cloud:concepts
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | |||
cloud:concepts [2017/05/22 14:24] – ↷ Page moved from system:cloud:concepts to cloud:concepts blinke | cloud:concepts [2017/05/22 14:24] (current) – ↷ Links adapted because of a move operation blinke | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ===== Cloud concepts: Domain, User, Project, Role, Image, Flavor, Network, Instance, Volume, Key pairs ===== | ||
+ | Before using the cloud, a user needs to be familar with certain concepts. Most of these concepts are applicable to almost all clouds (openstack based private clouds, Amazon EC2, Microsoft Azure....): | ||
+ | |||
+ | == Domain == | ||
+ | |||
+ | The highest management layer in the latest OpenStack releases are '' | ||
+ | |||
+ | In the case of the BCF, a common domain for all BCF users called '' | ||
+ | |||
+ | The domain concept also allows the creation of additional domains, e.g. for running a workshop with dedicated users . These domains can be created on request. | ||
+ | |||
+ | == User == | ||
+ | |||
+ | A //user// is an entity within a domain. A user is able to authenticate itself with the domain name, its user name and a password. Access to the BCF cloud depends on a valid user account. Certain resources in OpenStack are managed on user based, e.g. access keys, virtual machine instances etc. | ||
+ | |||
+ | == Project == | ||
+ | |||
+ | A //project// is a collection of resources like users, images, volumes etc. It is initially created by the domain or cloud administrator, | ||
+ | |||
+ | == Role == | ||
+ | |||
+ | A role authorizes a user to access a project and grants certain right to the user within the project scope. The standard roles in OpenStack are '' | ||
+ | |||
+ | A user needs to be a member of a project (needs to have a role associated) to access the OpenStack web interface. | ||
+ | |||
+ | == Image == | ||
+ | |||
+ | An //image// is the binary representation of a computer' | ||
+ | |||
+ | Images may be associated to a project, or made publically available for all projects. Upon uploading an image the minimal requirements like hard disk size or available memory can be specified to ensure that the image is used with the right amount of resources. | ||
+ | |||
+ | == Flavor == | ||
+ | |||
+ | A //flavor// defines a virtual machine setup by defining parameters like hard disk size, available memory or CPU core number. The cloud provider an use flavors to optimize virtual machines for the available hardware. A flavor may also be used to restrict virtual machines to certain physical hosts, e.g. by requiring extra local storage or feature like a GPU. | ||
+ | |||
+ | Flavor are defined by the cloud providers; to request additional ones contact the BCF support. | ||
+ | |||
+ | == Network == | ||
+ | |||
+ | While a flavor defines the parameters of a single virtual machine, a network defines how virtual machines are connected to each other or to the internet. Each virtual machine needs at least one network connection. More information about networks are in available in the [[cloud: | ||
+ | |||
+ | == Instance == | ||
+ | |||
+ | An instance is running virtual machine defined by an image (what to run), a flavor (which amount of resources) and a network (how to connect to it). | ||
+ | |||
+ | == Volume == | ||
+ | |||
+ | Hard disks of virtual machines are not persistent. After the virtual machine is terminated, its hard disk's content is deleted and not available anymore. A volume in contrast provides a persistent way to store data. It is created separately from a virtual machine and attached to an instance at runtime. It may also be detached and attached to another instance at will. The volume acts a another block device from the point of view of the virtual machine, so users are not restricted to certain formats. | ||
+ | |||
+ | In the current configuration, | ||
+ | |||
+ | Volume are part of a project and cannot be shared; a transfer of volumes or snapshots between projects it possible. | ||
+ | |||
+ | == Key pair == | ||
+ | |||
+ | A key pair are credentials defined by a user to access a virtual machine. It usually consists of a SSH key pair, with the public key being configured within an instance during startup, and the private key being accessible to the user only. The user can use the key pair to access an instance via SSH over the network. | ||
+ | |||
+ | Without a key pair, a user can only access a virtual machine' | ||
+ | |||
+ | If in doubt, define and use a keypair. |