Configuring AppFlow
The AppFlow commands do not interact directly with the OpenNebula daemon, there is a server that takes the requests and manages the service (multi-tiered application) life-cycle. This guide shows how to start AppFlow, and the different options that can be configured.
AppFlow requires:
<xterm> # gem install bundler </xterm>
<xterm> # cd /usr/lib/one/ruby/oneapps/flow # bundle install </xterm>
In order to allow AppFlow to connect to your existing OpenNebula, you need the /var/lib/one/.one/appflow_auth
file. It should be created by installation package, otherwise you can copy Sunstone credentials:
<xterm> $ cp /var/lib/one/.one/sunstone_auth /var/lib/one/.one/appflow_auth </xterm>
The OpenNebula documentation contains more information about the external components authentication.
You need to decide which OpenNebula users will be able to use AppFlow, and create an ACL Rule to allow them to create Documents.
To enable AppFlow for all users, add the rule: <xterm> $ oneacl create “* DOCUMENT/* CREATE” </xterm>
If you only want a specific group to be able to use AppFlow, execute: <xterm> $ oneacl create “@1 DOCUMENT/* CREATE” </xterm>
Read more about the ACL Rules system in the OpenNebula documentation.
To start and stop the server, use the appflow-server start/stop
command:
<xterm> $ appflow-server start appflow-server started </xterm>
:host
attribute in /etc/one/appflow-server.conf
to your server public IP, or 0.0.0.0 so appflow will listen on any interface.
Inside /var/log/one/
you will find new log files for the server, and individual ones for each service in /var/log/one/appflow/<id>.log
/var/log/one/appflow-server.error /var/log/one/appflow-server.log
The AppFlow Sunstone plugins are enabled by default. They can be enabled for everyone, or only for a list of group or users. Read more about the configuration options in the OpenNebula documentation.
To disable or filter which users can use the plugins, edit /etc/one/sunstone-plugins.yaml
, and look for the plugins apptools.appflow*
.
- user-plugins/apptools.appflow-dashboard.js: :group: :ALL: true :user: - user-plugins/apptools.appflow.templates.js: :group: :ALL: true :user: - user-plugins/apptools.appflow.services.js: :group: :ALL: true :user:
Be sure to restart Sunstone for the changes to take effect.
The AppFlow configuration file can be found at /etc/one/appflow-server.conf
. It uses YAML syntax to define the following options:
Option | Description |
---|---|
Server Configuration | |
:one_xmlrpc | OpenNebula daemon host and port |
:lcm_interval | Time in seconds between Life Cycle Manager steps |
:host | Host where AppFlow will listen |
:port | Port where AppFlow will listen |
Auth | |
:core_auth | Authentication driver to communicate with OpenNebula core cipher : for symmetric cipher encryption of tokens x509 : for x509 certificate encryption of tokens For more information, visit the OpenNebula Cloud Auth documentation |
Log | |
:debug_level | Log debug level. 0 = ERROR, 1 = WARNING, 2 = INFO, 3 = DEBUG |
This is the default file
################################################################################ # Server Configuration ################################################################################ # OpenNebula daemon contact information # :one_xmlrpc: http://localhost:2633/RPC2 # Time in seconds between Life Cycle Manager steps # :lcm_interval: 30 # Host and port where AppFlow server will run :host: 127.0.0.1 :port: 2474 ############################################################# # Auth ############################################################# # Authentication driver to communicate with OpenNebula core # - cipher, for symmetric cipher encryption of tokens # - x509, for x509 certificate encryption of tokens :core_auth: cipher ################################################################################ # Log ################################################################################ # Log debug level # 0 = ERROR, 1 = WARNING, 2 = INFO, 3 = DEBUG # :debug_level: 2