Abiquo 2.6

Skip to end of metadata
Go to start of metadata

To configure the Amazon integration in Abiquo, you will need credentials to access your Amazon Account.

Obtain Credentials for Your Amazon Account

The credentials for your Amazon account are an Access Key ID and Secret Access Key.

Only use ONE set of Amazon keys per enterprise per datacenter

Amazon will allow you to generate two sets of active keys for each account. However, in Abiquo 2.6, you can only use one set of keys to create one Abiquo machine per enterprise in each public datacenter.

New Credentials

To obtain new credentials, log in to the Amazon AWS Web Console. Go to the 'My Account / Console', and select 'Security Credentials' from your account dropdown. This will take you to the AWS Identity and Access Management (IAM) console to manage the credentials for your AWS account.

Expand 'Access Keys' and click on Create new Root Key

After you create the Access Key, you must DOWNLOAD it by clicking Download Key File. The key will be saved in a file named rootkey.csv in your downloads folder.


This is an example of the rootkey.csv file:

  1. The Access Key ID is the characters abcXXXYYabc123999aa in the above example.
  2. The Secret Access Key for your Access Key ID is the characters YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY  in the above example.

Find Existing Credentials

If you already generated the keys but did not download and keep the values, it is possible to retrieve the Secret Access Key from the legacy Security Credentials page.

Go to the legacy Security Credentials page.

Scroll down to the page to the Access Credentials section. (1) Copy an Access Key ID.  In the Secret Access Key column, click Show next to the key. (2) Copy the Secret Access Key. Store the keys in a safe place.

Configure Abiquo for Amazon

  • In Abiquo 2.6, no Abiquo license is required to use Amazon machines
  • A public datacenter requires its own Remote Services server with Internet access for Amazon API access
  • The three remote services used by Amazon are:
    • Virtualization manager
    • Virtual system monitor
    • Discovery manager
      • You may uninstall the other webapps that are not used from your Remote Services server
  • No NFS Repository is required to use Amazon


Configuring a Hybrid Cloud

To configure a hybrid cloud by adding a public datacenter to a distributed Abiquo installation, remember to edit the abiquo.properties file on the Amazon Remote Services server and change the Datacenter ID for the public datacenter to a different value.

Create a Public Datacenter

To create a public datacenter, on the Abiquo Infrastructure screen, click the  add plus button at the bottom of the Datacenters list. 

Select Create Public Datacenter from the pull-down list.

The Abiquo API will retrieve the Amazon Provider details and the Regions.

Enter Public Datacenter Details

On the Create Public Datacenter popup, enter the public datacenter details. Enter the IP address of the Remote Services that will be used for this public datacenter only.

Click Accept to continue.

You will require one separate Amazon account for each enterprise using an Amazon Zone, i.e. one account per enterprise and public datacenter in Abiquo.


Abiquo will create an empty public datacenter. For each enterprise, when you add Amazon credentials, Abiquo will create a public datacenter machine with the same name as the enterprise. These machines represent Amazon accounts in Amazon Availability Zones. They will be organised in groups (represented as racks), with up to 20 machines per rack. The racks will be named after the Amazon availability zone and numbered sequentially, e.g. eu-west-1.0, eu-west-1.1, and so on.

Enterprise Access and Resources in Public Datacenters

This section describes how to give Enterprises access to public datacenter resources.

Allow Enterprise Access

The first step to using the public datacenter, is to allow access for enterprises.

If you created the Public Datacenter with the current enterprise, then Abiquo will automatically add the public datacenter to the enterprise's Allowed Datacenters list.

Otherwise to allow the enterprise to access the datacenter:

  1. In the Enterprises list, click on the enterprise name
  2. Click the edit button at the bottom of the list to edit the enterprise
  3. In the Prohibited Datacenters list, click on the datacenter name
  4. Click the left arrow button to move the datacenter to the Allowed Datacenters list

  1. In the Allowed Datacenters list, click on the datacenter name
  2. Click the edit button at the bottom of the popup to edit the enterprise options for the datacenter
The following two sections describe how to control resource usage and allow access for the enterprise that you are editing.

Add Amazon Credentials for the Enterprise

Add the credentials of an Amazon account for an enterprise to enable the enterprise to use the public datacenters linked to the Enterprise's Amazon account. 

Get your Security Credentials from Amazon (see Obtain Credentials for Your Amazon Account).

Open the rootkey.csv file in a text viewer or editor. Here is an example that shows the file format only.

Example Amazon Key File

Create an Amazon Machine

An Amazon account is represented in Abiquo as an Amazon machine in a public datacenter.

Edit the enterprise, then click on the Public Datacenter in the Allowed Datacenters list to edit it.

Click on the 


  1. Enter the Access Key ID 
    • e.g. the characters abcXXXYYabc123999aa above
  2. Enter the Secret Access Key for your Access Key ID 
  3. Click Test Account to check your Amazon account and credentials.

If the credentials are valid they will be marked with a tick.

Click Accept.

Then Click Save to store the Amazon account details.

Amazon Compute Resources is Created When You Save

If you exit without saving, the Amazon account details will be lost and you will have to enter them again.

The Amazon account is represented in Abiquo as a "machine" with the same name as the on a rack that is named by the Amazon region. 

Screenshot: Amazon machine for the enterprise Clar

Check Automatic Amazon Machine Reservation

When you enter Amazon credentials and Abiquo creates a machine for your enterprise, this machine should be automatically reserved. To check this, edit the enterprise and go to the Reservations tab. Open the Amazon datacenter and Availability Zone folder and you should see the reserved machine with the same name as the enterprise in the Reserved Servers list.


Control Amazon Resource Usage with Abiquo

Amazon Availability Zones are added to Abiquo Infrastructure as Abiquo Public Datacenters. Within Availability Zones, Amazon Accounts are added as machines in Abiquo. Machines are always reserved for the Enterprise with the Amazon account credentials entered. You can also use other Abiquo functionality to control access to Amazon resources, for example, users can be restricted to certain virtual datacenters created to use the machines.  Resource limits are set by Amazon Zone for each enterprise using the public datacenter.

Set Allocation limits for use of resources in the public datacenter for each enterprise. 

Limit Access to Public Datacenter Resources

To limit access to the resources in a public datacenter, you can set allocation limits at the same levels as in a datacenter:

  • Enterprise
  • Enterprise-Datacenter
  • Virtual Datacenter

When users deploy in public datacenters, Abiquo checks the allocation limits for RAM, Virtual CPUs and Local Hard Disk. The limit for Public IPs is used to control the assignment of Elastic IPs. 

The following Allocation Limits can be set for resources in public datacenters at all levels.

Future Limits

 In future, Abiquo will implement limits of External Storage (EBS) and Repository (S3).

Edit the Enterprise and edit the Allowed Datacenter. Set hard limits and then soft limits for RAM, virtual CPUs, local hard disk and Public IPs as required.

Screenshots: Example of allocation limits for enterprise and enterprise-datacenter in a public datacenter

View Abiquo-Amazon Infrastructure

Each Abiquo Enterprise using an Amazon Zone appears as a physical machine in the Abiquo Datacenter.

Abiquo will automatically create a rack for Amazon resources with the same name as an Abiquo enterprise for a group of up to twenty Amazon machines.

In the Abiquo v2.6 Amazon integration, the Discovery Manager remote service can view virtual machines running on Amazon but it cannot capture them

On the Servers tab, click on an Amazon machine to display the virtual machines deployed on it.


In v2.6, Amazon machines are not counted as physical cores for Abiquo licensing.  However, Amazon virtual machine cores, RAM and local hard disk are accounted by Abiquo Accounting.

You cannot power on or off, or pause Amazon physical machines, so there are no buttons on the physical machine control panel.

Delete an Amazon Machine

The Amazon machine is controlled by the Amazon credentials.

To delete an Amazon machine, remove the Amazon credentials from the enterprise.

When you remove the Amazon credentials

  • Abiquo cannot to connect to the Amazon account.
  • The virtual machines deployed in Amazon will be registered as undeployed in Abiquo (their state will be set to NOT_ALLOCATED).

If you add the Amazon credentials again, the Amazon machine will be recreated. The infrastructure check may update the state of the virtual machines deployed on the Amazon machine.