Skip to main content
Configure additional options for your virtual machine to enhance security, access, and initial setup capabilities.

Public IP Configuration

Control whether your VM has internet connectivity and public accessibility.

Enable Public IP

Internet Connectivity
  • VM receives a publicly accessible IP address
  • Full internet access for downloads and updates
  • Accessible from anywhere on the internet
  • Required for remote access and most applications

Disable Public IP

Internal Network Only
  • VM accessible only within internal network
  • Enhanced security through network isolation
  • No direct internet access
  • Requires VPN or bastion host for access

Public IP Security Considerations

Security Warning:Enabling public IP makes your VM accessible from the internet. Ensure proper security measures:
  • Configure firewall rules appropriately
  • Use strong SSH keys
  • Keep system updated with security patches
  • Monitor access logs regularly

Public IP Use Cases

  • Development & Testing
  • Production Workloads
  • High Security Environments
Recommended: Enable Public IP
  • Easy remote access for development
  • Internet access for package installations
  • Simple collaboration with team members
  • Direct access to web services and APIs

Security Rules Configuration

Configure firewall rules through the integrated interface to protect your virtual machine.

Firewall Integration

1

Access Security Rules

Security rules are configured during VM deployment or through the security management interface
2

Define Rule Types

Add rules for specific protocols:
  • TCP: Web services, databases, custom applications
  • UDP: DNS, video streaming, custom protocols
  • ICMP: Ping, network diagnostics
3

Configure Access

Define allowed sources and destinations:
  • IP Ranges: Specific networks or addresses in CIDR notation
  • Port Restrictions: Specific ports or port ranges
  • Direction: Ingress (incoming) or Egress (outgoing) traffic
4

Apply Rules

Rules are applied automatically after VM becomes active:
  • Real-time rule validation
  • Automatic conflict detection
  • Progressive rule application

Common Security Rule Examples

Secure Remote Access
  • Protocol: TCP
  • Port: 22
  • Source: Your IP address or trusted network
  • Direction: Ingress
Rule: Allow TCP 22 from 203.0.113.0/24
HTTP/HTTPS Traffic
  • Protocol: TCP
  • Ports: 80 (HTTP), 443 (HTTPS)
  • Source: 0.0.0.0/0 (public access)
  • Direction: Ingress
Rule: Allow TCP 80,443 from 0.0.0.0/0
Application-Specific Ports
  • Protocol: TCP/UDP (as required)
  • Port: Application-specific port
  • Source: Trusted networks only
  • Direction: Ingress/Egress as needed
Rule: Allow TCP 8080 from 10.0.0.0/8
Database Connectivity
  • Protocol: TCP
  • Ports: 3306 (MySQL), 5432 (PostgreSQL), etc.
  • Source: Application servers only
  • Direction: Ingress
Rule: Allow TCP 5432 from 192.168.1.0/24

Security Rule Best Practices

Principle of Least Privilege

Minimize Access
  • Only open ports that are actively needed
  • Restrict source IP ranges to minimum required
  • Regularly audit and remove unnecessary rules
  • Use specific ports instead of ranges when possible

Defense in Depth

Multiple Security Layers
  • Combine firewall rules with application security
  • Use both network and host-based firewalls
  • Implement monitoring and intrusion detection
  • Regular security assessments and updates
Security rules may take up to 10 minutes to be fully applied after VM deployment. During this time, your VM may appear to have limited connectivity.

Jupyter Notebook Configuration

Optionally enable Jupyter Notebook server for interactive computing and data science workflows.

Jupyter Setup Process

1

Enable Jupyter

Toggle the Jupyter Notebook option during VM configuration
2

Set Password

Configure a secure password for Jupyter access:
  • Minimum 8 characters required
  • Password strength validation (weak/medium/strong)
  • Strong passwords recommended for security
3

Access Jupyter

After VM deployment, access via browser:
http://<vm-ip>:8888
4

Login

Use the configured password to access the Jupyter interface

Password Requirements

  • Minimum Requirements
  • Strong Password
  • Password Strength Indicator
Basic Security
  • At least 8 characters
  • No common dictionary words
  • Not easily guessable

Jupyter Security Considerations

Jupyter Security:
  • Jupyter will be accessible from any IP that can reach your VM
  • Use strong passwords to prevent unauthorized access
  • Consider restricting access through firewall rules
  • Keep Jupyter updated for security patches
  • Monitor access logs for suspicious activity

Jupyter Use Cases

Interactive Data Analysis
  • Exploratory data analysis
  • Machine learning model development
  • Data visualization and reporting
  • Collaborative research environments
Learning and Teaching
  • Interactive programming tutorials
  • Data science course materials
  • Student assignment environments
  • Demonstration and presentation tools
Rapid Development
  • Quick algorithm prototyping
  • Model experimentation and testing
  • Documentation and reporting
  • Sharing reproducible results

Cloud-Init Script Configuration

Add custom initialization scripts to configure your VM environment at first boot.

Cloud-Init Overview

Automatic Configuration

System Initialization
  • Runs during first boot process
  • Configures system before user access
  • Automates software installation
  • Sets up custom environments

Script Flexibility

Custom Scripting
  • Bash shell scripts supported
  • Package installation commands
  • Configuration file modifications
  • Service setup and management

Cloud-Init Script Limitations

Script Constraints:
  • Maximum script size: 16KB
  • Input validation and sanitization applied
  • Scripts run with root privileges
  • Execution time limits apply
  • Network access may be limited during early boot

Common Cloud-Init Examples

  • Package Installation
  • System Configuration
  • User Setup
  • Application Setup
Install Additional Software
#!/bin/bash

# Update package lists
apt update

# Install additional packages
apt install -y htop vim git curl wget

# Install Python packages
pip3 install numpy pandas matplotlib

# Install Docker
curl -fsSL https://get.docker.com | sh
usermod -aG docker ubuntu

Cloud-Init Best Practices

Error Handling and Logging
#!/bin/bash
set -e  # Exit on any error

# Log all output
exec > >(tee /var/log/cloud-init-custom.log)
exec 2>&1

echo "Starting custom initialization..."

# Your commands here
apt update && apt install -y package-name

echo "Custom initialization completed successfully"
Efficient Resource Usage
  • Keep scripts under 16KB limit
  • Minimize network downloads during init
  • Use package managers when possible
  • Consider script execution time
  • Test scripts on similar systems first
Secure Script Practices
  • Validate input sources
  • Use official package repositories
  • Avoid hardcoded credentials
  • Implement proper error handling
  • Log activities for troubleshooting
Script Testing
  • Test scripts on development VMs first
  • Validate script syntax before deployment
  • Test with different OS images
  • Monitor script execution logs
  • Have rollback procedures ready

Cloud-Init Troubleshooting

1

Check Execution Logs

View cloud-init logs on the VM:
sudo cat /var/log/cloud-init.log
sudo cat /var/log/cloud-init-output.log
2

Verify Script Status

Check cloud-init status:
sudo cloud-init status
sudo cloud-init status --long
3

Manual Script Testing

Test script components manually:
# Run individual commands from your script
# Check for errors or missing dependencies
4

Debug and Iterate

  • Fix identified issues
  • Test updated script on new VM
  • Document working configurations
  • Share successful scripts with team

Advanced Configuration Integration

Configuration Workflow

1

Plan Configuration

  • Determine public IP requirements
  • Design security rule strategy
  • Plan application requirements (Jupyter, etc.)
  • Prepare cloud-init scripts
2

Configure During Deployment

  • Set public IP preferences
  • Configure initial security rules
  • Enable and configure Jupyter if needed
  • Add cloud-init script
3

Validate Configuration

  • Test connectivity and access
  • Verify security rules are working
  • Check application functionality
  • Monitor cloud-init script execution
4

Refine and Optimize

  • Adjust security rules as needed
  • Optimize cloud-init scripts
  • Document working configurations
  • Plan for configuration updates

Configuration Templates

Create reusable configuration templates for common deployment scenarios:
  • Development Environment
  • Production Web Server
  • Secure Computing
Development VM Configuration
  • Public IP: Enabled
  • Security Rules: SSH (22), Jupyter (8888), Custom app ports
  • Jupyter: Enabled with strong password
  • Cloud-Init: Development tools installation
Start with basic configurations and gradually add complexity. Test each configuration component separately before combining them in production deployments.
I