start gcloud compute start-iap-tunnel firstname-lastname-pam-ww 3389 --local-host-port=localhost:3390 --zone=us-east4-c --project=ggn-nmfs-pamdata-prod-1 && timeout 5 && mstsc /v:localhost:3390PAM Windows Workstation
Accessing/Updating PAM windows workstation
- Links to template issues for automation
- Name, affiliation, reason for PAM-ww, key software needs, auto assign to Sofie, Dan, Becca
PAMDATA Windows Workstation User Guide
Provision
Ask Sofie/Becca/Dan for an instance.
Configure gcloud
All steps in this section only needs to be done once for each computer you want to access the pam-ww from.
To connect to a remote workstation, you have to install software on your primary physical computer. The next steps in this section assume you’re using Windows, alternatives exist for Mac and Linux.
Make sure you have Google Cloud SDK installed on your primary physical computer. In the section titled “Installing the latest gcloud CLI version”, select your personal computer operating system and follow the steps to configure the client software.
Open the terminal (Command Prompt on windows, can use other shells on other OS as long as it works with gcloud) and enter “gcloud auth login”. This will take you to a browser to login with your email password or two-step verification to configure your user credential with gcloud.
The authentication will be successful if you can type in a command line ‘gcloud auth list’ and it returns your NOAA email address.
- If asked to pick a cloud project, enter the number associated with ggn-nmfs-pamdata-prod-1
Open the VM instances list here to identify the name of your personal windows workstation. The default naming convention is “firstname-lastname-pam-ww”.
Connect
Prior to connecting, ensure that the workstation is in an ‘on’ state. You can navigate to the link here to see the workstation state and turn it on/off in the browser.
Find the instance containing your name, click on the hamburger menu on the right of the row representing that instance, and select ‘on’. This is also how you turn it off.
Note
Please keep the instance off when not in use, for instance at the end of your workday if you are actively using it. Leaving it on for long periods unnecessarily incurs unneeded cost.
Remote Desktop Connection
Built-in windows RDP client, usually preinstalled
- Open up the Windows Command Prompt if on windows.
- Enter the below line of code into the command line to log in as a user. The pattern is [firstname]-[lastname]-pam-ww. It will match the name of the workstation, which you can reference in the link to the pam-ww management page. For example, for user “rebecca.vanhoeck@noaa.gov”, you would enter in cmd:
Change the above code to match your username.
Enter the code. When prompted, enter pam_user for user, do not supply a password, and hit enter. Accept any warnings that look reasonable. Remote desktop connection will supply the correct username on subsequent logins
Note
Some users report issues associated with connecting with the above command. If you have similar issues, try running in cmd with:
gcloud compute start-iap-tunnel rebecca-vanhoeck-pam-ww 3389 –local-host-port=localhost:3390 –zone=us-east4-c –project=ggn-nmfs-pamdata-prod-1
Like above, change the above code to match your username. Then, leaving the terminal window running, navigate to “remote desktop connection” application, and enter in localhost:3390. Like with above, supply the username as pam_user and no password.
For even quicker logins, you can copy the code into a text file, rename to make it have a .bat extension instead of .txt extension (if your primary physical computer is Windows), and then double click it. The code will run in the cmd line when you double click it, so you don’t have to open cmd prompt and copy paste the code in each time.
Upgrade
The pam-ww template image is upgraded in a versioned manner to fix bugs and add new features and software. Currently the default support model is just to replace pam-ww when upgrades are needed. Be aware that upgrading will wipe out your local files on the instance as well as any customized software you or admins have installed on your particular instance.If you’d like a newer build of the pam-ww, request an upgrade from daniel.woodrich@noaa.gov. You can, and it is in fact preferred, to delete your own pam-ww in advance prior to requesting an upgrade to the latest version.
If there are specific software you’d like installed on your workstation, ask daniel.woodrich@noaa.gov to remote into your instance and install the software on your behalf. In some cases software needs admin privileges as well as personal license credentials with the service (such as MATLAB), in these cases we will set up a shared session to install together.
Sometimes it is not clear if you need an update, since you may be unsure which version you are on and what features or changes have been made in successive versions. The next steps are to check your current image and determine which features have been added which can help you decide if you’d like an update.
Check your current image
You can see the current version of your pam-ww by going to the homepage, clicking on the name of your pam-ww (with the name of your pam-ww)
The text under the ‘image’ field indicates the current version of your pam-ww. The pam-ww image name is between the text “pww-disa” and “hardened…”, in this case, “beta-3”. You can cross reference this with the following documents that track the changes. Both are organized in consecutive order where the last entry represents the most recent available version.
Note
We are currently working on github based process to formalize provisioning and updating processes and hope to make this aspect of the pam-ww increasingly streamlined.