Abiquo 2.6

Skip to end of metadata
Go to start of metadata

API Feature

This feature is available in the Abiquo API. See EnterpriseResource. Using the API, the cloud administrator can maintain Enterprise metadata such as contact details. See EnterprisePropertiesResource.

Abiquo Enterprises are groups of cloud users with their own logical resources. In a public cloud they may be organizations or in an enterprise cloud they may be departments, for example. Enterprises are managed in the Users View.

The User View will vary depending on the privileges assigned to each user's role. For example, the main Cloud Administrator will be able to see a list of all enterprises in the left pane and all users in the right pane because they have both the Manage enterprises and Manage users of all enterprises privilege and access to all enterprises through the default global administration scope.  

The default Enterprise Administrator role only has access to their own enterprise and does not have the Manage enterprises or Manage users of all enterprises privileges. So this user will only see the users of their enterprise.

An enterprise administrator with the Manage enterprises privilege will see their own enterprise in the left pane and will be able to edit it by clicking the configuration button.

A user with an administration scope of more than one enterprise and the Manage enterprises and Manage users of all enterprises privileges can manage all the enterprises in their scope (in this case, Horizontal and Vertical), and the users of these enterprises too. 

Basic Enterprise Operations

To add, edit, or remove an existing enterprise, use the control buttons at the bottom of the left pane. 

Button Action
Create a new Enterprise
Remove an existing Enterprise
Edit the selected Enterprise

Creating an Enterprise

When you create a new enterprise, first enter the enterprise name.

The Datacenters tab will be highlighted with red text. Remember to open the Datacenters tab and assign at least one available datacenter so the users of the enterprise can deploy virtual machines.

API Functionality

When you create an enterprise in the API, you must assign it a datacenter to allow the users of the enterprise to deploy virtual machines. You can do this by creating an Enterprise-Datacenter Limit.


Enterprise Details

Limit Enterprise Resources

Hard and soft enterprise allocation limits allow the cloud administrator to limit the amount of resources that an enterprise may consume. This is very useful in preventing common problems with cloud platforms, such as resource over allocation, enterprises allocating resources from other enterprises, and even DoS attacks. These limits will also help system administrators to anticipate user needs and forecast resource demand. Hard and soft limits are used by the Best Fit Resource Scheduler to decide if a user can or cannot deploy a virtual appliance.

  • Hard Limit: the maximum amount of resources (CPU, RAM, Hard Disk) that an enterprise may consume.
  • Soft Limit: always lower than the hard limit. Triggers a warning for users that they nearing the hard limits for their enterprise.

Zero limits - no limits

Limits equal to zero mean there will be no limits at all.

Enterprise allocation limits are checked during configuration or deploy, or before operations as shown in the table below.

Repository Limits

The Repository Limits feature enables customers to set an allocation limit for NFS Repository storage, for the enterprise and the enterprise datacenter allocation limits. This allows cloud providers to limit the amount of NFS storage that can be used by a single cloud tenant. This will ensure that no enterprise can use too much NFS storage and reduce storage costs.

The limit information is also displayed as part of the Enterprise Resource tab on the Home page.

Repository UsageIncluded in Limit
Templates added by enterprise(tick)
Instances created by enterprise(tick)
Conversions created by Abiquo(error)


The repository allocation limit will be based on information stored in the database, so the feature allows for a certain amount of "overflow" because sometimes is not possible to predict the disk size prior to an action, such as creating an instance. In this case, the user can create instances until they have exceeded the limit. 

For example, an enterprise has an NFS limit of 500 GB. They have used 480 GB and create an instance that is 40 GB. The instance creation succeeds. The Enterprise has now used up their limit (520 GB > 500 GB), so they cannot create any more instances. 
If an enterprise's repository usage is 99% and ten people at the same time in the same enterprise create an instance, then we will allow these instances because they were not yet surpassing the limit at the time of creation. However, users will be billed for the real repository usage.

Exceeding repository soft limits will trigger an event tracer message and exceeding hard limits will trigger a popup and block usage of the repository.

Soft and Hard Limit Error Messages

If a user exceeds the hard limits for resources checked during configuration, then they will see an error pop-up.

And an event message will be generated for the user.

In addition, when a user exceeds soft or hard limits for any type of resources, then event messages will be generated for the administrator.

Advanced users may consult the Allocation Strategy to read about the application of limits.

Edit the Datacenters an Enterprise is Allowed to Use

Allowed Datacenters Are Required to Deploy Virtual Machines

The users of an enterprise cannot perform tasks such as deploying VMs if their enterprise does not have any Allowed Datacenters

When editing the Enterprise, click the Datacenters tab to access:

  • Allowed and Prohibited Datacenters

Edit an Allowed Datacenter to set for this Datacenter and Enterprise:

  • Allocation Limits
  • Default VLAN
Enterprise Datacenters

To set Datacenters that are allowed or prohibited for an enterprise, edit the Enterprise and click the Datacenters tab. Select one or more datacenters in the left pane and click the arrow buttons to move them to the "Allowed Datacenters" right pane.

Access to at least one datacenter is required in order to deploy virtual machines. The left pane contains datacenters, which are "Prohibited Datacenters" by default.

Datacenters Automatically Assigned to Current Enterprise on Creation

By default, when a datacenter is created it is automatically assigned as Allowed for the current user's enterprise only.



Add Amazon Credentials for an Enterprise

Add the credentials of an Amazon account for an enterprise to enable the enterprise to use the public datacenters linked to the Enterprise's Amazon account. 

Get your Security Credentials from Amazon (see Obtain Credentials for Your Amazon Account).

Open the rootkey.csv file in a text viewer or editor. Here is an example that shows the file format only.

Example Amazon Key File

An Amazon account is represented in Abiquo as an Amazon machine in a public datacenter.

Edit the enterprise, then click on the Public Datacenter in the Allowed Datacenters list to edit it.

Click on the Credentials Tab. 

  1. Enter the Access Key ID 
    • e.g. the characters abcXXXYYabc123999aa above
  2. Enter the Secret Access Key for your Access Key ID 
  3. Click Test Account to check your Amazon account and credentials.

If the credentials are valid they will be marked with a tick.

Click Accept.

Then Click Save to store the Amazon account details.

Amazon Compute Resources is Created When You Save

If you exit without saving, the Amazon account details will be lost and you will have to enter them again.

The Amazon account is represented in Abiquo as a "machine" with the same name as the on a rack that is named by the Amazon region. 

Limit Resources for an Enterprise in a Datacenter

You can set resource allocation limits for this enterprise in each allowed datacenter. To set allocation limits, select one of the Allowed Datacenters in the right pane and click the  button. Set these limit values in the pop-up that opens, as explained in Manage Enterprises#Enterprise Resource Allocation Limits.

Unlimited Resources

If the limits are equal to zero, this means that users have access to unlimited resources.

Application of Limits

When using resources (deploying machines, reserving VLANs or IPs) these limits are applied as explained in the Virtual Machine Allocation section.

Limit Resources for an Enterprise in a Public Datacenter

Setting the Default VLAN for an Enterprise in a Datacenter

Abiquo offers the following types of virtual datacenter networks:

  • public networks with Internet addressable public IP addresses.
  • external networks that are assigned to an enterprise and can be accessed by more than one virtual datacenter.
  • unmanaged networks that are external networks where the IP address allocation is not managed by Abiquo.
  • private networks with private IP addresses that are restricted to a single virtual datacenter.

See Cloud Tenant Networks

When you create a new enterprise and allow it to use a datacenter in Abiquo, the default network setting for the enterprise in the datacenter is "An auto-created private VLAN", i.e. a private network. This network is called "default_private_network".

The following network types can also be set as the default network for an enterprise in a datacenter.

  • Custom Private Network
  • External Network
  • Unmanaged Network

To assign an external or unmanaged network as the default, it must first be created in Infrastructure view in the datacenter's External Network tab.

To set the default network for an enterprise in a datacenter, go to Users view and edit an enterprise. Then select the Datacenters tab and edit an allowed datacenter. Select the Default VLAN tab. The current default VLAN network will be highlighted in bold text.

Select a different private or external VLAN and click Accept, then Save. In the following screenshot, ABCD Corporate Network will now be set as the default.

When you change the default network for the enterprise and datacenter, the new default network will be assigned to all new virtual datacenters you create. However, you can override the enterprise's datacenter default network for a specific virtual datacenter in the virtual datacenter's network screen.

Controlling Access to Storage Tiers

Restrict Access to Tiers Without Enterprise Volumes

After an enterprise has created volumes in a tier, you cannot restrict access to the tier for that enterprise.

Click the Tiers tab to set the allowed and restricted storage tiers for the Enterprise.

  • Select one or more tiers and click an arrow button to allow or prohibit the enterprise use of this storage tier. 
  • To allow or prohibit all tiers, click the double arrow button that points towards the preferred options.
  • When you have finished making changes, click Accept.

The tiers you set on this page will override the basic configuration of tiers set in Infrastructure view when Managing External Storage on the General Information popup for Tiers or on Enterprise Access tab. The tiers set on this page can also be overwritten by a new configuration on the Enterprise Access tab   


Reserving Physical Machines and Restricting Deployments

If you have the Manage enterprise reserved servers privilege, you can reserve a physical machine for a single enterprise. Click the "Reservations" tab, and you will see a list of Available Servers (Physical Machines).

Only the datacenters included in the "Allowed" list for this enterprise will be available in this section. To set these datacenters, go to the "Datacenters" tab. You cannot reserve a Physical Machine that is already reserved or running virtual machines deployed by a different enterprise.

Select the Physical Machine(s) in their Datacenter/Rack. Move them to the "Reserved" pane by clicking on the arrow buttons.

When you reserve a physical machine for an enterprise, no other enterprise will be able to use this machine's resources or deploy virtual machines in it.

You can also restrict an enterprise so that it may only deploy virtual machines on the physical machines reserved for it and not on any others. To do this, mark the "Only use 'Reserved Servers'" checkbox.

Automatic Reservation of Amazon Machines

When you enter Amazon credentials and Abiquo creates a machine for your enterprise, this machine should be automatically reserved. To check this, edit the enterprise and go to the Reservations tab. Open the Amazon datacenter and Availability Zone folder and you should see the reserved machine with the same name as the enterprise in the Reserved Servers list.


Select a Pricing Model for an Enterprise

Pricing models are created and edited in Pricing view.
You can select a pricing model for your enterprise on the Pricing Models tab.
Select a pricing model from the pull-down menu. The details of the pricing model will be displayed.

Enable Chef for the Enterprise

Abiquo Chef Integration allows you to automate the configuration of virtual machines using Chef. You will need a Chef Server with roles and recipes for your virtual machines. See also Configuring and Using Abiquo Chef Integration and Troubleshooting Abiquo Chef Integration. This feature was introduced in Abiquo 2.0 and it supports only Linux machines as Chef nodes.

To enable Chef Integration for your enterprise, click on the Chef tab. Click on the checkbox to Enable chef and enter the following details:

  1. The URL of the Chef Server API
  2. The Chef validator client name and certificate. The validator certificate will be used to register the nodes (virtual machines) for working with Chef.
  3. The Chef admin client name and certificate. Abiquo requires an admin client so that when a virtual machine is deployed, Abiquo can change and update recipes.

Abiquo will use the admin client to work with the Chef Server.

Now the enterprise is ready to deploy virtual machines and automate software installation with Chef.

Editing an Enterprise

See the section above on Manage Enterprises#Creating an Enterprise.

Deleting an Enterprise

To delete an Enterprise, select the Enterprise to delete and click the button.


The following preconditions are checked before deleting an Enterprise. The Enterprise:

  • must not have associated Virtual Datacenters.
  • must not have associated shared Virtual Images.
  • No labels