NCSA wiki will be offline Friday, Apr 19, 2024, from 1700 hours until Sun, Apr 21, 2024 in order to upgrade Confluence.
Getting Started
This is a walk through for new Nebula users who are unfamiliar with OpenStack to help them create their first instance. An instance is a virtual machine (VM) that you control as if it were an independent server. The Nebula FAQ contains information about how to get an account on Nebula and is a source for more general information. Once you have an account, go to http://nebula.ncsa.illinois.edu in a browser and log into the NCSA Nebula cluster through its OpenStack Horizon Interface. After logging in, you will see your project space on Nebula with main menu options on the left and an overview of your project's resource usage:
These resources are shared among all of the users who are in the same project as you.
From the menu at the left, select Compute→Instances to bring up a list of the current set of instances in your project. This list of instances shows all of the instances that currently exist in the project regardless of who created them. Basic information about the instances is shown with them such as their names, IP addresses and state. More information about an instance is available by clicking on it. Instances can be created, terminated and controlled from this page. Any user in the project can control any of the instances in the project so make sure you only make changes to your own instances.
Create a new instance
Select the Launch Instance button which is above the list of instances, to the left of the red Terminate Instances button. This will bring up a Launch Instance dialog box which will let you specify all of the information needed to create a new instance.
There are a number of tabs along the top, each brings up a separate panel. The first panel, "Details", has fields for you to enter the basic information for the instance.
For Availability Zone, select "nova".
Enter a unique Instance Name to identify the new instance. It is a good idea to include your user name in the Instance Name since all of the instances created by everyone in your group will be listed together. You will want to be able to locate your instances within the full list of project instances. You may use any name you like, however.
Next, choose a Flavor for the instance from the list provided. Flavors are virtual hardware templates that define the resources that a new instance will be created with. They specify sizes for RAM, disk, number of cores, and so on. The public flavors which are available to all projects on Nebula are listed here. Each project can define its own flavors in addition to these and they will all be displayed in the drop down list together. Selecting a flavor from the drop down list will show you its attributes. You should choose a flavor that has sufficient disk space to install your OS and software stack. You should not choose a flavor with a larger disk in order to have space to store your data. A Volume should be added to your instance later to provide a place for your data.
Instance Count specifies how many copies of the instance will be started up at once. Specify 1 unless you are planning to start up a working cluster on Nebula.
We will use Instance Boot Source to specify what operating system will be running in the image. The other options allow more advanced features but are beyond the scope of this walk through. Select Boot From Image and a second drop box will be displayed allowing you to select an Image Name. Choose the operating system that you want to use from this image from the list provided. By default, Nebula provides a list of standard cloud base images for CentOS, Ubuntu, Cirros, as well options for Fedora, Debian, CoreOS, etc. Your project may provide additional images as well.
Access & Security
The second Panel of the Launch Instance interface allows you to secure your instance. In order to get access to your instance with ssh you will need to specify a Key Pair for it to use.
On the remote Linux machine you are going to use to ssh into your new instance, check if the file $HOME/.ssh/id_rsa.pub already exists. If it does not already exist, execute “ssh-keygen –t rsa” which will prompt you for a location (press Enter) and for a passphrase. You can leave the passphrase blank by pressing Enter although having one is an added layer of security.
Now that you have a public key, select the “+” button next to the “Key Pair” drop down box. This will open a popup window “Import Key Pair”. Enter a “Key Pair Name”, including the name of the remote machine would be helpful when you need to use the key pair in the future. Paste the contents of the $HOME/.ssh/id_rsa.pub file into the “Public Key” input box in the window. Select the “Import Key Pair” button, the popup window will close and you will see the "Access & Security" tab again. The new key pair should now be displayed in the “Key Pair” field.
From this panel you will also need to specify what Security Groups will be associated with your instance. These security groups set what traffic the nova router, which is internal to OpenStack, allows to flow to and from your instance. They do not configure the iptables internal to your instance. To enable ssh access into the instance after startup, select the remote SSH security group. If the instance may run web servers/services, select remote HTTP to ensure that the standard ports will be open. As with flavors, other security groups can be defined by your project and will be available to you. You can edit which security groups your instance uses after it is created.
Networking
The third Panel involves networking. If your project only has access to one network it will already be selected for you and you don't need to do anything here. If other networks are available for your project they can be selected or dragged into the "Selected networks" box. It is possible to create user-defined networks and attach instances to such networks, though this case would be for specific applications and is beyond our current scope.
For the last two panels, Post-creation provides the ability to customize the instance after the initial startup in a scripted manner and Advanced Options allows you to manually partition the disk of the instance. These are not covered in this walk through.
Now press the blue Launch button at the lower right to create and start up your instance. This list of instances will once again be displayed with your new instance added to the list. Its status will be listed as "Spawning" For most instances the startup should be fairly quick (less than a minute), though the startup could take longer if the base image or snapshot that is being used is large (several GB for example). Once the startup process is complete your instance will be listed with the state "Running".
Under IP address* we find the IP on the internal network that was used in starting the instance. While this locates the instance on the internal network, it is not usable for access from the outside.
Associating a floating IP
In the list, the instances IP address on the internal network that was used to start the instance is displayed. While this locates the instance on the internal network, it is not usable for access from the outside. To enable external access to the instance you need to select Associate Floating IP from the Actions menu on the very right of the instance (each instance has such a menu):
With the Manage Floating IP Associations window open, we can now select a public IP address to use (for NCSA Nebula, these will be in the range ``141.142.208.xxx``). If the list of available of public IP addresses is empty, you can generate an IP for use by clicking on the "+" sign to the right of the selection box. After pressing Associate (and refreshing the Instance List), you should observe the Floating IP for the instance displayed along with its internal IP address, in this example 141.142.211.223.
You can now use your keyfile to ssh into the instance from a remote shell, issuing in this example the command:
ssh -i <keyfile> centos@141.142.211.223
Because the base image used in this exercise was a CentOS 7 image, we log in making use of a user "centos" that by default exists on the base image. For other base images/OS's, this user is different though sensibly named: on Ubuntu the user is "ubuntu", on cirros the user is "cirros", on CoreOS the user is "core".
The default user in these images has sudo access to become the super-user without a password.
sudo su -
As "root" you can now configure the instance as wanted.
Thanks to the LSST project for sharing their documentation under a Creative Commons Attribution 4.0 International License. I borrowed heavily from their Introduction to Starting a Nebula Instance document.