Cloud: Overview

Below you can find instructions on how to access and use the Departmental oStack facility.

Introduction

The oStack is a new facility that provides self-service virtual machines and storage directly to end users within the Department. Virtual machines can be provisioned in seconds, can be easily rebuilt, and have direct console access when required. This is managed easily through a web interface and doesn't require any direct interaction with us.

The system is based on OpenStack. If you've used other cloud-based systems from Amazon, Google, Rackspace, or many others, then this should be familiar to you.

Access

Access is limited and at least in the short term will only be available to senior students and faculty of the Department. If you need access and are not in these groups please contact your academic advisor for approval.

Getting started

Once you have access you will notified via email with the OpenStack interface link to the login page.

Log in to the Dashboard

The Login URL to access the dashboard follows:

http://ostack.in.cs.ucy.ac.cy/

You should fill the fields specifying the Domain of your Project, username, and password (Fig. 1).

The default domain (drop down) for most use cases will be simply “cs.ucy.ac.cy”, and username and password will be your University credentials without the @ucy.ac.cy for authentication.

Here are some things to take note of before you get started:

SSH keys

To log in to virtual machine instances you will need an SSH key pair; passwords are not used (although you're free to set one once you've logged in to the instance for the first time). An SSH key pair consists of two parts - the private part which you retain and keep secure, and the public part which you can provide to other systems such as this one. When logging in to a system the server confirms that you have the matching private key for the public key it has before letting you log in. For convenience you may want to generate the key pair on a system that you can easily access and that can directly access your cloud instances.

You have an option to use and import public key you already have and use generated via your operating system or generate one via Openstack dashboard. If you choose to generate one via Openstack Click “Key Pair”, then click + Create Key Pair from the interface (Fig.2). Your private key will be downloaded from interface as <name>.pem file.

STORE SAFELY and do not loose it, otherwise you are loosing the access to your instances using this key.

On a Linux system, an Apple Mac, or other Unix-like systems such as FreeBSD, you can easily make a key pair by using the ssh-keygen command. The public key, by default, should be in ~/.ssh/id_rsa.pub on the machine you ran ssh-keygen on. The private part is also in ~/.ssh and will be found automatically by the ssh client when needed.

On Windows systems you can use PuTTYgen from the PuTTY package. This performs the same task as ssh-keygen and creates a key pair. The public key part is what you need to provide to OpenStack. However, as above, you may find it easier to use PuTTY to log in to any Linux machine and then generate the key there instead.

Security Group

A security group is a named collection of network access rules (like a firewall) that are use to limit the types of traffic that have access to instances. When you launch an instance, you can assign one or more security groups to it. To start your first instance, if you need to access your instance via ssh you follow the procedure below. Using the same procedure you open port 80 (HTTP) if you install a webserver or any other ports.

Images

All virtual machine instances are launched from images. We've provided a number of cloud images for popular operating systems already. For all the current images the initial username is the lower-cased name of the operating system. For example, for the Ubuntu images the username is ubuntu, for Rocky images the username is rocky etc.

You can also upload your own images. Where possible these should be in RAW format. If they're likely to be of interest to others it might be worth asking us to provide it for everyone instead.

Please note that we are not licensed to run Windows.

Launching your first instance

Once your keypair is created or uploaded head over to the Volumes page to launch your first instance.

Create a volume with image applied

Create a new volume under Volumes menu, pick image as image source and make your selection from the dropdown list of preconfigured images (5). Size is recommended to be 40GB (6) as we are using the full quota given. Choose Create Volume. Wait until the volume is ready and available to proceed to the next step. Make a cup of coffee :-)

When volume is ready and available (may take some minutes) from drop down Choose Launch Instance and proceed to the next steps.

Launch your instance

Here's a quick rundown of what to choose:

STEP1: On the Details page pick a name for your instance. This will also be the internal hostname for the virtual machine.

STEP2: On the Source page select Volume as Root source and pick with the arrow the volume you created earlier. Press the arrow button to the right of the name to select it.

STEP3: The Flavor page gives a choice of different sized instances. Pick a suitable one, probably m1.small for your first instance. Also see the Quota limits section below.

STEP4: Select StudentNet by clicking on the arrow button to the right of the name. You can ignore Network Ports and leave default Security Group to start with.

STEP5: On Key Pair select the key pair that you created previously. If you omit this step make sure you create a KeyPair now otherwise you will not be able to log in to your instance! THIS IS VERY IMPORTANT.
For now you can also ignore the Configuration and Metadata pages.
Hit the Launch Instance button.

After a few moments the instance will be created and booted. The Instances page will provide you with the status of the instance and its IP address. You can log in use an SSH client and the key you created previously. If the instance does not respond immediately, or you can't log in, please give it a minute or two to finish booting. You can watch the progress through the interface and view the console of the machine via console tab.

You are now ready to log in to new instance using the ip Address appear in the interface and using the username of the image you are using and of course using your ssh key.

Note that to access the instance from off-campus you will need to use the VPN. http://its.cs.ucy.ac.cy/index.php/en/services/networks/vpn

Access instance

How to Login to OpenStack Instance with SSH

ssh -i mykey.pem ubuntu@10.16.96.ip-address

How to Login to OpenStack Instance via PuTTY using Key

To login via PuTTY, there’s an extra step to be done.

1. You need to download and launch PuTTY keygen tool.

2. Click on ”Load” button to load your key file (for e.g mykey.pem)

3. Once loaded, you should save private key by clicking “Save private key” button.

4. PuTTY keygen will save the file in .ppk format and that’s the format PuTTY can understand.

5. Launch PuTTY, input username and IP address details.

6. Open your PuTTY client and select Connections – SSH – Auth from the sidebar. After this, click the Browse… button and select your private key file (.ppk file).

7. Next, navigate back to Session section in the sidebar and enter your instance information, including hostname and port. Also, select Never for Close window on exit at the bottom of the PuTTY window. Save connection information by giving it a name to the Saved Sessions field and clicking the Save button. Tip: you can avoid the need to enter your username every time you log in by entering the hostname using format username@hostname.

8. Step 3: Connect to your instance

Quota limits

Projects on OpenStack (of which each user has their own personal one) have limits on CPU, memory, disk usage and more. Once you've used all of the quota that we've assigned to you, you'll no longer be able to launch any instances. Deleting unused instances will free up the resources for you to use. If you need more quota than we've provided please contact us to discuss your requirements.

FAQs

Cannot ping 8.8.8.8

In general you can't ping if you are behind a proxy server. You need a direct network connection on the IP level to do its work. A proxy works on a higher layer of the TCP/IP network model, where there is no direct access to the IP protocol. If you need to ping you can use a web based ping (httping)

Cannot download updates

.....

Error “Unable to use key file” when using PuTTY

When working with a remote access PuTTY client in Windows, an error may occur due to incompatibility of key formats: Unable to use key file (OpenSSH SSH-2 private key (old PEM format)) To eliminate this error, the key must be converted by the PuTTYgen tool. Download the utility through the website, open it, and select the "Conversions" tab in the top panel. In the menu that opens, press "Import key" and select the key. To convert Keys after import, click "Save private key." The key will be saved in a new format (.ppk) with the selected name.

Cannot login to instance. I follow the instructions but i cannot login from web interface. I do not have the password.

To log in to virtual machine instance you will need an SSH key pair; passwords are not used (although you're free to set one once you've logged in to the instance for the first time). Use a console program like Putty to access your instance. Setup to access with the key created previously. See Cloud#SSH_keys for details.

Further reading

Most of the OpenStack documentation is directly applicable to our system. The OpenStack End User Guide is a good place to start to get a better understanding of how to use OpenStack.

• Openstack End User Guide

However, please note that we have only implemented the basic facilities. Therefore the interface is available through http only and some functionalities such as backup are still missing. We aim to provide this when we next upgrade OpenStack.

Questions

If you have an questions or problems please contact us for advice.