NCI Help

Page tree

Versions Compared

Old Version 16

changes.mady.by.user Mohsin Ali

Saved on

compared with

New Version 17

changes.mady.by.user Mohsin Ali

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Panel
titleOn this page

Table of Contents

Logging in to the dashboard

The primary way to use the NCI cloud is via the web dashboard. To log in, follow these steps:

...

You will be taken to your default project overview page. If you are a member of multiple cloud projects you can select the project to view from the drop-down box on the top left of the screen.

Setting up a key pair

If you are using Nirin for the first time, ensure at least one key pair exists under your account.

...

Setting up a single key pair is a one-time operation. This is the minimum requirement to get started using this guide; more complex workflows or security models may require multiple key pairs.

Creating your first instance

Creating an instance in the dashboard is done using the Launch Instance wizard, which takes you through a number of dialogs collecting information about the instance to be created. Follow the steps below to create a basic instance.

...

Once the Status becomes "Active" the instance is up and running.

Using Floating IP addresses

The instance created in the previous section has a network connection with a private IP address (10.0.0.18), and can connect to hosts on the Internet, but it is not accessible from the wider Internet. In order to access it externally you need to attach a floating IP to it - this is an externally accessible address that will forward traffic through to the instance on its private address. Follow the steps below to allocate a floating IP and attach it to the instance created previously.

...

Info
titleSecurity risk: releasing floating IP addresses

Releasing a floating IP address makes it available for other projects to use, which can in some situations present a security risk. For example, if an external system (such as an old NFS export of gdata filesystems) refers to a public IP address which is released back to the pool and later re-used by another project on the cloud, this could inadvertently give that project access to the external system. To mitigate this risk: before releasing a floating IP address, ensure that any external systems that rely on it are told that the address is no longer valid.


Persistent Volume Storage

Instances in the cloud have a small (10GB) local disk that is intended to hold only the operating system install and its essential files. Additional storage is provided through the use of volume storage. Volumes are effectively an external drive that can be attached to and detached from the instance as required - the volume continues to exist even after the instance is deleted.

...

  1. Log in to the dashboard.
  2. Click on the Project → Volumes → Volumes tab
  3. Click on the "Create Volume" button to bring up the Create Volume dialog, enter a name and set the size. Leave the volume source and type unchanged. Finally, click on the "Create Volume" button to submit the request.
  4. The volume creation process will take a few seconds. Once it is complete the volume will show in the volume list as Available. Select "Manage Attachments" from the Actions menu on the right, and the Manage Volume Attachments dialog will pop up.
  5. Select your instance from the list. Leave the device name untouched. Finally, click on the "Attach Volume" button.
  6. The volume list will show that the volume status is In-use, and that it is attached to your instance.

  7. Log in to your instance and run the lsblk  command to list the block devices. You should see your volume presented on the device listed previously.

    Code Block
    ubuntu@my-instance:~$ lsblk
NAME    MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
vda     252:0    0   10G  0 disk 
├─vda1  252:1    0  9.9G  0 part /
├─vda14 252:14   0    4M  0 part 
└─vda15 252:15   0  106M  0 part /boot/efi
vdb     252:16   0    1G  0 disk


  8. At this point the volume can have a filesystem created on it, and it can be mounted and used.

    Code Block
    ubuntu@my-instance:~$ sudo mkfs.ext4 /dev/vdb
mke2fs 1.44.1 (24-Mar-2018)
Creating filesystem with 262144 4k blocks and 65536 inodes
Filesystem UUID: 28813bd6-e50a-40ef-864b-9f4aaa541eac
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376

Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (8192 blocks): done
Writing superblocks and filesystem accounting information: done

ubuntu@my-instance:~$ sudo mkdir /data
ubuntu@my-instance:~$ sudo mount /dev/vdb /data
ubuntu@my-instance:~$ sudo touch /data/test
ubuntu@my-instance:~$ ls /data/test 
/data/test


Appendices

A. Flavours

NCI offers a range of virtual machine flavours to suit a range of needs. The name of the flavour encodes information about the number of virtual CPUs, and the amount of memory and local disk space that the flavour provides; for example:

...

For more information, see: Nirin Flavors and Charge Rates

B. Storage

Local Disk and Volume Storage: Local disk is only for the operating system install. This storage is not backed up anywhere, and only exists as long as the instance exists. It is strongly recommended that you deploy your instances using an automated process that permits you to rebuild an instance any time it is necessary, and to use persistent storage for anything that cannot be recreated easily.

...

Root disk/dev/vda, automatically mounted on /Operating system and applications
  • High IOPS and throughput (Solid State Disks in RAID 0)
  • Included in instance snapshots
  • Limited size
  • No redundancy
  • Deleted when virtual machine is deleted
  • Not automatically backed up
Attached volumes aka Block Storage aka Cinder (Backed by Ceph)/dev/vdb and subsequent, not automatically mountedPersistent storage of large volumes of data
  • Large size
  • High throughput
  • Built-in redundancy
  • Exists until deleted by owner
  • Can be detached from one VM, then re-attached to another.
  • Can create point-in-time volume snapshots
  • Lower IOPS
  • Not automatically backed up

C. Access to the Global File-systems

The NCI Global filesystems can be accessed via NFS exports. Please see NFS Export Policy for global file-systems to Nirin for more details.

D. Additional Information / Policy matters

  • Please ensure that the Operating systems and packages are updated regularly to incorporate security and performance improvements.
  • NCI uses the IP address range supplied by the Australian National University. These IP addresses are regularly scanned for security vulnerabilities and monitored for suspicious network traffic and behaviour. NCI reserves the right to shut down and lock your virtual machine in the case your virtual machine is not secure, has been compromised and/or is involved in a suspicious activity. NCI staff will inform the virtual machine owner and the project CI with the reasons for shutting down the virtual machine.
  • NCI charges for instances in ‘shutdown’ state as shutdown instances consume resources on the hypervisor. If you do not wish to be charged for shutdown instances, please terminate them or shutdown the instance and then shelve and shelve-offload the instance.

...