[OSGeoLive] OSGeoLive Cloud

Cameron Shorter cameron.shorter at gmail.com
Wed Jan 16 03:06:42 PST 2019 

John, I wonder if you are able to provide some "next step" suggestions 
for Bruce?

On 16/1/19 8:55 am, Bruce Anger wrote:
> Hi Cameron and everyone else
>
> So far I have tried changing the format of the virtual machine file to 
> ova format and tried to upload it to an Amazon storage bucket, it 
> seems to upload but nothing is visible in the bucket, to proceed to 
> the next step, Amazon does say I have used 4.7 gb of storage. Open to 
> suggestions.
>

On 15/1/19 10:49 pm, Cameron Shorter wrote:
>
> During the FOSS4G Oceania community day, Bruce Anger and John 
> Hildebrandt made great progress toward running OSGeoLive in AWS.
>
> Bruce's notes are here: 
> https://docs.google.com/document/d/12Hix3gAlOkbpyBj9EjOza-JLMEvS6l135Z-Hpuw7ZlU/edit?ts=5bf77367
>
> James, your points are valid when considering setting up a production 
> server. However, if we initially limit the target use case to a 
> workshop/demo type setting, with nothing on the VM to be considered of 
> value, then I assume security should be able to be ignored.
>
> (A future iteration could address security).
>
> Brian, I probably should have been more specific about the use case I 
> was suggesting.
>
> Cheers, Cameron
>
> On 15/1/19 4:09 am, James Klassen wrote:
>> Technically, I suspect it would be relatively easy to convert the 
>> OSGeoLive VM image into the formats accepted by various cloud providers.
>>
>> My main concern is that historically OSGeoLive has been setup 
>> prioritizing ease of use on a single user machine to let a new user 
>> explore and learn the software with as few hurdles as possible.  This 
>> seems in fundamental conflict with best practices for putting a 
>> server on the open internet (in the cloud or otherwise).
>>
>> For example, we have easily guessable and well documented passwords, 
>> generally permissive permissions in applications and on the 
>> filesystem, unrestrictive firewall, way more than the minimum 
>> software installed than is needed for any given task (increasing 
>> attack surface area), ...
>>
>> I think we would need to put some serious thought into how to secure 
>> an OSGeoLive cloud image and what that might mean for usability.

-- 
Cameron Shorter
Technology Demystifier
Open Technologies and Geospatial Consultant

M +61 (0) 419 142 254

More information about the osgeolive mailing list