First steps in the Home at Cloud Public Cloud

The description of the Public Cloud service

The Home at Cloud brand offers not only classical data centre services but also those based on virtual machines. Amongst them is the VPS, which is designed for running one or just a few servers, which should be running non-stop. The Public Cloud / IaaS / Virtual Data Centre service offers greater flexibility and allows the user full control over the resources of his/her Virtual Data Centre. This walkthrough should show that higher flexibility does not mean insurmountable complexity. Anyone can create a test server in the cloud in ten minutes. And there is quite a short path from a test server to exploiting the full potential of the IaaS platform.

Ordering the Public Cloud service

We will start by ordering the Public Cloud service in the Home at Cloud portal.

The Public Cloud service detail – ordering the service

The system will prompt us to enter login credentials (or to register new ones in case we do not have them yet).

Ordering the Public Cloud Service – logging ing

After logging in, the system will present us with an order summary. The cloud is payable only through a credit card. The billing is pay-as-you-go and is done weekly. The payment of 1 CZK is refundable and serves to validate the credit card number.

Ordering the Public Cloud service – order summary

The provider of the Home at Cloud service does not have access to your credit card number. All card-related operations are handled by a secure banking institution.

Ordering the Public Cloud service – making the entry fee payment via payment gateway

After the payment is processed, we can see that Public Cloud is amongst our ordered services.

The ordered services overview in the Home at Cloud portal

After clicking on the service we get its details. On this page, we will find, amongst other information, the record of resources consumed in the cloud measured every day. However, on a freshly created account, it will be empty.

The detail of the ordered Public Cloud service

The OpenStack control panel – Horizon

Right now, we will make use of the information about the username for OpenStack (from the e-mail confirming the establishing of the service) and of the link to its control panel Horizon. The password for the username should have arrived in our e-mail inbox by now along with an invoice for the 1 CZK activation payment.

The OpenStack control panel Horizon login form

The first thing we see is a summary screen of our quota and usage thereof.

OpenStack – the dashboard

Let’s have a look at the resources we already have in our account. Click Network and then Network Topology.

OpenStack – network and network topology

We can see that we already have a virtual network pre-created. This network is private and visible just in our project. It is connected through a virtual router to an external network, from which public IP addresses can be allocated. There is also one network where IPv6 addresses are directly available. This network is shared with other users’ projects. Let’s go back to the Compute tab and the Access and Security menu.

OpenStack – access and security

On the first tab, Security Groups, there are firewall configurations which can be attached to our virtual machines. Let’s have a look at the only existing entry.

The default configuration allows any traffic to leave the instances but only allows ICMP and SSH into them. Don’t forget about this when you install new services into your VMs!

OpenStack – the default security group settings

Right on the next tab from Access and Security, that is Key Pairs, we can see a list of the public keys used to log into the instances.

OpenStack – the list of the public keys

We can import existing keys, but right now we’ll let the cloud generate one for us. The only parameter that needs to be filled in is the key pair name. After we press Generate, the system will download the private part to our computer and save the public one in the cloud.

OpenStack – generating the key pair

Creating the virtual machine instance

One more thing that is available in a new cloud account is a catalog of operating system images under the menu Compute, submenu Images. Here we see all the images from the VPS service and maybe some more. Let’s select a basic image with a Linux distribution, e.g. linux_debian and press Launch Instance.

OpenStack – choosing the image for the VM launch

The system will present us with a dialog where we have to type a name of our new instance and select some important parameters. The first of them is the Flavor, which determines the size of the VM created. The smallest, b1.micro will be sufficient. The second important choice here is the Boot Source, which selects the storage type for the system disk of the instance.

Boot from image is the basic option which downloads the image to a compute node where it will run. The SAS disks of the compute nodes are cheap and don’t have guaranteed speed and although the cloud is built on quality hardware, neither the durability of this storage is guaranteed. It is useful for instances, which do not hold important data and can be quickly recreated at any time.

The second most important option is Boot from image (creates a new volume), which downloads the image to the highly performant and highly durable SAN array. You can also specify any size you want and ignore the constraints of the Flavors. This should be used for singleton instances, and e.g. for migration of physical machines to the cloud. Instance and volume storage can, of course, be combined. In that case, start the instance using the basic option and attach an empty Volume later.

OpenStack – the launch instance dialog – basic settings

On the next tab of the new instance dialog, we can choose a Key pair and Security group to launch the new instance in. Because we only have one choice from each, we don’t need to set anything here.

OpenStack – the launch instance dialog – access and security settings

The Networking tab allows the selection of networks which should be attached to the new VMs virtual network interfaces. It is possible to choose either our private IPv4 network or both that and the public IPv6 network. Please don’t choose only the IPv6 network for new instances because in that case, the instance will not get the SSH key and you will not be able to log in. (This is a limitation of the OpenStack metadata service.)

OpenStack – the launch instance dialog – network settings

The second tab from the right allows passing some data to the newly created instance. All the provided images contain the cloud-init package, which expects a structured file beginning with the #cloud-config mark. Using this file, one can define actions such as adding a user, installing a package, mounting a disk, writing a file, running a script, powering off after finishing all actions, etc. The documentation can be found at this address.

All the images can also interpret a script beginning with the interpreter specification, such as #!/bin/bash. It is possible to skip the introduction screens of Turnkey GNU/Linux images using the Preseeding mechanism, which entails writing the necessary parameters to a file before the user logs in. The documentation can be found at this address.

OpenStack – the launch instance dialog – pos-creation settings

For now, we just want to run a test instance, so we leave this tab empty. Once we press the Launch button, we should see the new instance in the Spawning state. In a few tens of seconds, it should become Active.

OpenStack – the popup confirming that the VM instance was created and launched successfully

To connect to the new instance from our computer using IPv4, we need to assign it a public address. In OpenStack, this is done using the Floating IP mechanism. We choose Associate Floating IP from the menu on the right in the instance list.

OpenStack – overview of the VM instances available

The Floating IPs can float between different instances or even be unassigned. They are retained as long as they are assigned to the Project. We have no Floating IPs in the Project yet, so we press the + button to allocate one.

OpenStack – the associate Floating IP dialog

Now we can confirm the dialog and thus associate the address with our instance. (In case you have connected the instance also to the IPv6 network, take care not to select its IPv6 interface as the target. OpenStack does not support NAT (Network Address Translation) with IPv6).

OpenStack – popup confirming that the Floating IP was associated successfully

Connecting to the VM instance using SSH

Linux, MacOS

For Linux or MacOS users, connecting to the instance is very easy. You can open a terminal and connect to your instance using SSH. Take care to give strict permissions to the private key file or OpenSSH will refuse to read the key. Then, use the –i switch of the ssh command to specify the key file and don’t forget to use the correct username for the operating system you have chosen (in this case, debian). Use root when in doubt.

Connecting to the VM instance over the SSH via the terminal

Windows

Windows users will probably make use of the popular PuTTY terminal emulator. It will be necessary to download at least the PuTTY and PuTTYgen programs.

Downloading PuTTY and PuTTYgen

PuTTYgen will be needed to convert the private key file to the PuTTY-specific format. First, we’ll Import the key downloaded from OpenStack.

PuTTYgen – importing the key downloaded form the OpenStack

And then we’ll save the key in PuTTY format.

PuTTYgen – saving the key in PuTTY-specific format

It the PuTTY program itself, we need to fill in the server address on the main page.

PuTTY – connection configuration – server address

And specify the private key file on the Connection tab, submenu SSH, Auth page.

PuTTY – connection configuration – choosing the private key

After pressing Connect, the system will ask us whether we trust the key of the remote server.

PuTTY – connection – asking whether to trust to the remote host

And next, what user we want to connect as. Notice that when you choose root, the images will not let you in but will tell you what username is correct.

PuTTY – connection – the system response when trying to login as root

On the second try, we are in and can do whatever we please, including switching to the root user using sudo.

PuTTY – connection – successful connection to the VM instance

Terminating the VM instance

After we finish playing around, we should terminate the instance so that we do not pay for an empty server which we can start again at any time.

OpenStack – irreversible termination fo the VM instance

And we should not forget to got to the Compute menu, Access and Security tab to release the Floating IP, because that’s billable as well. However, once you release it, you will not get back the same one, but rather a random address every time.

OpenStack – relelasing the Floating IP