Create Private Network
1a: Make sure you're using the correct allocation
If you have multiple allocations, you'll want to make sure your usage is being attributed to the correct allocation. You can see which allocation you're using at the top left.
If you need to change the allocation, click on the area next to the OpenStack logo that says "tacc * TG-xxxxxxxxx" and it will show the allocations you can select. Chose the appropriate allocation from the list.
2: Click on Project → Network → Network Topology → +Create Network
3: Enter a network name, for example, username_net.
After giving it a descriptive name, press the blue NEXT button.
4: Enter a subnet name, e.g. username_subnet, and a network address, e.g. 10.1.1.0/24, and a gateway address, e.g. 10.1.1.1
This should be a non-routable subnet. You can use 10.0.0.0 - 10.255.255.255, 172.16.0.0 - 172.31.255.255, 192.168.0.0 - 192.168.255.255.
If you're not sure what to choose, you can go with 10.1.1.0/24 → this will give you 255 available addresses in the 10.1.1.0 domain.
If you choose 10.1.1.0/24 you can then set the gateway address to be 10.1.1.1
Then press the blue NEXT button.
5: Click Create to create the new network.
6: Click on +Create Router.
7: Enter a router name, e.g. username_router, under the External Network dropdown, select public, then click Create Router.
8: You'll need to connect your private network to the router. Make sure you're inTopology
Graph mode (vsGraph
Topology mode). Your screen should look like the top image on the right. If it looks like bars it's inGraph
Topology mode, click theTopology
Graph tab under the Network Topology page heading to put it into Topology mode
→ Click on the router you just created then +Add Interface.
9: Select the subnet you just created from the dropdown list. Click Submit.
The network should now be connected to the new router. The end result will look similar to the diagram below.
Create Security Group
Each project has its own firewall rules. You will need to add at least an ssh rule to allow yourself to ssh into your instances.
- On the left side bar, click on Network → Security Groups
- Click +Create Group on the right side of the screen and give your new group a descriptive name and optional description.
Click Create Security Group
Create Security Rules
- Click the checkbox by the security group you just created and then click Manage Rules
- Click Add Rule
- Rule: Choose SSH from the dropdown - you can keep the defaults
- Click Add
You should see your new SSH rule in the list.
You'll also want to add a rule to allow ICMP
- Click Add Rule
- Rule: Choose All ICMP from the dropdown - you can keep the defaults
- Click Add
Upload SSH Key
You will need to upload at least 1 ssh public key in order to access the instances you create. This assumes you already have an SSH key pair that you use. If not, you can create a key pair via this screen.
Note: Jetstream recommends and only supports using RSA-based SSH keys or ed25519-based keys.
- On the left side bar, click on Compute → Key Pairs
- Click Import Key Pair
- Key Pair Name: username_key
- Public Key: Paste the contents of your public key file here – generally in your ~/.ssh/identity_rsa.pub file
- Click Import Key Pair
Launching an instance - Step 1
With the network, security group, and ssh key setup, you should be ready to launch an instance.
- On the left side bar, click on Project → Compute → Instances
- Click Launch Instance
- Give your instance a descriptive name. You can take the defaults for the rest of the items. Click Next.
Launching an instance - Step 2
- On the Source screen, make sure the "Select Boot Source" option is "Image" – Please note that it may take 30-60 seconds for that option to appear and to fully populate that list as it pulls the entire image catalog listing anew each time!
- Type JS-API-Featured in the "Available" box to find the Jetstream API Featured images. You can also boot one of the images shown in the list if you'd rather do that, but we only guarantee the featured images will work for anyone.
- Find the image you want to use and click the arrow to the right of its name. You'll see it show up under "Allocated" towards the top of the dialog box. Click Next.
- NOTE: If deploying a non-public image that has been shared to your project from another project, you will need to choose the correct VISIBILITY filter option in the dropdown menu as the list defaults to only public or your own private images.
Launching an instance - Step 3
- On the Flavor screen, select the size VM you want to use and click the arrow to the right of its description. Like the previous screen, you'll see it move up into the "Allocated" area towards the top of the box. Click Next.
Launching an instance - Step 4
- On the Networks screen, find the network you created earlier and click the arrow to the right of its description. Like the previous screen, you'll see it move up into the "Allocated" area towards the top of the box. Click Next.
- Click Next again to skip the Network Ports screen and proceed to Security Groups
Launching an instance - Step 5
- On the Security Groups screen, select the security group you created earlier and click the arrow to the right of its description. Like the previous screen, you'll see it move up into the "Allocated" area towards the top of the box. Click Next.
Launching an instance - Step 6
- On the Key Pair screen, if the key pair you created earlier is NOT in the "Allocated" section, click the arrow to the right of its description. Like the previous screen, you'll see it move up into the "Allocated" area towards the top of the box.
- At this point you can click "Launch Instance"
Add a public IP (floating IP) - Step 1
- Your instance should now show up in your instances list.
- Once it has entered the running state, click the dropdown at the far right and select "Associate Floating IP"
Add a public IP (floating IP) - Step 2
- If you have an IP allocated, you'll see it in the IP Address list. If you do not, click the + sign to allocate a new IP address
Add a public IP (floating IP) - Step 3
- Make sure "Public" is selected under Pool and click Allocate IP
Add a public IP (floating IP) - Step 4
- Note your new IP address and make sure it's the one you want to associate with the instance
- Note that the correct instance is selected under "Port to be associated"
- If all is well, click Associate
Test the connection
- Please note that sometimes it takes a few seconds or even a little more for the association to become active.
- Try pinging your host: ping -c 5 ip_address
Try ssh'ing to your instance
- If you chose a CentOS-based instance, your default user is centos
- If you chose an Ubuntu-based instance, your default user is ubuntu
- Access your host with SSH – the example from a terminal-based ssh-client as on Linux or a Mac would be ssh centos@your_ip_number or ssh ubuntu@your_ip_number
- Note that the first time you connect you'll get a request to verify that you're getting a new host key and making sure you want to connect