This How To will describe the setup of a new virtual machine on the Utrecht FIWARE lab.
The result will be a running machine, with SSH access and the ability to access this machine by HTTP and HTTPs.
To start this guide, please goto to the FIWARE Lab cloud node on https://login.fiware-lab.nl.
Currently, we are using a self-signed certificate for this domain, you can ignore this in your browser.
HTTP connections are unsafe, and not provided anymore.
note: If you do not have an account yet, send an email to firstname.lastname@example.org with the purposes of your project.
Login to the Utrecht node, the following screen should be visible
By following the next steps, you should be able to setup a virtual machine within this environment and access the virtual machine with an SSH connection. The example will setup a base Centos 6.x machine.
Step 1: create a Keypair
Before even setting up a new machine you must create a keypair. FIWARE Lab Utrecht environment only allows you to log on to your server using keypair value. No login password is required, but a keypair is used to authenticate. This keypair is important, do not loose it! Loosing your key will lock you out of the server!
This option is found at: Access & Security -> Keypairs tab.
Select the 'create Keypair' and create a good description for this keypair. Avoid using spaces and special characters, since you might be using this keypair from commandline.
After creating the keypair, an automatic download is started. The downloaded file has the same name as the description with the .pem extension.
If using Linux or OSX, you need to set the correct rights to the file (400, read for you(4), no acces to all others (00))
Step 2: create security group
This step can be addressed at a later stage, but with a first setup it is a good option to make a default setup without forgetting this step at a later stage.
The default settings will block all communications to the server. Without changing these, you will not be able to access any service on the server from a remote location.
We will grant access to standard HTTP and HTTPS, and also to SSH access. HTTP(S) is optional, but most useful as you can setup an Apache host.
The defaults ports are 80, 443 and 25
Select the 'Create Security Group' to create a new access rule
Please choose your name (only alphanummeric with underscores allowed) and description carefully.
After creating this group, please select it from the main page, press the 'Manage Rules' button
Add the rules as following: IP Protocol (all three use TCP), From and To ports are the same (no port translations) and use CIDR 0.0.0.0/0 (the whole world) for access.
You can restrict this to your own IP address, if you want security to be higher
Entering the security rules looks like:
You have now completed the first part, security
Step 3: create a new instance (vm)
Creating a virtual machine on the Fiware Utrecht lab is done with only a few steps.
In this howto, we will setup a CentOS server, but other flavours can also be launched.
A wide range of virtual images are available. These images are also available on the other Fiware nodes
Press the 'Launch Instance' button to start the setup of the instance
Step 4: configuring your new Instance correctly
You now need to create a name for your new instance. Keep in mind you cannot change this name afterwards, so pick a good (logic) name since you allowed to create more instances
If you select 'Boot from Image' in the 'Instance Boot Source', you can select one of the available Fiware Lab Utrecht images. Currently over 40 images are available on the Utrecht Node.
You can see in real time the available resources for your project. Larger Flavor will take up more resources
After setting the details, enter the 'Access & Security' tab
You will now be able to select your login keypair (SSH) and set your security groups (firewall rules). If you forgot a network security rule, you could add a new later.
These settings must be all correct! If you make a mistake, you will not be able to access the new instance
After setting the access & security settings, enter the 'Networking' tab
You will now enter the Networking settings. Most FIWARE labs only have one network available, drag the interface (shared-net in this case) from Available Networks to Selected Networks - NIC:1
A local network must be configured.
DO NOT USE an external IP at this stage, this will result in a faillure!
After dragging the network interface, press the 'Launch' button
Now you new instance (virtual machine) is created. The machine is NOT running yet and will be 'spawning' with power state: 'NO STATE'
Step 5: Make the new instance available on the internet
To be able to access this machine from the internet, you need to assign a public IP address to the instance.
These are called floating IP, and limited available. You are allowed only one IP address from a pool on the FIWARE lab.
To create and assign a floating IP, goto Access & Security -> floating IPs and select 'Allocate IP to Project'
Some FIWARE Lab environments have multiple Pools available. Currently only one pool is available for users.
Select the 'Allocate IP' button to request your floating IP.
Your External IP is now allocated to your project, but not yet to instance. You can associate this IP to your instance from the Instances menu, but also straight from the Floating IPs menu
Select the Associate button.
Now select the instance to be associated with this IP:
The IP is now allocated and associated with your new Instance.
The 'Instances' page will now show both the internal and external IP from your instance
You are almost finished, your instance should now be available with a ssh client:
Some images don't allow root logins, but a quick try will tell you which username to use.
$/> ssh -i .ssh/fiwareutrechtkeypair.pem email@example.com
If you can connect to your machine, you can finish configuring the machine with the desired packages and services: