Skip to content

OpenStack Quickstart

Introduction

This Quickstart guide will help you get started with using the OpenStack Management Dashboard and provides useful tips and information. Furthermore, you will learn step-by-step how to create a network, launch your first server VM, and access it.

Note

To navigate the individual chapters, you can use the linked references at the bottom of each section, or click "Next" at the top of the navigation bar. Additionally, you will find page navigation in each topic.

OpenStack Management

In the OpenStack Management Dashboard, you manage all your cloud resources from a central location. Cloud resources here refer to Projects (Accounts), Virtual Servers, Storage Volumes, and Networks.

The range of functions and permissions is based on the following roles:

  • domain Administrator (Manages the cloud resources of their domain)
  • user (Manages the cloud resources of their project)

Thus, you can either have a Domain Administrator or a User role.

The functions available to you are very extensive, ranging from deploying a server to configuring complex multi-tier network architectures.

Logging in to OpenStack Management (Horizon)

To log in, you need an activated account, which includes the following information:

  • Domain - Under which you manage your projects in OpenStack.
  • Project - Under which you manage your resources in OpenStack. Each project is located within a domain.
  • User Name / Email Address - With which you authenticate.
  • Password - Your initial user password.

Please follow the steps below:

  • Open a browser and enter the OpenStack Management (Horizon) URL, which you received with your documentation, or click the link below.

OpenStack Management (Horizon) URL:

https://open.safeswisscloud.ch

  • You will now be automatically redirected to the "Log In" screen of the Federated Identity and Access Management.
  • Please enter your User Name or the registered Email Address and your Password here.
  • Then click on Log in.

image

If you are logging in for the first time, you will be asked to change your initial password. Otherwise, you will be asked for the One-Time Code you receive from your Mobile Authenticator application. After this, you will be on the overview page in OpenStack Horizon.

Note

Please observe the Password Policy

image

In the next step, please configure the 2-Factor Authentication. For this, you need an Authenticator application on your smartphone (see section "1. Install Authenticator" below). If you still need to install the app, you can find more information and help here.

Follow the instructions on the screen.

image

Scan the QR code with the Mobile Authenticator App and enter the generated code.

Upon successful login, you will then be on the overview page in OpenStack Horizon.

image

Federated Identity and Access Management

Identity and access management is provided via a modern "Federated Identity and Access Management" solution. Here you centrally manage the identity attributes of your user profile and the configuration of user authentication (e.g., 2-Factor Authentication).

Note

Besides OpenStack, further Cloud Services are planned to be authenticated through this platform. This means that in the future, you will be able to authenticate yourself to other Cloud Services offered by us using this solution with the same username.

Manage Federated Identity

Switch from the OpenStack Management (Horizon) to the Federated Identity Manager by clicking Identity and then Manage federated identity in the navigation.

image

Note

Use the browser <- BACK button to return to OpenStack Horizon.

Edit Account

After logging in, you will see your account information, which you can complete here.

image

Change Password

Here you can change your password. Please observe the Password Policy.

image

Authenticator

In this menu, you can activate 2-Factor Authentication (2FA). If you are not yet familiar with 2FA, please read the chapter 2-Factor Authentication. To activate 2-Factor Authentication, please scan the QR code with the Mobile Authenticator application, enter the generated code, and click Save.

image

Sessions

In this menu, you can see your active sessions and terminate them if needed.

image

Applications

This menu lists the applications for which you could currently authenticate.

image

Log

This menu lists the account activities.

image

Password Policy

The password for the cloud user accounts must at least meet the following conditions:

Condition Count
Password Length (min.) 12
Special Characters > 1
Numbers > 1

Note

To meet these criteria, the password does not necessarily have to consist of a cryptic string of characters. Tip: Think of a few words that you combine, e.g., with hyphens, and add a few numbers. Example: Ab-in-die-Cloud-2025 would meet the criteria.

The following table describes the characters of the password policy that can be applied to user accounts:

Property Requirements
Allowed Characters • A–Z a–z
• 0–9
• @ # $ % ^ & * - _ ! +
• [ ] { } : ' . ? / ` " ( ) ;
Forbidden Characters • Unicode Characters
• Spaces
Username

2-Factor Authentication

More security for your cloud account through 2FA. With two-step verification, in addition to a password, you protect your account additionally via your smartphone with an additionally generated Personal Verification Code. This is done with the following supported "Mobile Authenticator App":

  • FreeOTP

which are available for Android, iPhone, or BlackBerry.

Note

The Mobile Authenticator App works even without a mobile or data connection.

How it Works

The Mobile Authenticator App adds a second layer of security for your cloud account and other online accounts for which you activate 2-Factor Authentication in the app. This works by generating Personal Verification Codes, so-called "one-time passwords", on your mobile devices, which are used in conjunction with your regular password. These passwords can even be generated when the phone is in airplane mode.

Installation of the Mobile Authenticator App

Install the supported application on your smartphone:

Download URLs: GitHub.

Example Installation of FreeOPT App on Android Smart Phone: On your smartphone, open the PlayStore and enter "FreeOPT" in the search. The following search result appears:

image

As shown, select the FreeOPT App and click install.

image

Re-Activating 2-Factor Authentication

If you intend to replace your smartphone or activate 2-Factor Authentication on another device, please proceed as follows:

  • Install one of the two supported Authenticator applications, FreeOPT App or Google Authenticator, on your smartphone.
  • Switch from the OpenStack Management (Horizon) to the Federated Identity Manager by clicking Identity *> Manage federated identity in the navigation.

image

  • Now switch to the Authenticator menu in the navigation and delete the current Mobile Authentication by clicking the trash can symbol.

image

Note

Use the browser BACK button to return to OpenStack Horizon.

Now refresh your browser by pressing F5, or switch to another menu and then back to the Authenticator menu. Now follow the instructions on the screen to activate 2-Factor Authentication on your new smartphone.

image

Scan the QR code with the supported Mobile Authenticator App and enter the generated code.

Note

FreeOTP: After an unsuccessful attempt, please delete the entire entry in the FreeOTP app - see image.

Then proceed with a new attempt; it is an 8-digit number that you get in the FreeOTP app.

image