Research Virtual Machine Service

Getting Started

Requesting Your Virtual Machine (VM)

To request a VM, please complete the Research Virtual Machine Request Form.

Assessment/Limited Resources

  • Contributing research groups will be allocated VMs equivalent to contributed funds.
  • Free-at-the-point-of-use resources for this service are very limited: for those groups which have not contributed, there may be sufficient capacity to offer a low-specification VM at no charge. The amount of resource available is dependent on the allocations made to contributing groups and the resources requested (including length of time for which you wish to run the VM).
  • An assessment will be made of each request for a VM to ensure that there is not an existing service (e.g, Web farm) which can fulfil the requirements.

Available Operating Systems. Installing your VM.

  • A standard image, based on Scientific Linux or Ubuntu, can be installed for you. Please contact us for the versions available – we update the default version of our images.
  • Otherwise, a member of IT Staff may be able to install another Linux distribution/image for you by using the VMware console. (Only IT staff are permitted access to the VMware console.)
  • A MS Windows installation may be available — please ask for details.
  • For licensing reasons, OS-X is not available.

Who administers the VM? Can I have root/admin access?

VMs are administered by a nominated member of the requesting research group, who will have root/admin access. If your school or group has local IT staff that can do the VM administration (and they agree to your request to do so) they may be named as the VM admin.

All VMs must have a system administrator nominated by the VM owner.

How do I access my VM once it is installed?

Access to the VM is via SSH (Linux) or RDP (MS Windows). Account details will be supplied.

VM Firewall

As supplied, the Scientific Linux image will have a strong firewall implemented. SSH access will be possible only from a small number of agreed IP addresses, which should be those used by the nominated system administrator(s).

The system administrator can customise the firewall to allow access on ports required for the intended service, e.g., port 80 for HTTP.

It is very strongly recommended that a strong firewall is maintained.

Logging in for the First Time

If your VM is installed by us with the standard Scientific Linux image, it will not be possible to login directly as root; you must login by using your IT Services username and password.

As indicated in the previous section, you will be able to login only from the IP address(es) agreed.

Administering your VM

VMs are administered remotely via SSH. Your nominated system administrator will have root access. Please note: the Research Infrastructure team do not act as system administrators for your VM. We do not have an account on the VM. The root password should be changed by your system administrator to something private.

VMWare console access is permitted to IT staff only.

Securing your VM

You are required to ensure that your VM is patched in a timely manner and is secured, by means of a firewall and any other appropriate measures. It is strongly recommended that you restrict who can login to your VM by using the AllowUsers field in your SSH daemon configuration. For example, setting

AllowUsers mabcpqr2 mxyzmno2 

in /etc/ssh/sshd_config and restarting the SSH daemon will restrict access to the two usernames. There may be additional usernames already in the list so that members of Research IT can access the VM. The above example relies on the VM’s firewall controlling where access is permitted from – the AllocUsers controls who can log in.

If your firewall is not very restrictive (not recommended) then you can restricted where users can log in from via the AllowUsers line. For example:

AllowUsers mabcpqr2@130.88.0.0/16 mabcpqr2@10.99.0.0/16 mxyzmno2@130.88.0.0/16 mxyzmno2@10.99.0.0/16

in /etc/ssh/sshd_config and restarting the SSH daemon will allow only those two users to login via SSH, and only from on campus. But it is better to restrict where logins are permitted from using the firewall and use only usernames in the AllowUsers line.

Getting the Root Password

If your VM is installed by us with one of our standard linux images then you will be given root access to your VM the sudo mechanism.

Please note:The Research Infrastructure team do not have an account on your VM and do not have root (administrator) access. Your nominated system administrator must look after the VM.

Getting the DNS Entries in Place

To obtain an appropriate DNS alias for your VM (e.g., myservice.domain.manchester.ac.uk), please contact the IT Support Centre

Last modified on August 10, 2022 at 8:09 am by Chris Heeley