= FAQ for servers and VMs =

== General ==

* What is a virtual machine? - VM is a server that physically runs on top of another server. http://en.wikipedia.org/wiki/Virtual_machine
* What is the advantage? - You can copy VMs easily to other hardware without need of reinstall (in particular useful if hardware brakes).
* Where do we use our VMs for? - for all our MOLGENIS deployments.
* How request one? - Ask Morris to add your new VM to the above list.
* Can VMs be automatically created and killed? - No, currently all server startup/shutdown goes via Ger or Wietze

== Access ==
* What kind of account do I need for VM access, and where do I get it? You need the standard LDAP in gcc group.
* How do I get a /home/myname directory? - Get somebody having root to create it for you on a particular vm (Ger, Morris, Wietze, ...)
* How do I log in to a VM? - From UMCG ssh yourname@molgenisXX.target.rug.nl. From home first go via vm7.target.rug.nl
* Do we use SSH keys for authentication? - No. For the moment everybody can setup their own keys if they like
* Is my account centralized across all VMs? - Yes. One login and password. Exceptions: vm7.target.rug.nl and gbic.target.rug.nl and millipede.service.rug.nl
* How do I install an additional application or library on a VM? - Binaries you can just put on your %PATH; otherwise as a 'root' to install RPMs
* Do I have root access on the VM's? - No. We aim to have VMs work without root access and have all software installed once centrally.
* Who have root access and when would they use it? - Ger, Morris, Wietze, ...
* Can I be a sudoer on a VM? Should I be? - QUESTION: can we install sudo on our servers??

== Operating system ==
* Which OS do the VMs run? SUSE 11.x for VMs (required for GPFS mount) or CentOS 6.x 
* Is there anything I should pay special attention to? 
* What are some basic commands and tools to get me started? 

== Storage and backups ==
* What is GPFS? - GPFS is our central storage. We have a small share of it at /target/gpfs2/gcc/.
* What is the relation to the VMs? - All VMs have access to the shared storage always using the same path /target/gpfs2/gcc/.
* When should I work on the local drive, and when on GPFS?
* How do I access the GPFS? Do I need additional permissions?
* Are database better located on the local drive, or on GPFS?
* What locations are suitable for certain data or user groups on GPFS?
* Can I request additional local harddrive space, or other upgrades like CPU or RAM?
* Are the VMs automatically backupped? If not can I request this? - BIG TODO
* Which folders on the VMs or GPFS are backupped? How can I verify or request this? - BIG TODO. Are whole VMs backupped?
* How do I restore a backup? - BIG TODO

== Configuration ==
* How is my VM configured regarding to access and security, other than SSH/LDAP? - Everybody in 'gcc' group can login via ssh only.
* Where do I configure e.g. the firewall or proxy settings of a VM?
* Should I edit this if I can, and if so, what could go wrong?
* Which ports are opened by default, and what is their function? - Standard port 80 and port 8080 are open. 
* How can I tweak memory usage of my applications? - TODO howto do this with ANT and Tomcat startup script
* How can I tweak memory usage of mysql? - TODO howto my.conf. In principle each VM should be preoptimized
* Can I monitor CPU, RAM, network or drive IO? - TODO

== Hosting ==
* What processes should be run under which user, with regards to security? - TODO If with GPFS you ideally would like a user per app
* How secure should a demonstration system be, with regards to running tools, disk access, HTML exploits, etc? - TODO sandboxed (only local resources)
* How can I test this, and what is the worst case scenario? - Worst case: private data is shared or deleted; This should be prevented at all times.
* Should I prepare for this? - Yes: simplest solution is to limit access to local data only.
* Can I offer static files or HTML pages for download on a VM? How do I do this? - Put them in standard /srv/www/htdocs (served at port 80)
* Can I run other dynamic content scripts such as Perl / PHP via my VM? - No, please request if you need this
* How secure should a production system be? Should it be seperated from demonstration systems? - Yes
* What guarantees should or can I offer my customers? - TODO need recovery procedure; 1st line, nightly backup of the VM; 2nd line, complete reinstall