Connect via SSH to a rack
- Bruno Chauvet (Unlicensed)
- Arnaud Lachaume (Unlicensed)
This article explains how to access the servers deployed by Nex!™. Depending on the setup of your environment (e.g. private infrastructure with VPN access) you may need to adapt these steps.
1 - SSH Access using the Nex!™ CLI (preferred)
Nex!™ comes with Command Line Interface (CLI) which can be obtained through rubygems. After installing ruby on your machine download the nex_client by running:
gem install nex_client
API Key
You need to get an API key to use the nex-cli. This API will usually be obtained by visiting the URL of the Nex!™ orchestrator.
You can then list all the servers (racks) used by Nex!™ by running:
nex-cli racks
And then SSH to one of them by running:
nex-cli racks:ssh < ip address | e.g. '10.0.1.15' >
VPN / Private environment
Note that depending on your infrastructure setup you may need to activate a VPN connection or first jump onto a jumpbox to access the private Nex!™ environment.
2 - SSH Access using plain SSH
The Nex!™ are likely to deployed inside a virtual private cloud or private on-premise environment. If you are trying to access a Nex!™ server using plain SSH you will certain to either activate a VPN connection or SSH through a jumpbox.
What you need:
- A user on the destination box. If you are using the nex-cli and have obtained your API key a user should have been created for you. Nex!™ is currently linked to Github for SSO and using your Github handle as a user name for SSH. Otherwise you can use the box "root" user for administrative access (e.g. ubuntu user on when using AWS and Ubuntu images)
- Your SSH private key. If you are using the nex-cli then a SSH private key will be generated for you and you should use the nex-cli for SSHing. If you are SSHing using the root user (e.g. ubuntu) then you should have the private key of this user with you.
- The private IP address of the server you want to reach
- (optional) the public IP address of the jumpbox if applicable
2.1 - Using a VPN and a direct connection to the rack
This step assumes that the Nex!™ environment is directly accessible after enabling your VPN connection.
# Configuration IP_ADDRESS=10.0.1.15 # IP address of the rack you want to login to SSH_USER=myuser # user to use to remotely login to the rack SSH_KEY=/home/myuser/.ssh/id_rsa # path to your SSH private key # SSH Command ssh -i $SSH_KEY -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no $SSH_USER@$IP_ADDRESS
2.2 - Using an indirect connection through a jumpbox
This step assumes that your are accessing the Nex!™ environment through a jumpbox.
# Configuration
IP_ADDRESS=10.0.1.15 # IP address of the rack you want to login to
SSH_USER=myuser # user to use to remotely login to the rack
SSH_KEY=/home/myuser/.ssh/id_rsa # path to your SSH private key
JUMP_IP=54.1.1.1 # "publicly" accessible IP address of the jumpbox
JUMP_USER=myuser # user to use on the jumpbox
JUMP_KEY=/home/myuser/.ssh/id_rsa # key associated with the jumpbox user
# SSH Command
ssh -i $SSH_KEY \
-o UserKnownHostsFile=/dev/null \
-o StrictHostKeyChecking=no \
-o "ProxyCommand ssh -W %h:%p -i ${JUMP_KEY} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no ${JUMP_USER}@${JUMP_IP}" \
$SSH_USER@$IP_ADDRESS
3 - SSH Access through the Nex!™ console
The Nex!™ orchestrator uses SSH commands to configure and interact with the racks it manages (routing, compute, storage etc.). Therefore it is possible to run SSH commands to the Nex!™ racks directly from the Nex!™ console.
Login to one of the Nex!™ machines and enter the console
cd /app/nex/current bundle exec rails c < environment | e.g 'production' >
Select a rack and perform SSH commands
# Find compute rack by ip address
rack = ComputeRack.find_by(private_ip_address: '10.0.1.15')
# Perform SSH command
rack.ssh("ls -al /tmp")
rack.ssh("sudo docker ps")
# SSH command with pretty output (console style)
puts rack.ssh("ls -al /tmp")[:stdout]