No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionCloud 6.3.1 Management Plane Hybrid Cloud Guide 05

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Creating First-level VDCs

Creating First-level VDCs

You can create one or multiple first-level VDCs as required. Each first-level VDC is associated with a project by default.

Context

  • When you create a first-level VDC, a project is created by default on the ManageOne operation plane. A user can apply for resources in a project only after the user is associated with the project.
  • Default projects do not have lower-level projects. Projects in the system are independent from each other, and resources in projects are isolated. Users can be associated with different projects as needed.
  • If you need to associate the VDC to be created with an approval process, you must create and publish an approval process first.

Prerequisites

  • You have obtained the username and password of an operation administrator.
  • To create a third-party user for the first-level VDC to be created, you must obtain the username of the third-party user.
  • To associate the first-level VDC with third-party authentication, create a third-party authentication server first.

Procedure

  1. Use a browser to log in to the ManageOne operation plane as an operation administrator.

    In the non-B2B scenario, the login address format is https://Address for accessing the Console page, for example, https://console.type.com.

    In the B2B scenario, the login address format is https://Address used by operation administrators to access the ManageOne operation plane, for example, https://adminconsole.type.com.

  2. Choose Tenant > Tenant Management from the main menu.
  3. In the upper right corner of the page, click Create Tenant.

    NOTE:
    • An operation administrator can create a tenant and enable the VDC service for the tenant. First-level VDC administrators can create second-level to fifth-level VDCs.
    • The Create Tenant page has lots of information. To quickly find required information, you can click target items in the quick navigation to switch to the target areas and then configure or view information.

  4. In the displayed dialog box, enter basic information.

    • Tenant Name: indicates a tenant name.
    • Project Name: indicates the name of a project to be created in the first-level VDC by default.
    • HUAWEI CLOUD Account: If you select a HUAWEI CLOUD account from the drop-down list box, regions corresponding to the HUAWEI CLOUD account are displayed in the region list, and users can apply for resources in the HUAWEI CLOUD regions. If you select Do not associate with a HUAWEI CLOUD account., the tenant is not associated with any HUAWEI CLOUD account by default, and users cannot apply for resources in the HUAWEI CLOUD regions.
      NOTE:

      Before selecting a HUAWEI CLOUD account, choose System > Cloud Resource Pool Access from the main menu. In the navigation pane, choose HUAWEI CLOUD Access. On the displayed page, access HUAWEI CLOUD accounts.

    • Access Third-party Authentication: indicates whether to associate the tenant with a third-party authentication server.
      • Third-party authentication includes LDAP authentication and federated authentication.
      • After the association, you do not need to set a password when creating a third-party user in the tenant. After a tenant is associated with federated authentication, all users in the tenant are third-party users.
      • A tenant can be associated with only one third-party authentication. One third-party authentication can be associated with multiple tenants.
    • Select Two-Factor Authentication: If you select Yes for Select Two-Factor Authentication, the system redirects to the short message authentication page when the tenant's VDC administrator, VDC operator, user-defined role, and LDAP user logs in to ManageOne.
      NOTE:

      Before using the two-factor authentication function, you need to configure the SMS server on ManageOne Maintenance Portal. For details, see "Commissioning SMS-based Notifications" in FusionCloud 6.3.1 O&M Guide

      • If the operation administrator selects two-factor authentication when creating a tenant and enters a mobile number when creating a user for the tenant, the user can enter a verification code on the short message authentication page to log in to the system.
      • If the operation administrator selects two-factor authentication when creating a tenant but does not enter a mobile number when creating a user for the tenant, the user needs to enter the mobile number and verification code on the short message authentication page to log in to the system.

  5. Create an administrator. If you want to create a first-level VDC administrator for the newly created tenant, enter basic information about the VDC administrator.

    • You can select Third-party user when creating a user in a first-level VDC associated with LDAP authentication.
    • The username of the third-party user must be the same as that on the third-party authentication server.
    If the first-level VDC has been associated with an identity provider, you do not need to set passwords when creating users in the VDC.
    • When creating a user, you must ensure that the username is the same as that on the identity provider so that the user is authenticated by the identity provider when the user logs in to the ManageOne operation plane.
    • When logging in to the ManageOne operation plane as the created user, you only need to enter the obtained username of the third-party user. Then, on the redirected login page, enter the username of the third-party user and the corresponding password.

  6. Enable VDC services and set the VDC quotas.

    1. Select a region. You can select multiple regions as needed.
    2. Set quotas.
      • If you select Yes for Use Default Settings, all resource quotas in the selected region are available, and the quota is not limited.
      • If you select No for Use Default Settings, you can select a resource pool or an AZ for the tenant.
        • When setting resource quotas, you can determine whether to support unlimited quotas for all cloud service quota items.
        • If the resource quota of a cloud service in an upper-level VDC is set to be unlimited, the resource quota of the cloud service can be set to be unlimited or limited when a lower-level VDC is created. If the resource quota of a cloud service in an upper-level VDC is set to be limited, the resource quota of the cloud service must be set to be limited when a lower-level VDC is created.
        • The setting for whether the resource quota of a cloud service is unlimited or limited during VDC creation cannot be modified after the VDC is created.
      NOTE:

      Currently, private cloud resource pools, HUAWEI CLOUD resource pools, and two-level cloud resource pools that have different resources are available. You can select a proper resource pool based on site requirements.

  7. Associate the VDC with an approval process. Perform this step if you want to associate the created VDC with an approval process. In the approval process list, you can select an approval process to be associated with the created VDC.

    After the VDC is associated with an approval process, the VDC administrator of the VDC needs to submit an order for approval when modifying the VDC quotas. The modification takes effect only after the order is approved. When changing the name or description of a lower-level VDC, an upper-level VDC administrator can set no approval by modifying the approval process.
    NOTE:
    • A first-level VDC can be associated with only approval processes created by operation administrators.
    • After a first-level VDC administrator associates a lower-level VDC with an approval process, the first-level VDC administrator can view only the approval processes created by the first-level VDC administrator when modifying the approval process of the lower-level VDC.
    • No approval is required when a VDC administrator modifies quotas of a lower-level VDC.

  8. Click Create.
Translation
Download
Updated: 2019-01-17

Document ID: EDOC1100043116

Views: 34762

Downloads: 21

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next