- Rahti container cloud service ("Rahti"): a cloud platform that can be used by Users to run their own User Applications.
- Rahti User ("User"): a user of Rahti.
- User Application: an application running in Rahti managed by one or more Users. Some of these applications can be used to provide a service for one or more End Users.
- End User: a user of a User Application that is hosted in Rahti. An End User may also be a Rahti User.
- User Content ("Content"): any data uploaded to Rahti or created using Rahti either by Users or End Users. This includes but is not limited to container images, snapshots, data on persistent volumes and data on any filesystem used by a User Application.
Providing services to End Users from Rahti
- Users are reminded that Rahti must only be used for the purpose agreed on in their User/Resource application or other agreement concerning the use of Rahti.
- Rahti can only be used to provide User Applications for academic research and higher education by Finnish universities, polytechnics and state research institutes, unless agreed otherwise.
Access for 3rd party technical assistance and support
Rahti Users may request additional CSC user accounts for technical specialists to operate, manage or configure their resources if it assists with the agreed purpose of the project.
- User Applications launched by Users in Rahti can be directly connected to the Internet. The User is responsible for the security of their User Applications.
- Users are responsible for managing their access control lists, user accounts and all other access control methods.
- Users are responsible for maintaining application security within the User Applications they host in Rahti. We recommend applying all applicable security updates automatically or otherwise at regular and well managed intervals.
Content and data management responsibilities
- Most Content is not backed up and it is the Users' responsibility to manage their own Content.
- The places where Users or End Users can store Content including persistent volumes, container file systems and local storage are not backed up. It is the Users' responsibility to make backups of Content as needed.
- The configuration of the Rahti service itself and metadata on resources created in Rahti are backed up in such a way that we can restore Rahti in case of failures.
Access to User Content
For Rahti this means that:
- Scanning of container images for prohibited applications.
- Scanning the User Applications running within Rahti.
- CSC has the right to do passive network monitoring for intrusion detection (IDS) purposes. This monitoring can occur without suspicion of intrusion.
- Users are reminded to consider the design and reliability of Rahti and plan accordingly.
- As with any cloud service, User Applications in Rahti and their data can be lost or corrupted due to hardware failure, system error, administrator error or user errors.
This document was last updated 30.4.2019