External panel
The external panel is a control panel where you can work only with a specific project. It does not display tickets and consumption, you cannot manage project quotas.
Using an external dashboard, you can grant cloud space to individual users or teams and set resource consumption quotas for them.
The outer panel can be opened:
- through a domain of the form project_number.selvpc.ru. Such domain is created automatically for each project. The external panel will be available via HTTPS protocol with
*.selvpc.ru
certificate; your
own domain, for examplecloud.yourdomain.com
. By default, the external panel will only be accessible via HTTP protocol — you can configure HTTPS access if needed.
The external panel is not subject to account access restrictions.
You can change the design of the outer panel — choose the fill color and change the logo.
The front-end dashboard is only available for Cloud Platform products: Cloud Servers, Managed Kubernetes, Cloud Databases, Container Registry, Secret Manager.
Log in to the external panel via project_number.selvpc.ru
To access the external panel through the domain in the format project_number.selvpc.ru,
you need to create a service user with the Project Administrator role.
You can log in to the panel using the login and password of the Project Administrator. The external panel will be opened via HTTPS protocol.
-
Add a service user. Select the Project Administrator role and add it to the desired project.
Only users with the Account Owner and User Administrator roles can create a new user.
-
In the control panel, on the top menu, click Account.
-
Go to the Projects section.
-
Open the project page → External Panel tab.
-
In the Login Link field, follow the link of the form
123456.selvpc.ru
. -
Enter the Project Administrator's name and password.
Configure access to the external panel through your own domain
Access to the external panel can be configured through your domain, for example cloud.yourdomain.com
. The external panel will be opened via HTTP protocol without a TLS (SSL) certificate.
If necessary, you can set up access via an encrypted HTTPS connection.
HTTP
HTTPS
-
In the control panel, on the top menu, click Account.
-
Go to the Projects section.
-
Open the project page → External Panel tab.
-
Copy the value from the Login Link field.
-
On your domain registrar's side, create a CNAME record for the third-level domain:
<cloud.yourdomain.com> CNAME <project_number.selvpc.ru>
Specify:
<cloud.yourdomain.com>
— name of the domain that will be used to open the external panel. You can use only a third-level domain — add the identifiercloud
or another name;<project_number.selvpc.ru>
— the login link you copied in step 2.
-
Specify the NS servers serving the domain for the record. It may take up to 48 hours to update DNS records.
-
In the control panel, on the top menu, click Account.
-
Go to the Projects section.
-
Open the project page → External Panel tab.
-
In the CNAME record field, click .
-
Enter the CNAME record you created. The original link to the external panel will change to your link.
To configure access to the external panel via HTTPS, you need to create an intermediate proxy server, upload a TLS (SSL) certificate to it and configure request forwarding.
-
Create a cloud server. You can select the minimum possible configuration, such as a fixed Shared Line configuration with 1 vCPU and 512 MB RAM.
-
Configure the cloud server to access to and from the internet via a public IP address.
-
On your domain registrar's side, create an A-record for the third-level domain:
<cloud.yourdomain.com> A <ip_address>
Specify:
<cloud.yourdomain.com>
— name of the domain that will be used to open the external panel. You can use only a third-level domain — add the identifiercloud
or another name;<ip_address>
— The public IP address that you connected to the cloud server in step 2.
-
In the control panel, on the top menu, click Account.
-
Go to the Projects section.
-
Open the project page → External Panel tab.
-
Copy the value from the Login Link field.
-
Install nginx on the cloud server.
-
Add a block to the nginx configuration file describing the reverse proxy server:
server {
listen 443 ssl;
server_name <cloud.yourdomain.com>;
ssl_certificate </etc/nginx/ssl/cert.pem>;
ssl_certificate_key </etc/nginx/ssl/privkey.pem>;
location / {
proxy_pass <project_url>;
}
}Specify:
<project_url>
— link to enter the external view panelhttps://<project_number>.selvpc.ru
which you copied in step 5;</etc/nginx/ssl/cert.pem>
— path to the certificate file. If you are using a TLS (SSL) certificate from Let's Encrypt®, the file is calledcert.pem
;</etc/nginx/ssl/privkey.pem>
— path to the file containing the certificate's private key. If you are using Let's Encrypt®, the file is calledprivkey.pem
.
-
Upload the TLS (SSL) certificate and certificate private key to the cloud server in the directories you specified in the configuration file in step 8. If you do not have a TLS (SSL) certificate for the domain, you can issue a free Let's Encrypt® certificate in Selectel Certificate Manager.
-
In the control panel, on the top menu, click Account.
-
Go to the Projects section.
-
Open the project page → External Panel tab.
-
In the CNAME record field, click .
-
Enter the A-record you created. The original link to the external panel will change to your link.
-
If the warning
We could not locate the DNS record...
appears when you log into the panel, ignore it.
Change the design of the external panel
You can customize the appearance of the login window and use your corporate colors and logos.
- In the control panel, on the top menu, click Account.
- Go to the Projects section.
- Open the project page → External Panel tab.
- In the Panel Layout block, click Change Layout.
- Specify the fill color in the panel.
- Click Upload to download the logo. The maximum size of the logo is 64 KB.
- Click Save.