CREATE Cloud (Openstack) Web Interface¶
The web interface is accessed at https://cloud.er.kcl.ac.uk using standard KCL credentials for single sign on over the e-Research VPN.
This page gives a brief overview of some of the sections and the settings available on the web interface. For more advanced configurations or detail please see the offical OpenStack Documentation.
A step-by-step guide to the basics of creating a VM is at Launch Instances and a basic introduction to using the OpenStack API is here.
On logging in you will see an overview of the current resources available in your default project and other summary details. If you have more than one project, use the drop-down combo box next to the KCL logo at the top of the page to select the project you want to work on.
This is where you will be able to see specific details about the VMs that you have in the project that you can edit or delete, select the combo box at the end of each row to see the actions that can be performed on an instance. It is also where you can create new instances.
The OpenStack interface allows for either the creation of a new Key Pair or for an existing Public Key to be imported. Keys created in OpenStack cannot have passwords attached to them so please consider following the guidance on creating keys in SSH Clients and Keys and importing the public key to OpenStack.
There are four sections in volumes and during day-to-day activities it is not often necessary to make any changes. However, if an instance is created and deleted and 'Yes' was not selected for 'Delete Volume on Instance Delete', volumes that are not attached to an instance will remain. It is possible to re-attach them to a new instance although it will need to be of the same flavour or larger in terms of root disk size.
Gives a graphical overview of the whole network in the project and provides shortcuts to most objects.
An internal network can be created for VMs to be associated with. Open the dialogue to create a network and:
- Leave the default settings and add a unique network name.
- Select 'Subnet', add a unique subnet name and network address. The hint suggests 192.168.0.0/24 which will provide 254 usable addresses (although one will be taken for the gateway address).
- Additional subnet details can be added although is not necessary for most uses.
As part of any network at least one router is required to connect the external network to the internal network.
- Create a router with a unique name attached to the external network
- Select the router by clicking on its name
- Select the 'Interfaces' tab and add an interface
- Choose the internal subnet you want the router to connect to
When a security group is created the manage security group rules page is displayed. Rules can be easily added with many common services available to choose from a drop down list when a rule is added, specific ports and protocols can also be entered. e.g. create a rule with ssh access (TCP port 22) from specific IP addresses you are using
Restricting access to machines from a specific set of ip addresses is a very useful method of increasing security and where possible should be implemented.
To make a server on an internal netowrk accessible from other devices in the KCL network a floating IP will need to be allocated to the VM. Allocate an IP to your Project and it can then be associated with a VM in the Instances view.