]>

Before you launch a virtual machine, you can add security group rules to enable users to ping and SSH to the instances. To do so, you either add rules to the default security group or add a security group with rules. Keypairs are SSH credentials that are injected into images when they are launched. For this to work, the image must contain the cloud-init package. Create at least one keypair for each project. For information, see . If you have generated a keypair with an external tool, you can import it into OpenStack. The keypair can be used for multiple instances that belong to a project. For information, see .

Log in to the dashboard, choose a project, and click the Access & Security category. The dashboard shows the security groups that are available for this project. Select the default security group and click Edit Rules. To allow ssh access, click Add Rule. In the Add Rule window, enter the following values: Rule SSH Remote CIDR CIDR 0.0.0.0/0 To accept requests from a particular range of IP addresses, specify the IP address block in the CIDR box. Click Add. The ssh port 22 is now open for requests from any IP address. To add an ICMP rule, click Add Rule. In the Add Rule window, enter the following values: Rule All ICMP Direction Ingress Remote CIDR CIDR 0.0.0.0/0 Click Add.

Create at least one keypair for each project. Log in to the dashboard, choose a project, and click the Access & Security category. The Keypairs tab shows the keypairs that are available for this project. Click Create Keypair. In the Create Keypair window, enter a name for your keypair, and click Create Keypair. Respond to the prompt to download the keypair.

Log in to the dashboard, choose a project, and click the Access & Security category. The Keypairs tab shows the keypairs that are available for this project. Click Import Keypair. In the Import Keypair window, enter the name of your keypair. In the Public Key box, copy the public key. Then, click Import Keypair. Save the *.pem file locally. To change its permissions so that only you can read and write to the file, run the following command: $ chmod 0600 MY_PRIV_KEY.pem If you are using the dashboard from a Windows-based computer, use puttygen to load the *.pem and convert and save as *.ppk. Refer to WinSCP information for more details. To make the keypair known to SSH, run the ssh-add command: $ ssh-add MY_PRIV_KEY.pem The Compute database registers the public key of the keypair. The dashboard lists the keypair in the Access & Security category.

When an instance is created in OpenStack, it is automatically assigned a fixed IP address in the network to which the instance is assigned. This IP address is permanently associated with the instance until the instance is terminated. However, in addition to the fixed IP address, a floating IP address can also be attached to an instance. Unlike fixed IP addresses, floating IP addresses are able to have their associations modified at any time, regardless of the state of the instances involved. This procedure details the reservation of a floating IP address from an existing pool of addresses and the association of that address with a specific instance. Log in to the dashboard, choose a project, and click the Access & Security category. The Access & Security window opens to the Security Groups tab by default. Click on the Floating IPs tab. The Floating IPs tab shows the floating IP addresses allocated to instances. Click the Allocate IP to Project button. Choose the Pool from which the IP address should be picked. Click the Allocate IP button. In the Floating IPs list, click the Associate button. The Manage Floating IP Associations window opens. In the Manage Floating IP Associations window, choose the following options: The IP Address field is filled automatically. You can choose to add a new IP address by using the + button. In the Ports to be associated field, select a port from the dropdown list. The dropdown lists all the instances with their respective fixed IP addresses. Click the Associate button. To disassociate the IP address from an instance, click the Disassociate button. To release the floating IP address back into the pool of addresses, click the More dropdown button and select Release Floating IP option.