Overview
This guide aims to walk you through creating and gaining secure access to a Windows instance, in Memset's OpenStack Public Cloud.
- Memset are legally able to provide licenses under our SPLA agreement with Microsoft. Any use of non Memset Microsoft Windows licenses on our OpenStack platform is strictly forbidden, regardless of any agreements you or your organisation has with Microsoft or a reseller of Microsoft products.
Authentication
Before we can get started, we need to make sure that some initial prerequisites are met.
- SSH Keys
- Security Group Rules
1) Create a Key Pair
OpenStack's Dashboard, 'Horizon' allows users to create or import a private / public key pair. These keys are to be used to encrypt and decrypt your Windows passwords and are essential for getting started.
In this guide, we will assume that you do not already have a key pair and ask OpenStack to generate them for us.
In the navigation paine, navigate to:
Project > Compute > Access and Security > Key Pairs > Create Key Pair
OpenStack Create Key Pair
In this prompt, name your key pair as you see appropriate. When you click 'create' your browser will download them automatically. The keys are presented as a .pem file.
- It is essential to note that these keys are very important! They should be kept safe and secure on your system at all times.
2) Security Groups
Security groups act as granular firewall rules to your instances. Before you are able to login remotely, you need to create an OpenStack Security Group rule that allows ingress remote desktop traffic.
To create this rule, navigate to:
Project > Compute > Access & Security > Default
Choose 'Manage Rules', then 'Add Rule'.
OpenStack RDP Security Groups
Now you have satisfied all of the prerequisites to deploy a Windows compute instance, we can move on to provisioning.
Creating a Windows Instance
- Memset recommend a minimum instance size of MSOS002 (2GB RAM/2vCPU) for Windows instances.
Once you have decided on the amount of resources to allocate, move over to the 'Access and Security' tab. Choose your 'Key Pair' and be sure to select the 'Security Group' you added the rule to previously, in our case, 'Default'.
OpenStack A&C Tab
Launch!
When you are ready, click 'Launch'. The instance will provision very quickly, but you may notice that Windows requires a few reboots. This is because the Operating System is going through a process known as 'SysPrep'. This should only take around 5 Minutes.
Once this has completed, you will notice the VNC console displays a Windows login page. (Instance > Action > Console)
At this point, you might be asking yourself how to find the password for the 'Administrator' account. From the dashboard locate the instance row and select the dropdown under 'Actions'.
Use this menu to select 'Retrieve Password'.
Actions Menu
Finally, you are presented with a 'Retrieve Password' prompt. To proceed, use 'browse' to navigate to your local .pem key pair files generated earliar.
Temporary Key Decryption
Once you have imported your .pem certificate, you will be able to choose 'Decrypt'. In the 'Password' field you will see your configured 'Administrator' password.
Please note if you have provided your own keypair, the Horizon browser does not support keys with passphrases.
You now have two options to get started, either use the VNC console to configure the server, or pop back to the actions menu and assign a floating IP. If you choose the latter, you will now be able to access remotely from any Remote Desktop Client.
Last updated 18 April 2017, 15:00 GMT