Cloud@VirtualData user documentation

Foreword

This documentation is a compilation of basic command line, recommendations and best practices based on our long term knowledge about using cloud infrastructure. This documentation is not exhaustive, it's not its goal. Cloud@VirtualData is a part of VirtualData offer in partnership with Mésocentre Paris-Saclay.

Cloud@VirtualData services

Virtual machine:

Cloud@VirtualData provide to user ability to create a virtual machine (hereinafter referred to as "VM") onto VirtualData hardware. System disk image (/dev/vda) is directly store into the compute hardware and is not backup. In case of hardware failure, VirtualData not provide any support of recovering data lose.

Users are responsible to operate their own VMs, this includes installing software, backuping data, updating the system to all security update available. Users are also responsible to all security incident linked to their virtual machine.

Volume:

Cloud@VirtualData provide to user ability to create a persistent data storage called volume. This volume is store on a dedicated storage infrastructure based on Ceph, this infrastructure is resilient to hardware failure and provide a highly available access to data.

VirtualData storage infrastructure is not backup and VirtualData do not provide any restore services for Users.

Users are responsible to manage their own data, this includes taking care of data encryption, data backup and managing access right.

Network:

Cloud@VirtualData allow user to use a public IP address for VM. Cloud@VirtualData is responsible to providing internet access according to following "Term of Use".

Users are responsible to network security of their VMs, this includes taking care of opening network port, managing name service (DNS), respond to every security incident involved.

Terms of Use

Last update: April 27th, 2024

  1. Purpose

    These General Terms of Use govern the use of services provided by IJCLab (hereinafter referred to as "the service" or "the services"). They complement the charters to which we are subject (CNRS Information Systems Security Charter, Renater Charter and Université Paris Saclay Charter), compliance with which is a prerequisite for any use of the services. By using the services, the user (hereinafter referred to as "the user" or "users") acknowledges having read and accepted these General Terms of Use (hereinafter referred to as "the Terms of Use"). The applicable Terms of Use are those accessible online on the day of connection by the users.

    IJCLab reserves the right to modify the Terms of Use at any time to adapt them to legislative and regulatory developments or to new features of the services that may be offered to users, by publishing a new version. The last update date of the Terms of Use is indicated on the first line of this document. These Terms of Use are supplemented by the following specific conditions, which prevail over the general conditions in the event of any inconsistency.

  2. Definitions

    Service:

    Service provided to users by the IJCLab / CNRS / Université Paris Saclay as describe in Cloud@VirtualData.

    User:

    Natural person using the computer resources and services provided by the IJCLab / CNRS / Université Paris Saclay, regardless of their status.

    Service Provider:

    IJCLab / CNRS / Université Paris Saclay
    Bâtiment 200 – Rue Ampère
    BP 34 – 91898 Orsay cedex – France

    Hosting Provider:

    IJCLab / CNRS / Université Paris Saclay
    Bâtiment 200 – Rue Ampère
    BP 34 – 91898 Orsay cedex – France

  3. Intellectual Property Rights

    All data contained in the services, including but not limited to, the graphic charter, texts, logos, are protected by legal provisions relating to intellectual property rights. Any reproduction, even partial, of the contents of the services is subject to prior authorization.

  4. Conditions of Access to Services Provided by the Supplier

    The creation of a user account is a prerequisite for using the services, unless otherwise specified in the specific conditions below. The data required for creating the user account are detailed during their collection. The user account is associated with a single email address. The user guarantees that the declared data are sincere, complete, and up to date, and that the email address associated with the user account is regularly checked. It is prohibited to request the creation of an account under the identity of a third party. The user is solely responsible for the confidentiality of the identifiers (login and password) allowing him to use his account and is prohibited from communicating them to anyone. Any use of his user account made using his personal identifiers is presumed to have been made by the user.

  5. Service Offerings

    • Services are available 7 days a week and 24 hours a day except in the event of a blocking incident. A blocking incident represents the total impossibility of using a service. The provider undertakes to work on the incident within a period of 4 hours during business hours (8 a.m. to 6 p.m. (CET/CEST), Monday to Friday, excluding French public holidays);
    • The services are currently hosted within a single CNRS/Université Paris Saclay service center, VirtualData. A major incident in this center may affect the services and, in the event of physical destruction of the equipment providing the service, result in loss of user data;
    • Data backup is the responsibility of the user, unless otherwise specified in the specific conditions below;
    • Regular maintenance windows are predefined by the provider as specified in the User Documentation, during which the performance and availability of services may be affected. The provider undertakes to communicate in advance on these windows;
    • Some features may be disabled with or without notice by the provider. In the event that such deactivation occurs without notice, the provider undertakes to inform users retrospectively.
  6. User Commitments

    • The user agrees to store or deposit only professional data in the spaces allocated to him;
    • The user agrees not to deposit any document of a defamatory, racist, pornographic, offensive, or more generally, human dignity-infringing nature;
    • The user agrees to share data via these services only with professional collaborators;
    • The user agrees to have all the necessary permissions for any content he creates, saves, or shares using a service, including those from copyright holders and other intellectual property rights;
    • The user agrees not to knowingly deposit malicious software on a service and not to share infected files;
    • The user agrees to take all necessary technical measures to ensure the security and integrity of data and services hosted on the provisioned resources (updates, network firewalls, HIDS, etc.);
    • The user agrees, when using a service, not to contravene current legislative and regulatory provisions and these Terms of Use;
    • The user agrees to use the services provided by the provider in a reasonable manner, particularly by not impairing their operation. The user is informed that any violation of these provisions may result in sanctions and legal proceedings against him. The user acknowledges that the provider reserves the right, in the event that his use of the services is contrary to these Terms of Use and more generally to the laws and regulations in force, to immediately and without notice block his access(es). In general, the provider cannot be held responsible in case of non-compliant use of the services by a user.
  7. User Support

    For any request, the user must use the dedicated support portal, accessible at the following address: Cloud support website.

  8. Conservation of Activity Logs

    All connections and actions performed on the services are logged and can be retained for a maximum period of one year, in accordance with the CNRS Guidelines for managing the traces of use of computer resources and network services. After this period, this data is deleted.

  9. Recovery of Data Contained in Personal Spaces

    Data recovery is the responsibility of the user and must be done while he still has access to the service(s). He is responsible for deleting this data.

  10. Personal Data

    Users undertake to comply with the General Data Protection Regulation (GDPR). In the event that the user hosts personal data on the services offered by the provider, it is the responsibility of the former to comply with this regulation. The provider cannot in any case be held responsible for non-compliance with the GDPR by the user.