Use bwCloud SCOPE
To use the bwCloud infrastructure, registration is required. If this is not yet the case, then simply follow our step-by-step instructions as described under First steps. The registration is based on the usage of bwIDM (Federal Identity Management of the Baden-Württemberg universities) which is why, in principle, all members of institutions in Baden-Württemberg can use the bwCloud. Registration for the bwCloud is currently handled centrally via a server of University of Freiburg.
Please note: Do not store any personal and/or sensitive data or information in the bwCloud. We can't provide a sufficient level of protection in order to meet the requirements of ZENDAS regarding data protection etc.
Create SSH key pair (Windows)[ssh_key_gen_win]
This step-by-step guide describes the process of creating a SSH key pair (public and secret SSH key) under Windows. The public SSH key can then be uploaded to the bwCloud environment. In combination with the personal secret SSH key you can then log in to the created virtual machines under Windows.
- Download the program puttygen.exe. This program generates the SSH key pair. For example, go to the page www.putty.org. On the website, click the link to download PuTTY. The page that opens afterwards with the references to the sources also contains a link to the program puttygen.exe.
- Download the program puttygen.exe and start the program
- Click on the Generate button to the right of the Generate a public/private key pair label
- Move the mouse with irregular movements across the screen to generate enough entropy for key generation. When the key generation was successfully completed, the public key is displayed in a text field
- Open a simple text editor (e.g. "Notepad") and copy the generated public key from the text field into the editor. Save the public key in adirectory.
- Save the private key in the same directory as the public key before Click on the button Save private key.
- Then proceed with the setup of the PuTTY environment as described in Set up SSH client PuTTY
- Now register the public SSH key in the bwCloud environment Import the just created public key. Proceed as described in SSH key registration and follow the steps described there Working steps.
SSH key registration[ssh_key]
We recommend you to register your public personal SSH key in our bwCloud environment. This public SSH key is automatically inserted into the system whenever a virtual machine is started (applies only to Linux-based virtual machines). You can then log in to the system from remote / outside via SSH.
- Log into the bwCloud as described in First steps: Schritt 3
- Click below Project → Compute on Key pairs You will see an overview of the key pairs you have (already) imported.
- Click on the button Import key pair in the upper right corner. A dialog opens.
- Name your SSH key with a unique name and copy the public SSH key into the text field below. Then click on the button Import key pair. If the process was successful, you will get an overview with the imported SSH key(s).
Setting up the PuTTY SSH client (Windows)[putty]
The SSH client PuTTY is a simple and free program to get access to the started instances via SSH under Windows. This step-by-step guide describes how to set up the program to access the virtual machines using the previously created public and private SSH keys.
- Download the program putty.exe. Go to central page www.putty.org and click on the Link You can download PuTTY here. The following page with references to the sources contains links to both the Microsoft Installer for PuTTY and to the program putty.exe. Either save the appropriate installer for your operating system (either 32 bit or 64 bit) and start the installation process or use the program putty.exe directly.
- After installation or download start "PuTTY
- Click on the items Connection → SSH → Auth in the left menu tree
- Now click on the Browser button below the text Private key file for authentication:. Now select the file with your private SSH key
- If you don't want to repeat this process every time, we recommend that you save the current PuTTY settings as a profile. To do this, click on the left Menu tree to the top item Session
- Now either name the current settings (and session) with your own name and/or click on the Save button The next time you start PuTTY, the previously selected secret SSH key will be selected again.
Starting an instance[launch_instance]
- Click on Instances in the left menu and on the new page on the button Launch Instance. A dialog opens that guides you through the process step-by-step.
- First, enter a meaningful Name for the instance and enter it in the appropriate field. Then click on the Next button below or on Source* in the left menu.
- Now select a template on which your instance should be based. In the Allocated area, the selected image is displayed. If you want to discard this selection, click on the Down Arrow in the line.
- In the next step the flavor must be selected. This is done again by clicking on the arrow up (bordered in red). If your current quota is too low for a flavor, this is indicated by a yellow warning symbol.
- Next, select the network. In most cases you don't need to change nothing here, because the default setting usually fits. As far as the Security Group is concerned, you don't usually have to change anything here either.
- In the next step you select the public SSH key that is to be integrated into the instance. This step is very important, because without a public SSH key no access to the running instance is possible.
- Now click on the button Launch Instance - and the instance is started
- When the instance is completely started and set up, the IP addresses under which it can be reached are displayed in the overview. You can now connect to the instance via SSH.
The corresponding SSH usernames can be found in the list, which can be accessed via the link "Current and available images in bwCloud SCOPE"
Open a port for remote access[open_port]
By default, a new virtual machine in the bwCloud is initially only accessible from outside via SSH (Port 22). All other ports are closed, i.e. requests on these ports can't get through to the instance. For example, if a Web server has to be accessible via HTTPS, the corresponding port (Port 443) in the Security Group must be opened. The step-by-step instructions explain in detail how to open a port using the Dashboards.
- Log in to the bwCloud Visit the Dashboard and enter your access data
- Click in the left menu on Network and on the sub-item Security Groups. An overview of the currently defined security groups is displayed. The default group bears the name default.
- Click on the button Manage Rules in the corresponding line an overview of all rules defined for this security group opens
- If you want to add a new rule, click the button Add Rule. A dialog opens in which you can describe the new rule.
- For example, if you want to allow access via HTTPS, select HTTPS in the drop-down menu of the first item ("Rule").
- If the web server is to be accessible from anywhere from the outside, enter the value 0.0.0.0/0 in the "CIDR" field. Here you can restrict access to a specific network segment.
Then click Add. The overview is reloaded and the new rule appears in the list.
- If you want to open an individual port, select the value Custom TCP Rule under "Rule" in the dialog.
- You can enter the corresponding port number in the "Port" field.
- In the "CIDR" field you can set the access to individual network segments. If you want to create an IPv6 rule, enter the network segment in IPv6 notation here ("0.0.0.0/0" becomes "::/0")
- In the field "Direction" you can define the direction: Ingress = Incoming connections, Egress = Outgoing connections
- Click Add and the new rule is created.
- Once the rules of a security group change, these changes will take effect for all instances connected to it. So there is no need to reboot the virtual machines !