How to instantiate and access a VM on GRNET's OpenStack

[backeb]

Hi @kkoumantaros @yan0s and team,

Today @lorincmeszaros and I tried to instantiate a VM on https://ui.cloud.grnet.gr

We did the following:

1. In https://ui.cloud.grnet.gr/project/instances/ we clicked on Launch Instance on the top right
2. Provided some Details
3. For Source we selected CentOS 7
4. For Flavor we selected Jet-3
5. For Networks we used the default:
6. There were no options for Network Ports
7. For Security Groups we used the defaults
8. For Key Pair we generated one
9. We then clicked Launch Instance

Below is the overview information of the VM

❓ Question: How do we access the VM via SSH?

[backeb]

cc @sebastian-luna-valero @enolfc @sandragaytan @avgils

[sebastian-luna-valero]

Hi,

As far as I can see only IPv6 can be used to access VMs in the HiSea VO in https://ui.cloud.grnet.gr/

I am connected to a IPv4-only network so I am not able to test connectivity with IPv6 hosts.

You can check whether you have IPv6 connectivity by visiting https://test-ipv6.com

If you have IPv6 connectivity, you should be able to ssh into the VM with:

ssh -i <private-key-created-in-openstack> centos@2001:648:2ffe:526::3b6

Best regards, Sebastian.

[backeb]

Hi @sebastian-luna-valero, thanks for the feedback.

When I check if I have IPv6 connectivity on https://test-ipv6.com/ I get:

Regarding the Key Pairs in OpenStack, I have only created a public key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuzx6xkDzcFltE6QbBxXvicDA53CZhQzRxbO+NmRO9LBCLhQjcMFfEWUQ2rYQPYhnI0HqlpacTp7sWM/ocZ0B6irMRBwfM6cmp8GIBE7VoCLoYasuxLOqC/HsB44gm6t+GNIcRn/vS9vJ+npOmzKtmJlR9hhosl7xs6cPtiTUDk/L6eCDZXr5WIgQHG8kRgVNhNuVm350wj666p9jPeq6K2kDdKnysNUy2+wS2GfuNKWkd4+Bh3FdzjRovQxJzJDYPBdQsEZ/d1n2tSPP+wUGfwltQaaFchcKmajzlfVG7cHBI90teXivEDDyLMm4Gllu57Oh2EfssOjzQkt3eF9lf Generated-by-Nova

❓ how do I create a private key?

[backeb]

And what if we need IPv4 to connect?

[sebastian-luna-valero]

Hi,

Good, it looks like you do have IPv6 connectivity. Others please correct me if I am wrong but I think people like me with IPv4-only connectivity won't be able to access VMs in the HiSea VO with the existing configuration options.

When you created the keypair OpenStack should have automatically created the corresponding private key and should have opened up a pop-up, download window with filename CentOS7.pem.

If you didn't download it, I think the only option is to create a new key pair. For that, go to:

https://ui.cloud.grnet.gr/project/key_pairs

Delete the existing keypair and generate a new one, so you make sure you download the private.pem file with the private key. Instead you could also import an existing public key into OpenStack if you have one already created on your machine.

Either way, I think you may need to delete the existing VM and create a new one attaching a new public key for which you have the private key available. I don't think you can attach a new key pair to the running VM.

[backeb]

Thanks again @sebastian-luna-valero

I have done as you have suggested and

1. created the key pair first and downloaded the hisea-test-vm.pem file to my PC.
2. followed the steps to launch another instance
3. tried to connect by doing ssh -i "\path\to\hisea-test-vm.pem" centos@2001:648:2ffe:526::340

I now get ssh: connect to host 2001:648:2ffe:526::340 port 22: Connection timed out

[sebastian-luna-valero]

Could you please try again now?

[sebastian-luna-valero]

Hi,

I was trying to add a new rule to the default Security Group to allow ingress traffic for SSH. However, I can only do this for IPv4 and not for IPv6.

I think I need input from @kkoumantaros @yan0s to move this forward.

Best regards, Sebastian

[yan0s]

Unfortunately, the ipv6 is not yet implemented in our cloud, your only option for now is ipv4. Here is a link with useful information on using our OpenStack: https://help.cloud.grnet.gr/

[sebastian-luna-valero]

Hi @yan0s

Sorry, I am confused. When I go to the C-SCALE-HiSea OpenStack project in https://ui.cloud.grnet.gr/project/networks/ I see two options:

• FloatingIP-Network
• Direct-Internet with subnet Direct-Internet-IPv6: 2001:648:2ffe:526::/64

When I try to create a new VM in https://ui.cloud.grnet.gr/project/instances/ the only Network available for the instance is Direct-Internet with subnet Direct-Internet-IPv6. In fact the two test VMs created by @backeb get IPv6 addresses (e.g. https://ui.cloud.grnet.gr/project/instances/3824d57a-1a62-4c9b-9dca-67dfeb95a381/)

Could you please confirm how can we work with IPv4 in the C-SCALE-HiSea OpenStack project?

Many thanks, Sebastian

[backeb]

Hi @yan0s @sebastian-luna-valero

I followed instructions in https://help.cloud.grnet.gr/t/preparation-before-installing-vms/42 and https://help.cloud.grnet.gr/t/create-a-vm-instance/44 to create a new hisea-test-vm instance.

FYI @yan0s your documentation is somewhat outdated.

I think I managed to create a VM with an IPv4 IP address: https://ui.cloud.grnet.gr/project/instances/9957d5f2-2065-448a-b4b7-13fa4c966f7f/

But when I try login via SSH using ssh -i "C:\Users\backeber\Stichting Deltares\C-SCALE - Documents\Use cases\HiSea\hisea-test-vm.pem" centos@192.168.0.183 I still get a connection timed out error: ssh: connect to host 192.168.0.183 port 22: Connection timed out

Please advise. cc @lorincmeszaros

[sebastian-luna-valero]

Hi,

Sorry for being lazy and not looking for help in the docs myself, and thanks for linking them here @backeb.

@backeb 192.168.0.183 is a private IP address and that's why you get the time out.

I tried to solve the issue with the net/subnet/router that @backeb created but I couldn't. Instead, I created a new net/subnet/router combination myself and I got it working.

I appreciate the steps in https://help.cloud.grnet.gr/ might be confusing so I can add additional notes here for help. Before that, @backeb could you please try deploying a new VM with Network=net-v2? Due to quota limits, you will need to delete your existing VM first.

Please remember to associate floating IP 62.217.82.82 to your VM after it's up and running, and then do:

ssh -i hisea-test-vm.pem centos@62.217.82.82

Many thanks, Sebastian

[backeb]

Hi @sebastian-luna-valero

Thank you! That solved it and I managed to create a VM and log on to it using ssh -i hisea-test-vm.pem centos@62.217.82.82

I'd like to delete everything and go through the whole process again to make sure I understand it!

[sebastian-luna-valero]

Sure, go ahead!

I think what you need to change this time is to select the FloatingIP-Network as the External Network for the router. Once the router is created, add an interface to connect the router to the hisea-subnet so VMs can communicate with the outside world. Finally, associate a floating ip from the FloatingIP-Network to the VM.

[yan0s]

I'm so sorry for not being more helpful, I'm currently on summer vacation until August 23. We normally have an automated process to create the basic networking for the projects and I thought your project was prepared but that was not the case. I see that you have got it working. If you need additional resources (to increase current quota) or if you have any other questions let me know and I will try to help.

[backeb]

@yan0s, please don't apologise for taking a holiday! Enjoy it 🏖️

I managed to go through the whole process again from scratch and set up another VM which I managed to access. I will detail the process below.

[backeb]

Successfully completed steps to instantiate a VM

Starting from https://ui.cloud.grnet.gr/project/ I did the following:

1. Create a private network: Go to Project / Network / Network and click Create Network Provide a Network Name and click Next Provide a Subnet Name and Network Address (hover over the ❔ for guidance). Make sure to select IPv4 under IP Version and click Next Make sure Enable DHCP is checked and click Create

2. Create a router: Go to Project / Network/ Routers and click Create Router Provide a Router Name and select FloatingIP-Network as the External Network and click Create Router Click on the router you've just created, this will take you to an Overview page for that router. Click on the Interfaces tab and then click on Add Interface Select the Subnet you created in step 1 and click Submit

3. Create a Floating IP: Go to Project / Network / Floating IPs and click Allocate IP To Project Select FloatingIP-Network from Pool and click Allocate IP

4. Create a Key Pair: Go to Project / Compute / Key Pairs and click Create Key Pair Provide a Key Pair Name and select SSH Key for the Key Type and click Create Key Pair Save the .pem file somewhere on your computer.

5. Launch a VM: Go to Project / Compute / Instances and click Launch Instance Provide an Instance Name and click Next Select the Boot Source Image from the Available images by clicking on the upward pointing arrow and click Next Select the Flavor from the Available Flavors by clicking on the upward pointing arrow and click Next Select the Network you created in step 1 by click on the upward pointing arrow. Then click Next twice: we skip Network Ports Select the default security group and click Next. Select the ssh key pair you created in step 4 and click Launch Instance

6. Once the instance is running, on the far right under Actions select Associate Floating IP Select the IP Address and the Port to be associated and click Associate.

You have now successfully instantiated a VM ❗🎉💪🚀🎆

To login to your VM via SSH do the following from your CLI: ssh -i "path/to/hisea-key-pair.pem" centos@62.217.83.202