There are a number of important pieces of information relating to NeCTAR VMs, including the size of the instance, storage options, access and security, and reliability.
How do I access Nectar Cloud?
To access the research cloud, you will need to log in to its Dashboard via AAF using your university login and password. Once logged in, you will see a Dashboard with your ‘personal trial project’ (which is identified with a ‘pt-’ code). If you have additional projects, such as project allocations, these will be listed in the Dashboard as well.
Applying for Project Resources
To obtain a project allocation, you need to submit a request through the NeCTAR Dashboard. Allocation requests are reviewed by an allocation committee for merit, suitability to cloud use, and available capacity of the cloud and, for Intersect, authorised by a participating member organisation.
When submitting the online form to request a project allocation, please provide as much information as possible regarding your project to expedite the process. You’ll be asked to select the flavour that you will require. An application for a small or a medium-sized allocation is more likely to be approved than an application for an XXL sized allocation. For this reason, explain why you need the size of server you are requesting, with as much information as possible.
Generating SSH credentials
Almost every VM requires command line access using the Secure Shell (ssh) protocol. This means before creating your first virtual machine you will also need to create an SSH keypair. A keypair works like a lock and key and means that you do not need a password to log in, as long as you have your private half of the key pair (the key), and the server has the public half of the key pair (the lock). SSH keypairs are very secure, as you never transmit a password over the web to log in to the server.
Keypairs can be generated using the NeCTAR dashboard in the ‘access and security’ tab. When you have generated a keypair, the public key will be written to the VM, and the private key will be available for you to download and place in your .ssh directory. You will then need to configure your machine to use it to connect to the VM. If you already have a keypair or if you create one on your own machine, you may upload your public key to the dashboard. Once you have a keypair in your NeCTAR account, you will be able to use the public key for any instance you build, and the private key on any machine you wish to connect from.
You must create/upload your keys prior to launching a VM, otherwise NeCTAR will be unable to write the public key into the .ssh directory of the VM. You will also be unable to connect from any client device. For assistance in creating and using SSH keypairs, see the SSH keypairs technical guide.
Nectar Cloud Flavours
Project resources are consumed as ‘flavours’ of virtual computing. There are four classes; Balanced (m3), RAM optimised (r3), CPU optimised (c3) and Tiny (t3). Full information is available on the Nectar Flavours page of the Nectar knowledgebase.
Researchers initially receive a personal trial project with 2 VCPUs allocated for 3 Months. This means you can run 2 Small or 1 Medium flavours for three months or 1 small VM for a total of 6 months.
Creating a Virtual Machine
Building an instance, as part of either your personal trial or a project allocation, is done through the Dashboard. A wizard will guide you through the process, which consists of selecting the ‘flavour’ (size) of the machine, the image to boot from, the ‘availability zone’, which is the node it will be hosted on, and some additional details. Once built, a VM can be imaged, terminated, shut off or rebooted as necessary, and more instances can be deployed, as long as your total usage does not exceed the resources available in your project.
You can apply for persistent block storage (volumes) for their allocations. Volumes work like network attached storage devices; they can be mounted and unmounted from VMs within your project allocation (as long as they are within the same availability zone), the data remains persistent if not attached to a VM, and they can be backed up with snapshots.
NeCTAR also offers object storage for higher reliability, although configuring object storage requires more advanced skills. The benefits of object storage are that the data can be distributed across many availability zones, and can be accessed via http tools even when not attached to any instance.
Connecting across the Internet
In order to connect to and work on your VM, you will need to configure security groups (firewall rules), which enable traffic through certain ports for different kinds of access. The default security groups for project trials are:
- SSH opens tcp port 22 to traffic from all sources (for logging in via ssh)
- HTTP opens tcp ports 80 and 443 to traffic from all sources (for web servers)
- ICMP opens all ICMP traffic from all sources (to allow pinging your VMs IP address).
For project allocations, all security groups need to be configured. See the Security Groups technical guide for assistance. Security groups can be configured and created while a VM is running. Changes will take effect immediately.
Reaching your quota
When a project’s resource quota has been reached, an email is sent to your account, warning that that project’s VMs will be terminated on a specific expiry date. At this point, you should ensure that you have a backup of your data and make a snapshot of the VM. If you still need the machines to run after the end-date, you will need to submit an allocation request, or amend the existing request with a new date.