| Table of Contents |
|---|
Introduction to Abiquo and AWS
...
Administrators add Amazon regions to the platform as Abiquo public cloud regions. Abiquo manages public cloud regions using a set of the Abiquo Remote Services. The remote services used in a public cloud region can be shared with other datacenters or public cloud regions. Abiquo caches details of AMI templates but it does not store their disks, so no NFS repository is required for a public cloud region. Each Abiquo public cloud region corresponds to a single Region in Amazon EC2. Multiple cloud tenants can then access this region.
...
Tenants and AWS credentials
...
When users create a virtual datacenter in the public cloud region, Abiquo works with Amazon EC2 to create a Virtual Private Cloud (VPC). When users create VMs, the platform creates Amazon Instances. 
...
For remote access to your VM, add your public key to your Abiquo user before you deploy a VM. Add a firewall to your VM to allow access to the remote access port for SSH. The platform will create your VM using your RSA public key. To access the instance, you will need the corresponding RSA private key.
| Warning | |
|---|---|
| title | Manage Amazon Instances with AbiquoDo not rename an Amazon instance in AWS or you will break the link between Abiquo and the VM. If the link is broken, you will not be able to manage the VM with Abiquo again. Do not delete the tags created by Abiquo. If you need to manage your Abiquo Elastic IPs in Amazon, synchronize them to update changes in Abiquo or you may see unexpected results. |
...
How Abiquo creates a virtual private cloud
Abiquo configures VPC networking Scenario 2 as described in the AWS documentation. See httphttps://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html. 
...
Abiquo creates VPCs with NAT support.
When creating a NAT gateway, Abiquo will reuse floating IPs that are not assigned to a VDC.
Abiquo creates a route table that is equivalent to the AWS route table with the values of the Abiquo private network.
You can use the AWS NAT instance for Internet access from the Abiquo virtual datacenter private network.
Abiquo creates VPCs with a public subnet.
By default, VMs in private networks will have internet access through the public subnet. So a VM can connect to the internet to download its configuration, for example, using Chef, without an Elastic IP.
Users can create public subnets and Abiquo will assign them to route tables with a route to the internet gateway.
When Abiquo creates new public subnets, it will not create any new NAT gateways.
If users delete the original public subnet, this will also delete the original NAT gateway. But Abiquo will replace all the routes in the main route table that route traffic to the deleted NAT gateway with a new rule to route traffic to the internet gateway.
You can acquire public IPs for your virtual datacenter and in AWS these will be Elastic IPs with public network addresses.
...
Abiquo creates VPCs with a private subnet.
The private subnet is a private connect network.
The private subnet has an Internet gateway and access to the VPC from outside the cloud is through NAT or Elastic IPs via a public subnet.
Within your virtual datacenter, you can create more Abiquo private networks (subnets in your VPC), so you can deploy to different Availability Zones.
The private subnets in the same availability zone as a public subnet will have internet access through the public subnet.
When you create an Abiquo virtual datacenter in an AWS public datacenter, Abiquo creates a VPC with a minimum network size of /16 and a subnet of size /24 (or with the sizes defined by the user).
The default CIDR for the VPC and the subnet is 192.168.0.0, which is the default private network in Abiquo.
You can set a custom private network in Abiquo and this network will be used to create the VPC and subnet in Abiquo.
You can create multiple address spaces (called Abiquo address ranges) and Abiquo private networks in different availability zones in the same VPC.
AWS reserves IP addresses in your private networks.
Abiquo supports the AWS gateway address as the first address in a network.
AWS reserves the first four IP addresses and the last IP address of a VPC private connect network.
For a network that is defined to start with address 0:
The first available IP address will be address 4
The gateway address is address 1.
Abiquo supports multiple IP addresses per VM in the AWS integration.
You can synchronize existing VMs and create new IP addresses through Abiquo, including multiple Elastic IPs
The maximum number of IP addresses is determined by the AWS hardware profile (instance type). See
httphttps://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI
Abiquo adds IPs in the same subnet to the same elastic network interface.
For information about Elastic Network Interfaces, see
httphttps://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html
...
Security groups
Abiquo firewall policies correspond to AWS Security Groups and Abiquo onboards security groups from Amazon VPCs. Abiquo registers the default security group of a VPC as the default firewall policy of the Abiquo virtual datacenter. This firewall policy allows all outbound traffic from VMs. Abiquo users can select another firewall policy as the default. Remember that you must configure a firewall to allow remote access to your VMs in AWS.
...
Related links for Abiquo and AWS
AWS features table: contains details of AWS features supported by Abiquo
Onboard from public cloud: describes how to synchronize AWS resources into the Abiquo cloud platform
AWS load balancers table: contains details of load balancers features supported by Abiquo
Manage storage in public cloud: describes how to use AWS storage in Abiquo