Best practices for Production and Production-ready Instances

Last modified by Administrator on Wed, 02/26/2020, 1:37 PM

It is recommended that production and soon-to-be-production instances on the COARE Science Cloud comply with the following best practices:

On Network

  • Ensure that the network setup has already been set to static IP addresses
  • Create a Virtual Extensible LAN (VXLAN) network for the purpose of either internal/security setups or an eventual public-facing virtual machine (VM)
  • Do not associate a public floating IP address to either the Internal network (users from DOST-ASTI) or External network (users outside the DOST-ASTI-initiated projects
  • When using either internal/external network and your own VXLAN network, make sure to properly set ONE gateway (router and network) which is the VXLAN network’s gateway, as this will serve as the route used in the network address translation (NAT) setup of a floating IP. The internal/external network must only be set through a route setup and never with a gateway.

On VM initial setups

  • It is recommended that users select an appropriate VM name for their VMs, along with an appropriate description and purpose for each VM.
  • To ensure a VM’s security, users are highly encouraged to configure proper firewall rules and security groups their VM.

On additional disk space allotment

  • When initializing a VM, we recommend that only a standard 20GB disk space for the root partition
  • Additional space allotment for purposes like bigger data can be remedied by attaching a secondary disk drive on the machine. After attaching, reformat the drive, create a partition, mount the partition to the desired directory, and edit the /etc/fstab to make it permanent.
  • Lastly, when editing in the fstab, it is recommended to use the disks’ (UUID) on all mount points as device labels “sda,sdb” can interchange on the openstack platform. This can be determined in the /dev/disk/by-uuid/ folder.

On the use of resources

COARE's resources is shared among multiple research and academic institutions. Requests for additional resources will be evaluated based on the utilization of the initially-allocated resources.

On Backup and Monitoring option

It is recommended that after a VM has been set for production, users are required to enroll it to the backup and monitoring services of COARE.

Tags: