Provisioning an Edge Cluster

In this section you can check all the steps needed to deploy an Edge Cluster. This involves the FireEdge OneProvision GUI and Sunstone to manage the resources created in OpenNebula.


We’ll be creating a virtual Edge Cluster with LXC hypervisor, suitable for deploying containers. If you’re planning to go all the way and to also try the deployment of VMs and K8s cluster, we recommend using a metal Edge Cluster deployment with a KVM hypervisor.

An Edge Cluster is a group of resources in OpenNebula and the corresponding resources in AWS. OpenNebula provides a specification of the cluster ready to be created.

The following resources are created in OpenNebula:

  • Cluster: one cluster containing all the resources is created with each provision. There is a one-to-one relationship between the provision and the cluster, so each provision can only have one cluster.
  • Datastore: each provision deploys two datastores, the system and the image.
  • Host: the user can deploy as many as he or she wants. They will be used to run VMs.
  • Virtual Network: for private networking there is a network template ready to be instantiated with the parameters the user needs. There is also one public network that uses the elastic drivers to pre-allocate IPs, so VMs have public connectivity.

During the provision of the cluster all these resources and their corresponding AWS objects are created with the aid of Terraform. In particular, the following AWS resources are created:

  • A virtual private cloud (VPC) to allocate the OpenNebula Hosts (AWS instances)
  • A CIDR block for the AWS instances. This CIDR block is used to assign secondary IPs to the Hosts to allocate elastic IPs.
  • An Internet Gateway to provide Internet access to the Host and VMs.
  • A routing table for the previous elements.


Take into account that FireEdge will request Elastic IPs for the public IPs you request. If you receive an error message about not being able to request more IPs when creating a provision, please check the limits of your account in your zone.

We’ll be using the FireEdge GUI in this guide, so please make sure you can log in to it using your Front-end IP and default port 2616, as well as your oneadmin credentials. If you require to log in as a user other than oneadmin, in order to use the provision interface the user must belong to the oneadmin group, otherwise the providers won’t be shown in the wizard.

Step 1: Configuring AWS & Required Information

As a first step, if you don’t already have one, create an account in AWS. You can follow this guide.

Whenever your account is ready, you need to obtain both an access_key and a secret_key of a user that has access to instances management. For this, you can follow this guide.

Next, you need to choose the region where you want to deploy the resources. All the available regions can be checked here.


To be able to connect to the instances you deploy, you’ll need SSH keys. They are installed in /var/lib/one/.ssh-oneprovision. A current limitation of the edge clusters is that currently is not possible to access the VMs through the normal Sunstone mechanisms to do so.

Step 2: Create an AWS provider

To deploy a complete edge provision with oneprovision from GUI, you first need to add a remote provider using the connection parameters above and choosing the location you wish to deploy those resources

First, to create a provider, go to provider list view:


Then, click the plus button and fill in the form. We will be using the virtual Edge Cluster type with the LXC hypervisor.




You now have a new provider.

Step 3: Provision a Virtual Edge Cluster

The user needs to provide the following inputs to create the provision:

User Input Description
Provider This is the provider you just created above.
Number of Hosts Number of physical Hosts to be deployed on AWS.
Number of IPs Number of public IPs to get from AWS in order to connect to VMs.
AWS instance type AWS instance type to deploy.
Hypervisor Hypervisor to install lxc (just for virtual servers)

Now let’s go to create a provision and follow the same steps:


Select the provider where you will deploy the provision. You will only have the one defined in the previous step.





After clicking finish, you will be able to see the provision card in the Provisions tab:


Let’s explore the log and detailed information



Your provision will be ready when you see the message “Provision successfully created” in the log, followed by the ID of the recently created provision.

Step 4: Validation

Infrastructure Validation

Once the deployment has finished, you can check that all the objects have been correctly created:

oneprovision cluster list
 ID NAME                 HOSTS      VNETS DATASTORES
100 aws-cluster              1          1          4
oneprovision host list
  1   aws-cluste   0      0 / 7200 (0%)   0K / 503.5G (0%) on
oneprovision datastore list
101 aws-cluste      - -   100           0 sys  -       ssh     on
100 aws-cluste  71.4G 90% 100           0 img  fs      ssh     o
oneprovision network list
  1 oneadmin oneadmin aws-cluster-pub 100        br0           0