Difference between revisions of "Red Cloud Linux Instances"
(→Initialize and Mount a Volume: add sudo to commands for users that dont see the note. change vin to nano) |
|||
(22 intermediate revisions by 5 users not shown) | |||
Line 7: | Line 7: | ||
You can boot an instance with most modern Linux distributions. Currently Red Cloud offers pre-made VM images running the following Linux distributions: | You can boot an instance with most modern Linux distributions. Currently Red Cloud offers pre-made VM images running the following Linux distributions: | ||
− | :* CentOS | + | :* Red Hat Enterprise Linux-based distributions: |
+ | :** CentOS 7 | ||
+ | :** Rocky Linux 8: [[ How To Migrate Existing Hosts from CentOS to Rocky Linux 8 ]] | ||
:* Ubuntu (including [https://wiki.ubuntu.com/LTS LTS]) | :* Ubuntu (including [https://wiki.ubuntu.com/LTS LTS]) | ||
=== Steps === | === Steps === | ||
# Log in to the [https://redcloud.cac.cornell.edu OpenStack Web Interface] (check out [[OpenStack#Logging_In|how to log in]] if you need to) | # Log in to the [https://redcloud.cac.cornell.edu OpenStack Web Interface] (check out [[OpenStack#Logging_In|how to log in]] if you need to) | ||
− | # If you have not already, [[OpenStack Key Pairs# | + | # If you have not already, [[OpenStack Key Pairs#Creating_a_Passphrase-Protected_Key_Pair_(Recommended)|create a key pair]] |
# If you have not already, [[OpenStack Security Groups#Creating a Security Group|create a security group]]. Note that your security group should include the inbound SSH rule so you can connect to it. | # If you have not already, [[OpenStack Security Groups#Creating a Security Group|create a security group]]. Note that your security group should include the inbound SSH rule so you can connect to it. | ||
# '''Optional:''' [[Networks#Private Networks|Set up a Private Network]] | # '''Optional:''' [[Networks#Private Networks|Set up a Private Network]] | ||
Line 33: | Line 35: | ||
:* You must use the private key that matches the public key in the [[OpenStack Key Pairs|key pair]] you specified when launching the instance. | :* You must use the private key that matches the public key in the [[OpenStack Key Pairs|key pair]] you specified when launching the instance. | ||
− | :* You must log in to your instance using the correct initial | + | :* You must log in to your instance using the correct initial username: |
− | :** For CentOS | + | :** For CentOS 7, the username is <tt>centos</tt>, |
− | :** For CentOS 8, the | + | :** For CentOS 8, the username is <tt>cloud-user</tt>, and |
:** For Ubuntu, it is <tt>ubuntu</tt>. | :** For Ubuntu, it is <tt>ubuntu</tt>. | ||
To log in through SSH, specify the key pair file (for example <tt>my_key.pem</tt>), | To log in through SSH, specify the key pair file (for example <tt>my_key.pem</tt>), | ||
− | + | username and IP address as follows: | |
− | ssh -i my_key.pem < | + | ssh -i my_key.pem <username>@<IP address of your instance> |
For more information on how to use SSH, see the [[Connect to Linux]] page. | For more information on how to use SSH, see the [[Connect to Linux]] page. | ||
Line 47: | Line 49: | ||
Note: Transferring files can also be done over <code>ssh</code>. See the <code>scp</code> and <code>sftp</code> commands, or programs like [//winscp.net/eng/index.php WinSCP] and [//apple.stackexchange.com/questions/25661/whats-a-good-graphical-sftp-utility-for-os-x similar software for Mac OS X]. | Note: Transferring files can also be done over <code>ssh</code>. See the <code>scp</code> and <code>sftp</code> commands, or programs like [//winscp.net/eng/index.php WinSCP] and [//apple.stackexchange.com/questions/25661/whats-a-good-graphical-sftp-utility-for-os-x similar software for Mac OS X]. | ||
− | === Troubleshooting === | + | ==== Troubleshooting ==== |
− | :* Check the instance's console in the [[OpenStack|OpenStack Web Interface]]. Did the instance boot successfully? | + | There are several common error messages you may see when trying to access your Linux instance using SSH. |
− | :* Do the [[OpenStack Security Groups|security group's]] rules allow incoming ssh connections (TCP port 22) from '' | + | These are the most likely causes for each common message. |
− | :* Is your instance on the [[Networks#Public Network|public network]]? If not, does it have an associated [[Networks#Floating IP Addresses|floating IP address]]? | + | |
− | :* Make sure you are using the correct username: | + | :* '''"Connection timed out"''' means that your SSH command can't communicate at all with the instance. |
− | :** If you are using Ubuntu, did you login as the '''ubuntu''' user | + | :** Note: It may take a while for the connection time out to occur, so it may seem that the system is not responding at all initially. However, this is still likely a "Connection timed out" error. |
− | :** If you are using CentOS | + | :** Has the instance been started? Check the instance's console in the [[OpenStack|OpenStack Web Interface]]. Did the instance boot successfully? |
− | :** If you are using CentOS 8, did you login as the '''cloud-user''' user? | + | :** Do the [[OpenStack Security Groups|security group's]] rules allow incoming ssh connections (TCP port 22) from ''an address range (CIDR) that includes your current IP address''? Double check that you followed the [[OpenStack Security Groups|instructions for security groups]]. |
− | :* Did you [[OpenStack_Key_Pairs#Creating_a_Key_Pair|create a key pair]] and make sure to [[OpenStack_Key_Pairs#Selecting_a_Key_Pair_When_Creating_an_Instance|select it when creating | + | :** Remember, if you are not on campus but the security group is configured for ingress from 10.0.0.0/8 and 128.84.32.0/22, you would need to be connected to the [https://it.cornell.edu/cuvpn Cornell VPN] in order to SSH into the instance. |
− | :* Are you | + | :** Is your instance on the [[Networks#Public Network|public network]]? If not, does it have an associated [[Networks#Floating IP Addresses|floating IP address]] and are you using the correct address? |
− | :* If you get an unexpected password prompt: | + | :** Here is a tool for finding your current [https://whatsmyip.com IP address]. There are also port connection tools like ping and telnet you can use for troubleshooting. (To use ping, make sure your security group has the "ALL ICMP" rule enabled for an address range that includes your current IP.) |
+ | |||
+ | :* An error like '''"Permissions <4-digits> for <key-file-name> are too open"''' means you can reach the instance, but your private key file has improper permissions. | ||
+ | :** Make sure your private key file is saved as a ".pem" extension and that it has the proper permissions: <p><code>chmod 600 <key name>.pem</code></p> | ||
+ | |||
+ | :* '''"Permission denied (<some details>)"''' means that the combination of the username and SSH key you are providing are not correct for this instance. | ||
+ | :** Make sure you are using the correct username: | ||
+ | :*** If you are using Ubuntu, did you login as the '''ubuntu''' user? For more information on that, see the [[Linux_Tutorial#The_.22ubuntu.22_User|Linux Tutorial]]. | ||
+ | :*** If you are using CentOS 7, did you login as the '''centos''' user? | ||
+ | :*** If you are using CentOS 8, did you login as the '''cloud-user''' user? | ||
+ | :*** If you are using a CentOS MATLAB instance, did you login as the '''root''' user? | ||
+ | :** Did you [[OpenStack_Key_Pairs#Creating_a_Key_Pair|create a key pair]] and make sure to [[OpenStack_Key_Pairs#Selecting_a_Key_Pair_When_Creating_an_Instance|select it when creating the instance]]? | ||
+ | :** Are you supplying your key pair in the command? See the [[#Secure_Shell_.28SSH.29|SSH]] instructions above for an example. | ||
+ | :* If you get an '''unexpected password prompt''': | ||
:** Did you use the correct user name? See suggestions above. | :** Did you use the correct user name? See suggestions above. | ||
:** Make sure your private key matches the public key of the [[OpenStack Key Pairs|key pair]]. | :** Make sure your private key matches the public key of the [[OpenStack Key Pairs|key pair]]. | ||
:**# On your computer, run: <code>ssh-keygen -y -f <private key file></code> | :**# On your computer, run: <code>ssh-keygen -y -f <private key file></code> | ||
− | :**# | + | :**# Confirm that the output matches the public key on Red Cloud at [https://redcloud.cac.cornell.edu/dashboard/project/key_pairs https://redcloud.cac.cornell.edu/dashboard/project/key_pairs]/<your keypair name>. |
− | + | ||
+ | === VNC with XFCE Desktop === | ||
− | + | In case you would prefer a desktop environment over a command-line, your Linux instance needs to have a VNC (Virtual Network Computing) server and a desktop environment installed on it. Red Cloud's "gpu-accelerated" images come with the TigerVNC server preinstalled, as well as the [https://xfce.org/ XFCE Desktop Environment], making it relatively easy to use a VNC client to connect to a Linux instance that is based on one of the "gpu-accelerated" images. | |
− | + | For Linux instances based on other images, certain packages must be installed on the instance first. This section details the steps to setting up an XFCE desktop environment for use with VNC on a CentOS 7.4 instance. Other typical Linux desktop environments, such as GNOME, are also available, but XFCE is used as an example here. Setting up a desktop environment should work similarly on Ubuntu instances as well, with some differences. Once the environment is set up, you can launch a VNC server on the instance and connect to it using a VNC client through an ssh tunnel. | |
− | ==== XFCE | + | ==== VNC and XFCE Installation on CentOS ==== |
# Log in as root via ssh as [[#Secure_Shell_.28ssh.29 | described above]]. | # Log in as root via ssh as [[#Secure_Shell_.28ssh.29 | described above]]. | ||
# Install needed packages: | # Install needed packages: | ||
+ | #* <code>yum install tigervnc-server</code> | ||
#* <code>yum groupinstall xfce</code> | #* <code>yum groupinstall xfce</code> | ||
− | |||
# Install some additional software that most users will want. These are only suggestions, and this is not a comprehensive list | # Install some additional software that most users will want. These are only suggestions, and this is not a comprehensive list | ||
#* <code>yum install gedit</code> | #* <code>yum install gedit</code> | ||
Line 80: | Line 96: | ||
#* [https://www.tecmint.com/install-libreoffice-on-rhel-centos-fedora-debian-ubuntu-linux-mint/ LibreOffice] | #* [https://www.tecmint.com/install-libreoffice-on-rhel-centos-fedora-debian-ubuntu-linux-mint/ LibreOffice] | ||
− | ==== VNC User Setup ==== | + | ==== VNC and XFCE User Setup ==== |
− | For each user that will want to use the XFCE Desktop, you will need to set up VNC | + | For each user that will want to use the XFCE Desktop, you will need to set up VNC capability. To do this, follow the directions below. Alternatively, there is also an [https://linuxtechlab.com/secure-vnc-server-tls-encryption/ Easy guide to secure VNC server with TLS encryption]. |
# Open a shell as that user | # Open a shell as that user | ||
Line 90: | Line 106: | ||
#* This creates a ~/.vnc folder | #* This creates a ~/.vnc folder | ||
# <code>vim ~/.vnc/xstartup</code> | # <code>vim ~/.vnc/xstartup</code> | ||
− | #* | + | #* Do not change this file on "gpu-accelerated" instances (as commands in it prevent Anaconda from interfering with dbus) |
+ | #* On other instances, paste this text into the file: <br /><tt>#!/bin/bash<br />xrdb $HOME/.Xresources<br />startxfce4 &<br /></tt> | ||
# <code>chmod 775 ~/.vnc/xstartup</code> | # <code>chmod 775 ~/.vnc/xstartup</code> | ||
# <code>mkdir ~/bin</code> | # <code>mkdir ~/bin</code> | ||
Line 109: | Line 126: | ||
To find the port, you can run e.g. <code>ps gxu | grep vnc</code>. | To find the port, you can run e.g. <code>ps gxu | grep vnc</code>. | ||
− | You can '''stop''' the | + | You can '''stop''' the VNC server by running <code>vncserver -kill :1</code>. If this doesn't work, |
you can try <code>pkill Xvnc</code>. | you can try <code>pkill Xvnc</code>. | ||
Line 121: | Line 138: | ||
# Open a local shell and ssh to establish the tunnel (recommended local port 10000): | # Open a local shell and ssh to establish the tunnel (recommended local port 10000): | ||
− | #* <code>ssh -L 10000:localhost:5901 < | + | #* <code>ssh -L 10000:localhost:5901 <username>@<remote_ip></code> |
#* '''Note:''' When this shell is closed, the VNC viewer will have to close, too, though VNC is still running. | #* '''Note:''' When this shell is closed, the VNC viewer will have to close, too, though VNC is still running. | ||
# In a VNC viewer app, connect to the VNC server <code>localhost:10000</code> (or whichever port you chose above). | # In a VNC viewer app, connect to the VNC server <code>localhost:10000</code> (or whichever port you chose above). | ||
Line 133: | Line 150: | ||
== Instance Maintenance == | == Instance Maintenance == | ||
− | All self-managed desktops, laptops, servers, and Red Cloud instances, both Windows and Linux, should be updated with Operating System | + | All self-managed desktops, laptops, servers, and Red Cloud instances, both Windows and Linux, should be updated with Operating System and Acrobat Reader critical and security updates on a '''''monthly''''' basis. |
+ | |||
+ | For Linux instances: | ||
# Check for updates | # Check for updates | ||
#* Ubuntu: <code>sudo apt update</code> | #* Ubuntu: <code>sudo apt update</code> | ||
− | #* CentOS: <code>yum check-update</code> | + | #* CentOS 7: <code>sudo yum check-update</code> |
+ | #* CentOS 8: <code>sudo dnf check-update</code> | ||
# Install updates | # Install updates | ||
#* Ubuntu: <code>sudo apt upgrade</code> | #* Ubuntu: <code>sudo apt upgrade</code> | ||
− | #* CentOS: <code>sudo yum update</code> | + | #* CentOS 7: <code>sudo yum update</code> |
+ | #* CentOS 8: <code>sudo dnf upgrade</code> | ||
# Reboot the instance with <code>sudo reboot</code> on both Ubuntu and CentOS | # Reboot the instance with <code>sudo reboot</code> on both Ubuntu and CentOS | ||
Line 145: | Line 166: | ||
== Initialize and Mount a Volume == | == Initialize and Mount a Volume == | ||
+ | |||
+ | WARNING: FILE SYSTEM INITIALIZATION OVERWRITES AND DESTROYS PREVIOUS DATA. | ||
The instructions here are for formatting and mounting [[Volumes|attached volumes]], though steps like these can only be performed if you have [[Volumes#Create_and_Attach_a_Volume|allocated and attached the volume]] through OpenStack, which can be done while the instance is running. | The instructions here are for formatting and mounting [[Volumes|attached volumes]], though steps like these can only be performed if you have [[Volumes#Create_and_Attach_a_Volume|allocated and attached the volume]] through OpenStack, which can be done while the instance is running. | ||
Line 150: | Line 173: | ||
'''Note:''' These instructions assume you are the [[Linux_Tutorial#Definitions|root user]]. If you are not (such as on [[Linux_Tutorial#The_.22ubuntu.22_User|Ubuntu]]), then you may need to prepend <code>sudo</code> where appropriate. | '''Note:''' These instructions assume you are the [[Linux_Tutorial#Definitions|root user]]. If you are not (such as on [[Linux_Tutorial#The_.22ubuntu.22_User|Ubuntu]]), then you may need to prepend <code>sudo</code> where appropriate. | ||
+ | # Identify the device name of the drive you wish to format and mount. | ||
+ | #* Run <code>lsblk</code> to see which /dev/vdX is the likely candidate (for some character 'X'). The following directions assume you identified <code>vdb</code> as the drive of interest. | ||
# Set up file system: | # Set up file system: | ||
− | #* <code>mkfs.ext4 /dev/vdb</code> | + | #* <code>sudo mkfs.ext4 /dev/vdb</code> |
− | # Make a directory where device will be mounted, for example "<tt> | + | # Make a directory where the device will be mounted, for example "<tt>mountpoint</tt>" in the "<tt>/mnt</tt>" directory: |
− | #* <code>mkdir / | + | #* <code>sudo mkdir /mnt/mountpoint</code> |
+ | # Protect the mount point directory from accidental writes (Optional, but prevents a common user error): | ||
+ | #* <code>sudo chattr +i /mnt/mountpoint</code> | ||
# Mount the device: | # Mount the device: | ||
− | #* <code>mount /dev/vdb / | + | #* <code>sudo mount /dev/vdb /mnt/mountpoint</code> |
# To have the mount automatically renewed after reboot, add an <code>fstab</code> entry (this is a little dangerous) | # To have the mount automatically renewed after reboot, add an <code>fstab</code> entry (this is a little dangerous) | ||
− | #* <code> | + | #* <code>sudo nano /etc/fstab</code> |
#* Add a line with tab separations between four fields: disk device, mounted location, "ext4", "defaults": | #* Add a line with tab separations between four fields: disk device, mounted location, "ext4", "defaults": | ||
− | #** <code>/dev/vdb / | + | #** <code>/dev/vdb /mnt/mountpoint ext4 defaults,nofail</code> |
+ | |||
+ | {{Migrate leadout}} |
Revision as of 21:25, 5 January 2022
Linux Instances can be created and maintained on Red Cloud using the OpenStack Web Interface. This documentation assumes a basic understanding of OpenStack, so please review that page as needed. If you are new to Linux, you may want to read the Linux Tutorial first. It is also a good idea to be familiar with the Linux Tutorial if you have not previously done Linux system administration, which is an assumed prerequisite to managing Linux Instances. Additionally, you may find the Introduction to Linux topic on the Cornell Virtual Workshop helpful.
Creating a New Linux Instance
You can boot an instance with most modern Linux distributions. Currently Red Cloud offers pre-made VM images running the following Linux distributions:
- Red Hat Enterprise Linux-based distributions:
- CentOS 7
- Rocky Linux 8: How To Migrate Existing Hosts from CentOS to Rocky Linux 8
- Ubuntu (including LTS)
- Red Hat Enterprise Linux-based distributions:
Steps
- Log in to the OpenStack Web Interface (check out how to log in if you need to)
- If you have not already, create a key pair
- If you have not already, create a security group. Note that your security group should include the inbound SSH rule so you can connect to it.
- Optional: Set up a Private Network
- Select Launch Instance from the Instances page
- Follow the instructions about launching a new instance, and select one of the a CentOS or Ubuntu images under the Source tab
- Optional: Create and attach a Volume
- Optional: Associate a Floating IP address
Now that you have created and launched an instance, your next steps will be to connect to it and set up a new user account. See the CentOS steps or Ubuntu steps for more information on how to set up a new user, update, and install software for each distribution.
Accessing Instances
First, establish access to your instance using Secure Shell (ssh), possibly including X Windows for remote graphical display. If you are at all unfamiliar with Linux, we recommend following the Linux Tutorial. If you would like to have a desktop environment (not available by default for Linux instances), then you may want to follow the steps for XFCE Desktop on CentOS. Establishing an SSH connection is a prerequisite for creating a Linux desktop environment such as XFCE.
Secure Shell (SSH)
The main requirements for logging in to your instance using secure shell are:
- The security group for your instance must permit SSH connections (TCP port 22) from your current IP address.
- You must use the private key that matches the public key in the key pair you specified when launching the instance.
- You must log in to your instance using the correct initial username:
- For CentOS 7, the username is centos,
- For CentOS 8, the username is cloud-user, and
- For Ubuntu, it is ubuntu.
- You must log in to your instance using the correct initial username:
To log in through SSH, specify the key pair file (for example my_key.pem), username and IP address as follows:
ssh -i my_key.pem <username>@<IP address of your instance>
For more information on how to use SSH, see the Connect to Linux page.
Note: Transferring files can also be done over ssh
. See the scp
and sftp
commands, or programs like WinSCP and similar software for Mac OS X.
Troubleshooting
There are several common error messages you may see when trying to access your Linux instance using SSH. These are the most likely causes for each common message.
- "Connection timed out" means that your SSH command can't communicate at all with the instance.
- Note: It may take a while for the connection time out to occur, so it may seem that the system is not responding at all initially. However, this is still likely a "Connection timed out" error.
- Has the instance been started? Check the instance's console in the OpenStack Web Interface. Did the instance boot successfully?
- Do the security group's rules allow incoming ssh connections (TCP port 22) from an address range (CIDR) that includes your current IP address? Double check that you followed the instructions for security groups.
- Remember, if you are not on campus but the security group is configured for ingress from 10.0.0.0/8 and 128.84.32.0/22, you would need to be connected to the Cornell VPN in order to SSH into the instance.
- Is your instance on the public network? If not, does it have an associated floating IP address and are you using the correct address?
- Here is a tool for finding your current IP address. There are also port connection tools like ping and telnet you can use for troubleshooting. (To use ping, make sure your security group has the "ALL ICMP" rule enabled for an address range that includes your current IP.)
- "Connection timed out" means that your SSH command can't communicate at all with the instance.
- An error like "Permissions <4-digits> for <key-file-name> are too open" means you can reach the instance, but your private key file has improper permissions.
- Make sure your private key file is saved as a ".pem" extension and that it has the proper permissions:
chmod 600 <key name>.pem
- Make sure your private key file is saved as a ".pem" extension and that it has the proper permissions:
- An error like "Permissions <4-digits> for <key-file-name> are too open" means you can reach the instance, but your private key file has improper permissions.
- "Permission denied (<some details>)" means that the combination of the username and SSH key you are providing are not correct for this instance.
- Make sure you are using the correct username:
- If you are using Ubuntu, did you login as the ubuntu user? For more information on that, see the Linux Tutorial.
- If you are using CentOS 7, did you login as the centos user?
- If you are using CentOS 8, did you login as the cloud-user user?
- If you are using a CentOS MATLAB instance, did you login as the root user?
- Did you create a key pair and make sure to select it when creating the instance?
- Are you supplying your key pair in the command? See the SSH instructions above for an example.
- Make sure you are using the correct username:
- If you get an unexpected password prompt:
- Did you use the correct user name? See suggestions above.
- Make sure your private key matches the public key of the key pair.
- On your computer, run:
ssh-keygen -y -f <private key file>
- Confirm that the output matches the public key on Red Cloud at https://redcloud.cac.cornell.edu/dashboard/project/key_pairs/<your keypair name>.
- On your computer, run:
- "Permission denied (<some details>)" means that the combination of the username and SSH key you are providing are not correct for this instance.
VNC with XFCE Desktop
In case you would prefer a desktop environment over a command-line, your Linux instance needs to have a VNC (Virtual Network Computing) server and a desktop environment installed on it. Red Cloud's "gpu-accelerated" images come with the TigerVNC server preinstalled, as well as the XFCE Desktop Environment, making it relatively easy to use a VNC client to connect to a Linux instance that is based on one of the "gpu-accelerated" images.
For Linux instances based on other images, certain packages must be installed on the instance first. This section details the steps to setting up an XFCE desktop environment for use with VNC on a CentOS 7.4 instance. Other typical Linux desktop environments, such as GNOME, are also available, but XFCE is used as an example here. Setting up a desktop environment should work similarly on Ubuntu instances as well, with some differences. Once the environment is set up, you can launch a VNC server on the instance and connect to it using a VNC client through an ssh tunnel.
VNC and XFCE Installation on CentOS
- Log in as root via ssh as described above.
- Install needed packages:
yum install tigervnc-server
yum groupinstall xfce
- Install some additional software that most users will want. These are only suggestions, and this is not a comprehensive list
yum install gedit
yum install firefox
- LibreOffice
VNC and XFCE User Setup
For each user that will want to use the XFCE Desktop, you will need to set up VNC capability. To do this, follow the directions below. Alternatively, there is also an Easy guide to secure VNC server with TLS encryption.
- Open a shell as that user
vncpasswd
- Sets the user's VNC password
- This step is not necessary for read-only VNC
- This creates a ~/.vnc folder
vim ~/.vnc/xstartup
- Do not change this file on "gpu-accelerated" instances (as commands in it prevent Anaconda from interfering with dbus)
- On other instances, paste this text into the file:
#!/bin/bash
xrdb $HOME/.Xresources
startxfce4 &
chmod 775 ~/.vnc/xstartup
mkdir ~/bin
vim ~/bin/start_vncserver.sh
- Paste this text into the file:
#!/bin/bash
vncserver -geometry 1680x1050
- Paste this text into the file:
chmod 775 ~/bin/start_vncserver.sh
Using VNC
A brief overview for users is provided here, and for more information please see the Using VNC section on our Getting Started page.
Manage the VNC Server
Whenever an instance gets rebooted, you can restart the VNC server by doing the following
- ssh into the instance
- run
~/bin/start_vncserver.sh
To find the port, you can run e.g. ps gxu | grep vnc
.
You can stop the VNC server by running vncserver -kill :1
. If this doesn't work,
you can try pkill Xvnc
.
To change or reset the VNC password, you can simply run vncpassword
To change the screen resolution:
- Permanently: edit the script
~/.vnc/xstartup
- For this session only: use Applications->Display
- Permanently: edit the script
View the Desktop
- Open a local shell and ssh to establish the tunnel (recommended local port 10000):
ssh -L 10000:localhost:5901 <username>@<remote_ip>
- Note: When this shell is closed, the VNC viewer will have to close, too, though VNC is still running.
- In a VNC viewer app, connect to the VNC server
localhost:10000
(or whichever port you chose above).- This should open a window showing the desktop
- The first time you do this:
- For the remote computer, you may have to dismiss a warning dialog
- You will need to initialize a "panel". Click "Use default config"
Note for Windows users: You can also find useful instructions on the VNC Tunnel Windows page. You may also want to look into OpenSSH or Bash on Ubuntu on Windows.
Instance Maintenance
All self-managed desktops, laptops, servers, and Red Cloud instances, both Windows and Linux, should be updated with Operating System and Acrobat Reader critical and security updates on a monthly basis.
For Linux instances:
- Check for updates
- Ubuntu:
sudo apt update
- CentOS 7:
sudo yum check-update
- CentOS 8:
sudo dnf check-update
- Ubuntu:
- Install updates
- Ubuntu:
sudo apt upgrade
- CentOS 7:
sudo yum update
- CentOS 8:
sudo dnf upgrade
- Ubuntu:
- Reboot the instance with
sudo reboot
on both Ubuntu and CentOS
Before rebooting make sure to save all active work. Rebooting will disconnect you from the instance. Wait a minute or two to allow the instance to restart before reconnecting. When you reconnect, you should verify that the updates were applied by repeating step 1.
Initialize and Mount a Volume
WARNING: FILE SYSTEM INITIALIZATION OVERWRITES AND DESTROYS PREVIOUS DATA.
The instructions here are for formatting and mounting attached volumes, though steps like these can only be performed if you have allocated and attached the volume through OpenStack, which can be done while the instance is running.
Note: These instructions assume you are the root user. If you are not (such as on Ubuntu), then you may need to prepend sudo
where appropriate.
- Identify the device name of the drive you wish to format and mount.
- Run
lsblk
to see which /dev/vdX is the likely candidate (for some character 'X'). The following directions assume you identifiedvdb
as the drive of interest.
- Run
- Set up file system:
sudo mkfs.ext4 /dev/vdb
- Make a directory where the device will be mounted, for example "mountpoint" in the "/mnt" directory:
sudo mkdir /mnt/mountpoint
- Protect the mount point directory from accidental writes (Optional, but prevents a common user error):
sudo chattr +i /mnt/mountpoint
- Mount the device:
sudo mount /dev/vdb /mnt/mountpoint
- To have the mount automatically renewed after reboot, add an
fstab
entry (this is a little dangerous)sudo nano /etc/fstab
- Add a line with tab separations between four fields: disk device, mounted location, "ext4", "defaults":
/dev/vdb /mnt/mountpoint ext4 defaults,nofail
Migrate an Instance to a New Project
Occasionally, you may have an instance in one Red Cloud project that you would like to migrate to a different project. If you have been working in an exploratory project and are transitioning to using a permanent project, you may want to bring along the instances you have created. Or, you may want to share an instance with someone who is working in another project. The steps to perform such migrations are not difficult and can be performed through the Red Cloud (Horizon) web interface.