Skip to content

Adding a cloud and a virtual machine

ETAIS self-service projects need to have at least one Virtual Private Cloud (VPC) resource package enabled before any Virtual Machines can be created. Therefore Virtual Machine (VM) configuration consists of two steps:
1. Adding a virtual private cloud
2. Adding a virtual machine

1. Adding a virtual private cloud (VPC)

  • Navigate to Marketplace and select Private Clouds from the menu to go to the list of VPCs.

Info

There are several VPC providers available on the Marketplace. You need to provision at least one VPC package from a suitable provider in order to be able to create virtual machines.

  • If you wish to order a UT HPC cloud, then there are two options. Choose UT HPC (Campus) for workloads that require only internal access (within the university network). For use cases requiring public IP, select UT HPC (Public).

  • Select the project you would like to create your VPC in. You can also create a new project here if needed.

  • There are three VPC components listed under the plan: Cores, RAM, and Storage. Fill in a suitable quantity for each component. By changing the quantities of components, you can see the Prices accordingly, per month, per year, and finally, the total price of the VPC.

  • It is mandatory to input Tenant name to order a VPC.

  • We also strongly suggest filling in the Tenant description field.
  • Lastly, click on the Create button.

The approval of the configuration

a) If your role in the Project is Project Manager or Project Administrator,, ask your ETAIS Organization Owner to approve the order. If your project belongs to the organization ATI (ICS), then contact support@hpc.ut.ee.

b) If your role is Organization Owner you are able to complete the purchase to final approval (click the Create button). The system will need a couple of minutes to execute the order. Once the system changes the state to OK, your VPC is ready to use.

Info

The provisioned VPC resource package will be automatically enabled for the project as a VM provider. For other projects, it can be enabled by the organization owner under Provider management within the organization workspace.

Info

You can create, remove, and change VPC security groups following this guide .

2. Adding a virtual machine (VM)

  • Navigate to Marketplace and select Virtual machines from the menu to see the list of Virtual Machines.
  • Select the Image for your VM and the initial resource profile (the flavor) under the Hardware configuration section.
  • The flavor determines the initial resources for a VM, specifying the amount of RAM, vCPU cores, and storage allocated. For detailed information on the available flavors and their specifications, please refer to the following documentation: Flavor Details.

Info

We have currently limited GPU resource available for Virtual Machines, therefore please check the GPU availability with HPC support: support@hpc.ut.ee.

Info

VM images contain their minimum requirements information, and non-matching VM flavors are disabled automatically.

  • Selecting a VM flavor updates System volume size with the option to override it manually (to a higher custom value). The size of Data Volume can be customized and incremented in 1 GB steps. System volume must be at least 10 GB, and the combined size of the two volumes must not exceed the VPC’s total storage.

  • By default, provisioned VMs expect users to log in using SSH keys. Select the initial SSH key for login by clicking on the SSH public keys selector under the Network and security section. If you haven't added any keys to your profile yet, you can do it here by clicking on Create new button. To learn more about SSH access, this guide here might be helpful.

  • You can assign your VM a floating IP and a custom IP under the Network section. If you don't choose a custom IP, it will be added automatically - this cannot be changed afterwards. A floating IP can be added later on, however; see the guide below. Note that public access is not possible without a floating IP.

Security groups

  • At first, no incoming connections will be allowed for a VM. Predefined Security groups (firewall rules) must be linked to a VM in order to open up access (like ssh, HTTP, etc.). By clicking the Show rules button in the Actions column, you can see the details about each available Security group. You can also modify the groups after the VM has been created.

Info

VM creation form will automatically include a default security group that enables egress (outgoing) traffic for a VM. This is required in order to reply to incoming packets.

  • The list of Security groups is as follows:

    • Default: default security group. Egress, outbound traffic.
    • PING: security group for ping. Allow ICMP.
    • RDP: security group for remote desktop access. Allow TCP 3389.
    • SSH: security group for secure shell access. Allow TCP 22.
    • WEB: security group for HTTP and HTTPS access. Allow TCP 443 and 80.

  • A VM must be connected to at least one VPC (internal) network and, if public access is required, to an external network via a floating IP.

Info

A floating IP is technically realized as 1:1 NAT between VM internal IP and public network IP.

  • We strongly suggest also adding a VM description. In order to provision the VM, please click on the Create button.
  • The VM will reach Active status when successfully provisioned. The Details field shows the IP address for accessing the VM over SSH (Linux) or over RDP (Windows).

Info

VM access over SSH or RDP should be permitted by Security groups linked to the VM.

Info

OpenStack VPC VMs will have an additional 64 MB virtual hard disk attached to VM, which functions as a cloud-init configuration drive (not supported by self-service yet, only user-data support at the moment).

Adding a floating IP to an existing VM

To add a floating IP to a VM:

  • Please navigate to your project's Resources tab and click on your VM. Move to NetworkingFloating IPs.
  • Click Update Floating IPs.
  • Click Add.
  • In the Select connected subnet dropdown, choose the appropriate subnet for your VM.
  • Submit

Info

In order to log in to your newly created VM over SSH, you need to use a username depending on your choice of VM Image type and your SSH key-pair. Password authentication is disabled by default.

  • Default usernames for login are as follows:

    • CentOS-based images: centos
    • Ubuntu-based images: ubuntu
    • Debian-based images: debian
    • Flatcar-based images: core
    • Rocky-based images: rocky

  • You can find the latest information about available images, the related usernames, and logging into the VM here .