Page History

...

1. the data center provides the virtual machines required for the services under VMware vSphere 7.x.
2. the VM-owner is given direct SSH access (within AWI network / VPN, not via internet) and sudo rights for system administration. 
3. the operating system of the VMs is specified by the data center, currently Ubuntu LTS in supported version.
4. required services are installed / configured and updated independently by the VM-owner.
5. changing the root password is prohibited, because in case of emergency the data center must have access to these VMs, e.g. to be able to perform checks, repairs, etc. in case of problems. On the VMs, the VM-owner will not run any services that could disturb the general data center operation at AWI, especially no servers for DNS, DHCP, LDAP, NIS, mail, printing or similar will be set up.
6. the data center needs access to the following interfaces of the VMs for monitoring the services (Icinga): SNMP, Telegraf, NRPE. This access is provided by the colleagues or the service providers. The data center provides can provide the VM-owner with email notifications from the Icinga monitoring of the VMs. The colleagues or the service providers are VM-owner is obligated to take note of these and to correct any faults that occur and their causes.
7. the data center requires access to the following interfaces of the VMs for the configuration of basic services for the operation of the VM (network, NTP, ...): Puppet
8. the VM-owner get access to the managed VMs in the VMware environment / in the Marketplace if required and can create or restore snapshots there independently for a short time if necessary. These are deleted automatically and without further inquiry after a maximum of 14 days.
9. the VM-owner monitor
   1. function and accessibility of their services
   2. incoming mails from the data center's monitoring system, if applicable,
   3.  middleware (e.g. Apache, PHP, MySQL and additional tools).
10. the VM-owner document for each VM
    1.  the configurations made
    2.  the services installed on it
    3. the other offers of the data center used in connection with these services, e.g. file server incl. directories used on it, database server incl. databases operated on it, directory services
    4. the accounts and interfaces used for the other services
11. the VM-owner update the documentation in case of changes and make it available to the computer center.
12. dates of more extensive interventions are to be coordinated between the colleagues or the service providers and the computer center in good time, so that the users can be informed about downtimes.
13. the data center reserves the right to adapt or supplement this agreement if necessary. These changes will be made available to the colleagues or the service providers.
14. network adjustments are to be discussed in any case with the administrators of the guest operating system in the data center. 

15. The rolled out VM will remain in the MOSAiC network. All MOSAiC users with a corresponding MOSAiC-AWI account have access to this network via VPN, as well as all AWI users from the AWI network or via VPN. 

16. If the service is provided publicly, this have to be done via a web proxy. Please contact the data center for this. Access via SSH is only possible while using VPN.

17. The VM-owner pays attention to the duration of the VM (lease time) and extends it independently via the Marketplace if necessary. The data center is not responsible for expired and deleted VM.

18. The data center must be notified of the transfer of the VM to a colleague or the change of the VM owner (in the Marketplace).

19. The VM-owner shall ensure that data that should to be stored long-term / persistent is not stored on the VM. The VM is not a data storage or archive, but only a workspace.

20. The data center reserves the right to shut down VM in case of problems, malfunctions and for reasons of security and operational readiness of the IT infrastructure at any time and if necessary without prior warning.