From aa88673c38be12368dead5e8241fb915d790c431 Mon Sep 17 00:00:00 2001 From: Julien Date: Thu, 17 Aug 2017 21:32:10 +0800 Subject: restruct documents according to opnfvdocs Use only development and release for we don't have test codes for now. JIRA: PHAROS-311 Change-Id: Iacfcaba81a7a52e09cf999b8603cc9dc2f8f2b97 Signed-off-by: Julien --- .../release-notes/specification/remoteaccess.rst | 63 ++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 docs/release/release-notes/specification/remoteaccess.rst (limited to 'docs/release/release-notes/specification/remoteaccess.rst') diff --git a/docs/release/release-notes/specification/remoteaccess.rst b/docs/release/release-notes/specification/remoteaccess.rst new file mode 100644 index 00000000..4b8160ba --- /dev/null +++ b/docs/release/release-notes/specification/remoteaccess.rst @@ -0,0 +1,63 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 +.. (c) 2016 OPNFV. + + +Remote Management +------------------ + +Remote access is required for … + + * Developers to access deploy/test environments (credentials to be issued per POD / user) + * Connection of each environment to Jenkins master hosted by Linux Foundation for automated + deployment and test + +OpenVPN is generally used for remote however community hosted labs may vary due to company security +rules. For POD access rules / restrictions refer to individual lab documentation as each company may +have different access rules and acceptable usage policies. + +Basic requirements: + + * SSH sessions to be established (initially on the jump server) + * Packages to be installed on a system (tools or applications) by pullig from an external repo. + +Firewall rules accomodate: + + * SSH sessions + * Jenkins sessions + +Lights-out management network requirements: + + * Out-of-band management for power on/off/reset and bare-metal provisioning + * Access to server is through a lights-out-management tool and/or a serial console + * Refer to applicable light-out mangement information from server manufacturer, such as ... + + * Intel lights-out + `RMM `_ + * HP lights-out `ILO `_ + * CISCO lights-out `UCS `_ + +Linux Foundation Lab is a UCS-M hardware environment with controlled access *as needed* + + * `Access rules and procedure `_ are + maintained on the Wiki + * `A list of people `_ with access is + maintained on the Wiki + * Send access requests to infra-steering@lists.opnfv.org with the + following information ... + + * Name: + * Company: + * Approved Project: + * Project role: + * Why is access needed: + * How long is access needed (either a specified time period or define "done"): + * What specific POD/machines will be accessed: + * What support is needed from LF admins and LF community support team: + + * Once access is approved please follow instructions for setting up VPN access ... + https://wiki.opnfv.org/get_started/lflab_hosting + * The people who require VPN access must have a valid PGP key bearing a valid signature from LF + * When issuing OpenVPN credentials, LF will be sending TLS certificates and 2-factor + authentication tokens, encrypted to each recipient's PGP key + -- cgit 1.2.3-korg