Versions Compared

Old Version 8

changes.mady.by.user Niels van Dijk

Saved on

compared with

New Version Current

changes.mady.by.user Niels van Dijk

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Technical platform is deliverd delivered by SURFcloud, the SURFnet IAAS cloud.

Resources

Current resources coverVOpaas1 to VOpaas 9 consist of 10 VMs each with:

  • 10 instances
  • 10 1 CPUs
  • 20GB 2GB RAM
  • 10 1 v4 /and 1 v6 IPs

VMs can be created by Niels, addition resources available if needed

Unless otherwise defined, VMs run debian 8.x

The VM list has an overview of the VMs currently availabel

  • IP

Access

Access to machines is provided via the deploy/bastion host deploy.eduteams.org only

...

Access to the VMs is restricted by default.bastion host is limited to specific IP adresses and requires a registered ssh key

PORTS

No ports will be publicly available until requested. Normally only port 443 will be available publicly, unless specifically requested.

All port, including SSH and other ports will be available trough VPN access.the deploy host

VPN

VPN is needed to access the machines. ZeroTier (ZT) VPN clients (https://www.zerotier.com/download.shtml) are needed to get access to the virtual LANs of the VMs

Install ZeroTier client in your device and report client ID to Niels using the VOpaas Access List. Only client that are registered in the list will get access.

Joining a ZeroTier network

The netwerk to join is "e5cd7a9e1c6a4bbb " ()

Code Block
niels@Einstein:~$ sudo zerotier-cli join e5cd7a9e1c6a4bbb
[sudo] password for niels: 
200 join OK

Joining the network wit the CLI client

Code Block
niels@Einstein:~$ sudo zerotier-cli listnetworks
200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips>
200 listnetworks e5cd7a9e1c6a4bbb - ba:77:2e:0a:02:f6 ACCESS_DENIED PRIVATE zt1 -

No access given yet

Code Block
niels@Einstein:~$ sudo zerotier-cli listnetworks
200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips>
200 listnetworks e5cd7a9e1c6a4bbb GEANT-SA5-VOpaas-Pilot-platform ba:77:2e:0a:02:f6 OK PRIVATE zt1 10.147.19.113/24,fde5:cd7a:9e1c:6a4b:bb99:933c:4416:9c8c/88

Access granted

 

deploy/bastion host.

SSH access and SUDO rights

SSH access is only available trough the ZT vlan. Your account will be using the "Name" as listed in the VOpaas Access List.SSH access to the deploy host is only possible using ssh public key authentication. Please provide your public certificate using the the VOpaas Access List.

...