Child pages
  • Nectar: UoA Backend Access
Skip to end of metadata
Go to start of metadata

How to gain access to the backend infrastructure for Nectar resources at UoA. 

Step-by-step guide

  1. Request access from CeR Nectar Operator(s). You will be asked to provide your public ssh key. 
  2. Backend login is by ssh key only. You'll need to set up ssh forwarding on your local machine. If you're using MacOS, for example, add or modify the file ~/.ssh/config, and add the following to it:

    Host *

      ServerAliveInterval 60

      ForwardAgent yes

      UseKeychain yes

  3. When access is granted, you can ssh into the Nectar NAT gateway at 130.216.219.253. If your key is your default key locally in ~/.ssh/id_rsa.pub, you should be able to type just 'ssh ntradm@130.216.219.253'. If you are using a key by a different name/path, you must specify that key (including path if not local) with the '-i' flag. Note: in MacOS, we needed to run ssh-add after each restart before connecting. 
  4. Once inside, you should be able to ssh root@ip to any Nectar server, and your key will be automatically forwarded for authentication.  

 

Access to Backend Web UI Interfaces 

  1. Instead of logging in with 'ssh ntradm@130.216.219.253' as in the above procedure, use the following to tunnel port 8000: "ssh -D 8000 ntradm@130.216.219.254". 
  2. Next, setup a SOCKS proxy in your browser to use 127.0.0.1 : 8000. It's easy to keep a browser such as Firefox installed for only this purpose if you find you're using this a lot. As an example, here are the settings in Firefox:
    (Preferences → Advanced → Network Settings)
  3. As long as you ssh with the -D 8000 option now, you can access the backend web UIs of Nectar. Some examples are below:

    Nagios - https://10.31.80.8/nagios3/
    Ganglia - https://10.31.80.8/ganglia/
    HAPRoxy (for DB) - http://10.31.80.36:3307/
    Kibana - https://10.31.80.9/kibana
    RabbitMQ - http://10.31.80.51:15672/