Skip to content
Snippets Groups Projects
Verified Commit 119e0819 authored by Boris Parak's avatar Boris Parak :8ball:
Browse files

Merge branch 'quickstart-update'

parents d271526f 355ed274
No related branches found
No related tags found
No related merge requests found
Showing
with 233 additions and 23 deletions
0-quickstart/Create Key Pair.png

85.9 KiB

0-quickstart/CreateKeyPair2.png

113 KiB

0-quickstart/CreateKeyPair3.png

95.7 KiB

# Quickstart # Quickstart
Quickstart aims on users, which want to spin virtual machine in cloud as fast an possible.
Quickstart aims on users, which want to spin virtual machine in cloud as fast an possible.
To create and gain acces to virtual machine you need to: To create and gain acces to virtual machine you need to:
* Login to MetaCloud * Login to MetaCloud
* Upload/create ssh keys * Upload/create ssh keys
* Start the virtual machine * Start the virtual machine
* Login to instance * Login to instance
## Login to MetaCloud ## 1. Login to MetaCloud
One of the access options is the web interface that is available at https://cloud.muni.cz. We recommend using the English version of the interface. The Czech translation of individual terms is not yet sufficiently experienced and their use may complicate communication with technical support.
1. One of the access options is the web interface that is available at [https://cloud.muni.cz](https://cloud.muni.cz). We recommend using the English version of the interface. The Czech translation of individual terms is not yet sufficiently experienced and their use may complicate communication with technical support. Use the following credentials to log in:
2. **Domain -** UCN
3. **User Name -** UČO[^1]@ucn.muni.cz
4. **Password -** your secondary password.
> Please note that you need to access OpenStack from within the internal university network. You can either use the two available networks - [eduroam and MUNI](https://it.muni.cz/en/services/wireless-wi-fi-connection "How to connect to Masaryk University network") or setup a [VPN access](https://it.muni.cz/en/services/vpn "How to setup a VPN access.").
>
> **TODO** add login info and screenshots
## 2. Import/create SSH keys
To create a first instance accessible from the network you typically need to go through a few one-time steps that are not required later on. The first step is to create/import SSH keys.
1. To create a new SSH key, go to **Project > Compute > Key Pairs** and click the button "Create Key Pair"
{% reveal text="Click here to show a screenshot" %}
![](/0-quickstart/Create Key Pair.png)
{% endreveal %}
2. Name your new key and hit "Create Key Pair" again. Try to avoid special characters if possible.
{% reveal text="Click here to show a screenshot" %}
![](/0-quickstart/CreateKeyPair2.png)
{% endreveal %}
3. You can see your newly created key pair and its fingerprint. Your browser will automatically save your key pair in your designated download location. We recommend you save it in a safe location and back it up andin case you accidentally delete it.
{% reveal text="Click here to show a screenshot" %}
![](/0-quickstart/CreateKeyPair3.png)
{% endreveal %}
## 3. Set-up Security Groups
All network traffic is blocked in OpenStack by default. You need to explicitly grant access to individual services by utilising Security Groups. This is similar to setting up firewall rules on your router or server. If setup correctly, you can access your virtual machine via SSH connection from your terminal.[^2]
1. Go to **Project > Networks > Security Groups** You can see a default security group. You can either create a new one or edit the default by hitting "Manage Rules"
{% reveal text="Click here to show a screenshot" %}
![](/0-quickstart/SecurityGroups1.png)
{% endreveal %}
2. Next you need to add two new rules to be able to connect to your new instance. Hit the button "Add rule", give it a name and choose "ALL ICMP". Leave the rest of the fields unchanged.
{% reveal text="Click here to show a screenshot" %}
![](/0-quickstart/SecurityGroups3.png)
{% endreveal %}
3. Add another rule. This time choose "SSH" and leave the remaining fields unchanged.
{% reveal text="Click here to show a screenshot" %}
![](/0-quickstart/SecurityGroups2.png)
{% endreveal %}
## 4. Start a virtual machine
1. To spin up a new virtual machine, navigate to **Project > Compute > Instances** and hit the button "Launch Instance"
2. Choose a name for your virtual machine.
3. From the drop-down menu, choose **"Image"** as a source and select an operating system that you desire to run on your instance.
4. Choose a suitable configuration of RAM/CPUS/Disk space, also known as a Flavor.
5. Add a virtual network for your instance.
6. You can leave the rest of the fields unchanged.
## 5. Assign a public IP address
To access your machine from the internet, you need to allocate a new public IP address to your project. Once the IP is allocated, you canthen assign it to a specific instance.
1. In the left menu, navigate to **Project** > **Network > Floating IPs** and hit the button "**Allocate IP To Project**".
2. Select "public-float-21" and hit the button "**Allocate IP**".
3. The last step is to assign the IP to your selected instance. Find the instance you want and hit the "Associate Floating IP" in the last section of the row titled "**Actions**".
4. Finally simply select the allocated IP and you're done.
>**TODO** add login info and screenshots ## 6. Login to a virtual machine
## Import/create SSH keys > **TODO** add steps how to login to VM
>**TODO** add images and steps how to create/import ssh keys
## Start the virtual machine [^1]: University unique identification number
>**TODO** add images and steps how to create virtual machine through quickstart GUI
## Login to virtual machine [^2]: Please note that you still need to have your SSH key present on your local machine.
>**TODO** add steps how to lohin to VM
0-quickstart/SecurityGroups1.png

146 KiB

0-quickstart/SecurityGroups2.png

204 KiB

0-quickstart/SecurityGroups3.png

202 KiB

# Networking # Network settings -MASSIVE TODO-
## Floating IP Instances in OpenStack make use of user-defined internal networks, through which they can communicate. To access your instances from an external network, you need to connect the internal and the external network via a virtual router and allocate a public \(floating\) IP address to your virtual machine.
## Security groups TODO> By logging in, you are automatically provided with a default internal network **"internal-net"** and a default virtual router that connects to the public network **"public-float-21"** with a subnet of **192.168.0.0/24.** In order to make your instance publicly accessible, you only need to assign a public IP to it.
## 1. Internal network creation
1. In the left menu navigate to **Project > Network > Networks** and hit "Create network".
2. Give your network a name and set a subnet.
3. In details add also DNS server addresses. They need to be set explicitly to **147.251.4.33** and **147.251.6.10**.
## 2. Security groups
All network traffic is blocked in OpenStack by default. You need to explicitly grant access to individual services by utilising Security Groups. This is similar to setting up firewall rules on your router or server. If setup correctly, you can access your virtual machine via SSH connection from your terminal.
## 3. Floating IPs
## 4. Router settings
1. You can connect the previously created internal network to the external net by creating a virtual router. To do so, navigate to **Project** > **Network** > **Routers** and hit **"Create router"**.
2. TODO> Here you can give your router a name and choose the "public-float-21" network and add it.
3. Click on your router and a settings window will expand. Hit **"Add Interface"**.
4. After expanding the router interface settings window, hit **"Add Interface"**.
5. Select the network you want to connect to the public network.
# Images # Snapshots
Snapshot of an instance is an exact state of a VM in the moment when the snapshot was taken. Snapshots can be done on running aas well as on turned-off instances. They are useful for example when significant system changes are needed.They provide an easy roll-back option to the state before the changes. The snapshots cannot be considered a replacement for a system back-up. The snapshots neither provide a protection from a hardware failure.
HOW TO via CLI: h[ttps://docs.openstack.org/mitaka/user-guide/cli\_use\_snapshots\_to\_migrate\_instances.html](https://docs.openstack.org/mitaka/user-guide/cli_use_snapshots_to_migrate_instances.html)
store metadata: [https://docs.openstack.org/mitaka/user-guide/cli\_config\_drive.html](https://docs.openstack.org/mitaka/user-guide/cli_config_drive.html)
## Replication
Replication is the act of continuous copying of the instance content \(more specifically \) to a separate storage. In case of hardware failure of the underlying infrastructure it is possible to spin-up your VM from this copy. This copy is not entirely identical to the original instance Although the copy is recorded periodically, there usually is a few minutes delay compared to the state of the live instance. This is an asynchronnous process.
**High Availability**– the live instance is monitored non-stp and in case of physical hardware failure is immediately spinned up on another physical server.
**Fault Tolerance**– This feature enables to run one virtual machine on multiuple physical servers. This feature is functionally close to replication and differs in the fact that it is implemented as a synchronnous process. This means that both replicas are identical all of the time. This feature brings about certain technical limitations. Please contact support in case you are interested in this feature, as some things need to be specified and negotiated.
## Public images ## Public images
## Creating images ## Creating images
## Uploading images ## Uploading images
# Command line interface # Command line interface
You can interact with OpenStack using your command line. This is the preferred option by advanced users but it is available even for beginner users. The complete functionality is accessible throug OpenStack API \([**http://developer.openstack.org/api-guide/quick-start/index.html**](http://developer.openstack.org/api-guide/quick-start/index.html)\). Remeber that OpenStack API is accessible only through the University network \(range 147.521.0.0/16\) You can also use [**VPN**](https://it.muni.cz/sluzby/vpn). Some examples of how to interact with the CLI can be found here \([**http://docs.openstack.org/user-guide/cli-cheat-sheet.html**](http://docs.openstack.org/user-guide/cli-cheat-sheet.html)\). An SDKs exists for the usual programming languages \([**http://developer.openstack.org/**](http://developer.openstack.org/)\). You can also use OpenStack Client for simple scripts written directly into the command line. Install it via:
`pip install python-openstackclient`
1. You can forward the login credentials to the client through parameters or through variable environment. You can generate a script for the environment variables through the Horizon dashboard. Navigate to **Project** > **Compute** > **API Acess **and hit the **"Download OpenStack RC File"** and select the **"OpenStack RC File \(Identity API v3\)"** option.
\(insert screenshot\)
2. And continue by setting the environment variables by running the script. \(Replace the MyProject by the actual project that you created the script in.\)
```
. pMyProject-openrc.sh
```
## Installation ## Installation
>**TODO** manual install + some docker shizz?
> **TODO** manual install + some docker shizz?
## Access to Metacloud via CLI ## Access to Metacloud via CLI
>**TODO** add token access info
> **TODO** add token access info
## Usage examples ## Usage examples
>**TODO** how to create vm, network from CLI
> **TODO** how to create vm, network from CLI
# Orchestration with Heat # Orchestration
Apart from the native web GUI and CLI you can also operate your instances and apllications running on OpenStack using an array of orchestration tools. Some of them are listed below:
## [**Heat**](https://wiki.openstack.org/wiki/Heat)
Heat is one of the OpenStack projects that enables cloud resource orchestration. A Heat template describes the infrastructure for a cloud application in a text file that is readable and writable by humans, and can be checked into version control, diffed, &c.
* Infrastructure resources that can be described include: servers, floating ips, volumes, security groups, users, etc.
* Heat also provides an autoscaling service that integrates with [Telemetry](https://wiki.openstack.org/wiki/Telemetry), so you can include a scaling group as a resource in a template.
* Templates can also specify the relationships between resources \(e.g. this volume is connected to this server\). This enables Heat to call out to the OpenStack APIs to create all of your infrastructure in the correct order to completely launch your application.
* Heat manages the whole lifecycle of the application - when you need to change your infrastructure, simply modify the template and use it to update your existing stack. Heat knows how to make the necessary changes. It will delete all of the resources when you are finished with the application, too.
* Heat primarily manages infrastructure, but the templates integrate well with software configuration management tools such as [Puppet](https://s3.amazonaws.com/cloudformation-examples/IntegratingAWSCloudFormationWithPuppet.pdf) and [Chef](http://www.full360.com/2011/02/27/integrating-aws-cloudformation-and-chef.html). The Heat team is working on providing even better integration between infrastructure and software.Its GUI is available under
To work with Heat, we recomment the following set of tutorials: [**1**](https://developer.rackspace.com/blog/openstack-orchestration-in-depth-part-1-introduction-to-heat/),[**2**](https://developer.rackspace.com/blog/openstack-orchestration-in-depth-part-2-single-instance-deployments/),[**3**](https://developer.rackspace.com/blog/openstack-orchestration-in-depth-part-3-multi-instance-deployments/),[**4**](https://developer.rackspace.com/blog/openstack-orchestration-in-depth-part-4-scaling/). Additional templates can be found here
## [**Vagrant**](https://www.vagrantup.com/)
See the [**vagrant-openstack-example**](https://gitlab.ics.muni.cz/172673/vagrant-openstack-example) for a reference including the Vagrantfile
## [**Ansible**](https://www.ansible.com/)
You can use this guide [**Create Compute Instances from OpenStack**](https://docs.ansible.com/ansible/latest/modules/os_server_module.html). This way was used for testing the MUNI OpenStack. [**Scipion Web Tools clusteru**](https://github.com/RadimPesa/scipion_on_ostack)
# How to start # How to start
>**TODO** ad some examples
> **TODO** ad some examples
GDPR
# Glossary # Glossary
TODO ##
An OpenStack service, such as Compute (nova), Object Storage (swift), or Image service (glance), that provides one or more endpoints through which users can access resources and perform operations.
## Instance
OpenStack virtual machines are called instances, mostly because they are instances of an image that is created upon request and that is configured when launched. ... In the persistent model, the instance is launched from a persistent volume on a compute node, or from a block storage volume, and not from the Image service.
## Security Group
## Project
A project (a.k.a. an account) is a group of zero or more users. In Compute, a project owns virtual machines. In Object Storage, a project owns containers. Users can be associated with more than one project. Each project and user pairing can have a role associated with it.
## Role
Roles define which actions users can perform. You assign roles to user-project pairs.
# MetaCloud Documentation # Welcome to MetaCloud Documentation
Cloud infrastructure provides an environment for running your own virtual servers or whole virtual environments as a service. This infrastructure is available to anyone wishing to run an arbitrary \*service*\, containerized application environments, virtualized client operation systems or running complex computing infrastructure. The service runs on OpenStack (version Rocky).
## Credits
The service is owned and operated by a joint venture of the Institute of Computer Science of Masaryk University and Cesnet, the national e-infrastructure operator.
![](/logos.png)
## How to use this guide
This guide aims to provide basic walkthrough to how to set up your virtual environment. Several topics are covered. If you are a complete beginner we recommend starting with the Quickstart which will walk you through all the necessary activities step by step. Use the left sidebar for navigation throughout the documentation. You can also download individual pages to PDF for print or later use.
Bear in mind that this is not the complete documentation to OpenStack but rather a quick guide that is supposed to help you with elementary setup. If you need more information, please turn to the official OpenStack [documentation](
https://docs.openstack.org/rocky/)
## Terms and Conditions
The service is provided for free to Masaryk University employees and workgroups. The service includes creation of a virtual server on the OpenStack platform. The service does NOT include installation and management of an operation system or server applications. You may contact the service desk which will help you find a qualified administrator for your endeavour, if your skills are limited.
...@@ -10,3 +10,5 @@ ...@@ -10,3 +10,5 @@
* [CLI](6-cli/README.md) * [CLI](6-cli/README.md)
* [Orchestration](7-heat/README.md) * [Orchestration](7-heat/README.md)
* [FAQ](8-faq/README.md) * [FAQ](8-faq/README.md)
* [Privacy, GDPR and stuff](privacy-gdpr-and-stuff.md)
...@@ -4,6 +4,30 @@ ...@@ -4,6 +4,30 @@
"author": "Cloud Commando @ CESNET/ICS MU", "author": "Cloud Commando @ CESNET/ICS MU",
"language": "en", "language": "en",
"plugins": [ "plugins": [
"click-reveal" "click-reveal",
] "insert-logo-link-style",
"get-book",
"hints-istex",
"footer"
],
"pluginsConfig": {
"insert-logo-link-style": {
"src": "https://it.muni.cz/media/2107236/openstack-logo-2016.png?width=130&height=35",
"style": "background: none;",
"link": "https://cloud.gitlab-pages.ics.muni.cz/documentation"
},
"get-book": {
"url": "https://cloud.gitlab-pages.ics.muni.cz/documentation/.pdf",
"label": "Download to PDF"
},
"hints": {
"info": "fa fa-info-circle",
"success": "fa fa-check-circle",
"danger": "fa fa-exclamation-triangle",
"warning": "fa fa-exclamation-circle"
},
"layout": {
"footerPath" : "layouts/footer.html"
}
}
} }
cesnet-logo.png

3.7 KiB

logos.png 0 → 100644
logos.png

572 KiB

metacentrum-logo.png

67.2 KiB

0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment