Download presentation
Presentation is loading. Please wait.
1
OCF servers a very brief overview
2
The server rack
3
Three main physical servers
jaws newest, fastest production servers and nfs pandemic dev/staging server software mirroring hal mega old staff VMs and backups
4
Three main physical servers
blackhole fancy network switch
5
Three main physical servers
see
6
OCF internet/networking border (and how to access OCF from outside)
7
ocf internet setup internet (IST) cisco firewall (owned by IST)
8
ethernet jack in our server room
9
ethernet jack in our server room
10
ethernet jack in our server room
internet cisco firewall (owned by IST) ethernet jack in our server room
11
blackhole connected to internet
everything connected to blackhole
12
all outbound traffic allowed*
internet all outbound traffic allowed* *one exception: (for spam reasons) desktops (computer lab) services (web, , ...) login (ssh)
13
X all outbound traffic allowed* desktops (computer lab) services
internet X some inbound allowed (ssh) no inbound allowed some inbound allowed desktops (computer lab) services (web, , ...) login (ssh)
14
X what if I want to access a desktop or server remotely? desktops
internet X desktops (computer lab) services (web, , ...) login (ssh)
15
X bastions! what if I want to access a desktop or server remotely?
internet bastions! X desktops (computer lab) services (web, , ...) login (ssh)
16
bastions! first, connect via SSH to a login server desktops
internet first, connect via SSH to a login server desktops (computer lab) login (ssh)
17
bastions! first, connect via SSH to a login server
internet first, connect via SSH to a login server then, connect to anything else desktops (computer lab) login (ssh)
18
OCF has two login servers:
tsunami public, all OCF users can access it no access to other OCF stuff supernova private, only OCF staff can access it full access to other OCF stuff
19
always connect to supernova first!
first step: SSH to supernova from your machine
20
always connect to supernova first!
second step: SSH to some other server from your laptop (e.g. anthrax)
21
always connect to supernova first!
third step: do whatever!
22
X one thing we skipped... desktops (computer lab) services
internet X desktops (computer lab) services (web, , ...) login (ssh)
23
X hozers (your staff VMs!) desktops (computer lab) services
internet hozers (your staff VMs!) X desktops (computer lab) services (web, , ...) login (ssh)
24
X hozers (your staff VMs!) desktops (computer lab) services
internet hozers (your staff VMs!) X desktops (computer lab) services (web, , ...) login (ssh)
25
congrats! now you can log in to the OCF!
Similar presentations
