OpenStack Access And Security

The OpenStack dashboard is a control panel that allows you to easily manage the security of your instances. The panel is made up of the following sections:

Security Groups

Security groups are collections of firewall rules that contain IPs (both internal and external), ports and the direction of the traffic i.e. inbound to an instance, or outbound from an instance (referred to as Ingress/Egress). Memset provides a default group that only allows egress traffic to the internet. The ingress traffic configuration will depend on your choices during the setup phase of your OpenStack project. This is put in place as a security group must be allocated to a new instance when it is created. We suggest that you create a new group or edit the default group so that it is more secure (i.e. SSH only) which will be the default for new instances. These rules can be easily changed once the instance is configured and put into production without disruption to the service.

Key Pairs

The recommended way to access a new instance from the internet is with key authenticated SSH. When a new instance is created OpenStack will provide the option to copy a public key onto the new instance and will offer all the public keys that are saved in the deployment.

The Key Pairs tab allows either a new key pair to be generated (and only the public key to be retained) or a public key uploaded to OpenStack.

Floating IP

These are the publicly-routable IP addresses that can be associated with a server, making it directly accessible from the internet. If you need additional public IP addresses please contact the sales team at sales@memset.com.

API Access

This section lists all the API endpoints for contacting and managing the OpenStack deployment via API calls.

Last updated 13 June 2016, 09:00 GMT