This section describes how to manage your tenant's cloud resources in the multi-cloud platform.
The Cloud tenant admin guide describes the main administrative tasks of the enterprise administrator.
Manage your users
Manage templates
Manage virtual datacenter resources
Manage VM backups
Manage VM snapshots
Administer VMs
Manage VApp specs
Manage VM workflows
For details of how to work with virtual appliances and VMs, see the Cloud tenant user guide.
For details of how to work with networks, firewalls, and load balancers, see the Cloud tenant network guide.
Manage users
Display users for tenant admin
To display users in card view, select the card view tab from the view selectors in the top right-hand corner.
Create a user
Suspend or enable a user account
If you need to stop a user from working with or logging in to the platform on a temporary basis, you can suspend the user account. To suspend a user account: Go to Users Select a user Click the pencil edit button. The user dialog will open Go to Advanced, and unselect the Activated checkbox The platform will suspend the account. When a user account is suspended, the platform will log the user out immediately. Be careful not to disable your own account! Fortunately, the main cloud administrator account cannot be disabled. To enable the user account again, select the Activated checkbox. If the user makes too many failed login attempts, the platform will automatically suspend their account for the account lock duration or until it is enabled by an administrator.
Manually reset a user password
If a user cannot automatically reset their password or if the user account is locked for too many password attempts, you can manually reset the password and unlock the account. To manually reset a user password: Open the Users view and select the user Click the Edit button at the top-right of the Users page. The user form will open. Enter the new password Recommended: go to Advanced and select the checkbox to Reset password on next login If the user account is locked and you wish to unlock it, go to Advanced, and select the Activated option Click Save. If the user is currently logged in, they will be automatically logged out when you save a new password, The user password will be reset. Notify the user of their new password.
Manage users with the API
For the Abiquo API documentation of this feature, see Abiquo API Resources and the page for this resource UsersResource. See also: How to create a tenant via API
Search for users and filter users
To search for users and filter users to display only those with specific text in the user details:
Go to Users view → Users
In the filter box on the right-hand side, enter a text string to search for which can include wildcards.
For more details about how the platform's search works, see Search for VMs and filter the search
Display users by status
In list view, the user status a colored icon in the Activated column: Green dot for active accounts Red dot for suspended accounts Red padlock symbol for accounts suspended automatically after too many failed login attempts To filter groups of users, click on the pages to display the following: All users on the All page Active users on the Activated page Suspended users on the Suspended page
Delete a user
To delete a user: Select the user account and click the trash bin delete button Confirm the delete Abiquo will delete the user account but the user's VMs and other resources will remain in the cloud platform and users in the same enterprise with the appropriate permissions can work with them.
Add credentials for public cloud
This page describes how to add credentials for public cloud for your own tenant, with a standard account or as a customer of a reseller.
To add credentials to a different enterprise, go to Users → edit an enterprise → Credentials.
See Add public cloud credentials for a tenant
Your enterprise (cloud tenant) should have its own public cloud account or subscription for each cloud provider, and it cannot share these with any other tenants.
Before you begin, check your provider's documentation and pricing. You will need credentials to access the cloud provider's API. We provide basic guides (see Obtain public cloud credentials) but you should always check with your provider.
Privileges: Manage provider credentials
To add public cloud credentials for your tenant:
In the bottom left corner of the screen, select the User icon, to open the User icon menu
Select Edit credentials
Select Public
Select the Provider. There may be a separate provider for regions requiring different credentials
To add credentials for compute with optional billing and pricing:
Enter the Access key ID:
For AWS, enter the Access key ID
For Azure standard accounts and CSP customers, the format is
subscription-id#app-id#tenant-id
For GCP the format is
project_id#client_id#client_email#private_key_id
For OCI the format is
tenancy#user#fingerprint
Secret access key: this may be an API key, App secret key, API credential, App password, etc.
Optionally, for Amazon, GCP, or OCI billing, select Also use for pricing.
For Azure, to add billing credentials, go to Pricing.
See Add public cloud pricing credentials for a tenant
To add credentials for billing only with no compute access:
For a standard AWS customer account, do the steps at Add a customer AWS account for billing only
For a customer of an Azure CSP or an Amazon organization do these steps.
Enter the Access key ID as follows:
For Azure, the format is
subscription-id##tenant-id
For AWS, the format is
account-id
For the Secret access key, you can enter a random string
Click Add account. Abiquo will validate your credentials with the cloud provider before saving them.
The platform will display the cloud provider credentials in the Current credentials area.
If a provider does not display in the list, check with your system administrator.
For vCloud Director the administrator must allow your tenant to access a region for it to display in the Provider list
Display prices for your tenant
A tenant administrator with pricing access can display the pricing model for their enterprise. To display the prices for your enterprise: Go to Pricing view Select and edit the pricing model Go to Resource prices and select the cloud locations Click Cancel to close the pricing model
Manage templates
Upload templates from the local filesystem
Add public cloud templates to the catalogue
Create and deploy a VM from a template shortcut
Modify a virtual machine template
Manage virtual datacenter resources
Synchronize VDCs and resources
To update a virtual datacenter and onboard any changes made in the provider, synchronize the virtual datacenter: Go to Virtual datacenters → V. Datacenters list Beside the virtual datacenter Name, click the round arrow Synchronize button To synchronize specific resources such as networks, public IPs, and so on: Go to Virtual datacenters → select the resource tab Click the round arrow Synchronize button for the resource. For more information, see the resource documentation. Screenshot: Synchronize networks
Manage resources that were deleted directly in the cloud provider
When administrators delete resources in the provider, the platform will display the resource name in light gray to indicate that the user cannot work with the resource. The resource types include: External networks Firewalls Classic firewalls Load balancers NAT network NAT IPs To delete these resources (if they are not in use), select the resource and click the delete button.
Delete or release virtual resources in public cloud
The virtual resources that you onboarded or created in public cloud will be grouped with their associated virtual datacenters. Before you begin: If you recently created virtual resources, such as load balancers, synchronize the virtual datacenter to ensure that the platform can find all the dependencies of the virtual datacenter. To delete onboarded resources in public cloud: Delete each virtual datacenter You can choose to delete each virtual datacenter in the platform only, or in the platform and the provider. If you delete in the platform only, the platform will automatically remove VMs, virtual appliances, load balancers, public IPs, and firewalls from the virtual datacenter. It will not delete the firewalls When you delete a virtual datacenter, public IPs that are not attached to VMs will remain in the provider and the synchronization process will delete them Remember to check which is the default VDC in your provider, such as the AWS default VPC, because it may be inconvenient to delete this VPC If the enterprise does not have valid credentials for the public cloud provider, when you delete public cloud entities in the platform, they will continue to exist in the public cloud provider
Manage VM backups
Configure a VM backup
Restore a VM backup
View backup events
Manage VM snapshots
Introduction to VM snapshots
Take a snapshot of a VM
Revert to a snapshot
Delete a snapshot
Replace the current snapshot
Display snapshots on the dashboard
Administer VMs
Protect a VM
Display VM initial password
You can select the option to generate an initial guest password when you create a VM. Then when you deploy the VM, the platform will generate a random password and send it to you by email or SMS. After you deploy, you should log in as the root or administrator user and change the initial password.
The owner of the VM and administrators with the privilege to Display initial virtual machine password can also retrieve the guest password from the deployed VM.
To display the initial VM password:
Select the VM
On the control panel, click the key display initial guest password button
Reset VM password
Save configurations as blueprint specs
Introduction to virtual appliance specifications
The virtual appliance specifications (VApp specs) feature lets administrators save complex configurations and present them to users for simple, self-service deployment in their virtual datacenters.
Specs are similar to blueprints because the platform uses them to define the configurations to recreate. Administrators select the locations where users can work with each spec, including datacenters and public cloud regions, such as AWS and Azure ARM.
With specs, you can save the configuration of virtual appliances including VMs, storage, networks, monitoring, Chef, firewalls, and load balancers. The limitations of specs are as follows: Specs do not store data from VM disks; they use template disks only Specs do not support external networks and NICs or unmanaged networks and NICs In vCloud, specs have basic support for external networks Specs do not support scaling groups Users should also be aware of differences in features between private and public cloud environments.
When users create a new virtual appliance based on a spec (also referred to as to "materialize" a spec), the platform will automatically use existing virtual resources or create new ones for this virtual appliance.
Save a VApp configuration as a blueprint spec
What do virtual appliance specs save and create
Element | Save in Spec | Create in VApp from saved configuration |
---|---|---|
VMs | General information: hardware profiles, CPU, RAM, remote access and description | Same. If a matching hardware profile is not found, the platform will activate or create one, or the user can select another available hardware profile |
Anti-affinity layers | VMs in layers | Same |
Scaling groups | Scaling groups are not supported |
|
VM templates | Template name is saved | The system matches the spec template name against the catalogue template name. The user selects from a list of templates with names that contain the spec template name. The match is done with an SQL %LIKE% command from the spec to the template, so spec template "m0n0" will match with "m0n0" and "m0n0wall" in the Catalogue. But spec template "m0n0wall" will not match with "m0n0" in the catalogue |
Template auxiliary hard disks | Template system disks and other datastore hard disks and their tiers are saved | The platform will create template disks in order as in the template with no gaps in the sequence. Then empty additional hard drives and volumes will be added in the same order as in the base virtual appliance. The platform will search for datastore tiers by name, as for templates |
Persistent VMs | Persistent VMs are not supported. (Use a VM from an instance of the persistent VM) |
|
Private network, Private IPs | Save private network characteristics: network address and mask only. Save private IPs | The materialize process will present the addresses of the spec private networks. Abiquo will display matching networks in the virtual datacenter in green text, and ones that are not present in red text. Abiquo will display the number of private IPs to use in each network. The user can choose to change any private network, even if it matches the spec network. The user can choose to create a new network (specifying the IP address, mask and gateway), or replace the network with an existing VDC network. |
Network gateways | Abiquo will determine if a NIC has a gateway IP address and save this information in the spec |
|
Public network | Number of public IPs is saved | The materialize process will try to use public IPs that were already purchased by the enterprise. These public IPs will be momentarily quarantined during the materialization process. If not, the materialize process will purchase new public IPs. The public networks will be used in the order returned by the API. In public cloud, the platform will use floating IPs |
External IPs | Not supported, except for basic support in VCD | If you create a spec containing an external IP, the materialize process will fail because the external IP is unsupported. In vCloud, specs have basic support for external networks. The validation process will list the network, and you can select it and then continue with the process. |
Unmanaged IPs | Not supported | If you create a spec containing an unmanaged IP, the materialize process will fail because the unmanaged IP is unsupported. |
Volume (data) | Data on external storage volumes is not included. To use data on a volume, create an instance to save it to a template disk |
|
Volume (specifications) | The specifications, disk controller types, and tiers of the volumes are saved in private cloud |
|
Hard disk (data) | Data on hard disks attached to the VM is not included. To use data on a hard disk, create an instance to save it to the template | Empty hard disks with the same specifications as the attached hard disks are created. Empty disks are named Empty disk-UUID |
Hard disk (specifications) | The specifications, disk controller types and tiers of the hard disks are saved in private cloud |
|
Backup configuration | Configured backups are stored in private cloud | Backups are configured |
Firewalls | Firewalls attached to VMs or load balancers are saved |
|
Load balancers | Load balancers attached to VMs are saved, including health checks and so on |
|
Monitoring (status) |
|
|
Alarms and Alerts | Alarms and alerts are saved | The materialize process creates all existing alarms and alerts, regardless of the existence of their corresponding metrics |
VM variables | VM variables are saved |
|
Chef | Chef status, runlist and attributes are stored |
|
VM bootstrap script | The VM startup script is saved |
|
Manage VApp specs in the user interface
Users work with spec blueprints in different parts of the UI.
To create VApp specs, go to Virtual datacenters → Virtual appliances, open a VApp and save it as a spec
To create a version of a spec, log in to the owner enterprise (that created the spec). Then go to Virtual datacenters and open a virtual appliance created from the spec and save changes as a new version
To create a virtual appliance based on a spec, go to Virtual datacenters → V. Appliances list → select Create virtual appliance based on spec.
To edit or delete specs, and manage spec versions, go to the owner enterprise → Catalogue→ Virtual appliance specs.