Running your VM on NREC

In order for you to be able to solve the home exams, we have reserved resources for all students taking the course on NREC. This is a cloud infrastructure platform delivered in collaboration between the universities of Oslo and Bergen.

There is a quite comprehensive guide to using the service available here, but in the interest of brevity here is a short step-by-step guide:

Access to NREC

All students who registered in NREC and submitted our signup form have been granted access to the IN3230/4230 project. If you did not do this, or for whatever reason do not have access do the following:

1. Make sure you've signed up to NREC first-time sign in. using your UiO username.
2. Make sure you've submitted the online form.

If you still do not have access, send an email to in3230@ifi.uio.no and mention your UiO username in the body of the email.
Note that we will bulk-add more users every day based on registrations in the form, so you might have to wait until the next day.

Provisioning a VM instance running the IN3230/4230 image

This is mostly the same as the official guide to creating a Linux virtual machine, except that we will select a custom disk image.

1. Log into the NREC dashboard
2. (Optional, but recommended for better performance) Select the "osl" region by clicking on "uio-ifi-in3230-4230-h23 bgo" in the upper left corner of the page. Otherwise your VM will be physically located in Bergen.
3. In the menu on the left, navigate to Project > Compute > Key Pairs.
4. If you already use an SSH key pair to log into e.g. the Ifi login server, pick "Import key pair" and paste in your public key. Usually you will find this at ~/.ssh/id_rsa.pub on a *NIX machine.
5. If you have never set up SSH key pairs, you can instead choose the "Create Key Pair" button. Follow the wizard and make sure to select "SSH key" in the  "Key type" dropdown. Choose a key pair name you will recognise. Names may only include alphanumeric characters, spaces, dashes and underscores. You will download the key pair and point your SSH client at it. Remember to restrict the access to the private key using "chmod 0600 <key_name>.pem", as SSH will refuse to use unless it¡¯s properly protected.
6. In the left-hand menu, navigate to Project > Compute > Instances.
7. Hit "Launch instance".
8. On the "Details" tab, name your VM instance something descriptive (include your username) and leave the rest as default.
9. On the "Source" tab, select "in3230-in4230-h23-v2" from the list at the bottom (click the arrow icon to select).
10. On the "Flavor" tab, select "m1.small".
11. On the "Networks" tab, select "IPv6". Be aware that using IPv6 in your virtual machine instances is recommended if you are a UiO student. Failure to do so may result in you not being guaranteed an IPv4 address due to the lack of available IPv4 addresses.
12. On the "Security groups" tab, make sure that the Default security group is allocated. ICMP and SSH are enabled by default in this security group, so that you can ping and ssh your VM from the outside.
13. On the "Key Pair" tab, make sure your key pair is selected (it might be by default).
14. The rest of the options can be left in their default state. Click "Launch Instance" to provision the VM.
15. This can take a couple of minutes, wait until the instance state changes to "Running".
16. Your VM is now booting.
17. When the VM has finished booting, you should be able to access it via SSH: "ssh -J <YourUioUsername>@login.uio.no debian@<VM IPv6>". You will find the IPv6 address in the instance list. Note that if you are connected to an IPv6 network, you can SSH the VM directly without the need to jump to login.uio.no: "ssh debian@<VM IPv6>". Due to some issues with the cloud-init package, it might happen that you cannot ping6 your VM. In this case, click on your instance name in the NREC dashboard, and go to Console. Once you login with username: 'root' and password 'mininet', launch a terminal window and run the following command: "sudo service networking restart".
18. When you've verified you can log in, you can access a remote desktop on the VM via VNC over SSH. See below.
19. Remember to keep backups of your work OFF the VM instance, and to shut it down if you are not using it for a while.

Important information

The is no automatic backup service included as part of the NREC platform, so make sure to keep copies/backups stored away from the VM instance. You could for example version your code in Git and make sure to push it to some remote repository whenever you make changes. This is a good idea anyway.

Remote desktop access

When your VM is up and running, you can access the graphical desktop remotely using VNC tunneled over an SSH connection. The VNC server is already set up for you on the VM.

On your own machine, you will need some VNC client. There is usually one installed on most Linux distributions, check your application menu. A common client that is launched from the command line is xfreerdp, this is installed on Ifi machines. On Mac OS X, the installed-by-default Screen Sharing application is actually a VNC client. On Windows you can for example use TightVNC. RealVNC Viewer can be run as a standalone EXE (without going through an installer), which should work fine on Ifi Windows lab machines.

Because VNC is a very insecure protocol by itself (no encryption of either authentication or screen data), we will protect the session using an SSH tunnel. The VNC server will only accept connections from the local machine, so even if you create bad firewall rules nobody will be able to access it from the outside.

On Linux or OS X, first set up the tunnel using this command:

ssh -J <YourUioUsername>login.uio.no -L 127.0.0.1:9999:127.0.0.1:5901 -NT debian@<VM IPv6>

This sets up a TCP listener on your local machine, port 9999 (you can pick any unused port here), which will connect to TCP port 5901 (don't change this port number!) on the VM's loopback interface, which is where the VNC server is listening. The -NT options will cause the tunnel to persist until you kill SSH e.g. with CTRL+C.

When the tunnel is set up (your terminal will appear to "hang"), you can connect to localhost:9999 using your VNC client. The password is mininet. Your desktop session will normally persist between VNC sessions as long as you don't reboot the VM. If the VNC screen is unresponsive, SSH to your VM and restart the VNC server "sudo service tightvnc restart".

On Windows you will need to set up the tunnel using the PuTTY configuration interface. See this guide for an example of doing that.