Abiquo Documentation Cookies Policy

Our Documentation website uses cookies to improve your experience. Please visit our Cookie Policy page for more information about cookies and how we use them.

Abiquo 2.6

Skip to end of metadata
Go to start of metadata

Introduction to Abiquo and Amazon

The Abiquo Amazon EC2 integration is a hybrid cloud feature that enables our customers to add Amazon Availability Zones to the Abiquo platform as compute resources. Amazon Regions are added as Abiquo public datacenters. No Abiquo licenses are required to use public datacenters. Abiquo manages public datacenters using three of the Abiquo Remote Services. The remotes services used in a public datacenter must not be shared with any other datacenters. No NFS repository is required for a public datacenter.  


Each Abiquo public datacenter corresponds to an Availability Zone within a single Region in Amazon EC2. Within the public datacenter, Abiquo will create a rack to organize Amazon resources. Each Abiquo enterprise using the Amazon datacenter should have its own Amazon account. Abiquo will create a machine for your enterprise when you add your Amazon credentials (Access Key ID and Secret Access Key) to the Abiquo Enterprise. Each enterprise may create ONE machine for the enterprise's Amazon account.

When users create a virtual datacenter in the public datacenter, Abiquo works with Amazon EC2. A Virtual Private Cloud (VPC) is created for each Abiquo virtual datacenter. An Amazon VPC has a  private subnet called a private connect network and an Internet gateway for the subnet. Access from outside the cloud is through Elastic IPs. Elastic IPs are registered in Abiquo as part of unmanaged networks.

Virtual machines deployed in the VPC virtual datacenter are Amazon Instances. They are automatically connected to the Private Connect network. You can assign Elastic IPs to these machines in Abiquo.


This feature is a first step towards developing agnostic public cloud management. Later we will offer connections with other clouds (vCloud, OpenStack, Rackspace, and so on.) You can offer a new service that is a federation of Abiquo private clouds and the public cloud. Cloud tenants will be able to deploy on Amazon or in Abiquo datacenters. You can control the use of Amazon resources in the same way as they can in the Abiquo Datacenter (quotas, limits, etc).

Create a Machine in a Public Datacenter

In a public datacenter, a "machine" is an AWS account for an Abiquo enterprise with access to an AWS Region and an Availability Zone. 

To create a machine, you will need the credentials for an Amazon AWS Account. You create the Amazon machine in Users view. The two main steps are to allow enterprise access to the public datacenter and to add the enterprise's AWS credentials.

Allow Enterprise Access to a Public Datacenter

If you created the Public Datacenter with the current enterprise then it will automatically add the public datacenter to the enterprise's Allowed Datacenters list.

Otherwise, to allow the enterprise to access the public datacenter:

  1. In the Enterprises list, click on the enterprise name
  2. Click the edit button at the bottom of the list to edit the enterprise
  3. In the Prohibited Datacenters list, click on the datacenter name
  4. Click the left arrow button to move the datacenter to the Allowed Datacenters list.
  1. In the Allowed Datacenters list, click on the datacenter name
  2. Click the edit button at the bottom of the popup to edit the enterprise options for the datacenter
The following two sections describe how to control resource usage and allow access for the enterprise in the selected datacenter.

Add Amazon Credentials for the Enterprise

An Abiquo enterprise requires the credentials of an Amazon account in order to use the public datacenters linked to the Enterprise's Amazon account. 

Edit the enterprise, then click on the Public Datacenter in the Allowed Datacenters list to edit it.

Get your Security Credentials from Amazon (see Above).

The rootkey.csv file has the following format when opened in a text editor. 

  1. Enter the Access Key ID (the characters abcXXXYYabc123999aa in the above string)
  2. Enter the Secret Access Key for your Access Key ID (the characters YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY in the above example).
  3. Click Test Account to check your Amazon account and credentials.

If the credentials are valid they will be marked with a tick.


Click Accept.

Then Click Save to store the Amazon account details.

If you exit without saving, the Amazon account details will be lost and you will have to enter them again.


View Abiquo-Amazon Infrastructure

In an Abiquo public datacenter, for each enterprise, when you add Amazon credentials, Abiquo will create a machine with the same name as the enterprise. Each machine represents an enterprise's Amazon account in an Amazon Availability Zone. Amazon machines will be automatically organised in groups (represented as racks), with up to 20 machines per rack. The racks will be named after the Amazon availability zone and numbered sequentially, e.g. eu-west-1.0, eu-west-1.1, and so on.

In v2.6, Amazon machines are not counted as physical cores for Abiquo licensing.  However, Amazon virtual machine cores, RAM and local hard disk are accounted by Abiquo Accounting.

You cannot power on or off, or pause Amazon physical machines, so there are no buttons on the physical machine control panel. 

Delete a an Amazon machine

To delete an Enterprise's Amazon account for a Region:

  1. check the Amazon credentials are correctly registered for the enterprise
  2. delete all virtual infrastructure first

If the credentials are not correctly registered, Abiquo cannot access the Amazon account.

If you do not delete all virtual infrastructure before you delete the machine, it will remain in the Amazon systems.

Obtain Credentials for an Amazon AWS Account

To configure the Amazon integration in Abiquo, you will need credentials to access your Amazon Account.

These credentials are an Access Key ID and Secret Access Key.

Only use ONE set of Amazon keys for each enterprise in each datacenter

Amazon will allow you to generate two sets of active keys for each account. However, in Abiquo 2.6, you can only create one Abiquo machine per enterprise, per public datacenter.

New Keys

To obtain credentials go to the Amazon AWS console, and from the Dashboard select Security Credentials.

Click on Create new Root Key

After you create the Access Key, you must DOWNLOAD it by clicking Download Key File. The key will be saved in a file named rootkey.csv in your downloads folder.


This is an example of the rootkey.csv file:

  1. The Access Key ID is the characters abcXXXYYabc123999aa in the above example.
  2. The Secret Access Key for your Access Key ID is the characters YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY in the above example.

Existing Keys

If you already generated the keys but did not download and keep the values, it is possible to retrieve the Secret Access Key from the legacy Security Credentials page.

Go to the legacy Security Credentials page.

Scroll down to the page to the Access Credentials section. (1) Copy an Access Key ID.  In the Secret Access Key column, click Show next to the key. (2) Copy the Secret Access Key. Store the keys in a safe place.




For each enterprise, when you add Amazon credentials, Abiquo will create a machine with the same name as the enterprise. These machines will be organised in racks, with 20 machines per rack.

Control Amazon Resource Usage with Abiquo

Amazon Availability Zones are added to Abiquo Infrastructure as Abiquo Public Datacenters. Within Availability Zones, Amazon Accounts are added as machines in Abiquo. Machines are always reserved for the Enterprise with the Amazon account credentials entered. You can also use other Abiquo functionality to control access to Amazon resources, for example, users can be restricted to certain virtual datacenters created to use the machines. Resource limits are set by Amazon Zone for each enterprise using the public datacenter.

Set Allocation limits for use of resources in the public datacenter for each enterprise. 

Set a Public Datacenter's Enterprise Allocation Limits

When users deploy in public datacenters, Abiquo checks the allocation limits for RAM, Virtual CPUs and Local Hard Disk.


Abiquo checks how much RAM is used by the Amazon hardware profile selected by the user for each virtual machine in the virtual appliance.

Virtual CPUs

Abiquo checks how many cores are used by the Amazon hardware profile selected by the user for each virtual machine in the virtual appliance.

Local Hard Disk

Abiquo checks the total hard disk used by the AMI (Amazon template) including the system disk and all volumes included with the AMI.


Edit the Enterprise and edit the Allowed Datacenter. Set hard limits and then soft limits for RAM, virtual CPUs and local hard disk as required.