Josef Němec · ffe2d3f2 · 2a8bdf3e · ffe2d3f2
--- a/topics/compute/openstack/docs/getting-started/creating-first-infrastructure.md

+ 154

− 82

View file @ 2a8bdf3e

Open in Web IDE
+++ b/topics/compute/openstack/docs/getting-started/creating-first-infrastructure.md

+ 154

− 82

View file @ 2a8bdf3e

Open in Web IDE
 @@ -18,6 +18,7 @@ Prerequisites:
 @@ -18,6 +18,7 @@ Prerequisites:
 * Up-to-date web browser
 * Active account in [MetaCentrum](https://metavo.metacentrum.cz/en/application/index.html)
 * Basic knowledge of SSH (for remote connections)
+* [API key and CLI client](../how-to-guides/obtaining-api-key.md) (needed only if You want to use CLI)
 ## Sign In
 @@ -54,6 +55,8 @@ __5.__ Wait to be redirected back to our dashboard.
 @@ -54,6 +55,8 @@ __5.__ Wait to be redirected back to our dashboard.
 All virtual machine instances running in the cloud have to be accessed remotely. The most common way of accessing
 an instance remotely is SSH. Using SSH requires a pair of keys - a public key and a private key.
+=== "GUI"
    __1.__ Navigate to **Project &gt; Compute &gt; Key Pairs** and click the **Create Key Pair** button.
    !!! example
 @@ -76,6 +79,20 @@ chmod 644 .ssh/id_rsa.pub
 @@ -76,6 +79,20 @@ chmod 644 .ssh/id_rsa.pub
    chmod 600 .ssh/id_rsa
    ```
+=== "CLI"
+    You can use the **ssh-keygen** command to create a new private key:
+    ```
+    ssh-keygen -b 4096
+    ```
+    You will be asked to specify the output file and passphrase for your key.
+    Assuming your ssh public key is stored in `~/.ssh/id_rsa.pub`:
+    ```
+    openstack keypair create --public-key ~/.ssh/id_rsa.pub my-key1
+    ```
 ## Update Security Group
 In MetaCentrum Cloud, all incoming traffic from external networks to virtual machine instances is blocked by default.
 @@ -85,6 +102,8 @@ You need to add at least one new rule to be able to connect to your new instance
 @@ -85,6 +102,8 @@ You need to add at least one new rule to be able to connect to your new instance
 This is similar to setting up firewall rules on your router or server. If set up correctly, you will be able to access
 your virtual machine via SSH from your local terminal.
+=== "GUI"
    __1.__ Go to **Project &gt; Network &gt; Security Groups**. Click on **Manage Rules**, for the **default** security group.
    !!! example
 @@ -108,8 +127,27 @@ __2.__ Click on **Add rule**, choose **SSH**, and leave the remaining fields unc
 @@ -108,8 +127,27 @@ __2.__ Click on **Add rule**, choose **SSH**, and leave the remaining fields unc
    For details, refer to [the official documentation](https://docs.openstack.org/horizon/train/user/configure-access-and-security-for-instances.html).
+=== "CLI"
+    __1.__ Add SSH rule to the default security group:
+        ```
+        openstack security group rule create --description "Permit SSH" --remote-ip 0.0.0.0/0 --protocol tcp --dst-port 22 --ingress default
+        ```
+      Optionally, add ICMP rule (to allow ping):
+        ```
+        openstack security group rule create --description "Permit ICMP (any)" --remote-ip 0.0.0.0/0 --protocol icmp --icmp-type -1 --ingress default
+        ```
+    __2.__ Verify:
+        ```
+        openstack security group show default
+        ```
 ## Create Virtual Machine Instance
+=== "GUI"
    __1.__ In **Compute &gt; Instances**, click the **Launch Instance** button.
    !!! example
 @@ -159,7 +197,38 @@ __6.__ In **Key Pair** select the key that was created in section [Create Key Pa
 @@ -159,7 +197,38 @@ __6.__ In **Key Pair** select the key that was created in section [Create Key Pa
        ![](/compute/openstack/images/instance/instance6.png)
-__9.__ Wait until instance initialization finishes and
+=== "CLI"
+    __1.__ **Create volume**
+      Volumes are created automatically when creating an instance in GUI, but we need to create them manually in the case of CLI.
+      Create bootable volume from image (e.g. centos):
+        ```
+        openstack volume create --image "centos-7-1809-x86_64" --size 40 my_vol1
+        ```
+      To get a list of available images:
+        ```
+        openstack image list
+        ```
+    __2.__ **Create instance**
+        ```
+        openstack server create --flavor "standard.small" --volume my_vol1 \
+         --key-name my-key1 --security-group default --network 147-251-115-pers-proj-net my-server1
+        ```
+      To get a list of available flavors:
+        ```
+        openstack flavor list
+        ```
+      In case of a group project use `--network group-project-network`.
+## Associate Floating IP
+Wait until instance initialization finishes and
 [Associate Floating IP](../how-to-guides/managing-floating-ips.md).
 For group project always select the same network as used in
 [Router gateway](../how-to-guides/create-networking.md#router-creation).
 @@ -168,7 +237,10 @@ For group project always select the same network as used in
 @@ -168,7 +237,10 @@ For group project always select the same network as used in
    ![](/compute/openstack/images/tutorial/instance_associate_ip.png)
-__10.__ Login using your SSH key as selected in Key pair above
+## Login
+Login using your SSH key as selected in Key pair above
 Connect to the instance using **ssh system@floating-ip**, as described on page [Accessing instances](../how-to-guides/accessing-instances.md).