just another cloudy day….

The Eucalyptus Open Source Private Cloud

on December 14, 2011

The Eucalyptus Open Source Private Cloud

Eucalyptus is a Linux‐based open Source software architecture that Implements efficiency enhancing private and hybrid clouds within an enterprise’s existing IT Infrastructure.

Eucalyptus is an acronym for “Elastic Utility Computing Architecture for Linking Your Programs to Useful Systems”.

A Eucalyptus private cloud is deployed across an enterprise’s “on‐premise” datacenter infrastructure and is accessed by users over enterprise intranet. Thus sensitive data remains entirely secure from external intrusion behind the enterprise firewall.

Initially developed to support the high performance computing (HPC) research of Professor Rich Wolski’s research group at the University of California, Santa Barbara, Eucalyptus is engineered according to design principles that ensure compatibility with existing Linux-based data center installations. Eucalyptus can be deployed without modification on all major Linux OS distributions, including Ubuntu, RHEL, Centos, and Debian. And Ubuntu distributions now include the Eucalyptus software core as the key component of the Ubuntu Enterprise Cloud.


Eucalyptus was designed from the ground up to be easy to install and as non intrusive as possible. The software framework is highly modular, with industry standard, language‐agnostic communication. Eucalyptus is also unique by providing a virtual network overlay that both isolates network traffic of different users and allows two or more clusters to appear to belong to the same Local Area Network (LAN). The external interface to Eucalyptus can also be leveraged to become compatible with multiple public clouds (Amazon EC2, Sun Cloud, etc.).

Eucalyptus Components

Each Eucalyptus service component exposes a well-defined language agnostic API in the form of a WSDL document containing both the operations that the service can perform and the input/output data structures. Inter-service authentication is handled via standard WS-Security mechanisms. There are five high-level components, each with its own Web-service interface, that comprise a Eucalyptus installation (Fig a). A brief description of the components within the Eucalyptus system follows.


Cloud Controller (CLC) is the entry-point into the cloud for administrators, developers, project managers, and end users. The CLC is responsible for querying the node managers for information about resources, making high level scheduling decisions, and implementing them by making requests to cluster controllers. The CLC, as shown in Figure 1, is also the interface to the management platform. In essence, the CLC is responsible for exposing and managing the underlying virtualized resources (servers, network, and storage) via a well-defined industry standard API (Amazon EC2) and a Web-based user interface.


  1. Monitor the availability of resources on various components of the cloud infrastructure, including hypervisor nodes that are used to actually provision the instances and the cluster controllers that manage the hypervisor nodes
  2. Resource arbitration – Deciding which clusters will be used for provisioning the instances
  3. Monitoring the running instances

In short, CLC has a comprehensive knowledge of the availability and usage of resources in the cloud and the state of the cloud.


Cluster Controller (CC) generally executes on a cluster front-end machine, or any machine that has network connectivity to both the nodes running NCs and to the machine running the CLC. CCs gather information about a set of VMs and schedules VM execution on specific NCs. The CC also manages the virtual instance network and participates in the enforcement of SLAs as directed by the CLC. All nodes served by a single CC must be in the same broadcast domain (Ethernet).


  1. To receive requests from CLC to deploy instances
  2. To decide which NCs to use for deploying the instances on
  3. To control the virtual network available to the instances
  4. To collect information about the NCs registered with it and report it to the CLC


Node Controller (NC) is executed on every node that is designated for hosting VM instances. A UEC node is a VT enabled server capable of running KVM as the hypervisor. UEC automatically installs KVM when the user chooses to install the UEC node. The VMs running on the hypervisor and controlled by UEC are called instances. Eucalyptus supports other hypervisors like Xen apart from KVM, but Canonical has chosen KVM as the preferred hypervisor for UEC.

Node Controller runs on each node and controls the life cycle of instances running on the node. The NC interacts with the OS and the hypervisor running on the node on one side and the CC on the other side.

NC queries the Operating System running on the node to discover the node’s physical resources – the number of cores, the size of memory, the available disk space and also to learn about the state of VM instances running on the node and propagates this data up to the CC.


  1. Collection of data related to the resource availability and utilization on the Node and reporting the data to CC
  2. Instance life cycle management


Storage Controller (SC) implements block-accessed network storage (e.g. Amazon Elastic Block Storage — EBS) and is capable of interfacing with various storage systems (NFS, iSCSI, etc.). An elastic block store is a Linux block device that can be attached to a virtual machine but sends disk traffic across the locally attached network to a remote storage location. An EBS volume cannot be shared across instances but does allow a snap-shot to be created and stored in a central storage system such as Walrus, the Eucalyptus storage service.


  1. Creation of persistent EBS devices
  2. Providing the block storage over AoE or iSCSI protocol to the instances
  3. Allowing creation of snapshots of volumes.


Walrus (put/get storage) allows users to store persistent data, organized as eventually-consistent buckets and objects. It allows users to create, delete, list buckets, put, get, delete objects, and set access control policies. Walrus is interface compatible with Amazon’s S3, and supports the Amazon Machine Image (AMI) image-management interface, thus providing a mechanism for storing and accessing both the virtual machine images and user data. Using Walrus users can store persistent data, which is organized as buckets and objects. WS3 is a file level storage system, as compared to the block level storage system of Storage Controller.

For using Walrus to manage Eucalyptus VM images, you can use Amazon’s tools to store/register/delete them from Walrus. Other third party tools can also be used to interact with Walrus directly.

Third party tools for interacting with Walrus

  1. s3curl S3 Curl is a command line tool that is a wrapper around curl.
  2. s3cmd is a tool that allows command line access to storage that supports the S3 API.
  3. s3fs is a tool that allows users to access S3 buckets as local directories.


Management Platform provides an interface to various Eucalyptus services and modules. These features can include VM management, storage management, user/group management, accounting, monitoring, SLA definition and enforcement, cloud-bursting, provisioning, etc.


Euca2ools are command-line tools for interacting with Web services that export a REST/Query-based API compatible with Amazon EC2 and S3 services. The tools can be used with both Amazon’s services and with installations of the Eucalyptus open-source cloud-computing infrastructure. The tools were inspired by command-line tools distributed by Amazon (api-tools and ami-tools) and largely accept the same options and environment variables. However, these tools were implemented from scratch in Python, relying on the Boto library and M2Crypto toolkit.


  1. Query of availability zones (i.e. clusters in Eucalyptus)
  2. SSH key management (add, list, delete)
  3. VM management (start, list, stop, reboot, get console output)
  4. Security group management
  5. Volume and snapshot management (attach, list, detach, create,      bundle, delete)
  6. Image management (bundle, upload, register, list, deregister)
  7. IP address management (allocate, associate, list, release)


  • Build and manage self-service heterogeneous on-premise IaaS clouds using either existing infrastructure or dedicated compute, network and storage resources
  • Support high-availability IaaS for the most demanding cloud deployments
  • Gain precise control of private cloud resources via enterprise-ready user and group identity management along with resource quotas
  • Dynamic resource pooling with built-in elasticity allows organizations to scale up and down virtual compute, network and storage resources
  • Robust storage integration enables IT to easily connect and manage existing storage systems from within Eucalyptus clouds
  • Build hybrid clouds between on-premise Eucalyptus clouds and AWS and AWS-compatible public clouds
  • Run Eucalyptus or Amazon Machine Images as virtual cloud instances on Eucalyptus and AWS-compatible clouds
  • Leverage vibrant AWS ecosystem and management tools to manage Eucalyptus IaaS clouds



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: