Actions

HacDC-shared-m335-1 Xen: Difference between revisions

From HacDC Wiki

Line 43: Line 43:
===Sharing===
===Sharing===
Sharing of account resources is permitted, however, additional resources will be allocated according to individual member needs for specific purposes. As a reminder, compromised accounts will be immediately removed as discovered.
Sharing of account resources is permitted, however, additional resources will be allocated according to individual member needs for specific purposes. As a reminder, compromised accounts will be immediately removed as discovered.
===Bandwidth===
Bandwidth hogging is not tolerated, as the internet connection is shared with neighboring tenants. Any action necessary to relieve network pressure will be undertaken.


=ChiefAdmin=
=ChiefAdmin=

Revision as of 21:16, 21 October 2014


Simple project server, emphasis on availability and uptime.

CommandReference

Routinely important commands unique to this server documented as follows.

Root (Admin)

  • ./hxNewUser <userName> - Creates user account with default Xen VM and permissions.
  • ./hxDelUser <userName> - Deletes user account, associated VMs, and associated Xen permissions.

Users

Characteristics

  • CPU - E2200 Dual-Core 2.2GHz
  • RAM - 1GB
  • HDD - 500GB
  • Hostname - HacDC-shared-m335-1
  • FQDN - HacDC-shared-m335-1.hacdc.org

Redundancy (RAID)

None yet. Internal backups or RAID1 planned for OS/user storage. Access to a RAID0 (striped) array planned for high-speed semi-permanent storage.

Policies

Permissions

Root

HacDC members with a demonstrable need or willingness to manage non-root users may be given root access. Imperative that root users do not jeopardize uptime.

Xen

All HacDC members are welcome to xenshell access. Resources, including CPU, disk space, and external network ports, will be allocated on an as-needed first-come-first-serve basis.

Notifications

Internal server email will notify users, if feasible, on the following schedules, subject to change.

  • Three days before planned downtime exceeding one hour.
  • One week before planned permanent downtime (obsolescence).

Removal

  • Three months before removal of ex-member accounts. Exceptions on a case-by-case basis.

DataLoss

  • Users should regularly backup critical data offiste.
  • Onsite data storage is not guaranteed to be reliable.
  • All server data may be deleted after obsolescence.
  • Removed accounts may be deleted immediately and permanently upon deactivation.

Privacy

Machine is physically accessible to all keyholding HacDC members. Although HacDC members are generally responsible, privacy should not be expected.

AcceptableUse

Sharing

Sharing of account resources is permitted, however, additional resources will be allocated according to individual member needs for specific purposes. As a reminder, compromised accounts will be immediately removed as discovered.

Bandwidth

Bandwidth hogging is not tolerated, as the internet connection is shared with neighboring tenants. Any action necessary to relieve network pressure will be undertaken.

ChiefAdmin

mirage335

Credits

Hunterkll - Donated core hardware.

Softload

https://github.com/mirage335/hostedXen

WIP

/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE

/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d jgibbs.dyndns.org --dport 3389 -j DNAT --to 172.17.207.4:3389

Reference

https://wiki.debian.org/Xen#Domain_0_.28Host.29_Installation http://dev.e-taxonomy.eu/trac/wiki/Xen_installation http://wiki.xenproject.org/wiki/Nested_Virtualization_in_Xen#How_to_use_nested http://wiki.xen.org/wiki/Host_Configuration/Networking#Routing http://blog.manula.org/2012/04/manually-configuring-nat-networking-in.html http://www.fclose.com/816/port-forwarding-using-iptables/ https://wiki.debian.org/iptables http://blog.manula.org/2011/02/xen-bridged-networking-mode.html http://xen.1045712.n5.nabble.com/console-access-to-non-root-xen-3-0-td2560667.html http://xen-tools.org/pipermail/xen-tools-discuss/2009-September/000674.html https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/5/html/Virtualization/sect-Virtualization-Tips_and_tricks-Limit_network_bandwidth_for_a_Xen_guest.html http://serverfault.com/questions/52027/how-can-i-limit-per-user-bandwidth http://www.howtoforge.com/nat-gateway-iptables-port-forwarding-dns-and-dhcp-setup-ubuntu-8.10-server