Hetzner - DokuWiki

Private Cloud/en



This article is designed to give you a general overview about how to use your Private Cloud installation. The examples that are shown here are meant to help you orient yourself with your OpenStack Cloud. This will allow you to get your Private Cloud infrastructure up and running as quickly as possible.

Getting started


You will receive a message when your installation is complete. This message will also contain a link to your OpenStack Dashboard and the login data to your installation and to each of your dedicated root servers.

To help you familarize yourself with how to operate your installation, we have created a demo user for you. You can use the demo's login data to access Dashboard. The demo user does not have any administration rights, so there are not as many options on the Dashboard that you can use with the demo. This makes it a bit easier for you to get oriented at first.

Launching an instance

As soon as you log in, you will receive an overview of your user statistics for this cloud project.

On the left-hand side under "Project" and im the "Compute" menu, select the option "Instances".


On the right, above the table (which for the moment is still empty), click on "Launch Instance".

Select your desired settings using the input masks. Under the "Access and security" tab, select the "allopen" Security Group; this means that traffic to all ports will be forwarded to your instance. If you added an SSH key during the installation, you will also be able to select that here. You can also click on the plus symbol (+) next to the selection field to add a new SSH public key.

You can select the network adaptor for your instance by going to the "Networking" tab. To do this, please choose the "sample_net" network. Unfortunately, it is not possible to easily create a direct connection to the external network using this setup. However, this network can be used as a floating IP pool.

Once you have launched your instance, go to the dropdown menu, and in the right-hand column, select the option "Floating IP". You can click on the plus symbol (+) to prepare a new IP address from your pool "ext_net" for your project. You can then associate this address directly with the private address for your instance. Once you have completed this step, you should be able to access the instance under the assigned floating IPs.


Command-line tools

Before you can use OpenStack command-line clients, you should install the relevant packages first.

You can find instructions for how to install Python clients on your system by going here:


source demo-openrc.sh

This script exports relevant environment variables; you can downlad it by looking above the Dashboard and then under Compute->Access & Security-> API Access.

Optional: If you did not add an SSH key during installation, you can also add it in OpenStack via CLI.

nova keypair-add --pub-key ~/.ssh/id_rsa.pub mykey

You can list the SSH keys that you have already added, as below:

nova keypair-list

List the available specifications for your instances:

nova flavor-list

Flavor list.png

Listing your images:

nova image-list

Image list.png

To associate the instance to the correct network, now list your networks.

neutron net-list

Net list.png

Make a note of the ID for your private network ("sample_net") PRIVATE_NET_ID.

Listing the available Security Groups:

nova secgroup-list

Secgroup list.png

Example launch of an instance, similar to the method used via Dashboard:

nova boot --flavor m1.small --image Ubuntu_16.04_Server --nic net-id=PRIVATE_NET_ID
--security-group allopen --key-name mykey test-instance

Nova boot.png

Once you have launched your instance, you can also add an external IP by using the CLI tools so that you can access the instance:

neutron floatingip-create ext-net

Make a note of the IP address that is created. You can then use the following command to route the external IP to your instance:

nova floating-ip-associate test-instance IP-ADDRESSE

OpenStack Services


You can use the service Keystone to manage users and projects in OpenStack. Keystone provides you, your client, and/or your application with a catalog of services that are available in your cloud. After registering for the service, you will be issued a token, which you can then use [to identify yourself and gain access to] other APIs that you may need.

By using Keystone, you will be able to manage users in your cloud, manage access details to separate projects in the cloud, and clearly separate individual tenants from each other.

The official documentation contains very detailed information on how to use and apply Keystone Services: []


OpenStack Compute, otherwise known as 'Nova' is designed to help you create and manage your virtual machines.

Nova provides the important functionalities you need for your instances in your cloud. Nova not only monitors the performance of the OpenStack API itself as well as the hypervisors; it also makes sure that the Security Groups, remote consoles and SSH key management all operate smoothly.

You can see a typical example for how to use Nova above in the section on how to launch an instance. You can find additional examples on how to use Nova by looking at the Operator's Guide: http://docs.openstack.org/ops-guide ops_user_facing_operations.html#instances.


To help you manage your images in your cloud, you can use the service OpenStack Image[, which is also known as Glance]. Glance catalogs images that you select, and makes these images directly available to you and to the other OpenStack Services. Futhermore, Glance manages virtual-machine snapshots that you make and allows you to create and assign metadata to these images in the form of key-value pairs. Therefore, Glace can help you, for example, to limit the minimum number of CPU kernels and amount of RAM for specific images, to see the names of admin-users, and to protocol which software has been installed. You can manage this metadata directly via the API, which will support you in creating complex automated infrastructures.

The Glance API is available via the "openstack image" command or directly via "glance".


Openstack Networking with the codename 'Neutron' provides you with many different networking tools, such as private VLANs, load-balancing, DHCP, and routing. You can access these services via the Neutron API. For example, in the above section on launching an instance, you were able to see how to route a floating-IP to one of your instances.

Furthermore, Neutron allows you to connect your instances to additional virtual networks at any time, as well as remove these connections. Various extentions give you the ability to enhance the functionality of your Neutron installation; for example, you can add and use APIs for load-balancing-as-a-service or for VPN-as-a-service. With Neutron, you will be able to build complext network structures and be able to automate their management.

© 2020. Hetzner Online GmbH. Alle Rechte vorbehalten.