Skip to content
Snippets Groups Projects
Commit d70cc03f authored by Adam Merka's avatar Adam Merka
Browse files

Merge branch master into quickstart-update

parents 9d3fc529 3449c602
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
0-quickstart/README.md
+ 14
15
View file @ d70cc03f
......@@ -12,37 +12,38 @@ To create and gain acces to virtual machine you need to:
1. One of the access options is the web interface that is available at [https://cloud.muni.cz](https://cloud.muni.cz). We recommend using the English version of the interface. The Czech translation of individual terms is not yet sufficiently experienced and their use may complicate communication with technical support. Use the following credentials to log in:
* **Domain** **-** UCN
* **User Name - **UČO[^1]@ucn.muni.cz
* **Password - **your secondary password.
> Please note that you need to access OpenStack from within the internal university network. You can either use the two available networks - [eduroam and MUNI](https://it.muni.cz/en/services/wireless-wi-fi-connection "How to connect to Masaryk University network") or setup a [VPN access](https://it.muni.cz/en/services/vpn "How to setup a VPN access.").
2. **Domain** **-** UCN
3. **User Name - **UČO[^1]@ucn.muni.cz
4. **Password - **your secondary password.
> Please note that you need to access OpenStack from within the internal university network. You can either use the two available networks - [eduroam and MUNI](https://it.muni.cz/en/services/wireless-wi-fi-connection "How to connect to Masaryk University network") or setup a [VPN access](https://it.muni.cz/en/services/vpn "How to setup a VPN access.").
>
> **TODO** add login info and screenshots
## 2. Import/create SSH keys
To create a first instance accessible from the network you typically need to go through a few one-time steps that are not required later on. The first step is to create/import SSH keys.
1. To create a new SSH key, go to **Project > Compute > Key Pairs **and clock the button "Create Key Pair"
1. To create a new SSH key, go to **Project > Compute > Key Pairs **and clock the button "Create Key Pair"
![](/0-quickstart/Create Key Pair.png)
2. Name your new key and hit "Create Key Pair" again. Try to avoid special characters if possible. ![](/0-quickstart/CreateKeyPair2.png)
3. You can see your newly created key pair and its fingerprint. Your browser will automatically save your key pair in your designated download location. We recommend you save it in a safe location and back it up andin case you accidentally delete it. ![](/0-quickstart/CreateKeyPair3.png)
3. You can see your newly created key pair and its fingerprint. Your browser will automatically save your key pair in your designated download location. We recommend you save it in a safe location and back it up andin case you accidentally delete it.
![](/0-quickstart/CreateKeyPair3.png)
## 3. Set-up Security Groups
All network traffic is blocked in OpenStack by default. You need to explicitly grant access to individual services by utilising Security Groups. This is similar to setting up firewall rules on your router or server. If setup correctly, you can access your virtual machine via SSH connection from your terminal.[^2]
1. Go to **Project > Networks > Security Groups **You can see a default security group. You can either create a new one or edit the default by hitting "Manage Rules"
1. Go to **Project > Networks > Security Groups **You can see a default security group. You can either create a new one or edit the default by hitting "Manage Rules"
![](/0-quickstart/SecurityGroups1.png)
2. Next you need to add two new rules to be able to connect to your new instance. Hit the button "Add rule", give it a name and choose "ALL ICMP". Leave the rest of the fields unchanged.
2. Next you need to add two new rules to be able to connect to your new instance. Hit the button "Add rule", give it a name and choose "ALL ICMP". Leave the rest of the fields unchanged.
![](/0-quickstart/SecurityGroups3.png)
3. Add another rule. This time choose "SSH" and leave the remaining fields unchanged.
3. Add another rule. This time choose "SSH" and leave the remaining fields unchanged.
![](/0-quickstart/SecurityGroups2.png)
## 4. Start a virtual machine
......@@ -54,13 +55,11 @@ All network traffic is blocked in OpenStack by default. You need to explicitly g
5. Add a virtual network for your instance.
6. You can leave the rest of the fields unchanged.
## 5. Assign a public IP address
To access your machine from the internet, you need to allocate a new public IP address to your project. Once the IP is allocated, you canthen assign it to a specific instance.
To access your machine from the internet, you need to allocate a new public IP address to your project. Once the IP is allocated, you canthen assign it to a specific instance.
1. In the left menu, navigate to **Project** > **Network > Floating IPs** and hit the button "**Allocate IP To Project**".
1. In the left menu, navigate to **Project** > **Network > Floating IPs** and hit the button "**Allocate IP To Project**".
2. Select "public-float-21" and hit the button "**Allocate IP**".
3. The last step is to assign the IP to your selected instance. Find the instance you want and hit the "Associate Floating IP" in the last section of the row titled "**Actions**".
4. Finally simply select the allocated IP and you're done.
......
2-networking/README.md
+ 26
3
View file @ d70cc03f
# Networking
# Network settings
Instances in OpenStack make use of user-defined internal networks, through which they can communicate. To access your instances from an external network, you need to connect the internal and the external network via a virtual router and allocate a public \(floating\) IP address to your virtual machine.
By logging in, you are automatically provided with a default internal network **"internal-net"** and a default virtual router that connects to the public network **"public-float-21" **with a subnet of **192.168.0.0/24. **In order to make your instance publicly accessible, you only need to assign a public IP to it.
## 1. Internal network creation {#vytvoreni_interni_site}
1. In the left menu navigate to **Project > Network > Networks** and hit **"Create network".**
2. Give your network a name and set a subnet. Both are optional.
3. In details add also DNS server addresses. They need to be set explicitly to **147.251.4.33** and **147.251.6.10**.
## 2. Security groups
All network traffic is blocked in OpenStack by default. You need to explicitly grant access to individual services by utilising Security Groups. This is similar to setting up firewall rules on your router or server. If setup correctly, you can access your virtual machine via SSH connection from your terminal.
## 3. Floating IPs {#nastaveni_routeru}
## 4. Router settings {#nastaveni_site}
1. You can connetct the previously created internal network to the external net by creating a virtual router. To do so, navigate to **Project** > **Network** > **Routers** and hit **"Create router"**.
2. Here you can give your router a name and choose the "public-float-21" network and add it.
3. Click on your router and a settings window will expand. Hit **"Add Interface"**.
4. After expanding the router interface settings window, hit **"Add Interface"**.
5. Select the network you want to connect to the public network.
## Floating IP
## Security groups
5-images/README.md
+ 20
1
View file @ d70cc03f
# Images
# Snapshots
Snapshot of an instance is an exact state of a VM in the moment when the snapshot was taken. Snapshots can be done on running aas well as on turned-off instances. They are useful for example when significant system changes are needed.They provide an easy roll-back option to the state before the changes. The snapshots cannot be considered a replacement for a system back-up. The snapshots neither provide a protection from a hardware failure.
HOW TO via CLI: h[ttps://docs.openstack.org/mitaka/user-guide/cli\_use\_snapshots\_to\_migrate\_instances.html](https://docs.openstack.org/mitaka/user-guide/cli_use_snapshots_to_migrate_instances.html)
store metadata: [https://docs.openstack.org/mitaka/user-guide/cli\_config\_drive.html](https://docs.openstack.org/mitaka/user-guide/cli_config_drive.html)
## Replication
Replication is the act of continuous copying of the instance content \(more specifically \) to a separate storage. In case of hardware failure of the underlying infrastructure it is possible to spin-up your VM from this copy. This copy is not entirely identical to the original instance Although the copy is recorded periodically, there usually is a few minutes delay compared to the state of the live instance. This is an asynchronnous process.
**High Availability**– the live instance is monitored non-stp and in case of physical hardware failure is immediately spinned up on another physical server.
**Fault Tolerance**– This feature enables to run one virtual machine on multiuple physical servers. This feature is functionally close to replication and differs in the fact that it is implemented as a synchronnous process. This means that both replicas are identical all of the time. This feature brings about certain technical limitations. Please contact support in case you are interested in this feature, as some things need to be specified and negotiated.
## Public images
## Creating images
## Uploading images
6-cli/README.md
+ 26
3
View file @ d70cc03f
# Command line interface
You can interact with OpenStack using your command line. This is the preferred option by advanced users but it is available even for beginner users. The complete functionality is accessible throug OpenStack API \([**http://developer.openstack.org/api-guide/quick-start/index.html**](http://developer.openstack.org/api-guide/quick-start/index.html)\). Remeber that OpenStack API is accessible only through the University network \(range 147.521.0.0/16\) You can also use [**VPN**](https://it.muni.cz/sluzby/vpn). Some examples of how to interact with the CLI can be found here \([**http://docs.openstack.org/user-guide/cli-cheat-sheet.html**](http://docs.openstack.org/user-guide/cli-cheat-sheet.html)\). An SDKs exists for the usual programming languages \([**http://developer.openstack.org/**](http://developer.openstack.org/)\). You can also use OpenStack Client for simple scripts written directly into the command line. Install it via:
`pip install python-openstackclient`
1. You can forward the login credentials to the client through parameters or through variable environment. You can generate a script for the environment variables through the Horizon dashboard. Navigate to **Project** > **Compute** > **API Acess **and hit the **"Download OpenStack RC File"** and select the **"OpenStack RC File \(Identity API v3\)"** option.
\(insert screenshot\)
2. And continue by setting the environment variables by running the script. \(Replace the MyProject by the actual project that you created the script in.\)
```
. pMyProject-openrc.sh
```
## Installation
>**TODO** manual install + some docker shizz?
> **TODO** manual install + some docker shizz?
## Access to Metacloud via CLI
>**TODO** add token access info
> **TODO** add token access info
## Usage examples
>**TODO** how to create vm, network from CLI
> **TODO** how to create vm, network from CLI
7-heat/README.md
+ 29
2
View file @ d70cc03f
# Orchestration with Heat
# Orchestration
Apart from the native web GUI and CLI you can also operate your instances and apllications running on OpenStack using an array of orchestration tools. Some of them are listed below:
## [**Heat**](https://wiki.openstack.org/wiki/Heat)
Heat is one of the OpenStack projects that enables cloud resource orchestration. A Heat template describes the infrastructure for a cloud application in a text file that is readable and writable by humans, and can be checked into version control, diffed, &c.
* Infrastructure resources that can be described include: servers, floating ips, volumes, security groups, users, etc.
* Heat also provides an autoscaling service that integrates with [Telemetry](https://wiki.openstack.org/wiki/Telemetry), so you can include a scaling group as a resource in a template.
* Templates can also specify the relationships between resources \(e.g. this volume is connected to this server\). This enables Heat to call out to the OpenStack APIs to create all of your infrastructure in the correct order to completely launch your application.
* Heat manages the whole lifecycle of the application - when you need to change your infrastructure, simply modify the template and use it to update your existing stack. Heat knows how to make the necessary changes. It will delete all of the resources when you are finished with the application, too.
* Heat primarily manages infrastructure, but the templates integrate well with software configuration management tools such as [Puppet](https://s3.amazonaws.com/cloudformation-examples/IntegratingAWSCloudFormationWithPuppet.pdf) and [Chef](http://www.full360.com/2011/02/27/integrating-aws-cloudformation-and-chef.html). The Heat team is working on providing even better integration between infrastructure and software.Its GUI is available under
To work with Heat, we recomment the following set of tutorials: [**1**](https://developer.rackspace.com/blog/openstack-orchestration-in-depth-part-1-introduction-to-heat/),[**2**](https://developer.rackspace.com/blog/openstack-orchestration-in-depth-part-2-single-instance-deployments/),[**3**](https://developer.rackspace.com/blog/openstack-orchestration-in-depth-part-3-multi-instance-deployments/),[**4**](https://developer.rackspace.com/blog/openstack-orchestration-in-depth-part-4-scaling/). Additional templates can be found here
## [**Vagrant**](https://www.vagrantup.com/)
See the [**vagrant-openstack-example**](https://gitlab.ics.muni.cz/172673/vagrant-openstack-example) for a reference including the Vagrantfile
## [**Ansible**](https://www.ansible.com/)
You can use this guide [**Using Ansible 2.0 to launch a server on OpenStack**](http://superuser.openstack.org/articles/using-ansible-2-0-to-launch-a-server-on-openstack/). This way was used for testing the MUNI OpenStack. [**Scipion Web Tools clusteru**](https://github.com/RadimPesa/scipion_on_ostack)
# How to start
>**TODO** ad some examples
> **TODO** ad some examples
9-Privacy, GDPR and stuff/README.md 0 → 100644
+ 0
0
View file @ d70cc03f
GLOSSARY.md
+ 12
1
View file @ d70cc03f
# Glossary
TODO
## Instance
OpenStack virtual machines are called instances, mostly because they are instances of an image that is created upon request and that is configured when launched. ... In the persistent model, the instance is launched from a persistent volume on a compute node, or from a block storage volume, and not from the Image service.
## Security Group
## Project
SUMMARY.md
+ 2
0
View file @ d70cc03f
......@@ -10,3 +10,5 @@
* [CLI](6-cli/README.md)
* [Orchestration](7-heat/README.md)
* [FAQ](8-faq/README.md)
* [Privacy, GDPR and stuff](privacy-gdpr-and-stuff.md)
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment