diff options
author | ChristopherPrice <christopher.price@ericsson.com> | 2016-01-10 15:27:07 +0100 |
---|---|---|
committer | ChristopherPrice <christopher.price@ericsson.com> | 2016-01-13 18:26:29 +0100 |
commit | 920646aba6ee52f5cf494e1f2c279230b664ece0 (patch) | |
tree | 0e9dfa36542493737c52de777cc3454ea8b1b880 /docs/specification/remoteaccess.rst | |
parent | cdf8591ab56d777fd5dda23d50fffad2a0b3a677 (diff) |
Created a pharos specification docment according to the new toolchain.
Created docs/specification and the index.rst fil in the new format
for the new toolchain sequence. Will create a specification/index.html
link on artifacts and associate pdf document.
Made small editorials to the origincal content, but it needs work.
Left the original pharos-spec file as it being worked on still.
Should be removed once the spcification docs are in equivalent shape.
Change-Id: I6edb121766e7e1fdf1f38c70be95347b81b71dcc
Signed-off-by: ChristopherPrice <christopher.price@ericsson.com>
Diffstat (limited to 'docs/specification/remoteaccess.rst')
-rw-r--r-- | docs/specification/remoteaccess.rst | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/docs/specification/remoteaccess.rst b/docs/specification/remoteaccess.rst new file mode 100644 index 00000000..e91d55e1 --- /dev/null +++ b/docs/specification/remoteaccess.rst @@ -0,0 +1,58 @@ +Remote management +------------------ + +**Remote access** + +- Remote access is required for … + + 1. Developers to access deploy/test environments (credentials to be issued per POD / user) + 2. Connection of each environment to Jenkins master hosted by Linux Foundation for automated deployment and test + +- OpenVPN is generally used for remote however community hosted labs may vary due to company security rules +- POD access rules / restrictions … + + - Refer to individual test-bed as each company may have different access rules and acceptable usage policies + +- Basic requirement is for SSH sessions to be established (initially on jump server) +- Majority of packages installed on a system (tools or applications) will be pulled from an external repo. + +Firewall rules should include + +- SSH sessions +- Jenkins sessions + +Lights-out Management: + +- Out-of-band management for power on/off/reset and bare-metal provisioning +- Access to server is through lights-out-management tool and/or a serial console +- Intel lights-out ⇒ RMM http://www.intel.com/content/www/us/en/server-management/intel-remote-management-module.html +- HP lights-out ⇒ ILO http://www8.hp.com/us/en/products/servers/ilo/index.html +- CISCO lights-out ⇒ UCS https://developer.cisco.com/site/ucs-dev-center/index.gsp + +Linux Foundation - VPN service for accessing Lights-Out +Management (LOM) infrastructure for the UCS-M hardware + +- People with admin access to LF infrastructure: + +1. amaged@cisco.com +2. cogibbs@cisco.com +3. daniel.smith@ericsson.com +4. dradez@redhat.com +5. fatih.degirmenci@ericsson.com +6. fbrockne@cisco.com +7. jonas.bjurel@ericsson.com +8. jose.lausuch@ericsson.com +9. joseph.gasparakis@intel.com +10. morgan.richomme@orange.com +11. pbandzi@cisco.com +12. phladky@cisco.com +13. stefan.k.berg@ericsson.com +14. szilard.cserey@ericsson.com +15. trozet@redhat.com + +- The people who require VPN access must have a valid +PGP key bearing a valid signature from one of these +three people. When issuing OpenVPN credentials, LF +will be sending TLS certificates and 2-factor +authentication tokens, encrypted to each recipient's PGP key. + |