Closed Bug 1184882 Opened 10 years ago Closed 10 years ago

Need a vm for preparing network tests

Categories

(Infrastructure & Operations :: Virtualization, task)

Product:
Infrastructure & Operations
Component:
Virtualization
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: dragana, Assigned: cknowles)

Details

(Whiteboard: [vm-create:1])

I will need a vm to prepare some network tests. Some question: On VM there will be a software that will listen to couple of ports. I need to use ports below 1024 as well, so I will need to be root for that. Are there any firewalls that will block something, i.e. ports? This is just a preparation for tests, so for now I am probably the only one who will try to connect to this ports (UDP and TCP). I am not sure if there is any access control (firewalls). The test consist of transferring a large amount of data using TCP and UDP and collecting some statistics. For now I will be the only one using it so the traffic will not be that huge.
SO, I'll get to your questions in a few moments - there are some details about any VM request we need to know... VMname: <hostname>.<VLAN-private or dmz seems likely... does this to be accessed from the public internet?>.scl3.mozilla.com CPU Count: (1 or 2 is common) RAM: (<8 is common) HDD: 40G is standard OS: RHEL6 or Ubuntu 12.04 is supported by our current puppet infrastructure. Also, we'll need to know everyone that will need access to this VM (for login) and of those, who will need sudoers. (root level) access. So, yes, you can have root. Now, as to the network in the datacenters - there are firewalls that are more blocking than accepting, however, you can file a separate bug in "Netops::DC ACL Request" - including the hosts on the endpoints, as well as the ports involved, and opsec will likely ask pointed questions as to the application and purpose, and hopefully will be able to come to some sort of accommodation. So, let's get the answers to the particulars of the VM, and we can get that part going for you.
(In reply to Chris Knowles [:cknowles] from comment #1) > SO, I'll get to your questions in a few moments - there are some details > about any VM request we need to know... I have starting to write some of this info and forgot to click submit :( > > VMname: <hostname>.<VLAN-private or dmz seems likely... does this to be > accessed from the public internet?>.scl3.mozilla.com I need to access it from the public internet, maybe give it to some people to try it out. From the text below, all of them will need to get firewall permissions (depends how the firewall is configured). What we talked about on vidyo, it is going to be hard to do the wide scale test using VMs. This test will go into firefox and we will ask users to do the test, especially with firewalls they will need to let through packets with any source ip address and the destination address being the test host for around 6 ports. But that is a separate issue. > CPU Count: (1 or 2 is common) 1 is enough > RAM: (<8 is common) The application is not really demanding in aspect so maybe 2 but I am ok with 1 to > HDD: 40G is standard that is ok > OS: RHEL6 or Ubuntu 12.04 is supported by our current puppet infrastructure. Ubuntu > > Also, we'll need to know everyone that will need access to this VM (for > login) and of those, who will need sudoers. (root level) access. So, yes, > you can have root. for no it is going to be only me. > > Now, as to the network in the datacenters - there are firewalls that are > more blocking than accepting, however, you can file a separate bug in > "Netops::DC ACL Request" - including the hosts on the endpoints, as well as > the ports involved, and opsec will likely ask pointed questions as to the > application and purpose, and hopefully will be able to come to some sort of > accommodation. Ok, I have expected that, it is usual when you want to make network/internet tests. > > So, let's get the answers to the particulars of the VM, and we can get that > part going for you. Thanks
Alright, so I'm seeing this distill out of the responses. VMname: <hostname>.dmz.scl3.mozilla.com - dmz due to the access from the internet CPU Count: 1 RAM: 2GB HDD: 40G OS: Ubuntu 12.04 You will have access and root level SSH access to the VM. The install will be the standard server level install. Only thing I didn't see in there was the specific hostname that you'd like for the VM.
(In reply to Chris Knowles [:cknowles] from comment #3) > Only thing I didn't see in there was the specific hostname that you'd like > for the VM. I can choose a hostname? If i can choose maybe something like "network_tests", thanks
Alright - I'm spinning up "network-tests1.dmz.scl3.mozilla.com" for you. However, I can't give you access to the VM, as the system doesn't have an SSH key on file for you. Please go to https://login.mozilla.com/ and upload your SSH key. Once that's done, we can finish the configs, and then, you should be able to SSH into the VM while connected to the VPN.
Assignee: server-ops-virtualization → cknowles
It is uploaded. Thank you.
Alright, I see that the configs and the SSH key have updated on the VM, so you should be able to log in an start using it. Given that this was a box for testing, I wonder if you need/want to have this monitored by our nagios solution. Let us know. Other than that, it's got the puppet run, and appears to have the configurations in place as well.
Whiteboard: [vm-create:1]
Alright, I see that you've logged onto the box, and I'm taking silence as a sign that all is well - if you need anything else, please let me know.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.