Previous page: Virtual Appliances and Virtual Machines
Return to Get Started
This walkthrough describes administrator actions to create hybrid and public cloud environments in Abiquo.
Customers wish to offer convenient public cloud services with the same easy user interface. In addition to local data centers, Abiquo can manage public cloud resources. To perform this walkthrough, the user must be logged into Abiquo as the Cloud Operator and have network access to the public cloud providers. Each tenant will require their own set of public cloud credentials. To manage public cloud, Abiquo creates public cloud regions, which are similar to data centers, for public cloud providers, and clouds managed by platforms such as OpenStack and vCloud Director.
Click here to show/hide the task: Create a public cloud region
Note: For OpenStack and vCloud Director, you must enter public cloud credentials in order to retrieve the public cloud regions (for example, in vCloud this is equivalent to a Provider or Org VDC).
- Create a new public cloud region from the + button in Infrastructure view.
- Enter the name for the region, select the public cloud provider and mark the checkboxes for the region(s) you wish to use. Click next.
- Enter the first digits of the IP address of the monolithic Abiquo server, select it from the dropdown list and click Duplicate IP addresses to copy remote service location, ports, and components
- Click the "Accept" button to use this remote services configuration for the datacenter.
Abiquo creates new public cloud region(s) with all available resources managed by Abiquo. New public cloud regions are named first with the name that the user enters, and then with this name and a suffix of _1, _2, for example, AWS, AWS_1, AWS_2, and so on.
To work with public cloud, each tenant requires a set of credentials for working with the cloud provider API. The cloud administrator can edit an enterprise to enter the credentials. Or a tenant administrator can enter the credentials for their own enterprise, if they have the appropriate privileges. Abiquo offers some basic guides on how to Obtain public cloud credentials.
Click here to show/hide the task: Add public cloud credentials for a tenant
To add credentials for the current enterprise:
- In the bottom left-hand corner of the screen, click on the user icon.
- From the menu, select Edit credentials
- Select the cloud provider
- Enter the Access key ID and the Secret access key
- Click Add account
- Click Close
The credentials will be added to the tenant's account
In a similar way that you can capture VMs from hypervisors in private cloud, the cloud operator or tenant administrator can acquire the existing virtual infrastructure so that it can be managed by Abiquo.
Abiquo will import the following (as supported by the provider):
- virtual datacenters
- virtual datacenter networks
- public IPs
- firewalls
- load balancers
- VMs
- templates used to create VMs, with templates that are not available marked appropriately
If the provider does not support virtual datacenters, Abiquo may create logical virtual datacenters to organize the virtual resources.
Click here to show/hide the task: Onboard from public cloud
- Go to Virtual datacenters view. Click the + Add button and select Synchronize from public cloud.
- Select the public cloud region
- Select the virtual datacenter to synchronize from the list
- Abiquo will import this virtual infrastructure from the provider. Note that Abiquo will detect network configuration but it will not enforce a standard configuration.
Imported virtual infrastructure is now managed by Abiquo and is available to virtual datacenter users. Changes made directly in the provider can be updated in Abiquo by clicking the synchronize button beside the virtual datacenter name in the VDC list.
As in private cloud, tenant administrators can define allocation limits to restrict resources available to cloud users in the virtual datacenter in public cloud. These allocation limits complement the limits set by cloud operators for the tenant.
Click here to show/hide the task: Set allocation limits for VDC
To restrict virtual resources in public cloud, do these steps:
- When creating or editing the VDC, enter Allocation limits
An allocation limit will be defined for the virtual datacenter. Users should see a popup as they exceed the soft limit and will be prevented from surpassing the hard limit.
Tenant administrators can obtain public IPs from the cloud provider and make them available to users in their enterprises. This functionality is only available in public cloud providers with public IP support, such as AWS. In some providers, such as DigitalOcean, an IP is supplied automatically, and in other providers, such as Azure, the user can choose the IP or work with the automatically supplied one.
Click here to show/hide the task: Obtain public IP addresses
- In the virtual datacenter, go to the network tab and open the Public page. Synchronize public IPs.
- Click the + button and add a public IP. Then click Add to VDC.
The public IP is now ready for adding to a VM. Remember to check how your cloud provider charges for public IPs. For example, they may charge for public IPs when they are not attached to deployed VMs. Remember to release the public IP after you have finished working with it. See Manage Public Cloud Networks
Abiquo tenant administrators can create firewalls (security groups) in public cloud providers that support them, such as AWS.
Click here to show/hide the task: Create firewall policies
- Select the location or the virtual datacenter and click the double-arrow synchronize button in the top right-hand corner of the page
- Click the + button and enter firewall general information
- Click the synchronize button to synchronize firewall rules. You will probably see a default rule to allow all outbound traffic.
- Click the pencil edit button to edit firewall rules. Enter firewall rules, for example, to allow SSH
Firewall policies are created for the virtual datacenter. As always, check your provider documentation for specific information about security group functionality. See Manage Firewalls
Abiquo tenant administrators can create load balancers in public cloud providers that support them, such as Rackspace, or OpenStack with Abiquo OpenStack Neutron integration. Abiquo has a consistent interface for load balancers that incorporates different provider functionality.
Click here to show/hide the task: Create a load balancer
- Select the location or the virtual datacenter and synchronize (or synchronize the individual elements: firewalls (where applicable) and load balancers).
- Click the + button and enter load balancer general information
- Create routing rules
- Enter a health check if required - AWS will automatically create one if you do not enter one
- Assign a firewall if required - Rackspace will automatically allow traffic to the appropriate load balancer ports
- Assign nodes by dragging VMs
- Click Save
A load balancer is created. As always, check you provider documentation for pricing and functionality. For more information about load balancers in Abiquo, see Manage Load Balancers.
The cloud platform can support multiple datacenters and public cloud regions, with different technologies and service levels. The template mobility feature enables VM templates to be exported from datacenters to other datacenters and to public cloud regions. So this walkthrough requires one private cloud datacenter and a public cloud region, and a compatible template, prepared according to provider instructions (see VM Template Mobility). Remember to check that the tenant is allowed to use the private cloud datacenter and the public cloud region.
Click here to show/hide the task: Export a template to public cloud
To export a template to public cloud, do these steps
- Go to the Apps library on the private datacenter templates tab. Select a compatible template and from the options menu, select Export
- Select the provider type (Public or Private) and for public cloud, select the Provider and Region. Click Next
- Select the disk(s). For public cloud, you can only select one system disk
- Click Export to continue. The export may take some time
- Open the Apps library in the new datacenter or public cloud region to check that the template is successfully copied and converted
A compatible VM template was exported (copied) to a public cloud region.