Quick Guide: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| (2 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
* Access to bwCloud-OS requires an active account from a '''bwIDM'''-participating institution. | * Access to bwCloud-OS requires an active account from a '''bwIDM'''-participating institution. | ||
* Your account must include a valid '''entitlement''', assigned by your '''home institution'''. This is usually automatic. If missing (see [[Registration#How can I find out which entitlements my account contains?|here]]), contact your institution’s IT support. The bwCloud-OS team cannot assign entitlements. | * Your account must include a valid '''entitlement''', assigned by your '''home institution'''. This is usually automatic. If missing (see [[Registration#How can I find out which entitlements my account contains?|here]]), contact your institution’s IT support. The bwCloud-OS team cannot assign entitlements. | ||
* Log in once to the ''' | * Log in once to the [{{DashboardURL}} '''Dashboard]''' to activate your profile. Setup is automated via bwIDM. | ||
* After login, select your '''region''' as described [[Registration#What is a "home region"?|here]] to begin using bwCloud-OS. | * After login, select your '''region''' as described [[Registration#What is a "home region"?|here]] to begin using bwCloud-OS. | ||
== [[Instances (VMs)]] == | == [[Instances (VMs)]] == | ||
* Instances can be '''created''' via the ''' | * Instances can be '''created''' via the [{{DashboardURL}} '''Dashboard'''] wizard, select: '''name →source → flavor → network → SSH key → launch'''. | ||
* The '''source''' defines the base disk for the instance, usually a pre-configured '''image''' containing the operating system (Rocky, Ubuntu, etc.) and initial software optimized for cloud environments. | * The '''source''' defines the base disk for the instance, usually a pre-configured '''image''' containing the operating system (Rocky, Ubuntu, etc.) and initial software optimized for cloud environments. | ||
* The available resources of a virtual machine (vCPU, memory, etc.) are pre-defined by [[Instances (VMs)#What are instance flavors, and which flavors are available?|flavors]]. Choose a '''flavor''' that fits your workload and available [[Projects and Quota#Project Quota|quota]] when launching your instance | * The available resources of a virtual machine (vCPU, memory, etc.) are pre-defined by [[Instances (VMs)#What are instance flavors, and which flavors are available?|flavors]]. Choose a '''flavor''' that fits your workload and available [[Projects and Quota#Project Quota|quota]] when launching your instance | ||
| Line 15: | Line 15: | ||
== [[Networks]] == | == [[Networks]] == | ||
* Each bwCloud-OS instance launched using the standard method is automatically assigned a public IP address. | * Each bwCloud-OS instance launched using the standard method is automatically assigned a '''public IP address'''. | ||
* Floating IPs, which persist independent of instances, are also available. | * '''Floating IPs''', which persist independent of instances, are also available. | ||
* Load Balancers are available and allow traffic to be distributed across multiple backend instances via a single public address. | * '''Load Balancers''' are available and allow traffic to be distributed across multiple backend instances via a single public address. | ||
* Instances are assigned a persistent FQDN based on their name, project and region. | * Instances are assigned a '''persistent FQDN''' based on their name, project and region. | ||
* Domain hosting is not provided, but you can point your own domain to the FQDN of the instance using a CNAME record. | * Domain hosting is not provided, but you can point your own '''domain''' to the FQDN of the instance using a CNAME record. | ||
== [[Security]] == | == [[Security]] == | ||
| Line 42: | Line 42: | ||
== [[Programmatic Access and Automation|Automation]] == | == [[Programmatic Access and Automation|Automation]] == | ||
* '''Application Credentials''' enable secure, token-based access to bwCloud-OS — ideal for CLI usage and automation. | |||
* '''Application Credentials''' enable secure, | * You can use these credentials with the '''OpenStack CLI''' to manage cloud resources from the command line. | ||
* You can use these credentials with the '''OpenStack | * You can also use the credentials with the '''OpenStack Python SDK''' to manage cloud resources programmatically from within Python scripts or applications. | ||
* '''Automation tools''' like '''Ansible''' or '''Terraform''' can be used for efficient deployment and configuration of instances. | * '''Automation tools''' like '''Ansible''' or '''Terraform''' can be used for efficient deployment and configuration of instances. | ||
Latest revision as of 15:25, 13 June 2026
- Access to bwCloud-OS requires an active account from a bwIDM-participating institution.
- Your account must include a valid entitlement, assigned by your home institution. This is usually automatic. If missing (see here), contact your institution’s IT support. The bwCloud-OS team cannot assign entitlements.
- Log in once to the Dashboard to activate your profile. Setup is automated via bwIDM.
- After login, select your region as described here to begin using bwCloud-OS.
- Instances can be created via the Dashboard wizard, select: name →source → flavor → network → SSH key → launch.
- The source defines the base disk for the instance, usually a pre-configured image containing the operating system (Rocky, Ubuntu, etc.) and initial software optimized for cloud environments.
- The available resources of a virtual machine (vCPU, memory, etc.) are pre-defined by flavors. Choose a flavor that fits your workload and available quota when launching your instance
- To access your bwCloud-OS virtual machines, you must register an SSH key pair and assign it when creating instances. If you lose your private SSH key, you will lose access to your instance!
- Each bwCloud-OS instance launched using the standard method is automatically assigned a public IP address.
- Floating IPs, which persist independent of instances, are also available.
- Load Balancers are available and allow traffic to be distributed across multiple backend instances via a single public address.
- Instances are assigned a persistent FQDN based on their name, project and region.
- Domain hosting is not provided, but you can point your own domain to the FQDN of the instance using a CNAME record.
- By default, bwCloud-OS VMs are only accessible via SSH (port 22) and ICMP (e.g., ping) ; all other incoming traffic is blocked for security.
- To allow access on additional ports (e.g. HTTPS/443), you can add rules via the Security Groups in the Dashboard — changes take effect immediately.
- Some ports are centrally filtered in certain bwCloud-OS regions and cannot be opened individually; refer to the Port Overview for region-specific details.
- If you suspect a security incident, stop the affected VMs and submit a support ticket immediately.
- If you need more storage in a VM, create and attach additional volumes — root disks cannot be enlarged. Using special flavors with larger root disks as a reserve for extra storage is generally discouraged, as they offer less flexibility.
- All data is stored redundantly (e.g., 3× replication in Ceph), but no automatic backups are performed — you are responsible for backing up your own data.
- Back up your data regularly using snapshots or by downloading (volume-)images using the OpenStack client as explained here.
- ⚠️To avoid data loss: Never store critical or irreplaceable data only in bwCloud-OS — always back up externally.
- Each bwCloud-OS project has predefined quotas for vCPU, RAM, storage, and networks. Quota increases can be requested via the bwSupportPortal.
- Group projects allow shared access to resources. Members can manage instances collaboratively. Quotas can be assigned in multiple regions. A designated project owner is required to manage membership and act as the main contact.
- Instances cannot be moved between projects directly. Use snapshots and volume transfer instead, as described here.
- Application Credentials enable secure, token-based access to bwCloud-OS — ideal for CLI usage and automation.
- You can use these credentials with the OpenStack CLI to manage cloud resources from the command line.
- You can also use the credentials with the OpenStack Python SDK to manage cloud resources programmatically from within Python scripts or applications.
- Automation tools like Ansible or Terraform can be used for efficient deployment and configuration of instances.