- Adds a public cloud region to the platform and imports templates into the Apps library
- Describes how to create a virtual datacenter and configure and deploy a Linux VM in public cloud
This walkthrough assumes that:
- The Abiquo platform has been configured
- The user has a public cloud account for Amazon and/or Azure with API credentials. See Obtain AWS credentials or Obtain Azure ARM credentials. The examples in this walkthrough use Amazon and a Linux VM.
1. Log In
Log in as Cloud Administrator using the default account with the following data:
- Username: admin
- Password: (Your demo password supplied by Customer Service)
2. Configure your user account
To configure a user for public cloud:
- Click the username icon in the bottom left corner of the screen to open the menu and select Edit user
- OR go to Users view → Users → select and edit a user
- Add an Email address and Phone number to receive notifications from the platform
- To be able to connect to your VMs in public cloud, go to Advanced and add an SSH public key
3. Create a public cloud region
The cloud administrator creates public cloud regions to configure public cloud providers for users.
- Open Infrastructure View by clicking the servers icon at the top of the main menu
- Go to Public
- Click the + add button at the bottom of the Public cloud regions list
- Enter the Name of your public cloud region
- Select the Provider
- Select the Region to add. You can add more than one region, and the platform will add a suffix to the region name
- Click Next
- Select the Remote services. Abiquo uses Remote services to connect to the providers and manage the cloud.
- In the first IP address box, click the down arrow and select the Remote service URL from the pull-down list
- Then click the link to Duplicate IP addresses at the top of the popup
- Click Check all to check the connection to the remote serivces
- Click Save
Click the help button in the top left-hand side of a pop-up to view the help screen for that pop-up.
4. Optionally allow other tenants to use a public cloud region
The tenant that creates a public cloud region can automatically use it. If you are working in the same tenant that you created the public cloud region with, then you can skip this step. For all other tenants, you must allow them access.
- Open the Users view by clicking the users icon
- From the Enterprises list, select the tenant to allow access. Or create a new tenant, entering the Name and selecting Global scope.
- Tip: When you are creating or editing an enterprise, you can restrict the tenant's resources with Allocation limits!
- At the bottom of the Enterprises list, click the pencil edit button.
- To allow users to deploy in the public cloud region, enable the region datacenter for the enterprise. Go to Datacenters, select the public cloud region, and drag it to the Allowed datacenters list.
Note: You don't need to save the tenant yet, because in the next step you will also change the tenant.
5. Add tenant credentials for the public cloud provider
Each cloud tenant will require their own set of public cloud credentials. Note that you can also register your tenants as the customer of a cloud reseller that is using the platform.
- Edit tenant enterprise and go to Credentials
- Select the Provider
- Enter the Access key and the Secret access key. For more details, see Obtain AWS credentials and Obtain Azure ARM credentials.
- Click Add account
- When you have entered all cloud provider credentials, click Save
The tenant's account will be added for the provider and displayed in the public cloud view of the Infrastructure tab.
6. Add VM templates to the Apps library in public cloud
The Appliance library (Apps library) stores VM templates so that users can easily create VMs from them. In public cloud, the platform stores VM template details and then deploys from the public cloud templates. The Apps library templates are available to users in their virtual datacenters.
- Open the Apps library view by clicking the apps library icon
- Go to Public
- Select the public cloud region
- Click the import template button
- Enter the ID of a template to import, or a Name text, for example "Linux" because we recommend that you use a Linux template. In Azure, optionally filter by template providers, for example, use the Canonical provider and search for an "ubuntu" template.
- Tip: In Amazon in the EC2 console, you can easily find a few basic templates with IDs in the launch wizard!
- Click Search
- Select a Template to import and click the import symbol beside the template
The imported templates will be added to the Apps library. Note that you may not be able to accept an end-user license agreement outside of the public cloud interface, so for example, to deploy an AMI from the Amazon Marketplace, you will need to accept the EULA in AWS before you can deploy in Abiquo.
7. Edit the VM templates to add a password
The VM template will have a default user, and you should add a password for this user.
- Go to Apps library → Public → select region → Templates
- Select and edit the template
- Go to Advanced
- Select the template operating system, for example, LINUX_64
- For Azure enter a Username and for Windows on Azure enter a Password
- For Linux, note the username that the platform has obtained from the Azure template
- For Windows, enter a valid username and password. See Azure Portal and documentation about usernames at https://docs.microsoft.com/en-us/azure/virtual-machines/windows/faq#what-are-the-username-requirements-when-creating-a-vm. The RDP password must be more than 12 characters long. It should contain at least one each of uppercase character, lowercase character, number, and special character. See https://docs.microsoft.com/en-us/azure/virtual-machines/windows/faq#what-are-the-password-requirements-when-creating-a-vm
If you do not add a user and password to the template, the platform will use the default set in Abiquo Configuration Properties.
- For AWS enter a Username
- For Linux, see Amazon default instance users table. If necessary, enter the Username
- For Windows, enter "Administrator"
- Click Save
8. In Azure create a resource group
In order to create a virtual datacenter in Azure, you must first create a resource group. You can use Azure resource groups to manage groups of related resources in Azure.
To create a resource group:
- Go to Virtual datacenters by clicking the cloud button
- Go to Global → select the Azure provider
- Go to Resource groups
- Click the + add button
- Complete the dialog and click Save
The name of the resource group. We recommend that you check the provider documentation, because if the name is invalid, the platform will return the provider's error.
The Name must be unique in the subscription, which means in the enterprise
The provider where the resource group will be created, which is "Azure ARM"
|Region||The public cloud region where the platform will store the resource group's metadata|
9. In Google Cloud Platform create a global network
To create a global network in multiple regions in Google Cloud Platform:
- Go to myCloud virtual datacenters → Global
- Select a Google provider
- On the Global networks page, click the + add button and complete the dialog
|Name||The name of the global network|
|Description||This will display beneath the network name in the list|
|Routing mode||Select Regional or Global.|
Automatic subnet creation
Select to automatically create subnets in all regions of Google Cloud Platform. This option is recommended test environments only. To onboard the subnet for a region synchronize the global network and select the region. The subnets will have an address in CIDR notation of 10.172.0.0/20
10. Create a virtual datacenter in public cloud
Virtual datacenters contain the virtual resources for providing the cloud service. From here users can create VMs in virtual appliances and the Abiquo platform will deploy them to the infrastructure. Within virtual datacenters, users can manage their VMs, networks, storage, and more.
- Open the Virtual datacenters view by clicking the cloud icon
- Click the + add button at the top of the Virtual Datacenters list and select Create virtual datacenter
- Enter a Name, and select the Public cloud region
11. In Google Cloud assign a subnet to the virtual datacenter
- In Virtual datacenters view, go to Global
- Select the public cloud provider → Global networks
- Select a global network
- To onboard existing subnets, click the round arrow synchronize button and select the public cloud region
- In Global view or Locations view:
- Select a subnet and click the pencil edit button OR
- Create a subnet. See Create a subnet
- When you edit or create the subnet, select the Virtual datacenter you created earlier
12. Create a virtual appliance in public cloud
A virtual appliance is a container for a group of VMs running in a virtual datacenter. It is like a folder that can contain a related set of VMs that are used to provide a service. For example, a web stack. At the virtual appliance level, you can deploy these VMs together, view their performance statistics, create anti-affinity layers for VM high availability, and so on.
To manage a new group of VMs, create a virtual appliance:
- Select the Virtual datacenter in public cloud
- In the Virtual Appliances pane, click the + add button and enter the Name of the virtual appliance then click Save.
The virtual appliance you create will display in the Virtual Appliances list. For more details, see Manage Virtual Appliances .
13. Add VM templates to create VMs in public cloud
The list of available and compatible templates displays in the left pane of the virtual appliance.
- Click on the Virtual appliance name to open your virtual appliance
- To create a VM, click Create virtual machine and select a VM template
- For the Label, enter a user-friendly name for the VM that meets provider criteria, then click Save
- For each template, select an appropriate Hardware profile. You can enter a text string to search for specific profiles.
14. Configure the VM network connections
If you would like to connect to a VM in public cloud, you will need to add a public IP address, as well as a private IP address in a public subnet (in AWS). If you don't configure the network, by default Abiquo will add a private IP address only.
- On the VM icon from the options menu, select Edit
- Click Network → Public → Purchase public IP
- Then on the Purchase public IPs popup, click the + add button
- Select an IP address and click Add
- Drag the public IP into the NICs pane
- Then go to Private. Select a Private network. In Amazon select subnet-xxxx, which is the public subnet
- Drag the Auto-generated IP label into the NICs pane.
15. Configure the VM firewall for public cloud
In the initial version of the Google Cloud Platform integration, the platform will automatically create a firewall for you to connect to your VM.
To connect to a VM in public cloud, you should create a firewall to allow access. Because this VM will only be active for a very short time, we will use basic default settings.
- For a Linux VM, use an SSH connection to port 22.
- For a Windows VM, use a standard RDP connection to port 3389
Create a firewall
- Go to Virtual datacenters → Networks → Firewalls
- Click the + add button to create a firewall for connections and enter the Name, and select the Location and Virtual datacenter
- Edit the Firewall rules and select Inbound, then from Common protocols, select SSH for a Linux VM or RDP for a Windows VM. Or for convenience, you could allow both in a test system
- In this example, we allowed connections, but you should allow only incoming connections from your IP address.
- Click Add, then click Save.
Note that AWS will not allow you to create duplicate firewall rules.
Attach the firewall to the VM
- Go to Virtual appliances → click on the Name to open the virtual appliance → Edit the VM
- Go to Networks → Firewall
- Select the firewall you created and click Save. Note that the provider may limit the number of firewall policies that you can apply to a VM
16. Deploy the virtual appliance in public cloud
Click the Deploy virtual appliance button to deploy the virtual appliance.
The platform will deploy all the VMs and power them on. You can select the VMs and manage them with the control buttons in the lower right corner of the screen.
Now give your VM some time to start up.
Sometimes when you deploy a VM in Azure, the platform may display the VM in the locked state for longer than expected. This is because Azure sometimes does not return information about VM disks as expected. This may occur when you deploy one VM by itself. A workaround is to create a volume and you do not need to attach the volume to a VM.
17. Connect to your VM
You can connect using SSH or RDP or another appropriate method.
- Go to Virtual datacenters and open the Virtual appliance
- Select the VM
- To obtain the default username and password, go the General tab of the VM control panel and click Default credentials
- To open the connection, click the console icon
- A console should open to allow you to log in to your VM. The platform will automatically complete the Username
- For Windows VMs on Azure, enter the Password
- For all Linux VMs and for Windows VMs on AWS, enter the SSH private key (also called the Decryption key)
If you cannot connect due to an unsecured certificate error, open a new tab in the same browser, enter the host IP of the VM, and accept the certificate.