 $enerated stora$e account

seagai $ilian defaultn*a.Selan:utn*a $ili /e8t (9 ).



18/265

Gambar 1.0 'irtua( )achine Options untuk menhubunkan denan 'irtua( )achine (ainna

Beri%utn*a terda$at %onfigurasi *ang diguna%an untu% 'enguung%an 6irtual acine dengan 6irtual

acine *ang lain.Karena seelu'n*a di$ili Standalone 6irtual acine C 'a%a aai%an %onfigurasi ini.

,an:ut%an dengan 'e'ili /e8t (9 ) .

Setela $roses selesai C %e'ali %e dasoard dan a%an dita'$il%an 6irtual acine *ang tela diuat.

Gambar 1.1 +roses pembuatan 'irtua( )achine te(ah berhasi(



19/265

2. -penStac,

Se$erti *ang :uga tela di:elas%an di atas a!a #$en Stac% adala sala satu loud Platfor' *ang

ersifat -pen Source.&ntu% installasi #$enStac% *ang di$erlu%an adala seagai eri%ut

CP5 : P& *ang suda 'endu%ung 6irtuali"ation =ecnolog*.

Sistem -perasi Dire%o'endasi%an 'engguna%an &untu 12.


20/265

Keterangan

eth: 1;2.1


21/265

#. Install Pa,et 5tama -penstac,

Setela itu 'ulai install $a%et uta'a dari #$enStac% *ang terda$at di s%ri$ $erta'a

# ./openstack_base_1.sh

Keti%a 'enge%se%usi s%ri$ o$enstac%ase1.sC 'a%a s*ste' a%an 'ela%u%an instalasi eera$a $a%et

se$erti tt ntp 4time sever5 serta 'enga%tif%an i$ for!arding.

Setela itu e%se%usi s%ri$ %eduaC di sini a%an diinstall eera$a $a%et se$erti 8ait'J C 'e'cace C

*$ervisor %v'CJe'u dan lain>lain.

# ./openstack_base_2.sh

Di a%ir $roses nantin*a a%an ada %onfir'asi untu% 'engguna%an sala satu $artisi *ang ada di siste'

untu% di:adi%an seagai server novavolume.

a'un :i%a di siste' anda tida% tersedia $artisi %osong untu% iniC anda isa 'engaai%an %onfigurasi

nova>volu'e.

# fdisk /dev/sdb

Device contains neither a valid DOS partition table, nor Sun, SGI or OSF

disklabel

Building a new DOS disklabel with disk identifier 0xb!fe"af#

$hanges will re%ain in %e%or& onl&, until &ou decide to write the%#

'fter that, of course, the previous content won(t be recoverable#

)arning* invalid flag 0x0000 of partition table + will be corrected b& write-

$o%%and % for help-* n

.artition t&pe*

p pri%ar& 0 pri%ar&, 0 extended, + free-

e extended

Select default p-* p

.artition nu%ber /+, default /-* /

First sector 10+231!/+44!, default 10+2-*



22/265

5sing default value 10+2

6ast sector, 7sectors or 7si8e9:,;,G< 10+231!/+44!, default 31!/+44!-*

5sing default value 31!/+44!

$o%%and % for help-* w

=he partition table has been altered>

$alling ioctl- to reread partition table#

S&ncing disks#

# pvcreate -ff /dev/sdb1

.h&sical volu%e ?@dev@sdb/? successfull& created

# vgcreate nova-volumes /dev/sdb1

Aolu%e group ?novavolu%es? successfull& created



23/265

". Install Data0ase (M3S@A)

Pada taa$ ini a%an diinstall $a%et *S+,>server serta 'e'uat dataase untu% eera$a service *ang

diutu%an ole #$enStac% se$erti %e*stone C nova dan glance.

asu%%an $ass!ord *ang a%an diguna%an untu% 'enga%ses dataase %e*stoneCnova dan glance.

# ./ openstack_mysql.sh

Enter a password to be used for the OpenStack services to talk to MySQL

(users nova, glance, keystone): f00bar

Selan:utn*a $ada agian a%ir di'inta untu% 'e'asu%%an root $ass!ord dari dataase *ang tela

terinstall $ada dialog 6nter +assword untu% 'e'uat dataase novaCglance dan %e*stone oto'atis

mysql start/running, process 8796

#####################################################################################

##

Creating OpenStack databases and users. se your database pass!ord !"en prompted.

nter pass!ord$

Pasti%an da$at 'enga%ses dataase *S+, dengan 'asing>'asing user *ang tela diuat dengan

$ass!ord *ang tela diin$ut%an seelu'n*a .

# mysql -u nova -p

# mysql -u keystone -p

# mysql -u glance -p



24/265

C. Install 6e3stone

Ke*stone adala sala satu %o'$onen #$enStac% *ang ertugas seagai identit* service untu%

'anage'ent userCto%enC$ro:ect dan securit* *ang ada dala' #$enStac%.

# ./openstack_keystone.sh

asu%%an to%enCuserna'eCdan $ass!ord untu% user infor'ation di dala' dataase

nter a token %or t"e OpenStack ser&ices to aut" !t" keystone$ meru&ian

nter t"e pass!ord you used %or t"e 'yS() users *no&a, glance, keystone+$ %bar

nter t"e email address %or ser&ice accounts *no&a, glance, keystone+$

user-%oobar.com

&ntu% 'enga%ses %e*stone C e%se%usi Gstac%rcH *ang erisi infor'asi environ'ent *ang tela diuat.

BB isi file stackrc BB

export OSC=E'E=CE';Fad%in

export OSC5SGE';Fad%in

export OSC.'SS)OGDF%eruvian

export OSC'5=HC5G6F?http*@@/1"#0#0#/*4000@v1#0@?

export 'D;IEC.'SS)OGDF%eruvian

export SGAI$C.'SS)OGDF%eruvianexport SGAI$C=O:EF%eruvian

export SGAI$CED.OIE=F?http*@@/1"#0#0#/*44"@v1#0?

export SGAI$C=E'E=CE';Fservice

# ./stackrc

ke&stone userlist

77777

id enabled e%ail na%e

77777

b1b!0/"fb!4+eeeacb/0bebf/+aceb =rue kordlessJfoobar111#co% de%o

bfcbaa/+14ae+cd1b2ff/ddcf!4c!0"a =rue kordlessJfoobar111#co% glance

c/ca/30+c2++f1243e2/2c+ceb+d+ =rue kordlessJfoobar111#co% nova

dd/2fe1daac+3321e0440dc!dde =rue kordlessJfoobar111#co% ad%in


mailto:[email protected]:[email protected]


25/265

D. Install *lance

/lance 'eru$a%an i'age service *ang erguna untu% 'anage'en virtual dis% i'age di dala' #$enstac%

# ./openstack_glance.sh

S%ri$ ini a%an 'ela%u%an instalasi glance serta 'ela%u%an do!nload i'age &untu 12.


26/265

=he I. address for eth0 is probabl& /0#0#/#4# :eep in %ind &ou need an eth/ for this

to work#

nter the pri%ar& ethernet interface I.* /!1#/32#1#1 ip address eth0-

nter the fixed network eg# /0#0#1#1@1"-* /"1#/3#/#0@/3 ip untuk dhcp-

nter the fixed starting I. eg# /0#0#1#-* /"1#/3#/#/

=he floating range can be a subset of &our current network# $onfigure &our DH$.

server

to block out the range before &ou choose it here# 'n exa%ple would be /0#0#/#11+144

nter the floating network eg# /0#0#/#11+@1"-* /!1#/32#1#!" ip range awal dhcp-

nter the floating netowrk si8e eg# 1-* 2

Setela %onfigurasi dan instalasi selesaiC dilan:ut%an dengan 'eliat i'age *ang ada di dala' glance

'engguna%an $erinta nova

# nova image-list

77777

ID Ea%e Status Server

77777

"/b2b4d4a!"1+2bb!+0!2a"+b24ed3a 5buntu /1#0+ 6=S '$=IA

77777



27/265

&. Install Borion

ori"on 'eru$a%an Dasoard controller di #$enstac% *ang 'e'ung%inan user untu% 'e'anage

InstanceC resourceC dll dari dasoard ori"on terseut.

&ntu% instalasi e%se%usi file s%ri$ o$enstac%ori"on.s se$erti $erinta di a!ai ini

#./openstack_horizon.sh

Selan:utn*a a%ses tt$;;localost atau tt$;;i$ addressL lalu login dengan userna'e dan $ass!ord *ang

tela di'asu%%an $ada saat instalasi %e*stone di lang%a seelu'n*a

Gambar 1.11 Openstack 7orion


http://localhost/http://localhost/


28/265

. CloudStac,

loudStac% :uga 'eru$a%an #$en Source loud Platfor' C $eredaan*a di sini loudStac% 'engguna%an

ava seagai aasa dala' $e'uatan %o'$onen anage'ents Servern*a.Dala' installasi loudStac%

#. 6onfi$urasi Mana$ements Server

Dala' al ini a%an diinstall loudStac% dengan #S &untu 12.


29/265

Do!nload terlei daulu $ro:ect incuator>cloudstac% dari tt$s;;git>!i$>

us.a$ace.org;re$os;asf;incuator>cloudstac%.git .

$ git clone tt$s;;git>!i$>us.a$ace.org;re$os;asf;incuator>cloudstac%.git$ git pull origin master

Setela $roses clone C a%an terundu folder Eincu0atorcloudstac,E *ang erisi $ro:ect dari loudStac% C

untu% 'engco'$ilen*a di$erlu%an A$ace aven -. &ntu% itu install terlei daulu #pache Maven .

Do!nload dan e@tra% A$ace aven.

$ wget http:??!!!.apache.or$?d3n?closer.c$i?maven?maven?..?0inaries?apachemaven..

0in.tar.$

$ tar zxvf apache-maven-.!."-in.tar.gz

Ke'udian %onfigurasi PA= A$ace aven dala' siste' .

$ nano .ashrc

ta'a%an export %_&'()/direktori-apache-maven-diextrak

export *+,&)$%_&'(/in$*+,&

$ sudo nano /etc/profile

ta'a%an

export %_&'()/direktori-apache-maven-diextrak

export *+,&)$%_&'(/in$*+,&


https://git-wip-us.apache.org/repos/asf/incubator-cloudstack.githttps://git-wip-us.apache.org/repos/asf/incubator-cloudstack.githttps://git-wip-us.apache.org/repos/asf/incubator-cloudstack.githttp://www.apache.org/dyn/closer.cgi/maven/maven-3/3.0.4/binaries/apache-maven-3.0.4-bin.tar.gzhttp://www.apache.org/dyn/closer.cgi/maven/maven-3/3.0.4/binaries/apache-maven-3.0.4-bin.tar.gzhttps://git-wip-us.apache.org/repos/asf/incubator-cloudstack.githttps://git-wip-us.apache.org/repos/asf/incubator-cloudstack.githttps://git-wip-us.apache.org/repos/asf/incubator-cloudstack.githttp://www.apache.org/dyn/closer.cgi/maven/maven-3/3.0.4/binaries/apache-maven-3.0.4-bin.tar.gzhttp://www.apache.org/dyn/closer.cgi/maven/maven-3/3.0.4/binaries/apache-maven-3.0.4-bin.tar.gz


30/265

$ sudo nano /etc/environment

ta'a%an

*+,&)$%_&'(/in/usr/local/sin/usr/local/in/usr/sin/usr/in/s

in/in/usr/games

Ke'udian logout dari ter'inal dan 'asu% %e'ali dan ce% a$a%a aven tela ter%onfigurasi dengan

ai%.

$ mvn -v

Gambar 1.13 )aven 'ersion 3

Setela itu 'asu% %e dire%tori Gincuator>cloudstac%HCla%u%an clean dan uild dengan 'aven

$ mvn clean

$ mvn install

Meruvian Cloud Team -


31/265

Gambar 1.1! mvn insta((

=ida% lu$a :uga %onfigurasi dataase untu% loudStac% C uat dataase dala' *S+, server

$ mysql -u root -p

*assword

mysql create dataase cloud0

mysql create dataase cloud_usage0

mysql grant all on cloud.1 to cloudMlocalost identified y 2cloud20

mysql grant all on cloud_usage.1 to cloudMlocalost identified y 2cloud20

Meruvian Cloud Team -1

mailto:cloud@localhostmailto:cloud@localhostmailto:cloud@localhostmailto:cloud@localhost


32/265

,a%u%an i'$ort dataase dengan 'aven.

$ mvn -* developer -pl developer -3deployd

Ke'udian e@$ort PA= untu% server *ang a%an diguna%an 'en:alan%an loudStac%.

$ export +4(5_'*,6)-7mx8!%"m -7deug

-7run9dwptransport)dt_socket:address);


33/265

Gambar 1.1& :I 9(oudStack )anaement Server

Meruvian Cloud Team --


34/265

". 6onfi$urasi Devcloud

Setela 'e'asti%an installasi anage'ent Server erasil diinstall C dilan:ut%an dengan 'en:alan%an

ima$e dari loudStac% *ang 'e'ang tela disia$%an dan disear>luas%an ole citri@ untu% 'e'$er'uda

installasi loudStac%. I'age terseut erna'a Devcloud2.ova *ang da$at dido!nload di

tt$;;$eo$le.a$ace.org;Naisaa;cloudstac%;Devcloud2;Devcloud2.ova . Dala' i'age terseut

diguna%an #S De0ian 'hee3 -2 it seagai $latfor' . Deian ini tela terinstall FP seagai

virtualisasi dala' $e'uatan Instance nantin*a. uga tela terinstall 3S seagai storage *ang diguna%an.

Kesi'$ulann*a C Devcloud2.ova adala entu% $ortale dari loudStac%.

&ntu% 'en:alan%an devclod2.ova C install terlei daulu #racle 6irtual o@ dala' %o'$uter .#racle

6irtual da$at diinstall 'elalui 50untu Soft!are Center di%arena sifatn*a *ang :uga #$en Source dan

suda didaftar%an dala' Pac%age &untu teruta'a &untu 12.


35/265

Ke'udian :alan%an #racle 6irtual Bo@ .

Gambar 1.1, Startup Orac(e 'irtua( ;o<

Ke'udian i'$ort Devcloud2.ova 'elalui 'enu &ile Import #ppliance -pen #ppliance .Ke'udian

$ili Devc(oud2.ova . Pada #ppliance Settin$s ua 8A dari 2


36/265

Gambar 1.1/ )enubah =A)

Setela Devcloud2.ova selesai dii'$ort a%an terentu% 6 aru erna'a Devcloud.

Ke'udian atur :aringan $ada #racle 6irtual acine agar da$at 'enguung%an Devcloud dengan

%o'$uter dan loudStac% anage'ents Server *ang tela diinstall.

Melalui &ile Preference /et!or, . Buat I aru ena'a vo@net< C dengan %onfigurasi IP dan

DP Server se$erti ga'ar di a!a ini

Gambar 1.10 I+ Address dan D79+ Servervbo


37/265

Setela itu atur :uga %artu :aringan $ada Devcloud 'elalui %li% %anan $ada Devcloud Settin$s

/et!or,. Ara%an #dapter 1 ,e Bostonl3 #dapter dan pilih v0o8net dan #dapter 2 ,e /#T.

Gambar 1.2 -onfiurasi Adapter Devc(oud

Ke'udian :alan%an Devcloud *ang tela di%onfigurasi tadi.

Gambar 1.21 Startin Devc(oud2.ova



38/265

Setela se'ua selesai $asti%an %o'$uter dan Devcloud isa ter%one%si dengan ai% dan Devcloud da$at

ter%one%si dengan internet.=est dengan fasilitas $ing .

Gambar 1.22 +in komputer ke Devc(oud

Gambar 1.23 pin dari Devc(oud ke internet



39/265

C. Setup CloudStac,

Setela anage'ent Server diinstall dan Devcloud er:alan C lan:ut%an dengan setu$ . ,ogin di

anage'ent Server dengan userna'e GadminH dan $ass!ord Gpass!ordH .

Pada ta'$ilan a!al aai%an;S%i$ Basic Setu$ dengan 'e'ili GI Bave used CloudStac, 0efore 4 s,ip

this *uideH .

Gambar 1.2! Skip ;asic Setup

Ke'udian 'asu% $ada Dasoard C $ili Infrastructure ones #dd one $ili "asic .



40/265

Gambar 1.2& )enambahkan >one

Keterangan

a'e O test

DS 1 O =.=.=.=

Internal DS 1 O ...

*$ervisor O enServer

et!or% #ffering O DefaultShared/et!or,-fferin$'ithS*Service

,ocal Storage O na0le



41/265

Setela itu $ili /e8t C dan 'asu%%an $ada %onfigurasi et!or% .

Gambar 1.2* -onfiurasi %etwork

Setela itu 'ena'a%an Pod .



42/265

Gambar 1.2, )enambahkan +od

Keterangan

Pod a'e 9 m3podone

8eserved S*ste' gate!a* O 1;2.1


43/265

Gambar 1.2/ )enambahkan Guest 8raffic

Keterangan

/uest /ate!a* O 1;2.1


44/265

Gambar 1.20 )enambahkan 9(uster

Keterangan

*$ervisor 9 enserver (sudah ditentu,an di a!al pem0uatan one)

luster a'e 9 G8cpH

Ke'udian $ili e@t untu% 'ena'a%an ost.



45/265

Gambar 1.3 )enambahkan 7ost

Dala' al ini ostna'e C userna'e dan $ass!ord sesuai dengan Devcloud *ang tela di:alan%an tadi C

'a%a dari itu %one%si antara %o'$uter dengan anage'ent Server dan Devcloud arus teta$ di:aga.

Keterangan

ostna'e O 1;2.1


46/265

Gambar 1.32 )enambahkan 7ost

3S server *ang diguna%an adala Devcloud . Dala' al ini dala' %onfigurasin*a C storage *ang

di:adi%an 3S adala ?opt?stora$e?secondar3.

$ sudo nano /etc/export



47/265

Gambar 1.33 -onfiurais %?S

3S Server O 1;2.1


48/265

Gambar 1.3! Setup siap disimpan

Kli% ,aunc "one .



49/265

Gambar 1.3& +roses penimpanan hasi( setup

i%a $roseses er:alan lancar dan selesaiC'a%a a%an 'uncul $o$ u$ *ang 'en*ata%an a!a $roses

erasil dan 'enga%tif%an "one *ang tela diuat.

Gambar 1.3* 6nab(e >one

Selain dengan lang%a>lang%a diatas C $e'uatan "one :uga da$at dila%u%an dengan cara 'engi'$ort

conto "one *ang 'e'ang suda disedia%an ole develo$er loudStac%.

$ cd tools/3evcloud

$ python ../marvin/marvin/deploy3ata=enter.py -i 3evcloud.cfg

Setela itu %e'ali %e dasoard C dan a%an ta'$il infor'as s*ste' ca$acit* *ang 'en*ata%an usage dari

source *ang diguna%an.



50/265

Gambar 1.3, Dashboard

Peri%as :uga S*ste' 6s untu% 'e'asti%an a!a Instance da$at diuat nanti 'elalui Infrastructure

S3stem %Ms

i%a status S*ste' 6s 'ena'$il%an GStartin$ KH ini 'enun:u%%an a!a $roses elu' er:alan dan

loudStac% anage'ents Server $erlu direstart agar $rosesn*a er:alan.



51/265

"#" III

#dministrasi %M Dalam IaaS

Pada a ini a%an di:elas%an eera$a $anduan ad'inistrasi 6 dala' IaaS *ang suda diinstall di

a seelu'n*a.

1. 'indo!s #ure

6irtual acine *ang tela diuat seelu'n*a (&untu 12.


52/265

Gambar 1.30 informasi SS7 port

Infor'asi SS ter%ait 6irtual acing *aitu mervubuntu.cloudapp.net : 22

Setela SS ;$utt* terinstall dengan enar di siste' client C tes %one%si untu% 'ere'ote 6irtual acine

$ ssh azureuser>mervuuntu.cloudapp.net

Gambar 1.! =emote 'irtua( )achine


mailto:[email protected]:[email protected]


53/265

2. -penStac,

Di a seelu'n*a tela di:elas%an lang%a>lang%a installasi dan %onfigurasi #$enStac% C dan %ali ini

a%an di:elas%an :uga tentang eera$a $anduan ad'inistrasi ter%ait #$enStac%Cse$erti ad'inistrasi

i'ageCsecurit*Csecurit* grou$Cdll.

#. Ima$e

Ada eera$a $re>uilt i'age *ang tela 'endu%ung #$enStac%.se$erti uuntu

clouding i'age *ang da$at di do!nload dari tt$;;cloud>i'ages.uuntu.co'; atau

dari vendor *ang 'en*edia%an i'age>i'age lainn*a.Setela erasil 'enda$at%an

i'ageC lang%a selan:utn*a adala agai'ana 'engu$load i'age terseut %e

dala' @bucket@ i'age service agar da$at di:alan%an ole #$enStac%.

/una%an $erinta di a!a ini untu% 'engu$load i'age %e dala' glance

# glance add name=”Ubuntu 12.04” is_public=true

container_format=ovf disk_format=qcow2 < server.img

Selan:utn*a $asti%an a!a i'age *ang tela anda u$load tela erada di dala' glance

# glance index

ID Name Disk Format Container Format Size

----------------------------------------------------------------------------------------

4022-877d-2170adbeb185 Ubuntu Virtualbox qcow2 ovf 8589934592

48e7-b07b-ad3eef91989d Ubuntu 12.04 qcow2 ovf 226426880


http://cloud-images.ubuntu.com/http://cloud-images.ubuntu.com/


54/265

". Securit3

#$enStac% 'e'$un*ai fitur %usus untu% 'engatur 'asala securit* *ang ada di dala' siste'.

#$enStac% 'enera$%an seua securit* grou$ $ada 'asing>'asing Instance *ang diuat di'ana securit*

grou$ ini 'engi'$le'entasi%an i$tale rule *ang da$at di custo'isasi ole user.

Securit* /rou$ di dala' #$enStac% adala na'a seua ru(e *ang diguna%an untu% 'e'filter $a%et>

$a%et *ang 'asu% %e dala' #$enStac% Instance.Securit* grou$ da$at di$ili *ang 'ana *ang a%an

ditera$%an %eti%a a%an 'en:alan%an Instance.

a'un untu% securit* lei lan:ut anda da$at 'engatur fire!all di dala' Instance *ang tela anda

:alan%an di dala' #$enStac%.

Di a!a ini a%an di:elas%an lang%a>lang%a untu% Ad'inistrasi securit* grou$ .

Membuat Security Group

e'uat securit* grou$ dengan na'a G'* securit*H .

# nova secgroup-create mysecurity my-security-group

+------------+-------------------+

| Name | Deskripion |

+------------+-------------------+

| mysecurity | my-security-group |+------------+-------------------+

Menambahkan Rule

ena'a%an rule untu% securit* grou$ dengan 'engi:in%an $a%et =P dan IP dari $ort 21


55/265

# nova secgroup-add-rule mysecurity icmp 22 100 192.168.2.20/0

+-------------+-----------+---------+----------------+--------------+

| IP Protocol | From Port | To Port | IP Range | Source Group |

+-------------+-----------+---------+----------------+--------------+

| icmp | 22 | 100 | 192.168.2.20/0 | |

+-------------+-----------+---------+----------------+--------------+

Melihat Rule Pada Security Group

&ntu% 'eliat Securit* /rou$ dengan $erinta di a!a ini

# nova secgroup-list-rules mysecurity

+-------------+-----------+---------+----------------+--------------+

| IP Protocol | From Port | To Port | IP Range | Source Group |

+-------------+-----------+---------+----------------+--------------+

| icmp | -1 | -1 | 192.168.2.20/0 | |

| icmp | 22 | 100 | 192.168.2.20/0 | |

| tcp | 22 | 22 | 192.168.2.20/0 | |

| tcp | 22 | 400 | 192.168.2.20/0 | |

+-------------+-----------+---------+----------------+--------------+

Menghapus Rule

/una%an $erinta di a!a ini untu% 'enga$us securit* grou$

# nova secgroup-delete mysecurity



56/265

C. Instance

Instance adala seua 6irtual acine *ang diuat ole #$enStac% o'$ute Server. Instance *ang tela

di:alan%an terseut 'e'$un*ai daur idu$ se$erti di a!a ini

Gambar 1.3/ OpenStack Instance

Membuat Keypair

Service>service *ang ada di dala' #$enStac% di autentifi%asi dan diotoriasasi ole -estone sala satu

agian dari %o'$onen #$enStac% *ang 'en*edia%an la*anan identifi%asiC to%en untu% la*anan #$enStac%

ainn*a.

asing>'asing user 'e'$un*ai seua %e*$air *ang diguna%an untu% erintera%si dengan service>

service *ang ada di dala' #$enStac%.Ke*$air ini da$at :uga di do!nload 'elalui #$enStac% Dasoard.

/una%an $erinta di a!a ini untu% 'e'uat %e*$air

# ssh-keygen

# cd ?/.ssh



57/265

ena'a %e*$air dengan na'a G'erv%e*H dari generate %e* *ang tela diuat dengan $erinta

# nova keypair-add --pu_key id_rsa.pu mervkey

eliat %e*$air *ang ada di #$enStac% dengan 'engguna%an $erinta

# nova keypair-list

+---------+-------------------------------------------------+

| Name | Fingerprint |

+---------+-------------------------------------------------+

| admin | c1:6f:5e:d0:94:7e:54:dd:81:85:21:99:50:16:77:4a |

| mervkey | 47:2e:5b:8f:57:42:53:87:06:0b:aa:cd:89:25:bd:10 |+---------+-------------------------------------------------+

&ntu% 'enga$us %e*$airC guna%an $erinta

# nova keypair-delete mervkey

Menjalankan Instance/Virtual Machine

Seelu' 'en:alan%an InstanceC $asti%an tela ada i'age *ang tersedia di dala' glance i'age service.

Keti%%an $erinta di a!a ini untu% 'eliat list i'age *ang tersedia.

# glance index

ID Name Disk Format Container Format Size

------------------------------------ ------------------------------ --------------------

4022-877d-2170adbeb185 Ubuntu Virtualbox qcow2 ovf 8589934592

48e7-b07b-ad3eef91989d Ubuntu 12.04 qcow2 ovf 226426880



58/265

en:alan%an Instance dengan i'age id 48e7-b07b-ad3eef91989d dengan na'a G'*InstanceH

# nova boot --flavor 1 --image 48e7-b07b-ad3eef91989d --key_name admin

myInstance+-------------------------------------+--------------------------------------+

| Property | Value |

+-------------------------------------+--------------------------------------+

| OS-DCF:diskConfig | MANUAL |

| OS-EXT-SRV-ATTR:host | None |

| OS-EXT-SRV-ATTR:hypervisor_hostname | None |

| OS-EXT-SRV-ATTR:Instance_name | Instance-00000006 |

| OS-EXT-STS:power_state | 0 |

| OS-EXT-STS:task_state | scheduling |

| OS-EXT-STS:vm_state | building |

| accessIPv4 | |

| accessIPv6 | |

| adminPass | 8T5iXc7Rndmh |

| config_drive | |

| created | 2012-10-18T09:25:51Z |

| flavor | m1.tiny |

| hostId | |

| id | be2a8410-4ad9-4bf4-bcc7-9c78b2cebba4 |

| image | Ubuntu 12.04 |

| key_name | admin |

| metadata | {} |

| name | myInstance |

| progress | 0 |

| status | BUILD |

| tenant_id | 78b695fbd89f43c988096fbbc79aa45b |

| updated | 2012-10-18T09:25:52Z |

| user_id | 0fe6ed68d1f44b4f907fa0a386a2206d |



59/265

eliat Instance *ang tela er:alan dengan $erinta

# nova list

+--------------------------------------+------------+--------+--------------------+| ID | Name | Status | Networks |

+--------------------------------------+------------+--------+--------------------+

| be2a8410-4ad9-4bf4-bcc7-9c78b2cebba4 | myInstance | ACTIVE | private=172.13.0.4 |

+--------------------------------------+------------+--------+--------------------+

&ntu% 'ereoot instance guna%an $erinta

# nova reoot e%a;"8!-"ad@-"f"-cc


60/265

D. &lavor

3lavor 'eru$a%an seua fitur di dala' #$enStac% *ang erguna untu% 'engalo%asi%an resource se$erti

8AC DC6P&SCdll %e dala' intance *ang diuat ole #$enStac%.

&ntu% 'eliat flavor *ang tersedia

# nova flavor-list

+----+-----------+-----------+------+-----------+------+-------+-------------+

| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor |

+----+-----------+-----------+------+-----------+------+-------+-------------+

| 1 | m1.tiny | 512 | 0 | 0 | | 1 | 1.0 |

| 2 | m1.small | 2048 | 10 | 20 | | 1 | 1.0 |

| 3 | m1.medium | 4096 | 10 | 40 | | 2 | 1.0 |

| 4 | m1.large | 8192 | 10 | 80 | | 4 | 1.0 || 5 | m1.xlarge | 16384 | 10 | 160 | | 8 | 1.0 |

| 6 | m2.ex | 3000 | 20 | 20 | | 2 | 1.0 |

+----+-----------+-----------+------+-----------+------+-------+-------------+

&ntu% 'engguna%ann*a %e dala' Instance *ang tela diuat le!at #$enStac% guna%an $erinta di a!a

ini

# nova oot --flavor 8 --image ";e


61/265

. /et!or,

Di dala' #$enStac%C net!or%ing diatur ole %o'$onen *ang diseut novaBnetworkC.ova et!or% ini

'engatur Instance>Instance *ang er:alan di #$enStac% untu% da$at er%o'uni%asi %e dala' siste'

itnernal dan e%sternal ai% 'engguna%an fi


62/265

&. Import Ima$e

#$enStac% 'eru$a%an $latfor' *ang o$ensource *ang 'e'uat seua siste' tida% teri%at $ada vendor

atau $latfor' tertentu.#$enStac% da$at er'igrasi dari $latfor' satu %e $latfor' *ang lain tan$a

'engala'i 'asala.

Ada$un lang%a>lang%a *ang diguna%an untu% 'eng>i'$ort virtualo@ Instance %e dala' #$enStac%

adala seagai eri%ut

on!ert "ormat !di ke dalam ra# image

&ntu% 'eng>conver for'at .vdi %edala' ra! i'age guna%an $erinta

# 4Eoxanage clonehd ?/4irtualEoxF 4s/GuntuB"/GuntuB8.vdi

./uuntu.img --format raw

!H...8!H...%!H...!H..."!H...I!H...B!H...

=lone hard disk created in format 2raw2. GGA3 Bd8a!ec-I;!;-"


63/265

Gambar 1.30 8estin imae hpervisor kvm

Selan:utn*a 'asu%%an i'age %e dala' glance agar isa diguna%an ole #$enStac% untu% 'e'uat

Instance nantin*a dengan $erinta

# glance add name)Guntu 4irtualox is_pulic)true

container_format)ovf disk_format)qcow% D uuntu.img

Gploading image 2Guntu 4irtualox2

)))))))) )))))))))))J8!!HK %.


64/265

Gambar 1.! OpenStack Dashboard



65/265

. CloudStac,

#. Mem0uat Instance?%irtual Machine

Dala' ad'inistrasi loudStac% *ang sala satu *ang ter$enting adala $e'uatan Instance;6irtual

acine.&ntu% 'e'uat 6irtual acine dari Dasoard $ili Instance #dd Instance

Gambar 1.!1 )enambah instance me(a(ui >one an sudah dibuat dan temp(ate an ada

Ke'udian $ili Rone *ang ada C $ili :uga te'$late ; iso .Dala' al ini *ang di$ili adala Template .



66/265

Gambar 1.!2 +i(ih tin inu<

Dala' =e'$late *ang tela di$ili terda$at $ilian te'$late Etin* ,inu@E . Pili e@t untu% 'elan:ut%an.

Meruvian Cloud Team


67/265

Gambar 1.!3 +i(ih tinOfferin



68/265

Ke'udian $ili tin*#ffering . Ke'udian $ili e@t untu% 'elan:ut%an.

Gambar 1.!! Disk Offerin

Ke'udian $ili s$esifi%asi ardis% *ang sesuai C $ili e@t untu% 'elan:ut%an



69/265

Gambar 1.!& +i(ih Defau(t

Pili Default untu% 'enentu%an Securit* /rou$ .



70/265

Gambar 1.!* )asukkan name dan Group untuk instance

Ke'udian 'asu%%an na'a dan grou$ instance .Pili Aaunch %M untu% 'ulai 'e'uat 6irtual

acine . i%a $roses selesai 'a%a di Dasoard Instance da$at diliat a!a instance dan 6irtual

acine tela er:alan.

Gambar 1.!, =unnin instance dan 'irtua( )achine



71/265

". Melihat Informasi Ter,ait Instance?%irtual Machine

&ntu% 'eliat infor'asi ter%ait 6irtual acine %li% $ada 6irtual acine GtestH.

Gambar 1.!/ -eteranan instance

&ntu% 'eliat %onfigurasi :aringan $ilo $ada Is .



72/265

Gambar 1.!0 -onfiurasi Earinan

C. #,ses Instance?%irtual Machine

&ntu% 'e'u%ti%an a!a %onfigurasi :aringan er:alan C$ili 6ie! onsole atau ce% dengan $ing dan

SS %e instance.

Gambar 1.& 'iew 9onso(e



73/265

Gambar 1.&1 9ek via pin dan SS7

&ntu% 'engece% via SS userna'en*a adala GrootH dan $ass!or adala Gpass!ordH .



74/265

Chapter 2

PaaS (Platform as a Service )


75/265

"#" I

Pen$enalan PaaS (Platform as a Service)

1. Pen$enalan

PaaS (Platform #s a Service) adala seua adala sala satu dari agi dan la*anan dala' loud

o'$uting.Pengguna cloud 'engguna%an la*anan dari cloud $rovider untu% 'e'nuat dan se%aligus

osting a$li%asi *ang nantin*a diguna%an seagai SaaS (Soft!are as a Services). Dengan PaaS ini

da$at di$asti%an $endistriusian a$li%asi *ang di%e'ang%an di atas cloud a%an lei 'eluas %arena

$enggunaan*a tida% tergantung $ada $latfor' tertentu %arena se'uan*a dia%ses 'elalui !e.

Gambar 2.1 Seitia 9(oud 9omputin

i%a tadi IaaS %edudu%ann*a a'$ir sa'a dengan 6PS C 'a%a PaaS %edudu%an*a a'$ir sa'a dengan

e osting. Peredaan*a dengan PaaS tida% $erlu 'eng%onfigurasi lagi environ'ent conton*a

'ena'a%an $lugin ($ada dru$al)C'eng%ore%si sendiri %esalaan $ada dataase Cdll.

Pengguna an*a cu%u$ er%onsentrasi $ada $enge'angan a$li%asi *ang a%an dide$lo* (diosting%an)

dan iasan*a PaaS Provider suda 'e'ili%i client *ang da$at diinstall di siste'.



76/265

2. PaaS Provider

Seagai sala satu %o'$onen dari loud o'$uting C PaaS tentu sa:a :uga terus di%e'ang%an.

Kean*a% PaaS Provider 'e'angun loud Server (PaaS Server) di atas IaaS se$erti dala' ga'ar

segitiga di atas.Beri%ut adala eera$a PaaS Provider conto

• 'indo!s #ure

indo!s A"ure se$erti *ang tela di:elas%an di atas 'en*edia%an loud Platfor' *ang

%o'$le% :uga 'en*edia%an PaaS dala' siste' loudn*a. indo!s A"ure :uga 'e'ili%i client

tertentu agi $engguna PaaSn*a C sala satun*a adala indo!s A"ure =ool%it .

• #'S (#maon 'e0 Service ) lastic "eanstal,

A'a"on :uga 'en*edia%an fitur PaaS *ang 'e'ung%in%an $engguna untu% 'ende$lo* a$li%asi

di A'a"on loud.Sederanan*a u$load a$li%asi dan %e'udian AS lastic Beanstal% a%an

'enangani load>alancen*aCealt 'onitoring dan auto>scalen*a.

• Lelastic

elastic adala sala satu cloud service $rovider *ang 'en*edia%an fitur free trial agi user

*ang ingin 'encoa dan untu% *ang er'inat 'enge'ang%ann* a dala' isnis. elastic

'e'ili%i navigasi dan !e interface *ang sangat user friendl*

onto PaaS Provider di atas adala *ang era*ar C ta$i terda$at loud Provider *ang :uga ersifat

#$en Source *ang :uga 'en*ear>luas%an source code uildern*a %e$ada $ulic agi sia$a$un *ang :uga ingin 'e'angun PaaS Servern*a.Beera$a diantaran*a adala



77/265

• Cloud &oundr3

loud 3oundr* (3) adala seua Platfor' as Service (PaaS)

#$ensource *ang di%e'ang%an ole 6!are dan e%er:a sa'a

dengan A$ace ,icense 2.n*a tida% $ada infrastru%tur

dan environ'ent>n*a.3 sendiri tela 'e'u%a source code dan $a%etn*a agi $engguna *ang

:uga ingin 'e'angun ; setu$ PaaS server se$erti loud3oundr*.co'.Pa%et $enting dala' al

ini adala 6AP (6!are ertificate A$$lication Platfor').

• -penShift

#$enSift 'eru$a%an la*anan cloud co'$uting PaaS

(Plaftform as a Service) dari 8ed at *ang di%e'ang%an

'engguna%an aasa $e'rogra'an 8u*. ,a*anan PaaS ini

#$enSift 'ena!ar%an $latfor' *ang 'e'antu user untu%

'ela%u%an uild dan testing a$li%asi 'ere%a di cloud dengan

'uda tan$a arus 'e'i%ir%an 'asala infrastru%tur.Seagai

seua $latfor' as a ServiceC #$enSift 'endu%ung s%alailitas ai% secara ori"ontal dengan

'ena'a instance atau secara vertical dengan 'ena'a resource. endu%ung eragai

aasa $e'roga'an se$erti PPC avaC P*tonC PerlC ode.:s dan 8u*. Selain ituC #$enSift

:uga 'endu%ung eera$a %o'$onen $endu%ung se$serti BossC oss AP(=o'cat7)C

ongoDBC *S+,C dan Postgres S+,. Dala' $enggunaanC #$enSift 'e'uda%an agi $ara

develo$er untu% $ende$lo*an A$li%asi langsung dari Develo$er =ools se$erti cli$seC aven

dan en%ins.



78/265

Se$erti aln*a di a seelu'n*a C a%an di:elas%an :uga lang%a>lang%a dala' installasi dan

%onfigurasi dari loud Provider terseut.



79/265

"#" II

Installasi -pen Source PaaS

Se$erti *ang suda di:elas%an di atas untu% terda$at 2 #$en Source PaaS *aitu Cloud &oundr3 dan

-penShift.Dala' al ini installasi dila%u%an di :aringan lo%al.

1. Cloud &oundr3

loud 3oundr* adala #$en Source PaaS *ang ditulis dala' aasa 8u*

ge's.loud 3oundr* 'e'ili%i ele'en %ernel *ang diseut 6AP.6AP

adala seua i%atan la*anan dan :uga %ernel dari loud 3oundr* seagai

%o'$onen $e'angun seua PaaS dan $endu%ung fungsionalitasn*a.Di

dala'n*a terda$at agian>agian se$erti loudontrollerC8outerCDACealt anagerCService /ate!a*CService ode dan

lain>lain.Dan %ese'uan*a saling e%er:a sa'a untu% 'e'entu% siste' PaaS.Ada eera$a 'etode

untu% 'ela%u%an setu$ loud 3oundr*

• #pt$et (50untu 12.1)

Adala 'etode $aling 'uda dala' setu$ loud 3oundr*. aitu dengan 'ena'a%an

re$ositor* loud 3oundr* *ang suda disearluas%an di tt$;;lauc$ad.net

tt$;;log.dustin%ir%land.co';2cloudfoundr*>server>$aas.t'l

• Chef

Adala 'etode re%o'endasi dari loud3oundr*.co' *ang an*a% diguna%an dala'

$enge'angan loud 3oundr*.Keleian ef *aitu siste' loud 3oundr* da$at dita'a%an

service>service lain dengan cara *ang lei 'uda.

(su'er tt$s;;gitu.co';cloudfoundr*;vca$ )


http://lauchpad.net/http://blog.dustinkirkland.com/2011/08/howto-install-cloudfoundry-server-paas.htmlhttps://github.com/cloudfoundry/vcaphttps://github.com/cloudfoundry/vcaphttp://lauchpad.net/http://blog.dustinkirkland.com/2011/08/howto-install-cloudfoundry-server-paas.htmlhttps://github.com/cloudfoundry/vcap


80/265

Den$an #pt*et

etode ini $erta'a %ali di$osting ole seseorang dari loud 3oundr* dala' logn*a

tt$;;log.dustin%ir%land.co';2cloudfoundr*>server>$aas.t'l

teta$i cara ini an*a er:alan $ada $latfor' &untu 12.1< (#ne Iric).

#. 6onfi$urasi +epositor3

ang $erta'a arus dila%u%an adala 'ena'a%an eera$a aris dala' %onfigurasi sources.list

$ada uuntu

$ sudo nano /etc/apt/sources.list

de http//ppa.launchpad.net/cloudfoundry/daily/uuntu oneiric main

de-src http//ppa.launchpad.net/cloudfoundry/daily/uuntu oneiric

main

Setela itu u$date siste' uuntu

$ sudo apt-get update

". 6onfi$urasi Bost

Ke'udian %onfigurasi siste' ost untu% 'e'uat do'ain untu% 'e'$er'uda installasi

$ sudo nano /etc/hosts



81/265

Gambar 2.2 hosts

C. Installasi dan 6onfi$urasi Pa,et Cloud &oundr3 Server

Ke'udian 'ulai install $a%et cloudfoundr*>server

$ sudo apt-get install cloudfoundry-server cloudfoundry-server-common

cloudfoundry-server-dea cloudfoundry-client

asu%%an IP Address

Gambar 2.3 )asukkan I+ Adress



82/265

asu%%an do'ain

asu%%an Pass!ord *S+, server

Gambar 2.! )asukkan password )SF

Ke'udian setting ost untu% '*sJl>server dala' cloudfoundr*>server

$ sudo nano /opt/cloudfoundry-server/vcap/services/mysql/config/mysql_ackup.yml



83/265

Gambar 2.& ms(Hbackup.m(

$ sudo nano /opt/cloudfoundry-server/vcap/services/mysql/config/mysql_node.yml

Gambar 2.* ms(Hnode.m(

8estart cloudfoundr*>server

$ sudo service cloudfoundry-server restart

Gambar 2., c(oudfoundrBserver restart



84/265

&ntu% 'e'eri%sa a$a%a cloudfoundr*>server suda er:alan C a%ses cloudcontrller di

tt$;;a$i.'eruvian.cloud dan $asti%an ta'$ilann*a se$erti eri%ut

Gambar 2./ akses 9(oud ?oundr di web browser

Den$an Chef

loud 3oundr* tela 'e'u%a su'ern*a di tt$;;gitu.co';cloudfoundr*;vca$ C $ro:ect dari

cloudfoundr* da$at di do!nload via git C dan da$at di%e'ang%an lagi sesuai %einginan $enge'ang.

Instlallasi loud 3oundr* via 3 seenarn*a er:alan dengan ai% di &untu 1


85/265

Setela itu la%u%an git clone $ro:ect cloudfoundr* di gitu.co' %e lo%al

$ ash D DLcurl -s -k -E

https//raw.githu.com/cloudfoundry/vcap/master/dev_setup/in/vcap_dev_setu

pM

Biasan*a di tenga $roses ini C terda$at $eringatan false untu% 'engistall eera$a $a%et se$erti

cefClostoreclientCra%e C dll.&ntu% 'engatasi ini la%u%an installasi $a%et 'anual

$ sudo gem install chef

$ sudo gem install lostore_client

$ sudo gem install rake

$ sudo apt-get install postgresql-client-;."

Ke'udian ulangi $roses se%ali lagi

$ ash D DLcurl -s -k -E

https//raw.githu.com/cloudfoundry/vcap/master/dev_setup/in/vcap_dev_setu

pM


https://raw.github.com/cloudfoundry/vcap/master/dev_setup/bin/vcap_dev_setuphttps://raw.github.com/cloudfoundry/vcap/master/dev_setup/bin/vcap_dev_setuphttps://raw.github.com/cloudfoundry/vcap/master/dev_setup/bin/vcap_dev_setuphttps://raw.github.com/cloudfoundry/vcap/master/dev_setup/bin/vcap_dev_setuphttps://raw.github.com/cloudfoundry/vcap/master/dev_setup/bin/vcap_dev_setuphttps://raw.github.com/cloudfoundry/vcap/master/dev_setup/bin/vcap_dev_setuphttps://raw.github.com/cloudfoundry/vcap/master/dev_setup/bin/vcap_dev_setuphttps://raw.github.com/cloudfoundry/vcap/master/dev_setup/bin/vcap_dev_setup


86/265

Gambar 2.0 chef proses

Proses git clone dan co'$ile a%an 'e'a%an an*a% !a%tu saat lang%a ini dila%u%an .

i%a dala' $roses terda$at error se$erti di a!a ini

[ERROR]

[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.

[ERROR] Re-run Maven using the -X switch to enable full debug logging.

[ERROR]

[ERROR] or !ore infor!ation about the errors and "ossible solutions, "lease read the

following articles#

[ERROR] [$el" %] htt"#&&cwiki.a"ache.org&confluence&dis"la'&M()E*&Mo+oEecutionEce"tion

[ERROR]

[ERROR] (fter correcting the "roble!s, 'ou can resu!e the build with the co!!and

[ERROR] !vn goals -rf #cloudfoundr'-identit'-co!!on

/T0ERR# c"# cannot stat 1&ho!e&XXX&cloudfoundr'&vca"&uaa&uaa&target&cloudfoundr'-identit'-

uaa-2.war3# *o such file or director'---- End out"ut of 4bash4 4&t!"&chef-scri"t56%5%667-%%88-%9nv5ve-64 ----

Ran 4bash4 4&t!"&chef-scri"t56%5%667-%%88-%9nv5ve-64 returned %



87/265

a%a la%u%an $erinta eri%ut

$ wget https//repo.springsource.org/snapshot/org/cloudfoundry/

runtime/cloudfoundry-identity-uaa/ %.!.!.EGAN3-65+*6&',/cloudfoundry-

identity-uaa-%.!.!.EGAN3-%!8%!%@.8BII";-%.war

$ sudo cp cloudfoundry-identity-uaa-%.!.!.EGAN3-%!8%!%@.8BII";-%.war

?/cloudfoundry/vcap/uaa/uaa/target

Setela $roses selesai dan 'ena'$il%an out$ut se$erti di a!a ini

Gambar 2.1 chef succes

". Menalan,an Cloud &oundr3

alan%an cloudfoundr*

$ sudo ?/cloudfoundry/vcap/dev_setup/in/vcap_dev start

i%a se'ua $roses er:alan dengan ai% tan$a ada error C 'a%a a%sesla api.meruvian.cloud .


https://repo.springsource.org/snapshot/org/cloudfoundry/https://repo.springsource.org/snapshot/org/cloudfoundry/runtime/cloudfoundry-identity-uaa/https://repo.springsource.org/snapshot/org/cloudfoundry/runtime/cloudfoundry-identity-uaa/https://repo.springsource.org/snapshot/org/cloudfoundry/runtime/cloudfoundry-identity-uaa/1.0.0.BUILD-SNAPSHOT/cloudfoundry-identity-uaa-1.0.0.BUILD-20120329.165548-2.warhttps://repo.springsource.org/snapshot/org/cloudfoundry/runtime/cloudfoundry-identity-uaa/1.0.0.BUILD-SNAPSHOT/cloudfoundry-identity-uaa-1.0.0.BUILD-20120329.165548-2.warhttps://repo.springsource.org/snapshot/org/cloudfoundry/runtime/cloudfoundry-identity-uaa/1.0.0.BUILD-SNAPSHOT/cloudfoundry-identity-uaa-1.0.0.BUILD-20120329.165548-2.warhttps://repo.springsource.org/snapshot/org/cloudfoundry/runtime/cloudfoundry-identity-uaa/1.0.0.BUILD-SNAPSHOT/cloudfoundry-identity-uaa-1.0.0.BUILD-20120329.165548-2.warhttps://repo.springsource.org/snapshot/org/cloudfoundry/https://repo.springsource.org/snapshot/org/cloudfoundry/runtime/cloudfoundry-identity-uaa/https://repo.springsource.org/snapshot/org/cloudfoundry/runtime/cloudfoundry-identity-uaa/1.0.0.BUILD-SNAPSHOT/cloudfoundry-identity-uaa-1.0.0.BUILD-20120329.165548-2.warhttps://repo.springsource.org/snapshot/org/cloudfoundry/runtime/cloudfoundry-identity-uaa/1.0.0.BUILD-SNAPSHOT/cloudfoundry-identity-uaa-1.0.0.BUILD-20120329.165548-2.warhttps://repo.springsource.org/snapshot/org/cloudfoundry/runtime/cloudfoundry-identity-uaa/1.0.0.BUILD-SNAPSHOT/cloudfoundry-identity-uaa-1.0.0.BUILD-20120329.165548-2.war


88/265

Gambar 2.11 akses c(oud ?oundr dari web browser

,ang%a>lang%a di atas adala conto installasi loud 3oundr* seatas :aringan lo%al.

Seelu'n*a C $enulis tela 'enginstall eera$a server loud 3oundr* seagai PaaS C diantaran*a

adala

• #ure C dengan ala'at cloudcontroller *aitu tt$;;$aas.a"ure4:.us

• -penPaasC dengan ala'at cloudcontroller *aitu tt$;;can%illo.o$en$aas.or.id


http://paas.azure4j.us/http://chankillo.openpaas.or.id/http://chankillo.openpaas.or.id/http://paas.azure4j.us/http://chankillo.openpaas.or.id/


89/265

2. -penShift

&ntu% installasi #$enSift sendiri terda$at 2 cara

• Platform server (Centos?+BA?


90/265

Remote Ser!er %SS&'

Ke'udian install SS agar da$at erintera%si dengan ost lain dan re'ote .

# mkdir ?/.ssh

Konfigurasi $er'ission $ada dire%tori ss.

# chmod

Ke'udian generate %e*$air

# ssh-keygen

Kon"igurasi Repository

Setela itu 'eng%onfigrasi re$ositor* entos di ;etc;*u'.re$os.d;.

# vi /etc/yum.repos.d/'pen6hift-roker.repo

=a'a%an aris eri%ut

()penShi"t*in"rastructure+

name,)penShi"t In"rastructure

baseurl,https://mirror-)penShi"t-com/pub/origin.ser!er/nightly/enterprise/01.11.

12//In"rastructure/345*56/os/

enabled,1

gpgcheck,0



91/265

u$date re$ositori dengan $erinta

# yum update

7omain %78S'

Ke'udian %onfigurasi do'ain;DS C installsi $a%et DS terlei daulu

#yum install ind ind-utils

Setela instalasi selesaiC lang%a selan:utn*a adala 'e'uat do'ainC untu% 'e'uda%an dala'

$enger:aanC set na'a do'ain user 'en:adi do'ain.

#domain)meruvianyama.com

&a G'eruvian*a'a.co'H dengan na'a do'ain *ang ingin diguna%an.

Selan:utn*a atur N,e3file untu% do'ain *ang diguna%an.

keyfile)/var/named/$OdomainP.key

/una%an dnssec>%e*gen untu% 'enggenerate DSS aru untu% do'ain. ,an:ut%an dengan $erinta

di a!a ini.

#rm -vf /var/named/Q$OdomainP1

#pushd /var/named

#dnssec-keygen -a &+=-3I - I8% -n G6(R -r /dev/urandom $OdomainP

#Q(S)$Lgrep Qey Q$OdomainP1.private T cut -d 2 2 -f %M

#popd



92/265

Pasti%an user 'e'ili%i %e* untu% 'en*a'ung%an ro%er dengan BIDC guna%an $erinta rndc>

confgen

Orndcconf$en a r ?dev?urandom

Pasti%an :uga a!a %e$e'ili%anC $eri"inan dan %onte% S,I&F tela diatur dala' %e* *ang aru

#restorecon -v /etc/rndc.1 /etc/named.1

#chown -v rootnamed /etc/rndc.key#chmod -v B"! /etc/rndc.key

Buat seua file aru dengan na'a for!arders.conf dengan 'ena'a%an aris eri%ut

#nano /var/named/forwarders.conf

erisi

"or#arders 9 4-4-4-4 4-4-6-6 ;

Pasti%an se%ali lagi $eri"inan dengan $erinta di a!a ini

#restorecon -v /var/named/forwarders.conf

#chmod -v


93/265

#rm -rvh /var/named/dynamic

#mkdir -vp /var/named/dynamic

/una%an $erinta di a!a ini untu% 'e'uat dataase untu% do'ain.

# cat


94/265

#restorecon -rv /var/named

Buat :uga file named.conf di dire%tori ?etc? :

# vi DD('U /etc/named.conf

Berisi

options 9

listen.on port 2< 9 any ;

directory =/!ar/named=

dump."ile =/!ar/named/data/cache*dump-db=

statistics."ile =/!ar/named/data/named*stats-t3t=

memstatistics."ile =/!ar/named/data/named*mem*stats-t3t=

allo#.>uery 9 any ;

recursion yes

/? Path to IS 7@V key ?/

bindkeys."ile =/etc/named-iscdl!-key=

// set "or#arding to the ne3t nearest ser!er %"rom 7&P response

"or#ard only



95/265

include ="or#arders-con"=

;

logging 9

channel de"ault*debug 9

"ile =data/named-run=

se!erity dynamic

;

;

// use the de"ault rndc key

include =/etc/rndc-key=

controls 9

inet 1A-0-0-1 port B2<

allo# 9 1A-0-0-1 ; keys 9 =rndc.key= ;

;

include =/etc/named-r"c1B1-Cones=

include =D9domain;-key=

Cone =D9domain;= I8 9

type master

"ile =dynamic/D9domain;-db=

allo#.update 9 key D9domain; ;

;

E)F

Atur :uga $er'ission untu% named.conf

#chown -v rootnamed /etc/named.conf

#restorecon /etc/named.conf

Setela itu %onfigurasi ost $ada ?etc?resolv.conf

# vi /etc/resolv.conf



96/265

Berisi

nameser!er 1B-154--6<

Ke'udian u%a fire!all rule dan restart service na'ed

#lokkit Cservice)dns

#chkconfig named on

#service named restart

uung%an BID dengan ro%er 'engguna%an $erinta nsu$date.

# nsupdate -k $OkeyfileP

Pasti%an BID tela ter%onfigurasi dengan enar dengan 'engguna%an $erinta di a!a ini untu%

resolve ro%er ostna'e.

#dig >8%


97/265

Pasti%an :uga BID 'elan:ut%an $er'intaan %e ostna'e lainn*a.

#dig >8%


98/265

Pasti%an ro%er 'engguna%an BID lo%al instance *ang er:alan dengan 'engguna%an $erinta di

a!a ini.

#dig 'pen6hift.meruvianyama.com

Kon"igurasi 7&P dan &ostname

Ke'udian %onfigurasi DBCP dan Bostname di ?etc?dhcp?dhclienteth.conf .

# vi /etc/dhcp/dhclient-eth!.conf

&a aris eri%ut

prepend domain.name.ser!ers 1B-154--6


99/265

Ke'udian %onfigurasi ongoDB di ?etc?mon$od0.conf .

# vi /etc/mongod.conf

erisi

auth , true

small"iles , true

Ke'udian dilan:ut%an dengan 'e'u%a 3ire!all dan restart ongoDB.

# chkconfig mongod on VV service mongod restart

Kon"igurasi cti!eMH

Active+ er$eran seagai 'edia $en*a'ung %o'uni%asi antara ro%er dengan node.Install

Active+ di entos.

#yum install activemq

Konfigurasi Active+ untu% $enera$an siste'

# vi /etc/activemq/activemq.xml

Berisi

beans

3mlns,=http://###-spring"rame#ork-org/schema/beans=

3mlns:am>,=http://acti!em>-apache-org/schema/core=

3mlns:3si,=http://###-#-apache-org/schema/core http://acti!em>-apache-org/schema/core/acti!em>.core-3sd=



100/265

L.. llo#s us to use system properties as !ariables in this con"iguration "ile ..

bean class,=org-spring"rame#ork-beans-"actory-con"ig-PropertyPlaceholderon"igurer=

property name,=locations=

!alue"ile:D9acti!em>-con";/credentials-properties/!alue

/property

/bean

L..

$he broker element is used to con"igure the cti!eMH broker-

..

broker 3mlns,=http://acti!em>-apache-org/schema/core= broker8ame,=)penShi"t-meru!ianyama-com=

data7irectory,=D9acti!em>-data;=

L..

For better per"ormances use VM cursor and small memory limit-

For more in"ormationN see:

http://acti!em>-apache-org/message.cursors-html

lsoN i" your producer is =hanging=N itOs probably due to producer "lo# control-


http://acti!em>-apache-org/producer."lo#.control-html

..

destinationPolicy

policyMap

policyEntries

policyEntry topic,== producerFlo#ontrol,=true= memory@imit,=1mb=

pendingSubscriberPolicy

!mursor /

/pendingSubscriberPolicy /policyEntry

policyEntry >ueue,== producerFlo#ontrol,=true= memory@imit,=1mb=

L.. se VM cursor "or better latency




101/265

http://acti!em>-apache-org/message.cursors-html

pendingHueuePolicy

!mHueueursor/

/pendingHueuePolicy

..

/policyEntry

/policyEntries

/policyMap

/destinationPolicy

L..

$he managementonte3t is used to con"igure ho# cti!eMH is e3posed in

QMJ- y de"aultN cti!eMH uses the Mean ser!er that is started by

the QVM- For more in"ormationN see:

http://acti!em>-apache-org/jm3-html

..

managementonte3t

managementonte3t createonnector,="alse=/

/managementonte3t

L..

on"igure message persistence "or the broker- $he de"ault persistence

mechanism is the Kaha7 store %identi"ied by the kaha7 tag'-


http://acti!em>-apache-org/persistence-html

..

persistencedapter

kaha7 directory,=D9acti!em>-data;/kahadb=/

/persistencedapter

L.. add users "or Mollecti!e .. plugins

statisticsrokerPlugin/

simpleuthenticationPlugin

users

authenticationser username,=Mollecti!e= pass#ord,=meru!ian= groups,=Mollecti!eNe!eryone=/



102/265

authenticationser username,=admin= pass#ord,=meru!ian= groups,=Mollecti!eNadminNe!eryone=/

/users

/simpleuthenticationPlugin

authoriCationPlugin

map

authoriCationMap

authoriCationEntries

authoriCationEntry >ueue,== #rite,=admins= read,=admins= admin,=admins= /

authoriCationEntry topic,== #rite,=admins= read,=admins= admin,=admins= /

authoriCationEntry topic,=Mollecti!e-= #rite,=Mollecti!e= read,=Mollecti!e=

admin,=Mollecti!e= /

authoriCationEntry >ueue,=Mollecti!e-= #rite,=Mollecti!e= read,=Mollecti!e=

admin,=Mollecti!e= /

authoriCationEntry topic,=cti!eMH-d!isory-= read,=e!eryone= #rite,=e!eryone=

admin,=e!eryone=/

/authoriCationEntries

/authoriCationMap

/map

/authoriCationPlugin

/plugins

L..

$he systemsage controls the ma3imum amount o" space the broker #ill

use be"ore slo#ing do#n producers- For more in"ormationN see:

http://acti!em>-apache-org/producer."lo#.control-html

I" using cti!eMH embedded . the "ollo#ing limits could sa"ely be used:

systemsage

systemsage

memorysage

memorysage limit,=0 mb=/

/memorysage storesage

storesage limit,=1 gb=/

/storesage

tempsage

tempsage limit,=100 mb=/



103/265


104/265

import resource,=jetty-3ml=/

/beans

L.. E87 S8IPPE$: e3ample ..

E)F

Ke'udian u%a fire!all rule dan restart Active+ .

#lokkit Cport)B8B8tcp VV chkconfig activemq on VV service activemq

restart

Dala' %onfigurasi Active+ terda$at :uga %onfigurasi :ett* *ang arus diua C dengan $erinta

# sed -i -e 2/name)authenticate/s/false/true/2 /etc/activemq/9etty.xml

# sed -i -e 2/name)port/aDproperty name)host value)8%


105/265

Selan:utn*aC ce% servis untu% 'ena'$il%an list to$ic

#curl --user adminmeruvian --silent

http//localhost;8B8/admin/xml/topics.9sp T grep -+ " topic

Kon"igurasi Mollecti!e

coleective untu% 'engo'uni%asi%an dengan ost node. &ntu% instalasin*a da$at 'engguna%an

$erinta di a!a ini.

#yum install =ollective-client

&ntu% %onfigurasi ollectiveC a$us %onten dari ?etc?MCollective?client.cf$ dan re$lace dengan

'engguna%an lang%a di a!a ini.

# vi /etc/=ollective/client.cfg

erisi

topicpre"i3 , /topic/

main*collecti!e , Mollecti!e

collecti!es , Mollecti!e

libdir , /usr/libe3ec/Mollecti!e

log"ile , /!ar/log/Mollecti!e.client-log

logle!el , debug

Plugins

securitypro!ider , psk

plugin-psk , unset

connector , stomp



106/265

plugin-stomp-host , )penShi"t-meru!ianyama-com

plugin-stomp-port , 5151<

plugin-stomp-user , Mollecti!e

plugin-stomp-pass#ord , meru!ian

&a $er'ission dengan 'engguna%an $erinta di a!a ini.

#chown rootapache /var/log/=ollective-client.log

Kon"igurasi roker

=aa$ ini ertu:uan untu% 'en*edia%an 8S= API %e tool client dari 8ails Bro%er.Install $a%et>$a%et

*ang diutu%an

#yum install 'pen6hift-origin-roker 'pen6hift-origin-roker-util ruygem-

'pen6hift-origin-auth-remote-user ruygem-'pen6hift-origin-msg-roker-

=ollective ruygem-'pen6hift-origin-dns-ind

Ke'udian %onfigurasi ro%er $ro@* serverna'e.Default value dari Serverna'e adala localost dan

da$at diganti%an dengan na'a ostna'e ro%er *ang tela diuat dala' taa$ seelu'n*a.

# sed -i -e s/6erver5ame .1$/6erver5ame 2'pen6hift.meruvianyama.com2//

etc/httpd/conf.d/!!!!!!_'pen6hift_origin_roker_proxy.conf

&a fire!all dan %onfigurasi se'ua *ang diutu%an service s*ste' agar auto>start secara oto'atis

%eti%a reoot. /una%an $erinta di a!a ini.

# chkconfig httpd on VV chkconfig network on VV chkconfig ntpd on VV

chkconfig sshd on

# lokkit Cservice)ssh VV lokkit Cservice)https VV lokkit Cservice)http



107/265

Ke'udian %onfigurasi Selinu@ dengan $erinta setool di a!a ini

# setseool -* httpd_unified)on httpd_can_network_connect)on

httpd_can_network_relay)on httpd_run_stickshift)onnamed_write_master_zones)on allow_ypind)on

Selan:utn*aC guna%an fi@files dan restorecon untu% relael se:u'la file dan dire%tori dengan %onte%s

S,inu@ *ang enar.

# fixfiles -R ruygem-passenger restore VV fixfiles -R mod_passenger

restore VV restorecon -rv /var/run VV restorecon -rv

/usr/share/ruygems/gems/passenger-1

Pasti%an :uga %onfigurasi do'ain untu% #$enSift ro%er tela ter'odifi%asi untu% 'erefle%si%an

$ilian user dari na'a do'ain. dit ;etc;#$enSift;ro%er.conf dan 'odifi%asi $engaturan

,#&DD#AI

# sed -i -e s/W=N'G3_3'+A5).1$/=N'G3_3'+A5)$OdomainP/

/etc/'pen6hift/roker.conf

Konfigurasi #$enSift agar 'e'ung%in%an $lug>in *ang diutu%an dari autenti%asiC DS dan

'essage. Plugin da$at di%onfigurasi dala' dire%tori ?etc?-penShift?plu$ins.dC la%u%an lang%a>

lang%a di a!a ini untu% 'ulai %onfigurasi.

#cd /etc/'pen6hift/plugins.d

A%tif%an re'ote>user aut $lug>in dan ollective 'essaging $lug>in dengan 'engo$i file %onfigurasi

e@a'$le.



108/265

# cp 'pen6hift-origin-auth-remote-user.conf.example 'pen6hift-origin-

auth-remote-user.conf

VV cp 'pen6hift-origin-msg-roker-=ollective.conf.example 'pen6hift-origin-msg-roker-=ollective.conf

Konfigurasi dns>ind dengan 'engi%uti $erinta di a!a ini.

O cat EE-& -penShiftori$indns0ind.conf

Pa%et dns>ind $lug>in 'e'utu%an ta'aan S,inu@ $olic* *ang di%o'$ilasi dan di install dengan

'engguna%an $erinta 'a%e dan se'odule.

# pushd /usr/share/selinux/packages/ruygem-'pen6hift-origin-dns-ind/ VV

make -f /usr/share/selinux/devel/akefile0 popd

# semodule -i /usr/share/selinux/packages/ruygem-'pen6hift-origin-dns-

ind/dhcpnamedforward.pp

Selan:utn*a untu% %onfigurasi AutenticateC %o$i %onfigurasi tt$d e@a'$le %e dala' dire%tori

# cp /var/www/'pen6hift/roker/httpd/conf.d/'pen6hift-origin-auth-remote-

user-asic.conf.sample /var/www/'pen6hift/roker/httpd/conf.d/'pen6hift-

origin-auth-remote-user.conf



109/265

Konfigurasi di atas 'engonfigurasi file tt$d untu% 'engguna%an ;etc;#$enSift;t$ass!d dari file

$ass!ord. /una%an $erinta di a!a ini untu% 'e'uat file dengan single autori"ed userC

G'eruvianH.

# htpasswd -c /etc/'pen6hift/htpasswd meruvian

,ang%a selan:utn*a adala 'enggenerate ro%er access %e* untu% diguna%an en%ins dan eera$a

la*anan lainn*a.

# openssl genrsa -out /etc/'pen6hift/server_priv.pem %!";

# openssl rsa -in /etc/'pen6hift/server_priv.pem -puout

/etc/'pen6hift/server_pu.pem

Ke'udian generate ss%e*

# ssh-keygen -t rsa - %!"; -f ?/.ssh/rsync_id_rsa

# cp ?/.ssh/rsync_id_rsa1 /etc/'pen6hift/

Setela se'ua %onfigurasi di atas selesaiC selan:utn*a 'e'uat a%un user di ongoC guna%an $erinta

eri%ut $ada sell ongoDB.

# mongo 'pen6hift_roker_dev --eval 2d.addGserL'pen6hift: meruvianM2

Pasti%an A%un G#$enSiftH dan Gad'inH tela diuat dengan 'engguna%an $erinta di a!a ini.

# echo 2d.system.users.findLM2 T mongo 'pen6hift_roker_dev



110/265

,ang%a tera%ir adala 'eng%onfigurasi undlerC 'asu% %e dala' dire%tori

;var;!!!;#$enSift;ro%erC %e'udian la%u%an $erinta di a!a ini.

#undle Clocal

&ser :uga 'e'utu%an ro%er untu% er:alan secara oto'atis setela reoot dengan 'engguna%an

$erinta di a!a ini.

#chkconfig 'pen6hift-roker on

Ke'udian :alan%an Bro%er

# service httpd start VV service 'pen6hift-roker start

Pasti%an a$li%asi er:alan dengan 'engguna%an $erinta curl.

# curl -Ik https://localhost/broker/rest/api

e%C a$a%a user 'enda$at%an 2


111/265


112/265

Karena ada eera$a $a%et *ang tida% ada $ada re$ositori di atasC ta'a%an re$ositori untu% rel

dengan 'engi%uti lang%a>lang%a di a!a ini.

#nano /etc/yum.repos.d/'pen6hift-rhelB.repo

ta'a%an aris eri%ut $ada re$o terseut.

()penShi"t*rhel5+

name,)penShi"t R&E@5

baseurl,https://mirror-)penShi"t-com/pub/)penShi"t.origin/rhel.5/345*56/

enabled,1

gpgcheck,0

,a%u%an u$date dengan 'engguna%an $erinta di a!a ini.

#yum update

78S

&ntu% %onfigurasi DS $ada node a'$ir sa'a dengan $engaturan di ro%erC uat seua variael

%e*file environ'ent $ada server ro%er dengan 'engguna%an $erinta di a!a ini.

# keyfile)/var/named/meruvianyama.com.key

%e'udian guna%an $erinta oo>register>dns $ada ro%er untu% 'endaftart%an DS dan IP $ada ro%er.

# oo-register-dns -h node -d meruvianyama.com -n 8@%.8B;.%.8< -k $OkeyfileP

dit ;etc;resolv.conf dan ta'a%an na'eserver #$enSift dengan aris di a!a ini.

# vi /etc/resolv.conf

8ameser!er 1B-154--6<



113/265

kses roker ke 8ode

di$erlu%an :uga seua access %e* untu% 'enguung%an ost ro%er dengan ost node. Pada lang%a

seelu'n*aC user tela 'e'uat %e*$air $ada ost ro%erC dan ost node 'e'utu%an enale access.

/una%an lang%a di a!a ini.

# scp root>'pen6hift.meruvianyama.com/etc/'pen6hift/rsync_id_rsa.pu

/root/.ssh/

# cat /root/.ssh/rsync_id_rsa.pu /root/.ssh/authorized_keys

# rm /root/.ssh/rsync_id_rsa.pu

7&P dan &ostname

&ntu% 'engiri' $er'intaan DS %e ost Bro%erC %onfigurasi DP $ada file ;etc;dc$;dclient>

et


114/265

&ala

&)S$8ME,node-meru!ianyama-com

/una%an :uga $erinta ostna'e untu% 'enga$li%asi%an na'a ostna'e aru %e ost node.

# hostname node.meruvianyama.com

Mollecti!e

ollective $ada node diguna%an untu% %o'uni%asi dengan ro%er ost.&ntu% instalasi da$at

'engguna%an $erinta di a!a ini.

#yum install =ollective 'pen6hift-origin-msg-node-=ollective

%onfigurasi %onten $ada ;etc;ollective;server.cfg dengan %onfigurasi di a!a ini.

# vi /etc/=ollective/server.cfg

erisi

topicpre"i3 , /topic/

main*collecti!e , Mollecti!e

collecti!es , Mollecti!e

libdir , /usr/libe3ec/Mollecti!e

log"ile , /!ar/log/Mollecti!e-log

logle!el , debug

daemoniCe , 1

direct*addressing , n

registerinter!al ,


115/265

connector , stomp

plugin-stomp-host , )penShi"t-meru!ianyama-com

plugin-stomp-port , 5151<

plugin-stomp-user , Mollecti!e

plugin-stomp-pass#ord , meru!ian

Facts

"actsource , yaml

plugin-yaml , /etc/Mollecti!e/"acts-yaml

Buat service ollective da$at er:alan secara oto'atis %eti%a reoot dengan 'engguna%an $erinta

di a!a ini.

#chkconfig =ollective on

:alan%an service ollective dengan 'engi%uti $erinta

#service =ollective start

/una%an $erinta di a!a ini untu% 'e'asti%an ost ro%er 'engenali ost node.

#mco ping



116/265

Kon"igurasi 8ode

/una%an $erinta di a!a ini untu% instalasi node.

# yum install ruygem-'pen6hift-origin-node ruygem-passenger-native'pen6hift-origin-port-proxy 'pen6hift-origin-node-util

Ke'udian Install $a%et artridge *ang erfungsi 'en:alan%an a$li%asi untu% er:alan $ada #$enSift.

onto cartridge $ada #$enSift adala *S+,C ossC PP dan lain>lain.Install se'ua $a%et

cartridge dengan 'engguna%an $erinta di a!a ini.

#yum install 'pen6hift-origin-cartridges-1

ost ode 'e'utu%an SS dae'on untu% 'ende$lo* a$li%asi *ang diangun dengan a%ses /I=.

ode ost arus 'engi:in%an %one%si ==P dan ==PS untu% 'en:alan%an a$li%asi tan$a gear $ada

node.

Konfigurasi fire!all dan atur siste' *ang diutu%an untu% 'en:alan%an secara oto'atis %eti%a reoot.

# lokkit --service)ssh

# lokkit --service)https

# lokkit --service)http

# chkconfig httpd on

# chkconfig network on

# chkconfig sshd on

Setela itu %onfigurasi PA dengan 'engguna%an $erinta di a!a ini.

# sed -i -e 2sTpam_selinuxTpam_'pen6hiftTg2 /etc/pam.d/sshd

# for f in runuser runuser-l sshd su system-auth-ac



117/265

Selan:utn*a adala %onfigurasi cgrou$sC cgrou$s 'engguna%an 2 la*anan *ang %eduan*a arus

er:alan dari $enaanan cgrou$s *ang a%an dierla%u%an.

I%uti lang%a di a!a ini untu% 'eng%onfigurasi cgrou$s.

# cp -f /usr/share/doc/1/cgconfig.conf /etc/cgconfig.conf

# restorecon -v /etc/cgconfig.conf

# mkdir /cgroup

# restorecon -v /cgroup

# chkconfig cgconfig on

# chkconfig cgred on

# chkconfig 'pen6hift-cgroups on

# service cgconfig restart

# service cgred restart

# service 'pen6hift-cgroups start

Pasti%an cgrou$s er:alan dengan 'e'asti%an $ada dire%tori ;cgrou$s erisi files sus*ste' *aitu cpu4

cpuacct4 memor34 freeer4 devices dan netcls .

Selan:utn*a adala %onfigurasi sellinu@ dengan 'engi%uti $erinta eri%ut

# setseool -* httpd_unified)on httpd_can_network_connect)on

httpd_can_network_relay)on httpd_read_user_content)on

httpd_enale_homedirs)on httpd_run_stickshift)on

allow_polyinstantiation)on



118/265

&a $engaturan %onte% S,inu@ dengan lang%a>lang%a di a!a ini.

# fixfiles -R ruygem-passenger restore VV fixfiles -R mod_passenger

restore

# restorecon -rv /var/run VV restorecon -rv

/usr/share/ruygems/gems/passenger-1

# restorecon -rv /usr/sin/=ollectived /var/log/=ollective.log

/var/run/=ollectived.pid

# restorecon -rv /var/li/'pen6hift /etc/'pen6hift/node.conf

/etc/httpd/conf.d/'pen6hift

,ang%a selan:utn*a adala %onfigurasi $engaturan s*sctlC ua aris eri%ut $ada ?etc?s3sctl.conf.

# vi /etc/sysctl.conf

kernel-sem , 20 trac%ing dengan aris eri%ut

net-net"ilter-n"*conntrack*ma3 , 10642A5

8eload %onfigurasi s*sctl.conf dengan a%tif%an %onfigurasi *ang aru dengan 'engguna%an $erinta

#sysctl -p /etc/sysctl.conf

Ke'udian ua %onfigurasi SSD dengan 'engedit ;etc;ss;ssdconfig dan ta'a%an aris di

a!a ini.


8/18/2

cloud matrix book

Documents