|
|
Line 20: |
Line 20: |
| When you log in, the OpenStack dashboard shows an overview of your resources. | | When you log in, the OpenStack dashboard shows an overview of your resources. |
|
| |
|
| ==SSH key pair== <!--T:2-->
| | To create a VM see the instructions for creating a [[Creating a Linux VM|Linux]] or [[Creating a Windows VM| Windows]] VM. |
| | |
| <!--T:32-->
| |
| When you start a virtual machine (also often referred to as an ''instance'' or a ''VM''), there is no password for an admin or a root account on the virtual machine. This is for security reasons, so that no one can log in with a password (you wouldn't want a hacker to be able to access the brand new virtual machine you just started using some default password...).
| |
| | |
| <!--T:33-->
| |
| OpenStack creates your VM with one SSH public key installed and you can only log in using this SSH key pair. The SSH public key can either come from a key pair which you have already created on some other machine, or can be created by OpenStack. If you are using an existing key pair from a remote machine, you will need to import the SSH public key into OpenStack so that it can be injected into the newly created VM. Alternatively, OpenStack can create a key pair for you with the private key downloaded to your local machine. In order to manage your key pairs, click on ''Access & Security'' from the left menu, then on the ''Key Pairs'' tab. From here you will have the option of importing an existing key pair, or creating a new key pair.
| |
| | |
| ===Importing an existing key pair=== <!--T:3-->
| |
| [[File:Import-Key-Pair-Form.png|400px|thumb| Import key pair (Click for larger image)]]
| |
| #Click [[File:Import-Key-Pair-Button.png]]; the ''Import Key Pair'' window is displayed.
| |
| #Name your key pair.
| |
| #Paste your public key.
| |
| #Click on the ''Import Key Pair'' button.
| |
| | |
| ===Creating a new key pair=== <!--T:4-->
| |
| [[File:Create-Key-Pair-Form.png|400px|thumb| Create key pair (Click for larger image)]]
| |
| #Click on [[File:Create-Key-Pair-Button.png]]; the ''Create Key Pair'' window is displayed.
| |
| #Name your key pair.
| |
| #Click on the ''Create Key Pair'' button.
| |
| #Save the ''<key name>.pem'' on your disk.
| |
| | |
| <!--T:5-->
| |
| {{Box |
| |
| ;UNIX: On your local machine (not the VM), you will need to change key permissions with the <code>chmod 400 <key name>.pem</code> command in order to connect with this key.
| |
| ;WINDOWS: To use the key downloaded from OpenStack with PuTTY or MobaXterm to connect to the VM, you need to convert it to a format compatible with that software (see [[Generating SSH keys in Windows#Converting an OpenStack Key]].)}}
| |
| | |
| ==Launching a VM== <!--T:6-->
| |
| [[File:Launch-Instance-Form.png|400px|thumb| Launch Instance (Click for larger image)]]
| |
| To create a virtual machine, click on the ''Instances'' menu item on the left, then click on [[File:Launch-Instance-Button.png]] | |
| | |
| <!--T:7-->
| |
| A form is displayed where you define your virtual machine (if you are following along with this example, you can use the same values).
| |
| *''Details'' tab
| |
| **''Availability Zone'': There is only one zone; do not change its name.
| |
| **''Instance Name'': Enter a name for your virtual machine. [https://en.wikipedia.org/wiki/Hostname#Restrictions_on_valid_host_names Rules] for valid host names apply.
| |
| **''Flavor'': The flavor defines virtual machine hardware specifications. For a first attempt, pick either 'c1-3.75gb-36' flavor on east-cloud or 'c1-7.5gb-30' flavor on west-cloud. For more details, see [[Virtual machine flavors]].
| |
| **''Instance Count'': Number of virtual machines to create.
| |
| **''Instance Boot Source'': What source should be used to boot the VM. <p>''Boot from image'' indicates that you wish to boot from an already created image. Another common option is ''Boot from volume'' which allows one to boot from an existing volume which is commonly done with "p" flavors.</p>
| |
| **''Image Name'': name of the image to boot from, e.g. ''CentOS-7-x86-64-GenericCloud-1503''.
| |
| **''Project Limits'': The green bars reflect the fraction of your available resources that will be consumed by the VM you are about to launch. If the bars become red, the flavor chosen will consume more resources than your project has available. Blue bars indicate any existing resources your project may be using.
| |
| *''Access & Security'' tab
| |
| **''Key Pair'': Select your SSH key pair.<p>If you have only one, it is selected by default. If you do not have a key pair, please see [[#SSH key pair | above]].</p>
| |
| :*''Security Groups'': ensure that the ''default'' security group is checked.
| |
| *''Networking'' tab: Do not change this now. <p>Networking will be discussed later, after you have launched a virtual machine.</p>
| |
| *''Post-Creation'' tab: Do not change this now. <p>This is where you would paste a cloud-init script which can do things such as install and configure software, add users, and additional SSH keys (see [[OpenStack#Accessing a VM with Multiple Users|accessing a VM with multiple users]]) in an automated step after the VM is created. See [http://cloudinit.readthedocs.org/en/latest/index.html# cloudinit] for more details about cloud-init.</p>
| |
| *''Advanced Options'' tab: Leave ''Disk Partition'' on ''Automatic'' for now.
| |
| | |
| <!--T:8-->
| |
| Once you have reviewed all the tabs and defined your virtual machine, click on the ''Launch'' button and your virtual machine will be created.
| |
| The ''Instances'' list will be displayed and the ''Task'' field will show the current task for the VM; it will likely be ''spawning'' initially. Once the VM has spawned it will have the ''Power State'' of ''Running''. It may take a few minutes for your virtual machine to start, depending on a variety of factors.
| |
| | |
| <!--T:9-->
| |
| Note: When creating a persistent service, we recommend that you boot your virtual machine from a volume; see [[Persistent Services In The Cloud]].
| |
| | |
| ==Network== <!--T:10-->
| |
| [[File:Manage-Floating-IP-Associations-Form.png|400px|thumb| Manage Floating IP (Click for larger image)]]
| |
| [[File:Add-Rule-Form.png|400px|thumb| Add Rule (Click for larger image)]]
| |
| On the ''Instances'' page is a list VMs with their IP address(es) displayed in the ''IP Address'' column. Each VM will have at least one private IP address, but some may also have a second public IP assigned to it.
| |
| | |
| ===Private IP=== <!--T:11-->
| |
| When your OpenStack project is created a local network is also created for you. This local network is used to connect VMs within that project allowing them to communicate with each other and the outside world. Their private IP address does not allow the outside world to reference that VM. Any VM created in your project will have a private IP address assigned to it from this network of the form <code>192.168.X.Y</code>.
| |
| | |
| ===Public IP=== <!--T:12-->
| |
| Public IPs allow outside services and tools to initiate contact with your VM, such as allowing you to connecting to it to perform administrative tasks or serve up web content. Public IPs can also be pointed to by domain names.
| |
| | |
| To assign a public IP to a VM, you need to select ''Associate Floating IP'' from the drop-down menu button (indicated by ▼) of the ''Actions'' column in the ''Instances'' list. If this is your first time associating a floating IP, your project hasn't been assigned an external IP address yet. You need to click on the “+” sign to bring up the ''Allocate Floating IP'' dialog box. There is only one pool of public addresses, so the correct pool will already be selected; click on the ''Allocate IP'' button.
| |
| The ''Manage Floating IP Associations'' screen is displayed again, indicating the IP address and the port (or VM) to which it will be associated (or more specifically [https://en.wikipedia.org/wiki/Network_address_translation NATted]); click on the ''Associate'' button.
| |
| | |
| ===Firewall, add rules to allow SSH=== <!--T:14-->
| |
| To connect to your virtual machine via SSH, you will need to allow access for SSH to your VM.
| |
| | |
| <!--T:15-->
| |
| #On the ''Security Groups'' tab, select ''Access & Security''; on the default row, click [[File:Manage-Rules-Button.png]]
| |
| #On the next screen, click [[File:Add-Rule-Button.png]]
| |
| #SSH has a predefined rule. Select it in the '' Rules'' dropdown menu and leave ''CIDR' under ''Remote''.
| |
| #It is a good security practice to replace the <code>0.0.0.0/0</code> in the CIDR text box with <code><your-ip>/32</code>. <p>If you don't know your current IP address you can see it by going to [http://ipv4.icanhazip.com ipv4.icanhazip.com] in your browser.</p><p>Leaving the <code>0.0.0.0/0</code> will allow anyone to attempt a connection with your VM via SSH. The suggested replacement will restrict SSH access to your VM only from this IP. If you want to allow SSH access from other IPs you can add additional SSH rules with different IP address or you can specify a range of IP addresses by using [https://www.ipaddressguide.com/cidr this tool] to calculate your CIDR rule from a range of IP addresses.</p>
| |
| #Finally, click the ''Add'' button.
| |
| | |
| ==Connecting to your VM with SSH== <!--T:21-->
| |
| If you created a key pair on the first step, you will need to know where it is.
| |
| | |
| ===Connecting from a Linux machine=== <!--T:22-->
| |
| {{Command| ssh -i /path/where/your/key/is/my_key.key username@<public IP of your server>}}
| |
| Most common Linux distributions have standardized on the name of the distro as the username. To connect to the provided CentOS images, you would use:
| |
| {{Command|ssh -i /path/where/your/key/is/my_key.key centos@<public IP of your server>}}
| |
| where <code><public IP of your server></code> is the public IP you set in the [[#Public IP | previous step]]. The username for Ubuntu instances is ''ubuntu'', and Debian instances have the ''debian'' username. By default the preconfigured cloud username will have full sudo privileges. The root account is normally disabled.
| |
| | |
| <!--T:23-->
| |
| You are now connected to your virtual machine.
| |
| | |
| === Connecting from a Windows machine=== <!--T:24-->
| |
| See [[Connecting with PuTTY]] or [[Connecting with MobaXTerm]].
| |
| | |
| =Where to go from here= <!--T:25-->
| |
| * learn about using the [[Linux_introduction|Linux command line]] in your VM
| |
| * learn about [[security considerations when running a VM]]
| |
| * [[Configuring a data or web server]]
| |
| * use an [[OpenStack VM Setups|available pre-made cloud configuration]]
| |
| * learn more about working with [[OpenStack]]
| |
| * [[automating VM creation]]
| |
| * [[backing up your VM]]
| |
| * For questions about the Compute Canada cloud service send an e-mail to [mailto:cloud@computecanada.ca cloud@computecanada.ca]
| |
|
| |
|
| <!--T:35--> | | <!--T:35--> |
| [[Category:CC-Cloud]] | | [[Category:CC-Cloud]] |
| </translate> | | </translate> |