VCPUserGuide-2 5

VirtualContainerPlatform
UserGuide
Version: 2.5
Cypherpath, Inc. 1
Copyright 2016 Cypherpath, Inc. All rights reserved. Cypherpath Virtual Container Platform software and
documentation contain proprietary information and are provided under a license agreement containing restrictions on
use and disclosure and are protected by copyright, patent, and other intellectual property laws.
Cypherpath is a registered trademark of Cypherpath, Inc. Other names may be trademarks of their respective owners.
Cypherpath, Inc.
800 W El Camino Real, Suite 180
Mountain View, CA 94040
USA
Tel: 1-650-713-3060
info@cypherpath.com
Cypherpath, Inc. 2
1Contents
2.Preface 13
2.1About 13
2.2IntendedAudience 13
2.3AccountAdministration 13
3.AccountAccess 14
3.1Login 14
3.2LogOut 14
4.Dashboard 14
4.1YourResourceUsage 15
4.2Status 15
4.3TopCPUConsumption 16
4.4TopRAMConsumption 16
4.5RecentlyAccessedContainers 17
4.6MostAccessedContainers 17
5.Storage 18
5.1DiskImages 18
5.1.1CreateDiskImage 18
5.1.1.1DiskIdentityandDefaultDiskSettings 19
5.1.1.1.1Name 19
5.1.1.1.2Description 19
5.1.1.1.3DiskSize 19
5.1.1.1.4RAM(MB) 19
5.1.1.1.5CPUCount 19
Cypherpath, Inc. 3
5.1.1.1.6DiskBus 19
5.1.1.1.7NICType 19
5.1.1.1.8CPUType 20
5.1.1.1.9VideoCard 20
5.1.1.1.10MachineRole 20
5.1.2UploadDisk 20
5.1.2.1OverwriteExisting 20
5.1.2.2DiskUploadStatus 21
5.1.3DiskActionsPanel 21
5.1.3.1EditingaDisk 21
5.1.3.2ShareDisk 22
5.1.3.3CopyDisk 23
5.1.3.4DownloadDisk 23
5.1.3.5DeleteaDisk 23
5.2ManagedStorage 23
5.2.1UploadingaFile 23
5.2.2DownloadingaFile 24
5.2.3DeletingaFile 24
5.2.4MovingaFile 24
5.25Folders 24
5.2.5.1AddingaFolder 24
5.2.5.2SearchCurrentFolders/Files 25
5.2.5.3BrowsingaFolder 25
5.2.5.4DeletingaFolder 25
5.3VPIFiles 25
5.3.1UploadingaVPIFile 26
Cypherpath, Inc. 4
5.3.2DownloadingaVPIFile 26
5.3.3ImportingaVPIFile 26
5.3.4DeletingaVPIFile 26
6.Containers 27
6.1YourQuotaUsage 27
6.1.1YourQuotaUsage 27
6.1.2PhysicalRAMUsage 27
6.1.3SystemRAMUsage 27
6.1.4VirtualCPUUsage 28
6.1.5AllContainers 28
6.1.6SharedwithMe 28
6.2CreatingaNewContainer 29
6.2.1ContainerName 29
6.2.2ContainerDescription 29
6.3DefaultDisplaySettings 29
6.3.1ManualLayout 30
6.3.2ComponentSpacing 30
6.3.3ComponentDensity 30
6.4ContainerList 30
6.4.1CPUs 31
6.4.2Memory 31
6.4.3Status 31
6.5ContainersActionPanel 31
6.5.1FilterContainers 32
6.5.2Start/StopaContainer 32
6.5.3ViewaContainer 32
Cypherpath, Inc. 5
6.5.4RenameaContainer 32
6.5.5SharingaContainer 33
6.5.6CopyaContainer 33
6.5.7Sharingyourcontainerwithagroup 33
6.5.8Revokingsharedaccesstousers 33
6.5.9Revokingsharedaccesstogroups 34
6.5.10CopyaContainer 34
6.5.11ExportContainer 35
6.5.12DeletingaContainer 35
7.Topology 37
7.1UnderstandingTopologies 37
7.2NavigatingaTopology 38
7.2.1Zoom 38
7.2.2Pan 38
7.3TopologyMenu 38
7.3.1SelectAll 39
7.3.2MachineStateControls 39
7.3.2.1Start 39

7.3.2.2Resume 39
7.3.2.3Pause 39
7.3.2.4Stop 39
7.3.2.5Delete 39

7.3.3ContainerSettings 39

7.3.4ContainerBatchCreator 40
7.4Toolbox 40
7.5DiskImageRoles 41
Cypherpath, Inc. 6
7.5.1Workstation 41
7.5.1Database 41
7.5.3Firewall 41
7.5.4Server 41
7.5.5StorageDevice 41
7.5.6Router 41
7.5.7CDROMs 42
7.6TopologyTree 42
7.7Properties 42
7.8History 42
7.9Start/StopButton 43
7.10InterfaceCount 44
8.DesigningaTopology 44
8.1Networks 44
8.1.1AddingaNetwork 44
8.1.2SelectingaNetwork 45
8.1.3DeletingaNetwork 45
8.1.4DeletingMultipleNetworksnotconnectedtoMachines 45
8.1.5AddingNetworkRoutes 45
8.2Machines 46
8.2.1AddingaMachinetoyourTopology 46
8.2.2SelectingaMachine 46
8.2.3DeletingaMachine 46
8.2.4ConnectingMachinestoNetworks 47
8.2.5DeletingMultipleMachinesconnectedtoNetworks 47
8.3BatchCreator 48
Cypherpath, Inc. 7
8.3.2Name 48
8.3.2MachineCount 48
8.3.3Images 49
8.34Networks 49
8.3.5RAM 49
8.3.6NumberofCPUs 49
8.4TopologySettings 49
8.4.1General 50
8.4.1.1CurrentPersistentStatus 50
8.4.1.2GlobalOn/GlobalOffButtons 50
8.4.1.3Defaultroutingprotocol 51
8.4.1.3.1None 51
8.4.1.3.2RIP 51
8.4.1.3.3OSPF 51
8.4.1.3.4RIPng 51
8.4.1.3.5OSPF6 51
8.4.1.4DefaultOUIPrefix 51
8.4.1.5Maximumruntimeinseconds 52
8.4.1.6SyncMachineClocks 52
8.4.1.7Startmachinesatcontainerstart 52
8.4.1.8Machinespersistentbydefault 52
8.4.1.9EnableSnapToGrid 53
8.4.1.10BackgroundGrid 53
8.4.2AutomaticLayoutSettings 53
8.4.2.1ComponentSpacing 53
8.4.2.2ComponentDensity 53
Cypherpath, Inc. 8
8.4.3ContainerCheckpoints 54
8.4.3.1AddCheckpoint 54
8.4.3.2LoadCheckpoint 54
8.4.3.3DeleteCheckpoint 54
8.4.4PortForwards 54
8.4.4.1PortForwarding 55

8.4.4.2AddingaPortForwarder 55

8.4.4.2RemovingaPortForwarder 55
7.5ComponentProperties 55
8.5.1MachineProperties 56
8.5.1.1MachineTab 56
8.5.1.1.1PowerOn 56
8.5.1.1.2Stop(ACPI) 57
8.5.1.1.3Stop(Kill) 57
8.5.1.1.4Resume 57
8.5.1.1.5Suspend 57
8.5.1.1.6Connect 57
8.5.1.1.7MachineName 57
8.5.1.1.9NumberofCPUs 57
8.5.1.1.10RAM 57
8.5.1.1.11BootOrder 58
8.5.1.1.12Role 58
8.5.1.1.13PersistentDiskImages 58
8.5.1.1.14Port/ForwardPort 58
8.5.1.2DrivesTab 59
Cypherpath, Inc. 9
8.5.1.2.1AddNewDrive 59
8.5.1.2.2DiskImage 60
8.5.1.2.3DiskBus 60
8.5.1.2.4DiskActions 60
8.5.1.2.5EjectedCDROM 61
8.5.1.2.6CDROMs 61
8.5.1.2.7HowtoinstallanewoperatingsystemfromanISO 62
8.5.1.3Interfaces 62
8.5.1.3.1AddNewInterface 63
8.5.1.3.2RemovingInterfaces 63
8.5.1.3.3IPAddress 64
8.5.1.3.4IPv6Address 64
8.5.1.3.5MACAddress 64
8.5.1.3.6Network 64
8.5.1.3.7NICType 64
8.5.1.3.8Usemachinenameashostname 65
8.5.1.4Advanced 65
8.5.1.4.1TCPHardwareSerial 65
8.5.1.4.2TCPVirtioSerial 66
8.5.1.4.3ServiceProbes 66
8.5.1.4.4AddNewTCP 66
8.5.1.4.5AddNewUDP 67
8.4.1.4.6AddNewPing 67
8.5.1.4.7MachineSnapshots 68
8.5.1.4.8Tag 68
8.5.1.4.9RestoreSnapshot 68
Cypherpath, Inc. 10
8.5.1.4.10DeleteSnapshot 68
8.5.1.4.11MachineClock 69
8.5.1.4.12BootDevice 69
8.5.1.4.13.BootMenutimeoutinseconds 69
8.5.1.4.14CPUType 69
8.5.1.4.15VideoCard 69
8.5.2VirtualContainerPlatformManagedStorage 69
8.5.3NetworkProperties 70
8.5.3.1NetworkTab 70
8.5.3.1.1Name 71
8.5.3.1.3Mode 71
8.5.3.1.4Physical 71
8.5.3.1.5Tools 71
8.5.3.2IPv4Tab 72
8.5.3.2.1DHCPEnabled 72
8.5.3.2.2DNSEnabled 72
8.5.3.2.3IPAddress 72
8.5.3.2.4Netmask 72
8.5.3.2.5DefaultGateway 72
8.5.3.2.6DefaultGatewaySelector 73
8.5.3.3IPv6Tab 73
8.5.3.3.1SLAAC 73
8.5.3.3.2IPv6Address 73
8.5.3.3.3DefaultIPv6Gateway 73
8.5.3.4RoutingGlobalSettings 74
Cypherpath, Inc. 11
8.5.3.5DeletingRoutes 75
8.5.3.6Advanced 75
8.5.3.7ProtocolRedistributeSettings 76
8.5.3.7.1IPv4DefaultGateway 77
8.5.3.7.2IPv6DefaultGateway 77
8.5.3.7.3RIPkeychains 77
8.5.3.8InterfaceProtocolSettings 77
8.5.3.8.1RIP(RoutingInformationProtocol)Versions 77
1and2
8.5.3.8.2OSPF(OpenShortestPathFirst)Version2 77
8.5.3.8.3RIPng(RIPNextGeneration)forIPv6 78
8.5.3.8.4OSPF6(OSPFVersion3)forIPv6 78
8.5.3.8.5NAT(NetworkAddressTranslation) 78
8.5.3.8.6NATPortForwarding 78
9.Profile 79
9.1ProfileSettings 79
9.1.1ChangingyourPassword 80
10.Notifications 80
11.Support 80
Cypherpath, Inc. 12
2 Preface
2.1 About
The Cypherpath Virtual Container Platform (VCP) delivers complete IT infrastructure on
demand by enabling any machines, networks, apps, storage, stacks, and app containers to be
placed inside a software-defined infrastructure container. Cypherpath eliminates the need for
proprietary hardware and rebuilding, rearchitecting, or reconfiguring infrastructure allowing IT
to instantly deliver anytime, anywhere.
Cypherpath provides on-demand IT infrastructure by running any infrastructure in secure

isolated containers on commodity hardware using a software layer that abstracts away
differences in the underlying configurations, components, and hardware. Deploy in under 15
minutes, then run infrastructure on-demand.
2.2 Intended Audience

This
User Guide will provide you with a step-by-step process for using the platform. It sho
ul
d be
used by anyone who has a user account and needs instructions on using the Cypherpath Virtual
Container Platform 2.5 Web Interface. It is intended for users who are familiar with using a
web browser and configuring IT infrastructure.
2.3 Account Administration

Your administrator will provide you a user account for accessing the platform resources. Should
you have any questions about your user account permissions or quota settings please contact
your administrator.
Note:
This document assumes your administrator has provided you with a user account and that you have
access to the Cypherpath Virtual Container Platform 2.5 Web Interface using one of the supported web
browsers: IE 10 or newer, Firefox 42 or newer, Chrome 45 or newer, Opera 34 or newer.
3 Account Access
Cypherpath, Inc. 13
3.1 Login
Your Virtual Container Platform administrator will provide you with a URL address and
credentials where you can access the platforms web interface. Using your web browser
navigate to the provided URL. Once your browser has accessed the URL you will be prompted to
log in with your credentials.
3.2 Log Out

Once logged in, you can logout by clicking the
Log Out
button
next to your username in the top
right-hand corner of your browser.
Note:
If you are logged into your account and remain inactive for a period of time set by your administrator,
you will automatically be logged out.
4 Dashboard
After you log in you will be directed to the homepage where your dashboard is located. Your
dashboard is divided into six panels: Your Resource Usage, Status, Top CPU Consumption, Top
RAM Consumption, Recently Accessed Containers and Most Accessed Containers.
Note:
The Top CPU Consumption and RAM Consumption are only visible on your dashboard if you have at
least one running container.
Cypherpath, Inc. 14
4.1 Your Resource Usage
Your Resource Usage panel is used to display RAM, CPU, and Disk usage. These bars will show
the amount of system resources currently being used by your account. To see a more detailed
breakdown of your RAM, CPU, or Disk usage, hover your mouse over the bars.
4.2 Status
To the right of your dashboard is your Status panel. This shows your Total Containers, Running
Containers, Total Machines, Running Machines, Total Networks, Running Networks, and Total
Disk Images.
Cypherpath, Inc. 15
4.3 Top CPU Consumption
Your Top CPU Consumption shows you the five containers consuming the most virtual CPUs.
Hover over the blue CPU bar to see the number of CPUs.
4.4 Top RAM Consumption

Your Top RAM Consumption shows you the five containers consuming the most virtual RAM.
Hover over the blue RAM bar to see the amount in megabytes.
Cypherpath, Inc. 16
4.5 Recently Accessed Containers
Your Recently Accessed Containers shows you which five containers you have most recently
accessed and allows you to quickly navigate to them. When you click on any container from this
list, you will be taken directly to the topology view of that container. If you have recently
accessed any shared containers, you will see this icon showing which containers are

shared with you. Hover over this icon to see who is sharing that container with you.
4.6 Most Accessed Containers

Your Most Accessed Containers shows you which containers you have accessed the most
frequently and allows you to quickly navigate to them. When you click on any container from
this list, you will be taken directly to the topology view of that container. If you have recently
accessed any shared containers, you will see this icon indicating which containers are

shared with you.
Cypherpath, Inc. 17
5 Storage
You can access your storage area by hovering over the Storage tab in your navigation bar. You
will see a drop-down list containing Disk Images, Managed Storage, and VPI Files. Under this
storage tab is where all your disk images and uploaded files are stored by VCP.
Within your storage area, you will maintain a set of master disk images. These form the baseline
disks for the machines in your containers. Each container does not receive full cop ies of the
master images; rather, each machine using a disk image gets a clone of that maste r image,
meaning that on each start of the container
, machines not marked as persistent will be recloned
from their master image. These clones are created using a technique called copy on write, which
means that only the differences from the original are stored for each clone. This conserves
space, allowing the system to maximize storage resources.
Note:
The Storage area may not appear for you, depending on how your account is set up by your
administrator.
5.1 Disk Images

Hover over your Storage tab in the navigation bar and click on the
Disk Images button. You will
be directed to a page that shows your quota usage and disk image list. You can also create and
upload images by clicking the
Create Disk Image or Upload Disk Image
button. Your disk image
storage is capable of having many different disk image formats uploaded to it.
5.1.1 Create Disk Image

This will bring up a window where you can create an empty disk image.
Cypherpath, Inc. 18
5.1.1.1 Disk Identity and Default Disk Settings
This section contains the main properties of the disk you are creating. Your disk template is
metadata that defines a set of default machine characteristics to be applied to any new
machines that are created using this master image as a base. After creation, all properties of the
machine instance can be changed.
5.1.1.1.1 Name
The label used to identify the disk in the topology toolbox. This field is required to create
the disk.
5.1.1.1.2 Description
This optional field is where you will provide your disk image description.
5.1.1.1.3 Disk Size

The size of the blank disk which you would like to create, specified in GB.
5.1.1.1.4 RAM (MB)

This field determines the default number of megabytes of virtual RAM allocated to a
machine created with this image as the boot image.
5.1.1.1.5 CPU Count

This field determines the default number of virtual CPUs allocated to a machine created
with this image as the boot image. Operating Systems behave as if having this number of
CPUs, but this setting has no affect on performance or physical CPU allocation.
5.1.1.1.6 Disk Bus

This field determines the default disk bus used for a machine created with this image as
the boot image.
IDE
SCSI (LSI 53C895A)
USB
Serial ATA
Virtio block
Virtio SCSI
5.1.1.1.7 NIC Type

This field determines the default network adapter type to emulate on a machine created
with this image as the boot image.
Intel E1000 Gigabit

AMD Pcnet32 (Recommended for Windows XP)
Realtek RTL-8029 (NE2000 clone)
Realtek RTL-8139
Linux Virtio virtualized Ethernet
Cypherpath, Inc. 19
5.1.1.1.8 CPU Type
This field determines the default CPU type to emulate on a machine created with this
image as the boot image.
QEMU Virtual CPU

Intel Core Processor (Haswell)
Intel Xeon E312xx (Sandy Bridge)
AMD Opteron 63xx class CPU
Pentium MMX
486 DX/4
5.1.1.1.9 Video Card

This field determines the default video card emulated for a machine created with this
image as the boot image.
VGA with VESA 2.0 VBE

Cirrus Logic GD5446
VMware SVGA-II
Disable video
5.1.1.1.10 Machine Role

The machine role allows your disk to be labeled as a workstation, database, firewall,
server, storage device, or router. This will determine the default role for machines
created with the disk image. These are for display/informational purposes and will not
affect how the machine functions. In the case of routers the role will enable its
interfaces to be selected as default gateways for connected networks.
5.1.2 Upload Disk Image

Selecting the Upload Disk Image button will open the upload pop-up allowing you to upload any
existing disk images or ISOs you might have.
VCP supports many popular image formats. The formats supported are ISO, QCOW, VMDK
(single file image), VDI, VHD, and raw. If you encounter any problems with uploading any other
formats, one solution may be to convert it to a raw format before uploading it.
If you click the

Upload Disk Image button, you will be presented with the same options as above,
minus Disk Size, inside a pop-up window. Fill out the fields as appropriate and then click
Browse
to select the desired local disk. Finally, click on
Upload to begin the upload process. Multiple
uploads run in parallel.
5.1.2.1 Overwrite Existing

Normally, you are unable to create a new disk image with the same name as an existing disk
image. However, if Overwrite Existing is selected, a newly created image will overwrite an
existing image with the same name.
Cypherpath, Inc. 20
Once you have made your choices in the Default Disk Settings, click the Browse button to
choose a file to upload. Only one file can be chosen at a time. If an unknown file type is
selected, you will get a warning message box stating that it was unable to detect the file
type.
Click
OK
then click the
Upload
button located to the right of your newly uploaded file.
5.1.2.2 Disk Upload Status

This bar shows the status of the upload. You can cancel it while in progress by clicking the
Cancel
button located on the right. To clear your disk upload click the red X located to the right of the
Cancelbutton.
Note:

Popular hypervisor formats will be automatically detected and handled by VCP.
5.1.3 Disk Actions Panel

The Disk Actions panel allows you to edit, share, copy, download, and delete your disk images.
Each disk image will display its role, type (CD-ROM or disk), image name, optional description,
size, and status.
5.1.3.1 Editing a Disk

To modify a disk, click on the image name from the list that you want to modify then choose
Edit
in the Disk Actions panel to the right of the screen. A drop-down menu will appear where you
Cypherpath, Inc. 21
can change the name of your disk image, add an optional description and modify your Default
Disk Settings. After you have made all your changes click the
Save
button.
5.1.3.2 Sharing a Disk

Sharing allows you to make Disk Images that youve uploaded available to other users and
groups. Sharing must be enabled for you account by your administrator. Users who you share
disk images with will be able to perform all the same Disk Actions on those disk images. To add
users and/or groups to share your disk image with, select your disk image and click the Share
button in your Disk Actions panel. The Disk Image Sharing drop-down menu will appear and you
will be able to switch between users and groups. Toggle to Users, then click the drop-down list
to select a user. Once clicked, that user will appear in your shared user list. Perform the same
actions to share with groups. Once you have shared a disk with another user and/or group, you
will see this icon next to the disk image name in your disk images list indicating you are
sharing that disk.
To remove sharing from users and or groups, hover over their username or group name under
the Sharing with the following users, which will highlight in red, then click to remove.
Cypherpath, Inc. 22
5.1.3.3 Copying a Disk
When you click the Copy button after selecting your disk, you will create a new master disk
image that is a copy of that image. Every aspect of the new disk image will be the same, except
the name, which will have "Copy x of" prepended to it, where x is a number, starting at 1 and
incrementing as necessary with each new copy.
5.1.3.4 Downloading a Disk

When you click the Download button you will get a save file dialog box to download your
selected disk image. Downloaded disk images will be either in the ISO format if they are
CD-ROM images or in QCOW2 format if they are hard drive images.
5.1.3.5 Deleting a Disk
To delete a disk select the disk so that it is highlighted in blue then click the
Delete button in the
Disk Actions panel. Once clicked you will see the following message box:
Click Yes to delete your disk.
Note:
If a disk is being used by a container, it cannot be deleted. If you attempt to delete such a disk, you
will be prevented from doing so and notified which containers are using it.
5.2 Managed Storage

The Managed Storage area is used to transfer files in and out of containers.
5.2.1 Uploading a File

To access Managed Storage, hover over the Storage tab and click the Managed Storage button.
You will be taken to a page that shows Your Quota Usage and gives you the ability to add a New
Folder and Upload File(s). You can also use the Search Current Folders/Files box to quickly filter
the names of folders/files you are looking for.
Cypherpath, Inc. 23
To upload a file, click the Upload File(s) button which will open the upload pop-up window or
bring it to focus if it is already open. Select the Upload button at the top to browse and choose
any files that you wish to upload to your Managed Storage area. Once you have selected a file to
upload, it will immediately begin uploading. At any time during the upload, you may click the
Cancel button to cancel the upload. The progress bar will turn red and the upload will halt. Once
complete the file will appear in your managed file list.
5.2.2 Downloading a File

To download a file, click on its name in the list. This will bring up a save file dialog box to send the
file to your browser as a download.
5.2.3 Deleting a File

If you want to delete a file, click the white
X
button located to the right of your file name.

5.2.4 Moving a File
To move a file, click the drop-down menu to select your folder and click the icon.
5.2.5 Folders
The interface for the Managed Storage displays folders exactly as they appear on the disk. If you
create a folder and add files to it, then add the Managed Storage device in the toolbox to a
container, that folder and set of files will be available inside of the container on the storage
device, and vice-versa. Folders cannot be downloaded as a whole; only files within the folders
can be downloaded by clicking on the name of the file.
5.2.5.1 Adding a Folder

To add a folder, click the
New Folder button. A dialog box will appear where you can name your
folder. Enter a name and click
Create
or press the
Enter
key and your newly named folder will be
added. Folders cannot have the same name.
Cypherpath, Inc. 24
5.2.5.2 Search Current Folders/Files
To search your list of current folders/files, begin typing the name of the file/folder you wish to
find. The list will be filtered based on your entry.
5.2.5.3 Browsing a Folder

To browse a directory, click on the blue hyperlinks on the Managed Storage page next to the
folder icon. You will see a list of all the files in that folder.
5.2.5.4 Deleting a Folder

To delete a folder, click on its name in the grey panel if it is not already listed beneath. Then click
on the white X button located to the right of your folder. You will be presented with a
confirmation message before deletion is complete. Click Yes
and your folder will be deleted with
no further confirmation.
5.3 VPI Files

A VCP Image (VPI) is an entire container exported in a format that can be imported into the
same VCP system or some other VCP deployment. VPIs provide a method for saving, backing
up, and transmitting entire containers. A VPI file is an actual container saved out as a single file.
It includes all machines, operating systems, apps, networks, routing, and configurations. If there
are any snapshots on machines, VPIs preserve those as well.
VPI files can be imported as new containers. The new container will be a duplicate of the
exported container, containing all the same machines and networks. In addition, all disk images
that were part of the original container will be made available in your Disk Image area.
Cypherpath, Inc. 25
5.3.1 Uploading a VPI File
To upload a file to the VPI File storage, hover over the Storage tab and click VPI Files button.
Click the Upload VPI(s) button to browse for a VPI file to upload to your VPI files storage area. If
you choose a file that does not have the .vpi file extension you will get a warning message and
your file will not appear in the list. Click the OK button to remove the message box.
Once you choose a valid VPI file it will show up in the file list with an indication of its size and
current upload progress. At any time during the upload, you may click the Cancel button to
cancel the upload. The progress bar will turn red and the upload will halt.
5.3.2 Downloading a VPI File

If you would like to download a VPI file, click on its name in the list. This will bring up a save file
dialog box to send the file to your browser as a download.
5.3.3 Importing a VPI File

To import a VPI File into your container list, click the Import button next to the VPI that you
want imported. This will bring up a window which will ask for a name to give your imported
container. After you have entered the name for your container click the Import button or press
the Enter key. Navigate to your containers list page to see your newly imported container.
5.3.4 Deleting a VPI File

If you want to delete a VPI file, click the white X button located on the row of the VPI file name
you wish to delete. Once clicked you will see this message box on your screen. Click Yes to
delete your VPI file.
Cypherpath, Inc. 26
6 Containers
A "Container" is an isolated topology that is used to virtualize, automate, and configure IT
infrastructure.
To access the Containers page, hover over the Containers tab in your navigation bar and click
on
the All Containers
button. If a container has been shared with you, the Shared with Me panel
and the
My Containers button will appear as well.
6.1 Your Quota Usage
This is where you can view your current RAM and CPU quotas as well as how much of each you
are consuming. Your RAM usage is broken up into Committed, Physical and System usage.
6.1.1 Committed RAM Usage:

This is the total amount of RAM you have assigned to your VMs and will remain less than or
equal to your assigned quota.
6.1.2 Physical RAM Usage:

This is the total amount of physical RAM your VMs are actually utilizing and will normally
remain less than or equal to your committed RAM usage. If there is a large disparity between
your committed and physical RAM usage then this may signify an inefficient allocation of RAM
to one or more of your VMs. By reducing the amount of RAM assigned to your VMs you may be
able to start more VMs given other quota constraints.
6.1.3 System RAM Usage:

This is the total amount of your RAM quota that is unavailable to you for reasons beyond your
control. This can occur if your administrator has allocated more resources to users than the
deployment is able to service. If this value is above 0.0% you should contact your tenancy admin
or system administrator.
Cypherpath, Inc. 27
6.1.4 Virtual CPU Usage:
This is a breakdown of your virtual CPU quota usage.
6.1.5 All Containers

This is where you access your container list which shows each container's name, CPU, memory,
and status. To see the description for any container, click once on the container name and it will
show up beneath the container name. Containers that you are sharing with other users will
show this icon next to the container name.
6.1.6 Shared with Me

The Shared with Me panel located below your My Containers button will show you a list of all the
users that are currently sharing their containers with you. This feature will only appear if at least
one container has been shared with you by another user. When you click on a user in the Shared
with Me list, you will be taken to a list of containers that have been shared with you by that user.
Shared containers allow the same actions to be taken as your own. There is also a search box
underneath the Shared with Me header to quickly filter out specific users.
Note:
A container shared with you does not affect your allowances. It affects the allowances of the owner
of that shared container.
Cypherpath, Inc. 28
6.2 Creating a New Container
To create a new container, click
Create
New Container button above the search containers field
and new container form will slide down.
In this panel, you can name your container as well as enter an optional description. Once you
have named your container and entered your optional description, click Save.
6.2.1 Container Name

Your container name is the name you will use to refer to your container. Container names are
unique and no duplicates are allowed.
6.2.2 Container Description

You can use this optional field for entering a brief description of your container. You can enter
up to 128 characters in this text field. Once you have entered your information, click the Save
button and your new container will appear in your container list. To see your description click on
your container once and it will show beneath your container name in the list.
6.3 Default Display Settings

To access the Default Display Settings, hover over the
Containers tab in the navigation bar and
click on
Default Display Settings
.
You will be presented with a Default Display Settings slide-down form. Using this form you can
adjust the spacing, visibility, and density of topology components for your containers. These
default display settings can be overridden from within an individual container.
Cypherpath, Inc. 29
6.3.1 Manual Layout
Manual Layout allows users to build topology designs by positioning each resource at a specific
location. Snap-To-Grid allows users to drag and drop components to desired positions on the
canvas. If Snap-To-Grid is off the canvas will use an automatic layout algorithm. Background
Grid will show a lined grid that can be used to easily position components.
6.3.2 Component Spacing

Component spacing allows you to specify the radius spacing for each component type such as
machines and networks. Be sure the value entered is less than or equal to 3000. If the
Snap-To-Grid setting is turn on, then automatic component spacing is disabled.
6.3.3 Component Density

Component density allows you to specify the radius spacing for each component type such as
machines and networks. Be sure the value entered is less than or equal to 100 for machines and
less than or equal to 10 for networks. Once you have entered your information, click the Save
button to apply the changes to your default display.
6.4 Container List

The container list is where your created containers are accessed. Each container in this list will
include the container name, CPUs, memory used, and current status. To select a container, click
on the row of that container. Once your container is selected the row will be highlighted in blue.
If you double-click the container, it will take you straight to the topology view. Alternatively you
can click the
View button in the Container Actions panel located to the right of your browser
which is discussed further in
Section 6.5 titled Container Actions Panel.
Cypherpath, Inc. 30
6.4.1 CPUs
The CPU column shows the total number of CPUs committed to VMs inside the container.
When the container is running, this will also show the actual number of CPUs committed to
running VMs as well as the total.
6.4.2 Memory
The memory column shows the total amount of ram committed to VMs inside the container.
When the container is running, this will also show the actual RAM committed to running VMs as
well as the total.
6.4.3 Status
Displays the state of the container as Off, Starting, Running or Shutting Down.
6.5 Container Actions Panel

The Container Actions panel lists all of the actions that you can use to interact with a container
from a container-wide view, rather than a fine-grained topology point of view. This menu will
only be displayed when a container has been selected from the container list.
Cypherpath, Inc. 31
6.5.1 Filter Containers
The search box located above the Container Actions panel allows you to filter your containers
for quick access. You can type any part of a containers name and it will filter out container
names that do not match. To turn off filtering, delete the contents of the search box.
6.5.2 Start/Stop a Container

To start or stop a container from the Containers page, select the container by clicking it, then
click the Start/Stop button under the Container Actions panel located at the right of your
browser. The container can also be started or stopped from the topology menu which will be
discussed later in
Section 7.3
titled Topology Menu.
If you stop a container that has at least one machine with persistence, an ACPI shutdown
message is sent to the persistent machines. The following message will appear on your screen.
Click Yes to continue with shutdown or click No to abort shutdown. Please note that if
machines do not respond to the ACPI shutdown then they must be powered down or killed
manually.
Note: It is possible to connect manually to a machine and shut it down (if, for example, it does not support
ACPI). Additionally, the machine can be powered off manually (killed) if waiting for a graceful shutdown is
not a concern.
6.5.3 View a Container

To view the topology of your container, click the container in the container list that you wish to
open and then click the
View button under the Container Actions panel. This will take you to the
topology view for the container which is covered in detail in
Section 7.3
titled Topology Menu.
You can also double-click the container name to view your topology.
6.5.4 Rename a Container

To rename the container or change its description, select the container from the container list
and click the Rename option under the Container Actions panel located at the right of the
screen. After clicking on the
Rename button, the Rename Container
slide-down form will appear.
Cypherpath, Inc. 32
Using this form allows you to rename the container and add an optional description. Once you
have renamed your container, click the Save button to save your changes.
6.5.5 Sharing a Container

Sharing a container allows you to make your containers available to other users. They will be
able to perform all the same actions that you have access to on your container. This feature will
only be available if your administrator has given you permission to share your containers with
users and groups.
To share your container, click on the container that you want to share in the container list. Click
the Share button from the Container Actions panel and a slide-down form will appear. Using this
form, you can perform several operations such as: choosing which users to share your container
with, which groups to share your container with, and which users and/or groups to revoke
sharing containers with.
6.5.6 Sharing your container with a user

To share with a user switch to Users
, then click on the drop-down bar that is underneath to
select the user you want to add. You can also type in their name to filter the available options.
6.5.7 Sharing your container with a group

To share with a group switch to
Groups , then click on the drop-down bar to select the user you
want to add. You can also type in their name to filter the available options.
Cypherpath, Inc. 33
6.5.8 Revoking shared access to users
To revoke access to a user, switch to
Users
and then hover over the name of the user and click
on the username displayed in the center of the form.
6.5.9 Revoking shared access to groups

To revoke access to a group, switch to
Groups and click the name of the group displayed in the
center of the form.
Note:
When you share a container with a user or group, you are granting them access to: edit the topology,
rename the container, share the container with others, and delete it, if they have the corresponding
permissions to perform those actions.
6.5.10 Copy a Container

To copy a container select the container from the container list and click the
Copy option under
the Container Actions panel. After clicking on the
Copy button, a Copy Container slide-down
form will appear. When you copy a container an exact copy of the old container is made with all
machines still using the master images from your storage. A container cannot be copied if it is
currently running.
Note:
A master image is a disk image or ISO image uploaded into the Disk Images storage section of the
platform. Master images are never used directly in a container.
Cypherpath, Inc. 34
6.5.11 Export Container
When exporting container, it is exported as a VCP Image (VPI) file, which will be placed into
your VPI Files storage area. Your container will be unavailable while it is being exported. Making
a copy of a container is typically a faster operation than exporting it as a VPI.
Note:
Exporting large containers may take multiple hours to complete. While exporting you will not have
access to the container. It is advised to copy your container first and export the copy so that you can resume
use of your container while the export process completes.
The VPI is your entire container saved out as a single file. It can then be loaded into another
deployment, used as a backup or used as a starting template for another container. This is
explained in more detail in
Section 5.3
titled VPI Files.
To export a container to a VPI, first select the container that you would like to export from your
container list. In the Container Actions panel located at the right of the screen click the
Export
button. An estimated time of export will be calculated when the Export button is clicked. You will
be presented with a message box showing your estimated export time and given the option of
clicking Yes
to continue or
Noto abort.
Note: Export time estimates are based on previous VPI exports, so until the Virtual Container Platform has
enough data to provide an estimate, it will inform you that no estimate is available.
To access your VPI file, navigate to the VPI File page under your Storage tab in the navigation
bar.
6.5.12 Deleting a Container

Select the container you wish to delete, highlighting it in blue. Next, click the
Delete button
under the Container Actions panel. You will be presented with the following message box:
Cypherpath, Inc. 35
To delete the container, type
DELETE in all caps and click
Yes. Clicking
No
will abort the
operation.
Warning:
When you delete a container, all of the topology elements for that container including
configuration and settings cannot be recovered!
7 Topology
Topologies are rendered as components representing networking equipment (networks) and

machines with lines connecting them. The topology is where you can create, view, and edit the
terrain of the container. It is where IT infrastructure is designed, viewed, configured, and
specified to the platform. The topology section uses interface paradigms that are similar to what
you're used to in your operating system; drag and drop, clicking buttons, etc.
7.1 Understanding Topologies

Each container has a topology associated with it that describes its IT infrastructure: its
networks and machines, including their individual settings and connections. The topology for a
container includes all switching, routing, machines, operating systems, apps, services, and
configurations within that container. Topologies are designed by dragging networking
components onto the topology and then dragging machine components onto those networks.
Once you are satisfied with the design, the topology can be started, which provisions all
networks, routes, and machines. Topologies can also be modified while the container is running
so infrastructure can be designed in real time while existing components are running in a
Cypherpath, Inc. 36
production capacity. The whole topology can be shutdown and restarted returning the
infrastructure to a pristine state or to the previous state depending on the persistence setting.
By default, all new topologies are set to automatically persist. Persistence is a component's
ability to maintain its state between shutdown and the next startup. This means that VCP saves
changes made to the clones in a container for the machines that are set to persist, even when
the container is stopped. Both individual machines' persistence, as well as the default behavior
when creating machines, can be altered within the topology view for a container.
VCP utilizes a technology called Hyper-cloning, which is the automatic creation, optional
persistence, and automatic cleanup of virtual machine disk images. To facilitate this, virtual
machines make use of copy on write clones of master images which are created on boot up. When
persistence is turned on, these clones are kept indefinitely between start-ups of the container.
When the system detects that a given clone is no longer being used, the clone is cleaned up.
Copy on write is a technology that allows clones to take only as much space as needed for
machine deltas relative to their master image. This system of hyper-cloning allows the system to
create and destroy many virtual machines quickly. Combined with our container virtualization
this allows you to build up large topologies quickly and easily.
7.2 Navigating a Topology

The topology can be manipulated to better view it through zooming and panning.
7.2.1 Zoom
To zoom in, move the mouse scroll wheel forward. To zoom out, move the mouse scroll wheel
backward. If you do not have a scroll wheel you can use the following keyboard shortcuts: Press
+ (plus) to zoom in and press - (minus) to zoom out.
7.2.2 Pan
To pan, click and hold the left mouse button on an empty space on the topology (no network
equipment/machines under the mouse) and move the cursor in the direction you want to move
the topology.
7.3 Topology Menu

Your topology menu is what you will use to create, modify, start, and stop your topology if your
administrator has given your account permission to do so. On your topology page, you will be
presented with your topology menu. The headers will show the name of your container
topology,
Containertab, and
Components tab. Click the orange ellipses to hide this menu.
Cypherpath, Inc. 37
Hover over your Components tab to see the drop-down list of options for use in selecting and
controlling machine behavior.
7.3.1 Select All

This button will allow you to select all of the components on your topology at once with a single
click.
7.3.2 Machine State Controls

These allow you to start, stop, pause and resume the currently selected machines within your
topology. Only appropriate options will be displayed depending on the state of the selected
machines.
7.3.2.1 Start
Click this button to start your machine(s).
7.3.2.2 Resume
Click this button to resume your machine(s).
7.3.2.3 Pause
Click this button to suspend your machine(s).
7.3.2.4 Stop
Click this button to stop your machine(s). By default, Stop will send an ACPI shutdown
command to the selected machines. If these machines do not support ACPI or a clean shutdown
is not desired then the submenu may be used to select a
Kill
option instead.
7.3.2.5 Delete
Click this button if your want to delete your machine(s).
Hover over your Container tab to see the drop-down list of options for used for manipulating
the entire container.
7.3.3 Container Settings
Clicking the
Settings button under your View tab will take you to the topology settings dialog
box which is discussed later in
Section 8.4
titled Topology Settings".
Cypherpath, Inc. 38
7.3.4 Container Batch Creator
Clicking the
Batch Creator button under your
View tab will take you to the Batch Creator dialog
box which allows you to create several topology resources at once and is discussed later in
Section 8.3titled Batch Creator.
7.4 Toolbox
The Toolbox button allows you to add new components to your container topology, giving you
the ability to design your IT infrastructure. Click the
Toolbox tab and you will be presented with
a list of component headers to the left of your browser. Your Toolbox has a toggle button
which slides out for quicker access from the left side of your browser.
Within the topology menu fly-out, there will be several headers listing multiple disk image roles.
The Networks and Managed Devices headers have Cypherpath-based components that cannot
be added to or deleted from. VNC connections to Managed Devices are disabled since
interaction with these components is fully controlled by the platform. If features are required
that are beyond the scope available to these managed devices, then you will need to upload an
appropriate machine image with the functionality you require.
Cypherpath, Inc. 39
Workstations, Databases, Firewalls, Servers, Storage Devices, and Routers list the master
images that have been assigned that particular role in storage. The CD-ROMs area stores ISO
master images automatically when uploaded to your disk image storage. Roles have no effect on
the functionality of an image but are instead intended for user organization. Roles may affect
the way the canvas presents the image within the container topology.
If there are any master images shared with you by other users they will be shown below your
owned master images with a header titled Shared. Otherwise this shared header will not be
shown. You will use these different designer components in the toolbox to design IT
infrastructure. If there are no master images assigned to that header role in your storage you
will see No images are currently available".
When a machine is created using a specific master image as a base, a clone of that master image
is created and attached to the new machine as a hard drive. All changes made on the virtual
machine are saved to the clone if persistence is enabled, causing it to slowly diverge from the
master image. The divergence can be saved back to the master image or a new master image can
be created that includes the delta.
7.5 Disk Image Roles

Disk images can be open source or commercial third party disk images as long as the third party
system can be virtualized.
7.5.1 Workstation
This is a good option if you are not sure what role a particular disk image will be used for. For
example, on a workstation you can use a version of Linux or Microsoft Windows.
7.5.2 Database
Signifies a database server and the icon appears as a database server.
7.5.3 Firewall
A network security system that will control inbound and outbound traffic. For example, in the
firewall role you can use OpenWRT, pfSense, or commercial software.
7.5.4 Server
A system that will provide services to other systems. For example, on a server you could run
Apache on Linux to serve web pages or Windows Server and run IIS.
7.5.5 Storage Device

Any network-accessible storage server.
7.5.6 Router
A networking routing device.
Cypherpath, Inc. 40
7.5.7 CD-ROMs
An ISO image representing a CD-ROM or DVD-ROM.
7.6 Topology Tree
Clicking this button will open up your Topology Tree navigation list that will show all of
your connected/unconnected components. If a machine has no interface connections, you will
see this icon next to the name. Only machines can be in a "Staged/unconnected" state. You
can drag connected and unconnected components onto your topology. If there is no icon next to
the name of your component this indicates it is already connected on your topology and when
you click and drag it will add to your interface count. When you click on any connected
component in your Topology Tree navigation list, the component will be selected and focused
on the center of the page.
7.7 Properties
Clicking this button will give you a fly-out menu from the right-hand side of your browser
which is discussed later in
Section 8.5titled Properties.
7.8 History
Clicking this button will show you a history timeline of activity regarding your container,
such as when your machines/networks were created, modified, and deleted, and by whom.
Cypherpath, Inc. 41
7.9 Start/Stop Button
The
Start and
Stop
buttons allow you to start and stop your container from within the topology
view. To start your container click the blue
Start
button located in the Topology menu.
Once you have clicked the blue Start button you will see in the notification panel at the top of
your browser that the system has initiated startup of your container and your machines will turn
green indicating they are powered on. Your blue Start button will now be your Stop button for
your container. Your machines will communicate over the networks they are attached to based
on their network design.
To stop your container click the red

Stop
button located in the Topology menu.
When a container is stopped, all machines inside of that container are stopped before the
container itself shuts down. Non-persistent machines are sent a hard power off (equivalent to
pulling the plug of a physical machine), while persistent machines are sent an ACPI shutdown
(equivalent to pushing the power button on a modern physical machine). If persistent machines
do not respond to ACPI events, they must be powered off by hand, either by connecting to the
machines console and shutting it down or by sending a hard power off command. While the
container is waiting for machines to shut down, it resends the ACPI shutdown command every
hour, in an attempt to ensure that the container stops. However, this will have no effect on
machines which do not support ACPI, so the manual intervention may still be required in some
cases.
Before a container shutdown commences, you will be warned as to the consequences of the
action. If all machines are persistent, the following message box appears; click
Yes to complete
the shutdown, or Noto abort it.
Cypherpath, Inc. 42
If your container is running in a mixed persistence mode then you will get the following message
box:
Once your machines shut down, they will no longer be green indicating they have powered
down. You also have the option to force a shutdown of a machine when a graceful shutdown is
not needed. To do this, you will need to individually select and click the Stop button in the
topology menu under the Edit tab in the machine state controls. If you have many machines you
can also choose the
Select All button under the
Edit tab in the topology menu then use the Stop
button in the machine state controls.
7.10 Interface Count

The line connecting a machine to a network contains a number indicating how many interfaces
on the machine are connected to that network. In the example below, 1 indicates that the
machine has one interface connected to that specific network. A machine may be connected to a
network multiple times, although in typical use each machine will have only one connection to a
network.
8 Designing a Topology
Cypherpath, Inc. 43
8.1 Networks
8.1.1 Adding a Network

To add a network click on the Toolbox button. The toolbox will appear at the left side of your
browser. Click the Networks header to see your networks then click and drag a network onto
the topology canvas. Networks will automatically snap to a position and arrange themselves
around the first added network.
8.1.2 Selecting a Network

To select a network on your topology, click on the network name. Once selected the network
name will have a red background. Click the Properties button on the right side of the browser
and you will be presented with a fly-out menu that you can use to modify your network
properties. The
Properties
button is further explained in
Section 8.5
titled Properties".
8.1.3 Deleting a Network

To delete a network on your topology select the network you wish to delete then hover over
Components tab on the topology menu and click the Delete button. Once you click this button
Cypherpath, Inc. 44
you will see a pop-up dialog box asking for confirmation. Click
Yes to delete your network or
No
to abort.
8.1.4 Deleting Multiple Networks not Connected to Machines

To delete multiple networks, hold down the Ctrl key while clicking each network icon then
hover over the Components tab in the topology menu and click the
Delete button. You can also
click the delete key on the keyboard. Once you click the button or key you will see a pop-up
dialog box asking for confirmation. Click
Yes
and your networks will be deleted.

8.1.5 Adding Network Routes

To add routes between two networks, you need to have a router placed on one of the networks.
From there, drag the router to the second network that you want to connect to. When your
connection is successful you will see a black line connecting the router to the network. You must
ensure that the appropriate routing protocols and settings are configured on each interface in
order to allow network packet routing. Cypherpath VCP Routers require DHCP in order to
operate since you as a user do not have access to their configuration. IPv6 is supported by
platform routers, but require that the network have SLAAC enabled and 1 router configured as
the default gateway from which routing advertisements will be multicast.
Optionally, you may upload your own router images and set the machines role property to
Router. Your uploaded router images are not managed by VCP so you are responsible for
properly configuring the image in accordance with your routing goals. VNC access to such an
image is not restricted. Once the images role is changed to Router it will appear under the
Router header within the toolbox of your topology menu. You may leverage the built-in DHCP
networking feature for address auto-configuration, or this feature may be disabled if manual IP
address configuration is preferred.
Cypherpath, Inc. 45
Note:
If a route is added to a running network, machines on that network can not directly be informed of
the new route since routes are acquired only when the network is brought up in the machine, which
typically happens at boot. Most operating systems will reacquire a network address and lease if their cable
is unplugged, which can be simulated by using the "Replug" command described in Section 8.5 titled
Properties". Alternatively you can connect to each machine over VNC and renew the IP if replugging
doesnt work, or as a last resort, reboot the machine.
8.2 Machines
8.2.1 Adding a Machine to your Topology

To add a machine click on the Toolbox and then the machine role header to show the list of
machines you can choose from and add to your topology. Click and drag the machine onto your
network and you will see a black line connecting them together.
8.2.2 Selecting a Machine

To select a machine on the topology, click on the machine name and once selected the machine
name will have a red background. You can then click on the Properties button located to the right
of your browser, where you will be able to modify your machine and save your changes. The
Properties
button is further explained in
Section 8.5
titled Properties".
8.2.3 Deleting a Machine

To delete a machine on your topology select the machine you wish to delete then hover over the
Components tab in the topology menu and click the Delete button. You can also hit the delete
key on your keyboard. Once you click key or button you will see a pop-up dialog box asking for
confirmation. Click
Yes
and your machine will be deleted.
8.2.4 Connecting Machines to Networks
Click and drag an already-connected machine on your canvas onto a network.
Click and drag an unconnected machine from your list in the topology tree onto
your network.
Cypherpath, Inc. 46
Add an interface via the machine's properties button that is covered in
Section
8.5
titled Properties".
Using the Batch Creator. See

Section 8.3
.
8.2.5 Deleting Multiple Machines connected to Networks

To delete multiple machines, hold down the
Ctrl key while clicking each machine icon then hover
over the
Components tab in the topology menu and click the Delete button. You can also click the
delete key on the keyboard. Once you click the button or key you will see a pop-up dialog box
asking for confirmation.
8.3 Batch Creator

The Batch Creator allows you to create many identical machines at once. All machines that you
create with this Batch Creator will have the same disk image(s) connected to the same
Cypherpath, Inc. 47
network(s). Everything you enter in the Template Overrides section of the Batch Creator is
applied to all machines created in the
Batch Creator only and will not affect other machines on
your topology. The Batch Creator allows anywhere from 1 to 100 machines to be created at one
time. After creation, each machine can be tailored individually as necessary. Machines created in
the
Batch Creator will be named based on the template name you enter followed by an
incremented number.
8.3.1 Name
The Name textbox is where you will enter the name to be applied to all the machines about to be
created. Each machine name will be followed by an incrementing number.
8.3.2 Machine Count

Machine Count is where you will enter a minimum of 1 or maximum number of 100 machines to
add.
8.3.3 Images
In your Images list you will see your Available Disks. This is where you will find your list of
master images that are available. To choose a disk, click on it and it will appear over in the
Selected Disks area. To remove a disk from the Selected Disks area, click it and it will be put
back in your Available Disks list.
8.3.4 Networks
In your Networks list you will see your Available Networks. To choose a network, click on it and
it will appear over in the Selected Networks area. To remove a selected network click it and it
will be removed.
Cypherpath, Inc. 48
8.3.5 RAM
Amount of RAM, in megabytes, each machine will have.
8.3.6 Number of CPUs
Number of CPUs each machine will have.
Click the drop-downs for Disk Bus, NIC Type, Video Card, and CPU Type to see more options.
Once all of your selections have been made, click the

Create Machines button to populate your
topology.
8.4 Topology Settings
Click the
Settings
button located under the
Container
drop down tab in your topology menu to
open up the settings dialog box. Once you click the
Settings button you will see your Topology
Settings slide-down menu in the middle of your screen. There are four main sections: General
Settings, Automatic Layout Settings, Container Checkpoints, and Port Forwarders.
8.4.1 General Settings

General Settings affect the way your container behaves. You can make changes to these fields
and can click the
Update
button to save your settings.
Cypherpath, Inc. 49
8.4.1.1 Current Persistent Status
Your current persistent status indicates whether some, all, or none of the machines in the
topology are set to persist.
8.4.1.2 Global On/Global Off Buttons

By clicking these buttons you will add or remove disk persistence to all machines within your
container. This is absolute, such that if a container is partially persistent and partially not, the
buttons will set all machines to the specified value.
If you click
Global On, your machines within the topology will be set to persist and the current
persistent status will change to "All.
If you click
Global Off
then all machines within the topology will be set to not persist and you
will see this message box. Click
YES
and the current persistent status will change to "None.
If some machines in the topology are set to persist and some are not, then the current
persistent status will be Mixed.
8.4.1.3 Default routing protocol

The default routing protocol setting configures all VCP-supplied router interfaces in order to
support the minimal configuration for the selected routing protocol. For example, if you select
RIP as the default routing protocol then each new router interface created will be
automatically configured to propagate routing table information using a minimal RIP routing
protocol configuration.
8.4.1.3.1 None
Routers will be created without any routing protocols configured.
Cypherpath, Inc. 50
8.4.1.3.2 RIP
Routing Information Protocol
8.4.1.3.3 OSPF
Open Shortest Path First
8.4.1.3.4 RIPng
Routing Information Protocol Next Generation
8.4.1.3.5 OSPF6
Open Shortest Path First version 3
8.4.1.4 Default OUI Prefix

The default OUI prefix is initially set to 52:54:00 with the suffix being generated in a unique
fashion. This is ideal for an isolated container because it ensures that there will be no duplicate
MAC addresses within the topology. This default value can present problems when networks
are attached to physical networks due to the possibility of multiple containers generating
identical MAC addresses. By setting unique OUI prefixes for your topology you can help ensure
that duplicate MAC addresses will not be contending for network traffic if connected to a
physical network.
8.4.1.5 Maximum run time in seconds

You may use this field to limit how long this container is allowed to run. After the specified
number of seconds, the container will automatically shut off. This time limit is reset each time
the container is started. If you change the run time while your container is running you will get
the following message:
8.4.1.6 Sync Machine Clocks

You will use the date picker to select the date and time with the following format
(
YYYY-MM-DD HH:MM:SS).This is analogous to setting the BIOS clock of the machine. This
option will set the default time for all machines BIOS clocks.
Cypherpath, Inc. 51
8.4.1.7 Start machines at container start
Select this option to start all machines when the container is started. Otherwise, the container
will start without starting any machines, allowing you to selectively start machines.
8.4.1.8 Machines persistent by default

Select this option if you want newly-created machines data to persist after the container is shut
down. Uncheck it if you would prefer that machines do not persist by default. This affects all
new machines that are added to your container. Once a machine is added to the container its
persistence can be enabled or disabled as a property of the machine as well.
Note:
If you set persistence on for a machine, then take a snapshot of that machine, the snapshot will save
across restarts of the container. It will also be exported along with the rest of the topology if you export the
container. By using the persistence controls and container checkpoints, you can do this for the entire
container.
8.4.1.9 Enable Snap-To-Grid

Snap to grid allows users to drag and drop components to desired positions on the canvas
instead of using automatic layouts.
8.4.1.10 Background Grid

Background Grid will show a lined grid that can be used to easily position components
8.4.2 Automatic Layout Settings

The Automatic Layout Settings are where you can adjust the spacing, visibility, and density of
your components in the topology for your individual containers.
Cypherpath, Inc. 52
8.4.2.1 Component Spacing
Component spacing allows you to specify the radius spacing for each component type such as
machines and networks. Be sure the value entered is less than or equal to 3000.
8.4.2.2 Component Density

Component density allows you to specify the radius spacing for each component type such as
machines and networks. Be sure the value entered is less than or equal to 10.
8.4.3 Container Checkpoints
8.4.3.1 Add Checkpoint

To add a checkpoint, enter the name of your checkpoint into the text field then click the
Add
button. You will now see your checkpoint with a date and timestamp reflecting when it was
created.
Note:
As the checkpoint completes, the counter on that checkpoint within the Load and Delete Checkpoint
drop-downs will increment until completed.
8.4.3.2 Load Checkpoint

To load a checkpoint click on the drop-down arrow and choose your checkpoint from the list.
The checkpoint name will have information after it, which shows the number of machine states
that match the current container.
8.4.3.3 Delete Checkpoint

To delete a checkpoint click on the checkpoint you want to delete from the list. This will only
delete the machines state for that checkpoint, not the information on the actual machines.
Cypherpath, Inc. 53
8.4.4 Port Forward
8.4.4.1 Port forwarding

The ports forwarding section allows you to add and remove persistent TCP port forwards to
your container. Using this tool you can allow certain types of traffic to connect into your
container, without opening the entire container up to the general network.
Click the Ports tab and you will be presented with a list of your port forwarders. Each forwarder
will list the machine that it forwards to, the network that the traffic will be forwarded across,
and the port on that machine that is forwarded to. The "forwarder" is the port on the web server
that forwards traffic to the designated port on the designated machine.
When editing a particular machine, you can also forward a single port on that machine
temporarily. This is covered in
Section 8.5
titled Properties.
8.4.4.2 Adding a Port Forwarder

To add a new forwarder, click the drop-down arrows for the Select a Network and Select a
Machine. Once you have selected a machine to forward to, and a network that the machine is
connected to for traffic to traverse, enter the
Port number into the textbox and click the
Add
Forwarderbutton. You will now see your port forwarder added to the list of forwarders.
If your VCP Web server is at 10.10.1.1 and the Forwarder port is 37600, then your device must
be able to reach this IP address and port in order for this feature to function. (e.g.,
http://10.10.1.1:37600)
8.4.4.3 Removing a Port Forwarder

To remove a port forwarder, click the red X button located to the right of it. This will
immediately remove that forwarder from the list.
Cypherpath, Inc. 54
8.5 Component Properties
After you have clicked on a component in your topology view you can click the Properties

tab located to the right of your browser. After clicking this button, you will be presented with a
list of options you can modify for the selected component.
8.5.1 Machine Properties
Inside this dialog box, there are four tabs:

Machine,
Drives,
Interfaces, Advanced,which are
general properties for your machine. These options control the functionality for your machines.
Cypherpath, Inc. 55
8.5.1.1 Machine Tab
The machine's properties provide you with several tools that allow you to control the running
state of a machine. With these, you can start, stop, suspend, and resume a machine. Depending
on the machine's current state, only some of these buttons will be active.
8.5.1.1.1 Power On
Click this button to turn on your machine.
8.5.1.1.2 Stop (ACPI)

If the operating system supports ACPI, this will signal to it to perform a graceful shutdown. This is the
default option.
8.5.1.1.3 Stop (Kill)

This performs a hard power off, analogous to pulling the power cord of the machine.
8.5.1.1.4 Resume
Click this button to resume your machine from a suspended state.
8.5.1.1.5 Suspend
Click this button to suspend your machine. This pauses the machine's running state without shutting it
down. Once resumed, the machine will continue.
Note:
A machine that is suspended is still shut down completely when the container is stopped and
will not retain its condition when restarted but will instead reboot.
8.5.1.1.6 Connect
When a topology is running you can access the machines' desktops or consoles. To access a machine's
desktop, open the properties of that machine. In the machine tab click the
Connect button which will
connect you to the machine's console/desktop. Shortcut: If the machine is green on the topology, then
double-click on it to show the console/desktop.
Note:

The
Connect
button will not be active unless the machine is running.
8.5.1.1.7 Machine Name

The name of the machine which is auto-generated until specified by you. This allows rapid creation of
multiple components in the topology. The only valid characters that can be entered are uppercase,
lowercase, numbers, space, hyphens, and an underscore.
Cypherpath, Inc. 56
Optional description of what the machine is for, or any other short note about the machine youd like
to keep.
8.5.1.1.9 Number of CPUs

The number of virtual processors allocated to this machine. The default value for this is set, when you
create the machine, by the boot disk for the machine.
8.5.1.1.10 RAM
The amount of RAM in megabytes that will be allocated to the machine. The default value for this is
set, when you create the machine, by the boot disk for the machine.
The following properties define the order of booting, persistence, and role.
8.5.1.1.11 Boot Order

Specifies the level of priority the machine has during container start, with
1 being the highest. This is
useful for making sure a machine is available first before the other machines in the container boot. See
the Machine Properties section on Service Probes for information on how system services in the
guest OS can be used to influence boot ordering within a container.
8.5.1.1.12 Role
The role allows you to select your component to be labeled as a workstation, database, firewall, server,
Storage Device or router. These work as a machine template whose purpose is only for organization
within the topology. Assigning these roles to the uploaded image will display an icon specific to that
role when designing your container topology.
Note:
It is possible to have all machines set as workstations, regardless of actual machine usage.
The machine role is usually for organizational/informational and display purposes only. In the case
of routers the role will enable its interfaces to be selected as default gateways for connected
networks.
8.5.1.1.13 Persistent Disk Images

When toggled On , any changes to the machine will persist between stops and starts of the container. If
this toggled
Off
, any changes made within the machine will only last until the container is stopped.
Even when this is toggled On, the master image in storage from which the machine is hyper cloned will
not be written to. Only changes of the persistent image are stored. Updating the master image by
merging the clone to it is covered in the Machine Properties section on Drives.
8.5.1.1.14 Port/Forward Port

If you would like to forward a port to the machine temporarily so that the forwarded port will not be
available the next time the container is started, then you can use the
Forward port entry. Enter a port
number into the textbox and click the Forward port button. A new port will be opened on the server
running the Web Interface.
This will route all traffic through this port to the appropriate machine inside the container. Upon
successful port-forward creation, a message will appear indicating which port is now being forwarded
Cypherpath, Inc. 57
to the machine. This text box and button will not be active unless the container is running, and this
setting will only last until the container is shut down. If the machine has multiple network interfaces,
only the first will be used to forward.
Note:
If you would like port forwarding to persist between container restarts, then use the port
forwarding settings by clicking the
Container
button in your topology menu, then Settings, then
Ports
.
Port Forwarding Example

1. Select a machine in a running container that has SSH, or some other service running.
2. Under machine properties, enter the port number in the Forward Port text field (22
in the case of SSH).
3. Click on the Forward Port button. At the top of the screen, a message will appear
giving you the IP address and port number to which you can connect to your virtual
machine. For example, you may see Connect to 10.10.0.1 port 37743.
4. Using an SSH client, such as PuTTY, connect to 10.10.0.1 port 37743. Your network
traffic will be seamlessly redirected to port 22 on the virtual machine that was
selected in step 1.
Note:
Forwarded ports established from Machine Properties will timeout after 24 hours of receiving no
traffic.
8.5.1.2 Drives Tab

The drives tab of a machine's properties dialog lists all of the master disk images in use.
You can add, edit, and remove a machine's disk images from the drives tab. The drives
tab is not available for managed devices.
Cypherpath, Inc. 58
8.5.1.2.1 Add New Drive
Click the Add New Drive button and you will be presented with two drop-down boxes. Image allows
you to select your disk image from the drop-down list, which is populated by the master disk images
available in your disk image storage. Your second drop-down box is where you can select the
Bus
that
you would like to use for the disk image and then click the
Add
button.
8.5.1.2.2 Disk Image

To edit the properties of an existing disk image on your machine, click the name of the disk image you
want to edit from your
Image drop-down list. Your disk image name will now appear in the Image
label.
Use the to change the order by dragging it up and down. Additionally, you can use the Disk
Section 5.1 titled
Actions panel to perform multiple operations as well which is discussed further in
Disk Images.
8.5.1.2.3 Disk Bus

Disks are connected to machines via a virtualized disk bus. The default value for this is set, when you
create the machine, by the boot disk for the machine. The bus type can be set as one of the following
options:
IDE: This is an older disk bus that is no longer used, but has the most widespread operating system
support. Almost all operating systems will support IDE. Machines are limited to 4 IDE drives.
Serial ATA: The intended replacement for IDE, Serial ATA is faster than IDE and allows more
devices to be connected. Most new operating systems will support Serial ATA.
SCSI: SCSI is an older, largely superseded standard that was mainly used in servers. The model of
SCSI card virtualized is an LSI 53C895A, and operating systems may require special drivers to
support it.
USB: USB is typically used to attach external hard drives to a system. USB can be used to simulate
having a thumb drive or external drive and is widely supported. USB may be useful in order to
allow older operating system to get beyond the 4-drive limit imposed by IDE.
Virtio block: This is a specialized bus type that takes advantage of the fact that a virtual machine is
running to improve performance. It requires specialized drivers which are available natively under
Linux and FreeBSD.
Virtio SCSI: This is the successor to Virtio block, improving upon it. Only very recent Linux and
FreeBSD versions currently support Virtio SCSI.
Cypherpath, Inc. 59
8.5.1.2.4 Disk Actions
Save to Master: If you have made changes to a disk image by starting up the machine and making
alterations, you can save those changes to the master image so that all new machines using that
master image will make use of the changed image. To do this, you must either have the container
running and the machine stopped or you must have persistence checked on the machine and the
container stopped. You must also have booted the machine at least once. This option will not be
available on drives that use an image shared with you as their master image.
Once you have met these preconditions, you can save the changes by opening up the image to edit
and clicking the
Save to Master button. You will be presented with a message dialog box informing
you that this action will affect all other machines that use your master disk for your machine. Click
Yes
to continue saving your changes.
Note:
Any non-persistent machines that use the same master disk image will show the
changed disk image on their next boot. Persistent machines will continue to make use of the old
master image. In order for persistent machines to use the new master image, they must have
persistence turned off and the machine or container stopped and started again. Persistence
can then be turned back on.
Save to New Master:

This allows you to save the changes that youve made to the machine to a
new master disk image (created in your storage) as opposed to saving the changes to the current
base image.
Remove Disk From Machine: In the

Drives tab click the white
X
button. Once clicked you will get a
message pop-up. To continue removal click Yesand your disk will be removed.
8.5.1.2.5 Ejected CD-ROM

Initially, this device is a CD-ROM drive with no disc (ISO image) in it. Unlike disk images, when the
machine is running you are able to insert and eject images from the CD-ROM device. Be aware that
ISO images may be ejected while the OS is accessing it, so ensure that you eject or unmount the device
within the OS before ejecting the image from the machine properties menu.
8.5.1.2.6 CD-ROMs
Every new machine (created with the topology toolbox or the machine wizard) includes a CD Drive. If
the image used to create the machine is a CD-ROM, then the CD-ROM is inserted into that CD Drive.
If it is a regular image, then the CD Drive is left empty.
Cypherpath, Inc. 60
Click the Properties button located to the right of your browser then click
Advanced. Next to Boot
Device you will have a drop-down which allows you to choose the boot priority. If you select CD-ROM,
it will try to boot from the CD-ROM first, then from the Hard Disk. The reverse order is true if you
select Hard Drive.
8.5.1.2.7 Installing a new operating system from an ISO

The user interface allows you to use ISOs much like you would use a CD-ROM with a physical
computer. You can insert them into a CD Drive, eject them, and use them to install software and
operating systems . The following is a step-by-step tutorial on how to install a new operating system
from an ISO.
1. Navigate to the Storage tab, go to disk images, and click Add Disk Images.
2. Upload Disk under Create Mode is selected by default.
3. Give the ISO a name and browse for the ISO that you would like to install.
4. Click the Upload button to the right of your disk name. You will see your disk upload status.
Once it completes move onto the next step.
5. Select Create Disk under Create Mode. You need a new disk for the ISO to install its operating
system on in the machine.
6. Set the name (optional description) and Default Disk Settings for the new disk image that the
ISO will be installed onto.
7. Set a disk size that you want the machine to have and click the Createbutton.
8. Click the X button to close the window then click Leave Page button in the message box that
pops up and your disk will appear in your disk image list.
9. Create a new container (unless there is already one made).
10. Double-click the container name or single click the container name and click the View button
from the Container Actions panel.
11. Click the Toolbox button and click on a network and drag it to your topology.
12. Click and drag your newly created disk that now appears in the toolbox and drop it onto the
network.
13. Select the disk you just added to the network and click the Properties button to the right of
your browser.
14. Click Drives and then click the drive labeled <Ejected CD-ROM>.
15. Next to the Image label, click the drop-down bar and select the ISO that you first uploaded.
16. Click the Save button.
17. Start the container by clicking the blue Start
button in the topology menu.
18. Double-click the machine to continue the installation in the VM as you would with a physical
computer.
19. Once installation is complete you can power off the machine and select the disk image in the
machine's Properties . You can then click Save to Master button which will save the
installation to your master image.
At this point, the new master image may be dragged onto the topology and cloned as the basis for new
machines.
Cypherpath, Inc. 61
8.5.1.3 Interfaces
Here you will see a list of all the machine's interfaces. An interface is a network card that
is attached to networks in your container. You can add and remove the machine's
interfaces.
8.5.1.3.1 Add New Interface

Machines can have more than one network interface added to them. To add another
network interface to a machine, click on the machine in your topology, click the
Properties
button in your topology menu and click the
Interfaces
tab.
Next click the

Add New Interface button. You will then be presented with the Connect
Machine to Network box. Click on the drop-down arrow to see your list of networks.
Select the network to which the interface will be attached to, then click the blue
Add
button.
8.5.1.3.2 Removing Interfaces

Click on the machine you wish to remove an interface from. Click the
Interfaces
tab from
the
Properties
button and click on the
white
Xbutton.

Your interface options can also be edited by clicking on the interface currently assigned
to your machine. These options include IP Address, MAC Address, Network connected,
NIC Type, and the machines hostname.
Cypherpath, Inc. 62
8.5.1.3.3 IP Address
An Internet Protocol address is a numerical label assigned to each device participating in a computer
network that uses the Internet Protocol for communication.
8.5.1.3.4 IPv6 Address

A drop-down list used to display the IPv6 addresses that VCP has detected on this guest. One
link-local address configured through the attached network settings will be discovered, but statically
assigned addresses may not be reported.
8.5.1.3.5 MAC Address

A unique identifier
assigned to network interfaces
for communications on the physical network
segment.
8.5.1.3.6 Network
A telecommunications network that allows computers
to exchange
data. This value will reference a
network located within the same topology.
8.5.1.3.7 NIC Type

Network adapters can be provided within a guest machine (on a per NIC basis). The default value for
this is set, when you create the machine, by the boot disk for the machine.
Intel E1000 Gigabit - Intel's E1000 device is supported by most modern operating systems.
Windows XP does not include native support for E1000, however, so a different NIC should be
chosen for that operating system; AMD Pcnet32 is recommended.
Realtek RTL-8029 (NE2000 clone)

- An older card that is supported in many older operating
systems.
AMD Pcnet32 - As with the RTL-8029, this is an older card with support in many older operating
systems. This card should be used with Windows XP.
Cypherpath, Inc. 63
Linux Virtio - This is a card that attains high performance due to the fact that it has knowledge of
being inside a virtualized container. It is supported in newer versions of Linux and FreeBSD.
8.5.1.3.8 Use machine name as hostname

DHCP will send the machine name as the hostname.
8.5.1.4 Advanced
Under the advanced tab, you will have an additional set of tools that you can use to modify your
machine.
8.5.1.4.1 TCP Hardware Serial

Clicking this button sets up a connection between a TCP port and a serial port on the virtual machine.
This will be COM1 (or /dev/ttyS0 in Linux) in the virtual machine. The port is a TCP port on the web
server, so it can be connected to using either telnet or other TCP serial clients.
8.5.1.4.2 TCP Virtio Serial

Similar to the TCP Hardware Serial, except that it makes use of the virtio driver if supported by your
guest OS. The serial device it creates is a special device, /dev/vport0pn in Linux; for Windows the
appropriate virtio drivers must be installed.
8.5.1.4.3 Service Probes

Service Probes are used in conjunction with the boot order to ensure that certain machines are
running before others are started. This is accomplished by probing various network properties of the
machines; these include TCP, UDP, and Ping (ICMP echo request). Because VCP needs to know the IP
Cypherpath, Inc. 64
address of the machines it is probing, machines must be attached to non-physical networks that have
DHCP enabled.
VCP ensures that all machines at each boot order level are running and responding to service probes
before starting machines at the next boot order level. Machines can have multiple probes of multiple
types. In addition, each probe has a timeout value associated with it. If the probe does not receive a
response before the timeout is reached, it will give up and consider that probe to have been successful.
As soon as a probe succeeds (i.e., once it has determined that the specified service is up), it stops
probing.
For example, if a web server should be running before any other machines can be brought up, it should
be set to boot order 1 and a be given a TCP service probe on port 80.
Note: Because probing involves making a connection to the target machine, probes may appear in
service logs or traffic analysis tools, and will be unsuccessful if they are blocked by a firewall.
Probes will come from the IP address associated with the DHCP server provided by the network.
8.5.1.4.4 Add New TCP

TCP scanners are used to probe TCP ports. A TCP probe will attempt to connect to the specified port.
If the port is open, that particular TCP probe will consider the machine to be up.
Cypherpath, Inc. 65
8.5.1.4.5 Add New UDP:
Similar to TCP probes, UDP probes check whether specific UDP services are running. Unlike TCP,
arbitrary ports cannot be scanned due to the nature of UDP. Instead, specific service types can be
scanned for, and the UDP probe will consider the service up and running if it receives a reply to its
probe.
8.5.1.4.6 Add New Ping

Pinging is a way of determining whether a guest has network access. An ICMP echo request (also
known as a ping) is sent to the machine; if the ping request receives a reply, the ping probe considers
the machine to be up.
Cypherpath, Inc. 66
8.5.1.4.7 Machine Snapshots
A machine snapshot is the capture of a running machines RAM and hard drives current state. This
allows you to load a snapshot to the machines previous state. A snapshot can only be made when a
machine is running.
8.5.1.4.8 Tag
The Tag is used to label the snapshot taken of the machine.
8.5.1.4.9 Restore Snapshot

To restore your snapshot, select it in the drop-down menu and click restore.
8.5.1.4.10 Delete Snapshot

To delete a snapshot, select it in the drop-down menu and click delete.
8.5.1.4.11 Machine Clock
You will use the date picker to select the date and time. This is analogous to setting the BIOS clock of
the machine. If you use the date picker while the container is running you will get the following
message:
Cypherpath, Inc. 67
The following options are not available for Managed Storage and Router devices:
8.5.1.4.12 Boot Device

This determines what the machine will boot up with when it is started: the hard drive or the CD-ROM.
8.5.1.4.13 Boot menu timeout in seconds

The boot menu timeout determines how long the boot menu is displayed before the default boot entry
is loaded and is specified in seconds. A value of 0 disables the boot menu. The boot menu allows you to
boot from any disk on a machine.
8.5.1.4.14 CPU Type

The CPU Type allows you to select the type of CPU that the machine uses for compatibility purposes.
The default value for this is set when you create the machine by the boot disk for the machine.
8.5.1.4.15 Video Card

Video cards are provided/emulated within a guest machine (each guest only has one). The default
value for this is set, when you create the machine, by the boot disk for the machine.
8.5.2 Virtual Container Platform Managed Storage

Managed Storage can be accessed within a container by adding a Managed Storage device,
located in the Storage Devices drop-down to your topology. The Managed Storage device allows
files from general storage to be accessed directly within a container. If your administrator has
given you the ability to do so, a Managed Storage device allows files to be transferred in and out
of containers. Otherwise, a read-only Managed Storage device can be used to transfer files into
containers. Files can be copied from storage into container machines, and for non-read-only
devices, from guest machines into storage over the virtual network. The Managed Storage
device provides access via both NFS and SMB (Windows file sharing).
The NFS share is exported at /mnt/export on the Managed Storage device. For example, if a
Managed Storage instance has an IP address of 10.1.0.1, a typical Linux command to mount the
NFS share would look as follows:
mount -t nfs 10.1.0.1:/mnt/export /path/to/mount
The SMB share may show up automatically in the network sharing area in Windows with the
name Managed-Storage. If it does not, you can directly connect to it by specifying the folder
Cypherpath, Inc. 68
path as either \\Managed-Storage\storage or \\10.1.0.1\storage. Any file type can be uploaded
into the Managed Storage.
Note:
File ownership and permissions cannot be set on files in Managed Storage devices. All files will be
created with user 0 and group 0, and will be set to mode 644 (rw-r--r--) for files, or 755 (rwxr-xr-x) for
directories.
8.5.3 Network Properties

Inside this dialog box, there are three tabs:
Network, IPv4, and IPv6.
8.5.3.1 Network Tab
You can make changes to the general properties of the network until it is configured properly
for your needs. Once you have made your modifications you will need to click the blue Save
button at the bottom to save your changes.
8.5.3.1.1 Name
The name of the network is auto generated until specified by you. This allows rapid creation of
multiple components in the topology toolbox.
Optional description field for you to use to describe what the network is for.
8.5.3.1.3 Mode
Cypherpath, Inc. 69
The network mode determines if the network will behave as a switch or a hub. Switches directly pass
traffic between machines, while hubs broadcast traffic to all machines, forcing uninterested machines
to consider and drop irrelevant traffic. The switched mode should be used unless there are specific
requirements for the network.
8.5.3.1.4 Physical
Allows you to add the switch to a physical connection if the admin has provided you with that
permission. If you do not have permission you will only see the entry that says Do not attach. This is
equivalent to plugging a physical switch into this network. Any virtual machines attached to this
switch will have link-layer access to this network. This software switch acts similarly to a physical
switch, but does not currently support BPDU sharing and will not participate in Spanning Tree
Protocol if it is enabled on the physical network.
8.5.3.1.5 Tools
Under the tools header, a network replug can be requested. This causes all machines on the network
to have their cables unplugged for the specified amount of time, then plugged back in. Replugging a
container is a simulation of unplugging the network cable.
In many operating systems, this has the effect of forcing a re-acquisition of network properties, such
as IP address and routes. To request a replug, select the number of seconds (default is 15 seconds) to
unplug the network and then click on Replug. All machines on the network will be unplugged
immediately and then replugged after the specified amount of time.
Note: Different operating systems react differently to a cable replug. Some operating systems do
not consider a cable to have been replugged if it is plugged back in too quickly. The default value of
15 seconds should be safe for the majority of operating systems which support cable replugs.
Cypherpath, Inc. 70
8.5.3.2 IPv4 Tab
8.5.3.2.1 DHCP Enabled

If DHCP is enabled the network will provide a DHCP server, allowing it to serve IP addresses to
attached machines. Without DHCP, all VMs will have to statically assign IP addresses, or you may
upload and configure your own DHCP server.
8.5.3.2.2 DNS Enabled

If DNS is enabled the network will provide a DNS server. By default, it will map machine names (if they
are valid hostnames) to IP addresses. It is possible to specifically set a machines hostname (per
interface) in the Interfaces tab under each interface. The address of the DNS server will be provided to
clients via the DHCP server.
8.5.3.2.3 IP Address
The IP address of the network combined with the netmask provides the IP space of the network. The
provided IP address is also used to serve DHCP requests if DHCP is enabled.
8.5.3.2.4 Netmask
Combined with the IP address this provides the extent of the IP space. Machines added must fall in
this spacing.
8.5.3.2.5 Default Gateway

This is an optional default gateway that the network should use to route traffic. This only provides the
gateway address via DHCP and does not provide a gateway machine itself. Changing this value at
runtime will require that guest VMs renew their addresses in order to be informed of the gateway
change. This can be done on a per machine basis, or you may use the "Replug" command described in
Section 8.4

titled Properties.
Cypherpath, Inc. 71
8.5.3.2.6 Default Gateway Selector
The default gateway selector is populated with known router interfaces which are directly connected
to the selected network. You may select the desired router interface which will automatically populate
the Default Gateway field or you may manually enter an IP address into it. If you enter an IP address
that is not recognized as a router gateway, then the Default Gateway Selector will tag the IP address
as Unknown which indicates that you are managing this gateway and must ensure that the network
is properly configured in order for routing to behave as expected.
8.5.3.3 IPv6 Tab
8.5.3.3.1 SLAAC
This setting allows VCP to utilize Stateless Address Autoconfiguration. Guests attached to the
network with a valid IPv6 address configured, and a default IPv6 gateway configured which points to a
VCP router on the same network will have their attached network interfaces automatically configured
with a valid IPv6 address which resides on the same network prefix as the networks IPv6 address.
Guest operating systems must have IPv6 support as well as support for SLAAC. Disabling this feature
disables managed IPv6 support in VCP, which leaves you the flexibility to manage IPv6 features
yourself.
8.5.3.3.2 IPv6 Address

This is a numerical label that is used to identify a network
prefix of a guest interface participating in an
IPv6 computer network when SLAAC is enabled. The specific address will be used by VCP for
management purposes and should not be assigned to any other devices on the network.
8.5.3.3.3 Default IPv6 Gateway
This is an optional default gateway that the network should use to route IPv6 traffic. This setting
informs the platform of which router interface will send IPv6 Router Advertisement. Guests
Cypherpath, Inc. 72
configured for IPv6 will generally use this router as their IPv6 default gateway. This setting is only
available and valid if a VCP router is present on the network. Enabling SLAAC will cause the IPv6 VCP
gateway router to immediately advertise the IPv6 prefix which will cause guests supporting SLAAC to
configure their interface with an IPv6 address immediately. Disabling SLAAC may not immediately
disable IPv6 on the network due to guest OS configuration. Similarly, changing the IPv6 Default
Gateway may not immediately cause a guest to reconfigure their routing tables. It is suggested that
you use theReplug" command as described below.
Many operating systems will not reacquire network settings if the cable is unplugged for a short
period of time. A value of 15-30 seconds should be sufficient.
Warning:
When you attach a network to a physical connection, all machines attached to that
network are placed directly onto the physical connection. This is similar to attaching each of those
machines directly to the physical switch used by that particular network connection. In this case,
VCP will not provide any DHCP services to any of the interfaces that those machines have on that
network. You will need to either set their addresses statically within each operating system or
configure a DHCP server on your physical network to service them. This DHCP server may also be
a VM which you have configured within VCP. Additionally, port forwarding to machines via a
network that is attached to physical is disabled. This is because those machines are actually directly
on that network, so connections can be made directly to desired ports.
8.5.3.4 Routing Global Settings

VCP provides built-in routers which support a few common routing protocols. This router can
be found under the Managed Devices tab of the Toolbox menu. Only select protocols and
features are currently supported, but you are not limited from uploading your own router
images and managing your network topologies manually.
To access your router controls, click on your router in your topology then click the Properties
button located to the right of your browser. Under the Machine tab, you will be able to edit the
name of your router and provide a brief description. You can also change the number of CPUs
and RAM.
Cypherpath, Inc. 73
8.5.3.5 Deleting Routes
To delete a route click on the Properties tab then click on the interfaces tab. You will see a list of
all current routes. Click the white X on the routes you wish to delete.
8.5.3.6 Advanced
Under the Advanced tab, you will see a button labeled Manage Routing. Click the Manage
Routing button to open up the Routing Editor dialog box. The two main headers are Protocol
Redistribute Settings and Interface Protocol Settings.
Cypherpath, Inc. 74
8.5.3.7 Protocol Redistribute Settings
Generally, routing table distribution protocols will only advertise routes discovered via the
same protocol. Routes learned via OSPF will be shared with other routers running the OSPF
protocol, and similarly for each other protocol. The redistribute options tell the router to merge
routing table entries into advertisement which were learned by other means.
Under the OSPF redistribute setting if RIP is selected, then all routing table entries discovered
by RIP on this router will also be advertised by outgoing OSPF advertisements; similarly for
RIPng and OSPF6.
The Kernel option tells the router to bundle ALL routing table entries that the router knows
about into the selected protocol advertisements, regardless of how the router learned about the
routing entries. This includes directly connected networks.
The Connected options tell the router to bundle routes to directly connected interfaces into the
appropriate routing protocol advertisements. Routes to directly connected networks are
Cypherpath, Inc. 75
automatically entered into the router's routing table, but not automatically advertised to
neighboring routers.
8.5.3.7.1 IPv4 Default Gateway

Optionally sets the router's IPv4 default gateway. Packets that cannot be routed via any routing table
entries will be sent to the IP address specified here. This may also be useful when using NAT to
connect virtual containers to a physical network. In this case, the physical network gateway will need
to be specified here in order for packets to be properly routed through the physical network.
8.5.3.7.2 IPv6 Default Gateway

Optionally sets the IPv6 default gateway. Behavior is similar to the IPv4 Default Gateway setting but
is specific to IPv6.
8.5.3.7.3 RIP keychains

RIP keychains are an authentication mechanism that can be used to ensure that routers communicate
RIP routing table information only to trusted entities. When an interface is running the RIP protocol
you may select a keychain that is present in this setting. Adjacent routers must have an identical
keychain in order for the two interfaces to exchange their RIP routing table information. Keychain
names may differ, but all key and ID pairs must be identical. The authentication mode (Clear Text or
MD5) must also match.
8.5.3.8 Interface Protocol Settings
8.5.3.8.1 RIP (Routing Information Protocol) Versions 1 and 2

Auth Mode: Optionally sets the authentication mode that will be used when advertising RIP
routing tables to adjacent routers. The
Text option will transmit authentication data in clear text
while the MD5 option will hash authentication data. A valid RIP keychain must be selected along
with this option.
Keychain:
Selects a routers globally configured RIP keychain for authentication. A valid
Auth
Modemust be selected along with this option.
8.5.3.8.2 OSPF (Open Shortest Path First) Version 2

Area: Configures the OSPF area to which this interface belongs. Areas are identified by 32-bit
numbers, expressed either simply in decimal or in octet-based dot decimal notation familiar from
IPv4 address notation.
Stub: Configures this area to be an OSPF stub so that only type-3 LSAs are passed into the area.
Type-4 and type-5s LSAs will not be passed into such areas.
ABR:
Tells this interface to summarize intra-area routes into one type-3 summary-LSA when
announcing routes to other areas. Summarizing type-1, type-2, and type-5 LSAs is supported.
Type-7 is not supported.
Auth ID: Sets the authentication ID used for authenticating OSPF routing tables between
neighboring routers. A valid
Auth Text
must be configured along with this option.
Cypherpath, Inc. 76
Auth Text:
Sets the authentication text used for authentication OSPF routing tables between
neighboring routers. A valid
Auth ID
must be configured along with this option.
8.5.3.8.3 RIPng (RIP Next Generation) for IPv6

Only a minimal implementation of RIPng is currently supported by VCP. Only interfaces with RIPng
enabled will be shared with neighboring routers. No other options are supported.
8.5.3.8.4 OSPF6 (OSPF Version 3) for IPv6

Only a minimal implementation of OSPFv3 is currently supported. Interfaces with OSPF6 enabled will
be shared with neighboring routers, along with routes discovered via the appropriate OSPF6
redistribute options. No other options are supported.
8.5.3.8.5 NAT (Network Address Translation)

Enabling NAT on an interface makes this interface a private internal network that can establish a
connection through a specified outbound router interface. Packets coming into the network are only
allowed if they are part of a connection that was established inside the private network. You may
configure port forwarding if you would like to expose specific machines and ports to the external
network.
Once a router interface has been configured as an internal private network it cannot be selected as an
external NAT interface. NAT is only available to platform routers which have two network interfaces.
It is suggested that these interfaces not be configured for handling routing protocols such as RIP,
OSPF, etc since NAT router will likely filter such traffic.
NAT Internal:
Used to set the router to internal private network setting.
IPv4:
Enables IPv4 NAT, turning this router interface into an internal private network.
WARNING: By leaving IPv6 deselected, IPv6 packets will be routed according to other IPv6
network settings.
IPv6:
Enables IPv6 NAT, turning this router interface into an internal private network.
WARNING: By leaving IPv4 deselected, IPv4 packets will be routed according to other IPv4
network settings.
External Network: The externally facing end of the NAT pair. Interfaces that are part of an
internal NAT pair cannot be selected. If ports are forwarded into the internal network then
outside guests must use this interfaces IPv4 or IPv6 address as the destination in order to
establish a connection. In order for traffic to be routed beyond the external network, you will need
to ensure that a valid gateway is set in this routers default gateway settings.
8.5.3.8.6 NAT Port Forwarding

IP Address: The internal IPv4 or IPv6 address to which outside connections will be established.
Port forward entries for IP version which are not enabled will be ignored. For example, if IPv4
NAT is enabled and an IPv6 port forward is configured, then this port forward entry will persist
Cypherpath, Inc. 77
but be ignored until the IPv6 option is enabled. Note that in order to cross the router boundary
from the external network, packets will need to be destined to the external facing router
interface.
Protocol:
TCP or UDP may be selected for this port forwarding configuration.
Destination or Source:
You may choose to forward based on the source or destination port value.
Forwarding via the destination port is the most common configuration.
Original Port:
The incoming port number to be forwarded.
New Port: The outgoing (to the internal network) port value. This value may be the same as the
Original Port
number, but may be different if you intend to remap port numbers.
Cypherpath, Inc. 78
9 Profile
Your user profile can be accessed by clicking your username in the top right corner of your
browser. Once clicked you will be presented with a Profile Settings dialog box.
9.1 Profile Settings
Note:

Display Name & Email Address can only be changed by your administrator.
9.1.1 Changing your password

As a user, you can change your password using the following fields:
9.1.1.1 Current Password

Enter your current password in the text field.
9.1.1.2 New Password

Enter your new password in the text field.
9.1.1.3 Confirm Password

Re-enter your new password in the text field to confirm.
Cypherpath, Inc. 79
10 Notifications
The Notifications icon is located at the top right corner of your browser. If any new notifications
are added, a notification preview will tick down from the top and display information on the
navigation bar. After a short period of time, it will tick down into the Notifications panel. To view
your notifications, click the Notification icon. The Notification icon will inform you if you have
encountered an error, initiated an action, or currently have an action pending.
Once you have viewed the notifications, the number in the Notification icon will reset to zero
but your notifications will still be available for you to view. To clear the list of notifications click
the white
X
next to the notification shield. To close the panel click on the Notification icon.
The Notification panel messages are denoted by color when hovered over. Red indicates an
error has occurred. Green indicates an action is occurring or has successfully completed. Blue
indicates a general information message.
11 Support
If you need further assistance, please contact your system administrator.
Cypherpath, Inc. 80

VCPUserGuide-2 5

Cargado por

Información del documento

Título original

Derechos de autor

Formatos disponibles

Compartir este documento

Compartir o incrustar documentos

Opciones para compartir

¿Le pareció útil este documento?

¿Este contenido es inapropiado?

Copyright:

Formatos disponibles

VCPUserGuide-2 5

Cargado por

Copyright:

Formatos disponibles

VirtualContainerPlatform

Cypherpath provides on-demand IT infrastructure by running any infrastructure in secure

2.2 Intended Audience

2.3 Account Administration

3.2 Log Out

4.4 Top RAM Consumption

4.6 Most Accessed Containers

5.1 Disk Images

5.1.1 Create Disk Image

5.1.1.1.3 Disk Size

5.1.1.1.4 RAM (MB)

5.1.1.1.5 CPU Count

5.1.1.1.6 Disk Bus

5.1.1.1.7 NIC Type

Intel E1000 Gigabit

QEMU Virtual CPU

5.1.1.1.9 Video Card

VGA with VESA 2.0 VBE

5.1.1.1.10 Machine Role

5.1.2 Upload Disk Image

If you click the

5.1.2.1 Overwrite Existing

5.1.2.2 Disk Upload Status

5.1.3 Disk Actions Panel

5.1.3.1 Editing a Disk

5.1.3.2 Sharing a Disk

5.1.3.4 Downloading a Disk

Click Yes to delete your disk.

5.2 Managed Storage

5.2.1 Uploading a File

5.2.2 Downloading a File

5.2.3 Deleting a File

5.2.4 Moving a File

5.2.5.1 Adding a Folder

5.2.5.3 Browsing a Folder

5.2.5.4 Deleting a Folder

5.3 VPI Files

5.3.2 Downloading a VPI File

5.3.3 Importing a VPI File

5.3.4 Deleting a VPI File

6.1 Your Quota Usage

6.1.1 Committed RAM Usage:

6.1.2 Physical RAM Usage:

6.1.3 System RAM Usage:

6.1.5 All Containers

show this icon next to the container name.

6.1.6 Shared with Me

6.2.1 Container Name

6.2.2 Container Description

6.3 Default Display Settings

6.3.2 Component Spacing

6.3.3 Component Density

6.4 Container List

6.5 Container Actions Panel

6.5.2 Start/Stop a Container

6.5.3 View a Container

6.5.4 Rename a Container

6.5.5 Sharing a Container

6.5.6 Sharing your container with a user

6.5.7 Sharing your container with a group

6.5.9 Revoking shared access to groups

6.5.10 Copy a Container

6.5.12 Deleting a Container