This guide covers the common subset of tasks that users would need to perform to have a set of clustered computer instances, and associated resources, isolated from others, and accessible to a project, for any general purpose, both long-term and short.
This cluster can spring into being computer resources without the involvement of other personnel. The software has some exotic capabilities, but this is a common subset:
The cloud can also manage resources on your behalf that are traditionally handled by a human operator:
The full list can be found at Frequently Asked Questions
The security of the resources that you start is your responsibility. With this software you are able to create insecure configurations that will be hacked, with no hope of recovering. This can put all of us at risk. The highest risk that you will encounter is to expose your computers to the Internet. Beware of the dangers associated with doing so!
Please write email@example.com and let us know that you saw this document. Allow us time to create your private project within the cloud. Then you can proceed with the rest of our documentation.
Users and their cloud resources to belong to a
Project. Users have pre-defined
Roles within that
Project, such as
Admin. The Role, Project, and User together constitute in-context access control. So, when a user is in a certain Project, that User can read, modify, destroy the cloud resources in that Project, or even create new resources. All actions depend on the precise Role of the User in the project. Non-members of a project are not able to do anything with cloud resources of the project to which they are a non-member, including View Access. Users can belong to any number of Projects, and with potentially different Roles. Project Admin is not a permission we can grant at this time. Note that there is not a Role known as Owner.
All users are initially given a project with the same name as their username.
Any user of Openstack should use their CNetID to login. If you are automating and in production, create Application Credentials using the Web interface or API. Give the Application Credential permissions that you deem appropriate for the cloud-enabled client or application that you are running.