...
Commands to be entered at a command prompt will be prefixed with a ‘$’
File name paths are indicated as
/path/to/<some_file_or_command>
Step-by-step
- Create account
- Create a key pair
- Modify the default security group
- Launch an instance
- Requesting, Allocating, and associating floating
- Associating Floating IPs
- Log in
- In
- Create a volume
- Volume
- Attach a volume
- Volume
- Use a volume
- Volume
...
Create Account
Access to the Rapid Access Cloud is provided by third-party Federated identity providers: Google Identity Platform and Canadian Access Federation.
...
Log-in to the Rapid Access Cloud dashboard at https://cloud.cybera.ca.
In the left-hand panel click on “Compute”.
Click the “Key Pair” tab, then click “+Create Key Pair”.
Enter a
<key_pair_name>, then click “Create Key Pair”. The browser will automatically download a file named<key_pair_name>.pem.Move or save this file on your computer somewhere you will remember. It will be used when accessing instances created with this key pair.
| Note | ||
|---|---|---|
If this key file is saved to an operating system that uses file-system permissions (Unix, Linux, BSD, OSX) then make sure the permissions are set appropriately. Typically, the
|
...
| Info |
|---|
About key pairsKey pairs are a set of mathematically generated strings, one is the private key and the other is the public key. The key pairs that are used in the Rapid Access Cloud are ssh keys generated by the OpenStack dashboard, keeping the public key to be injected as needed into new instances, and the private key is the *.pem file automatically downloaded by the browser in the steps above. If you already have a key pair suited for use, import that key by following the steps in the Advanced Guide.
|
...
Security Groups
Security groups are the policies that deny access to the network ports of an instance. Security groups are therefore firewalls for instances, with a set of default policies that block all access to each port from any source, including the computer you are using to access the Rapid Access Cloud dashboard. Before an instance can be accessed the appropriate ports will need to be opened and a source IP address or range of addresses will need to be configured.
...
M1 class flavors are General Purpose Instances. This family provides a balance of compute, memory, and network resources, and it is a good choice for many applications.
Flavor VCPUs Root Disk (GB) RAM (MB) Swap (MB) m1.tiny 1 5 512 512 m1.micro 1 5 1,024 1,024 m1.small 2 20 2,048 2,048 m1.medium 2 40 4,096 4,096 m1.large 4 40 8,192 4,096 m1.xlarge 8 40 16,384 4,096 G1 instances are intended for general-purpose GPU compute applications. Use cases include machine learning, rendering, and other server-side GPU compute workloads. (see GPU-Enabled Instances for more on how to launch GPU instances.)
Flavor VCPUs Root Disk (GB) RAM (MB) Swap (MB) g1.medium.auto-destruct 8 40 8,192 4,096 g1.large.auto-destruct 8 40 32,768 4,096 g1.xlarge.auto-destruct 16 40 32,768 4,096
Resizing instances
Currently the option to resize instances (change flavor) is not functional in RAC. A workaround to to snapshot an instance and then create a new instance, of the desired flavor, based on the snapshot.
Accessing instances
Having an instance up and running is one thing, and perhaps just a single Linux ‘sandbox’ to run some code is all that is needed, however the real power of computers, virtual or otherwise, is in connectivity, and that means networks. The instances in the Rapid Access Cloud can be connected to and accessed in a variety of ways, permitting users to create an environment with multiple instances networked together in the same way a bare-metal environment can be built, but in this case with virtual machines providing the routing, switching and other network functions along with the expected servers running applications on top of operating systems like Linux and Windows.
IP addresses
Once an instance is provisioned, it is automatically given two addresses: a private IPv4 address, and a public IPv6 address.
The private address, called a fixed-ip in OpenStack, is not publicly routable (that is, not reachable from the public internet; though see the Making the most of a single IPv4 address section for more on this) and is used by the OpenStack application stack to provision the instance. The private address can also be used to communicate between instances without the need of routing traffic out on the internet and back again. The private addresses are assigned from a range of 10.1.0.0 - 10.2.254.254.
The public address given to the instance automatically is an IPv6 address. The ability to connect to an instance via IPv6 will be limited by the network the connection is coming from; unfortunately many schools, workplaces, or home internet providers do not have IPv6 capable networks. Use the following tools to determine if your network has the ability to route IPv6 traffic:
Cybera has confirmed that most users who use TELUS or Shaw, University of Alberta users (via WiFi), and Concordia users have IPv6 connectivity. If you fall into one of these groups, please use the above links to verify and if at all possible, we ask that you use IPv6 to connect to your instance in order to help us conserve IPv4 addresses.
Why IPv6?
IPv4 addresses are limited to 4.3 billion addresses and the world is quickly approaching the limit and obtaining new ones will become impossible. IPv6 uses 128-bit addresses instead of IPv4’s 32-bit addresses, removing this limit and providing better security features over IPv4. IPv6 is not a new technology as it has been available for over a decade, though it has been slow to implement due to legacy concerns across multiple industries.
If you’re more curious about IPv6 itself we recommend reading the Wikipedia article on IPv6.
IPv6 Considerations
One thing to note about using IPv6 addresses is that some tools require a different format when attempting to connect directly via the IP address. In general we recommend to use our helper DNS record or use a DNS record in place of the IPv6 address.
Please note that of the most common utilities on macOS and Linux to copy files to and from instances has a different syntax to use raw IPv6 addresses instead of IPv4 addresses. You will need to include and escape square brackets around the IPv6 address.
scp myfile ubuntu@\[2001:db8:0:1\]:myfile
Public IPv4 addressing
Rapid Access Cloud accounts are able to also have public IPv4 addresses allocated to them, however due to demand the default quota is 0. This is referred to as a floating-ip in OpenStack and can be associated with only one instance at a time.
This limitation on IP address availability can be overcome, and in fact can make for a more robust and secure cloud environment in some cases. Please see the Making the most of a single IPv4 Address section for solutions to this problem.
Requesting, Allocating and associating floating IPs
By default a new Rapid Access Cloud account does not have a quota permitting a public IPv4 address.
To request a floating IP address you can fill out a form on the dashboard by:
Log-in to the Rapid Access Cloud dashboard at https://cloud.cybera.ca.
In the left-hand panel under “RAC”, click “Quota Change".
Request one floating IP and fill out the reason and then press "Submit a Quota Change Request"
rac-admin will be notified and we will process your quota change request as soon as possible.
Allocating a floating IP address
If your project does have have quota for a floating IP, the floating IP is not allocated to your automatically. You will need to allocate a floating IP to your project. Given the scarcity of the addresses for Cybera (and indeed, the world), addresses allocated to projects that have gone unused for three months will be reclaimed, however you are welcome to allocate an IP address again if needed.
Log-in to the Rapid Access Cloud dashboard at https://cloud.cybera.ca.
In the left-hand panel under “Compute”, click “Instances”.
Click the Action drop-down button on the right-hand side and select “Associate Floating IP”.
Click on the “+” sign next to “Select an IP address”.
There is only one pool of addresses available (
nova) and the quota shows only one IP address from that pool, so simply click “Allocate IP”.After the IP address has been allocated, click the “Associate” button the the right hand side. Under the Instances summary, your Instance should now have three IP addresses, including a publicly accessible IPv4 address.
Associating the floating IP address to other instances
Given the ease of creating and destroying instances, along with the possibilities of changing needs, moving the IPv4 address around may be required. Once the address is allocated to a project, it can be assigned to any instance associated with the project. When an instance is destroyed, the associated IP address remains allocated to the project. Simply follow the steps above to associate the IP address with a new instance, omitting the steps for allocating the address (steps 4 and 5).
Windows instances
Cybera does provide Windows images in the Rapid Access Cloud, in the form of Windows Server 2016. You will need to provide your own valid license from Microsoft, and follow additional steps covered in the Advanced Guide.
Log in
After creating a key pair, modifying the default security group, and clicking through the process of launching an instance and assigning a floating IP, you are now able to log in. The basics are the same regardless of where you are logging in from, but like many things it is the details that matter.
Because the instance built according to this document is a Ubuntu Linux distribution, the default username is ubuntu. For each of the other Linux distributions available in the Rapid Access Cloud, the username follows the same scheme: centos, debian, and fedora.
IPv6 Access
As mentioned in the Accessing Instances section, connecting to an instance via IPv6 is preferred over using a Floating IP. If you do have a floating IP address associated with your instance you can use your floating IP instead of the IPv6 address or use the DNS name autogenerated as seen in the instructions below.
To make IPv6 addresses more friendly, instances are given an automated DNS name that maps to your IPv6 address and if applicable your floating IP address. The autogenerated domain can be found on your instance's details page under the Metadata section. (eg. 12345.yyc.cybera.ca)
From Linux, UNIX, or BSD (including OS X)
The simplest way to use ssh from these operating systems is:
In the RAC web client there is an option to access your instance via a web console. Windows instances can be accessed with the console. Linux instances will prompt for a password and can not be accessed via the console without first logging into the instance (SSH) to configure a password. For this reason it is recommended to only use SSH and a private key to access a Linux instances. Create a keypair before creating a Linux instance then when creating a Linux instance, assign the key for access. See this page for instructions on how to create a key pair.
| Note |
|---|
The commands to access a Linux instance with a private key (myKey.pem) depends on the operating system you are connecting from and the SSH console you are using. For example in macOS, using the default console and connecting to an Ubuntu OS, the command would be similar to: ssh -i /path/to/mykey.pem ubuntu@2605:fd00:4:1000:aaaa:ffff:bbbb:cccc |
IP addresses
Once an instance is provisioned, it is automatically given two addresses: a private IPv4 address, and a public IPv6 address.
The private address, called a fixed-ip in OpenStack, is not publicly routable (that is, not reachable from the public internet; though see the Making the most of a single IPv4 address section for more on this) and is used by the OpenStack application stack to provision the instance. The private address can also be used to communicate between instances without the need of routing traffic out on the internet and back again. The private addresses are assigned from a range of 10.1.0.0 - 10.2.254.254.
The public address given to the instance automatically is an IPv6 address. The ability to connect to an instance via IPv6 will be limited by the network the connection is coming from; unfortunately many schools, workplaces, or home internet providers do not have IPv6 capable networks. Use the following tools to determine if your network has the ability to route IPv6 traffic:
Cybera has confirmed that most users who use TELUS or Shaw, University of Alberta users (via WiFi), and Concordia users have IPv6 connectivity. If you fall into one of these groups, please use the above links to verify and if at all possible, we ask that you use IPv6 to connect to your instance in order to help us conserve IPv4 addresses.
Why IPv6?
IPv4 addresses are limited to 4.3 billion addresses and the world is quickly approaching the limit and obtaining new ones will become impossible. IPv6 uses 128-bit addresses instead of IPv4’s 32-bit addresses, removing this limit and providing better security features over IPv4. IPv6 is not a new technology as it has been available for over a decade, though it has been slow to implement due to legacy concerns across multiple industries.
If you’re more curious about IPv6 itself we recommend reading the Wikipedia article on IPv6.
IPv6 Considerations
One thing to note about using IPv6 addresses is that some tools require a different format when attempting to connect directly via the IP address. In general we recommend to use our helper DNS record or use a DNS record in place of the IPv6 address. You can find the helper DNS record on your instance's detail page under the Metadata section. An address will appear that appears similar to 1234.yyc.rac.sh.
Please note that of the most common utilities on macOS and Linux to copy files to and from instances has a different syntax to use raw IPv6 addresses instead of IPv4 addresses. You will need to include and escape square brackets around the IPv6 address.
scp myfile ubuntu@\[2001:db8:0:1\]:myfile
Public IPv4 addressing
Rapid Access Cloud accounts are able to also have public IPv4 addresses allocated to them, however due to demand the default quota is 0. This is referred to as a floating-ip in OpenStack and can be associated with only one instance at a time.
This limitation on IP address availability can be overcome, and in fact can make for a more robust and secure cloud environment in some cases. Please see the Making the most of a single IPv4 Address section for solutions to this problem.
...
Requesting, Allocating and associating floating IPs
If the default public IPv6 address is not sufficient for your use case, public IPv4 addresses are available. By default a new Rapid Access Cloud account does not have a quota permitting a public IPv4 address. Please see the IP address section above for testing whether IPv6 is a limitation for access to your resources.
Requesting a floating IP address
To request a floating IP address you can fill out a form on the dashboard by:
Log-in to the Rapid Access Cloud dashboard at https://cloud.cybera.ca.
In the left-hand panel under “RAC”, click “Quota Change".
Request one floating IP and fill out the reason and then press "Submit a Quota Change Request"
rac-admin will be notified and we will process your quota change request as soon as possible.
Allocating a floating IP address
If your project does have have quota for a floating IP, the floating IP is not allocated to your automatically. You will need to allocate a floating IP to your project. Given the scarcity of the addresses for Cybera (and indeed, the world), addresses allocated to projects that have gone unused for three months will be reclaimed, however you are welcome to allocate an IP address again if needed.
Log-in to the Rapid Access Cloud dashboard at https://cloud.cybera.ca.
In the left-hand panel under “Compute”, click “Instances”.
Click the Action drop-down button on the right-hand side and select “Associate Floating IP”.
Click on the “+” sign next to “Select an IP address”.
There is only one pool of addresses available (Public) and the quota shows only one IP address from that pool, so simply click “Allocate IP”.
After the IP address has been allocated, click the “Associate” button the the right hand side. Under the Instances summary, your Instance should now have three IP addresses, including a publicly accessible IPv4 address.
Associating the floating IP address to other instances
Given the ease of creating and destroying instances, along with the possibilities of changing needs, moving the IPv4 address around may be required. Once the address is allocated to a project, it can be assigned to any instance associated with the project. When an instance is destroyed, the associated IP address remains allocated to the project. Simply follow the steps above to associate the IP address with a new instance, omitting the steps for allocating the address (steps 4 and 5).
Windows instances
Cybera does provide Windows images in the Rapid Access Cloud, in the form of Windows Server 2016. You will need to provide your own valid license from Microsoft, and follow additional steps covered in the Advanced Guide.
...
Log in
After creating a key pair, modifying the default security group, and clicking through the process of launching an instance and assigning a floating IP, you are now able to log in. The basics are the same regardless of where you are logging in from, but like many things it is the details that matter.
Because the instance built according to this document is a Ubuntu Linux distribution, the default username is ubuntu. For each of the other Linux distributions available in the Rapid Access Cloud, the username follows the same scheme: centos, debian, and fedora.
IPv6 Access
As mentioned in the Accessing Instances section, connecting to an instance via IPv6 is preferred over using a Floating IP. If you do have a floating IP address associated with your instance you can use your floating IP instead of the IPv6 address or use the DNS name autogenerated as seen in the instructions below.
To make IPv6 addresses more friendly, instances are given an automated DNS name that maps to your IPv6 address and if applicable your floating IP address. The autogenerated domain can be found on your instance's details page under the Metadata section. (eg. 12345.yyc.cybera.ca)
From Linux, UNIX, or BSD (including macOS)
The simplest way to use ssh from these operating systems is:
Open a terminal and enter:
Code Block $ ssh -i /path/to/<key_pair_name>.pem ubuntu@<ipv6_address_or_dns_name>Answer ‘yes’ to the following question:
Code Block The authenticity of host '<ipv6_address> (<ipv6_address>)' can't be established.Answer ‘yes’ to the following question:
Code Block The authenticity of host '<ipv6_address> (<ipv6_address>)' can't be established. RSA key fingerprint is e5:de:ad:c3:be:ef:b2:ba:be:a1:ba:dc:af:ea:ce:d4. Are you sure you want to continue connecting (yes/no)?You are now logged in and will then be presented with the Message Of The Day and a shell prompt:
Code Block ---------------------------- Cloud Image Helper Scripts ---------------------------- To enable automatic updates please run: /usr/local/bin/enableAutoUpdate To install the latest OpenStack tools please run: /usr/local/bin/installOpenStackTools To use the local software update proxy please run: /usr/local/bin/localSUS To remove this message from your message of the day please run: sudo rm /etc/motd ubuntu@<your_instance_name>:~$
Open a terminal and enter:
| Code Block |
|---|
$ ssh -i /path/to/<key_pair_name>.pem ubuntu@<ipv6_address_or_dns_name> |
...
Description: <your_description>Type
Volume Source: ( No source, empty volume type)
Size (GB): 25
| Info |
|---|
The following Volume Source options are NOT supported:
If you select one of those options, it will result in an error. |
Type: LVM
Size (GB): 25
Availability Zone: (Availability Zone: (Any availability zone)
5. Click the blue “Create Volume” button and after a few moments a 25GB volume will be ready for attachment to an instance.
...
Log into your instance via ssh.
Format the volume:
Code Block $ sudo mkfs.ext4 /dev/sdc
Info Attached volumes will typically be assigned device names in sequential order (i.e. /dev/sdc, /dev/sdd, /dev/sde, etc.)
List all disks from within the instance with:
Code Block $ sudo fdisk -l
Info /dev/sda and /dev/sdb are the system volumes that make up the instance.
Create a mount point for the volume:
Code Block $ sudo mkdir /mnt/<mount_point_name>
Mount the volume device to the mount point:
Code Block $ sudo mount /dev/sdc /mnt/<mount_point_name>
Permissions may need to be changed on the new volume, as they are initially set to root:
Code Block $ sudo chown ubuntu:ubuntu /mnt/<mount_point_name>
Backups
The Cybera Rapid Access Cloud is offered on a best-effort basis and it is the users’ responsibility to ensure appropriate backups of all their data are made. While Cybera’s record for uptime and data-loss is very good, we strongly encourage all of our users to ensure regular backups are made.
Instance Snapshots
Snapshots are point-in-time copies of your instances. You can snapshot your instance and then either download that snapshot as a backup or use that snapshot as a “cookie cutter” template to build new instances based off of it. This has the advantage that you will not have to reconfigure your virtual machine after launching from the snapshot, as opposed to launching from the image. Also, you can use this to resize your instance: if you want your instance to have different resources assigned to it (e.g. CPU or RAM) you can re-launch from the snapshot according to your preferred configuration (note that the root disk cannot be smaller than in the original instance).
To snapshot your instance:
Log-in to the Rapid Access Cloud dashboard at https://cloud.cybera.ca.
In the left-hand panel under “Compute”, click “Instances”
For the instance you want to snapshot, make sure it is in a shut-off state.
Click on the “Create snapshot” button.
Select a name to save the snapshot as
OpenStack will then navigate to the Images section. The snapshotting process can take considerable time depending on the size of the instance.
You should verify that the snapshotting process has worked following completion. Check the size of the snapshot as it should be at least several hundred MB in size. Also consider test launching an instance from the snapshot in order to ensure the process concluded successfully.
Permissions may need to be changed on the new volume, as they are initially set to root:
Code Block $ sudo chown ubuntu:ubuntu /mnt/<mount_point_name>
Additional information on how to use other volume types is available in our Advanced Guide under Volume Types.
...
Backups
The Cybera Rapid Access Cloud is offered on a best-effort basis and it is the users’ responsibility to ensure appropriate backups of all their data are made. While Cybera’s record for uptime and data-loss is very good, we strongly encourage all of our users to ensure regular backups are made.
Instance Snapshots
Snapshots are point-in-time copies of your instances. You can snapshot your instance and then either download that snapshot as a backup or use that snapshot as a “cookie cutter” template to build new instances based off of it. This has the advantage that you will not have to reconfigure your virtual machine after launching from the snapshot, as opposed to launching from the image. Also, you can use this to resize your instance: if you want your instance to have different resources assigned to it (e.g. CPU or RAM) you can re-launch from the snapshot according to your preferred configuration (note that the root disk cannot be smaller than in the original instance).
To snapshot your instance:
Log-in to the Rapid Access Cloud dashboard at https://cloud.cybera.ca.
In the left-hand panel under “Compute”, click “Instances”
For the instance you want to snapshot, make sure it is in a shut-off state.
Click on the “Create snapshot” button.
Select a name to save the snapshot as
OpenStack will then navigate to the Images section. The snapshotting process can take considerable time depending on the size of the instance.
You should verify that the snapshotting process has worked following completion. Check the size of the snapshot as it should be at least several hundred MB in size. Also consider test launching an instance from the snapshot in order to ensure the process concluded successfully.
Exporting a Snapshot
If you would like to take an instance snapshot to a different cloud, or a different account within the Rapid Access Cloud, you can use the OpenStack cli tool to export the snapshot image.
- In a terminal, with the openstack cli tools installed, and the openrc file sourced, type: openstack image list
- In the list of returned images take the ID for the snapshot you have crated and run: openstack image save --file export.qemu $id # Where $id is the ID from the command above.
The above will save your image as export.qemu in the folder you ran the command. You can then upload that image to a new account or another cloud.
...
Object storage
Users may also use the Object Storage service to back-up their data. See this document for more information.
...