- Home
- Documentation
- Nebula System
Nebula System
-
Documentation
- Release Notes
- Get Started
- Nexus Server
- Nexus Application
- Nexus Stacks
- Nexus Two Factor Authentication
- Nexus GUI and Modules
- Access Gates
- Access Keys
- Block Storage
- Codespaces
- Cron Scheduler
- Data Bright
- Data Gate
- Data Insight
- Data Spark-house
- Data Spark-nodes
- Data Spark-solaris
- Data Stream
- Desktops
- Event Hub
- Firewall
- Flow-fx
- Groups
- Identities
- Instances-cn
- Instances-vm
- Instances-xvm
- Load Balancer
- Magna-app
- Magna-buckets
- Magna-db
- Magna-nodes
- Magna-s3
- Magna-se
- Magna-sqld
- Magna-sqlr
- Name Server
- Notification Gate
- Object Storage
- Private Network
- Repositories
- Roles
- SIEM Collector
- Secret Keys
- Security Scanner
- Serverless-api
- Serverless-flow
- Serverless-fx
- Serverless-json
- Serverless-mq
- Serverless-spark
- Sky Link
- Sky Nodes
- Solution Stacks
- VPN Manager
- Vista Sessions
- Nebula System
- Vista Connect
Nebula System
The Nebula system is a universal computing platform built on a base Linux distribution. It integrates various hypervisors, container engines, and cloud services to deliver a comprehensive computing environment. Below, we present a simplified architecture of Nebula.
Nebula Deployment
The Nebula System can be deployed with just a Nexus Server. Before deployment, ensure that a supported Linux OS is installed on the target server and complete the necessary basic preparations. For more information about deploying Nebula, please refer to the Get Started guide.
Deployment Process
When the Nexus Server initiates the deployment of the Nebula System, the following actions are taken:
- Install the latest operating system security updates.
- Install the required repository certificates.
- Install the LXD based Vizor container engine.
- Install the QEMU based Vizor virtual machine engine.
- Install the KVM based Vizor virtual machine engine.
- Install the UFW based firewall service.
- Install the Nginx based gateway services.
- Install Apache Guacamole based Workspaces service.
- Install Network and VPN services.
- Install the System/Private Keys and Communicator Switch.
- Change root password to a 60-character hash and disable the root user.
- Configure the core and cloud environments.
- Mount data carriers.
- Download Nebula Images from the Nexus Server.
- Build and Deploy Nebula Images.
- Clean up temporary data and harden the system.
-
Set the firewall rules:
- DEFAULT INBOUND REJECT
- DEFAULT OUTBOUND ALLOW
- ALLOW INBOUND 443/TCP (Workspaces)
- ALLOW INBOUND 443/UDP (VPN)
- ALLOW INBOUND 2318/TCP (SSH)
- Enable the firewall and set the state to finished.
Important
You can enhance security by restricting access to port 2318 so that it is only reachable from specific IP addresses or through an Access Gate. Please contact our xcware Consulting team to schedule a free consultation hour for any questions regarding advanced security.
You can enhance security by restricting access to port 2318 so that it is only reachable from specific IP addresses or through an Access Gate. Please contact our xcware Consulting team to schedule a free consultation hour for any questions regarding advanced security.
root User Access
Please note that after deploying Nebula, node access is limited to the Nexus interface. The root password is set to a 60-character hash value, and the root user is disabled. Only the Nexus Administrator has root sudo privileges or can switch to the root user.
Please note that after deploying Nebula, node access is limited to the Nexus interface. The root password is set to a 60-character hash value, and the root user is disabled. Only the Nexus Administrator has root sudo privileges or can switch to the root user.
Nebula Administration
The Nebula System is managed and updated automatically by the Nexus Server. No manual intervention is required unless requested by the xcware Support team. Rebooting a C Node is generally unnecessary and may lead to data loss unless explicitly instructed by the xcware Support team.
Important
You can revoke Internet access after deploying Nebula. However, please note that you will need to manually download and apply updates and security patches.
You can revoke Internet access after deploying Nebula. However, please note that you will need to manually download and apply updates and security patches.
Nebula Storage System
For optimal performance, Instances-cn machines partition their disks directly into the host's file system, which can exceed their configured disk size, although this is monitored and reported as an overflow. In contrast, Instances-vm and Instances-xvm machines use raw disk files that cannot overflow. This design minimizes configuration and setup requirements, avoiding the need for storage pools and excessive device communication layers. The Block Storage, Object Storage, and Magna-S3 services follow the same principle in creating storage volumes. Additionally, NFS for XVM Storage can be mounted to separate the storage system for Instances-xvm machines, with the storage managed by the NFS server, providing maximum flexibility for various deployment models for the xcware platform.
Important
For scalability, we recommend using Logical Volume Manager (LVM) partitions to easily grow or shrink the disk size of the Sky Node as needed.
For scalability, we recommend using Logical Volume Manager (LVM) partitions to easily grow or shrink the disk size of the Sky Node as needed.