Launching a secure instance requires preparation. Certain network resources must exist to gather the necessary parameters to create and launch an instance. Launching an instance requires the following parameters:
- name for your instance
- boot source
- private network
- key pair
- security group
An instance requires a root disk for the boot process. You can create the instance boot source from any available image, snapshot, or block storage volume that contains an image or snapshot. To prepare a boot source, see one of the following topics:
You must create a network prior to launching an instance. When you want your instances to communicate outside of your project (tenant), such as for SSH connections to the instances, you must attach a router to the public network on an internal interface and set the gateway on the public network. You also need to logically subdivide the private network into subnets. Create these network resources in the following order:
- Create a network.
- Create a subnet.
- Create a router.
- Create an interface from the router to the private network.
- Set the gateway.
To prepare a private network for your instances, see one of the following topics:
- Creating and Managing Networks using the Dashboard
- Creating a Network using the CLI
- Creating a Network Template
Access & Security Resources
Connecting to an instance using SSH requires a key pair and a security group with rules accommodating the ICMP and SSH protocols.
A key pair provides SSH credentials to images when they are launched. To successfully inject the key pair, the image must contain the
cloud-init package. Create at least one key pair for each project. If you already generated a key pair using an external tool, you can import the key pair into Metacloud and use the key pair for multiple instances that belong to that project.
A security group is a set of firewall policies, known as security group rules, that define network traffic routing to instances. Instances that use the default security group cannot be accessed from an IP address outside of the cloud, unless you modify the existing rules to accommodate the ICMP and SSH protocols.
To prepare the security group rules and provide a key pair for your instance, see one of the following topics:
- Configuring Access and Security for Instances in the Dashboard
- Configuring Access and Security for Instances in the CLI
A floating IP address may be assigned to a running instance to make it accessible from outside the cloud. To prepare a floating IP address for assignment, see one of the following topics:
- Allocating a Floating IP Address to an Instance in Configuring Access and Security for Instances
- Public IP addresses in Managing IP Addresses with the CLI
There are other optional files and information that can be used at the time of instance launch. See the explanations in Launching an Instance from an Image.
Ready to Launch an Instance
With all the resources in place, you are ready to launch an instance using one of the following methods:
- Launching Instances using the Dashboard
- Launching Instances using the CLI
- Creating an Orchestration Template
If you are using the CLI, be sure to gather the parameters needed to complete the instance launch. See Gathering Parameters for Launching an Instance.