HP Matrix Operating Environment 7.2 Update 1 Infrastructure Orchestration User Guide
Configuring an environment for cloud provisioning
In addition to provisioning with on-premise resources, Matrix OE infrastructure orchestration supports
provisioning virtual servers to an external cloud service, such as a supported CloudSystem bursting
service provider, another CloudSystem, or HP Matrix KVM Private Cloud.
Public cloud bursting is a feature of Matrix infrastructure orchestration that enables enterprises to
seamlessly provision public and private infrastructure resources. Combined with powerful private
cloud management capabilities, the ability to “burst” beyond the private cloud environment and
to leverage infrastructure resources offered by external cloud service providers creates a virtually
unlimited pool of hybrid cloud resources for Matrix infrastructure orchestration users to draw upon
for cloud service delivery.
Before you can create a template containing a virtual server that can be provisioned at a cloud
service provider, you must configure your environment for cloud provisioning. For detailed
configuration steps for provisioning to Matrix-to-Matrix, HP Matrix KVM Private Cloud, HP Cloud
Services, and Amazon EC2, see the Cloud bursting with HP CloudSystem Matrix infrastructure
orchestration white paper. For detailed configuration steps for provisioning to Savvis, see the
Configuring cloud bursting with HP CloudSystem Matrix infrastructure orchestration and Savvis
white paper. Both white papers are available at http://www.hp.com/go/matrixoe.
NOTE: To provision public cloud instances, obtain a Matrix OE Public Cloud Managed Instance
license. This license allows you to manage one public cloud instance hosted at an HP-supported
public cloud service provider for a term of one year from the date of registration. Multiple licenses
can be used together under a concurrent use model. (For example, if you purchase 10 licenses,
you can manage up to 10 public cloud instances at any one time.) Public cloud managed instance
licenses are not tied to a particular service provider. You can use the same license to manage an
instance at one service provider today and at another tomorrow, as long as the license is not used
for both instances at the same time.
For details on licensing, contact your HP sales representative.
Configuring a firewall (security group)
Configuring a firewall for server groups deployed to a cloud service provider allows you to permit
or restrict inbound network traffic based on a set of rules. A firewall is also known as a security
group.
NOTE: All server groups deployed to a cloud service provider have a firewall that blocks all
inbound traffic by default.
To allow inbound traffic, create a rule on the Firewall tab in infrastructure orchestration designer
that describes that traffic. The firewall is created before any of the servers in the server group are
created and the firewall is deleted after all the servers in the server group are deleted. These events
correspond to the Create Service and Delete Service operations.
NOTE: This tab is enabled only when a software image with a Cloud source type is selected on
the Software tab.
The Required selection (the default) defines a firewall that must be in effect when a service is
created. With this option, the server group cannot be deployed to a provider that does not support
firewalls. The default cloud firewall blocks all inbound traffic. To allow inbound traffic, you must
create one or more rules on this page that describe that traffic.
Select None to avoid placing a firewall into effect. With this option, the server group cannot be
deployed to a provider that requires a firewall.
Selecting Optional configures a firewall on the provisioned servers only if firewalls are supported
by the provider. If the provider does not support firewalls, the firewall definition is ignored. The
50 Installation and configuration