Difference between revisions of "Agile testbed"
From PDP/Grid Wiki
Jump to navigationJump to search| Line 13: | Line 13: | ||
=== Getting access === | === Getting access === | ||
| − | [[Image:Testbed-access.svg|thumb|Schema of access methods]] | + | [[Image:Testbed-access-v2.svg|thumb|Schema of access methods]] |
Access to the testbed is either by | Access to the testbed is either by | ||
# ssh access from '''bleek.nikhef.nl''' or | # ssh access from '''bleek.nikhef.nl''' or | ||
| − | # IPMI Serial-over-LAN | + | # IPMI Serial-over-LAN (only for the ''physical'' nodes) |
| + | # serial console access from libvirt (only for the ''virtual'' nodes) | ||
The only machine that can be reached with ssh from outside the testbed is the management node '''bleek.nikhef.nl'''. Inbound ssh is restricted to the Nikhef network. The other testbed hardware lives on a LAN with no inbound connectivity. Since bleek also has an interface in this network, you can log on to the other machines from bleek. | The only machine that can be reached with ssh from outside the testbed is the management node '''bleek.nikhef.nl'''. Inbound ssh is restricted to the Nikhef network. The other testbed hardware lives on a LAN with no inbound connectivity. Since bleek also has an interface in this network, you can log on to the other machines from bleek. | ||
| − | Access to bleek.nikhef.nl is restricted to users who have a home directory with their ssh pulic key in ~/.ssh/authorized_keys. | + | Access to bleek.nikhef.nl is restricted to users who have a home directory with their ssh pulic key in ~/.ssh/authorized_keys and an entry in /etc/security/access.conf. |
Since all access has to go through bleek, it is convenient to set up ssh to proxy connections to *.testbed through bleek in combination with sharing connections, in ~/.ssh/config: | Since all access has to go through bleek, it is convenient to set up ssh to proxy connections to *.testbed through bleek in combination with sharing connections, in ~/.ssh/config: | ||
