You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Currently there are some differences in how to access the virtual machines based on which openstack installation you are working on.

stack.it.ntnu.no

Currently the openstack installation in trondheim (stack.it.ntnu.no) uses addresses which is routed troughout the NTNU campus. To contact a virtual machine in this cloud you would simply just create a floating IP, assign it to the VM, allow traffic trough the security group and then connect to the machine. In the case you are off-campus you can VPN (sslvpn.ntnu.no) to the campus first.

skyhigh.hig.no

The openstack installation at Gjøvik (SkyHiGh) is currently addressed using private IP addresses which is not available troughout the campus. There are a couple of alternatives on how to connect to the virtual machines in this cloud:

Get assigned a global IP

SkyHiGh has a few global addresses. If your project is of such a kind that global addresses is required it is possible to NAT in a global address to an internal floating IP. Then this floating IP can be assigned to a virtual machine; and this virtual machine is then accessible trough the assigned global IP from NTNU campus. Be aware that NTNU IT enforces some firewalling entering that subnet; so services hosted there needs to be coordinated with them to be campuswide available.

Trough a jumphost

All floating IP's within skyhigh are accessible to all machines in the cloud (if permitted by the access groups). All users with an active project in skyhigh are able to log in to "skyhigh.hig.no", and trough that machine it is possible access all other machines. This machine also allows ssh-tunnels to tunnel other traffic trough SSH (f.ex RDP, HTTP(S) and similar).
In order to access your own virtual machine through the jumphost via SSH on a Linux machine, follow the following steps:

  1. Establish a SSH tunnel through the jumphost "skyhigh.hig.no" by executing the following command on your terminal:
    #ssh [NTNU-username]@skyhigh.hig.no 
    e.g: ssh danil@skyhigh.hig.no

    - use your NTNU user name in order to log into the jumphost

  2. After having logged in into skyhigh.hig.no, start an SSH connection to your virtual machine in openstack by executing the following command:

    #ssh -i $HOME/.ssh/ntnu-openstack.pem ubuntu@vm-ip-address
    e.g: #ssh -i /home/danil/.ssh/my-private-key.pem user@172.16.1.140

    - use the private-key that you generated/uploaded when creating the virtual machine through the openstack webinterface.


If your virtual machine in openstack hosts a web server running and you need to access the website running on that server, follow the following steps: 
Do not forget to enable (inside openstack) ingress traffic to the corresponding ports (e.g. 80, 443) at the corresponding security group. 

 

  1. Establish a SSH tunnel through the jumphost "skyhigh.hig.no" by executing the following command on your terminal: 
    # ssh -D [local-port][ntnu-username]@skyhigh.hig.no
    # ssh -D 9000 danil@skyhigh.hig.no

    use your NTNU user name in order to log into the jumphost
    - before establishing the SSH connection make sure that the selected port (e.g. 9000) is not currently being used by another process. The availability of a port on a Linux machine can be checked with the following command: #netstat -tulpn . If the port is listed in the output, this means that the port is already being used by a process. In that case you will need to select a different port. 

  2. Enable proxy configuration on your browser. The following steps apply only for Firefox:
    1. Go to Firefox Preferences -> Advanced -> Network -> Settings:




    2. Inside settings, select Manual proxy configurations and enter 127.0.0.1 plus your chosen port (e.g. 9000)
    3. Click OK to accept the changes. 
    4. Browse to http://www.minip.no/ (with Firefox) to check whether you are connected to the skyhigh.hig.no network. You should now be able to access  the website running on your web server.  

 

PPTP VPN

If you would like to have IP connectivity between your machine and machines in skyhigh directly, without using SSH tunneling, there are a PPTP VPN service available. Please contact Eigil or Lars Erik for credentials to this service.

  • No labels