...
Abiquo creates a route table that is equivalent to the AWS route table with the values of the Abiquo private network. You can use the AWS NAT instance for Internet access from the Abiquo virtual datacenter private network. You can acquire floating public IPs for your virtual datacenter and in AWS, these will be created as Elastic IPs with public network addresses. Note that AWS may charge for Elastic IPs when they are NOT in use, i.e. when they are not assigned to a VM or when the VM is not deployed in AWS. You must assign the Elastic IPs to VMs with connections to the Public subnet. When creating a NAT gateway, Abiquo will reuse floating IPs that are not assigned to a VDC.
...
Security groups
By default Abiquo assigns instances to the default VPC security group. This means that by default, all outbound traffic from instances is allowed. Enterprise administrators should configure an Abiquo firewall. Abiquo will create an AWS Security group in the VPC when this firewall is assigned to a virtual datacenter. Users can synchronize their firewalls with AWS, which will import existing security groups. The most basic configuration is to allow SSH inbound traffic, for example, port 22, which will allow SSH connections to the machine through a public IP, NAT, or from a private IP within the virtual datacenter. See AWS Security Groups as Abiquo Firewalls.
...
If the user adds multiple IPs in the same subnet, Abiquo adds them to the same elastic network interface. And if the IPs are in a different subnet, Abiquo adds them to a different elastic network interface. For information about Elastic Network Interfaces, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html
...
AWS Features
Include Page
...
AWS
...
AWS Synchronization
To onboard virtual resources from public cloud:
- Go to Virtual datacenters and the V. Datacenters list
- Click the + Add button select Synchronize public cloud from the pull-down menu
- The platform opens a dialog box with a pull-down list of public cloud regions. Select one of these regions.
- After you select the region, there are two possibilities:
- If the provider supports virtual datacenters, Abiquo will display a list of virtual datacenters
- If the provider does not support virtual datacenters, Abiquo will automatically onboard the virtual resources in the region
Onboard virtual datacenters from public cloud
To onboard a virtual datacenter:
...
The platform will detect a public subnet by the presence of a custom route table and NAT gateway, and the platform will mark the public subnet with a globe symbol and set the Internet gateway flag for this subnet. Users with bespoke network configurations should check the results of the synchronization. The platform will synchronize private and public IP addresses even if they are not in use by VMs, and mark the IP addresses in use by provider entities with provider identifiers.
The platform will import VM templates. If the VM template cannot be found, the VM will be created in the platform with no registered template. In this case, to save a copy of your VM disk as a template, so you can recreate the VM, make an Abiquo instance of the VM.
| Warning |
|---|
If you delete a synchronized VDC, you can choose whether to delete it in the provider or not. If your enterprise does not have valid credentials for the public cloud provider, when you delete public cloud entities in the platform, they will still exist in the public cloud provider |
View classic VMs
Some providers may have classic VMs. For example, AWS has EC2 classic VMs.
To view classic VMs, click the See classic link.
Synchronize VDCs and resources
During VDC synchronization, the platform will ensure that the resources in the platform and the provider are the same.
- It will delete entities in the platform that were deleted already in the provider
- However, it will maintain resources attached to undeployed VMs in the platform
- For example, if a user has an undeployed VM with IPs and a load balancer, then after the synchronization, these resources are attached to the VM in the platform only
- Warning: These resources are "free" in the provider. Users working directly in the provider could assign these resources to other VMs. This will cause a conflict and error at deploy time
To update a virtual datacenter and onboard any changes made in the provider, synchronize the virtual datacenter:
- Go to Virtual datacenters → V. Datacenters list
- Beside the virtual datacenter name, click the round arrow Refresh button
You can also synchronize resources such as networks, public IPs, firewalls, and load balancers. To do this, go to the resource tab and click the Synchronize button. For more information, see the resource documentation.
| Info | ||
|---|---|---|
| ||
Note to System Administrators: For information about tuning public cloud synchronization, see Abiquo Configuration Properties. |
Manage resources that were deleted directly in the provider
When administrators delete resources in the provider, the platform will display the resource name in light gray to indicate that the user cannot work with the resource. The resource types include:
- External networks
- Firewalls
- Classic firewalls
- Load balancers
- NAT network
- NAT IPs
To delete these resources (if they are not in use), select the resource and click the delete button.
Delete or release virtual resources in public cloud
The virtual resources that you onboarded or created in public cloud will be grouped with their associated virtual datacenters.
Before you begin:
- If you recently created virtual resources, such as load balancers, synchronize the virtual datacenter to ensure that the platform can find and delete all the dependencies of the virtual datacenter.
To delete onboarded resources in public cloud:
- Delete each virtual datacenter
- You can choose to delete each virtual datacenter in the platform only, or in the platform and the provider. If you delete in the platform only, the platform will automatically remove VMs, virtual appliances, load balancers, public IPs, and firewalls. Remember to check which is the default VDC in your provider, e.g. AWS default VPC, because it may be inconvenient to delete this VPC
| Warning |
|---|
If the enterprise does not have valid credentials for the public cloud provider, when you delete public cloud entities in the platform, they will continue to exist in the public cloud provider |
Onboard from public cloud using the API
| Tip | ||
|---|---|---|
| ||
This feature is available in the Abiquo API. See VirtualDatacentersResource for synchronization and AllowedLocationsResource for retrieval of virtual datacenters and VMs. |
...
Synchronization
...
AWS Firewalls and Load balancers
...
| Include Page | ||||
|---|---|---|---|---|
|
...
Storage
In Amazon, you can work with volumes that are EBS disks.
General information about EBS disks
- Users can onboard and create volumes, and attach them to VMs as auxiliary disks. The volumes must be in the same availability zone as the VM network.
- When you onboard disks, the platform will make them available to users that can access All virtual datacenters in the tenant
- After users detach auxiliary disks from VMs, the synchronization process will make them available in the virtual datacenter. Users can move disks between virtual datacenters and release them to the region. When users undeploy or delete a VM, the synchronization process will make auxiliary disks available in the virtual datacenter.
Delete on termination disks
- If you onboard a VM with Delete on termination disks. When you undeploy or delete the VM, the platform will destroy these disks. When you detach the disks from the deployed VM, the platform will synchronize them as volumes in the virtual datacenter.
Instance templates with multiple disks
- In AWS, users can create an instance template with a copy of the selected VM disks.
When you create a VM from an instance template, the platform will display one disk only, with the total size of all disks. After you deploy the VM, the platform will update the additional disks.
Encrypted EBS disks
...