FAQ

Frequenlty Asked Questions

Basics

How can I get access to the cloud compute service?

There is a VO available for 6 months piloting activities that any researcher in Europe can join. Just place an order into the EGI Marketplace.

How can I get an OAuth2.0 token?

Authentication via CLI or API requires a valid Check-in token. The FedCloud Check-in client allows you to get one as needed. Check the Authentication and Authorisation guide for more information.

Is OCCI still supported?

OCCI is now deprecated as API for the EGI Cloud providers using OpenStack. Some providers still support OCCI (a list of active endpoints can be queried at GOCDB) but it should note be used for any new developments.

Migration from rOCCI CLI to OpenStack CLI is quite straightforward, we summarize the main commands in rOCCI and OpenStack equivalent in the table below:

ActionrOCCIOpenStack
List imagesocci -a list -r os_tplopenstack image list
Describe imagesocci -a describe -r <image_id>openstack image show <image_id>
List flavorsocci -a list -r resorce_tplopenstack flavor list
Describe flavorsocci -a describe -r <template_id>openstack flavor show <image_id>
Create VMocci -a create -r compute -t occi.core.title="MyFirstVM" -M <flavor id> -M <image id> -T user_data="file://<file>"openstack server create --flavor <flavor> --image <image> --user-data <file> MyFirstVM
Describe VMocci -a describe -r <vm id>openstack server show <vm id>
Delete VMocci -a delete -r <vm id>openstack server delete <vm id>
Create volumeocci -a create -r storage -t occi.storage.size='num(<site in GB>)' -t occi.core.title=<storage_resource_name>openstack volume create --size <size in GB> <storage resource name>
List volumeocci -a list -r storageopenstack volume list
Attach volumeocci -a link -r <vm_id> -j <storage_resource_id>openstack server add volume <vm id> <volume id>
Dettach volumeocci -a unlink -r <storage_link_id>openstack server remove volume <vm id> <volume id>
Delete volumeocci -a delete -r <volume id>openstack volume delete <volume id>
Attach public IPocci -a link -r <vm id> --link /network/publicopenstack server add floating ip <vm id> <ip>

If you still rely on OCCI for your access, please contact us at support _at_ egi.eu for support on the migration. OpenNebula sites still use OCCI as main API, but its direct use is not recommended as the support will be deprecated. Instead use an Orchestrator like IM for interacting with those sites.

Discovery

How can I get the list of the EGI Cloud providers?

The list of certified providers is available in GOCDB. The following command with the fedcloud client can help you to get that list:

$ fedcloud site list
100IT
BIFI
CESGA
CESNET-MCC
CETA-GRID
CLOUDIFIN
CYFRONET-CLOUD
DESY-HH
GSI-LCG2
IFCA-LCG2
IISAS-FedCloud
IISAS-GPUCloud
IN2P3-IRES
INFN-CATANIA-STACK
INFN-CLOUD-BARI
INFN-PADOVA-STACK
Kharkov-KIPT-LCG2
NCG-INGRID-PT
SCAI
TR-FC1-ULAKBIM
UA-BITP
UNIV-LILLE
fedcloud.srce.hr

The providers also generate dynamic information about their characteristics via the Argo Messaging System which is easily browsable from AppDB.

How can I choose which site to use?

Sites offer their resources to users through Virtual Organisations (VO). First, you need to join a Virtual Organisation that matches your research interests, see authorisation section on how VOs work. AppDB shows the supported VOs and for each VO you can browse the resource providers that support it.

How can I get information about the available VM images?

The Application Database contains information about the VM images available in the EGI Cloud. Within the AppDB Cloud Marketplace, you can look for a VM and get all the information about which VO the VM is associated, the sites where the VM is available and the endpoints and identifiers to use it in practice.

Managing VMs

The disk on my VM is full, how can I get more space?

There are several ways to increase the disk space available at the VM. The fastest and easiest one is to use block storage, creating a new storage disk device and attaching it to the VM. Check the storage guide for more information.

How can I keep my data after the VM is stopped?

After a VM has been stopped and unless backed up in a block storage volume, all data in the VM is destroyed and cannot be recovered. To ensure your data will be available after the VM is deleted, you need to use some form of persistent storage.

How can I assign a public IP to my VM?

Some providers do not automatically assign a public IP address to a VM during the creation phase. In this case, you can attach a public IP by first allocating a new public IP and then assigning it to the VM.

How can I assign a DNS name to my VM?

If you need a domain name for your VMs, we offer a Dynamic DNS service that allows any EGI user to create names for VMs under the fedcloud.eu domain.

Just go to EGI Cloud nsupdate and login with your Check-in account. Once in, you can click on "Add host" to register a new hostname in an available domain.

What is contextualisation?

Contextualisation is the process of installing, configuring and preparing software upon boot time on a pre-defined virtual machine image. This way, the pre-defined images can be stored as generic and small as possible, since customisations will take place on boot time.

Contextualisation is particularly useful for:

  • Configuration not known until instantiation (e.g. data location).
  • Private Information (e.g. host certs)
  • Software that changes frequently or under development.

Contextualisation requires passing some data to the VMs on instantiation (the context) and handling that context in the VM.

How can I inject my public SSH key into the machine?

The best way to login into the virtual server is to use SSH keys. If you don't have one, you need to generate it with the ssh-keygen command:

ssh-keygen -f fedcloud

This will generate two files:

  • fedcloud, the private key. This file should never be shared
  • fedcloud.pub, the public key. That will be sent to your VM.

To inject the public SSH key into the VM you can use the key-name option when creating the VM in OpenStack. Check keypair management option in OpenStack documentation. This key will be available for the default configured user of the VM (e.g. ubuntu for Ubuntu, centos for CentOS).

You can also create users with keys with a contextualisation file:

#cloud-config
users:
  - name: cloudadm
    sudo: ALL=(ALL) NOPASSWD:ALL
    lock-passwd: true
    ssh-import-id: cloudadm
    ssh-authorized-keys:
      - <paste here the contents of your SSH key pub file>

How can I use a contextualisation file?

If you have a contextualisation file, you can use it with the --user-data option to server create in OpenStack.

openstack server create --flavor <your-flavor> --image <your image> \
          --user-data <your contextualisation file> \
          <server name>

How can I pass secrets to my VMs?

EGI Cloud endpoints use HTTPS so information passed to contextualise the VMs can be assumed to be safe and only readable within your VM. However, take into account that anyone with access to the VM may be able to access also the contextualisation information.

How can I use ansible?

Ansible relies on ssh for accessing the servers it will configure. VMs at EGI Cloud can be also accessed via ssh, just make sure you inject the correct public keys in the VMs to be able to access.

If you don't have public IPs for all the VMs to be managed, you can also use one as a gateway as described in the Ansible FAQ.

How can I release resources without destroying my data?

Whenever you delete a VM, the ephemeral disks associated with it will be also deleted. If you don’t plan to use your VM for some time, there are several ways to release resources consumed by the VM (e.g. CPU, RAM) and recover the the data or boot your VM in a previous state when you need it back. We list below the main strategies you can use:

  • Use a volume to store the data to be kept: Check the Storage section of the documentation to learn how to use volumes. If you start your VM from a volume, the VM can be destroyed and recreated easily. OpenStack documentation cover how to start a VM from a volume with CLI or using the Horizon dashboard

  • Suspend or shelve instance: Suspending a VM will pause a VM, releasing CPU and memory, and allowing to resume later in time at the exact same state. Shelving shuts down the VM, thus RAM contents will be lost but disk will be kept. This releases more resources from the provider while still allows to easily boot the VM back without losing disk contents.

  • Create snapshot of instance: a snapshot will create a new VM image at your provider that can be used to boot a new instance of the VM with the same disk content. You can use this technique for creating a base template image that can be later re-used to start similar VMs easily.