Abiquo quick walkthrough of public cloud

This walkthrough:

• Adds a public cloud region to the platform and imports templates into the Catalogue

• Describes how to create a virtual datacenter and configure and deploy a Linux VM in public cloud

This walkthrough assumes that:

1. You have access to the Abiquo platform

2. You have a public cloud account for Amazon and/or Azure and/or GCP and/or OCI with API credentials. See:

   1. Obtain AWS credentials

   2. Obtain Azure ARM credentials or Obtain Azure ARM pricing credentials for CSP (for partner accounts)

   3. Obtain Google Cloud Platform credentials

   4. Obtain OCI credentials

The examples in this walkthrough generally use Amazon and a Linux VM.

Log In

Log in as Cloud Administrator using the default account with the following data:

• Username: admin

• Password: (Your demo password supplied by Customer Service)

Configure your user account

To configure a user for public cloud:

1. Click the user icon button in the bottom left corner of the screen to open the menu and select Edit user

   Open

   

   User icon menu

2. OR go to Users view → Users → select and edit a user

3. Add an Email address and Phone number to receive notifications from the platform

4. To be able to connect to your VMs in public cloud, go to Advanced and add an SSH public key

   • For more details see How to work with SSH keys

Create a public cloud region

The cloud administrator creates public cloud regions to configure public cloud providers for users.

1. Open Infrastructure View by clicking the servers icon at the top of the main menu

2. Go to Public

3. Click the + add button at the bottom of the Public cloud regions list

4. Enter the Name of your public cloud region

5. Select the Provider

6. Select the Region to add. You can add more than one region, and the platform will add a suffix to the region name

   Open

   

   Create a public cloud region

7. Click Next

8. Select the Remote services. Abiquo uses Remote services to connect to the providers and manage the cloud.

   • In the first IP address box, click the down arrow and select the Remote service URL from the pull-down list

   • Then click the link to Duplicate IP addresses at the top of the popup

9. Click Check all to check the connection to the remote services

10. Click Save

Optionally, allow other tenants to use a public cloud region

The tenant that creates a public cloud region can automatically use it. If you are working in the same tenant that you created the public cloud region with, then you can skip this step. For all other tenants, you must allow them access.

1. Open the Users view by clicking the users icon

2. From the Enterprises list, select the tenant to allow access. Or create a new tenant, entering the Name and selecting Global scope.

   • Tip: When you are creating or editing an enterprise, you can restrict the tenant's resources with Allocation limits!

3. At the bottom of the Enterprises list, click the pencil edit button.

4. To allow users to deploy in the public cloud region, enable the region datacenter for the enterprise. Go to Datacenters, select the public cloud region, and drag it to the Allowed datacenters list.

    

   Note: You don't need to save the tenant yet, because in the next step you will also change the tenant.

Add tenant credentials for the public cloud provider

Each cloud tenant will require their own set of public cloud credentials. Note that you can also register your tenants as the customer of a cloud reseller that is using the platform.

1. Go to Users and edit the tenant enterprise

2. Go to Credentials

3. Select the Provider

4. Enter the Access key and the Secret access key. For more details, see Obtain AWS credentials and Obtain Azure ARM credentials.

5. Click Add account

6. When you have entered all cloud provider credentials, click Save

The tenant's account will be added for the provider and displayed in the public cloud view of the Infrastructure tab.

Add VM templates to the catalogue in public cloud

The Catalogue stores VM templates so that users can easily create VMs from them. In public cloud, the platform stores VM template details and then deploys from the public cloud templates. The catalogue templates are available to users in their virtual datacenters.

1. Open the Catalgue view by clicking the Catalogue icon

2. Go to Public

3. Select the public cloud region

4. Click the import template button

5. Enter the ID of a template to import, or a Name text, for example "Linux" because we recommend that you use a Linux template. In Azure, optionally filter by template providers, for example, use the Canonical provider and search for an "ubuntu" template.

   • Tip: In Amazon in the EC2 console, you can easily find a few basic templates with IDs in the launch wizard!

6. Click Search

7. Select a Template to import and click the import symbol beside the template

The imported templates will be added to the Catalogue. Note that you may not be able to accept an end-user license agreement outside of the public cloud interface, so for example, to deploy an AMI from the Amazon Marketplace, you will need to accept the EULA in AWS before you can deploy in Abiquo.

Edit the VM templates to add a password

In Azure and OCI create a resource group

Create a global network in Google Cloud Platform

To be able to deploy a VM in the Google Cloud Platform (GCP), you must add an IP in a subnet of a global network, and this means that each virtual datacenter must have a subnet.

To create a global network in GCP:

1. Go to myCloud virtual datacenters view

2. Click the globe Global section button

   From this section, you can onboard or synchronize the Global networks in a selected region, and their subnets.

3. Select Google Cloud Platform

4. On the Global networks page, click the + add button  and complete the dialog

   1. For Routing mode, select REGIONAL or GLOBAL. For GCP documentation, see https://cloud.google.com/network-connectivity/docs/router/concepts/overview#priority-and-dynamic-routing

   2. To automatically create subnets in all regions of Google Cloud Platform, select Automatic subnet creation. This option is recommended for test environments only. The subnets will have an address in CIDR notation of 10.172.0.0/20

Create a virtual datacenter in public cloud

Virtual datacenters contain the virtual resources for providing the cloud service. From here users can create VMs in virtual appliances and the Abiquo platform will deploy them to the infrastructure. Within virtual datacenters, users can manage their VMs, networks, storage, and more.

1. Open the Virtual datacenters view by clicking the cloud icon

2. Click the + add button at the top of the Virtual Datacenters list and select Create virtual datacenter

3. Enter a Name, and select the Public cloud region

4. If required, select a resource group

In Google Cloud assign a subnet to the virtual datacenter

1. Go to myCloud virtual datacenters view → Global

2. Select the Google provider

3. Select a global network

4. Go to the Subnets page, click the + add button, and complete the dialog

    

   1. The Location is the public cloud region where the platform will store the subnet's metadata

   2. To use IPs from this subnet in a virtual datacenter, select the virtual datacenter.
       In order to deploy a VM, you must have at least one subnet assigned to your virtual datacenter

   3. Select the Purpose:

      1. Private: for private networks

      2. Internal HTTPS loadbalancer: for internal load balancers

      3. Private service connect: for access to Google Cloud services through a private network

      4. Regional managed proxy: for internal and regional external load balancers.

   4. Select Enable flow logs to sample network traffic and store it in cloud provider logs

   5. Select Private services access to enable your VMs to connect with provider or third party networks with services through subnet addresses

   6. Select Default virtual datacenter subnet to enable users to deploy VMs with automatically assigned IP addresses

5. Click Save

Create a virtual appliance in public cloud

A virtual appliance is a container for a group of VMs running in a virtual datacenter. It is like a folder that can contain a related set of VMs that are used to provide a service. For example, a web stack. At the virtual appliance level, you can deploy these VMs together, view their performance statistics, create anti-affinity layers for VM high availability, and so on.

To manage a new group of VMs, create a virtual appliance:

1. Select the Virtual datacenter in public cloud

2. In the Virtual Appliances pane, click the + add button and enter the Name of the virtual appliance then click Save.

The virtual appliance you create will display in the Virtual Appliances list. For more details, see Manage Virtual Appliances .

Add VM templates to create VMs in public cloud

The list of available and compatible templates displays in the dialog when you create a VM in your virtual appliance.

1. Click Open under the Virtual appliance name to go into your virtual appliance

2. To create a VM, click Create virtual machine and select a VM template

3. For the Name, enter a user-friendly name for the VM that meets provider criteria, then click Save

4. For each template, select an appropriate Hardware profile. You can enter a text string to search for specific profiles.

Configure the VM network connections

If you would like to connect to a VM in public cloud, you will need to add a public IP address, as well as a private IP address in a public subnet (in AWS and OCI). If you don't configure the network, by default Abiquo will add a private IP address only and you probably won't be able to connect to your VM.

1. On the VM icon from the options menu, select Edit

2. Click Network → select Private networks. Select a Private network.
   In Amazon select subnet-xxxx, which is the public subnet. In OCI, also select a public subnet, which has an internet gateway. In GCP, select the subnet of the global network.

3. Drag the Auto-generated IP label into the NICs pane.

4. Click Network → Public → Purchase public IP

5. Then on the Purchase public IPs popup, click the + add button

6. Select an IP address and click Add

7. Drag the public IP into the NICs pane

Configure the VM firewall for public cloud

To connect to a VM in public cloud, create a firewall to allow access. Because this VM will only be active for a very short time, we will use basic default settings.

• For a Linux VM, use an SSH connection to port 22.

• For a Windows VM, use a standard RDP connection to port 3389

Create a firewall in AWS, Azure, or OCI

1. Go to Virtual datacenters → Networks → Firewalls

2. Click the + add button to create a firewall for connections and enter the Name, and select the Location and Virtual datacenter

    

3. Edit the Firewall rules and select Inbound, then from Common protocols, select SSH for a Linux VM or RDP for a Windows VM. Or for convenience, you could allow both in a test system

4. In this example, we allowed connections, but you should allow only incoming connections from your IP address.

5. Click Add, then click Save.

    

   Note that AWS will not allow you to create duplicate firewall rules.

Create a firewall policy in GCP

Assign a firewall to a VM

To assign a firewall to a VM do these steps.

1. Go to Virtual appliances

2. Go to a virtual appliance and click on Open 

3. Edit the VM

4. Go to Networks → Firewall

5. Select the firewall you created and click Save. Note that the provider may limit the number of firewall policies that you can apply to a VM

Deploy the virtual appliance in public cloud

Click the Deploy virtual appliance button to deploy the virtual appliance.

The platform will deploy all the VMs and power them on. You can select the VMs and manage them with the control buttons in the lower right corner of the screen.

Now you can relax and give your VM some time to start up.

Connect to your VM

You can connect using SSH or RDP or another appropriate method.

1. Go to Virtual datacenters and open the Virtual appliance

2. Select the VM

3. To obtain the default username and password, go the General tab of the VM control panel and click Default credentials

4. To open the connection, click the console icon

5. A console should open to allow you to log in to your VM. The platform will automatically complete the Username

   • For Windows VMs on Azure, enter the Password

   • For all Linux VMs and for Windows VMs on AWS, enter the SSH private key (also called the Decryption key)

If you cannot connect due to an unsecured certificate error, open a new tab in the same browser, enter the host IP of the VM, and accept the certificate.