...
When users create a virtual datacenter in the public cloud region, Abiquo works with Amazon EC2. Abiquo creates a Virtual Private Cloud (VPC) for each Abiquo virtual datacenter. By default, for each Amazon VPC, Abiquo creates a public subnet and a private subnet, which is a private connect network. The private subnet has an Internet gateway and access to the VPC from outside the cloud is through NAT or Elastic IPs via the public subnet. Elastic IPs are registered in Abiquo as floating IPs. Floating IPs are managed like public IPs but they do not belong to any Abiquo network. Within your virtual datacenter, you can create more Abiquo private networks (subnets in your VPC), which will enable you to deploy to different Availability Zones. The private subnets in the same availability zone as the public subnet will have internet access through the public subnet.
Virtual machines VMs deployed in the VPC virtual datacenter are Amazon Instances. Add your public key to your Abiquo user before you deploy a virtual machineVM. Your Amazon instance will be created using your RSA public key to enable remote access. You will need the corresponding RSA private key to access the instance.
| Warning | ||
|---|---|---|
| ||
Do not rename an Amazon instance in AWS or you will break the link between Abiquo and the virtual machineVM. If the link is broken, you will not be able to manage the virtual machine VM with Abiquo again. Do not delete the tags created by Abiquo. If you need to manage your Abiquo Elastic IPs in Amazon, synchronize them to update changes in Abiquo or you may see unexpected results. |
...
In the AWS integration, Abiquo creates VPCs with NAT support with a public subnet, and allows virtual machines VMs on different subnets to be connected to the same load balancer. Abiquo now supports the AWS gateway address as the first address in the network.
Abiquo now configures VPC networking Scenario 2 as described in the AWS documentation http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html.
Under this configuration, users must attach Elastic IPs to virtual machines VMs with a connection to the public subnet. And by default, virtual machines VMs in private networks will have internet access through the public subnet. This is helpful for automation because a virtual machine VM can now connect to the internet to download its configuration, for example, using Chef, without an Elastic IP.
...
Abiquo creates a route table that is equivalent to the AWS route table with the values of the Abiquo private network. You can use the AWS NAT instance for Internet access from the Abiquo virtual datacenter private network. You can acquire floating public IPs for your virtual datacenter and in AWS, these will be created as Elastic IPs with public network addresses. Note that AWS may charge for Elastic IPs when they are NOT in use, i.e. when they are not assigned to a virtual machine VM or when the virtual machine VM is not deployed in AWS. In Abiquo 4.0+, you You must assign the Elastic IPs to virtual machines VMs with connections to the Public subnet. When creating a NAT gateway, Abiquo will reuse floating IPs that are not assigned to a VDC.
Security
By default Abiquo assigns instances to the default VPC security group. This means that by default, all outbound traffic from instances is allowed. Enterprise administrators should configure an Abiquo firewall. Abiquo will create an AWS Security group in the VPC when this firewall is assigned to a virtual datacenter. Users can synchronize their firewalls with AWS, which will import existing security groups. The most basic configuration is to allow SSH inbound traffic, for example, port 22, which will allow SSH connections to the machine through a public IP, NAT, or from a private IP within the virtual datacenter. See AWS Security Groups as Abiquo Firewalls.
...
Abiquo supports multiple IP addresses in the AWS integration. You can synchronize existing virtual machines VMs with multiple IP addresses and create multiple IP addresses through Abiquo, including multiple Elastic IPs.
...