Actions

HacDC-shared-m335-1 Xen

From HacDC Wiki


Simple project server, emphasis on availability and uptime.

CommandReference

Routinely important commands unique to this server documented as follows.

Root (Admin)

  • ./hxNewUser <userName> - Creates user account with default Xen VM and permissions.
  • ./hxDelUser <userName> - Deletes user account, associated VMs, and associated Xen permissions.

Users

Characteristics

  • CPU - E2200 Dual-Core 2.2GHz
  • RAM - 1GB
  • HDD - 500GB
  • Hostname - HacDC-shared-m335-1
  • FQDN - HacDC-shared-m335-1.hacdc.org

Redundancy (RAID)

None yet. Internal backups or RAID1 planned for OS/user storage. Access to a RAID0 (striped) array planned for high-speed semi-permanent storage.

Policies

Permissions

Root

HacDC members with a demonstrable need or willingness to manage non-root users may be given root access. Imperative that root users do not jeopardize uptime.

Xen

All HacDC members are welcome to xenshell access. Resources, including CPU, disk space, and external network ports, will be allocated on an as-needed first-come-first-serve basis.

Notifications

Internal server email will notify users, if feasible, on the following schedules, subject to change.

  • Three days before planned downtime exceeding one hour.
  • One week before planned permanent downtime (obsolescence).

Removal

  • Three months before removal of ex-member accounts. Exceptions on a case-by-case basis.

DataLoss

  • Users should regularly backup critical data offiste.
  • Onsite data storage is not guaranteed to be reliable.
  • All server data may be deleted after obsolescence.
  • Removed accounts may be deleted immediately and permanently upon deactivation.

Privacy

Machine is physically accessible to all keyholding HacDC members. Although HacDC members are generally responsible, privacy should not be expected.

AcceptableUse

Sharing

Sharing of account resources is permitted, however, additional resources will be allocated according to individual member needs for specific purposes. As a reminder, compromised accounts will be immediately removed as discovered.

ChiefAdmin

mirage335

Credits

Hunterkll - Donated core hardware.

Softload

https://github.com/mirage335/hostedXen

WIP

/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE

/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d jgibbs.dyndns.org --dport 3389 -j DNAT --to 172.17.207.4:3389

Reference

https://wiki.debian.org/Xen#Domain_0_.28Host.29_Installation http://dev.e-taxonomy.eu/trac/wiki/Xen_installation http://wiki.xenproject.org/wiki/Nested_Virtualization_in_Xen#How_to_use_nested http://wiki.xen.org/wiki/Host_Configuration/Networking#Routing http://blog.manula.org/2012/04/manually-configuring-nat-networking-in.html http://www.fclose.com/816/port-forwarding-using-iptables/ https://wiki.debian.org/iptables http://blog.manula.org/2011/02/xen-bridged-networking-mode.html http://xen.1045712.n5.nabble.com/console-access-to-non-root-xen-3-0-td2560667.html http://xen-tools.org/pipermail/xen-tools-discuss/2009-September/000674.html https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/5/html/Virtualization/sect-Virtualization-Tips_and_tricks-Limit_network_bandwidth_for_a_Xen_guest.html http://serverfault.com/questions/52027/how-can-i-limit-per-user-bandwidth http://www.howtoforge.com/nat-gateway-iptables-port-forwarding-dns-and-dhcp-setup-ubuntu-8.10-server