Volume Configuration and SFTP

Configure remote access settings and connect to volumes via SFTP.

Volume Configuration

To access your containers volume configuration settings:

  1. Click the Environments tab on the navigation menu to the left.
  2. Select the environment the container you want to modify is in.
  3. Click the Containers tab under the environment name.
  4. Select the container from the list.
  5. Click the Volumes tab under the container name.

This page allows you to configure the following volume settings.

Enable Remote Access

As stated above, in order to remotely access your volume the remote access setting on your volume must be enabled. This is done on a per-volume basis for extra security.

Remote Access Password

If you do not plan on using an access control list (ACL) to authenticate, you will need to set a general password for remote access. Any remote connection will be able to authenticate if they know the username/password combination, so we strongly recommend leaving this as "none" and instead set authorized IPs.

There are 3 types of passwords you can use:

  • Raw - Cycle will use the password exactly as you type it in. When accessing an instance volume, you will type the same password into your SFTP client that you have set in this box.
  • SHA512 - A hashed version of your password. Run your password through a SHA512 generator, and paste the hash into the field. It is not recommended to use an online SHA512 hash generator, since the purpose of this type of password is that it is not sent insecurely or stored by Cycle. When authenticating with your SFTP client, you will use your original, unhashed password to log in.
  • MD5 - Another type of hashed password, this one will not be as secure as SHA512, and is not recommended, but Cycle will support it.
It is recommended to use a SHA512 hash for your password.

Remote Access Authorized IPs

The ACL can be used in conjunction with a general access password, but this is not recommended.

The best way to ensure secure access to your volumes is by authorizing specific IPs that are allowed to connect. Look for the form field marked Authorized IPS, there you can fill in a whitelist of approved IP's.

Once your volume is configured, hit "Save & Restart" to update your volume settings.

Updating the volume configuration of a running container will cause it to restart!

Updating Settings

At this time we do not allow you to change the size of your volume after it has been created.

After navigating to the volume settings you can change many of the options including read-only status, password type and value, webhook informaiton, and authorized IPs. Be sure to click Save Volumes to save any changes you make to the volumes configuration.

Updating the volume configuration of a running container will cause it to restart!

Enable Remote Access & SFTP

SFTP is file transfer over a shell session. When enabled, Cycle creates an endpoint on your server that allows you to manage files in your instance volumes, regardless of whether they are public, private, started or stopped.

Each instance of your container will have its own credentials. You can find those credentials on the instance dashboard.

To find the SFTP login information associated with an instance:

  1. Click the Environments tab on the navigation menu to the left.
  2. Select the environment the container instance you want to access is in.
  3. Click the Containers tab under the environment name.
  4. Select the container from the list.
  5. Click the Instances tab under the container name.
  6. Select the specific instance you want to view from the list.

One thing you might notice in this image is the volume size. It says 925MB as the maximum. This is due to the need for an index on each volume that communicates with the underlying OS and says where things are. So in this case a 1GB volume becomes a 925MB volume to accommodate the index.

Viewing Connection Information

If you've enabled remote access enabled, there will be a a button called SFTP Details will appear on the table. Click it to open a modal containing the remote access information.

In the bottom right of the modal, you'll see the button "Open in SFTP Application". Click this button to automatically launch an SFTP program installed on your computer (such as FileZilla). If your password type is set to "Raw", you will automatically be logged in! For other password types, your SFTP client will most likely ask you for a password. Be sure to enter your actual, non-hashed password.

If your computer is not set up with a default SFTP application, simply copy and paste the values from the modal into your FTP client.

Further Reading

For more detailed information about remotely accessing your containers, check out this blog post or the container FAQ.

It's important to note that Cycle does NOT install SFTP into your container, or modify it in any way. A secure socket connection is created between CycleOS on your servers, and the central Cycle platform. The central platform creates an SFTP endpoint that your client connects to, ensuring no unnecessary security vulnerabilities are created.

Need Help?

If you've got questions about the platform or need some help getting started, our team is more than happy to assist. Whether you're new to containers or just new to Cycle, reach out to us via livechat by clicking the blue circle in the bottom right corner. Join our Slack channel, and get help from the dev team or other members of the community, and check out our Roadmap to see what's planned for the future!