Network Service (Neutron)

Last modified by Administrator on Mon, 02/17/2020, 10:18 AM

The COARE Science Cloud offers its network-as-a-service through OpenStack’s Neutron.

On the Project tab, open the Network tab and click Networks category. This will show the created and available networks to your Project.

1977980560.png

Creating a network

  1. Click Create Network.
  2. Fill out the required fields and tick the checkboxes:
    • Network Name: Name of the network
    • Admin State: The state to start the network in.
    • Subnet: Creates a subnet.

    1940703645.png

  3. Click Next to move forward to the Subnet tab
  4. Fill out the required fields:
    • Subnet Name: Name for the subnet.
    • Network Address: IP address range for the subnet in Classless Inter-Domain Routing (CIDR) format.
    • IP Version: Select IPv4 or IPv6.
    • Disable Gateway: Tick this check box to disable a gateway IP address.

    880684687.png

  5. Click Next to move forward to the Subnet Details tab
  6. Fill out the required fields:
    • Enable DHCP: Tick this check box to enable DHCP.
    • Allocation Pools: Specify IP address allocation pools.
    • DNS Name Servers: Specify a name for the DNS server.
    • Host Routes: Specify the IP address of host routes.

    1976766821.png

  7. Click Create

    NOTE: You have to specify a subnet when you create a network. If you do not specify a subnet, any attached instance receives an Error status.

Editing Networks

  1. Click the Edit Network button on the right
  2. Fill out the required field:
    • Name: Name of the network

    1636421999.png

  3. Click Save Changes

Deleting Networks

  1. Check the box on the left of the networks
  2. Click the Delete Networks on the right (red colored button)

    2049292324.png

  3. Click Delete Networks

Managing all Routers

On the Project tab, open the Network tab and click the Routers category.

1844892195.png

Creating Routers

  1. Click the Create Router button on the right
  2. Fill out the required fields:
    • Router Name: Name of the router
    • External Network: Network accessible to the public

    1661722055.png

    NOTES: 

    • Routers created are isolated/independent per Project.
    • End-users default number of routers is only 1.

Editing Routers

  1. Click Edit Router on the drop-down arrow beside the Clear Gateway button
  2. Fill out the required field:
    • Name: Name of the router

    992449987.png

  3. Click Save Changes

Adding Interfaces

  1. On the Routers page, click on the router that is being edited
  2. Click the Interfaces tab

    499752765.png

  3. Click Add Interface on the right
  4. Fill out the required field:
    • Subnet: Subnet of the interface to attack to the router

    1191380933.png

  5. Click Submit

    NOTES:

    • Self-provided network IP-addresses attached here will act as the Internet gateway.
    • Without such created self-provided network, the network will have no Internet connection.
    • Provider network by default is connected to a separate router which can be used for Internet access.

Deleting Routers

  1. Click the Clear Gateway button (red colored button)
  2. Click Delete Router on the drop-down arrow beside the Clear Gateway button

    1890902201.png

  3. Click Delete Router

    NOTE: An error message will prompt if not all self-provided network interface/s were removed on the selected router for deletion.

Managing Security Groups

Security groups are sets of IP filter rules that are applied to all project instances which define networking access to the instance.

On the Project tab, open the Network tab and click Security Groups category.

957719579.png

NOTE: All projects have a default security group which is applied to any instance that has no other defined security group. Unless you change the default, this security group denies all incoming traffic and allows only outgoing traffic to your instance.

Creating Security Groups

  1. Click Create Security Group
  2. Fill out the required field:
    • Name: Name of the security group

    1088866534.png

  3. Click Create Security Group

Editing Security Groups

  1. Click the Edit Security Group on the drop-down arrow beside the Manage Rules button
  2. Fill out the required field:
    • Name: Name of the security group

    798661815.png

  3. Click Edit Security Group

Managing Rules

  1. Click the Manage Rules button
  2. Click the Add Rule button on the right
  3. Fill out the required fields:
    • Rule: Desired rule
    • Open Port: Specific port to open
    • CIDR: Subnet which the port is accessible

    759852994.png

  4. Click Add

    NOTES:

    • It is easier to debug network issues by simply opening all ports. However, this practice is not recommended because it leads to network vulnerabilities.
    • We recommend to only allow SSH via VPN or only allow SSH with 192.168.0.0/16.
    • Changing the security groups does not affect the firewall of the VM because these are configured separately.

Delete Security Groups

  1. Tick the checkbox on the left of the Security group/s to be deleted
  2. Click Delete Security Groups on the right (red colored button)

    562487444.png

  3. Confirm deletion of identified Security Groups by clicking Delete Security Groups.

Managing Floating IPs

A floating IP is an IP address that a project can associate with a VM so that the instance has the same public IP address each time that it boots. Users can create a pool of floating IP addresses and assign them to instances as they are launched to maintain a consistent IP address for maintaining DNS assignment.

On the Project tab, open the Network tab and click Floating IPs category

1277749656.png

Creating and Associating Floating IPs

  1. Click the Allocate IP to Project button

    1737973713.png

  2. Click Allocate IP

Linking Floating IPs to instances

  1. Click the Associate button on the right
  2. Fill out the required fields:
    • IP Address: List of available Public IP reserved to your project
    • Port to be associated: IP address of the interface on the selected instance

    1851557657.png

  3. Click Associate

    NOTES:

    • There is no default floating IP available per Project as floating IPs are provided on a by-request basis.
    • Public IP addresses will be allotted to project via the DHCP server.
    • Selected IP address on the Port to be associated line should have a route on the External Network (Network associated should have an interface on the router).

Unlinking Floating IPs to instances

  1. Tick the box on the left of the floating IP/s to be unlinked
  2. Click the Release Floating IPs  button

    1808691198.png

  3. Click Release Floating IPs

Creating Containers

A container organizes and stores objects in Object Storage. The concept is similar to the concept of a Linux directory, but cannot be nested. A container is an alternative for an Image service container format.

To start creating containers:

  1. Click the + Container button
  2. Fill out the required fields:
    • Container Name: Specify name to identify container
    • Container Access: Access level (either private or public)

    1295518293.png

  3. Click Submit

Uploading Objects

  1. Click Upload Icon on the Object Store category under selected container
  2. Fill out the required fields:
    • File: File to be uploaded from your machine
    • File Name: Specify name to identify object

    1221523901.png

  3. Click Upload File

    NOTES:

    • The Dashboard has a 5GB upload limit per object.
    • Users who need to upload files that are bigger than the upload limit per object should contact the COARE Team (gridops@asti.dost.gov.ph) for assistance.

Deleting objects

  1. Tick the box on the left side of the object to be deleted in the chosen container
  2. Click the Trash icon
  3. Click Delete

Deleting Containers

  1. Select the container then click the Trash icon
  2. Click Delete to confirm deletion of container

    NOTE: Container deletion will fail if the container is not empty.

Tags: