Change to documentation
For information about setting limits and resource access in Allowed datacenters and public cloud regions, see Configure an Enterprise in a Cloud Location
In the platform, enterprises are cloud tenants, meaning they are groups of cloud users with their own logical resources. For more information, see Users (in the Walkthrough). For each tenant, you can assign access to infrastructure and resources.
Before you begin managing enterprises, we recommend that you do these steps:
To create a cloud tenant enterprise, do these steps:
Go to Users → Enterprises
Click the + add button
Abiquo will create the enterprise and filter to display only this enterprise. To display other enterprises, click the X beside the enterprise name in the filter box at the top of the Enterprises list.
After you have created the enterprise:
The name of the Enterprise
|Default scope||The default scope to assign to future users that administrators create in this tenant. When creating users, an administrator can assign the enterprise’s default scope, even if it is above their scope in a hierarchy. Generally you should set this to a low scope.|
|Require two factor authentication||To make two-factor authentication mandatory for all users of this enterprise, select this checkbox. Note that an administrator must configure it in the platform first. See Configure two factor authentication|
|Enable workflow||To enable workflow for this enterprise, mark this checkbox. Note that an administrator must configure it in the platform first. See Abiquo Workflow Feature|
|Reseller||Select this flag to mark the enterprise as a reseller|
|Key node||Select this flag to mark the enterprise as the key node of its default scope, for example, as the headquarters of an organization|
|Enterprise logo||A logo file for the enterprise in web format (PNG, JPEG, GIF). The size of the default logo is 150 x 37 pixels. This will override the default logo, which is set in Configuration View.|
|Default theme||A branding theme created for the enterprise. See Abiquo Branding Guide|
To set enterprise allocation limits:
Total amount of RAM that may be used by VMs including hardware profiles assigned to VMs
Total number of virtual CPU cores that may be used by VMs including hardware profiles assigned to VMs
Local hard disk
Total size of hard disk that may be used by VMs on hypervisor datastores and in public cloud providers
Total size of external storage that may be assigned to VMs
Total number of private VLANs that may be defined. Note that a private VLAN is automatically created for every VDC, so this limit may restrict the number of VDCs that users can create
Public /floating/NAT IPs
Total number of public IPs, floating IPs (in public cloud), and NAT IPs that may be used
|Repository||Operations||Total size of NFS Repository space that maybe used for the Apps Library including templates and instances (but not conversions). See Manage the Datacenter Apps Library#HowmuchspacecanatenantuseintheAppsLibrary?|
|Virtual machines||Deployment||Total number of VMs that users can deploy in the location using their allowed resources|
In public cloud regions, the platform does not use Repository (Apps library storage) features or limits
Allowed locations are where users can work, for example, create a virtual datacenter and deploy VMs. To administer the infrastructure of a location, the administrator must also have the location in their administration Datacenters scope list. See Manage Scopes
To set the datacenters and public cloud regions that an enterprise is allowed to access:
Drag datacenters and public cloud regions from the left pane to the Allowed datacenters right pane
If you have multiple public cloud regions on the platform, they may be grouped provider, which enables you to drag providers or regions. To set default Allocation limits and VDC roles for regions in a provider, edit the provider.
To configure resources, including allocation limits for each allowed datacenter and public cloud region, see Configure an Enterprise in a Cloud Location.
To control access for users of a tenant in a provider or cloud location with a default role:
At the provider level, the platform will copy the default role to all provider regions. The default role for a region will apply to all new virtual datacenters in the region.
Users with the Manage roles and No VDC restriction privileges can then edit the role for the virtual datacenter and define exceptions. See Set a VDC role to limit user access.
Troubleshooting VDC creation
The platform may prevent a user from creating a VDC (even when they have the Manage virtual datacenters privilege) if they will not have enough privileges to work with resources in the VDC. This can occur if a restrictive default role will apply to the user. The default role applies to users without the "No VDC restriction" privilege. In order for these users to create a VDC:
Before you begin:
To reserve physical machines:
To restrict the enterprise so that it may only deploy on the physical machines reserved for it (and not on any others)
Before you begin:
Obtain credentials to access the cloud provider's API. We provide the following basic guides but you should always check with your provider. See Obtain public cloud credentials.
To add public cloud credentials:
|Provider||Select public cloud provider or vCloud Director region. Some providers may require different credentials for groups of regions, for example, "Amazon (CHINA)". If a specific provider does not display, for example, a vCloud Director region, the cloud administrator may need to allow access for your enterprise.|
|Access key ID|
Identity to access the cloud provider API. For example, a username, API access key ID, subscription ID and certificate, or another account identifier. For DigitalOcean v2, the platform does not use this field but you need to write something in to enable the button Add account after.
For Azure, the format is subscription-id#app-id#tenant-id
|Secret access key||Key to access the cloud provider API. For example, an API key or other API credential.|
For DigitalOcean v2 enter the token.
|Also use for pricing||Use this credential to access pricing data in the provider. For example, to get hardware profile prices from AWS. For Azure, add a separate pricing credential.|
|Current credentials||Provider credentials that are already in the platform|
Finish editing the enterprise and click Save
To manage enterprise properties:
To delete a property, click the trash can button to the left of the Key of the property
You can also configure the tenant properties using the Abiquo API. See: EnterprisesResource
Before you begin:
For full details, see Abiquo Chef Integration Guide.
To enable the Chef Integration for an enterprise:
Tick this checkbox to enable Chef
Enter the URL of the Chef Server API
You must use the name of the validator client on the Chef server. The validator client will be used to register the nodes (VMs) for working with Chef
The validator certificate, which may be stored in a file called organization-validator or validation.pem
This must be a Chef admin client on the Chef server. The Abiquo Server will use it to work with the Chef Server so that when a VM is deployed, Abiquo can change and update recipes.
The admin client certificate, which may be stored in a file called adminclient.pem
Now the enterprise is ready to deploy VMs and automate software installation with Chef.
Before you begin:
To set a pricing model for an enterprise:
To search for an enterprise by name and filter the list of enterprises to display only the matching enterprises
After you create an enterprise, Abiquo will filter the enterprise display by the name of the new enterprise and select this enterprise.
To remove the new enterprise filter:
Abiquo will display the enterprise list in alphabetical order. If the new enterprise is on the first page, it will remain selected. Otherwise Abiquo will select All and display the first page.
To work within an enterprise (and access its resources, such as templates, virtual datacenters, private networks and VMs):
You can also switch enterprises using the same button in the tenant list in Home View.
Before you edit an enterprise, check if the users have created virtual datacenters and deployed VMs and the general resource usage of tenant.
To edit an enterprise:
Editing an enterprise is very similar creating an enterprise, as described in the previous sections on this page.
When you create an enterprise, Abiquo automatically assigns your user scope as the default for users created in this tenant. When you edit a tenant, you can change the default scope for future users created in the tenant.
To create an enterprise in the Abiquo API, create the enterprise using the EnterprisesResource.
Then to allow the users of the enterprise to work with VMs, assign an allowed datacenter or public cloud region. To do this, create an Enterprise-Datacenter Limit. See EnterpriseLimitsByDatacentersResource. The platform will then create a cloud location, which defines this relationship, so you can then manage cloud elements for the location. See AllowedLocationsResource