Information for: DEVELOPERS   PARTNERS

Setting up environment access

Environments overview

Separate environments help you maintain a clear and orderly workflow as you develop, test, and publish your applications. An application is deployed on each of its environments. However, each environment may be in a different state with its own database and files, and can have a different code branch or tag deployed.

Request SSH to the server

Each application has its own Unix user account based on the application name. You can SSH into Task Server as the application Unix user.

Note

  • For the non-Production environment, you can SSH to the server directly with the static IP address.
  • For the Production environment, you can only SSH to the server through the bastion server.

Prerequisites

To SSH into your Task Server:

  1. Generate an SSH private/public key pair.
  2. Create a support ticket with the following information:
    • Attach your public key
    • Provide your IP address with the CIDR notation
  3. Update your local SSH config to log in through the bastion server.

Generating an SSH private/public key pair

To generate an SSH private/public key pair, you can run the ssh-keygen command from the command line.

  1. On your local computer, open a command-prompt window.

  2. Ensure that you do not already have a public key saved to your computer. To determine if you already have a saved public key, run the following command:

    cd ~/.ssh; ls -l
    

    You can also use your existing public key.

  3. Run the following command to generate a new key pair:

    ssh-keygen -t rsa -f <keyname>
    

After generating the key pair, you can create a support ticket and request SSH access to Task Server.

Updating the local SSH configuration for logging in to Task Server

  1. On your local computer, edit your local SSH file config in the ~/.ssh/config directory.

  2. Update the config file.

    Host bastion
            HostName <ip of bastion server>
            User <application name>
            IdentityFile <path of your private key>
    Host task
            HostName <internal ip of task server>
            User <application name>
            ProxyCommand ssh bastion -W %h:%p
            IdentityFile <path of your private key>
    
  3. Run the following command to log in to Task Server through SSH:

    ssh task
    

IP whitelisting

Any traffic to Acquia China Hosting is protected with AWS VPC VCL and a security group. To SSH into Task Server(s), create a support ticket with the following information:

  • IP address(es) with CIDR notation
  • SSH public key