Adding Credentials
This topic describes how to link your Cloud Service Provider (CSP) credentials to Megaport ONE and how to add an SSH key pair to gain access to an Equinix Metal project.
For information on the features that use these credentials, see Compute and Networking.
Note
Credentials in Megaport ONE are encrypted and stored.
In Megaport ONE, you can set credentials for:
- Cloud
- Containers
- SSH
Cloud credentials
You can easily integrate the relevant aspects of your Cloud Service Provider (CSP) accounts with Megaport ONE. You can run a script which links your CSP credentials and displays them in the Cloud Credentials page. After the CSP account is linked to Megaport ONE, you can deploy and monitor resources from within the Megaport ONE Portal.
Note
-
Each CSP has different credential requirements. For details on the values that need to be entered, see the relevant CSP documentation.
-
Currently Amazon Web Services, Google Cloud, and Microsoft Azure are supported. For Microsoft Azure, you need to access your Azure account and copy the subscription ID to use with Megaport ONE before proceeding with the instructions below.
To add cloud credentials
- Log in to the Megaport ONE Portal.
- Choose Tenant > Settings.
- Select Cloud Credentials.
The Cloud Credentials page appears. The Status column indicates whether cloud credentials have been added for the supported CSPs.
- Click Add Credential.
-
In the Select a cloud drop-down list, select the CSP for which you want to add credentials.
The Add Credentials screen updates to include more fields, and is different for each supported CSP. The image below shows the screen displayed when Amazon Web Services is selected.
-
In the Enter a description for this cloud credential field (step 2), enter a description.
This is a user-defined name that is displayed in Megaport ONE for the credentials. -
Enter the required information for the relevant CSP:
-
Amazon Web Services - In the Permissions drop-down list, select the Megaport ONE features that the permissions are for. These options are available:
- Network and Compute (recommended)
- Compute Only
- Network Only
-
Google Cloud - In the Project ID field, enter the Google Project ID to use to create and delete resources.
-
Microsoft Azure - In the Subscription ID field, enter the Azure Subscription ID to use to create and delete resources. If this field is left blank, your default Subscription ID is used.
-
-
Click Copy to clipboard to copy the displayed command to the clipboard.
The command runs the onboarding script and automatically links elements of your CSP account to the Megaport ONE platform. -
Click Launch CSP Cloud Shell to run the command in your CSP cloud shell.
After this has been successfully completed, your CSP credentials appear in Megaport ONE and you can deploy and monitor resources in Megaport ONE. -
Click Close.
Megaport ONE adds the cloud credentials and is now connected to the CSP account. For the added credentials, the Status column changes to Added.
To delete cloud credentials
- Log in to the Megaport ONE Portal.
- Choose Tenant > Settings.
- Select Cloud Credentials.
- Click the gear icon
for the cloud credentials to delete. - Select Uninstall Credential.
The Delete Credential screen appears (AWS example shown).
- Click Copy to clipboard to copy the displayed command to the clipboard.
- Click Launch CSP Cloud Shell to run the command in your cloud shell to uninstall the selected credentials.
- Type DELETE in all caps and click Delete to confirm.
The cloud credentials are deleted.
Note
After uninstalling credentials in the Megaport ONE Portal, we recommend that you also uninstall the credentials on the CSP side.
Container credentials
A container registry is a repository, or collection of repositories, that are used to store and access container images. Container registries support container-based application development, often as part of DevOps processes. Container registries can connect directly to container orchestration platforms like Docker and KubernetesAn open source system for automating deployment, scaling, and management of containerized applications..
Container registries save developers time creating and delivering cloud-native applications, acting as the intermediary for sharing container images between systems.
Container registry credentials allow you to access and deploy app containers from private registries directly on a cluster, using the Kubernetes Dashboard.
Docker
Docker is a set of Platform as a Service (PaaS) products that use OS-level virtualization to deliver software in packages called containers. The service has both free and premium tiers. The software that hosts the containers is called Docker Engine. For more information, see https://docs.docker.com/.
In Megaport ONE, you can add a Docker container to a Kubernetes cluster. There are no Kubernetes credentials, you share a public repository URL and that provides access. For more information, see Creating a Cluster.
To add container credentials
- Log in to the Megaport ONE Portal.
- Choose Tenant > Settings.
- Select Container Credentials.
The Container Credentials page displays any existing container credentials.
-
Click Add Credential.
-
In the Provider drop-down list, select the container registry provider.
These options are available:- Docker
- Azure
- NVIDIA
- Amazon
- GitLab
Note
- The Add Container Registry Credentials screen is different for each supported registry provider.
- When Google is selected, you need to enter a JSON key file instead of a registry username and password/token.
-
Specify the container credential details:
- Credential Name – The name of the container credentials to display in Megaport ONE.
- Registry URL – The container registry URL.
For example, https://myregistry.docker.com - Registry Username – The container registry username.
- Registry Password/Token – The container registry password or token.
- Click Confirm.
The container credentials are added.
To delete container credentials
- Log in to the Megaport ONE Portal.
- Choose Tenant > Settings.
- Select Container Credentials.
- Click the gear icon for the container credentials to delete.
- Select Delete Credential.
- Type DELETE in all caps and click Delete to confirm.
The container credentials are deleted.
SSH credentials
The Secure Shell (SSH) protocol is a cryptographic network protocol for operating network services securely over an unsecured network. This allows computers to securely communicate and share data. The most notable applications of SSH are remote login and command-line execution. SSH applications are based on a client–server architecture, connecting an SSH client instance with an SSH server.
An SSH key relies on the use of two related keys, a public key and a private key. Together they create a key pair which is used as the secure access credential. The private key is secret, known only to the user, and is encrypted and stored safely.
In Megaport ONE, SSH credentials (keys) are specific to an Equinix Metal project. This is a public project key added to your Equinix Metal account. This key is specific to your single project. This provisions the computer, and SSH allows you to access the computer and install everything that is required.
To add SSH credentials
- Log in to the Megaport ONE Portal.
- Choose Tenant > Settings.
- Select SSH Credentials.
The SSH Credentials page displays any existing SSH credentials.
- Click Add Credential.
-
Specify the SSH key details:
- Key Name – The name of the SSH key to display in Megaport ONE.
- SSH Private Key – The SSH private key.
For more information, see https://metal.equinix.com/developers/docs/accounts/ssh-keys/
-
Click Confirm.
The SSH credentials are added.
To delete SSH credentials
- Log in to the Megaport ONE Portal.
- Choose Tenant > Settings.
- Select SSH Credentials.
- Click the gear icon for the SSH credentials to delete.
- Select Delete Credential.
- Type DELETE in all caps and click Delete to confirm.
The SSH credentials are deleted.