User Tools

Site Tools


cloud:intro

SCOPE OF THIS DOCUMENT

This guide covers the common subset of tasks that users would need to perform to have a set of clustered computer instances, and associated resources, isolated from others, and accessible to a project, for any general purpose, both long-term and short.

INTRODUCTION AND NOTES

This cluster can spring into being computer resources without the involvement of other personnel. The software has some exotic capabilities, but this is a common subset:

  • L2 and L3 Network
  • Compute, such as RAM, CPU, Disk, in the form of Virtualized, Container, or Hyrbid (Kata)
  • Block Storage (volume mounts)
  • Security groups (firewall service)

The cloud can also manage resources on your behalf that are traditionally handled by a human operator:

  • Load Balancer
  • NFS
  • Hadoop
  • Kubernetes
  • VPN
  • "Lambda" Functions Service
  • DNS
  • Relational Database - as a service

The full list can be found at Frequently Asked Questions

A WORD ABOUT SECURITY

The security of the resources that you start is your responsibility. With this software you are able to create insecure configurations that will be hacked, with no hope of recovering. This can put all of us at risk. The highest risk that you will encounter is to expose your computers to the Internet. Beware of the dangers associated with doing so!

Getting and Using Access

Please write techstaff@cs.uchicago.edu and let us know that you saw this document. Allow us time to create your private project within the cloud. Then you can proceed with the rest of our documentation.

PROJECTS

Openstack requires Users and their cloud resources to belong to a Project. Users have pre-defined Roles within that Project, such as Member or Admin. The Role, Project, and User together constitute in-context access control. So, when a user is in a certain Project, that User can read, modify, destroy the cloud resources in that Project, or even create new resources. All actions depend on the precise Role of the User in the project. Non-members of a project are not able to do anything with cloud resources of the project to which they are a non-member, including View Access. Users can belong to any number of Projects, and with potentially different Roles. Project Admin is not a permission we can grant at this time. Note that there is not a Role known as Owner.

Your Default Project

All users are initially given a project with the same name as their username.

ACCOUNTS

Any user of Openstack should use their CNetID to login. If you are automating and in production, create Application Credentials using the Web interface or API. Give the Application Credential permissions that you deem appropriate for the cloud-enabled client or application that you are running.

WEB ACCESS

  • Use a modern browser at Overcloud
  • You MUST keep the domain "CS Account" in the Domain field in order to login.
  • The web interface is a convenient way to access the Physical Terminal of a virtual machine, and the command line can do that also. The interface also provides a unique status and usage dashboard.
  • The site includes interactive help, and is designed for first-time users. Use it as soon as you can and come back with questions if you have them. This guide may not cover more.
  • If you have learned any part of the Command Line Interface, you have also learned the corresponding web interface, because they contain the same concepts and requirements.

CLI ACCESS

Most of our documentation is focused on Command Line Usage , and Programmatic

URLS

* Compute Instances User's Guide

* Images Guide

If you want to know how I install and manage the cloud, I adhere to the Install Guide very closely

* Administrator Guides aren't for End Users, but they illuminate many things for you

This document is not public but is publicly reachable: Swift Recipe

/var/lib/dokuwiki/data/pages/cloud/intro.txt · Last modified: 2020/05/14 14:04 by chudler