Once your environment has been deployed, and you have received your credentials from your iland project manager, you are ready to log in and start building your cloud.
Navigate to https://console.ilandcloud.com, which should present you with this screen.
Enter the username sent to you by your iland Project Manager or Solutions Architect, which should be the first initial of your first name combined with your last name, along with your password, to log in. Passwords are case-sensitive.
If you experience issues logging in, there a few quick things you can check to verify that there are no conflicts on your end:
* Note that your browser version should be the most current version. The Console will not retain backwards compatibility for older versions. Some other browsers should work, but are not actively tested and supported by iland.
Once you have logged in to the console, you’ll notice there is a left side bar with your company logo, user profile pic, inbox, service status, and task widget. To the right of that is the main navigation menu that has your company menu, location menu and list of available entities including your Org, vDCs, vApps VMs, and other available entities. The tab section on the top menu shows which options are available based on the entity selected from the left navigation menu.
Located on the left side of the console you will find the following:
The Navigation menu in iland's Console is a simple and quick way to move between the various levels of your environment. It allows you to easily move through your Organization(s) and Virtual Datacenters within a single physical Datacenter Location, as well as quickly move between physical locations if you have purchased more than one environment. For our example here, we'll look at a simplified and standard deployment.
* Note that this menu will only display items to which you have been granted access.
Top Navigation Menu
From the top of the Navigation menu you can access the Company dashboard, User Management (IAM), Support Requests, Your subscribed Cloud services (IaaS, DRaaS, BaaS, and Object Storage), Documentation (Success Center), and Feedback (UserVoice).
Feedback, Suggestions, and Bug Reporting
Location MenuThe location menu allows you to go to a different location if you have multiple sites deployed within your iland Secure Cloud environment. Simply click on the location name and the other locations will appear as a drop down list.
There are several types of entities that will appear in the navigation menu throughout your environment. Each entity will have it's own set of tabs that appear on the top of the dashboard:
Each entity type within the Console has an associated view. These views allow you to view and manage these resources.
The navigation bar across the top within the Dashboard can be switched to show available tabs or a breadcrumb style trail that shows where you are within the environment hierarchy. You can click on the higher level elements to quickly jump up levels.
We built this console to provide unprecedented transparency and control for your company's cloud. With that, however, comes a surplus of information and configuration options, alerts, charts, graphs, and reports that can very easily overwhelm you if you try to take them all in at once.
To help with this, we've created a brief overview of what can be found on each tab as you navigate through your environment. This guide will give you a good foundation for finding what you need in the Console quickly, without getting into to too much technical detail. If you want a more detailed breakdown, please feel free to browse our Knowledge Base for articles with all the technical specifics you need.
Located at the top of the Console dashboards you will see different tabs appear based on the entity you have selected in the navigation menu. These are the six main tabs:
The Dashboard is where you will view all of your usage and performance information, as well as where you will come to manage your environment. Because it includes so much of what the iland Console has to offer, we have dedicated a little more time to exploring it in depth. This is the primary view for working with your VMs and vApps, configuring resources, deploying templates, and opening the console to work directly on a VM, all without a single download or plugin.
The dashboard changes slightly as you delve deeper into your environment, providing information and functionality that is relevant to that layer of your environment. Because of this, we will go level by level to show you some of the specifics of what you can do at each point.
Org Level Dashboard
At the Organization Level, where you start, you see a list of your VDCs, and also the bandwidth and network usage for your environment. Hover over the graphs for more detail, or click the camera to create an image of the chart you are currently viewing. You can also download that data directly so that you use it or format it as needed, wherever a download button is available.
You can also see the event log for the entire organization, as well as download the event history as needed. On the left side, you will notice that there is a running task viewer as well, which show you the current status of active tasks. If you click on the individual tasks inside the window, you can get even more information.
VDC Level Dashboard
From the menu on the left or the VDC list view on the main screen, select your Virtual Datacenter, or VDC. You will notice the information in the dashboard widgets changes slightly as you move to the VDC level. Here, you will still see information specific to that VDC. This level is where you control and manage some of the features of your environment, and you will begin to see administrative information and tasks appear as you drill further.
At the VDC level you can see performance and event information for the entire VDC. At this level, you can also control and configure your vApps, as well as create new vApps and deploy vApp templates from the catalog.
vApp Level Dashboard
From here, we move down to the vApp level. This is where much of the system administration will be done. Here, you can configure vApps, add new VMs, take snapshots, and configure vApp networking. This view provides many of the features system administrators expect to find for a VMware environment, as well as the Performance, and Reporting we have seen at previous levels, specific to each vApp.
VM Level Dashboard
Finally, at the VM level, we can manage each individual VM, as well as view all the relevant information on a machine specific level. This includes performance (CPU, RAM, Storage, and Network), and event reporting, all specific to that machine.
At this level, you can also perform the rest of the tasks and configuration you would expect to perform as an administrator. You can allocate and change resources, edit properties (such as networking, hardware, and storage), or interact directly with the VM console without installing a single thing. Anything you would normally configure for an individual machine can be found on this page, alongside performance charts and other information.
Next, we have the networking tab. For system administrators, you should expect to spend the majority of your time here when setting up a new environment, or connecting the environment you already have to a new location. Here, you configure the settings of your Edge Gateway, and any other key components of your network infrastructure. This page in the portal has all the features for network configuration you would come to expect, as well as a few extras that iland offers in addition to the standard vmware feature set. This tab consolidates all of your configuration options into a single screen. You can view or modify NAT and firewall rules, IPSEC and SSL VPN configuration settings, alerting, and many more options to help you manage your cloud network.
If you are interested in a more in-depth view of the features contained here, please see our the Networking Section
Next, we have the catalog tab, which is a simple way to browse the contents of the catalogs available to you in your iland Cloud environment. Here, you can view any custom Templates or ISOs that you have uploaded to your environment, as well as browse the files that iland provides as part of your environment. You are also able to download directly from the catalog to your desktop.
Once you have created custom catalogs for your organizations, you can upload your own custom vApp templates and ISOs directly from the catalog itself. Everything you need to work within the catalog is here. However, remember, in order to create a new VM from a template in the catalog, or mount an ISO, you must do so from the vApp or VM view from the dashboard page. That is where all administration is done at the VM and vApp level.
Continuity is our Disaster Recovery (DRaaS) offering, powered by Zerto Replication. Here, you can administer your configuration, view the status of your replication, and execute both live and test failovers. You should be able to find all the information you are already used to seeing in the Zerto tab in your home environment.
Here you can see widgets with all the information you need for each protection group, including live statistics, protected VMs, and performance, with historical data going back to a year.
Note: in the event of a live failover, you will need to contact iland support to assist with the failback to ensure environment integrity.
Our Security tab offers all users some basic reporting: Vulnerability reports, Event history, and user login history. Users who purchase our advanced security and compliance offerings will be given access to a full suite of reports that can be customized and scheduled as needed. Some of these include: Anti-virus and malware events, Firewall events, Vulnerability scans, iland Cloud event history reports, iland Cloud Login History reports, Support requests including infrastructure issues, and Storage encryption. And there are more in the works. Each of these reports can be viewed directly, or downloaded from the iland cloud console to be viewed later, and are tailored to meet your compliance needs.
Now that you understand the way your iland Cloud environment is organized and how to navigate through the console, and you've completed the pre-flight checklist, you are ready to begin building out your iland Cloud environment. Finally!
They say the journey of a thousand miles begins with a single step, and an enterprise environment is no different. You can't have a cloud environment without any virtual machines, so without further delay, let's get the first machine up and running.
When creating your first VM, we recommend that you go ahead and use one of our templates so that you can get the ball rolling as quickly as possible. Our templates are preconfigured for virtualization, and include all the licensing you will need, ready to go. In this example, we will be deploying our Server 2012 R2 Template, but you are free to use whichever template you like. Or, feel free to skip the guide and go straight to creating your own VM from scratch.
Once you have logged in to the dashboard of your Organization (Org), which is the very top level in the navigation tree, you will see your Virtual DataCenter(s) (VDCs) clearly listed near the top of the page. Click on the VDC in which you would like to create your first VM.
This will bring to the dashboard at the VDC level. The top of the page should look a lot like this:
Note that at this time, since your VDC is empty, all these numbers should be zero. Let's fix that.
Click the "+" icon in the vApps section of the top panel. This will open the provisioning wizard.
On this first screen of the provisioning wizard you will need to enter the name and description of the vApp
You will also select which VDC will include this new vApp.
Choose the radio button next to the vApp template you want to deploy.
Here you have the ability to select any template you have access to within either the public or a private catalog. Use the "Look in" drop down menu to look for different catalogs. Once a catalog is selected use the search function to search for a specific template within that catalog.
Provide a name for the VM, choose the Storage Profile you would like to assign to the VM, and configure the NIC(s).
Note: We will assume for the sake of this guide that you are working with a default environment with no other networks. Environments with virtual firewall, or with our Continuity service may appear slightly different. If you have an alternate setup, we'll assume you have already been working with our deployment team to flesh out your environment, and you will already know which network to choose.
Review your selections, click submit, and the button will be replaced with a task window that lets you know that provisioning is in progress, and your first VM and vApp are being deployed. Once you see the active task, you can close the window and continue working in your environment, or you can leave it open until the deployment is complete. It's up to you.
We'll assume you have already deployed your first VM from one of iland's pre-made templates in your own Virtual DataCenter (VDC), so we will cut straight to the point.
Before we begin, we recommend that you know the following information so that you can follow along with this guide and your VM will be ready for use:
Note: This guide will only focus on the basic settings for the sake of brevity and to get you logged into the machine as fast as possible, so you can see our Cloud Console at work. For more information on all of configuration options available, see the guides linked at the bottom of the page.
Navigate to the VDC Dashboard view, the second level in the navigation tree, which should now look something like this:
Note that you should now see that the number of VMs and vApps in the VDC show as 1, which contrary to popular music, is much less lonely than the 0 we saw earlier. You'll notice that in the top pane, CPU and RAM will still say 0, because they only display the statistics of VMs that are currently Powered ON across the VDC. This is an important thing to keep in mind, since your bill, and resource limits for CPU and RAM, are related to Powered ON VMs only. The only resource consumed by a powered off VM is storage. You can find more information on how your resources are displayed and tracked by going here. This may change depending on the type of environment you have with iland. The environment used here is a Burst environment, so if you have a Reservation or Reservation + Burst environment, it may look slightly different.
If you look at the second pane, you can see the statistics for the vApp you have created. You can view the name, number of VMs, and the total number of configured resources for the entire vApp. This is where you can see what you have configured, regardless of your machine's current power state. If you click on the name of the vApp, or select it from the navigation tree on the left, you will now see the vApp Dashboard view (the third level).
You'll notice a few differences right away, most notably the power button at the top. Keep in mind that this is the power switch for the entire vApp as a whole, and not just the one VM you have created. vApps are essentially logical containers you can use to organize your VMs in a number of ways, but they also function as a sort of collective entity within your iland Cloud environment. The power settings here affect the entire collection of VMs within the vApp, and while that isn't a big deal when you are just building out your environment and only have a single VM, it could be potentially disastrous once you have your environment in production.
If you click the "Actions" Menu, you'll notice that it has changed a bit as well, and provides you with all the options you need to configure your vApp.
The menus in the Console are location aware, and change according to what is currently displayed, and which level of your Org you are viewing. Keep this in mind as well as you navigate through the iland cloud console, as some options are only available in certain locations.
Finally, if you scroll down past the billing information, you'll notice that you are able to see the vApp network as well, the network you connected it to when you first deployed the template. Here, you can add or remove additional networks as you build out your environment.
For the purposes of this guide, however, we won't be editing anything at the vApp level at this time. On to the VM itself!
Click on the VM name, or select it from the navigation tree on the left side of the page to open the VM Dashboard (the fourth level).
In the VM dashboard view, you are able to customize your machines to your heart's content. This page allows incredibly granular controls, and once you get used to the interface, you'll notice that you can accomplish a lot from this page, and some things that are entirely unique to iland's Console. Be sure to explore this page fully once we've completed this guide. You can find more information on all the features available in this view here, but we've waited long enough.
Each of the gear icons located on the page allow you to configure the element they are associated with. So, to change the number of vCPUs or Cores, for example, click the gear in the processor pane. this will open a window, and you can select the number of vCPUs you would like to assign to the machine. You can do the same for RAM assignment via the gear in the RAM pane. Just use the drop-down menu in the configuration windows to select the amount you wish to set. It may take a moment for the changes to take effect, and some changes can't be made while other configurations are in process, so you may need to wait until one task finishes before starting the next. Keep in mind that many of the changes made here require the VM to be powered off, so the option may not be available on a Powered ON VM.
Next, we will add a second disk to our VM. Just like before, click the gear next in the Storage Used pane. This window, however, is a little different than the others, since it allows you to configure multiple items.
Here, you can add to the space of the existing drive, or configure the adapter settings, by clicking the gear next to the drive listed in the window. Or, you can add a completely new disk by clicking the Add Disk button at the top of the window. We will be adding a second drive, so we will click "Add disk".
Here, we can enter the size of the new disk, and choose the type of adapter it should use. By default, the type is set to IDE, but our templates use LSI Logic SAS (SCSI) for their drives, so let's choose the same for the purposes of this walkthrough.
Once you have configured the new disk the way you want it, click the "Add" button and you will be taken back to the "Disks" window. You will see that the new disk appears listed here, along side the original disk already attached to the VM. But it hasn't actually been added just yet. No change is made to the VM before you click the "Submit" button at the bottom of this window. This allows you to add multiple disks, or make multiple configuration changes, from this window, and then push them all at once.
Here are some quick caveats about changing storage:
Once you've click the "Submit" button, it will be replaced by a spinning wheel, showing you that the task is in progress. you can close the window, or wait till the wheel becomes a green check mark to indicate that the task is complete.
You may need the page to reload before you can see the changes you've made. Just click on the VM name again in the navigation tree, and all the information should refresh itself. You can now see all the changes you've made to the processor, RAM and Storage reflected in pane at the top of the page.
The Console won't recognize VMware Tools just yet, because the machine hasn't been powered on. This will change once we power it up. All of our templates come with VMware Tools pre-installed.
If you are here, we'll assume you have already followed the steps in the previous guides and now have a powered-off, configured VM waiting for you in your environment. For the purposes of this guide, we used a Windows 2012 Datacenter Template from the iland Public Catalog. If you deployed a different template, or created a VM from scratch, your experience may vary.
Now, we are finally ready to turn on our VM. Since we used a template, there is no need for installation media, and while some of the other options are tempting, we don't really need to cover them here.
Note: If you powered on the VM prior to configuring Guest OS Customization, you can always power it off by selecting "Shut Down Guest OS" from the power menu. This will allow you to configure the options mentioned below.
Guest OS customization allows you to make changes within a VM directly from the Console. It allows the user to easily change certain settings or perform a few specified action upon the next boot of the system. All of iland's templates come with Guest OS Customization enabled by default, so that the initial "First Time Boot" configurations can be run. Guest OS customization must be enabled to properly configure many things you would want to set up on your first boot, such as NIC settings, HOST name, and the Local Administrator account credentials.
While we cover all of the customization options, make sure you at least set the Local administrator account password, so that you can log in to the VM once it boots.
In the dashboard, click the "Actions" drop-down in the VMWARE Panel and select "Manage Guest OS Customization".
A window will open with a wizard that will allow you to configure the options you would like to enforce on the next reboot. You'll see that Customization is already enabled, and you want to make certain that the "Change SID" option* remains disabled for the purposes of this walkthrough, as templates automatically change the SID as part of the initial customization process on the first boot.
*Option only appears for Windows VMs.
Note: You should only ever use this option if you copy an existing, non-templated VM, and even then, you'll want to make certain you disable it as soon as possible. Otherwise, you run the risk of breaking your domain authentication down the road, which can lead to some very nasty problems.
You can also change your computer HOST name here, if you like. This will change the DNS name of the machine on your network, and not the name of the VM or vApp that you see and interact with through the Console. Click "Next" Once you have finished with this screen.
On the next page, you will be asked if you want to allow a local administrator password. Click the "Yes" radio button, and more options will appear. You have the option to auto-generate a password, or you can manually specify one if you like. For the purposes of this guide, we will choose to manually set a password, and we'll pick something really secure and enter it in the box that appears beneath that section.
Note: Windows has a minimum password requirement of 8 characters, with at least a capital letter and a special character or number. If you do not choose a password that meets these requirements, the password change will not work, and you may need to re-deploy the template.
Finally, you have the option to automatically log in as the local administrator**. If you select that radio button, another option will appear allowing you to set the number of times the auto login will occur. We'll leave this alone for now, and just log in the good old fashioned way. Click the "Next" button
The next window will give you the option to allow the machine to join a domain. If you select yes, you will be asked to enter the domain name, as well as a user name and password that will allow the machine to be joined. Since we have no other machines running at this time, there is no domain to join, so we'll skip this part.
Note: Skipping this option will not prevent your machine from joining a domain at a later time, from within the OS. This simply allows you the option of doing it from within the iland cloud console, instead of logging all the way in to the VM Console and doing it manually. Personally, I have had better experience doing it the old-fashioned way, but the option is here if you would like to take advantage of it.
Click "Submit" when you are finished with the wizard. A spinning wheel will replace the button, and it will turn green once the task has completed. You may then close the window. The VM is now ready to boot.
This time, and any time you make a change to the Guest OS Customization settings, when you click the Power ON button at the top of the page, choose "Yes" when you are asked if you want to force recustomization. This will make sure that the VM will make the changes you configured the next time it boots. The VM will then boot, and after it runs the scripts to configure the OS, it will reboot one last time (this can take anywhere from a few seconds to a few minutes). Once it restarts, open the console, use the "Send CTRL-ALT-DEL" button to unlock the machine, and enter the new admin password you configured for the local admin.
Your VM is ready to go!
**Automatic Login is not available on Linux VMs
Note for Windows Server 2012 VMs
There is a known conflict with VMware's E1000 NIC and Server 2012. The bug causes Server 2012 VMs to intermittently lose network connectivity within the OS. In order to resolve this, we recommend using the VMXNET3 adapter with these VMs, which requires VMware tools to be installed and recognized by the infrastructure on the backend. iland's Windows templates come with this adapter by default, and while you certainly can change it, we don't recommend using anything else with your VM.
Turning Off Guest Customization
Once your VM is configured the way you like, iland recommends that you turn off Guest OS Customization, for a number of reasons. Leaving it on runs the risk that it may run again on a reboot at a later time, which, depending on your settings, could potentially cause a slew of issues in your environment. Also, even if it doesn't accidentally change an important configuration, customization can cause the machine to reboot multiple times, or at the least, slow down the boot time on your machine. It can also trigger if the VM is moved. So, for best practice's sake, once you've finished with it, you'll need to power down the VM one more time, and disable it from the "Manage Guest OS Customization" button in the "Action" Drop-down on the VMware Panel. Just select the "No" button on the first page, then scroll through the rest of the wizard and click "Submit".
You can now start to build out your Virtual Datacenter. The Console allows you to configure multiple networks, vApps, VPNs, and anything else your heart desires, all in one place. Welcome to the iland Cloud!
Once you have set up some VMs in your environment, you'll want to set up an easy way to manage them as well. Sure, iland's Console has a console view that will allow you to access the consoles of individual VMs, but many many of our customers prefer a more robust remote connection. Whether you want to use Microsoft's Remote Desktop Protocol (RDP) solutions or just open up direct SSH access, you'll need to configure the basic firewall rules and NAT settings to allow remote management traffic to pass through into your environment.
In all of iland's environments, the default setting is to deny all traffic not explicitly allowed by a rule enabled on the Edge Gateway. This guide is intended to provide you with a quick introduction to how these rules are configured and managed in the iland Cloud console, using a remote connection scenario to demonstrate the basics, and simultaneously help you get remote access set up for your environment.
Note: Some of our customers choose to use a different solution other than the built-in Edge Gateway to manage their network traffic. This guide is intended only for those who are taking advantage of the Edge Gateway, and not for those using alternatives, like the Cisco ASAv Appliance.
Before you can configure your environment for remote access, you'll need to do a little planning, and gather some important information.
First, you'll have to decide how you want your remote access to work, and how restrictive you want your firewall rules to be. Most of our customers choose to allow remote access only from certain Public IPs, or across a VPN tunnel to their office site. Since each customer's security needs are different, we can't really recommend a default "best" setup. However, our Solutions Architects, Deployment Engineers, and Support team will be more than happy to work with you to find the best solution to fit your needs.
Note: For the purposes of this guide, we will assume that traffic will be coming from a single public IP, across the internet, and not through a VPN tunnel. We will also allow RDP to a single specific management server, which we will use to remote into the rest of the machines on the internal network.
Next, you'll need to gather the following information:
Finally, you'll need to make sure your VMs are configured to allow access from within the OS. By default, all of our templates are configured to have remote access turned off at the time of deployment.
Note: If you aren't certain which IPs you have available in your iland environment, it's very simple to check. Just follow the steps in the Networking guide to find the range of IPs that come with your iland Cloud environment.
First, you'll need to create a rule mapping the Public IP you want to use for your VM in your iland Cloud environment to the internal IP of that machine. If you have multiple iland Cloud environments, be sure that you have selected the Organization you wish to configure from the navigation tree on the side of the page, then click the Networking tab at the top of the page. In the top left corner of the page, use the drop down menu to select the Edge Gateway you want the rule to be created on. By default, most of our customers that have not purchased our Continuity offering will only have one Edge gateway in their environment.
Scroll down the page until you see the Panel labeled "NAT". It should look something like this:
By default, all iland Cloud environments should have a Source NAT (SNAT) rule similar to the one above that allows for outbound traffic through the public IP of the Edge Gateway. You'll need to add a Destination NAT (DNAT) rule to map the public IP to your VM. To do this, click the "Manage NAT Rules" Button. This will open a window that will allow you to add or edit all of the NAT rules for your environment, all in one place. Click the "Add Rule" button in the top right corner of this window, and another window will open allowing you to configure the rule.
In this window, you will see the following fields and options:
In the example pictured above, we would essentially be telling the gateway to map all external traffic that comes in seeking the IP 184.108.40.206 to the VM with the internal IP 10.10.10.1, regardless of the port or protocol. Any service on that VM could then be opened up using port specific firewall rules.
Once you have created your own rule, click the "Add Rule" button. If you need to create multiple rules, you can do this here. This window will show you what each rule will look like, but the changes won't actually be applied until you click the "Submit" button. Once you click, the button text will be replaced by a spinning wheel, which will turn green when the task completes.
Note: We are creating a very basic rule in this example, but it is possible with DNAT rules to map several services across machines to a single public IP using port-based NAT rules. However, in most cases, customers prefer a one to one scenario when it comes to mapping public IPs to machines, and iland recommends this for simplicity if it fits your needs.
Now that we have mapped a public IP to our VM using a NAT Rule, we need to open up the ports to allow traffic to pass through. Just above the NAT panel, you should see the Firewall panel. By default, the Firewall panel in a new environment should look something like this:
The rule pictured above is what allows outbound traffic to pass through the firewall from the internal network to the internet. If this rule is disabled or missing, you would not be able to reach anything outside of your iland Cloud environment from the machines in your Virtual DataCenter. In order to allow traffic to pass in or out of your environment, there must be an explicit rule allowing it.
To create a new rule, click the "Actions" drop-down in the corner of the Firewall panel, and select "Manage Firewall Rules". This will open a new window that allows you to edit any rules you may already have in your environment, as well as providing you with the ability to add new ones. Click the "Add Rule" Button to open the "Add Firewall Rule" window.
You will see the following fields and options:
Below those fields, you will see two checkboxes: Enable Rule (which you must check for your new rule to become active), and Enable Logging. Typically, most rules don't require logging, but should you need it, you may turn it on at any time.
Once you have entered your rule, click the "Add Rule" Button at the bottom of the pane. The wheel will begin to spin, but don't close the window until you see the green check box that indicates that rule has been created.
Here is a sample rule that allows RDP (Remote Desktop Protocol) to a machine:
This rule is clearly named, and allows for communication from any external source on any port to reach the machine with the public IP of 220.127.116.11 and reach port 3389, for RDP services.
Typically, you wouldn't want to open up RDP for the entire internet, so you might want the source above to be the Public IP or range of your office network, for example. This way, you can still access from anywhere on your office network, but not outside of it. Again, this depends on your specific use case and security and access needs.
Once this is complete, and you have verified that the remote access service on your machine is enabled, you should be able to log in remotely from a machine with the specified IP or range.