Flow chart

This flow chart describes the basic process for provisioning infrastructure and enterprise tenants. 

{"diagramDefinition":"graph TD\r\n\r\nZ(( ))\r\n\r\nstyle Z fill:#g1g,stroke:#100,stroke-width:20px\r\n\r\nZ-->A(Create datacenters and<br/>public cloud regionsProvision infrastructure)\r\nnA-->BB(Create roles)\r\nAnBB --> |Private cloud|B(Create datastore<br/>service levels)\r\nModify privileges of roles)\r\nB-->C(ConfigureCreate networksscopes)\r\n\r\nC-->D(Add compute with<br/>racks and serversCreate enterprises)\r\n\r\nD-->E(OptionallyCreate create<br/>allocationtenant rulesadmins)\r\n\r\nE-->F(Optionally create<br/>hardware profiles)\r\n\r\nF-->G(Provision tenants)\r\n\r\nA-->|Public cloud|G\r\n\r\nG-->|Private cloud|H(Provision networks)\r\n\r\n\r\nG-->|Public cloud|I(Obtain public<br/>cloud credentials)\r\n\r\n>H(Provision networks)\r\nH-->J(Create virtual datacenters)\r\n\r\nJ-->K(Capture VMs)\r\n\r\nK-->L(Configure backups)\r\n\r\nL-->Q((<fontcolour=f3efe6> * ))\r\n\tstyle Q fill:#f3efe6,stroke:#030300,stroke-width:7px,color:#f3efe6\r\n\r\nI-->M(Add credentials<br/>for a tenant)nsubgraph Provision tenants\r\n    BB\r\n    B\r\nM-->N(Onboard from<br/>public cloud)n    C\r\n    D\r\n    E\r\nN-->Qnend"}

Provision tenants

...

Before you begin

Before you create tenants, you should do these steps:

• Add infrastructure to the platform as described in the Infrastructure provisioning guide 

  • Configure the platform in Configuration View including:  Configure two factor authentication

• Prepare enterprise themes for white-labelling following the Abiquo Branding Guide

• Create roles and scopes

• Create pricing models

Introduction to user roles

...

Create a user role

...

Modify the privileges of a role

...

Manage roles with the API

Introduction to user scopes

...

Create a scope

...

Manage scopes with the API

Create a basic enterprise

This section describes how to create a basic tenant enterprise for a cloud tenant. For more detailed information, see Manage enterprises.

To create a basic customer enterprise do these steps:

...

Go to Users

...

At the bottom of the Enterprises list, click the + add button to add an enterprise

...

On the General tab

...

Enter the customer Name

...

As the Default scope, set the tenant scope that will define the tenant hierarchy

• The platform will automatically add this enterprise to the scope. Note that if you change the default scope of an enteprise, the platform will not remove the enterprise from its previous scope.

...

provision tenants:

• We recommend that you provision infrastructure. See Infrastructure provisioning guide

• Optionally, create base pricing models. See Create a new pricing model

...

Provision tenants

These are the basic steps to provision tenants in Abiquo.

Create user roles

Create user roles from the default roles. You may need a standard user, a tenant administrator, and optionally, a reseller administrator. Reference: Manage roles

1. Go to Users → Roles

2. Click the duplicate clone button and click the pencil edit button, OR click the +add button

3. Enter the Name of the role

4. To create a global role for all enterprises, select Make this role global

5. Optionally, to create a list of network addresses from which users with this role can access the platform, enter Allowed CIDRs.

6. Enter the corresponding External roles, e.g. LDAP group, for the user. This is required in external authentication modes (openid, ldap).
   A user's external roles must map to a single role (local or global).
   You can also set external scopes.

   • Examples of external roles for LDAP:

     • ldap_group_01

     • ldap_group_02

   • Example for OpenID:

     • id=admins,ou=group,o=qa,ou=services,dc=openam,dc=forgerock,dc=org

...

...

Modify the privileges of user roles

1. Select the role

2. In the Privileges pane, select or deselect the privileges 

   • To add or remove groups of privileges, click the All privileges checkbox beside the group name

   • You cannot “undo” a set of changes, but you can discard your changes

3. To save the changes, click Save

   •  The platform will discard your changes if you do an action outside of the Privileges pane, for example, clicking on a another role name

   • For troubleshooting information, see https://abiquo.atlassian.net/wiki/spaces/doc/pages/311370787/Manage+roles#Modify-the-privileges-of-a-role

...

Create scopes

Create a scope for each tenant, so that each user can only access their own tenant and its resources.
Reference: Manage scopes#Introduction to user scopes

1. Go to Users → Scopes

2. At the bottom of the Scopes list, click +add

3. On the General info tab, select a parent scope, for example, the Global scope or a reseller scope

   Image Added

4. In the Datacenters list, select the appropriate locations (datacenters and public cloud regions) where the users will work

   Image Added

...

Create tenant enterprises

Create the tenant enterprise for the scope

1. Go to Users and at the bottom of the Enterprises list, click the + add button

2. On the General tab, for the Default scope select the tenant's scope.
   Abiquo will automatically add the enterprise to its Default scope

3. Optionally, if the enterprise represents the tenant headquarters or similar, select Key node

...

1. Image Added

2. Go to Allocation limits and set resource usage limits for the enterprise

...

1. . Reference: https://abiquo.atlassian.net/wiki/spaces/doc/pages/311370845/Manage+enterprises#Set-allocation-limits-for-a-tenant

   Image Added

2. On the Datacenters tab

...

1. ,

...

1. to

...

1. allow the tenant's users to work in

...

1. locations, drag providers, datacenters, or regions into Allowed datacenters

   Image Added

2. To configure the tenant in each allowed

...

1. datacenter or public cloud region, see Configure an enterprise in a cloud location

2. Optionally, add Credentials for public cloud. See Add credentials for public cloud

3. On the Properties tab, for each tenant metadata property, enter a Key and Value, and click Add.
   See Enterprise properties general table and Display cloud provider billing data
   

...

Optionally, add credentials for public cloud. See Add credentials for public cloud

...

1. To inject the tenant details into VM metadata, see https://abiquo.atlassian.net/wiki/spaces/doc/pages/327581812/Manage+enterprise+credentials+and+properties#Inject-enterprise-properties-as-VM-variables

2. Optionally, on the Pricing tab, select a pricing model

3. Click Save.
   The platform will create the enterprise and filter to display

...

1. this enterprise ONLY. 
   

...

1. To display other enterprises, click the

...

1. x beside the enterprise

...

1. Name in the filter box at the top of the Enterprises list.

...

...

Create

...

tenant administrators

See Create a new pricing model  

Assign a pricing model to the tenant

...

Create a tenant administrator user

...

Provision networks

To create private cloud infrastructure networks, see Network provisioning guide.

Create virtual datacenters

The platform administrator will generally create virtual datacenters for tenants when accounting is by virtual datacenter. 

See Manage virtual datacenters

You can automate the process of creating virtual datacenters using the Abiquo API. See How to create virtual datacenters and VMs via API

Import and capture VMs

tenant administrator user

1. Go to Users → Users

2. If the tenant enterprise is not selected, select it

3. At the bottom of the Users tab, click + add

4. For the Full name, enter the user’s first name and family name

5. For the Role: select ENTERPRISE_ADMIN or similar

6. For the Scope, select the user’s enterprise scope

7. For the Username,enter the name that the user will log in with, which will display in the system

8. For the E-mail, enter the address of the user for platform messages, including password reset. The platform will display the Gravatar icon associated with this address as the user icon

   Image Added

9. For Phone number, enter the mobile cell phone number of the user to receive SMS messages if you use this option for two factor authentication

10. Go to Advanced and enter the user’s Public key, which is required for SSH access

11. Optionally, enter Allowed CIDRs from which the user can access the platform

12. We recommend that you select Reset password on next login

13. Optionally, deselect Activated to prevent the user from logging in until this option is selected

    Image Added

    Replace screenshot as enterprise administrator has No VDC restriction, so Limit access to VDCs will not display for this user

...

Next steps

1. Provision cloud infrastructure networks. See Network provisioning guide

2. Create virtual datacenters. See Manage virtual datacenters

3. Import and capture VMs. See Import and capture virtual machines

4. Configure

...

1. additional VDC services, such as Backup as a

...

Abiquo offers optional backup plugins that support popular backup systems such as Veeam and Networker. These plugins require separate licenses. For information about configuring these plugins, see Abiquo backup plugins. After the plugins are configured, you can manage Abiquo backups in Infrastructure view on the Backup policies tab. See Backup.

Your cloud users can then configure backups for their VMs. See VM backups.

Provision tenants with the API

...

1. Service - see Abiquo backup plugins and Backup

2. Create cloud users. This is similar to creating a tenant administrator user, but

   1. For the Role, select a standard cloud USER role

   2. Optionally, go to Limit access to VDCs, select the VDCs that the user can access

...

API how-tos

• Create tenants via API

• How to create virtual datacenters and VMs via API