site-generated/vm-for-project.html - infrastructure-website - Git at Google

 <!doctype html>
 <html class="no-js" lang="en" dir="ltr">
   <head>
     <meta charset="utf-8">
     <meta http-equiv="x-ua-compatible" content="ie=edge">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>Requesting a virtual machine for a project - Apache Infrastructure Website</title>
     <link rel="stylesheet" href="/css/foundation.css">
     <link rel="stylesheet" href="/css/app.css">
     <link rel="stylesheet" href="/css/font-awesome.min.css">
     <style type="text/css">
       .frontbox {
         border-radius: 8%;
         border: 1px solid #999; background: #444; color: #EEE; padding: 6px; margin: 3px;
       }
       .frontbox:hover {
         border-top: 4px solid #1583CC;
         margin-top: 0px;
         cursor: pointer;
       }
       .clickable {
 	/* height was reduced by 40% */
 	height: 60%;
         width: 30%;
         position: absolute;
         z-index: 1;
       }
     </style>
     <link rel="stylesheet"
           href="/highlight/default.min.css">
     <script src="/highlight/highlight.min.js"></script>  </head>
   <body style="background: #C1C1C1;">
     <!-- Menu bar --->
     <div class="row">
       <div class="top-bar" style="padding: 0; margin-bottom: 10px; background: #222; border: 1px solid #DDD; border-bottom-right-radius: 4px; border-bottom-left-radius: 4px;">
         <div class="hide-for-small-only">
           <div class="top-bar-left">
             <ul class="menu" style="background: #222; padding: 0px; line-height: 1; border-bottom-left-radius: 4px;">
               <li class="notable-logo"><a href="/" target="_self" style="padding: 3px; padding-left: 7px;">
                 <img style="vertical-align: middle;" src='/images/feather.png' width='18'/><span style="font-size: 1.30rem; color: #1583CC; text-transform: uppercase;">Apache Infrastructure</span></a>
               </li>
             </ul>
           </div>
           <div class="top-bar-right">
             <ul class="dropdown menu horizontal" data-dropdown-menu style="background: #222; font-size: 0.8rem; text-transform: uppercase; padding-top: 5px;">
               <li class="is-dropdown-submenu-parent">
                 <a href="#" target="_self" style="padding-left: 7px;">About</a>
                 <ul class="menu" style="background: #222; font-size: 0.7rem; text-transform: uppercase; padding-top: 5px; margin-top: 5px;">
                   <li><a href="/team.html">About the team</a></li>
 		  <li><a href="https://blogs.apache.org/infra/" target="_blank">The Infra Blog</a></li>

                 </ul>
               </li>
               <li><a href="/policies.html" target="_blank" style="padding-left: 5px;">Policies</a></li>

               <li class="is-dropdown-submenu-parent">
                  <a href="#" target="_self" style="padding-left: 0px;">Services-Tools</a>
                 <ul class="menu" style="background: #222; font-size: 0.7rem; text-transform: uppercase; padding-top: 5px; margin-top: 5px;">
 		<li><a href="/services.html">Services and Tools</a></li>
                 <li><a href="/machines.html" target="_blank" >Machines and Fingerprints</a></li>
                 <li><a href="https://blocky.apache.org" target="_blank" >Blocky</a></li>
 		<li><a href="https://app.datadoghq.com/account/login?next=%2Finfrastructure" target="_blank" >DataDog</a></li>
 		<li><a href="https://whimsy.apache.org/roster/committer/" target="_blank" >Committer Search</a></li>

                 </ul>
               </li>
               <li><a href="/doc.html" target="_blank" style="padding-left: 5px;">Documentation</a></li>
 	       <li class="is-dropdown-submenu-parent">
                  <a href="#" target="_self" style="padding-left: 0px;">Contribute</a>
                 <ul class="menu" style="background: #222; font-size: 0.7rem; text-transform: uppercase; padding-top: 5px; margin-top: 5px;">
 		   <li><a href="/infra-volunteer.html">Volunteer with Infra</a></li>
 		   <li><a href="/how-to-mirror.html">Become an ASF download mirror</a></li>
 			<li><a href="/hosting-external-agent.html">Host a Jenkins or Buildbot agent</a></li>
 		 </ul>
 	       </li>

               <li><a href="/stats.html" target="_blank" style="padding-left: 5px;">Status</a></li>
               <li><a href="/contact.html" style="padding-left: 5px;"><i class="fa fa-comments" style="color: #FFF; font-size: 0.9rem;"></i>Contact us</a></li>
             </ul>
           </div>
         </div>
       </div>
     </div>
     <!-- bread crumb -->
     <div class="row">
       <div class="large-12 columns" style="font-size: 0.8rem; background-color: rgba(255,255,255,0.75); margin-bottom: 5px;">
         <a href="/">Home</a>
         <i class="fa fa-angle-double-right"></i>
         <a href="/vm-for-project.html">
 Requesting a virtual machine for a project        </a>
         (<a href="https://github.com/apache/infrastructure-website/tree/master/content/pages/vm-for-project.md">edit</a>)
       </div>
     </div>


     <!-- contents -->
     <div class="row">
       <div class="large-12 columns">
         <div class="callout">
           <h2>
               Requesting a virtual machine for a project
           </h2>
               <p>When you want to run an application that is not part of the offered services (like a demo setup of your project), you need to request a dedicated virtual machine (vm). It is not possible to request a physical machine. Physical machines are shared resources for all ASF projects.</p>
 <p>Infra maintains hosts in different computer centers around the world to run virtual machines, so we can relocate your vm as requirements change without you having to reinstall anything.</p>
 <h3>Contents</h3>
 <ul>
 <li><a href="#request">Requesting a virtual machine</a></li>
 <li><a href="#deploy">Deploying the virtual machine</a></li>
 <li><a href="#maintain">Project maintainers</a></li>
 <li><a href="#ssh-keys">Obtaining SSH keys</a></li>
 <li><a href="#maintenance">General maintenance</a></li>
 <li><a href="#cautions">Cautions</a></li>
 </ul>
 <h3 id="request">Requesting a virtual machine<a class="headerlink" href="#request" title="Permanent link">&para;</a></h3>
 <p>To request a virtual machine, open a <a href="https://issues.apache.org/jira/browse/INFRA" target="_blank">Jira</a> ticket with at least the following information:</p>
 <ol>
 <li>The project's plans for the virtual machine:
 <ul>
 <li>Why the project needs a dedicated vm</li>
 <li>Is logging in used in the project's application (HTTPS is mandatory for use of login)?</li>
 <li>Do any special ports need to be opened?</li>
 </ul>
 </li>
 <li>VM resources requested (the operating system will be the latest Ubuntu LTS release):
 <ul>
 <li>CPU cores (default is 1)</li>
 <li>RAM (default is 1Gb)</li>
 <li>Disk capacity (default is 20Gb)</li>
 <li>Name (default is <code>&lt;project&gt;-vm.a.o</code>)</li>
 <li>Apache ID of project administrator</li>
 </ul>
 </li>
 <li>Application resources:
 <ul>
 <li>Database (infra has central sql servers that support postgresql and mysql)</li>
 <li>Httpd (installed pr default, configuration is to be agreed upon)</li>
 <li>Non-standard packages (will be maintained by infra-p6)</li>
 <li>DNS names needed (default is to create <code>vmname</code> only)</li>
 <li>Backup needed (default is <strong>no</strong> backups other than what is in Infra-p6)</li>
 </ul>
 </li>
 <li>Maintainers:
 <ul>
 <li>Provide the name, Apache ID, and contact info for at least three PMC members who will maintain the vm.</li>
 </ul>
 </li>
 <li>Acknowledgement:
 <ul>
 <li>Name of a PMC member who acknowledges this request on behalf of the project.</li>
 </ul>
 </li>
 </ol>
 <p>CPU and RAM are expensive resources, so unless you make a really compelling case we will start the vm with default values. If you/we see problems later we can always add more. We can add CPU cores and RAM can without reinstalling anything.</p>
 <p>The operating system needs to be supported by our standard applications, therefore we currently only offer Ubuntu.</p>
 <p>Important: the ticket must be acknowledged by a PMC member.</p>
 <h3 id="deploy">Deploying the virtual machine<a class="headerlink" href="#deploy" title="Permanent link">&para;</a></h3>
 <p>Infra may ask questions to clarify the request. When all is clear, we will create the vm according to specifications, install the OS and the mandatory standard (infra) applications. The mandatory application guarantee a level of security and provide ssh access common to all vms.</p>
 <p>Once we have tested the vm, we will ask a project maintainer to do ssh to the vm.</p>
 <h3 id="maintain">Project maintainers<a class="headerlink" href="#maintain" title="Permanent link">&para;</a></h3>
 <p>The project maintainers are responsible for maintaining the vm. Infra will normally not maintain the vm, but will check on security from time to time.</p>
 <p>Each project maintainer needs to have ssh keys uploaded to <code>id.a.o</code> before requesting the vm. Maintainers use the ssh keys stored in LDAP to log in to the vm.</p>
 <p>When the vm is created, each maintainer gets karma to access the vm (ldap add host to userid). Once that has been tested, it is time to get sudo karma if it is required.</p>
 <p>To prepare for sudo karma follow the <a href="https://reference.apache.org/committer/opie" target="_blank">OPIE guidelines</a>.</p>
 <p>When OPIE works, contact us on #asfinfra, or by commenting on the issue, and sudo karma will be granted (ldap add userid to sudoer group).</p>
 <h3 id="ssh-keys">Obtaining SSH keys<a class="headerlink" href="#ssh-keys" title="Permanent link">&para;</a></h3>
 <p>To use key-based login, you need to generate a key on your local desktop (do not use a publicly accessible server for this) and then add your public key to LDAP using the self-service app at <code>https://id.apache.org</code>.</p>
 <p>Once you have done this, wait at least 10 mins. You should then be able to log in as follows:</p>
 <pre><code>:::shell $ ssh [username]@$project-vm.apache.org
 </code></pre>
 <p>Depending on your client setup, you may need to run the following command to ensure the key(s) are made available to the SSH client on your system:</p>
 <pre><code>:::shell $ ssh-add
 </code></pre>
 <p>If you use PuTTY, make sure it is configured to force SSH v2 protocol. And use keyboard-interactive.</p>
 <p>Once you have logged in, there are few tasks best performed right away. Please take care when using your shell account.</p>
 <p>Check that your umask is set in a group-friendly fashion. This ensures that the documents you create are editable by your fellow committers. To do this, (depending on which shell you use) edit the <code>.cshrc</code> file or <code>.profile</code> (sh derivatives) so the umask is set as follows:</p>
 <pre><code>umask 002
 </code></pre>
 <p>If a umask line already exists, modify it. Otherwise, add a new line. You will need to use a <code>*nix</code> command-line editor such as <code>vi</code>.</p>
 <p>Tip: You can review the files of some other committer: <code>ls -al ~mymentor; cat ~mymentor/.cshrc</code>.</p>
 <h3 id="maintenance">General maintenance<a class="headerlink" href="#maintenance" title="Permanent link">&para;</a></h3>
 <p>There are no mandatory rules, but here are some suggestions:</p>
 <ul>
 <li>Keep all changes in Git/Puppet. See: <code>https://github.com/apache/infrastructure-p6</code>
 <ul>
 <li>If you do not have karma, please create PRs in a branch against our Github repository.</li>
 <li>Keep all application data in <code>/x1</code> if possible.</li>
 </ul>
 </li>
 <li>Update Puppet with all extra installed packages.
 <ul>
 <li>See <code>https://github.com/apache/infrastructure-p6/tree/production/modules/&lt;vmname&gt;/manifests/init.pp</code></li>
 <li>See also the <a href="https://cwiki.apache.org/confluence/display/INFRA/Git+workflow+for+infrastructure-puppet+repo" target="_blank">Git workflow for an Infrastructure Puppet repository</a>.</li>
 </ul>
 </li>
 </ul>
 <p>See also <a href="vm-management.html">Managing virtual machines</a></p>
 <h3 id="cautions">Cautions<a class="headerlink" href="#cautions" title="Permanent link">&para;</a></h3>
 <ul>
 <li>Do not try to change items controlled by puppet, such as:
 <ul>
 <li>iptables</li>
 <li>sshd</li>
 <li>ldap</li>
 <li>/root/bin</li>
 <li>anything else relevant for security</li>
 </ul>
 </li>
 <li>As sudoer you are expected to know what you do, and are expected to clear any problems you create.</li>
 </ul>
 <p>Before doing something, you are always welcome to join #asfinfra on Slack and ask about it.</p>

         </div>
       </div>
     </div>
     <!-- footer -->
     <div class="row">
       <div class="large-12 medium-12 columns">
         <p style="font-style: italic; font-size: 0.8rem; text-align: center;">
           Copyright 2022, <a href="https://www.apache.org/">The Apache Software Foundation</a>, Licensed under the <a href="https://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.<br/>
           Apache&reg; and the Apache feather logo are trademarks of The Apache Software Foundation...
         </p>
       </div>
     </div>
     <script src="/js/vendor/jquery.js"></script>
     <script src="/js/vendor/what-input.js"></script>
     <script src="/js/vendor/foundation.js"></script>
     <script src="/js/app.js"></script>
     <script>hljs.initHighlightingOnLoad();</script>
   </body>
 </html>
	<!doctype html>
	<html class="no-js" lang="en" dir="ltr">
	<head>
	<meta charset="utf-8">
	<meta http-equiv="x-ua-compatible" content="ie=edge">
	<meta name="viewport" content="width=device-width, initial-scale=1.0">
	<title>Requesting a virtual machine for a project - Apache Infrastructure Website</title>
	<link rel="stylesheet" href="/css/foundation.css">
	<link rel="stylesheet" href="/css/app.css">
	<link rel="stylesheet" href="/css/font-awesome.min.css">
	<style type="text/css">
	.frontbox {
	border-radius: 8%;
	border: 1px solid #999; background: #444; color: #EEE; padding: 6px; margin: 3px;
	}
	.frontbox:hover {
	border-top: 4px solid #1583CC;
	margin-top: 0px;
	cursor: pointer;
	}
	.clickable {
	/* height was reduced by 40% */
	height: 60%;
	width: 30%;
	position: absolute;
	z-index: 1;
	}
	</style>
	<link rel="stylesheet"
	href="/highlight/default.min.css">
	<script src="/highlight/highlight.min.js"></script> </head>
	<body style="background: #C1C1C1;">
	<!-- Menu bar --->
	<div class="row">
	<div class="top-bar" style="padding: 0; margin-bottom: 10px; background: #222; border: 1px solid #DDD; border-bottom-right-radius: 4px; border-bottom-left-radius: 4px;">
	<div class="hide-for-small-only">
	<div class="top-bar-left">
	<ul class="menu" style="background: #222; padding: 0px; line-height: 1; border-bottom-left-radius: 4px;">
	<li class="notable-logo"><a href="/" target="_self" style="padding: 3px; padding-left: 7px;">
	<img style="vertical-align: middle;" src='/images/feather.png' width='18'/><span style="font-size: 1.30rem; color: #1583CC; text-transform: uppercase;">Apache Infrastructure</span></a>
	</li>
	</ul>
	</div>
	<div class="top-bar-right">
	<ul class="dropdown menu horizontal" data-dropdown-menu style="background: #222; font-size: 0.8rem; text-transform: uppercase; padding-top: 5px;">
	<li class="is-dropdown-submenu-parent">
	<a href="#" target="_self" style="padding-left: 7px;">About</a>
	<ul class="menu" style="background: #222; font-size: 0.7rem; text-transform: uppercase; padding-top: 5px; margin-top: 5px;">
	<li><a href="/team.html">About the team</a></li>
	<li><a href="https://blogs.apache.org/infra/" target="_blank">The Infra Blog</a></li>

	</ul>
	</li>
	<li><a href="/policies.html" target="_blank" style="padding-left: 5px;">Policies</a></li>

	<li class="is-dropdown-submenu-parent">
	<a href="#" target="_self" style="padding-left: 0px;">Services-Tools</a>
	<ul class="menu" style="background: #222; font-size: 0.7rem; text-transform: uppercase; padding-top: 5px; margin-top: 5px;">
	<li><a href="/services.html">Services and Tools</a></li>
	<li><a href="/machines.html" target="_blank" >Machines and Fingerprints</a></li>
	<li><a href="https://blocky.apache.org" target="_blank" >Blocky</a></li>
	<li><a href="https://app.datadoghq.com/account/login?next=%2Finfrastructure" target="_blank" >DataDog</a></li>
	<li><a href="https://whimsy.apache.org/roster/committer/" target="_blank" >Committer Search</a></li>

	</ul>
	</li>
	<li><a href="/doc.html" target="_blank" style="padding-left: 5px;">Documentation</a></li>
	<li class="is-dropdown-submenu-parent">
	<a href="#" target="_self" style="padding-left: 0px;">Contribute</a>
	<ul class="menu" style="background: #222; font-size: 0.7rem; text-transform: uppercase; padding-top: 5px; margin-top: 5px;">
	<li><a href="/infra-volunteer.html">Volunteer with Infra</a></li>
	<li><a href="/how-to-mirror.html">Become an ASF download mirror</a></li>
	<li><a href="/hosting-external-agent.html">Host a Jenkins or Buildbot agent</a></li>
	</ul>
	</li>

	<li><a href="/stats.html" target="_blank" style="padding-left: 5px;">Status</a></li>
	<li><a href="/contact.html" style="padding-left: 5px;"><i class="fa fa-comments" style="color: #FFF; font-size: 0.9rem;"></i>Contact us</a></li>
	</ul>
	</div>
	</div>
	</div>
	</div>
	<!-- bread crumb -->
	<div class="row">
	<div class="large-12 columns" style="font-size: 0.8rem; background-color: rgba(255,255,255,0.75); margin-bottom: 5px;">
	<a href="/">Home</a>
	<i class="fa fa-angle-double-right"></i>
	<a href="/vm-for-project.html">
	Requesting a virtual machine for a project </a>
	(<a href="https://github.com/apache/infrastructure-website/tree/master/content/pages/vm-for-project.md">edit</a>)
	</div>
	</div>


	<!-- contents -->
	<div class="row">
	<div class="large-12 columns">
	<div class="callout">
	<h2>
	Requesting a virtual machine for a project
	</h2>
	<p>When you want to run an application that is not part of the offered services (like a demo setup of your project), you need to request a dedicated virtual machine (vm). It is not possible to request a physical machine. Physical machines are shared resources for all ASF projects.</p>
	<p>Infra maintains hosts in different computer centers around the world to run virtual machines, so we can relocate your vm as requirements change without you having to reinstall anything.</p>
	<h3>Contents</h3>
	<ul>
	<li><a href="#request">Requesting a virtual machine</a></li>
	<li><a href="#deploy">Deploying the virtual machine</a></li>
	<li><a href="#maintain">Project maintainers</a></li>
	<li><a href="#ssh-keys">Obtaining SSH keys</a></li>
	<li><a href="#maintenance">General maintenance</a></li>
	<li><a href="#cautions">Cautions</a></li>
	</ul>
	<h3 id="request">Requesting a virtual machine<a class="headerlink" href="#request" title="Permanent link">¶</a></h3>
	<p>To request a virtual machine, open a <a href="https://issues.apache.org/jira/browse/INFRA" target="_blank">Jira</a> ticket with at least the following information:</p>
	<ol>
	<li>The project's plans for the virtual machine:
	<ul>
	<li>Why the project needs a dedicated vm</li>
	<li>Is logging in used in the project's application (HTTPS is mandatory for use of login)?</li>
	<li>Do any special ports need to be opened?</li>
	</ul>
	</li>
	<li>VM resources requested (the operating system will be the latest Ubuntu LTS release):
	<ul>
	<li>CPU cores (default is 1)</li>
	<li>RAM (default is 1Gb)</li>
	<li>Disk capacity (default is 20Gb)</li>
	<li>Name (default is <code><project>-vm.a.o</code>)</li>
	<li>Apache ID of project administrator</li>
	</ul>
	</li>
	<li>Application resources:
	<ul>
	<li>Database (infra has central sql servers that support postgresql and mysql)</li>
	<li>Httpd (installed pr default, configuration is to be agreed upon)</li>
	<li>Non-standard packages (will be maintained by infra-p6)</li>
	<li>DNS names needed (default is to create <code>vmname</code> only)</li>
	<li>Backup needed (default is <strong>no</strong> backups other than what is in Infra-p6)</li>
	</ul>
	</li>
	<li>Maintainers:
	<ul>
	<li>Provide the name, Apache ID, and contact info for at least three PMC members who will maintain the vm.</li>
	</ul>
	</li>
	<li>Acknowledgement:
	<ul>
	<li>Name of a PMC member who acknowledges this request on behalf of the project.</li>
	</ul>
	</li>
	</ol>
	<p>CPU and RAM are expensive resources, so unless you make a really compelling case we will start the vm with default values. If you/we see problems later we can always add more. We can add CPU cores and RAM can without reinstalling anything.</p>
	<p>The operating system needs to be supported by our standard applications, therefore we currently only offer Ubuntu.</p>
	<p>Important: the ticket must be acknowledged by a PMC member.</p>
	<h3 id="deploy">Deploying the virtual machine<a class="headerlink" href="#deploy" title="Permanent link">¶</a></h3>
	<p>Infra may ask questions to clarify the request. When all is clear, we will create the vm according to specifications, install the OS and the mandatory standard (infra) applications. The mandatory application guarantee a level of security and provide ssh access common to all vms.</p>
	<p>Once we have tested the vm, we will ask a project maintainer to do ssh to the vm.</p>
	<h3 id="maintain">Project maintainers<a class="headerlink" href="#maintain" title="Permanent link">¶</a></h3>
	<p>The project maintainers are responsible for maintaining the vm. Infra will normally not maintain the vm, but will check on security from time to time.</p>
	<p>Each project maintainer needs to have ssh keys uploaded to <code>id.a.o</code> before requesting the vm. Maintainers use the ssh keys stored in LDAP to log in to the vm.</p>
	<p>When the vm is created, each maintainer gets karma to access the vm (ldap add host to userid). Once that has been tested, it is time to get sudo karma if it is required.</p>
	<p>To prepare for sudo karma follow the <a href="https://reference.apache.org/committer/opie" target="_blank">OPIE guidelines</a>.</p>
	<p>When OPIE works, contact us on #asfinfra, or by commenting on the issue, and sudo karma will be granted (ldap add userid to sudoer group).</p>
	<h3 id="ssh-keys">Obtaining SSH keys<a class="headerlink" href="#ssh-keys" title="Permanent link">¶</a></h3>
	<p>To use key-based login, you need to generate a key on your local desktop (do not use a publicly accessible server for this) and then add your public key to LDAP using the self-service app at <code>https://id.apache.org</code>.</p>
	<p>Once you have done this, wait at least 10 mins. You should then be able to log in as follows:</p>
	<pre><code>:::shell $ ssh [username]@$project-vm.apache.org
	</code></pre>
	<p>Depending on your client setup, you may need to run the following command to ensure the key(s) are made available to the SSH client on your system:</p>
	<pre><code>:::shell $ ssh-add
	</code></pre>
	<p>If you use PuTTY, make sure it is configured to force SSH v2 protocol. And use keyboard-interactive.</p>
	<p>Once you have logged in, there are few tasks best performed right away. Please take care when using your shell account.</p>
	<p>Check that your umask is set in a group-friendly fashion. This ensures that the documents you create are editable by your fellow committers. To do this, (depending on which shell you use) edit the <code>.cshrc</code> file or <code>.profile</code> (sh derivatives) so the umask is set as follows:</p>
	<pre><code>umask 002
	</code></pre>
	<p>If a umask line already exists, modify it. Otherwise, add a new line. You will need to use a <code>*nix</code> command-line editor such as <code>vi</code>.</p>
	<p>Tip: You can review the files of some other committer: <code>ls -al ~mymentor; cat ~mymentor/.cshrc</code>.</p>
	<h3 id="maintenance">General maintenance<a class="headerlink" href="#maintenance" title="Permanent link">¶</a></h3>
	<p>There are no mandatory rules, but here are some suggestions:</p>
	<ul>
	<li>Keep all changes in Git/Puppet. See: <code>https://github.com/apache/infrastructure-p6</code>
	<ul>
	<li>If you do not have karma, please create PRs in a branch against our Github repository.</li>
	<li>Keep all application data in <code>/x1</code> if possible.</li>
	</ul>
	</li>
	<li>Update Puppet with all extra installed packages.
	<ul>
	<li>See <code>https://github.com/apache/infrastructure-p6/tree/production/modules/<vmname>/manifests/init.pp</code></li>
	<li>See also the <a href="https://cwiki.apache.org/confluence/display/INFRA/Git+workflow+for+infrastructure-puppet+repo" target="_blank">Git workflow for an Infrastructure Puppet repository</a>.</li>
	</ul>
	</li>
	</ul>
	<p>See also <a href="vm-management.html">Managing virtual machines</a></p>
	<h3 id="cautions">Cautions<a class="headerlink" href="#cautions" title="Permanent link">¶</a></h3>
	<ul>
	<li>Do not try to change items controlled by puppet, such as:
	<ul>
	<li>iptables</li>
	<li>sshd</li>
	<li>ldap</li>
	<li>/root/bin</li>
	<li>anything else relevant for security</li>
	</ul>
	</li>
	<li>As sudoer you are expected to know what you do, and are expected to clear any problems you create.</li>
	</ul>
	<p>Before doing something, you are always welcome to join #asfinfra on Slack and ask about it.</p>

	</div>
	</div>
	</div>
	<!-- footer -->
	<div class="row">
	<div class="large-12 medium-12 columns">
	<p style="font-style: italic; font-size: 0.8rem; text-align: center;">
	Copyright 2022, <a href="https://www.apache.org/">The Apache Software Foundation</a>, Licensed under the <a href="https://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.<br/>
	Apache® and the Apache feather logo are trademarks of The Apache Software Foundation...
	</p>
	</div>
	</div>
	<script src="/js/vendor/jquery.js"></script>
	<script src="/js/vendor/what-input.js"></script>
	<script src="/js/vendor/foundation.js"></script>
	<script src="/js/app.js"></script>
	<script>hljs.initHighlightingOnLoad();</script>
	</body>
	</html>