Creating domains, projects, and users
There are three user roles in Virtuozzo Hybrid Infrastructure: a system administrator, a domain administrator, and a project member. The following chart shows typical users with these roles working at service providers and enterprises, along with their workspaces: admin or self-service panels.
- System administrators have full control over Virtuozzo Hybrid Infrastructure and can access the admin panel. This is the role you get by default when installing Virtuozzo Hybrid Infrastructure. These are usually infrastructure administrators of an MSP or the main IT department of an enterprise, depending on your business case.
- Domain administrators are in charge of their domains. A domain is a collection of virtualization projects (tenants) and users (end customers). Domain administrators have access to the self-service panel. They can create users, as well as use project resources within allowed quotas: deploy and manage virtual machines, images, volumes, networks, routers, floating IPs, and SSH keys.
- Project members can manage resources within their projects by using the self-service panel: deploy and manage virtual machines, images, volumes, networks, routers, floating IPs, and SSH keys. A project is a set of compute and storage resources defined by quotas and accessible by assigned users.
Both the domain administrator and project member roles have certain limitations. For instance, they cannot migrate virtual machines between nodes, as nodes are not present at that level of abstraction.
In our evaluation scenario, you are the system administrator. Once you have created the compute cluster, you need to create a domain, a project, some end users, and assign them to the project. Then, create a storage policy for VM volumes and define their redundancy parameters. Next, configure virtual networking. After that, domain users will have access to their domains and projects via the self-service panel. There, they will be able to create their own virtual machines, volumes, networks, etc.
The self-service panel IP address is shown on the Settings > Self-service screen in the admin panel.
The actions to perform in the self-service panel are described in the Self-Service Guide. For our evaluation, we shall stick to the operations with the compute cluster done from the admin panel.
- Create a domain. To do this, log in to the admin panel and open the Settings > Projects and users screen. Click Create domain in the upper-right corner. Specify a name and a description for the new domain. Click Create.
- Create an admin account for the new domain. To do this, select the newly created domain and click Create user. Specify a login and a password, and then select the Domain administrator role. Check the Image uploading box to allow the new administrator to upload images for deploying virtual machines. Click Create.
- Create a project. To do this, navigate to the domain’s Projects tab and click Create project. Set the quotas and click Create. Make sure that you have enough CPU, RAM, storage, and network resources to deploy virtual machines (and add-on services, should you choose to enable them).
- Create a project member. To do this, open the Domain users tab and click Create user. Specify a login and a password, and then select the Project member role. Choose the project to assign the new member to, and then click Create.
- Optionally, customize the self-service panel’s look on the Settings > Self-service screen by adding logos and selecting a color scheme. This way, managed service providers, for example, can offer branded virtualization services to end customers.
Creating storage policies
In order to create a new storage policy, go to the Compute > Storage screen, open the Storage policies tab, and then click Create storage policy. Specify a name, a tier, a failure domain, and a redundancy scheme. For the evaluation scenario, select the 2 replicas mode and Host as the Failure domain.
Now that you have created a storage policy, you can select it for volumes when creating virtual machines (refer to Creating virtual machines). You can also apply it when creating volumes directly on the Volumes tab.
Storage policies can be used in project quotas. A policy created before a project will be enabled in its quotas. A policy created after a project will not be enabled for that project automatically. You will need to edit that project’s quotas and select the policy manually.
Creating compute networks
Before deploying virtual machines, you need to configure networking on the Compute > Network screen. A virtual network lets virtual machines connected to it communicate with each other. A physical network connects your virtual machines to an existing infrastructure network, so they can access the Internet, for example.
In order to create a new network, click Create network and specify its type. Provide a name for the new network, a subnet CIDR, for example, 192.168.0.1/24, and a gateway. Click Next to proceed. If you have a pool of IP addresses for your virtual machines, you can enable the built-in DHCP server to have these IP addresses automatically assigned to virtual machines. Click Create network to complete the process.
Along with compute networks, you can create floating IPs. A floating IP is a public IP address that you can manually assign to a private IP address of a virtual machine. It will let you access the virtual machine from the public network, even though it only has a private IP address. To create a floating IP, you will first need to link a physical and a virtual network with a virtual router. For more details, refer to "Managing floating IP addresses" in the Administrator Guide.