##############################
Virtual Machines and Openstack
##############################

A virtual machine in openstack consists of an **instance** which is based on an
**image** and attached to a **volume**, living in a **tenant**. All ACM virtual
machines run through openstack live in the admin tenant and can be administered
from gomes through command line tools.

.. todo finish the intro lol

VM Configuration
================

The gotchas discussed in the :ref:`openstack user docs <os-basics>` are, of
course, still preseent.

RADOS Block Devices via virtio
------------------------------

Apparently the default ``virtio-block`` parameters result in some
inefficiencies when backed with rbds; the former assumes 512KiB IOs as the
largest while the latter prefers IOs which match the object size, which
defaults to 4MiB. Fortunately, there is an easy way to automate fixing this
on Linux using udev.
In something like ``/etc/udev/rules.d/99-virtio-rbd-io-size.rules``, place
the following line::

    KERNEL=="vd*[!0-9]", RUN+="/bin/sh -c 'echo 4096 > /sys%p/queue/max_sectors_kb'"

You can force this to happen on an existing VM without rebooting by running,
for example::

    udevadm trigger -s block

AFS on an OpenStack VM
----------------------

Since our VMs are (usually) not backed by compute-node-local storage,
there's not a great deal of utility (I think) in providing an AFS disk
cache.

* Adjust ``/etc/openafs/afs.conf`` to have ``OPTIONS="${VERBOSE} -memcache"``
  rather than ``OPTIONS=AUTOMATIC`` (or just add ``-memcache`` if you have
  something else)

* Adjust ``/etc/openafs/cacheinfo`` to have a moderate cache size
  (you still need to name the directory, but that's OK, it won't be used)

* If you're making this change live on a machine, free up the space used
  by the old cache files ::

    /etc/init.d/openafs-client stop
    rm -rf /var/cache/openafs/*
    /etc/init.d/openafs-client start

Maintenance Tasks
=================

Getting a shell on a VM with no floating IP
-------------------------------------------

Log in to gomes.
Identify the correct network namespace by running a variant on ::

    for i in `ip netns list`; do echo $i; 
      sudo ip netns exec $i ip addr show | grep 192.168.128;
    done

(There will probably be two; either one should work.)

Then ::

    sudo ip netns exec ${THAT_NAMESPACE} ssh -i $HOME/.ssh/id_rsa -v ${VM_USER}@${VM_IP_ADDRESS}

should get you a shell on that machine. Isn't this exciting?