How to access the VM from OpenStack console?

Remark: We recommend not using Chrome browser because it responds very slowly while using the OpenStack console. Firefox works well.

  • Select "Your Cloud Environment"

  • Select your authentication method.
  • If you are using sub-account, please select Keystone, and you will be asked for number of your domain, username and password for Horizon Dashboard. 
  • Choose Compute/Instances pane

  • Select desired VM by clicking on its name:

  • Select "Console" pane

  • Enter login: eoconsole in case of Linux (if you are logging in at the first time, you will be asked for setting up new password)

  • In case of Windows choose desired keyboard and country settings, accept license and set up password for Administrator profile

  • You can now perform administrative tasks in the instance.

Generating a SSH keypair in Linux

In order to generate SSH keypair in Linux, we recommend using a command "ssh-keygen".

If system does not see this packet installed, please install the latest updates using command:

sudo apt-get update && apt-get install openssh-client

(for Ubuntu and Debian family),

or

sudo yum install openssh-clients

(for CentOS and Red Hat).

After that, in terminal (in systems with graphic user interface terminal can be acquired by pressing Ctrl + Alt + T) please enter command:

ssh-keygen

(with additional flags:)

    -t rsa \  authentication key type

    -b 4096 \ bit length (greater the value, more complicated key will be, available values: 1024, 2048, 4096; 2048 if not specified )

    -C "user@server" \ name for identification at the end of the file

    -f ~/.ssh/keys/keylocation \ location of folder with ssh keys

    -N passphrase \ passphrase, can be ommited if user prefers connecting without additional key security

Application will ask for name of the key (press Enter for defaults - id_rsa for private and id_rsa.pub for public key) and passphrase (press Enter to ignore).

Next, ssh-keygen will show location, where the keys are saved, fingerprint of keypair and certain semigraphic image as expression of randomness in generating unique key.

To avoid problem with rejecting files due to too open permissions, simply navigate to the folder containing both keys and enter command:

chmod 600 id_rsa && chmod 600 id_rsa.pub

How to connect to your virtual machine via SSH in Linux?

 Two options to assure a succesful connection via ssh:

  • through import the public key
  • through export the public key

 

Import

1. To start off, we have to generate the most essential component to provide a harmless authorization among virtual machine and our personal computer.

Following the first point let’s open terminal and head to directory where we would like to possess our keys stored.

 

cd ~
mkdir keys
cd keys

 

2. Run a ssh-keygen command to create a public and private key.

ssh-keygen -t rsa -f cloud.key

 

Parameters explanation:

-t : provide an information about encryption algorithm

-f:  specify the keyfile name. (If we had left it by default we would have got id_rsa and id_rsa.pub)

 

During the process you will be asked for entering a passphrase.

 

Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): [Enter]
Enter same passphrase again: [Enter]
Your identification has been saved in cloud.key.
Your public key has been saved in cloud.key.pub.
The key fingerprint is:
SHA256:MXp8AyLjtNzIhPs5FYfe7eFo/ECwIzLpLWOBQXHmv/4 [username@machine]

 

Keys files have been created and are placed in ~/keys directory.

Copy the content of the Public key to your clipboard. It will be used in the next part.

 

More about key generations and converting them to Putty Format:

 

 

 

 

3. Log in to your CreoDIAS account and move to Horizon Panel. Have a look at navigation list appeared on the left of your screen. Enroll Project and next enroll nested sublist Compute.

Click on the “Key Pairs”.

 

You should be redirected to your Key Pairs list. We are interested in buttons placed above it.

Choose “Import Key Pair”

 

 

Set Key Pair Name and paste the content of the Public key into the blank field. After that confirm the applied changes.

 

 

4. Create a new virtual machine. During the initialization process remember to include “allow_ping_ssh_rdp” security group and freshly created Key Pair.

 

 

5. Focus on the “Actions” column for your instance and choose “Associate Floating IP”

Attach a floating IP to your private network interface. (It looks such as 192.168.0.x)

 

6. Move to the terminal on your computer. Be sure that you are in the directory where the ssh keys are stored.

 

Type in:

ssh -i cloud.key eouser@[floating ip]


example:


ssh -i cloud.key eouser@185.178.84.31


Are you sure you want to continue connecting (yes/no)? [yes]

 

After all you should be connected to your virtual machine:

eouser@import-vm:~$

 

Export

 

2.1 In the second scenario move to your Key Pairs panel and choose “Create Key Pair” instead.

Name the Key Pair Name and next copy private key to Clipboard.

 

2.2 Create a key file in any text editor:

$vim test.key

Paste the content and safe the changes.

 

2.3 Launch an instance as presented in the first option with included security groups and key pair. Remember to  associate a floating ip to your private network interface.

 

2.4 Change the directory to the test.key localization and type in those commands:

 

chmod 600 test.key
(You may encounter some privileges problems. Apply read and write options only for the user to overcome this setup)


ssh -i test.key eouser@[floating ip]

 

 

As you may realize, it works in the same way.

eouser@import-vm:~$

How to access private object storage using s3cmd or boto3?

Before attempting to perform operations concerning this FAQ, please familarize yourself with:

How to generate ec2 credentials?

 

S3cmd

FAQ for accessing EO DATA:

How to access EO DATA and Object Storage using s3cmd (Linux)

 

S3cmd is installed on your virtual machine by default.

 

Use this command to create a configuration file (.s3cfg):

s3cmd --configure

 

Please follow those steps in order to accomplish configuration:

 

Enter new values or accept defaults in brackets with Enter.

Refer to user manual for detailed description of all options.


Access key and Secret key are your identifiers for Amazon S3. Leave them empty for using the env variables.

Access Key: entry your access point

Secret Key: entry your secret key

Default Region [US]: RegionOne


Use "s3.amazonaws.com" for S3 Endpoint and not modify it to the target Amazon S3.

S3 Endpoint [s3.amazonaws.com]: cf2.cloudferro.com:8080


Use "%(bucket)s.s3.amazonaws.com" to the target Amazon S3. "%(bucket)s" and "%(location)s" vars can be used

if the target S3 system supports dns based buckets.

DNS-style bucket+hostname:port template for accessing a bucket [%(bucket)s.s3.amazonaws.com]: cf2.cloudferro.com:8080


Encryption password is used to protect your files from reading

by unauthorized persons while in transfer to S3

Encryption password:

Path to GPG program [/usr/bin/gpg]:


When using secure HTTPS protocol all communication with Amazon S3

servers is protected from 3rd party eavesdropping. This method is

slower than plain HTTP, and can only be proxied with Python 2.7 or newer

Use HTTPS protocol [Yes]:


On some networks all internet access must go through a HTTP proxy.

Try setting it here if you can't connect to S3 directly

HTTP Proxy server name:

 

Make sure about the values you have filled in a while ago.

 

New settings:

Access Key: insert your access key

Secret Key: insert your secret key

Default Region: RegionOne

S3 Endpoint: cf2.cloudferro.com:8080

DNS-style bucket+hostname:port template for accessing a bucket: cf2.cloudferro.com:8080

Encryption password:

Path to GPG program: /usr/bin/gpg

Use HTTPS protocol: True

HTTP Proxy server name:

HTTP Proxy server port: 0


Test access with supplied credentials? [Y/n] y

Please wait, attempting to list all buckets...

Success. Your access key and secret key worked fine :-)


Now verifying that encryption works...

Not configured. Never mind.


Save settings? [y/N] y
Configuration saved to '/home/eouser/.s3cfg'

 

 

In order to list available buckets type in command presented below:

eouser@vm1:~$ s3cmd ls
2019-01-03 16:20  s3://testjohn

 

To examine a particular bucket add its path:

 

eouser@vm1:~$ s3cmd ls s3://testjohn

2019-01-18 09:22 81712 s3://testjohn/console.png

2019-01-07 09:57 2589 s3://testjohn/tes1.txt

 

Boto3

FAQ for accessing EO DATA:

How to access/list EO DATA using boto3?

How to download EO DATA file using boto3?

 

Boto3 module installation:

We strongly recommend using virtualenv for isolating python packages. Configuration tutorial is presented below:

How to install Python virtualenv/virtualenvwrapper?

If virtualenv is activated:

$ pip install boto3 #for Python2
$ pip3 install boto3 #for Python3


Or if we install package with global entry point:

#Pipsi installation
$ curl https://raw.githubusercontent.com/mitsuhiko/pipsi/master/get-pipsi.py | python
$ pipsi install boto3

 

Simple script for accessing your private bucket:

import boto3

def boto3connection(access_key,secret_key,bucketname):
    host='https://cf2.cloudferro.com:8080'
    s3=boto3.resource('s3',aws_access_key_id=access_key,
aws_secret_access_key=secret_key, endpoint_url=host,)

    bucket=s3.Bucket(bucketname)

    for obj in bucket.objects.filter():
        print('{0}:{1}'.format(bucket.name, obj.key))

#For Python2
x = raw_input('Enter your access key:')
y = raw_input('Enter your secret key:')
z = raw_input('Enter your bucket name:')

#For Python3
x = input('Enter your access key:')
y = input('Enter your secret key:')
z = input('Enter your bucket name:')

boto3connection(x,y,z)


Save your file with .py extension and run with the "python [filename.py]" command in your terminal.

For Python3 use "python3 [filename.py]".


How to launch and deploy environment in Kubernetes?

In this FAQ we will learn how to configure and deploy Kubernetes environment, and how to install example application based on mySQL (in this case Wordpress) to make it properly running in cluster.

 

DEPLOYMENT
In order to allocate Kubernetes clusters in our domain first we have to create new environment for running clusters.

It is possible through enrolling menu “App Catalog”, and then choosing “Browse”, “Browse Local”, “Next page”. When the cube “Kubernetes cluster” appears, select “Quick Deploy”.

In clusters configuration menu, on the first screen, user can determine name of the cluster, amount of created Kubernetes nodes and gateways, and have to confirm his choice by clicking Next.

Second window allows further setting up and connection with Google Container and Docker. It’s important to choose option “Use Flannel networking instead of Calico”.

Then, user can choose the flavor of instances which will be used and SSH key (NOTE: Without entering SSH keypair you won’t be allowed to connect with VMs). It is vital to select “App Catalog Kubernetes Trusty Image”. Please remember that Kubernetes will establish amount of vms determined in this menu. Here you can see pricing list of each flavour https://creodias.eu/price-list

After setting up SSH keypair, click create, and you will be redirected to “Environments” menu, in which freshly created cluster will be shown. The next step is choosing “Deploy this environment”.

After approximately five minutes of waiting allocation of a cluster will end by launching (four in this case) new instances in KubernetesCluster environment and then user have to choose “Logs”.

Focus on one line before last, which states “Dashboard UI is available at http://...”.

IP adress marked in blue is simultaneously adress of user dashboard (we recommend opening it in new card).

INSTALLING AN EXAMPLE APPLICATION

Now, here is Kubernetes user interface in which users are allowed to install applications by clicking “Create” button.

For this FAQ, we will install Wordpress.

Wordpress is a free and open-source content management system based on PHP and MySQL
Here you can see some best Wordpress-based webpages https://wordpress.org/showcase/

Let’s start with installing internal mysql database. After clicking “Create”, as a name of application and image of container enter just “mysql”.

Inserting environmental variables will also be neccesary. To do so, choose “Show advanced options” and then input in “Environment variables” variable MYSQL_DATABASE with value being name of the database (for example “test” and variable “MYSQL_ROOT_PASSWORD” with value which is password for accessing the database. After that run installation by clicking “Deploy”.


Next step would be installation of Wordpress packet.

Click on “Create” again, as a name and image input “wordpress” and then attribute application to unused port (in this case 8080 and output 80).

Next, accept setup with choosing deploy and wait for full installation. For further configuration insert dashboard IP address with port 8080. Setup screen will appear, select desired language and confirm it by pressing “Let’s go!”

Enter previously defined database name (test), user name (root), and password saved in MYSQL_ROOT_PASSWD variable.

As a “database host”, enter value, which we can be found in nodes, after clicking at “mysql” and copying IP adress on the right.

After clicking “Submit” and “Run the installation”, Wordpress will ask for configuration data for a new account and redirect user to Wordpress login site.