Cloud Quick Start: Difference between revisions

''Parent page: [[Cloud]]''

If you don't already have a cloud [[OpenStack#Projects|project]] see [[Cloud#Getting_a_Cloud_project|getting a cloud project]].

=Creating your first virtual machine= <!--T:26-->

Start by logging into a cloud where you have a [[OpenStack#Projects|project]] (see [[Cloud#Using_the_Cloud|using the cloud]] for a list of cloud URLs at which you can login).

#Finally, click the ''Add'' button.

'''Note''': be sure not to remove the default security rules as this will affect the ability of your VM to function properly (see [[OpenStack#Security_Groups|security groups]]).

To create a Windows VM in the Compute Canada cloud you must first request access to a Windows image by emailing [mailto:cloud@computecanada.ca cloud@computecanada.ca].

You will be provided access to a Windows Server 2012 Evaluation image and a username to use when connecting. The evaluation period is 180 days. It may be possible to apply a Windows license to a running VM created from this evaluation image. Compute Canada does not provide these licenses.

[[File:Create-Key-Pair-Form.png|400px|thumb| Create key pair (Click for larger image)]]

Windows VMs encrypt the administrative account password with a public key. The matching private key decrypts the password.  

We recommend creating a new key pair within the OpenStack dashboard rather than importing an existing key pair. To create a new key pairː  

#Click on ''Access & Security'' from the left menu.

#Save the <key name>.pem file on your local drive.

If you would like to use an existing key pair with your Windows VM see the [[Creating a Windows VM#Comments on key pairs|comments on key pairs]] below.

[[File:Windows-launch-instance.png|400px|thumb| Launch Instance (Click for larger image)]]

To create a virtual machine, click on the ''Instances'' menu item on the left, then click on [[File:Launch-Instance-Button.png]]

A form is displayed where you define your virtual machine.

* ''Details'' tab

** ''Availability Zone'': There is only one zone; do not change its name.

* ''Advanced Options'' tab: Leave ''Disk Partition'' on ''Automatic'' for now.

Once you have reviewed all the tabs and defined your virtual machine, click on the Launch button and your virtual machine will be created. The Instances list will be displayed and the Task field will show the current task for the VM; it will likely be "Block Device Mapping" initially. Once the VM has spawned and beginning to boot, it will have the Power State of "Running". It will likely take 10+ minutes to finish creating the volume and coping the image to it before beginning to boot.

[[File:Windows-VM-Settings.png|400px|thumb| Locality Settings (Click for larger image)]]

When the VM first boots it will not finish booting until location, language, and keyboard settings are selected and you agree to the license using the console built into the OpenStack dashboard.

To get to the console:

# Go to ''Instances'' on the left hand menu.

# Click on the ''Console'' tab to display the ''Instance Console'' and wait until you see a ''Settings'' screen as shown in the figure to the right.<br/>If you waited a significant amount of time the console screen may have gone into a screensaver mode (blank/black screen). If this is case, click on the blank/black screen so that it gains focus and if necessary press a key on your keyboard to wake it up.

The console mouse pointer often lags behind the actual mouse pointer location. You can either try to account for the lag or use keyboard shortcuts when the console screen has focus.

* The ''tab'' key will select different fields.

* Finally press the ''tab'' key until the ''next'' box is selected then press the ''enter'' key.

You will then be presented with a request to accept the terms and conditions of the license agreement.  

* Press the ''tab'' key until the ''I accept'' box is highlighted.  

* Press the ''enter'' key.  

At this point your VM will restart. Once it finishes restarting the ''Console'' will display a sign in screen with the current (UTC) time and date.

[[File:Manage-Floating-IP-Associations-Form.png|400px|thumb| Manage Floating IP (Click for larger image)]]

[[File:Add-Rule-Form-RDP.png|400px|thumb| Add RDP Rule (Click for larger image)]]

On the ''Instances'' page is a list VMs with their IP address(es) displayed in the ''IP Address'' column. Each VM will have at least one private IP address, but some may also have a second public IP assigned to it.

When your OpenStack project is created a local network is also created for you. This local network is used to connect VMs within that project allowing them to communicate with each other and the outside world. Their private IP address does not allow the outside world to reference that VM. Any VM created in your project will have a private IP address assigned to it from this network of the form <code>192.168.X.Y</code>.

Public IPs allow outside services and tools to initiate contact with your VM, such as allowing you to connecting to it to perform administrative tasks or serve up web content. Public IPs can also be pointed to by domain names.

To assign a public IP to a VM, you need to select ''Associate Floating IP'' from the drop-down menu button (indicated by &#x25BC;) of the ''Actions'' column in the ''Instances'' list. If this is your first time associating a floating IP, your project hasn't been assigned an external IP address yet. You need to click on the “+” sign to bring up the ''Allocate Floating IP'' dialog box. There is only one pool of public addresses, so the correct pool will already be selected; click on the ''Allocate IP'' button.

The ''Manage Floating IP Associations'' screen is displayed again, indicating the IP address and the port (or VM) to which it will be associated (or more specifically [https://en.wikipedia.org/wiki/Network_address_translation NATted]); click on the ''Associate'' button.

To connect to your virtual machine using a remote desktop connection client, you will need to allow access for remote desktop protocol (RDP) to your VM.

#On the ''Security Groups'' tab, select ''Access & Security''; on the default row, click [[File:Manage-Rules-Button.png]]

#On the next screen, click [[File:Add-Rule-Button.png]]

#Finally, click the ''Add'' button.

[[File:Retrieve-instance-password.png|400px|thumb| Retrieving Windows instance password (Click for larger image)]]

[[File:Remote-Desktop-Connection-windows.png|400px|thumb| Remote desktop client in Windows (Click for larger image)]]

[[File:Remmina-Ubuntu.png|400px|thumb| Remmina remote desktop client in Ubuntu (Click for larger image)]]

To connect to a Windows VM we will use a Remote Desktop Connection client. To connect to your Windows VM you need to supply a floating IP, user name, and password.

Open the ''Retrieve Instance Password'' form:  

# Go to ''Instances'' on the left menu.

# In the drop down menu next the instance select ''Retrieve Password''.

The password has been encrypted using the public key you selected when creating the VM. To decrypt the password:

# Click the ''Choose File'' button and browse to your private key file. <p>If you followed the steps above in the ssh key section, you should have a private key saved on your local computer with a ".pem" extension which matches the public key.</p>

# Click the ''Decrypt Password'' button at the bottom left.

Keep this form open as we will use the password in the next step. This process can be repeated later to retrieve the password again.

Many Windows systems come with the remote desktop connection tool pre-installed. Try searching for "remote desktop connection" in your Windows system search. If you can not find it, you can go to [https://www.microsoft.com/en-ca/store/p/microsoft-remote-desktop/9wzdncrfj3ps the Microsoft store] and install it. It should be a free installation.  

Once you have run the remote desktop connection tool you should see a window similar to the one displayed on the right. To connect to your Windows VM:

# Enter the public IP address next to ''Computer''.  

# Click the ''OK'' button.  

You will likely be presented with an alert ''The identity of the remote computer cannot be verified. Do you want to connect anyway?''. This is normal click ''Yes'' to continue. Once you connect you should see the desktop of your Windows VM displayed within the RDC window.

'''TODO:''' The specific certificate error is "The certificate is not from a trusted certifying authority". Is seeing this alert really normal? Do we want to register the Windows image certificate with a signing authority? Could we use letsencrypt or should we just ignore this issue?

To connect via RDP from Linux you will need a remote desktop client. There are number of different clients out there but the [https://github.com/FreeRDP/Remmina/wiki Remmina client] appears to work well when tested with Ubuntu. The previous link provides instructions for installing it in Ubuntu, Debian, Fedora and a few other Linux operating systems.  

Once you have installed and launched Remmina to connect to your Windows VM:

# Click on ''Create a new remote desktop file'' (file with a green '+' sign). <p>You should see a window similar to that shown on the right.</p>

===From a Mac client=== <!--T:43-->

'''TODO:''' Anyone with a Mac want to write up this section?

=License information= <!--T:45-->

'''TODO''': need to provide information which would be helpful for users to know what path to take to get a license. Should cover things like:

* Where to go to get a license

An example of an acceptable private key in the OpenSSH format without a passphrase:

-----BEGIN RSA PRIVATE KEY-----

  MIIEowIBAAKCAQEAvMP5ziiOw9b5XMZUphATDZdnbFPCT0TKZwOI9qRNBJmfeLfe

  -----END RSA PRIVATE KEY-----

The <code>...</code> in the middle indicates multiple lines of characters similar to those above and below it.

Below are two examples of private keys which will not work with OpenStack with Windows VMs

OpenSSH format with a passphrase:

-----BEGIN RSA PRIVATE KEY-----

  Proc-Type: 4,ENCRYPTED

  -----END RSA PRIVATE KEY-----

ssh.com format without a passphrase

---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----

  Comment: "rsa-key-20171130"

  ---- END SSH2 ENCRYPTED PRIVATE KEY ----

* learn about [[security considerations when running a VM]]

* learn about [[creating a Linux VM]]