Nirin - Quick Start Guide

Step-by-step guide

Log in to the cloud dashboard https://cloud.nci.org.au with your NCI credentials.
If you are part of multiple projects, select the project you wish to administrate from the dropdown menu at the top of the screen.
If you are using Nirin for the first time, and want to create a virtual machine to access via SSH, then ensure at least one key pair exists under your account:
Navigate to "Key Pairs" under the "Compute" menu on the left of the screen, then either:
- "Import Public Key" if you have an existing key pair you wish you use, or
- "Create Key Pair" to set up a new key pair.
Setting up a single key pair is a one-time operation. This is the minimum requirement to get started; more complex workflows or security models may require multiple key pairs.
Create a virtual machine:
Navigate to "Instances" under the "Compute" menu on the left of the screen, then press "Launch Instance" to configure the virtual machine. Several parts of the configuration are required, including:
- Source defines the starting point for the virtual machine. Select "Image" in the boot source dropdown, and select a recently updated Ubuntu image from the list of available images (by clicking on the upward arrow in the relevant row of the table).
- Flavor defines the number of VCPUs, amount of RAM, and so on. Select a flavor that suits your requirements.
- Security Groups allows network access to the virtual machine. Nirin projects are created with one security group "ssh" which allows remote login; ensure this security group is selected, using the upward-facing arrow.
- Key Pair allows you to select the key pair set up above, which will be installed on the virtual machine when it is created so that you can log in over SSH.
When all the required information has been supplied, the "Launch Instance" button will become enabled allowing you to start creation of the virtual machine.

Click on the “Instances Tab” and press “Launch Instance” to start a virtual machine.

Click “Details” and select appropriate Image Name and Flavour.

Local Disk and Cinder Volume: Local disk is only for operating system and scratch. This disk is local to the compute blade and it is NOT backed up. The main software engineering of OpenStack Cloud requires you to have a virtual machine deployment process that is reproducible. We strongly recommend using puppet or other alternates to deploy the operating system. For persistent storage, NCI provides cinder volume and projects should use cinder volume to store critical data e.g. web catalogs and important data. It may also be noted while cinder volume (based on Ceph) is replicated, we strongly suggest projects to ask /pay for long term storage on NCI’s tape drives. The data on NCI’s tape drives is backed up across two remote sites. For more information please send an email to help@nci.org.au.

Please note that local disk provided to your VM on Tenjin is an SSD.

Overview of storage types

Storage Type	Device	Intended use	Pros	Cons
Root disk	/dev/sda, automatically mounted on /	Operating system and applications	High IOPS and throughput (Solid State Disks in RAID 0) Included in instance snapshots	Limited size No redundancy Deleted when virtual machine is deleted Not automatically backed up
Ephemeral disk	/dev/sdb, automatically mounted on /mnt	Temporary storage (scratch space)	High IOPS and throughput (Solid State Disks in RAID 0)	Limited size No redundancy Deleted when virtual machine is deleted Not included in instance snapshots Not automatically backed up
Attached volumes aka Block Storage aka Cinder (Backed by Ceph)	/dev/sdc and subsequent, not automatically mounted	Persistent storage of large volumes of data	Large size High throughput Built-in redundancy Exists until deleted by owner Can be detached from one VM, then re-attached to another. Can create point-in-time volume snapshots	Lower IOPS Not automatically backed up

Click “Access & Security” and select the Key pair you want to use for logging into the virtual machine once it is provisioned.
Click “Networking” and select the IP address. Your project may have multiple IP address associated depending upon the requirements.
Click "Launch".
Use “ssh –i /path/to/keypair root@IP.ADDRESS” to access the virtual machine.
We do not recommend putting in useful data on the VDA (root) and (VDB) ephemeral storage. At the time of creation of the project, NCI gives 10GB (minimum) quota for block storage (we use Ceph).
Click “Volumes” tab and create a volume.

Attach the volume it to the virtual machine. It will most probably get attached as /dev/vdc but it is always a good idea to check. On your virtual machine fdisk –l command will give you a clear idea.

fdisk sample output

[root@awesome]# fdisk -l

Disk /dev/vda: 10.7 GB, 10737418240 bytes
255 heads, 63 sectors/track, 1305 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000c62bf

   Device Boot      Start         End      Blocks   Id  System
/dev/vda1   *           1        1306    10484736   83  Linux

Disk /dev/vdb: 32.2 GB, 32212254720 bytes
16 heads, 63 sectors/track, 62415 cylinders
Units = cylinders of 1008 * 512 = 516096 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000


Disk /dev/vdc: 10.7 GB, 10737418240 bytes
16 heads, 63 sectors/track, 20805 cylinders
Units = cylinders of 1008 * 512 = 516096 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000

Create a filesystem on /dev/vdc

[root@awesome /]# mkfs.ext4 /dev/vdc

mke2fs 1.41.12 (17-May-2010)

Mount the volume on your virtual machine.

[root@awesome /]# mkdir /data; mount /dev/vdc /data

Access Global File-systems

NFS Export Policy for global file-systems to Nirin

Additional Information / Policy matters

NCI uses the IP address range supplied by the Australian National University. These IP addresses are regularly scanned for security vulnerabilities and monitored for suspicious network traffic and behavior. NCI reserves the right to shutdown and lock your virtual machine in the case your virtual machine is not secure, has been hacked and/or is involved in a suspicious activity. NCI staff will inform the virtual machine owner and the project CI with the reasons for shutting down the virtual machine.
NCI charges for instances in ‘shutdown’ state as shutdown instances consume resources on the hypervisor. If you do not wish to be charged for shutdown instances, please terminate them or shutdown the instance and then shelve and shelve-offload the instance .
Local disk is only for operating system and scratch. This disk is local to the compute blade and it is NOT backed up. This essentially means upon a hardware failure on the compute node hosting your virtual machine (VM), you may loose the root and ephemeral disk - resulting in irrecoverable VM/data. The main software engineering of OpenStack Cloud requires you to have a virtual machine deployment process that is reproducible. We strongly recommend using puppet or other alternates to deploy the operating system. For persistent storage, NCI provides cinder volume and projects should use cinder volume to store critical data e.g. web catalogs and important data. It may also be noted while cinder volume (based on Ceph) is replicated, we strongly suggest projects to ask /pay for long term storage on NCI’s tape drives. The data on NCI’s tape drives is backed up across two remote sites. For more information please send an email to help@nci.org.au.
The standard OpenStack "security groups" are not supported on Tenjin. This means that once VM is assigned a floating IP, it is fully visible on the Internet, and should be secured accordingly.

No labels

Page tree

Nirin - Quick Start Guide

Step-by-step guide

Access Global File-systems

Additional Information / Policy matters