Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Archipel: a webGUI to manage your virtualization engine

Featured Replies

What is Archipel

Some of you might know Archipel (http://archipelproject.org/).  It is a web based solution  to manage and supervise virtual machines.

 

The good thing is that it does look very good, if you see the video in the website it's really appealing. On the cons, it's quite difficult to install, but mainly, and IMHO, it's not (yet) ready for production: it certainly does look good and have potential, but it's still buggy. I contacted the developer and he confirmed the project it's not abandoned, although he's quite busy with work and can't dedicate much of his time at the moment.

 

Nevertheless, as I went through the hoops of installing, and since some members couldn't make it work, I decided to write a quick guide for those interested in checking it out and have a test of it. Maybe some day it's actually ready and we can integrate it with a headless server.

 

 

Architecture

Archipel architecture is a bit complex. It is base in XMPP for all communication. Therefore for Archipel to work you need:

  • XMPP server
  • Archipel Client: this is the actual webGUi to communicate with the hypervisor
  • Archipel Agent: installed in the hypervisor

Theoretically you should have to install all these 3 in different machines. The beauty of this guide is that it'll allow you to install all of them (XMPP server, Client and Agent) on the hypervisor

 

 

Prerequisites

CentOS 6.5 x64 minimal distro installed: it might work with other distros, but I'm certainly not an expert on linux. I'll write down a step by step guid to make this work.

 

Additional packages: wget svn mc system-config-network-tui.

  • mc (midnight commander): it's not really neccesary, you can use vi, but I like the simplicity and easy of use of it.
  • system-config-network-tui: it's a graphical wizard tool to set up a static ip. If you know your ways in CentOS you probably won't need it. I won't use it in this guide because I set up the static IP during installation.

 

Additional repos: epel and rmpforge repos.

 

 

Additional info

During installation I configured my server with:

  • FQDN: titan.home
  • Server IP: 192.168.1.141

You can modify this to your liking/needs.

 

Although you can do this from the server itself, I recommend you to SSH into the server, you can save a lot of typing!

If you follow this guide, and don't hit any walls, it should take about 30min (there are a lot of packages to download), start to end.

 

SOURCES:

http://archipelproject.org/

https://github.com/ArchipelProject/Archipel/wiki

http://marcocarcano.wordpress.com/2012/10/17/archipel/

  • Author

Installation of prerequisites and repos

 

On a fresh Centos 6.5 x64 minimal installation (I only configured during installation the FQDN, root account password and static IP):

[root@titan ~]# yum install -y wget svn mc
[root@titan ~]# yum install -y http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
[root@titan ~]# yum install -y http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
[root@titan ~]# yum install -y http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
[root@titan ~]# rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt

 

You shouldn't receive any error messages.

 

 

Installation of KVM

 

This is not an exaustive guide, just the bare minimum to get archipel working.

 

Disable SELinux:

[root@titan ~]# mcedit /etc/selinux/config

 

and edit the file adding disabled in the SELINUX variable:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted.

 

Reboot the server:

[root@titan ~]# reboot

 

Import the GPG keys for software packages:

[root@titan ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*

 

To install KVM and virtinst (a tool to create virtual machines), we run

[root@titan ~]# yum install -y kvm libvirt qemu-kvm python-virtinst virt-top 

 

Then start the libvirt daemon:

[root@titan ~]# service libvirtd start

 

To check if KVM has successfully been installed, run

[root@titan ~]# virsh -c qemu:///system list

 

It should display something like this:

[root@server1 ~]# virsh -c qemu:///system list
Id Name                 State
----------------------------------

 

Next we need to set up a network bridge on our server so that our virtual machines can be accessed from other hosts as if they were physical systems in the network.

To configure the bridge, edit the interface eth0: add BRIDGE=br0 and comment out BOOTPROTO, IPADDR, PREFIX, GATEWAY, DNS1 and DNS2. It should look something like this:

[root@titan ~]# mcedit /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
NAME="System eth0"
TYPE=Ethernet
UUID=(this field is unique for each card)
ONBOOT=yes
NM_CONTROLLED=no
#BOOTPROTO=none
HWADDR=(this field is unique for each card)
#IPADDR=192.168.1.141
#PREFIX=24
#GATEWAY=192.168.1.1
#DNS1=208.67.222.222
#DNS2=208.67.220.220
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
BRIDGE=br0

 

Now lets configure a bridge:

[root@titan ~]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-br0
[root@titan ~]# mcedit /etc/sysconfig/network-scripts/ifcfg-br0

 

Edit file so it looks like this:

DEVICE=br0
NAME="System br0"
TYPE=Bridge
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=none
IPADDR=192.168.1.141
PREFIX=24
GATEWAY=192.168.1.1
DNS1=208.67.222.222
DNS2=208.67.220.220
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no

 

and restart the network

[root@titan ~]# service network restart

 

if you run ifconfig, it should now show the network bridge:

[root@titan ~]# ifconfig
br0       Link encap:Ethernet  HWaddr 00:22:15:ED:3E:CF
          inet addr:192.168.1.141  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::222:15ff:feed:3ecf/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:37 errors:0 dropped:0 overruns:0 frame:0
          TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2908 (2.8 KiB)  TX bytes:3576 (3.4 KiB)

eth0      Link encap:Ethernet  HWaddr 00:22:15:ED:3E:CF
          inet6 addr: fe80::222:15ff:feed:3ecf/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:38625 errors:0 dropped:0 overruns:0 frame:0
          TX packets:17905 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:40239878 (38.3 MiB)  TX bytes:1444750 (1.3 MiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

virbr0    Link encap:Ethernet  HWaddr 52:54:00:7C:D0:8F
          inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

 

insert rules into iptables to allow network to use that bridge

[root@titan ~]# iptables -I FORWARD -m physdev --physdev-is-bridge -j ACCEPT
[root@titan ~]# service iptables save
[root@titan ~]# service iptables start

 

make sure netfilter is enabled for bridges:

[root@titan ~]# mcedit /etc/sysctl.conf

 

check the next lines are set to 0, if not change them to 0

net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

 

if you change any value, reboot server

 

That's it.

  • Author

Installation of XMPP Server

 

Update the system

[root@titan ~]# yum -y update

 

install the yum priorities plugin – this ensure that packages of certain repositories got precedence on packages of other repositories

[root@titan ~]# yum install -y yum-priorities

 

edit the file CentOS-Base.repo and add the line “priority = 1” to all the repos except “centosplus” and “contrib“: these one must have “priority = 2“. Enable all disabled repos:

[root@titan ~]# mcedit /etc/yum.repos.d/CentOS-Base.repo

 

edit the rpmforge.repo file adding the line “priority = 10” to all the repos except the testing ones. Add the line “priority = 30” to all the testing repos.

[root@titan ~]# mcedit /etc/yum.repos.d/rpmforge.repo

edit the epel repo and epel repo adding the line “priority = 20” to all the repos except the testing ones. Add the line “priority = 30” to all the testing repos. Enable all disabled repos:

[root@titan ~]# mcedit /etc/yum.repos.d/epel.repo
[root@titan ~]# mcedit /etc/yum.repos.d/remi.repo

 

Update the system

[root@titan ~]# yum -y update

 

We are ready to install ejabberd service: simply run

[root@titan ~]# yum install -y ejabberd

 

we must ensure that ejabberd has been packaged with mod_admin_extra. Type the next command, it must give you the path to the module files.

[root@titan ~]# rpm -ql ejabberd |grep mod_admin
/usr/lib64/ejabberd/ebin/mod_admin_extra.beam

 

Now we have to install ejabberd_xmlrpc:

[root@titan ~]# yum install -y erlang-xmerl erlang-xmlrpc erlang-tools

 

download all ejabberd modules

[root@titan ~]# cd /usr/local/src
[root@titan ~]# svn checkout http://svn.process-one.net/ejabberd-modules/

compile the ejabberd_xmlrpc module

[root@titan ~]# cd /usr/local/src/ejabberd-modules/ejabberd_xmlrpc/trunk
[root@titan ~]# ./build.sh

 

finally, copy it in the modules directory

[root@titan ~]# cp ebin/ejabberd_xmlrpc.beam /usr/lib64/ejabberd/ebin

Next is to configure the XMPP server, this is easier than it looks like. Just copy my config file replacing titan.home by your FQDN (a couple of substitutions):

[root@titan ~]# mcedit /etc/ejabberd/ejabberd.cfg

 

add your FQDN to your hosts file, add also archipel as a hostname with your domain:

[root@titan ~]# mcedit /etc/hosts
192.168.1.141 titan titan.home	archipel.home

 

start the ejabberd service:

[root@titan ~]# service ejabberd start

 

now we need to register the admin user:

[root@titan ~]# ejabberdctl register admin titan.home Your_XMPP_password
User [email protected] successfully registered

 

We are almost there, we have to add some rules to the iptables

[root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
[root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
[root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 4560 -j ACCEPT
[root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 5222 -j ACCEPT
[root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 5269 -j ACCEPT
[root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 5280 -j ACCEPT
[root@titan ~]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 5281 -j ACCEPT

 

Save and restart the iptables, and we are done, xmpp is installed, running and with access from your home network.

[root@titan ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@titan ~]# service iptables restart
iptables: Setting chains to policy ACCEPT: filter mangle na[  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]

ejabberd.cfg

  • Author

Installation of Archipel Client

 

Ok, this is an easy one:

 

Install apache web server and mod_ssl

[root@titan ~]# yum install -y mod_ssl

 

I read it's recommended to put Archipel client into a virtual host (I don't really know what this means, sorry!)

[root@titan ~]# mkdir /var/www/vhosts

 

Download Archipel client into /var/www/vhosts and extract it:

[root@titan ~]# cd /var/www/vhosts
[root@titan ~]# wget http://nightlies.archipelproject.org/latest-archipel-client.tar.gz
[root@titan ~]# tar -xvzf latest-archipel-client.tar.gz 

 

Define the virtualhost into Apache 2 configuration:

[root@titan ~]# mcedit  /etc/httpd/conf.d/archipel.conf

 

And add this (watch out here, don't mix your FQDN with your domain):

<VirtualHost 192.168.1.141:80>
    ServerName archipel.home
    ServerAlias archipel.local
    DocumentRoot /var/www/vhosts/Archipel
    ServerAdmin root@home
    CustomLog /var/log/httpd/archipel.log combined
</VirtualHost>

 

Edit your httpd.conf file, look for the ServerName variable, uncomment it and set it to 'localhost' (this is not really necessary, but avoids a warning message when starting Apache):

[root@titan ~]# mcedit /etc/httpd/conf/httpd.conf

...
ServerName localhost
...

 

Start Apache, and you are up and running!

[root@titan vhosts]# service httpd start
Starting httpd:                                            [  OK  ]

 

You can now access the webGUI from your network, just type 192.168.1.141:80 (or whatever your IP is) in any browser. Log in is also a bit tricky:

 

LzhFIqml.jpg

 

And we are in! We can't yet connect to the hypervisor, for that we need to install the Agent.

 

XAk7OLgl.jpg

 

  • Author

Installation of Archipel Agent

 

This should've been easy, but for some reason, it took me some time:

 

Archipel Agent relies on python, so you have to install some dependencies:

[root@titan ~]# yum -y install libvirt-python python-pip python-imaging python-magic gcc python-devel gcc python-devel

 

This will give a lot of warnings, but it will still work.

 

Then instal the agent:

[root@titan ~]# easy_install archipel-agent

 

and run:

[root@titan ~]# archipel-initinstall
[root@titan ~]# archipel-tagnode [email protected] --password=Your_XMPP_password --create
[root@titan ~]# archipel-rolesnode [email protected] --password=Your_XMPP_password --create
[root@titan ~]# archipel-adminaccounts [email protected] --password=Your_XMPP_password --create

 

We are there, just start the agent and enjoy!

[root@titan ~]# service archipel start
* Starting Archipel: [OK]

 

That's it, go to Archipel and to add the hypervisor, add a contact. The JID is the user@domain. Since the Agent, Client and XMPP server are all at the same machine, this is a bit redundant: -> JID: [email protected]

 

0JoWxVrl.jpg

 

sjQacHgl.jpg

 

Good luck with your testing!

 

NOTE: Although I played a bit with Archipel, I don't know much about it. The instructions in the GitHub site are alsoquite scarce. I don't even know for how long I'm going to have this installed, I'd like to test other webGUIs.

Bottom line, I don't know of how much more help I could be :-)!

  • Author

Reserved for future use

You did an amazing job putting this guide together.

 

Excellent Work!

 

  • Author

You did an amazing job putting this guide together.

 

Excellent Work!

Thanks grumpy, considering how knowledgeable you are that is indeed a great compliment!

It's a shame though archipel isn't production ready.

I'll keep looking for a solution.

 

 

Yeah, really cool...nice writeup.  8) 8)

 

You should try ProxmoxVE ... in a VM on ESXi you can't use the KVM part, but it also offers OpenVZ...try their WebUI...this is really nice.

Sadly it is not available standalone.

  • Author

Thanks Ford,

I'll try proxmox in ESXi, i tried but couldn't load it in my test machine (although I didn't put much effort to be honest :-[ l

 

Sent from my GT-I9305 using Tapatalk

 

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.