ZeroOne Tech Public Wiki - User contributions [en]

Cloud:Storage:CreateS3Credentials

2025-04-09T02:02:29Z

Thefathacker: /* MacOS */

= OpenStack S3 - Generate S3 Credentials =
This guide is to provide instructions to allow you to generate S3 Credentials for Later use

Requirements:
* Python3
* Python3-pip or apt with python package Management
* Python3 Openstack Client
* bash (Windows Users: Git Bash)

== Environment Preparation ==
To prepare your environment you will need to setup the required software packages for your given operating system

=== Install Required Packages ===
==== Linux ====
===== Ubuntu/Debian (and forks) =====
<code>apt install python3 python3-openstackclient</code>

Alternatively if you are using pip for python package management
<code>
apt install python3 python3-pip
pip install python-openstackclient
</code>
===== Fedora (or EL Based Distributions) =====
for dnf users:
<code>dnf install python3 python3-pip</code>

for yum users:
<code>yum install python3 python3-pip</code>

<code>pip install python-openstackclient</code>

==== MacOS ====
TODO CONFIRM HOW TO SETUP Python on MacOS

==== Windows ====
Install Required Packages
* [https://git-scm.com/downloads/win Git Bash from git for Windows]
* [https://www.python.org/downloads/ Python3 for Windows with Python pip]

If you use [https://chocolatey.org/ Chocolatey]: <code>choco install python3 git.install</code>

With python & python-pip installed, in a new PowerShell or CMD Terminal <code>pip install python-openstackclient</code>

=== Importing Openstack Environmental Varibles ===
# [[File:Openstack RC Download.png|right]] Download your OpenStack Environmental Variables file (OpenStack RC File), do this by logging into your Openstack Dashboard, navigating to the top right corner user icon/label and download your OpenStack RC File <div style="clear: both"></div>
# [[File:OpenStack Cli Setup.png|right]] Open your preferred bash shell (or Git Bash on Windows) and nativate to where ever the download OpenStack RC File. Example: <pre>cd ~/Downloads</pre> to navigate to your Downloads File
# Use the downloaded Openstack RC file for Source Data by using the source command, example: <pre>source 3a5c8-default-openrc.sh</pre> you will then be asked for your openstack password
# Test your credentials now work run <pre>openstack image list</pre> which will query the available server images in ZWS <div style="clear: both"></div>

== Credential Management ==
=== Generate New Credential ===
Use the following command to generate a new credential
<pre>
openstack ec2 credentials create
</pre>

Which will give you output similar too:
<pre>
+------------+-------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-------------------------------------------------------------------------------------------------------------------------------------------+
| access | abababababababababababababababab |
| links | {'self': 'https://cloud.zeroone.tech:5000/v3/users/dededededededededededededededede/credentials/OS-EC2/abababababababababababababababab'} |
| project_id | bcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbc |
| secret | cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd |
| trust_id | None |
| user_id | dededededededededededededededede |
+------------+-------------------------------------------------------------------------------------------------------------------------------------------+
</pre>

The important value which will be unrecoverable after this point will be the secret. Also take note of the access as this will also be required for provisioning services with the S3 compatible API.

=== Get Existing Credentials ===
Use the following command to get your existing Credentails
<pre>
openstack ec2 credentials list
</pre>

<strong>IMPORTANT NOTE:</strong> Please note there is only one EC2 credential per user tenant, <strong>re-creating this credential will replace the credential and any services using this credential being lost.</strong>

Cloud:Storage:CreateS3Credentials

2025-04-09T02:02:13Z

Thefathacker: Updated Setup Guide

= OpenStack S3 - Generate S3 Credentials =
This guide is to provide instructions to allow you to generate S3 Credentials for Later use

Requirements:
* Python3
* Python3-pip or apt with python package Management
* Python3 Openstack Client
* bash (Windows Users: Git Bash)

== Environment Preparation ==
To prepare your environment you will need to setup the required software packages for your given operating system

=== Install Required Packages ===
==== Linux ====
===== Ubuntu/Debian (and forks) =====
<code>apt install python3 python3-openstackclient</code>

Alternatively if you are using pip for python package management
<code>
apt install python3 python3-pip
pip install python-openstackclient
</code>
===== Fedora (or EL Based Distributions) =====
for dnf users:
<code>dnf install python3 python3-pip</code>

for yum users:
<code>yum install python3 python3-pip</code>

<code>pip install python-openstackclient</code>

==== MacOS ====
TODO CONFIRM HOW TO SETUP Python on Windows

==== Windows ====
Install Required Packages
* [https://git-scm.com/downloads/win Git Bash from git for Windows]
* [https://www.python.org/downloads/ Python3 for Windows with Python pip]

If you use [https://chocolatey.org/ Chocolatey]: <code>choco install python3 git.install</code>

With python & python-pip installed, in a new PowerShell or CMD Terminal <code>pip install python-openstackclient</code>

=== Importing Openstack Environmental Varibles ===
# [[File:Openstack RC Download.png|right]] Download your OpenStack Environmental Variables file (OpenStack RC File), do this by logging into your Openstack Dashboard, navigating to the top right corner user icon/label and download your OpenStack RC File <div style="clear: both"></div>
# [[File:OpenStack Cli Setup.png|right]] Open your preferred bash shell (or Git Bash on Windows) and nativate to where ever the download OpenStack RC File. Example: <pre>cd ~/Downloads</pre> to navigate to your Downloads File
# Use the downloaded Openstack RC file for Source Data by using the source command, example: <pre>source 3a5c8-default-openrc.sh</pre> you will then be asked for your openstack password
# Test your credentials now work run <pre>openstack image list</pre> which will query the available server images in ZWS <div style="clear: both"></div>

== Credential Management ==
=== Generate New Credential ===
Use the following command to generate a new credential
<pre>
openstack ec2 credentials create
</pre>

Which will give you output similar too:
<pre>
+------------+-------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-------------------------------------------------------------------------------------------------------------------------------------------+
| access | abababababababababababababababab |
| links | {'self': 'https://cloud.zeroone.tech:5000/v3/users/dededededededededededededededede/credentials/OS-EC2/abababababababababababababababab'} |
| project_id | bcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbc |
| secret | cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd |
| trust_id | None |
| user_id | dededededededededededededededede |
+------------+-------------------------------------------------------------------------------------------------------------------------------------------+
</pre>

The important value which will be unrecoverable after this point will be the secret. Also take note of the access as this will also be required for provisioning services with the S3 compatible API.

=== Get Existing Credentials ===
Use the following command to get your existing Credentails
<pre>
openstack ec2 credentials list
</pre>

<strong>IMPORTANT NOTE:</strong> Please note there is only one EC2 credential per user tenant, <strong>re-creating this credential will replace the credential and any services using this credential being lost.</strong>

File:OpenStack Cli Setup.png

2025-04-09T01:56:06Z

Thefathacker:

OpenStack Cli Setup

Cloud

2025-04-09T01:40:56Z

Thefathacker:

<h1>For Documentation for ZWS Cloud Services</h1>

<h2>Storage</h2>
<h3>Openstack S3</h3>
Documentation to Setup and Support for Storage provided by Openstack S3
<ul>
<li>[[Cloud:Storage:CreateS3Credentials|Generate Keys for S3]]</li>
</ul>

Cloud:Storage:CreateS3Credentials

2025-04-09T01:40:07Z

Thefathacker: Thefathacker moved page Cloud:Storage:CreateCredentials to Cloud:Storage:CreateS3Credentials without leaving a redirect: Misspelled title

=== Linux ===

# Ubuntu 24.04

<pre>
apt install python3-openstackclient
</pre>

// ADD SCREENSHOT HERE FOR RC FILE
https://cloud.zeroone.tech/project/api_access/openrc/

<pre>
source default-openrc.sh
Please enter your OpenStack Password for project docs as user [Openstack User]:
</pre>

You can now use the following command
<pre>
openstack ec2 credentials create
</pre>

Which will give you output similar too:
<pre>
+------------+-------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-------------------------------------------------------------------------------------------------------------------------------------------+
| access | abababababababababababababababab |
| links | {'self': 'https://cloud.zeroone.tech:5000/v3/users/dededededededededededededededede/credentials/OS-EC2/abababababababababababababababab'} |
| project_id | bcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbc |
| secret | cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd |
| trust_id | None |
| user_id | dededededededededededededededede |
+------------+-------------------------------------------------------------------------------------------------------------------------------------------+
</pre>

The important value which will be unrecoverable after this point will be the secret. Also take note of the access as this will also be required for provisioning services with the S3 compatible API.

<strong>IMPORTANT NOTE:</strong> Please note there is only one EC2 credential per user tenant, <strong>re-creating this credential will replace the credential and any services using this credential being lost.</strong>

File:Openstack RC Download.png

2025-04-09T01:34:26Z

Thefathacker:

Openstack RC Download

Cloud

2025-04-09T00:42:00Z

Thefathacker:

<h1>For Documentation for ZWS Cloud Services</h1>

<h2>Storage</h2>
<h3>Openstack S3</h3>
Documentation to Setup and Support for Storage provided by Openstack S3
<ul>
<li>[[YoloColo:CloudS3_Generate_Keys|Generate Keys for S3]]</li>
</ul>

YoloColo

2025-03-19T03:09:53Z

Thefathacker:

<h1>For Documentation for YoloColo Services</h1>

<h2>Routing</h2>
<h3>Cloud Router</h3>
Documentation to Setup and Support for YoloColo Cloud Router Service
<ul>
<li>[[YoloColo:Jumpbox|Setup Jumpbox to Configure/Recover Cloud Router]]</li>
<li>[[YoloColo:CRS-MultiWAN|Failover Routing for Cloud Router Service]]</li>
</ul>

YoloColo

2025-03-19T03:09:39Z

Thefathacker:

YoloColo:CRS-MultiWAN

2025-03-19T03:08:24Z

Thefathacker: Draft Setup MultiWAN

# DRAFT!

# Interface Setup
Access Dashboard of Cloud Router the access
[[File:Mstsc mOmXXLpair.png|right]]

Along with exist interface configurations you will have vtnet2, this is the newly provisioned interface by the ZWS Sales Support Team setting the description such as WAN2, WAN Backup, etc
[[File:Mstsc QHhQ7C9oBn.png|right]]

If you have the following message in the assignments screen "No devices available for assignment" please seek assistance from ZWS Support as the interface may not have been provisioned
[[File:Mstsc SLbsZIQNdk.png|right]]

Access the newly created interface, enable set block private & bogan networks as well as change IPv4 Configuration Type to DHCP
[[File:Mstsc uLVhytmxbH.png|thumb]]

Confirm you now have an IP address provided from the network
[[File:Mstsc UuaTMv8H6I.png|right]]

# Gateway Setup
Access Gateway Configuration and add new gateway
[[File:Mstsc XiJABdmVe3.png|right]]

Set the name, Interface (The one you just created), Select Upstream Gateway to allow default route, untick Disable Gateway Monitoring as it is required to handle failover and give it an IP address on the internet that will responsed to ICMP Requests to confirm uplink health. E.G 1.0.0.[1-3] for CloudFlare DNS alt or Google DNS Alt 8.8.4.4
[[File:Mstsc QLZ6OGj1az.png|right]]

Return to gateway configuration to configure the existing WAN link [[File:Mstsc aF7CecBm1S.png|right]]

Ensure that Disable Gateway Monitor is Unticked and that a Monitor IP address that both known to respond and is different from the one using by you second gateway such as Cloudflare 1.1.1.1 or Google 8.8.8.8
[[File:Mstsc fhNZZLf3kv.png|right]]

Resulting Configuration will be similar to attached image
[[File:Mstsc mt5Qf5pmDy.png|right]]

## Gateway Group
We now configure our Gateway Group Configuration, access System => Gateways => Group and create a group

Gateway Configuration and be configured to Failover to Alternate WAN connection by Giving one WAN Gateway Tier 1 and Tier 2. As shown
[[File:Mstsc HgvffiQq7C.png]]

Alternatively By setting both to Tier 1 connections will be served by both WAN interfaces. Use this option with care and consult ZWS Sales/Support to ensure routing is being handled within the fair use policy.
[[File:Mstsc bU8apsCZpR.png|right]]

# Firewall Configuration
Lastly you need to update you firewall configution for you WAN to have devices apply the WAN Gateway when attempting use the internet

Access your Firewall Rules for the LAN interface, then edit any existing IPv4 Rule [[File:Mstsc BBzuDPYDXz.png|right]]

Change the gateway option from default to the created gateway group
[[File:Mstsc dn4EgKAOis.png|right]]

File:Mstsc dn4EgKAOis.png

2025-03-19T03:04:34Z

Thefathacker:

Firewall Rule

File:Mstsc BBzuDPYDXz.png

2025-03-19T02:50:50Z

Thefathacker:

Edit WAN Rule

File:Mstsc bU8apsCZpR.png

2025-03-19T02:44:47Z

Thefathacker:

WAN Group LB

File:Mstsc HgvffiQq7C.png

2025-03-19T02:40:48Z

Thefathacker:

WAN Failover Group

File:Mstsc mt5Qf5pmDy.png

2025-03-19T02:33:17Z

Thefathacker:

Gateway Complete

File:Mstsc fhNZZLf3kv.png

2025-03-19T02:29:35Z

Thefathacker:

Primary WAN Options

File:Mstsc aF7CecBm1S.png

2025-03-19T02:26:14Z

Thefathacker:

Edit Option for Existing Gateway

File:Mstsc QLZ6OGj1az.png

2025-03-19T02:23:39Z

Thefathacker:

Set Gateway Options

File:Mstsc XiJABdmVe3.png

2025-03-19T02:18:34Z

Thefathacker:

Add Gateway

File:Mstsc UuaTMv8H6I.png

2025-03-19T02:08:18Z

Thefathacker:

Interface overview

File:Mstsc uLVhytmxbH.png

2025-03-19T02:05:11Z

Thefathacker:

Set Interface Configuration

File:Mstsc SLbsZIQNdk.png

2025-03-19T01:59:39Z

Thefathacker:

no devices available - opnsense

File:Mstsc QHhQ7C9oBn.png

2025-03-19T01:57:04Z

Thefathacker:

Add Assigned interface

File:Mstsc mOmXXLpair.png

2025-03-19T01:50:39Z

Thefathacker:

Assess Interface Assignments

YoloColo:Jumpbox

2025-02-01T03:10:28Z

Thefathacker:

= Jumpbox Remote Access Setup =
This guide is to setup a bastion remote desktop server in order to access yolocolo services delivered by ZeroOne Technologies

Requirements:
* A Brain to be able to follow documentation
* Credentials to Access ZeroOne Tech OpenStack Tenant
* Assumes you do not have any existing configuration in ZeroOne Cloud

== Setup Networking ==
First networking must enabled and request a public IP address to enable an internet routable VM on OpenStack

=== “Jumpbox” LAN ===
# [[File:JumboxSetup Step1 1.png|right|Setup LAN Step 1]] Open [https://cloud.zeroone.tech/horizon/project/networks/ Networks - OpenStack Dashboard (zeroone.tech)], You will have at least two networks listed. 1) Being Public and 2) being vlan1XXX. Public is the Public internet hosted by ZeroOne and vlan1XXX is your network local network for your yolo services. if vlan1XXX is not provisioned in your tenant please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord] <div style="clear: both"></div>
# [[File:JumboxSetup_Step1_2.png|right|Setup LAN Step 2]] You need to create a network for your “Jumpbox” using the “Create Network” option <div style="clear: both"></div>
# [[File:JumboxSetup Step1 3.png|right|Setup LAN Step 3]] Name your network (in this case I am using “jumpbox_net”, leaving all other values as default, then click “Next” <div style="clear: both"></div>
# [[File:JumboxSetup Step1 4.png|right|Setup LAN Step 4]] Define the IP Scope of this network, by giving it a name and address in CIDR Format. Leave IP Version Defaulted to IPv4 and Gateway Empty (This will be filled out by OpenStack), Then Click on next <div style="clear: both"></div>
# [[File:JumboxSetup Step1 5.png|right|Setup LAN Step 5]] On the subnet Details Page, Click create leaving all other details default <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== “Jumpbox” LAN - Router/Gateway ===
Setup Internet Gateway for “Jumpbox” LAN
# [[File:JumboxSetup Step2 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/routers/ Routers - OpenStack Dashboard (zeroone.tech)] and “Create Router” <div style="clear: both"></div>
# [[File:JumboxSetup Step2 2.png|right]] Name your router and set the External Network to “Public”, then click create. <div style="clear: both"></div>
# [[File:JumboxSetup Step2 3.png|right]] Open your router detail <div style="clear: both"></div>
# [[File:JumboxSetup Step2 4.png|right]] View Interfaces for your router and add an interface <div style="clear: both"></div>
# [[File:JumboxSetup Step2 5.png|right]] Select the subnet the Gateway is for, in this case the “jumpbox_subnet”, An IP address will assigned by openstack then click submit <div style="clear: both"></div>

This Gateway enables:
* LAN => WAN NAT to enable internet access from [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN]] connected instances
* WAN => LAN [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] to allow WAN connections made from WAN Addresses to Instances like [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] using a Floating IP Address as per [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]] and [[YoloColo:Jumpbox#Associate_Floating_IP|Associate Floating IP]] <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Security Group for remote access ===
# [[File:JumboxSetup Step3 1.png|right]] Now navigate to [https://cloud.zeroone.tech/horizon/project/security_groups/ Security Groups - OpenStack Dashboard (zeroone.tech)] and create a security group <div style="clear: both"></div>
# [[File:JumboxSetup Step3 2.png|right]] Give it a useful name, in this case it is to allow you to remotely access your “Jumphost” then create. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 3.png|right]] With the Security Group created we can now add rules, add a rule. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 4.png|right]] Set the rule type to RDP and enter the source IP of where you will be receiving RDP Requests. If you are unsure of what your IP Address in CIDR Format is you can use services such as [https://myip.wtf WTF is my IP?!?!?? / https://myip.wtf]. You can also use 0.0.0.0/0 but this would allow anyone to attempt to connect to your “Jumpbox” on RDP which can be a BadIdea™ , then “add”. Note if you intend to use a Linux Jumpbox, select SSH for the Rule instead <div style="clear: both"></div>

[[File:JumboxSetup Step3 5.png|right]] ''Note on Security Group Rules:'' Can had multiple and apply multiple to Compute Instances. As a result I will remove default rules from my Security Groups to allow for layering of rulesets. You will see this later, as a result my reset for allow-RDP looks like: <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Request a Floating (Public) IP for Jumpbox ===
# [[File:JumboxSetup Step4 1.png|right|File:JumboxSetup Step4 1.png]] Navigate to [https://cloud.zeroone.tech/horizon/project/floating_ips/ Floating IPs - OpenStack Dashboard (zeroone.tech)] and “Allocate IP to Project” <div style="clear: both"></div>
# [[File:JumboxSetup Step4 2.png|right]] Give the IP A description, then complete the allocation by then clicking “Allocate IP” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Networking Setup - Summary ===
This completes the Networking Required for Setting up to have a Jumpbox on ZeroOne Cloud to access Yolocolo Services you can see the network layout at Network Topology - OpenStack Dashboard (zeroone.tech)

----
<div style="clear: both"></div>
== Compute Instance Setup ==
This section covers the creation and access to a Windows VM to allow access to you YoloColo Network
=== Create - Windows Instance ===
# [[File:JumboxSetup Step5 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] and “Launch Instance” <div style="clear: both"></div>
# [[File:JumboxSetup Step5 2.png|right]] Name you Instance then click next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 3.png|right]] For Source, Change to Image, you can then search for Windows to show available Windows Server 2022 Standard Image which you can then select '''(DO NOT SELECT “vGPU edition” unless approved by Management for vGPU resource access)''', Volume Size will now be the minimum size to accept image. You can increase volume size, ''but not make smaller that Image''. Then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 4.png|right]] Set the “Flavor” or Size of the VM. In this case I am using a “z1.gs.small” as the Windows Image needs a Minimum RAM allocation of 4096MB, then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 5.png|right]] Allocate the Network we create for this in the [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN Setup]] instructions above to this instance. Then next. '''''NOTE:''''' ''Do not add you vlan1XXX network at this step, as it does not have internet access available and will resolute in this VM not being deployed correctly'' <div style="clear: both"></div> <br> &zwnj;
# Skip Network Ports. No Changes required here <div style="clear: both"></div> <br> &zwnj;
# [[File:JumboxSetup Step5 6.png|right]] Allocate the Security Group created in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] for Allowing RDP Connections to this device. ''You will see as per my comments in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] when creating the security group I have the “default” allow we traffic group then the second security group to “allow” RDP connections.'' Then Next. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 7.png|right]] We can now create the private key to secure the password for this machine, if you already have a private key, you can import it or otherwise we will create one now, click on “Create Key Pair”, give it a name and type of SSH '''(YOU MUST SAVE THIS KEY AS WE CANNNOT RECOVER IT AND WITHOUT IT YOU CANNNOT ACCESS THIS VM AND IT WILL NEED TO BE RECREATED)'''
## [[File:JumboxSetup Step5 8.png|right]] PLEASE NOTE: OpenStack and ZeroOne '''DO NOT''' store this private keys if you do not save it cannot be recovered, additionally if you do not store or share it appropriately we are not responsible for any unauthorized access to your instances. Treat your SSH keys like you would treat your password. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 9.png|right]] With the Key Pair defined we can now “Launch” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Wait ===
[[File:JumboxSetup Step5 9a.png|right]] We must wait for the Instance to complete building after we Launch as we the last step before continuing. This will take 5-10 minutes to complete, grab a coffee, tea, monster, beer, rum or other beverage of choice but to remember to drink and compute under the influence safely <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Associate Floating IP ===
We can then Allocate the Previously requested Floating IP we requested in [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]]
# [[File:JumboxSetup Step6 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] <br> &zwnj;
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Associate Floating IP" <div style="clear: both"></div>
# [[File:JumboxSetup Step6 2.png|right]] Select the floating IP Address you requested and it will be assigned to the network interface & IP address of the jumpbox on the created jumpbox LAN <div style="clear: both"></div>
What is step does sets up [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] though the router created in [[YoloColo:Jumpbox#“Jumpbox”_LAN_-_Router|“Jumpbox” LAN - Router/Gateway]] which also acts as the LAN NAT Gateway which enables internet access to your [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Retreive Instance Password ===
Due to issues with how to getting a password safely sent to the instance at setup time, OpenStack instead randomly generates the password and securely encrypts it with your public key setup in [[YoloColo:Jumpbox#Create_-_Windows_Instance|Create Instance - Step 8]], As previously noted if you have an issue with the private key, we will be unable to recover your password to access this Instance <div style="clear: both"></div>
# [[File:JumboxSetup Step7 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] <br> &zwnj;
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Retreive Password" <div style="clear: both"></div>
# [[File:JumboxSetup Step7 2.png|right]] Upload or Copy/Paste your SSH Private key to decrypt your Password

----
<div style="clear: both"></div>
=== Connect Instance to your YoloColo Network ===
This will your Jumpbox Instance to access Network Services setup on your YoloColo LAN
# [[File:JumboxSetup Step8 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] <br> &zwnj;
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Attach Interface" <div style="clear: both"></div>
# [[File:JumboxSetup Step8 2.png|right]] You can now set the IP address for the instance on the YoloColo Network, if you do not set "Fixed IP Address" one will be automatically set from the network defined from the network defined for your YoloColo LAN. If you do choice to set an IP Address do not use an IP Address below .10 as these are reserved for Openstack Services. <div style="clear: both"></div>
# [[File:JumboxSetup Step8 3.png|right]] You will now have two Networks available in your remote desktop, you may need to set the IP Address on this interface, if this is required, this must be the EXACT IP address as shown in the [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] for your yolocolo network <div style="clear: both"></div>

----
<div style="clear: both"></div>
= Summary =
If you have any issues with this article please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord]

Main Page

2025-02-01T02:59:00Z

Thefathacker:

<h1>ZeroOne Technology Services LLC - Public Wiki</h1>

This wiki has been created for the purpose of providing users of ZeroOne Technology Cloud and Yolocolo Services Documentation to assist them in utilizing the full potential of ZeroOne's Services

If you have found this wiki and are not a member of the ZeroOne Technologies Customer Discord Community, please consult the Craft Computing Discord Community for requesting access.

For assistance or to discuss any information detailed here, please consult members of the ZeroOne Technologies Discord.

<h2>Document Groups</h2>
Documentation for ZeroOne Tech is divided between the two follow document groups:
<ul>
<li>[[Cloud|Cloud - Public Cloud Services]]</li>
<li>[[YoloColo|YoloColo - You only need to Colocate Once Service]]</li>
</ul>

<br />
<hr />
<strong>Quotes from the ZeroOne Technology Community:</strong>

"ZeroOne Wiki... Step One: Stop and try again tomorrow"; Pink Froyd

My Favorite GDPR Violation: "If in doubt, ask Hacker"

@ㄣ0% pɹod qǝɐɹ qʎ ʌolnɯǝ: "No don't ask me, Ychto now how this stuff works..."

My Favorite GDPR Violation: "It's all Ychto's fault?"

Pink Froyd: "It’s all id’s fault"

My Favorite GDPR Violation: "Of course."

<br />
<hr />
<strong>Rules from the ZeroOne Technology Community:</strong>

We have two unwritten rules:

# <br>
# <br>

Written Rules:
# DO NOT EAT RAW COOKIE DOUGH!

Main Page

2025-02-01T02:50:51Z

Thefathacker:

<h1>ZeroOne Technology Services LLC - Public Wiki</h1>

This wiki has been created for the purpose of providing users of ZeroOne Technology Cloud and Yolocolo Services Documentation to assist them in utilizing the full potential of ZeroOne's Services

For assistance or to discuss any information detailed here, please consult members of the ZeroOne Technologies Discord.

If you have found this wiki and are not a member of the ZeroOne Technologies Customer Discord Community, please consult the Craft Computing Discord Community for requesting access.

<h2>Document Groups</h2>
Documentation for ZeroOne Tech is broken into two document groups
<ul>
<li>[[Cloud|Cloud - Public Cloud Services]]</li>
<li>[[YoloColo|YoloColo - You only need to Colocate Once Service]]</li>
</ul>

<br />
<hr />
<strong>Quotes from the ZeroOne Technology Community:</strong>

"ZeroOne Wiki... Step One: Stop and try again tomorrow"; Pink Froyd

My Favorite GDPR Violation: "If in doubt, ask Hacker"

@ㄣ0% pɹod qǝɐɹ qʎ ʌolnɯǝ: "No don't ask me, Ychto now how this stuff works..."

My Favorite GDPR Violation: "It's all Ychto's fault?"

Pink Froyd: "It’s all id’s fault"

My Favorite GDPR Violation: "Of course."

<br />
<hr />
<strong>Rules from the ZeroOne Technology Community:</strong>

We have two unwritten rules:

# <br>
# <br>

Written Rules:
# DO NOT EAT RAW COOKIE DOUGH!

YoloColo:Jumpbox

2025-01-11T05:59:54Z

Thefathacker:

= Jumpbox Remote Access Setup =
This guide is to setup a bastion remote desktop server in order to access yolocolo services delivered by ZeroOne Technologies

Requirements:
<ul>
<li>A Brain to be able to follow documentation</li>
<li>Credentials to Access ZeroOne Tech OpenStack Tenant</li>
</ul>

== Setup Networking ==
First we must enable networking and request a public IP address to enable an internet routable VM on openstack

=== “Jumpbox” LAN ===
# [[File:JumboxSetup Step1 1.png|right|Setup LAN Step 1]] Open [https://cloud.zeroone.tech/horizon/project/networks/ Networks - OpenStack Dashboard (zeroone.tech)], You will have at least two networks listed. 1) Being Public and 2) being vlan1XXX. Public is the Public internet hosted by ZeroOne and vlan1XXX is your network local network for your yolo services. if vlan1XXX is not provisioned in your tenant please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord] <div style="clear: both"></div>
# [[File:JumboxSetup_Step1_2.png|right|Setup LAN Step 2]] We need to create a network for your “Jumpbox” using the “Create Network” option <div style="clear: both"></div>
# [[File:JumboxSetup Step1 3.png|right|Setup LAN Step 3]] Name your network (in this case I am using “jumpbox_net”, leaving all other values as default, then click “Next” <div style="clear: both"></div>
# [[File:JumboxSetup Step1 4.png|right|Setup LAN Step 4]] Define the IP Scope of this network, by giving it a name and address in CIDR Format. Leave IP Version Defaulted to IPv4 and Gateway Empty (This will be filled out by OpenStack), Then Click on next <div style="clear: both"></div>
# [[File:JumboxSetup Step1 5.png|right|Setup LAN Step 5]] On the subnet Details Page, Click create leaving all other details default <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== “Jumpbox” LAN - Router/Gateway ===
Setup Internet Gateway for “Jumpbox” LAN
# [[File:JumboxSetup Step2 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/routers/ Routers - OpenStack Dashboard (zeroone.tech)] and “Create Router” <div style="clear: both"></div>
# [[File:JumboxSetup Step2 2.png|right]] Name your router and set the External Network to “Public”, then click create. <div style="clear: both"></div>
# [[File:JumboxSetup Step2 3.png|right]] Open your router detail <div style="clear: both"></div>
# [[File:JumboxSetup Step2 4.png|right]] View Interfaces for your router and add an interface <div style="clear: both"></div>
# [[File:JumboxSetup Step2 5.png|right]] Select the subnet the Gateway is for, in this case the “jumpbox_subnet”, An IP address will assigned by openstack then click submit <div style="clear: both"></div>

This Gateway enables:
* LAN => WAN NAT to enable internet access from [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN]] connected instances
* WAN => LAN [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] to allow WAN connections made from WAN Addresses to Instances like [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] using a Floating IP Address as per [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]] and [[YoloColo:Jumpbox#Associate_Floating_IP|Associate Floating IP]] <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Security Group for remote access ===
# [[File:JumboxSetup Step3 1.png|right]] Now navigate to [https://cloud.zeroone.tech/horizon/project/security_groups/ Security Groups - OpenStack Dashboard (zeroone.tech)] and create a security group <div style="clear: both"></div>
# [[File:JumboxSetup Step3 2.png|right]] Give it a useful name, in this case it is to allow you to remotely access your “Jumphost” then create. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 3.png|right]] With the Security Group created we can now add rules, add a rule. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 4.png|right]] Set the rule type to RDP and enter the source IP of where you will be receiving RDP Requests. If you are unsure of what your IP Address in CIDR Format is you can use services such as [https://myip.wtf WTF is my IP?!?!?? / https://myip.wtf]. You can also use 0.0.0.0/0 but this would allow anyone to attempt to connect to your “Jumpbox” on RDP which can be a BadIdea™ , then “add”. Note if you intend to use a Linux Jumpbox, select SSH for the Rule instead <div style="clear: both"></div>

[[File:JumboxSetup Step3 5.png|right]] ''Note on Security Group Rules:'' Can had multiple and apply multiple to Compute Instances. As a result I will remove default rules from my Security Groups to allow for layering of rulesets. You will see this later, as a result my reset for allow-RDP looks like: <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Request a Floating (Public) IP for Jumpbox ===
# [[File:JumboxSetup Step4 1.png|right|File:JumboxSetup Step4 1.png]] Navigate to [https://cloud.zeroone.tech/horizon/project/floating_ips/ Floating IPs - OpenStack Dashboard (zeroone.tech)] and “Allocate IP to Project” <div style="clear: both"></div>
# [[File:JumboxSetup Step4 2.png|right]] Give the IP A description, then complete the allocation by then clicking “Allocate IP” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Networking Setup - Summary ===
This completes the Networking Required for Setting up to have a Jumpbox on ZeroOne Cloud to access Yolocolo Services you can see the network layout at Network Topology - OpenStack Dashboard (zeroone.tech)

----
<div style="clear: both"></div>
== Compute Instance Setup ==
This section covers the creation and access to a Windows VM to allow access to you YoloColo Network
=== Create - Windows Instance ===
# [[File:JumboxSetup Step5 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] and “Launch Instance” <div style="clear: both"></div>
# [[File:JumboxSetup Step5 2.png|right]] Name you Instance then click next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 3.png|right]] For Source, Change to Image, you can then search for Windows to show available Windows Server 2022 Standard Image which you can then select '''(DO NOT SELECT “vGPU edition” unless approved by Management for vGPU resource access)''', Volume Size will now be the minimum size to accept image. You can increase volume size, ''but not make smaller that Image''. Then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 4.png|right]] Set the “Flavor” or Size of the VM. In this case I am using a “z1.gs.small” as the Windows Image needs a Minimum RAM allocation of 4096MB, then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 5.png|right]] Allocate the Network we create for this in the [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN Setup]] instructions above to this instance. Then next. '''''NOTE:''''' ''Do not add you vlan1XXX network at this step, as it does not have internet access available and will resolute in this VM not being deployed correctly'' <div style="clear: both"></div> <br> &zwnj;
# Skip Network Ports. No Changes required here <div style="clear: both"></div> <br> &zwnj;
# [[File:JumboxSetup Step5 6.png|right]] Allocate the Security Group created in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] for Allowing RDP Connections to this device. ''You will see as per my comments in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] when creating the security group I have the “default” allow we traffic group then the second security group to “allow” RDP connections.'' Then Next. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 7.png|right]] We can now create the private key to secure the password for this machine, if you already have a private key, you can import it or otherwise we will create one now, click on “Create Key Pair”, give it a name and type of SSH '''(YOU MUST SAVE THIS KEY AS WE CANNNOT RECOVER IT AND WITHOUT IT YOU CANNNOT ACCESS THIS VM AND IT WILL NEED TO BE RECREATED)'''
## [[File:JumboxSetup Step5 8.png|right]] PLEASE NOTE: OpenStack and ZeroOne '''DO NOT''' store this private keys if you do not save it cannot be recovered, additionally if you do not store or share it appropriately we are not responsible for any unauthorized access to your instances. Treat your SSH keys like you would treat your password. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 9.png|right]] With the Key Pair defined we can now “Launch” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Wait ===
[[File:JumboxSetup Step5 9a.png|right]] We must wait for the Instance to complete building after we Launch as we the last step before continuing. This will take 5-10 minutes to complete, grab a coffee, tea, monster, beer, rum or other beverage of choice but to remember to drink and compute under the influence safely <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Associate Floating IP ===
We can then Allocate the Previously requested Floating IP we requested in [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]]
# [[File:JumboxSetup Step6 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] <br> &zwnj;
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Associate Floating IP" <div style="clear: both"></div>
# [[File:JumboxSetup Step6 2.png|right]] Select the floating IP Address you requested and it will be assigned to the network interface & IP address of the jumpbox on the created jumpbox LAN <div style="clear: both"></div>
What is step does sets up [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] though the router created in [[YoloColo:Jumpbox#“Jumpbox”_LAN_-_Router|“Jumpbox” LAN - Router/Gateway]] which also acts as the LAN NAT Gateway which enables internet access to your [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Retreive Instance Password ===
Due to issues with how to getting a password safely sent to the instance at setup time, OpenStack instead randomly generates the password and securely encrypts it with your public key setup in [[YoloColo:Jumpbox#Create_-_Windows_Instance|Create Instance - Step 8]], As previously noted if you have an issue with the private key, we will be unable to recover your password to access this Instance <div style="clear: both"></div>
# [[File:JumboxSetup Step7 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] <br> &zwnj;
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Retreive Password" <div style="clear: both"></div>
# [[File:JumboxSetup Step7 2.png|right]] Upload or Copy/Paste your SSH Private key to decrypt your Password

----
<div style="clear: both"></div>
=== Connect Instance to your YoloColo Network ===
This will your Jumpbox Instance to access Network Services setup on your YoloColo LAN
# [[File:JumboxSetup Step8 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] <br> &zwnj;
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Attach Interface" <div style="clear: both"></div>
# [[File:JumboxSetup Step8 2.png|right]] You can now set the IP address for the instance on the YoloColo Network, if you do not set "Fixed IP Address" one will be automatically set from the network defined from the network defined for your YoloColo LAN. If you do choice to set an IP Address do not use an IP Address below .10 as these are reserved for Openstack Services. <div style="clear: both"></div>
# [[File:JumboxSetup Step8 3.png|right]] You will now have two Networks available in your remote desktop, you may need to set the IP Address on this interface, if this is required, this must be the EXACT IP address as shown in the [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] for your yolocolo network <div style="clear: both"></div>

----
<div style="clear: both"></div>
= Summary =
If you have any issues with this article please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord]

YoloColo:Jumpbox

2025-01-11T04:28:50Z

Thefathacker:

= Jumpbox Remote Access Setup =
This guide is to setup a bastion remote desktop server in order to access yolocolo services delivered by ZeroOne Technologies

Requirements:
<ul>
<li>A Brain to be able to follow documentation</li>
<li>Credentials to Access ZeroOne Tech OpenStack Tenant</li>
</ul>

== Setup Networking ==
First we must enable networking and request a public IP address to enable an internet routable VM on openstack

=== “Jumpbox” LAN ===
# [[File:JumboxSetup Step1 1.png|right|Setup LAN Step 1]] Open [https://cloud.zeroone.tech/horizon/project/networks/ Networks - OpenStack Dashboard (zeroone.tech)], You will have at least two networks listed. 1) Being Public and 2) being vlan1XXX. Public is the Public internet hosted by ZeroOne and vlan1XXX is your network local network for your yolo services. if vlan1XXX is not provisioned in your tenant please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord] <div style="clear: both"></div>
# [[File:JumboxSetup_Step1_2.png|right|Setup LAN Step 2]] We need to create a network for your “Jumpbox” using the “Create Network” option <div style="clear: both"></div>
# [[File:JumboxSetup Step1 3.png|right|Setup LAN Step 3]] Name your network (in this case I am using “jumpbox_net”, leaving all other values as default, then click “Next” <div style="clear: both"></div>
# [[File:JumboxSetup Step1 4.png|right|Setup LAN Step 4]] Define the IP Scope of this network, by giving it a name and address in CIDR Format. Leave IP Version Defaulted to IPv4 and Gateway Empty (This will be filled out by OpenStack), Then Click on next <div style="clear: both"></div>
# [[File:JumboxSetup Step1 5.png|right|Setup LAN Step 5]] On the subnet Details Page, Click create leaving all other details default <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== “Jumpbox” LAN - Router/Gateway ===
Setup Internet Gateway for “Jumpbox” LAN
# [[File:JumboxSetup Step2 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/routers/ Routers - OpenStack Dashboard (zeroone.tech)] and “Create Router” <div style="clear: both"></div>
# [[File:JumboxSetup Step2 2.png|right]] Name your router and set the External Network to “Public”, then click create. <div style="clear: both"></div>
# [[File:JumboxSetup Step2 3.png|right]] Open your router detail <div style="clear: both"></div>
# [[File:JumboxSetup Step2 4.png|right]] View Interfaces for your router and add an interface <div style="clear: both"></div>
# [[File:JumboxSetup Step2 5.png|right]] Select the subnet the Gateway is for, in this case the “jumpbox_subnet”, An IP address will assigned by openstack then click submit <div style="clear: both"></div>

This Gateway enables:
* LAN => WAN NAT to enable internet access from [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN]] connected instances
* WAN => LAN [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] to allow WAN connections made from WAN Addresses to Instances like [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] using a Floating IP Address as per [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]] and [[YoloColo:Jumpbox#Associate_Floating_IP|Associate Floating IP]] <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Security Group for remote access ===
# [[File:JumboxSetup Step3 1.png|right]] Now navigate to [https://cloud.zeroone.tech/horizon/project/security_groups/ Security Groups - OpenStack Dashboard (zeroone.tech)] and create a security group <div style="clear: both"></div>
# [[File:JumboxSetup Step3 2.png|right]] Give it a useful name, in this case it is to allow you to remotely access your “Jumphost” then create. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 3.png|right]] With the Security Group created we can now add rules, add a rule. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 4.png|right]] Set the rule type to RDP and enter the source IP of where you will be receiving RDP Requests. If you are unsure of what your IP Address in CIDR Format is you can use services such as [https://myip.wtf WTF is my IP?!?!?? / https://myip.wtf]. You can also use 0.0.0.0/0 but this would allow anyone to attempt to connect to your “Jumpbox” on RDP which can be a BadIdea™ , then “add”. Note if you intend to use a Linux Jumpbox, select SSH for the Rule instead <div style="clear: both"></div>

[[File:JumboxSetup Step3 5.png|right]] ''Note on Security Group Rules:'' Can had multiple and apply multiple to Compute Instances. As a result I will remove default rules from my Security Groups to allow for layering of rulesets. You will see this later, as a result my reset for allow-RDP looks like: <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Request a Floating (Public) IP for Jumpbox ===
# [[File:JumboxSetup Step4 1.png|right|File:JumboxSetup Step4 1.png]] Navigate to [https://cloud.zeroone.tech/horizon/project/floating_ips/ Floating IPs - OpenStack Dashboard (zeroone.tech)] and “Allocate IP to Project” <div style="clear: both"></div>
# [[File:JumboxSetup Step4 2.png|right]] Give the IP A description, then complete the allocation by then clicking “Allocate IP” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Networking Setup - Summary ===
This completes the Networking Required for Setting up to have a Jumpbox on ZeroOne Cloud to access Yolocolo Services you can see the network layout at Network Topology - OpenStack Dashboard (zeroone.tech)

----
<div style="clear: both"></div>
== Compute Instance Setup ==
This section covers the creation and access to a Windows VM to allow access to you YoloColo Network
=== Create - Windows Instance ===
# [[File:JumboxSetup Step5 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] and “Launch Instance” <div style="clear: both"></div>
# [[File:JumboxSetup Step5 2.png|right]] Name you Instance then click next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 3.png|right]] For Source, Change to Image, you can then search for Windows to show available Windows Server 2022 Standard Image which you can then select '''(DO NOT SELECT “vGPU edition” unless approved by Management for vGPU resource access)''', Volume Size will now be the minimum size to accept image. You can increase volume size, ''but not make smaller that Image''. Then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 4.png|right]] Set the “Flavor” or Size of the VM. In this case I am using a “z1.gs.small” as the Windows Image needs a Minimum RAM allocation of 4096MB, then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 5.png|right]] Allocate the Network we create for this in the [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN Setup]] instructions above to this instance. Then next. '''''NOTE:''''' ''Do not add you vlan1XXX network at this step, as it does not have internet access available and will resolute in this VM not being deployed correctly'' <div style="clear: both"></div>
# Skip Network Ports. No Changes required here <div style="clear: both"></div>
# [[File:JumboxSetup Step5 6.png|right]] Allocate the Security Group created in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] for Allowing RDP Connections to this device. ''You will see as per my comments in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] when creating the security group I have the “default” allow we traffic group then the second security group to “allow” RDP connections.'' Then Next. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 7.png|right]] We can now create the private key to secure the password for this machine, if you already have a private key, you can import it or otherwise we will create one now, click on “Create Key Pair”, give it a name and type of SSH '''(YOU MUST SAVE THIS KEY AS WE CANNNOT RECOVER IT AND WITHOUT IT YOU CANNNOT ACCESS THIS VM AND IT WILL NEED TO BE RECREATED)'''
## [[File:JumboxSetup Step5 8.png|right]] PLEASE NOTE: OpenStack and ZeroOne '''DO NOT''' store this private keys if you do not save it cannot be recovered, additionally if you do not store or share it appropriately we are not responsible for any unauthorized access to your instances. Treat your SSH keys like you would treat your password. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 9.png|right]] With the Key Pair defined we can now “Launch” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Wait ===
[[File:JumboxSetup Step5 9a.png|right]] We must wait for the Instance to complete building after we Launch as we the last step before continuing. This will take 5-10 minutes to complete, grab a coffee, tea, monster, beer, rum or other beverage of choice but to remember to drink and compute under the influence safely <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Associate Floating IP ===
We can then Allocate the Previously requested Floating IP we requested in [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]]
# Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# [[File:JumboxSetup Step6 1.png|right]] Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Associate Floating IP" <div style="clear: both"></div>
# [[File:JumboxSetup Step6 2.png|right]] Select the floating IP Address you requested and it will be assigned to the network interface & IP address of the jumpbox on the created jumpbox LAN <div style="clear: both"></div>
What is step does sets up [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] though the router created in [[YoloColo:Jumpbox#“Jumpbox”_LAN_-_Router|“Jumpbox” LAN - Router/Gateway]] which also acts as the LAN NAT Gateway which enables internet access to your [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Retreive Instance Password ===
Due to issues with how to getting a password safely sent to the instance at setup time, OpenStack instead randomly generates the password and securely encrypts it with your public key setup in [[YoloColo:Jumpbox#Create_-_Windows_Instance|Create Instance - Step 8]], As previously noted if you have an issue with the private key, we will be unable to recover your password to access this Instance <div style="clear: both"></div>
# [[File:JumboxSetup Step7 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Retreive Password" <div style="clear: both"></div>
# [[File:JumboxSetup Step7 2.png|right]] Upload or Copy/Paste your SSH Private key to decrypt your Password

----
<div style="clear: both"></div>
=== Connect Instance to your YoloColo Network ===
This will your Jumpbox Instance to access Network Services setup on your YoloColo LAN
# [[File:JumboxSetup Step8 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Attach Interface" <div style="clear: both"></div>
# [[File:JumboxSetup Step8 2.png|right]] You can now set the IP address for the instance on the YoloColo Network, if you do not set "Fixed IP Address" one will be automatically set from the network defined from the network defined for your YoloColo LAN. If you do choice to set an IP Address do not use an IP Address below .10 as these are reserved for Openstack Services. <div style="clear: both"></div>
# [[File:JumboxSetup Step8 3.png|right]] You will now have two Networks available in your remote desktop, you may need to set the IP Address on this interface, if this is required, this must be the EXACT IP address as shown in the [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] for your yolocolo network <div style="clear: both"></div>

----
<div style="clear: both"></div>
= Summary =
If you have any issues with this article please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord]

YoloColo:Jumpbox

2025-01-11T04:28:04Z

Thefathacker:

= Jumpbox Remote Access Setup =
This guide is to setup a bastion remote desktop server in order to access yolocolo services delivered by ZeroOne Technologies

Requirements:
<ul>
<li>A Brain to be able to follow documentation</li>
<li>Credentials to Access ZeroOne Tech OpenStack Tenant</li>
</ul>

== Setup Networking ==
First we must enable networking and request a public IP address to enable an internet routable VM on openstack

=== “Jumpbox” LAN ===
# [[File:JumboxSetup Step1 1.png|right|Setup LAN Step 1]] Open [https://cloud.zeroone.tech/horizon/project/networks/ Networks - OpenStack Dashboard (zeroone.tech)], You will have at least two networks listed. 1) Being Public and 2) being vlan1XXX. Public is the Public internet hosted by ZeroOne and vlan1XXX is your network local network for your yolo services. if vlan1XXX is not provisioned in your tenant please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord] <div style="clear: both"></div>
# [[File:JumboxSetup_Step1_2.png|right|Setup LAN Step 2]] We need to create a network for your “Jumpbox” using the “Create Network” option <div style="clear: both"></div>
# [[File:JumboxSetup Step1 3.png|right|Setup LAN Step 3]] Name your network (in this case I am using “jumpbox_net”, leaving all other values as default, then click “Next” <div style="clear: both"></div>
# [[File:JumboxSetup Step1 4.png|right|Setup LAN Step 4]] Define the IP Scope of this network, by giving it a name and address in CIDR Format. Leave IP Version Defaulted to IPv4 and Gateway Empty (This will be filled out by OpenStack), Then Click on next <div style="clear: both"></div>
# [[File:JumboxSetup Step1 5.png|right|Setup LAN Step 5]] On the subnet Details Page, Click create leaving all other details default <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== “Jumpbox” LAN - Router/Gateway ===
Setup Internet Gateway for “Jumpbox” LAN
# [[File:JumboxSetup Step2 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/routers/ Routers - OpenStack Dashboard (zeroone.tech)] and “Create Router” <div style="clear: both"></div>
# [[File:JumboxSetup Step2 2.png|right]] Name your router and set the External Network to “Public”, then click create. <div style="clear: both"></div>
# [[File:JumboxSetup Step2 3.png|right]] Open your router detail <div style="clear: both"></div>
# [[File:JumboxSetup Step2 4.png|right]] View Interfaces for your router and add an interface <div style="clear: both"></div>
# [[File:JumboxSetup Step2 5.png|right]] Select the subnet the Gateway is for, in this case the “jumpbox_subnet”, An IP address will assigned by openstack then click submit <div style="clear: both"></div>

This Gateway enables:
* LAN => WAN NAT to enable internet access from [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN]] connected instances
* WAN => LAN [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] to allow WAN connections made from WAN Addresses to Instances like [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] using a Floating IP Address as per [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]] and [[YoloColo:Jumpbox#Associate_Floating_IP|Associate Floating IP]] <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Security Group for remote access ===
# [[File:JumboxSetup Step3 1.png|right]] Now navigate to [https://cloud.zeroone.tech/horizon/project/security_groups/ Security Groups - OpenStack Dashboard (zeroone.tech)] and create a security group <div style="clear: both"></div>
# [[File:JumboxSetup Step3 2.png|right]] Give it a useful name, in this case it is to allow you to remotely access your “Jumphost” then create. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 3.png|right]] With the Security Group created we can now add rules, add a rule. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 4.png|right]] Set the rule type to RDP and enter the source IP of where you will be receiving RDP Requests. If you are unsure of what your IP Address in CIDR Format is you can use services such as [https://myip.wtf WTF is my IP?!?!?? / https://myip.wtf]. You can also use 0.0.0.0/0 but this would allow anyone to attempt to connect to your “Jumpbox” on RDP which can be a BadIdea™ , then “add”. Note if you intend to use a Linux Jumpbox, select SSH for the Rule instead <div style="clear: both"></div>

[[File:JumboxSetup Step3 5.png|right]] ''Note on Security Group Rules:'' Can had multiple and apply multiple to Compute Instances. As a result I will remove default rules from my Security Groups to allow for layering of rulesets. You will see this later, as a result my reset for allow-RDP looks like: <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Request a Floating (Public) IP for Jumpbox ===
# [[File:JumboxSetup Step4 1.png|right|File:JumboxSetup Step4 1.png]] Navigate to [https://cloud.zeroone.tech/horizon/project/floating_ips/ Floating IPs - OpenStack Dashboard (zeroone.tech)] and “Allocate IP to Project” <div style="clear: both"></div>
# [[File:JumboxSetup Step4 2.png|right]] Give the IP A description, then complete the allocation by then clicking “Allocate IP” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Networking Setup - Summary ===
This completes the Networking Required for Setting up to have a Jumpbox on ZeroOne Cloud to access Yolocolo Services you can see the network layout at Network Topology - OpenStack Dashboard (zeroone.tech)

----
<div style="clear: both"></div>
== Compute Instance Setup ==
This section covers the creation and access to a Windows VM to allow access to you YoloColo Network
=== Create - Windows Instance ===
# [[File:JumboxSetup Step5 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] and “Launch Instance” <div style="clear: both"></div>
# [[File:JumboxSetup Step5 2.png|right]] Name you Instance then click next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 3.png|right]] For Source, Change to Image, you can then search for Windows to show available Windows Server 2022 Standard Image which you can then select '''(DO NOT SELECT “vGPU edition” unless approved by Management for vGPU resource access)''', Volume Size will now be the minimum size to accept image. You can increase volume size, ''but not make smaller that Image''. Then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 4.png|right]] Set the “Flavor” or Size of the VM. In this case I am using a “z1.gs.small” as the Windows Image needs a Minimum RAM allocation of 4096MB, then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 5.png|right]] Allocate the Network we create for this in the [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN Setup]] instructions above to this instance. Then next. '''''NOTE:''''' ''Do not add you vlan1XXX network at this step, as it does not have internet access available and will resolute in this VM not being deployed correctly'' <div style="clear: both"></div>
# Skip Network Ports. No Changes required here <div style="clear: both"></div>
# [[File:JumboxSetup Step5 6.png|right]] Allocate the Security Group created in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] for Allowing RDP Connections to this device. ''You will see as per my comments in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] when creating the security group I have the “default” allow we traffic group then the second security group to “allow” RDP connections.'' Then Next. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 7.png|right]] We can now create the private key to secure the password for this machine, if you already have a private key, you can import it or otherwise we will create one now, click on “Create Key Pair”, give it a name and type of SSH '''(YOU MUST SAVE THIS KEY AS WE CANNNOT RECOVER IT AND WITHOUT IT YOU CANNNOT ACCESS THIS VM AND IT WILL NEED TO BE RECREATED)'''
## [[File:JumboxSetup Step5 8.png|right]] PLEASE NOTE: OpenStack and ZeroOne '''DO NOT''' store this private keys if you do not save it cannot be recovered, additionally if you do not store or share it appropriately we are not responsible for any unauthorized access to your instances. Treat your SSH keys like you would treat your password. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 9.png|right]] With the Key Pair defined we can now “Launch” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Wait ===
[[File:JumboxSetup Step5 9a.png|right]] We must wait for the Instance to complete building after we Launch as we the last step before continuing. This will take 5-10 minutes to complete, grab a coffee, tea, monster, beer, rum or other beverage of choice but to remember to drink and compute under the influence safely <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Associate Floating IP ===
We can then Allocate the Previously requested Floating IP we requested in [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]]
# Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# [[File:JumboxSetup Step6 1.png|right]] Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Associate Floating IP" <div style="clear: both"></div>
# [[File:JumboxSetup Step6 2.png|right]] Select the floating IP Address you requested and it will be assigned to the network interface & IP address of the jumpbox on the created jumpbox LAN <div style="clear: both"></div>
What is step does sets up [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] though the router created in [[YoloColo:Jumpbox#“Jumpbox”_LAN_-_Router|“Jumpbox” LAN - Router/Gateway]] which also acts as the LAN NAT Gateway which enables internet access to your [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Retreive Instance Password ===
Due to issues with how to getting a password safely sent to the instance at setup time, OpenStack instead randomly generates the password and securely encrypts it with your public key setup in [[YoloColo:Jumpbox#Create_-_Windows_Instance|Create Instance - Step 8]], As previously noted if you have an issue with the private key, we will be unable to recover your password to access this Instance <div style="clear: both"></div>
# [[File:JumboxSetup Step7 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Retreive Password" <div style="clear: both"></div>
# [[File:JumboxSetup Step7 2.png|right]] Upload or Copy/Paste your SSH Private key to decrypt your Password

----
<div style="clear: both"></div>
=== Connect Instance to your YoloColo Network ===
This will your Jumpbox Instance to access Network Services setup on your YoloColo LAN
# [[File:JumboxSetup Step8 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] <br />
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Attach Interface" <div style="clear: both"></div>
# [[File:JumboxSetup Step8 2.png|right]] You can now set the IP address for the instance on the YoloColo Network, if you do not set "Fixed IP Address" one will be automatically set from the network defined from the network defined for your YoloColo LAN. If you do choice to set an IP Address do not use an IP Address below .10 as these are reserved for Openstack Services. <div style="clear: both"></div>
# [[File:JumboxSetup Step8 3.png|right]] You will now have two Networks available in your remote desktop, you may need to set the IP Address on this interface, if this is required, this must be the EXACT IP address as shown in the [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] for your yolocolo network <div style="clear: both"></div>

----
<div style="clear: both"></div>
= Summary =
If you have any issues with this article please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord]

YoloColo:Jumpbox

2025-01-11T04:23:51Z

Thefathacker:

= Jumpbox Remote Access Setup =
This guide is to setup a bastion remote desktop server in order to access yolocolo services delivered by ZeroOne Technologies

Requirements:
<ul>
<li>A Brain to be able to follow documentation</li>
<li>Credentials to Access ZeroOne Tech OpenStack Tenant</li>
</ul>

== Setup Networking ==
First we must enable networking and request a public IP address to enable an internet routable VM on openstack

=== “Jumpbox” LAN ===
# [[File:JumboxSetup Step1 1.png|right|Setup LAN Step 1]] Open [https://cloud.zeroone.tech/horizon/project/networks/ Networks - OpenStack Dashboard (zeroone.tech)], You will have at least two networks listed. 1) Being Public and 2) being vlan1XXX. Public is the Public internet hosted by ZeroOne and vlan1XXX is your network local network for your yolo services. if vlan1XXX is not provisioned in your tenant please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord] <div style="clear: both"></div>
# [[File:JumboxSetup_Step1_2.png|right|Setup LAN Step 2]] We need to create a network for your “Jumpbox” using the “Create Network” option <div style="clear: both"></div>
# [[File:JumboxSetup Step1 3.png|right|Setup LAN Step 3]] Name your network (in this case I am using “jumpbox_net”, leaving all other values as default, then click “Next” <div style="clear: both"></div>
# [[File:JumboxSetup Step1 4.png|right|Setup LAN Step 4]] Define the IP Scope of this network, by giving it a name and address in CIDR Format. Leave IP Version Defaulted to IPv4 and Gateway Empty (This will be filled out by OpenStack), Then Click on next <div style="clear: both"></div>
# [[File:JumboxSetup Step1 5.png|right|Setup LAN Step 5]] On the subnet Details Page, Click create leaving all other details default <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== “Jumpbox” LAN - Router/Gateway ===
Setup Internet Gateway for “Jumpbox” LAN
# [[File:JumboxSetup Step2 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/routers/ Routers - OpenStack Dashboard (zeroone.tech)] and “Create Router” <div style="clear: both"></div>
# [[File:JumboxSetup Step2 2.png|right]] Name your router and set the External Network to “Public”, then click create. <div style="clear: both"></div>
# [[File:JumboxSetup Step2 3.png|right]] Open your router detail <div style="clear: both"></div>
# [[File:JumboxSetup Step2 4.png|right]] View Interfaces for your router and add an interface <div style="clear: both"></div>
# [[File:JumboxSetup Step2 5.png|right]] Select the subnet the Gateway is for, in this case the “jumpbox_subnet”, An IP address will assigned by openstack then click submit <div style="clear: both"></div>

This Gateway enables:
* LAN => WAN NAT to enable internet access from [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN]] connected instances
* WAN => LAN [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] to allow WAN connections made from WAN Addresses to Instances like [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] using a Floating IP Address as per [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]] and [[YoloColo:Jumpbox#Associate_Floating_IP|Associate Floating IP]] <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Security Group for remote access ===
# [[File:JumboxSetup Step3 1.png|right]] Now navigate to [https://cloud.zeroone.tech/horizon/project/security_groups/ Security Groups - OpenStack Dashboard (zeroone.tech)] and create a security group <div style="clear: both"></div>
# [[File:JumboxSetup Step3 2.png|right]] Give it a useful name, in this case it is to allow you to remotely access your “Jumphost” then create. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 3.png|right]] With the Security Group created we can now add rules, add a rule. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 4.png|right]] Set the rule type to RDP and enter the source IP of where you will be receiving RDP Requests. If you are unsure of what your IP Address in CIDR Format is you can use services such as [https://myip.wtf WTF is my IP?!?!?? / https://myip.wtf]. You can also use 0.0.0.0/0 but this would allow anyone to attempt to connect to your “Jumpbox” on RDP which can be a BadIdea™ , then “add”. Note if you intend to use a Linux Jumpbox, select SSH for the Rule instead <div style="clear: both"></div>

[[File:JumboxSetup Step3 5.png|right]] ''Note on Security Group Rules:'' Can had multiple and apply multiple to Compute Instances. As a result I will remove default rules from my Security Groups to allow for layering of rulesets. You will see this later, as a result my reset for allow-RDP looks like: <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Request a Floating (Public) IP for Jumpbox ===
# [[File:JumboxSetup Step4 1.png|right|File:JumboxSetup Step4 1.png]] Navigate to [https://cloud.zeroone.tech/horizon/project/floating_ips/ Floating IPs - OpenStack Dashboard (zeroone.tech)] and “Allocate IP to Project” <div style="clear: both"></div>
# [[File:JumboxSetup Step4 2.png|right]] Give the IP A description, then complete the allocation by then clicking “Allocate IP” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Networking Setup - Summary ===
This completes the Networking Required for Setting up to have a Jumpbox on ZeroOne Cloud to access Yolocolo Services you can see the network layout at Network Topology - OpenStack Dashboard (zeroone.tech)

----
<div style="clear: both"></div>
== Compute Instance Setup ==
This section covers the creation and access to a Windows VM to allow access to you YoloColo Network
=== Create - Windows Instance ===
# [[File:JumboxSetup Step5 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] and “Launch Instance” <div style="clear: both"></div>
# [[File:JumboxSetup Step5 2.png|right]] Name you Instance then click next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 3.png|right]] For Source, Change to Image, you can then search for Windows to show available Windows Server 2022 Standard Image which you can then select '''(DO NOT SELECT “vGPU edition” unless approved by Management for vGPU resource access)''', Volume Size will now be the minimum size to accept image. You can increase volume size, ''but not make smaller that Image''. Then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 4.png|right]] Set the “Flavor” or Size of the VM. In this case I am using a “z1.gs.small” as the Windows Image needs a Minimum RAM allocation of 4096MB, then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 5.png|right]] Allocate the Network we create for this in the [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN Setup]] instructions above to this instance. Then next. '''''NOTE:''''' ''Do not add you vlan1XXX network at this step, as it does not have internet access available and will resolute in this VM not being deployed correctly'' <div style="clear: both"></div>
# Skip Network Ports. No Changes required here <div style="clear: both"></div>
# [[File:JumboxSetup Step5 6.png|right]] Allocate the Security Group created in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] for Allowing RDP Connections to this device. ''You will see as per my comments in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] when creating the security group I have the “default” allow we traffic group then the second security group to “allow” RDP connections.'' Then Next. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 7.png|right]] We can now create the private key to secure the password for this machine, if you already have a private key, you can import it or otherwise we will create one now, click on “Create Key Pair”, give it a name and type of SSH '''(YOU MUST SAVE THIS KEY AS WE CANNNOT RECOVER IT AND WITHOUT IT YOU CANNNOT ACCESS THIS VM AND IT WILL NEED TO BE RECREATED)'''
## [[File:JumboxSetup Step5 8.png|right]] PLEASE NOTE: OpenStack and ZeroOne '''DO NOT''' store this private keys if you do not save it cannot be recovered, additionally if you do not store or share it appropriately we are not responsible for any unauthorized access to your instances. Treat your SSH keys like you would treat your password. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 9.png|right]] With the Key Pair defined we can now “Launch” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Wait ===
[[File:JumboxSetup Step5 9a.png|right]] We must wait for the Instance to complete building after we Launch as we the last step before continuing. This will take 5-10 minutes to complete, grab a coffee, tea, monster, beer, rum or other beverage of choice but to remember to drink and compute under the influence safely <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Associate Floating IP ===
We can then Allocate the Previously requested Floating IP we requested in [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]]
# Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# [[File:JumboxSetup Step6 1.png|right]] Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Associate Floating IP" <div style="clear: both"></div>
# [[File:JumboxSetup Step6 2.png|right]] Select the floating IP Address you requested and it will be assigned to the network interface & IP address of the jumpbox on the created jumpbox LAN <div style="clear: both"></div>
What is step does sets up [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] though the router created in [[YoloColo:Jumpbox#“Jumpbox”_LAN_-_Router|“Jumpbox” LAN - Router/Gateway]] which also acts as the LAN NAT Gateway which enables internet access to your [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Retreive Instance Password ===
Due to issues with how to getting a password safely sent to the instance at setup time, OpenStack instead randomly generates the password and securely encrypts it with your public key setup in [[YoloColo:Jumpbox#Create_-_Windows_Instance|Create Instance - Step 8]], As previously noted if you have an issue with the private key, we will be unable to recover your password to access this Instance <div style="clear: both"></div>
# [[File:JumboxSetup Step7 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Retreive Password" <div style="clear: both"></div>
# [[File:JumboxSetup Step7 2.png|right]] Upload or Copy/Paste your SSH Private key to decrypt your Password

----
<div style="clear: both"></div>
=== Connect Instance to your YoloColo Network ===
This will your Jumpbox Instance to access Network Services setup on your YoloColo LAN
# [[File:JumboxSetup Step8 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Attach Interface" <div style="clear: both"></div>
# [[File:JumboxSetup Step8 2.png|right]] You can now set the IP address for the instance on the YoloColo Network, if you do not set "Fixed IP Address" one will be automatically set from the network defined from the network defined for your YoloColo LAN. If you do choice to set an IP Address do not use an IP Address below .10 as these are reserved for Openstack Services. <div style="clear: both"></div>
# [[File:JumboxSetup Step8 3.png|right]] You will now have two Networks available in your remote desktop, you may need to set the IP Address on this interface, if this is required, this must be the EXACT IP address as shown in the [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] for your yolocolo network <div style="clear: both"></div>

----
<div style="clear: both"></div>
= Summary =
If you have any issues with this article please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord]

File:JumboxSetup Step8 3.png

2025-01-11T04:19:51Z

Thefathacker:

JumboxSetup Step8 3

YoloColo:Jumpbox

2025-01-11T04:19:21Z

Thefathacker:

= Jumpbox Remote Access Setup =
This guide is to setup a bastion remote desktop server in order to access yolocolo services delivered by ZeroOne Technologies

Requirements:
<ul>
<li>A Brain to be able to follow documentation</li>
<li>Credentials to Access ZeroOne Tech OpenStack Tenant</li>
</ul>

== Setup Networking ==
First we must enable networking and request a public IP address to enable an internet routable VM on openstack

=== “Jumpbox” LAN ===
# [[File:JumboxSetup Step1 1.png|right|Setup LAN Step 1]] Open [https://cloud.zeroone.tech/horizon/project/networks/ Networks - OpenStack Dashboard (zeroone.tech)], You will have at least two networks listed. 1) Being Public and 2) being vlan1XXX. Public is the Public internet hosted by ZeroOne and vlan1XXX is your network local network for your yolo services. if vlan1XXX is not provisioned in your tenant please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord] <div style="clear: both"></div>
# [[File:JumboxSetup_Step1_2.png|right|Setup LAN Step 2]] We need to create a network for your “Jumpbox” using the “Create Network” option <div style="clear: both"></div>
# [[File:JumboxSetup Step1 3.png|right|Setup LAN Step 3]] Name your network (in this case I am using “jumpbox_net”, leaving all other values as default, then click “Next” <div style="clear: both"></div>
# [[File:JumboxSetup Step1 4.png|right|Setup LAN Step 4]] Define the IP Scope of this network, by giving it a name and address in CIDR Format. Leave IP Version Defaulted to IPv4 and Gateway Empty (This will be filled out by OpenStack), Then Click on next <div style="clear: both"></div>
# [[File:JumboxSetup Step1 5.png|right|Setup LAN Step 5]] On the subnet Details Page, Click create leaving all other details default <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== “Jumpbox” LAN - Router/Gateway ===
Setup Internet Gateway for “Jumpbox” LAN
# [[File:JumboxSetup Step2 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/routers/ Routers - OpenStack Dashboard (zeroone.tech)] and “Create Router” <div style="clear: both"></div>
# [[File:JumboxSetup Step2 2.png|right]] Name your router and set the External Network to “Public”, then click create. <div style="clear: both"></div>
# [[File:JumboxSetup Step2 3.png|right]] Open your router detail <div style="clear: both"></div>
# [[File:JumboxSetup Step2 4.png|right]] View Interfaces for your router and add an interface <div style="clear: both"></div>
# [[File:JumboxSetup Step2 5.png|right]] Select the subnet the Gateway is for, in this case the “jumpbox_subnet”, An IP address will assigned by openstack then click submit <div style="clear: both"></div>

This Gateway enables:
* LAN => WAN NAT to enable internet access from [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN]] connected instances
* WAN => LAN [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] to allow WAN connections made from WAN Addresses to Instances like [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] using a Floating IP Address as per [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]] and [[YoloColo:Jumpbox#Associate_Floating_IP|Associate Floating IP]] <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Security Group for remote access ===
# [[File:JumboxSetup Step3 1.png|right]] Now navigate to [https://cloud.zeroone.tech/horizon/project/security_groups/ Security Groups - OpenStack Dashboard (zeroone.tech)] and create a security group <div style="clear: both"></div>
# [[File:JumboxSetup Step3 2.png|right]] Give it a useful name, in this case it is to allow you to remotely access your “Jumphost” then create. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 3.png|right]] With the Security Group created we can now add rules, add a rule. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 4.png|right]] Set the rule type to RDP and enter the source IP of where you will be receiving RDP Requests. If you are unsure of what your IP Address in CIDR Format is you can use services such as [https://myip.wtf WTF is my IP?!?!?? / https://myip.wtf]. You can also use 0.0.0.0/0 but this would allow anyone to attempt to connect to your “Jumpbox” on RDP which can be a BadIdea™ , then “add”. Note if you intend to use a Linux Jumpbox, select SSH for the Rule instead <div style="clear: both"></div>

[[File:JumboxSetup Step3 5.png|right]] ''Note on Security Group Rules:'' Can had multiple and apply multiple to Compute Instances. As a result I will remove default rules from my Security Groups to allow for layering of rulesets. You will see this later, as a result my reset for allow-RDP looks like: <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Request a Floating (Public) IP for Jumpbox ===
# [[File:JumboxSetup Step4 1.png|right|File:JumboxSetup Step4 1.png]] Navigate to [https://cloud.zeroone.tech/horizon/project/floating_ips/ Floating IPs - OpenStack Dashboard (zeroone.tech)] and “Allocate IP to Project” <div style="clear: both"></div>
# [[File:JumboxSetup Step4 2.png|right]] Give the IP A description, then complete the allocation by then clicking “Allocate IP” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Networking Setup - Summary ===
This completes the Networking Required for Setting up to have a Jumpbox on ZeroOne Cloud to access Yolocolo Services you can see the network layout at Network Topology - OpenStack Dashboard (zeroone.tech)

----
<div style="clear: both"></div>
== Compute Instance Setup ==
This section covers the creation and access to a Windows VM to allow access to you YoloColo Network
=== Create - Windows Instance ===
# [[File:JumboxSetup Step5 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] and “Launch Instance” <div style="clear: both"></div>
# [[File:JumboxSetup Step5 2.png|right]] Name you Instance then click next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 3.png|right]] For Source, Change to Image, you can then search for Windows to show available Windows Server 2022 Standard Image which you can then select '''(DO NOT SELECT “vGPU edition” unless approved by Management for vGPU resource access)''', Volume Size will now be the minimum size to accept image. You can increase volume size, ''but not make smaller that Image''. Then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 4.png|right]] Set the “Flavor” or Size of the VM. In this case I am using a “z1.gs.small” as the Windows Image needs a Minimum RAM allocation of 4096MB, then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 5.png|right]] Allocate the Network we create for this in the [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN Setup]] instructions above to this instance. Then next. '''''NOTE:''''' ''Do not add you vlan1XXX network at this step, as it does not have internet access available and will resolute in this VM not being deployed correctly'' <div style="clear: both"></div>
# Skip Network Ports. No Changes required here <div style="clear: both"></div>
# [[File:JumboxSetup Step5 6.png|right]] Allocate the Security Group created in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] for Allowing RDP Connections to this device. ''You will see as per my comments in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] when creating the security group I have the “default” allow we traffic group then the second security group to “allow” RDP connections.'' Then Next. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 7.png|right]] We can now create the private key to secure the password for this machine, if you already have a private key, you can import it or otherwise we will create one now, click on “Create Key Pair”, give it a name and type of SSH '''(YOU MUST SAVE THIS KEY AS WE CANNNOT RECOVER IT AND WITHOUT IT YOU CANNNOT ACCESS THIS VM AND IT WILL NEED TO BE RECREATED)'''
## [[File:JumboxSetup Step5 8.png|right]] PLEASE NOTE: OpenStack and ZeroOne '''DO NOT''' store this private keys if you do not save it cannot be recovered, additionally if you do not store or share it appropriately we are not responsible for any unauthorized access to your instances. Treat your SSH keys like you would treat your password. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 9.png|right]] With the Key Pair defined we can now “Launch” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Wait ===
[[File:JumboxSetup Step5 9a.png|right]] We must wait for the Instance to complete building after we Launch as we the last step before continuing. This will take 5-10 minutes to complete, grab a coffee, tea, monster, beer, rum or other beverage of choice but to remember to drink and compute under the influence safely <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Associate Floating IP ===
We can then Allocate the Previously requested Floating IP we requested in [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]]
# Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# [[File:JumboxSetup Step6 1.png|right]] Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Associate Floating IP" <div style="clear: both"></div>
# [[File:JumboxSetup Step6 2.png|right]] Select the floating IP Address you requested and it will be assigned to the network interface & IP address of the jumpbox on the created jumpbox LAN <div style="clear: both"></div>
What is step does sets up [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] though the router created in [[YoloColo:Jumpbox#“Jumpbox”_LAN_-_Router|“Jumpbox” LAN - Router/Gateway]] which also acts as the LAN NAT Gateway which enables internet access to your [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Retreive Instance Password ===
Due to issues with how to getting a password safely sent to the instance at setup time, OpenStack instead randomly generates the password and securely encrypts it with your public key setup in [[YoloColo:Jumpbox#Create_-_Windows_Instance|Create Instance - Step 8]], As previously noted if you have an issue with the private key, we will be unable to recover your password to access this Instance <div style="clear: both"></div>
# [[File:JumboxSetup Step7 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Retreive Password" <div style="clear: both"></div>
# [[File:JumboxSetup Step7 2.png|right]] Upload or Copy/Paste your SSH Private key to decrypt your Password

----
<div style="clear: both"></div>
=== Connect Instance to your YoloColo Network ===
This will your Jumpbox Instance to access Network Services setup on your YoloColo LAN
# [[File:JumboxSetup Step8 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Attach Interface" <div style="clear: both"></div>
# [[File:JumboxSetup Step8 2.png|right]] You can now set the IP address for the instance on the YoloColo Network, if you do not set "Fixed IP Address" one will be automatically set from the network defined from the network defined for your YoloColo LAN. If you do choice to set an IP Address do not use an IP Address below .10 as these are reserved for Openstack Services. <div style="clear: both"></div>

You will now have two Networks available in your remote desktop

File:JumboxSetup Step8 2.png

2025-01-11T04:12:57Z

Thefathacker:

JumboxSetup Step8 2

File:JumboxSetup Step8 1.png

2025-01-11T04:11:15Z

Thefathacker:

JumboxSetup Step8 1

YoloColo:Jumpbox

2025-01-11T04:06:06Z

Thefathacker:

= Jumpbox Remote Access Setup =
This guide is to setup a bastion remote desktop server in order to access yolocolo services delivered by ZeroOne Technologies

Requirements:
<ul>
<li>A Brain to be able to follow documentation</li>
<li>Credentials to Access ZeroOne Tech OpenStack Tenant</li>
</ul>

== Setup Networking ==
First we must enable networking and request a public IP address to enable an internet routable VM on openstack

=== “Jumpbox” LAN ===
# [[File:JumboxSetup Step1 1.png|right|Setup LAN Step 1]] Open [https://cloud.zeroone.tech/horizon/project/networks/ Networks - OpenStack Dashboard (zeroone.tech)], You will have at least two networks listed. 1) Being Public and 2) being vlan1XXX. Public is the Public internet hosted by ZeroOne and vlan1XXX is your network local network for your yolo services. if vlan1XXX is not provisioned in your tenant please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord] <div style="clear: both"></div>
# [[File:JumboxSetup_Step1_2.png|right|Setup LAN Step 2]] We need to create a network for your “Jumpbox” using the “Create Network” option <div style="clear: both"></div>
# [[File:JumboxSetup Step1 3.png|right|Setup LAN Step 3]] Name your network (in this case I am using “jumpbox_net”, leaving all other values as default, then click “Next” <div style="clear: both"></div>
# [[File:JumboxSetup Step1 4.png|right|Setup LAN Step 4]] Define the IP Scope of this network, by giving it a name and address in CIDR Format. Leave IP Version Defaulted to IPv4 and Gateway Empty (This will be filled out by OpenStack), Then Click on next <div style="clear: both"></div>
# [[File:JumboxSetup Step1 5.png|right|Setup LAN Step 5]] On the subnet Details Page, Click create leaving all other details default <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== “Jumpbox” LAN - Router/Gateway ===
Setup Internet Gateway for “Jumpbox” LAN
# [[File:JumboxSetup Step2 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/routers/ Routers - OpenStack Dashboard (zeroone.tech)] and “Create Router” <div style="clear: both"></div>
# [[File:JumboxSetup Step2 2.png|right]] Name your router and set the External Network to “Public”, then click create. <div style="clear: both"></div>
# [[File:JumboxSetup Step2 3.png|right]] Open your router detail <div style="clear: both"></div>
# [[File:JumboxSetup Step2 4.png|right]] View Interfaces for your router and add an interface <div style="clear: both"></div>
# [[File:JumboxSetup Step2 5.png|right]] Select the subnet the Gateway is for, in this case the “jumpbox_subnet”, An IP address will assigned by openstack then click submit <div style="clear: both"></div>

This Gateway enables:
* LAN => WAN NAT to enable internet access from [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN]] connected instances
* WAN => LAN [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] to allow WAN connections made from WAN Addresses to Instances like [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] using a Floating IP Address as per [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]] and [[YoloColo:Jumpbox#Associate_Floating_IP|Associate Floating IP]] <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Security Group for remote access ===
# [[File:JumboxSetup Step3 1.png|right]] Now navigate to [https://cloud.zeroone.tech/horizon/project/security_groups/ Security Groups - OpenStack Dashboard (zeroone.tech)] and create a security group <div style="clear: both"></div>
# [[File:JumboxSetup Step3 2.png|right]] Give it a useful name, in this case it is to allow you to remotely access your “Jumphost” then create. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 3.png|right]] With the Security Group created we can now add rules, add a rule. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 4.png|right]] Set the rule type to RDP and enter the source IP of where you will be receiving RDP Requests. If you are unsure of what your IP Address in CIDR Format is you can use services such as [https://myip.wtf WTF is my IP?!?!?? / https://myip.wtf]. You can also use 0.0.0.0/0 but this would allow anyone to attempt to connect to your “Jumpbox” on RDP which can be a BadIdea™ , then “add”. Note if you intend to use a Linux Jumpbox, select SSH for the Rule instead <div style="clear: both"></div>

[[File:JumboxSetup Step3 5.png|right]] ''Note on Security Group Rules:'' Can had multiple and apply multiple to Compute Instances. As a result I will remove default rules from my Security Groups to allow for layering of rulesets. You will see this later, as a result my reset for allow-RDP looks like: <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Request a Floating (Public) IP for Jumpbox ===
# [[File:JumboxSetup Step4 1.png|right|File:JumboxSetup Step4 1.png]] Navigate to [https://cloud.zeroone.tech/horizon/project/floating_ips/ Floating IPs - OpenStack Dashboard (zeroone.tech)] and “Allocate IP to Project” <div style="clear: both"></div>
# [[File:JumboxSetup Step4 2.png|right]] Give the IP A description, then complete the allocation by then clicking “Allocate IP” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Networking Setup - Summary ===
This completes the Networking Required for Setting up to have a Jumpbox on ZeroOne Cloud to access Yolocolo Services you can see the network layout at Network Topology - OpenStack Dashboard (zeroone.tech)

----
<div style="clear: both"></div>
== Compute Instance Setup ==
This section covers the creation and access to a Windows VM to allow access to you YoloColo Network
=== Create - Windows Instance ===
# [[File:JumboxSetup Step5 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] and “Launch Instance” <div style="clear: both"></div>
# [[File:JumboxSetup Step5 2.png|right]] Name you Instance then click next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 3.png|right]] For Source, Change to Image, you can then search for Windows to show available Windows Server 2022 Standard Image which you can then select '''(DO NOT SELECT “vGPU edition” unless approved by Management for vGPU resource access)''', Volume Size will now be the minimum size to accept image. You can increase volume size, ''but not make smaller that Image''. Then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 4.png|right]] Set the “Flavor” or Size of the VM. In this case I am using a “z1.gs.small” as the Windows Image needs a Minimum RAM allocation of 4096MB, then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 5.png|right]] Allocate the Network we create for this in the [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN Setup]] instructions above to this instance. Then next. '''''NOTE:''''' ''Do not add you vlan1XXX network at this step, as it does not have internet access available and will resolute in this VM not being deployed correctly'' <div style="clear: both"></div>
# Skip Network Ports. No Changes required here <div style="clear: both"></div>
# [[File:JumboxSetup Step5 6.png|right]] Allocate the Security Group created in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] for Allowing RDP Connections to this device. ''You will see as per my comments in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] when creating the security group I have the “default” allow we traffic group then the second security group to “allow” RDP connections.'' Then Next. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 7.png|right]] We can now create the private key to secure the password for this machine, if you already have a private key, you can import it or otherwise we will create one now, click on “Create Key Pair”, give it a name and type of SSH '''(YOU MUST SAVE THIS KEY AS WE CANNNOT RECOVER IT AND WITHOUT IT YOU CANNNOT ACCESS THIS VM AND IT WILL NEED TO BE RECREATED)'''
## [[File:JumboxSetup Step5 8.png|right]] PLEASE NOTE: OpenStack and ZeroOne '''DO NOT''' store this private keys if you do not save it cannot be recovered, additionally if you do not store or share it appropriately we are not responsible for any unauthorized access to your instances. Treat your SSH keys like you would treat your password. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 9.png|right]] With the Key Pair defined we can now “Launch” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Wait ===
[[File:JumboxSetup Step5 9a.png|right]] We must wait for the Instance to complete building after we Launch as we the last step before continuing. This will take 5-10 minutes to complete, grab a coffee, tea, monster, beer, rum or other beverage of choice but to remember to drink and compute under the influence safely <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Associate Floating IP ===
We can then Allocate the Previously requested Floating IP we requested in [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]]
# Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# [[File:JumboxSetup Step6 1.png|right]] Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Associate Floating IP" <div style="clear: both"></div>
# [[File:JumboxSetup Step6 2.png|right]] Select the floating IP Address you requested and it will be assigned to the network interface & IP address of the jumpbox on the created jumpbox LAN <div style="clear: both"></div>
What is step does sets up [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] though the router created in [[YoloColo:Jumpbox#“Jumpbox”_LAN_-_Router|“Jumpbox” LAN - Router/Gateway]] which also acts as the LAN NAT Gateway which enables internet access to your [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Retreive Instance Password ===
Due to issues with how to getting a password safely sent to the instance at setup time, OpenStack instead randomly generates the password and securely encrypts it with your public key setup in [[YoloColo:Jumpbox#Create_-_Windows_Instance|Create Instance - Step 8]], As previously noted if you have an issue with the private key, we will be unable to recover your password to access this Instance <div style="clear: both"></div>
# [[File:JumboxSetup Step7 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Retreive Password" <div style="clear: both"></div>
# [[File:JumboxSetup Step7 2.png|right]] Upload or Copy/Paste your SSH Private key to decrypt your Password

13. Lastly we can attach the Instance to the YoloColo Network by using “Attach Interface”, when using the option you will have the option to set an IP Address for this instance, if you do not one will be assigned for you, but do not use an IP Address below .10 as these are reserved for Openstack Services.

You will now have two Networks available in your remote desktop

File:JumboxSetup Step7 2.png

2025-01-11T04:03:43Z

Thefathacker:

JumboxSetup Step7 2

File:JumboxSetup Step7 1.png

2025-01-11T04:01:09Z

Thefathacker:

JumboxSetup Step7 1

YoloColo:Jumpbox

2025-01-11T03:52:15Z

Thefathacker:

= Jumpbox Remote Access Setup =
This guide is to setup a bastion remote desktop server in order to access yolocolo services delivered by ZeroOne Technologies

Requirements:
<ul>
<li>A Brain to be able to follow documentation</li>
<li>Credentials to Access ZeroOne Tech OpenStack Tenant</li>
</ul>

== Setup Networking ==
First we must enable networking and request a public IP address to enable an internet routable VM on openstack

=== “Jumpbox” LAN ===
# [[File:JumboxSetup Step1 1.png|right|Setup LAN Step 1]] Open [https://cloud.zeroone.tech/horizon/project/networks/ Networks - OpenStack Dashboard (zeroone.tech)], You will have at least two networks listed. 1) Being Public and 2) being vlan1XXX. Public is the Public internet hosted by ZeroOne and vlan1XXX is your network local network for your yolo services. if vlan1XXX is not provisioned in your tenant please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord] <div style="clear: both"></div>
# [[File:JumboxSetup_Step1_2.png|right|Setup LAN Step 2]] We need to create a network for your “Jumpbox” using the “Create Network” option <div style="clear: both"></div>
# [[File:JumboxSetup Step1 3.png|right|Setup LAN Step 3]] Name your network (in this case I am using “jumpbox_net”, leaving all other values as default, then click “Next” <div style="clear: both"></div>
# [[File:JumboxSetup Step1 4.png|right|Setup LAN Step 4]] Define the IP Scope of this network, by giving it a name and address in CIDR Format. Leave IP Version Defaulted to IPv4 and Gateway Empty (This will be filled out by OpenStack), Then Click on next <div style="clear: both"></div>
# [[File:JumboxSetup Step1 5.png|right|Setup LAN Step 5]] On the subnet Details Page, Click create leaving all other details default <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== “Jumpbox” LAN - Router/Gateway ===
Setup Internet Gateway for “Jumpbox” LAN
# [[File:JumboxSetup Step2 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/routers/ Routers - OpenStack Dashboard (zeroone.tech)] and “Create Router” <div style="clear: both"></div>
# [[File:JumboxSetup Step2 2.png|right]] Name your router and set the External Network to “Public”, then click create. <div style="clear: both"></div>
# [[File:JumboxSetup Step2 3.png|right]] Open your router detail <div style="clear: both"></div>
# [[File:JumboxSetup Step2 4.png|right]] View Interfaces for your router and add an interface <div style="clear: both"></div>
# [[File:JumboxSetup Step2 5.png|right]] Select the subnet the Gateway is for, in this case the “jumpbox_subnet”, An IP address will assigned by openstack then click submit <div style="clear: both"></div>

This Gateway enables:
* LAN => WAN NAT to enable internet access from [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN]] connected instances
* WAN => LAN [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] to allow WAN connections made from WAN Addresses to Instances like [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] using a Floating IP Address as per [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]] and [[YoloColo:Jumpbox#Associate_Floating_IP|Associate Floating IP]] <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Security Group for remote access ===
# [[File:JumboxSetup Step3 1.png|right]] Now navigate to [https://cloud.zeroone.tech/horizon/project/security_groups/ Security Groups - OpenStack Dashboard (zeroone.tech)] and create a security group <div style="clear: both"></div>
# [[File:JumboxSetup Step3 2.png|right]] Give it a useful name, in this case it is to allow you to remotely access your “Jumphost” then create. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 3.png|right]] With the Security Group created we can now add rules, add a rule. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 4.png|right]] Set the rule type to RDP and enter the source IP of where you will be receiving RDP Requests. If you are unsure of what your IP Address in CIDR Format is you can use services such as [https://myip.wtf WTF is my IP?!?!?? / https://myip.wtf]. You can also use 0.0.0.0/0 but this would allow anyone to attempt to connect to your “Jumpbox” on RDP which can be a BadIdea™ , then “add”. Note if you intend to use a Linux Jumpbox, select SSH for the Rule instead <div style="clear: both"></div>

[[File:JumboxSetup Step3 5.png|right]] ''Note on Security Group Rules:'' Can had multiple and apply multiple to Compute Instances. As a result I will remove default rules from my Security Groups to allow for layering of rulesets. You will see this later, as a result my reset for allow-RDP looks like: <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Request a Floating (Public) IP for Jumpbox ===
# [[File:JumboxSetup Step4 1.png|right|File:JumboxSetup Step4 1.png]] Navigate to [https://cloud.zeroone.tech/horizon/project/floating_ips/ Floating IPs - OpenStack Dashboard (zeroone.tech)] and “Allocate IP to Project” <div style="clear: both"></div>
# [[File:JumboxSetup Step4 2.png|right]] Give the IP A description, then complete the allocation by then clicking “Allocate IP” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Networking Setup - Summary ===
This completes the Networking Required for Setting up to have a Jumpbox on ZeroOne Cloud to access Yolocolo Services you can see the network layout at Network Topology - OpenStack Dashboard (zeroone.tech)

----
<div style="clear: both"></div>
== Compute Instance Setup ==
This section covers the creation and access to a Windows VM to allow access to you YoloColo Network
=== Create - Windows Instance ===
# [[File:JumboxSetup Step5 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] and “Launch Instance” <div style="clear: both"></div>
# [[File:JumboxSetup Step5 2.png|right]] Name you Instance then click next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 3.png|right]] For Source, Change to Image, you can then search for Windows to show available Windows Server 2022 Standard Image which you can then select '''(DO NOT SELECT “vGPU edition” unless approved by Management for vGPU resource access)''', Volume Size will now be the minimum size to accept image. You can increase volume size, ''but not make smaller that Image''. Then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 4.png|right]] Set the “Flavor” or Size of the VM. In this case I am using a “z1.gs.small” as the Windows Image needs a Minimum RAM allocation of 4096MB, then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 5.png|right]] Allocate the Network we create for this in the [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN Setup]] instructions above to this instance. Then next. '''''NOTE:''''' ''Do not add you vlan1XXX network at this step, as it does not have internet access available and will resolute in this VM not being deployed correctly'' <div style="clear: both"></div>
# Skip Network Ports. No Changes required here <div style="clear: both"></div>
# [[File:JumboxSetup Step5 6.png|right]] Allocate the Security Group created in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] for Allowing RDP Connections to this device. ''You will see as per my comments in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] when creating the security group I have the “default” allow we traffic group then the second security group to “allow” RDP connections.'' Then Next. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 7.png|right]] We can now create the private key for this machine, if you already have a private key, you can import it or otherwise we will create one now, click on “Create Key Pair”, give it a name and type of SSH '''(YOU MUST SAVE THIS KEY AS WE CANNNOT RECOVER IT AND WITHOUT IT YOU CANNNOT ACCESS THIS VM AND IT WILL NEED TO BE RECREATED)'''
## [[File:JumboxSetup Step5 8.png|right]] PLEASE NOTE: OpenStack and ZeroOne '''DO NOT''' store this private keys if you do not save it cannot be recovered, additionally if you do not store or share it appropriately we are not responsible for any unauthorized access to your instances. Treat your SSH keys like you would treat your password. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 9.png|right]] With the Key Pair defined we can now “Launch” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Wait ===
[[File:JumboxSetup Step5 9a.png|right]] We must wait for the Instance to complete building after we Launch as we the last step before continuing. This will take 5-10 minutes to complete, grab a coffee, tea, monster, beer, rum or other beverage of choice but to remember to drink and compute under the influence safely <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Associate Floating IP ===
We can then Allocate the Previously requested Floating IP we requested in [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]]
# Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# [[File:JumboxSetup Step6 1.png|right]] Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Associate Floating IP" <div style="clear: both"></div>
# [[File:JumboxSetup Step6 2.png|right]] Select the floating IP Address you requested and it will be assigned to the network interface & IP address of the jumpbox on the created jumpbox LAN <div style="clear: both"></div>
What is step does sets up [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] though the router created in [[YoloColo:Jumpbox#“Jumpbox”_LAN_-_Router|“Jumpbox” LAN - Router/Gateway]] which also acts as the LAN NAT Gateway which enables internet access to your [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]]

11. Retrieve the Password, you will be then prompted for the previously generated SSH key. As previously noted if you have an issue with the private key, we will be unable to recover your password to access this Instance

12. After Approx 5 minutes Instance should then be available to remote access using the windows remote desktop client with the username Administrator and the password decrypted above

13. Lastly we can attach the Instance to the YoloColo Network by using “Attach Interface”, when using the option you will have the option to set an IP Address for this instance, if you do not one will be assigned for you, but do not use an IP Address below .10 as these are reserved for Openstack Services.

You will now have two Networks available in your remote desktop

YoloColo:Jumpbox

2025-01-11T03:49:58Z

Thefathacker:

= Jumpbox Remote Access Setup =
This guide is to setup a bastion remote desktop server in order to access yolocolo services delivered by ZeroOne Technologies

Requirements:
<ul>
<li>A Brain to be able to follow documentation</li>
<li>Credentials to Access ZeroOne Tech OpenStack Tenant</li>
</ul>

== Setup Networking ==
First we must enable networking and request a public IP address to enable an internet routable VM on openstack

=== “Jumpbox” LAN ===
# [[File:JumboxSetup Step1 1.png|right|Setup LAN Step 1]] Open [https://cloud.zeroone.tech/horizon/project/networks/ Networks - OpenStack Dashboard (zeroone.tech)], You will have at least two networks listed. 1) Being Public and 2) being vlan1XXX. Public is the Public internet hosted by ZeroOne and vlan1XXX is your network local network for your yolo services. if vlan1XXX is not provisioned in your tenant please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord] <div style="clear: both"></div>
# [[File:JumboxSetup_Step1_2.png|right|Setup LAN Step 2]] We need to create a network for your “Jumpbox” using the “Create Network” option <div style="clear: both"></div>
# [[File:JumboxSetup Step1 3.png|right|Setup LAN Step 3]] Name your network (in this case I am using “jumpbox_net”, leaving all other values as default, then click “Next” <div style="clear: both"></div>
# [[File:JumboxSetup Step1 4.png|right|Setup LAN Step 4]] Define the IP Scope of this network, by giving it a name and address in CIDR Format. Leave IP Version Defaulted to IPv4 and Gateway Empty (This will be filled out by OpenStack), Then Click on next <div style="clear: both"></div>
# [[File:JumboxSetup Step1 5.png|right|Setup LAN Step 5]] On the subnet Details Page, Click create leaving all other details default <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== “Jumpbox” LAN - Router/Gateway ===
Setup Internet Gateway for “Jumpbox” LAN
# [[File:JumboxSetup Step2 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/routers/ Routers - OpenStack Dashboard (zeroone.tech)] and “Create Router” <div style="clear: both"></div>
# [[File:JumboxSetup Step2 2.png|right]] Name your router and set the External Network to “Public”, then click create. <div style="clear: both"></div>
# [[File:JumboxSetup Step2 3.png|right]] Open your router detail <div style="clear: both"></div>
# [[File:JumboxSetup Step2 4.png|right]] View Interfaces for your router and add an interface <div style="clear: both"></div>
# [[File:JumboxSetup Step2 5.png|right]] Select the subnet the Gateway is for, in this case the “jumpbox_subnet”, An IP address will assigned by openstack then click submit <div style="clear: both"></div>

This Gateway enables:
* LAN => WAN NAT to enable internet access from [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN]]
* WAN => LAN [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] to allow WAN connections made from WAN Addresses to Instances just as [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] using a Floating IP Address as per [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]] and [[YoloColo:Jumpbox#Associate_Floating_IP|Associate Floating IP]] <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Security Group for remote access ===
# [[File:JumboxSetup Step3 1.png|right]] Now navigate to [https://cloud.zeroone.tech/horizon/project/security_groups/ Security Groups - OpenStack Dashboard (zeroone.tech)] and create a security group <div style="clear: both"></div>
# [[File:JumboxSetup Step3 2.png|right]] Give it a useful name, in this case it is to allow you to remotely access your “Jumphost” then create. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 3.png|right]] With the Security Group created we can now add rules, add a rule. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 4.png|right]] Set the rule type to RDP and enter the source IP of where you will be receiving RDP Requests. If you are unsure of what your IP Address in CIDR Format is you can use services such as [https://myip.wtf WTF is my IP?!?!?? / https://myip.wtf]. You can also use 0.0.0.0/0 but this would allow anyone to attempt to connect to your “Jumpbox” on RDP which can be a BadIdea™ , then “add”. Note if you intend to use a Linux Jumpbox, select SSH for the Rule instead <div style="clear: both"></div>

[[File:JumboxSetup Step3 5.png|right]] ''Note on Security Group Rules:'' Can had multiple and apply multiple to Compute Instances. As a result I will remove default rules from my Security Groups to allow for layering of rulesets. You will see this later, as a result my reset for allow-RDP looks like: <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Request a Floating (Public) IP for Jumpbox ===
# [[File:JumboxSetup Step4 1.png|right|File:JumboxSetup Step4 1.png]] Navigate to [https://cloud.zeroone.tech/horizon/project/floating_ips/ Floating IPs - OpenStack Dashboard (zeroone.tech)] and “Allocate IP to Project” <div style="clear: both"></div>
# [[File:JumboxSetup Step4 2.png|right]] Give the IP A description, then complete the allocation by then clicking “Allocate IP” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Networking Setup - Summary ===
This completes the Networking Required for Setting up to have a Jumpbox on ZeroOne Cloud to access Yolocolo Services you can see the network layout at Network Topology - OpenStack Dashboard (zeroone.tech)

----
<div style="clear: both"></div>
== Compute Instance Setup ==
This section covers the creation and access to a Windows VM to allow access to you YoloColo Network
=== Create - Windows Instance ===
# [[File:JumboxSetup Step5 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] and “Launch Instance” <div style="clear: both"></div>
# [[File:JumboxSetup Step5 2.png|right]] Name you Instance then click next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 3.png|right]] For Source, Change to Image, you can then search for Windows to show available Windows Server 2022 Standard Image which you can then select '''(DO NOT SELECT “vGPU edition” unless approved by Management for vGPU resource access)''', Volume Size will now be the minimum size to accept image. You can increase volume size, ''but not make smaller that Image''. Then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 4.png|right]] Set the “Flavor” or Size of the VM. In this case I am using a “z1.gs.small” as the Windows Image needs a Minimum RAM allocation of 4096MB, then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 5.png|right]] Allocate the Network we create for this in the [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN Setup]] instructions above to this instance. Then next. '''''NOTE:''''' ''Do not add you vlan1XXX network at this step, as it does not have internet access available and will resolute in this VM not being deployed correctly'' <div style="clear: both"></div>
# Skip Network Ports. No Changes required here <div style="clear: both"></div>
# [[File:JumboxSetup Step5 6.png|right]] Allocate the Security Group created in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] for Allowing RDP Connections to this device. ''You will see as per my comments in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] when creating the security group I have the “default” allow we traffic group then the second security group to “allow” RDP connections.'' Then Next. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 7.png|right]] We can now create the private key for this machine, if you already have a private key, you can import it or otherwise we will create one now, click on “Create Key Pair”, give it a name and type of SSH '''(YOU MUST SAVE THIS KEY AS WE CANNNOT RECOVER IT AND WITHOUT IT YOU CANNNOT ACCESS THIS VM AND IT WILL NEED TO BE RECREATED)'''
## [[File:JumboxSetup Step5 8.png|right]] PLEASE NOTE: OpenStack and ZeroOne '''DO NOT''' store this private key if you do not save it cannot be recovered, additionally if you do not store or share it appropriately we are not responsible for any unauthorized access to your instances. Treat your SSH keys like you would treat your password. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 9.png|right]] With the Key Pair defined we can now “Launch” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Wait ===
[[File:JumboxSetup Step5 9a.png|right]] We must wait for the Instance to complete building after we Launch as we the last step before continuing. This will take 5-10 minutes to complete, grab a coffee, tea, monster, beer, rum or other beverage of choice but to remember to drink and compute under the influence safely <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Associate Floating IP ===
We can then Allocate the Previously requested Floating IP we requested in [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]]
# Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# [[File:JumboxSetup Step6 1.png|right]] Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Associate Floating IP" <div style="clear: both"></div>
# [[File:JumboxSetup Step6 2.png|right]] Select the floating IP Address you requested and it will be assigned to the network interface & IP address of the jumpbox on the created jumpbox LAN <div style="clear: both"></div>
What is step does sets up [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] though the router created in [[YoloColo:Jumpbox#“Jumpbox”_LAN_-_Router|“Jumpbox” LAN - Router/Gateway]] which also acts as the LAN NAT Gateway which enables internet access to your [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]]

11. Retrieve the Password, you will be then prompted for the previously generated SSH key. As previously noted if you have an issue with the private key, we will be unable to recover your password to access this Instance

12. After Approx 5 minutes Instance should then be available to remote access using the windows remote desktop client with the username Administrator and the password decrypted above

13. Lastly we can attach the Instance to the YoloColo Network by using “Attach Interface”, when using the option you will have the option to set an IP Address for this instance, if you do not one will be assigned for you, but do not use an IP Address below .10 as these are reserved for Openstack Services.

You will now have two Networks available in your remote desktop

YoloColo:Jumpbox

2025-01-11T03:44:00Z

Thefathacker:

= Jumpbox Remote Access Setup =
This guide is to setup a bastion remote desktop server in order to access yolocolo services delivered by ZeroOne Technologies

Requirements:
<ul>
<li>A Brain to be able to follow documentation</li>
<li>Credentials to Access ZeroOne Tech OpenStack Tenant</li>
</ul>

== Setup Networking ==
First we must enable networking and request a public IP address to enable an internet routable VM on openstack

=== “Jumpbox” LAN ===
# [[File:JumboxSetup Step1 1.png|right|Setup LAN Step 1]] Open [https://cloud.zeroone.tech/horizon/project/networks/ Networks - OpenStack Dashboard (zeroone.tech)], You will have at least two networks listed. 1) Being Public and 2) being vlan1XXX. Public is the Public internet hosted by ZeroOne and vlan1XXX is your network local network for your yolo services. if vlan1XXX is not provisioned in your tenant please contact ZeroOne Support using [https://discord.com/channels/1043367431193768006/1043372530666319912 #chat-suport on ZWS Discord] <div style="clear: both"></div>
# [[File:JumboxSetup_Step1_2.png|right|Setup LAN Step 2]] We need to create a network for your “Jumpbox” using the “Create Network” option <div style="clear: both"></div>
# [[File:JumboxSetup Step1 3.png|right|Setup LAN Step 3]] Name your network (in this case I am using “jumpbox_net”, leaving all other values as default, then click “Next” <div style="clear: both"></div>
# [[File:JumboxSetup Step1 4.png|right|Setup LAN Step 4]] Define the IP Scope of this network, by giving it a name and address in CIDR Format. Leave IP Version Defaulted to IPv4 and Gateway Empty (This will be filled out by OpenStack), Then Click on next <div style="clear: both"></div>
# [[File:JumboxSetup Step1 5.png|right|Setup LAN Step 5]] On the subnet Details Page, Click create leaving all other details default <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== “Jumpbox” LAN - Router/Gateway ===
Setup Internet Gateway for “Jumpbox” LAN
# [[File:JumboxSetup Step2 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/routers/ Routers - OpenStack Dashboard (zeroone.tech)] and “Create Router” <div style="clear: both"></div>
# [[File:JumboxSetup Step2 2.png|right]] Name your router and set the External Network to “Public”, then click create. <div style="clear: both"></div>
# [[File:JumboxSetup Step2 3.png|right]] Open your router detail <div style="clear: both"></div>
# [[File:JumboxSetup Step2 4.png|right]] View Interfaces for your router and add an interface <div style="clear: both"></div>
# [[File:JumboxSetup Step2 5.png|right]] Select the subnet the Gateway is for, in this case the “jumpbox_subnet”, An IP address will assigned by openstack then click submit <div style="clear: both"></div>

This Gateway enables:
* LAN => WAN NAT to enable internet access from [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN]]
* WAN => LAN [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] to allow WAN connections made from WAN Addresses to Instances just as [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] using a Floating IP Address as per [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]] and [[YoloColo:Jumpbox#Associate_Floating_IP|Associate Floating IP]] <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Security Group for remote access ===
# [[File:JumboxSetup Step3 1.png|right]] Now navigate to [https://cloud.zeroone.tech/horizon/project/security_groups/ Security Groups - OpenStack Dashboard (zeroone.tech)] and create a security group <div style="clear: both"></div>
# [[File:JumboxSetup Step3 2.png|right]] Give it a useful name, in this case it is to allow you to remotely access your “Jumphost” then create. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 3.png|right]] With the Security Group created we can now add rules, add a rule. <div style="clear: both"></div>
# [[File:JumboxSetup Step3 4.png|right]] Set the rule type to RDP and enter the source IP of where you will be receiving RDP Requests. If you are unsure of what your IP Address in CIDR Format is you can use services such as [https://myip.wtf WTF is my IP?!?!?? / https://myip.wtf]. You can also use 0.0.0.0/0 but this would allow anyone to attempt to connect to your “Jumpbox” on RDP which can be a BadIdea™ , then “add”. Note if you intend to use a Linux Jumpbox, select SSH for the Rule instead <div style="clear: both"></div>

[[File:JumboxSetup Step3 5.png|right]] ''Note on Security Group Rules:'' Can had multiple and apply multiple to Compute Instances. As a result I will remove default rules from my Security Groups to allow for layering of rulesets. You will see this later, as a result my reset for allow-RDP looks like: <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Request a Floating (Public) IP for Jumpbox ===
# [[File:JumboxSetup Step4 1.png|right|File:JumboxSetup Step4 1.png]] Navigate to [https://cloud.zeroone.tech/horizon/project/floating_ips/ Floating IPs - OpenStack Dashboard (zeroone.tech)] and “Allocate IP to Project” <div style="clear: both"></div>
# [[File:JumboxSetup Step4 2.png|right]] Give the IP A description, then complete the allocation by then clicking “Allocate IP” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Networking Setup - Summary ===
This completes the Networking Required for Setting up to have a Jumpbox on ZeroOne Cloud to access Yolocolo Services you can see the network layout at Network Topology - OpenStack Dashboard (zeroone.tech)

----
<div style="clear: both"></div>
== Compute Instance Setup ==
This section covers the creation and access to a Windows VM to allow access to you YoloColo Network
=== Create - Windows Instance ===
# [[File:JumboxSetup Step5 1.png|right]] Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)] and “Launch Instance” <div style="clear: both"></div>
# [[File:JumboxSetup Step5 2.png|right]] Name you Instance then click next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 3.png|right]] For Source, Change to Image, you can then search for Windows to show available Windows Server 2022 Standard Image which you can then select '''(DO NOT SELECT “vGPU edition” unless approved by Management for vGPU resource access)''', Volume Size will now be the minimum size to accept image. You can increase volume size, ''but not make smaller that Image''. Then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 4.png|right]] Set the “Flavor” or Size of the VM. In this case I am using a “z1.gs.small” as the Windows Image needs a Minimum RAM allocation of 4096MB, then next <div style="clear: both"></div>
# [[File:JumboxSetup Step5 5.png|right]] Allocate the Network we create for this in the [[YoloColo:Jumpbox#“Jumpbox”_LAN|“Jumpbox” LAN Setup]] instructions above to this instance. Then next. '''''NOTE:''''' ''Do not add you vlan1XXX network at this step, as it does not have internet access available and will resolute in this VM not being deployed correctly'' <div style="clear: both"></div>
# Skip Network Ports. No Changes required here <div style="clear: both"></div>
# [[File:JumboxSetup Step5 6.png|right]] Allocate the Security Group created in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] for Allowing RDP Connections to this device. ''You will see as per my comments in [[YoloColo:Jumpbox#Security_Group_for_remote_access|Security Group for remote access]] when creating the security group I have the “default” allow we traffic group then the second security group to “allow” RDP connections.'' Then Next. <div style="clear: both"></div>
# [[File:JumboxSetup Step5 7.png|right]] We can now create the private key for this machine, if you already have a private key, you can import it or otherwise we will create one now, click on “Create Key Pair”, give it a name and type of SSH '''(YOU MUST SAVE THIS KEY AS WE CANNNOT RECOVER IT AND WITHOUT IT YOU CANNNOT ACCESS THIS VM AND IT WILL NEED TO BE RECREATED)''' [[File:JumboxSetup Step5 8.png|right]] <div style="clear: both"></div>
# [[File:JumboxSetup Step5 9.png|right]] With the Key Pair defined we can now “Launch” <div style="clear: both"></div>

----
<div style="clear: both"></div>
=== Wait ===
[[File:JumboxSetup Step5 9a.png|right]] We must wait for the Instance to complete building after we Launch as we the last step before continuing. This will take 5-10 minutes to complete, grab a coffee, tea, monster, beer, rum or other beverage of choice but to remember to drink and compute under the influence safely <div style="clear: both"></div>
----
<div style="clear: both"></div>
=== Associate Floating IP ===
We can then Allocate the Previously requested Floating IP we requested in [[YoloColo:Jumpbox#Request_a_Floating_(Public)_IP_for_Jumpbox|Request a Floating (Public) IP for Jumpbox]]
# Navigate to [https://cloud.zeroone.tech/horizon/project/instances/ Instances - OpenStack Dashboard (zeroone.tech)]
# [[File:JumboxSetup Step6 1.png|right]] Click on the options dropdown on the line for your created [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]] and select "Associate Floating IP" <div style="clear: both"></div>
# [[File:JumboxSetup Step6 2.png|right]] Select the floating IP Address you requested and it will be assigned to the network interface & IP address of the jumpbox on the created jumpbox LAN <div style="clear: both"></div>
What is step does sets up [https://www.techtarget.com/searchnetworking/definition/Port-Address-Translation-PAT Port Address Translation (PAT)] though the router created in [[YoloColo:Jumpbox#“Jumpbox”_LAN_-_Router|“Jumpbox” LAN - Router/Gateway]] which also acts as the LAN NAT Gateway which enables internet access to your [[YoloColo:Jumpbox#Create_-_Windows_Instance|Jumpbox Instance]]

11. Retrieve the Password, you will be then prompted for the previously generated SSH key. As previously noted if you have an issue with the private key, we will be unable to recover your password to access this Instance

12. After Approx 5 minutes Instance should then be available to remote access using the windows remote desktop client with the username Administrator and the password decrypted above

13. Lastly we can attach the Instance to the YoloColo Network by using “Attach Interface”, when using the option you will have the option to set an IP Address for this instance, if you do not one will be assigned for you, but do not use an IP Address below .10 as these are reserved for Openstack Services.

You will now have two Networks available in your remote desktop

File:JumboxSetup Step6 2.png

2025-01-11T03:31:31Z

Thefathacker:

JumboxSetup Step6 2

File:JumboxSetup Step6 1.png

2025-01-11T03:29:53Z

Thefathacker:

JumboxSetup Step6 1

File:JumboxSetup Step5 9a.png

2025-01-11T03:21:32Z

Thefathacker:

JumboxSetup Step5 9a

File:JumboxSetup Step5 9.png

2025-01-11T03:16:05Z

Thefathacker:

JumboxSetup Step5 9

File:JumboxSetup Step5 8.png

2025-01-11T03:14:10Z

Thefathacker:

JumboxSetup Step5 8

File:JumboxSetup Step5 7.png

2025-01-11T03:12:49Z

Thefathacker:

JumboxSetup Step5 7

YoloColo:Jumpbox

2025-01-11T03:08:37Z

Thefathacker:

YoloColo:Jumpbox

2025-01-11T03:07:58Z

Thefathacker:

YoloColo:Jumpbox

2025-01-11T03:07:06Z

Thefathacker: