This guide provides a quick view to start setting up your CloudStack environment.
Step 1: Logging into the Dashboard
Perform the following steps to log into the CloudStack dashboard:
- Login to the Customer Portal, and under Cloud, select Private Cloud.
- In the Private Cloud overview page, all your Private Cloud packs are listed.
Click the Manage button.
- Under the Actions section, click the CloudStack panel link.
In the CloudStack Private Cloud portal, enter your credentials to login.
These credentials are not the same as the ones you used to login to the Customer Portal.
The dashboard opens that gives you an overview of the available resources and instances.
For detailed information about the dashboard, click here.
Step 2: Creating an instance
Perform the following steps to create an instance:
- Add an instance.
- Select a template/ISO.
- Select the size of the Instance (Compute Offering)
- Optional: Add an extra data disk (skipped for now)
- Set host anti-affinity if needed (skipped for now, this will be explained later in the Getting Started)
Select the Network to connect the Instance to.
This will connect the instance to the "Isolated" network and an IP is automatically (via DHCP) assigned to the instance.
The default policy (egress rule) on the firewall allows this instance to connect to the internet. This is covered in the chapter about Networking.
Optional: Add SSH-keypair to the Instance.
This will automatically insert the public SSH key of a user into the instance for secure ssh access using public/private keys.
SSH key-pairs can be inserted in the Cloudstack Dashboard under Accounts > SSH Key-pairs.
Review your options, optionally add a name to the instance.
When you click “Launch VM”, it will deploy the Instance.
After deployment, the screen will show the root password.
This password can be reset by first stopping the Instance and then perform a Reset Password action.
Step 3: Setting firewall rules
Now that we have an Instance running, we can control how it communicates with the rest of the internet. As described before, the default egress rule on the firewall allows all traffic from inside to go to the internet. This can be found in the following screen:
Network -> Select the Network (in the example: ‘PreSales’) and the tab ‘Egress rules’
To understand how to set up the firewall rules, perform the following tasks:
Acquire a public IP for the instance
A Public IP can be assigned to the Instance (via Static NAT or Port Forwarding).
A Public IP need to be acquired from the available range of IPs.
Network -> Details -> Public IPs -> Acquire New IP
Note that the ‘Cloudstack RouterVM’ (that acts as firewall/load balancer) uses the ‘SourceNAT’ IP.
- Configure the public IP to forward all incoming traffic to the instance
This acquired public IP need to be configured to forward all incoming traffic to go to the Instance (via Static NAT) by clicking the button "Enable Static NAT".
- Select the Instance for the static NAT.
- Setting up the firewall rules
The firewall rules need to be configured to control what is allowed. On the public IP, select the Configuration tab.
- Click Firewall -> View all.
Add a rule to allow the entire world (0.0.0.0/0) to access the Instance on tcp/80 (http port)
This makes the Instance accessible from the Internet op port 80.
After you have created an instance (your own virtual machine), and configured the firewall, you can do the following: