# MacStadium Docs ## Docs - [AWS-to-MacStadium VPN networking setup](https://docs.macstadium.com/iaas/aws/aws-networking-setup.md): Configure an IPsec site-to-site VPN between Amazon VPC and MacStadium. Covers customer gateway, virtual private gateway, VPN connection, and traffic rules. - [AWS-to-MacStadium VPN troubleshooting](https://docs.macstadium.com/iaas/aws/aws-troubleshooting.md): If you encounter any issues during or after the configuration of your site-to-site VPN connection between AWS and MacStadium, check this list of common. - [AWS VPN Config for Cisco ASA/ASAv](https://docs.macstadium.com/iaas/aws/aws-vpn-config-for-cisco-asaasav.md): Complete an AWS-MacStadium site-to-site VPN by configuring your Cisco ASA/ASAv. Download and fill in the Amazon-generated config file, then apply it. - [Site-To-Site VPN Configuration with AWS](https://docs.macstadium.com/iaas/aws/site-to-site-vpn-configuration-with-aws.md): Configure a site-to-site IPsec VPN between AWS and MacStadium with Cisco ASA TCP State Bypass for HA VPN and BGP routing scenarios. - [Verify your AWS-to-MacStadium VPN connection](https://docs.macstadium.com/iaas/aws/verify-aws.md): Verify your AWS-to-MacStadium site-to-site VPN is working by checking ISAKMP and IPsec security associations in Cisco ASDM-IDM using show crypto commands. - [Azure Networking Setup](https://docs.macstadium.com/iaas/azure/azure-networking-setup.md): Set up a policy-based IPsec VPN between Azure and MacStadium. Covers virtual network gateway, local network gateway, and connection configuration. - [Azure Troubleshooting](https://docs.macstadium.com/iaas/azure/azure-troubleshooting.md): If you encounter any issues during or after the configuration of your site-to-site VPN connection between Microsoft Azure and MacStadium, check this list. - [Azure VPN Config for Cisco ASA/ASAv](https://docs.macstadium.com/iaas/azure/azure-vpn-config-for-cisco-asaasav.md): Configure your Cisco ASA/ASAv to complete an Azure-MacStadium VPN. A config template with placeholders for Azure and MacStadium network values is provided. - [Site-to-Site VPN Configuration with Azure](https://docs.macstadium.com/iaas/azure/site-to-site-vpn-configuration-with-azure.md): Configure an IPsec site-to-site VPN between Azure and the MacStadium Cisco ASA firewall. Covers Active/Standby and Active/Active modes with BGP routing. - [Verify your Azure-to-MacStadium VPN connection](https://docs.macstadium.com/iaas/azure/verify-azure.md): Verify your Azure-MacStadium site-to-site VPN tunnel using the Cisco ASDM-IDM CLI. Checks ISAKMP security associations to confirm the tunnel is active. - [Disabling Activation Lock and Find My on Mac](https://docs.macstadium.com/iaas/bare-metal-macs/2018-mac-mini-deactivation-process.md): Turn off Find My, remove Activation Lock, and sign out of your Apple Account before returning a rented Mac to MacStadium. Required to avoid extra charges. - [MacStadium bare metal Mac host options](https://docs.macstadium.com/iaas/bare-metal-macs/bare-metal-hosts.md): MacStadium bare metal Mac options: Mac mini and Mac Studio available now, Mac Pro via custom order. Links to benchmarks, tools, and configuration guides. - [Common macOS CI/CD tools for MacStadium](https://docs.macstadium.com/iaas/bare-metal-macs/common-tools.md): Essential tools for macOS CI/CD on MacStadium: Xcode via Xcodes.app or direct download, Homebrew, fastlane, CocoaPods, and Apple ID setup best practices. - [Connecting to your Mac for the first time](https://docs.macstadium.com/iaas/bare-metal-macs/connecting-to-your-mac-for-the-first-time.md): Just got your MacStadium installation ticket? Connect via macOS Screen Sharing, a VNC client, or SSH using the credentials from your ticket. - [MacStadium Bare Metal Mac Benchmarks](https://docs.macstadium.com/iaas/bare-metal-macs/macstadium-bare-metal-mac-benchmarks.md): Benchmark results for MacStadium Mac hosts: XcodeBenchmark, Geekbench 6, and Cinebench R23 scores with multipliers to help choose the right Mac for CI/CD. - [Allowing Specific IPs to Access MacStadium via Internet](https://docs.macstadium.com/iaas/cisco-firewalls/allowing-specific-ips-to-access-macstadium-via-internet.md): Configure Static NAT and ACL rules on a Cisco ASA firewall to allow specific external IP addresses to access MacStadium hosts on the private network. - [Backup and Restore Firewall Config using ASDM](https://docs.macstadium.com/iaas/cisco-firewalls/backup-and-restore-firewall-config-using-asdm.md): This process outlines how to backup and restore a configuration by executing line by line changes, while using a graphical user interface. - [Changing the VPN & Firewall Password](https://docs.macstadium.com/iaas/cisco-firewalls/changing-the-vpn-firewall-password.md): Change your initial Cisco ASA/ASAv firewall and VPN password using the Cisco ASDM-IDM interface. Credentials for the change are in your MacStadium IP Plan. - [Checking the Firewall Version](https://docs.macstadium.com/iaas/cisco-firewalls/checking-the-firewall-version.md): Find your Cisco ASA/ASAv software version and device model in ASDM-IDM or the CLI. Needed before downloading VPN configs or filing a support ticket. - [Creating Local User Accounts on a Cisco ASA](https://docs.macstadium.com/iaas/cisco-firewalls/creating-local-user-accounts-on-a-cisco-asa.md): Create local user accounts on a MacStadium Cisco ASA firewall using the CLI or ASDM. Used to manage VPN access via Cisco AnyConnect for specific users. - [Firewall Change Request Form](https://docs.macstadium.com/iaas/cisco-firewalls/firewall-change-request-form.md): Download the MacStadium Firewall Change Request Form (Word doc) and submit to the support team to request Cisco ASA/ASAv firewall configuration changes. - [Logging into Cisco Firewall](https://docs.macstadium.com/iaas/cisco-firewalls/logging-into-cisco-firewall.md): Log into your MacStadium Cisco ASAv via ASDM-IDM. Prerequisites: Java installed, active VPN, and credentials from the MISC sheet in your IP Plan. - [Managing Cisco ASA firewall interfaces via ASDM](https://docs.macstadium.com/iaas/cisco-firewalls/managing-interfaces.md): View and configure Cisco ASA firewall interfaces using the ASDM graphical management tool. Access settings via Configuration, Device Setup, and Interfaces. - [Network Firewalls Cloud Connect VPN](https://docs.macstadium.com/iaas/cisco-firewalls/network-firewalls-cloud-connect-vpn.md): Connect to your MacStadium Orka cluster via Cisco ASAv VPN with OpenConnect or Cisco AnyConnect. Requires server address and credentials from your IP Plan. - [Network Firewalls Configuration](https://docs.macstadium.com/iaas/cisco-firewalls/network-firewalls-configuration.md): Overview of the MacStadium Cisco ASAv firewall: admin root access, available configuration options, and how to request changes via the Customer Portal. - [Network Firewalls for CI Build Node: Ansible](https://docs.macstadium.com/iaas/cisco-firewalls/network-firewalls-for-ci-build-node-ansible.md): Set up a macOS CI build node with the MacStadium Ansible playbook. Installs Homebrew, Xcode, fastlane, CocoaPods, and optionally Java for Jenkins. - [Network Firewalls for CI Build Node: Homebrew](https://docs.macstadium.com/iaas/cisco-firewalls/network-firewalls-for-ci-build-node-homebrew.md): Set up a macOS CI build node on MacStadium with Homebrew: install Ruby, fastlane, CocoaPods, and Xcode, with bot user best practices for iOS builds. - [Network Firewalls Mac Mini Connect](https://docs.macstadium.com/iaas/cisco-firewalls/network-firewalls-mac-mini-connect.md): Connect to a firewall-protected Mac mini via Screen Sharing, VNC, or SSH. Find MacStadium Portal credentials and connect from macOS or Windows. - [Network Firewalls: Overview](https://docs.macstadium.com/iaas/cisco-firewalls/network-firewalls-overview.md): MacStadium offers a variety of Cisco(R) firewalls to protect the cloud environment. The portfolio includes several physical and virtual appliance choices. - [Network Onboarding Form](https://docs.macstadium.com/iaas/cisco-firewalls/network-onboarding-form.md): The Network Onboarding Form collects the network provisioning details our platform team needs to configure access to your MacStadium cloud environment. - [Prepare the VPN Configuration for Input into Cisco ASA/ASAv](https://docs.macstadium.com/iaas/cisco-firewalls/prepare-the-vpn-configuration-for-input-into-cisco-asaasav.md): Hub for MacStadium Cisco ASA/ASAv VPN setup: links to the IP Plan, VPN connection guide, SSH access, firewall login, and site-to-site VPN config articles. - [Connect third-party clouds to MacStadium](https://docs.macstadium.com/iaas/connecting-to-other-clouds/other-clouds.md): Connect AWS, Azure, GCP, or a private cloud to MacStadium via IPsec site-to-site VPN. Covers shared files, cloud infrastructure, and hybrid CI/CD setups. - [Private Cloud Networking Setup](https://docs.macstadium.com/iaas/connecting-to-other-clouds/private-cloud-networking-setup.md): Connect your private cloud to MacStadium via IPsec site-to-site VPN: Cisco ASA/ASAv NAT exemption, access-list rules, and crypto map configuration. - [Site-to-Site VPN Config](https://docs.macstadium.com/iaas/connecting-to-other-clouds/site-to-site-vpn-config.md): Apply a prepared VPN config to the MacStadium Cisco ASA/ASAv via ASDM-IDM. Final step after configuring the cloud side and preparing the ASA config. - [GCP-to-MacStadium VPN troubleshooting](https://docs.macstadium.com/iaas/google-cloud-platform/gcp-troubleshooting.md): If you encounter any issues during or after the configuration of your site-to-site VPN connection between Google Cloud Platform (GCP) and MacStadium. - [GCP VPN Config for Cisco ASA/ASAv](https://docs.macstadium.com/iaas/google-cloud-platform/gcp-vpn-config-for-cisco-asaasav.md): Configure your Cisco ASA/ASAv for a GCP-MacStadium VPN using the provided template. Fill in GCP and MacStadium network values, then apply the config. - [Google Cloud Networking Setup](https://docs.macstadium.com/iaas/google-cloud-platform/google-cloud-networking-setup.md): To establish a stable, persistent connection between a Google Cloud Platform (GCP) private cloud and your MacStadium private cloud, you need to configure. - [Site-to-Site VPN Configuration with GCP](https://docs.macstadium.com/iaas/google-cloud-platform/site-to-site-vpn-configuration-with-gcp.md): The goal of this documentation is to update the Site-to-Site VPN configuration with GCP and add specific configuration details for the ASA feature TCP. - [Verify your GCP-to-MacStadium VPN connection](https://docs.macstadium.com/iaas/google-cloud-platform/verify-gcp.md): Verify a GCP-MacStadium VPN using the Cisco ASDM-IDM CLI. Checks ISAKMP security associations to confirm the tunnel is active after configuration. - [Can I change the OS on my server from macOS to Linux?](https://docs.macstadium.com/iaas/iaas-faqs/can-i-change-the-os-on-my-server-from-macos-to-linux.md): Mac servers at MacStadium run macOS and cannot be converted to Linux. For Linux or Windows workloads, MacStadium recommends Private Cloud x86 VMs instead. - [Root and admin access on MacStadium Mac servers](https://docs.macstadium.com/iaas/iaas-faqs/do-i-have-root-and-admin-access-to-subscription-based-mac-servers.md): MacStadium provides admin access on every macOS subscription with SSH and VNC enabled by default. Full system control, subject to the Terms of Service. - [MacStadium REST API for server management](https://docs.macstadium.com/iaas/iaas-faqs/macstadium-api.md): Automate MacStadium server management via REST API at api.macstadium.com. Use HTTP Basic or Bearer token auth to list servers, reboot, and query status. - [Hard reboot a MacStadium Mac from the portal](https://docs.macstadium.com/iaas/iaas-faqs/reboot-your-mac.md): Mac not responding and SSH is down? Use Hard Reboot in the MacStadium portal. Includes Energy Saver settings so the Mac comes back online automatically. - [Troubleshooting Connectivity Issues](https://docs.macstadium.com/iaas/iaas-faqs/troubleshooting-connectivity-issues.md): Can't connect to your MacStadium device? Self-service guide: run a traceroute to find where the connection breaks, then check VPN and firewall settings. - [Data Center Locations](https://docs.macstadium.com/iaas/iaas-overview/data-center-locations.md): MacStadium data centers in Atlanta, Las Vegas, and Dublin. Test IP addresses are provided to measure latency from your location before choosing a region. - [Infrastructure as a Service (IaaS)](https://docs.macstadium.com/iaas/iaas-overview/infrastructure-as-a-service-iaas.md): MacStadium IaaS: bare metal Mac access across data centers in Las Vegas, Atlanta, and Dublin. SOC 1/2/3 and ISO 27001/27017/27018 certified infrastructure. - [MacStadium IaaS networking overview](https://docs.macstadium.com/iaas/networking/networking-overview.md): Overview of MacStadium IaaS networking: VPN access, site-to-site tunnels to AWS, Azure, and GCP, custom domains, firewall config, and IP Plan resources. - [Private Cloud Network Attached Storage](https://docs.macstadium.com/iaas/storage/private-cloud-network-attached-storage.md): Create and manage a NAS virtual machine in MacStadium Private Cloud to share storage across VMs and machines on your private network. - [Private Cloud VM restorable snapshots](https://docs.macstadium.com/iaas/storage/restorable-snapshots.md): Create and restore point-in-time snapshots of MacStadium Private Cloud VMs or entire instances. Supports both scheduled and on-demand snapshot management. - [Creating a New VM Manually](https://docs.macstadium.com/iaas/x86-vms-private-cloud-vms/creating-a-new-vm-manually.md): Create a Private Cloud VM manually using an uploaded ISO. Used for OS versions not available as recipes. More effort than recipe-based deployment. - [Creating a New VM with a Recipe](https://docs.macstadium.com/iaas/x86-vms-private-cloud-vms/creating-a-new-vm-with-a-recipe.md): Create a Private Cloud VM from a MacStadium recipe: a template that pre-configures OS, apps, network, and storage. Recommended over manual VM creation. - [Manual Windows Installation](https://docs.macstadium.com/iaas/x86-vms-private-cloud-vms/manual-windows-installation.md): Windows does not include Virtio drivers by default. These drivers need to be installed from a mounted disk during Windows installation. - [Private Cloud x86 VMs](https://docs.macstadium.com/iaas/x86-vms-private-cloud-vms/private-cloud-x86-vms.md): Provision Windows and Linux x86 VMs on MacStadium Private Cloud with reserved vCPU, RAM, and storage. Managed via the Machines Dashboard. - [VM Creation and OS Installation](https://docs.macstadium.com/iaas/x86-vms-private-cloud-vms/vm-creation-and-os-installation.md): How to create a new VM manually in MacStadium Private Cloud: configure VM settings, attach an ISO, set a static IP, and install the OS via console. - [Windows 2022 Installation](https://docs.macstadium.com/iaas/x86-vms-private-cloud-vms/windows-2022-installation.md): Install Windows 2022 on MacStadium Private Cloud. Recipes handle ISO download and driver setup automatically; manual installation is also documented. - [Add a new user to your MacStadium account](https://docs.macstadium.com/macstadium/account-management-and-saml/add-a-new-user.md): Invite team members to your MacStadium account, assign roles, and manage user-specific permissions from the MacStadium Portal's account management settings. - [Enable SAML SSO with Azure Active Directory](https://docs.macstadium.com/macstadium/account-management-and-saml/enable-saml-sso-with-azure-active-directory.md): Admin: set up SAML SSO for MacStadium Portal via Azure AD. Create an enterprise app, configure SAML settings, and share metadata with the MacStadium team. - [Enable SAML SSO with Google Workspace Federation](https://docs.macstadium.com/macstadium/account-management-and-saml/enable-saml-sso-with-google-workspace-federation.md): Configure SAML SSO for MacStadium Portal via Google Workspace. Create a custom SAML app in Google Admin, download metadata, and send it to MacStadium. - [Enable SAML SSO with Okta](https://docs.macstadium.com/macstadium/account-management-and-saml/enable-saml-sso-with-okta.md): Admin: configure SAML SSO for MacStadium Portal via Okta. Save the MacStadium certificate, configure the Okta app, and log in at portal.macstadium.com/sso. - [First-Time SSO Login to MacStadium Portal](https://docs.macstadium.com/macstadium/account-management-and-saml/first-time-sso-login-to-macstadium-portal.md): SSO login to the MacStadium portal with Okta, Azure AD, or Google Workspace. Your account admin must enable SSO before you can follow these steps. - [SAML single sign-on for MacStadium accounts](https://docs.macstadium.com/macstadium/account-management-and-saml/saml-sso.md): Set up SAML SSO for your MacStadium organization to manage user authentication and access through your identity provider. Supports Okta, Azure AD, and Google. - [Troubleshooting Credential Issues](https://docs.macstadium.com/macstadium/account-management-and-saml/troubleshooting-credential-issues.md): Fix MacStadium Portal and service credential issues: verify your email, reset your password, or find server credentials in the Portal under Services. - [Two-Factor Authentication (2FA)](https://docs.macstadium.com/macstadium/account-management-and-saml/two-factor-authentication-2fa.md): MacStadium offers the ability for customers to enable two-factor authentication (2FA) when logging into portal.macstadium.com. Two-factor authentication. - [Access and download MacStadium invoices](https://docs.macstadium.com/macstadium/billing/accessing-invoices.md): Access PDF invoices for each MacStadium subscription in the MacStadium Portal under the Billing tab. Contact billing to consolidate multiple statements. - [Canceling a MacStadium Subscription](https://docs.macstadium.com/macstadium/billing/canceling-a-macstadium-subscription.md): How to cancel your MacStadium subscription: click Cancel Service in the portal. Servers go offline within 24 hours, no refund for the current period. - [Fix a declined credit card on MacStadium](https://docs.macstadium.com/macstadium/billing/credit-card-declined.md): MacStadium uses fraud protection that may flag legitimate transactions. If your card is blocked at signup, contact support to process your order manually. - [MacStadium vendor onboarding and management](https://docs.macstadium.com/macstadium/billing/vendor-management.md): Complete vendor onboarding for MacStadium by filling out the Zip vendor profile form and submitting it to the billing and legal teams for approval processing. - [Acceptable Use Policy](https://docs.macstadium.com/macstadium/legal-and-compliance/acceptable-use-policy.md): MacStadium Acceptable Use Policy (Exhibit B of the MSSA): prohibited actions and restrictions governing customer use of all MacStadium services. - [Copyright and Trademark Policy](https://docs.macstadium.com/macstadium/legal-and-compliance/copyright-and-trademark-policy.md): MacStadium copyright and trademark policy: how to submit DMCA notices, report trademark infringement, and what happens after a report is filed. - [Master Services Agreement](https://docs.macstadium.com/macstadium/legal-and-compliance/master-services-agreement.md): MacStadium Master Subscription Services Agreement v2.0: governing legal terms for all MacStadium services, referencing the SLA and Acceptable Use Policy. - [MacStadium security and compliance overview](https://docs.macstadium.com/macstadium/legal-and-compliance/security.md): Review MacStadium security policies, compliance certifications, and trust documentation. Visit trust.macstadium.com for current audit and compliance records. - [Service Level Agreement](https://docs.macstadium.com/macstadium/legal-and-compliance/service-level-agreement.md): MacStadium guarantees 99.9% monthly uptime. This SLA defines what counts as an outage, how service credits are calculated, and how to file a claim. - [Viewing your environment in My Cloud](https://docs.macstadium.com/macstadium/macstadium-overview/ip-plan.md): My Cloud in the MacStadium Portal shows your environment by data center: public servers, firewalls, VPN credentials, network allocations, and host assignments. - [MacStadium cloud hosting for Apple hardware](https://docs.macstadium.com/macstadium/macstadium-overview/macstadium-overview.md): MacStadium hosts Apple hardware for enterprise: bare metal Macs, Orka macOS virtualization, and cloud access, in MacStadium data centers, AWS, or on-prem. - [MacStadium Portal for subscriptions and support](https://docs.macstadium.com/macstadium/macstadium-overview/macstadium-portal.md): Manage MacStadium subscriptions and support at portal.macstadium.com. A business email is required to register; personal email domains are not accepted. - [Creating Slack Tickets](https://docs.macstadium.com/macstadium/support/creating-slack-tickets.md): Create support tickets directly from Slack using MacStadium's Slack-to-ticket service, available on Pro and Premium support plans. - [Mac Configuration Assistance](https://docs.macstadium.com/macstadium/support/mac-configuration-assistance.md): MacStadium Remote Hands Service covers basic hardware and OS setup to ensure access to the Mac via remote SSH, VNC, or screen sharing. - [MacStadium Support Tiers](https://docs.macstadium.com/macstadium/support/macstadium-support-tiers.md): MacStadium offers Basic, Pro, and Premium support. See response time SLAs, support hours, and what's included in professional services before you decide. - [MacStadium Remote Hands hardware support](https://docs.macstadium.com/macstadium/support/remote-hands-service.md): MacStadium Remote Hands covers hardware diagnosis, network issues, OS password recovery, factory restore, and OS service changes on customer request. - [MacStadium support plans and services](https://docs.macstadium.com/macstadium/support/support.md): Compare MacStadium support tiers: Business, Pro, and Premium, with 24/7 monitoring, Remote Hands, and engineering support for networking and virtualization. - [Compatibility: Performance Improving Features](https://docs.macstadium.com/orka/compatibility/compatibility-performance-improving-features.md): Orka performance features: saved state, GPU passthrough, I/O boost, and network boost. Intel vs. Apple silicon with macOS version requirements. - [Feature Parity: Apple Hardware](https://docs.macstadium.com/orka/compatibility/feature-parity-apple-hardware.md): Compatibility across Intel and Apple silicon Orka nodes: supported macOS versions, VM operations, image types, networking, and CI/CD integration support. - [Feature Parity: Orka Tools](https://docs.macstadium.com/orka/compatibility/feature-parity-orka-tools.md): Feature parity matrix: which operations Orka3 CLI, Orka3 API, and Web UI support for VMs, images, nodes, namespaces, and authentication. - [K8s Native: Orka3 CRD Reference](https://docs.macstadium.com/orka/kubernetes-native/k8s-native-orka3-crd-reference.md): Field reference for Orka3 Kubernetes custom resource definitions: VirtualMachineConfig and VirtualMachineInstance spec fields, types, and YAML examples. - [Kubernetes-native Orka resource management](https://docs.macstadium.com/orka/kubernetes-native/k8s-native-overview.md): Manage Orka resources with kubectl. Covers authenticating via orka3 CLI, applying VM configs as YAML, and creating namespaces for custom pod workloads. - [K8s Native: Persistent Volumes](https://docs.macstadium.com/orka/kubernetes-native/k8s-native-persistent-volumes.md): Use Kubernetes persistent volumes in Orka custom pod namespaces. Request a PV from MacStadium, set up kubectl access, create PVCs, and deploy pods. - [1. AWS Side of the VPN Tunnel](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/1-aws-side-of-the-vpn-tunnel.md): Configure the AWS side of an IPsec site-to-site VPN: create a customer gateway, virtual private gateway, and VPN connection in Amazon VPC. - [1. GCP Side of the VPN Tunnel](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/1-gcp-side-of-the-vpn-tunnel.md): Configure the GCP side of an IPsec site-to-site VPN to your Orka cluster: create a Classic VPN gateway and tunnel using policy-based routing with IKEv2. - [2. AWS VPN Tunnel Configuration File](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/2-aws-vpn-tunnel-configuration-file.md): Download the AWS VPN config file and fill in Orka network values for your Cisco ASAv: outside interface, Private-1 subnet, NAT rules, and VPC details. - [2. GCP VPN Tunnel Configuration File](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/2-gcp-vpn-tunnel-configuration-file.md): Complete the Cisco ASA/ASAv config template for your GCP-to-Orka VPN tunnel. Fill in GCP network, VPN IP, Orka Private-1 network, and IKEv2 pre-shared key. - [3. AWS Orka Side of the VPN Tunnel](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/3-aws-orka-side-of-the-vpn-tunnel.md): Apply the prepared AWS VPN config to your Orka Cisco ASAv via ASDM-IDM. Completes the Orka side of the AWS site-to-site IPsec tunnel. - [3. Orka Side of the GCP VPN Tunnel](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/3-orka-side-of-the-gcp-vpn-tunnel.md): Apply the GCP VPN config to your Orka cluster's Cisco ASA/ASAv via Cisco ASDM-IDM. Completes the Orka side of the GCP site-to-site IPsec tunnel. - [4. AWS Verifying the VPN Tunnel](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/4-aws-verifying-the-vpn-tunnel.md): (Optional) How to verify that your AWS-Orka VPN tunnel works as expected: check security associations, tunnel status and traffic between Orka and AWS. - [4. Verifying the GCP VPN Tunnel](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/4-verifying-the-gcp-vpn-tunnel.md): (Optional) How to verify that your GCP-Orka VPN tunnel works as expected: check security associations, tunnel status and traffic between Orka and GCP. - [Connect AWS to your Orka cluster](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/aws-orka-connections.md): Connect AWS to your Orka cluster: one-time access from EC2 via VPN client, or a persistent IPsec site-to-site tunnel between your Amazon VPC and Orka. - [AWS VPN Tunnel Troubleshooting](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/aws-vpn-tunnel-troubleshooting.md): Fix AWS-to-Orka VPN tunnel issues: Cisco ASAv config errors, tunnel UP but no traffic, VPC route propagation problems, and NAT exemption mismatches. - [Built-In Orka Domains](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/built-in-orka-domains.md): Use your company.orka.app domain instead of raw Orka API IPs. Covers hosts file setup, HTTPS access, and certificate trust for the Orka API. - [External Custom Domains](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/external-custom-domains.md): Configure a custom domain for your Orka cluster using a TLS certificate. Covers certificate upload, domain mapping, Ingress configuration, and tool setup. - [Connect GCP to your Orka cluster](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/gcp-orka-connections.md): Connect GCP to your Orka cluster: one-time access from a GCP VM via VPN client, or a persistent IPsec site-to-site tunnel between your GCP cloud and Orka. - [GCP VPN Tunnel Troubleshooting](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/gcp-vpn-tunnel-troubleshooting.md): Fix GCP-to-Orka VPN tunnel issues: Cisco ASA interface name errors, no-traffic tunnels, NAT exemption mismatches, and GCP firewall ingress rules. - [MSDC Network Requirements](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/msdc-network-requirements.md): Network requirements for Orka clusters at MacStadium data centers in Atlanta, Dublin, and Las Vegas, including reserved address ranges and custom subnets. - [Connect to your Orka cluster via VPN](https://docs.macstadium.com/orka/networking-with-orka-at-macstadium/vpn-connection.md): Connect to your Orka cluster's Cisco ASAv via VPN with OpenConnect or Cisco AnyConnect. Required before managing VMs or configuring cluster networking. - [OCI Images: Deploy VMs](https://docs.macstadium.com/orka/oci-images/oci-images-deploy-vms.md): Deploy an Orka VM from any OCI-compatible image by specifying the registry address. Private registries require credentials pre-configured in the namespace. - [OCI Images: Manage Registry Credentials](https://docs.macstadium.com/orka/oci-images/oci-images-manage-registry-credentials.md): Store and manage OCI registry credentials in Orka with orka3 regcred. Add, override, and remove credentials per namespace for private registry access. - [OCI container images for Orka VMs](https://docs.macstadium.com/orka/oci-images/oci-images-overview.md): Deploy Orka VMs using OCI-compatible images from public or private registries. Store, version, and distribute macOS images through standard container workflows. - [OCI Images: Preserve Changes](https://docs.macstadium.com/orka/oci-images/oci-images-preserve-changes.md): Save Orka VM changes by committing locally or pushing to an OCI registry. Covers local cluster saves and registry pushes for macOS disk images (Orka 3.0+). - [Orka Self-Service: Migrating NFS Images to OCI with Harbor](https://docs.macstadium.com/orka/oci-images/orka-self-service-migrating-nfs-images-to-oci-with-harbor.md): Migrate NFS-based Orka images to OCI format using Harbor on Orka 3.5. Covers orka3 regcred, orka3 vm push, imagecache, and updating CI/CD integrations. - [Using Harbor OCI Storage with the Orka CLI](https://docs.macstadium.com/orka/oci-images/using-harbor-oci-storage-with-the-orka-cli.md): Orka Harbor OCI storage comes preconfigured with everything needed to push and pull macOS VM images using the Orka CLI. Users are provided with a Project. - [Cluster Access Management: Overview](https://docs.macstadium.com/orka/orka-cluster-access/cluster-access-management-overview.md): Orka access control overview: SSO login, RBAC roles, namespaces, and role bindings. Covers Admin, Tech, and service account permissions across namespaces. - [Customer Portal: Manage Account Users](https://docs.macstadium.com/orka/orka-cluster-access/customer-portal-manage-account-users.md): Manage Orka cluster users via the MacStadium Customer Portal: invite new members, assign Admin, Tech, or Billing roles, and control namespace access. - [Authentication and RBAC](https://docs.macstadium.com/orka/orka-cluster-access/orka-authentication-and-rbac.md): How Orka handles authentication and authorization: OIDC provider options, default RBAC roles and bindings, group mapping configuration, and migration guidance. - [Orka Cluster: Access the Cluster](https://docs.macstadium.com/orka/orka-cluster-access/orka-cluster-access-the-cluster.md): Complete the cluster invitation process, connect via VPN, get your Orka API URL, and log in. Covers first-time registration and CLI authentication steps. - [Orka Cluster: Manage Access to Resources](https://docs.macstadium.com/orka/orka-cluster-access/orka-cluster-manage-access-to-resources.md): Admin guide: create namespaces, add subjects to role bindings, and isolate Orka resources for specific users, teams, or CI/CD service accounts. - [Orka Cluster: Manage Service Accounts](https://docs.macstadium.com/orka/orka-cluster-access/orka-cluster-manage-service-accounts.md): Admin guide: create and manage Orka service accounts for CI/CD integrations. Service accounts use 1-year tokens and bypass browser SSO login. - [Understanding Orka Credentials](https://docs.macstadium.com/orka/orka-cluster-access/understanding-orka-credentials.md): Learn how Orka's three credential systems work, when to use each, and how to avoid the common mistake of using short-lived tokens in CI/CD pipelines. - [2.4.x and 3.0.x to 3.1.x and above: Backward Compatibility](https://docs.macstadium.com/orka/orka-cluster-migration-from-24-3x/24x-and-30x-to-31x-and-above-backward-compatibility.md): Upgrading to Orka 3.1+: the legacy API is removed. Switch to orka3 CLI, update all integrations, and ensure Customer Portal access for all team members. - [2.4.x to 3.0.0: After the Migration](https://docs.macstadium.com/orka/orka-cluster-migration-from-24-3x/24x-to-300-after-the-migration.md): Post-migration checklist for Orka 2.4.x to 3.0.0: update to the orka3 CLI, configure user access via Customer Portal, and set up Web UI authentication. - [2.4.x to 3.0.0: API Mapping](https://docs.macstadium.com/orka/orka-cluster-migration-from-24-3x/24x-to-300-api-mapping.md): Map Orka 2.4.x REST API endpoints to Orka 3.0.0: auth, tokens, VMs, VM configs, images, nodes, and removed endpoints with their Orka3 API replacements. - [2.4.x to 3.0.0: CLI Mapping](https://docs.macstadium.com/orka/orka-cluster-migration-from-24-3x/24x-to-300-cli-mapping.md): Map Orka 2.4.x CLI commands to their Orka3 equivalents: config, login, VM management, images, nodes, and removed commands replaced by namespaces and RBAC. - [2.4.x to 3.0.0: What Persists](https://docs.macstadium.com/orka/orka-cluster-migration-from-24-3x/24x-to-300-what-persists.md): After migrating Orka 2.4.x to 3.0.0: VM configs and images carry over, but VMs, node tags, user groups, and sandboxed nodes must be recreated. - [Performance: GPU Passthrough](https://docs.macstadium.com/orka/orka-configuration/performance-gpu-passthrough.md): Intel-only: enable GPU passthrough for Orka VMs using orka3 vm deploy --gpu. Covers cluster prerequisites, per-VM defaults, and node-level limitations. - [What's new in Orka Desktop 3.1.0](https://docs.macstadium.com/orka/orka-desktop/orka-desktop-310-release-notes.md): Orka Desktop 3.1.0 adds macOS 26 Tahoe guest image support, updated OCI image format compatibility, local storage mounting, and shared clipboard. - [Welcome to Orka Desktop 3.0](https://docs.macstadium.com/orka/orka-desktop/welcome-to-orka-desktop-30.md): Free macOS virtualization for individual workstations. Build and test VM images locally, then push to an OCI registry for use in a shared Orka cluster. - [Buildkite](https://docs.macstadium.com/orka/orka-devops-integrations/buildkite.md): Connect Orka to Buildkite with the MacStadium plugin. Use permanent agents reused across builds or ephemeral agents created per pipeline run. - [Claude Code integration with the Orka3 CLI](https://docs.macstadium.com/orka/orka-devops-integrations/claude-code.md): Use Claude Code with the Orka3 CLI skill to deploy VMs, troubleshoot cluster issues, and automate CI/CD workflows on your Orka environment from the terminal. - [GitHub Actions integration for Orka](https://docs.macstadium.com/orka/orka-devops-integrations/github-actions.md): Run macOS CI/CD builds on Orka with GitHub Actions using dynamic ephemeral runners. Runners scale automatically with demand and deprovision after each job. - [GitLab](https://docs.macstadium.com/orka/orka-devops-integrations/gitlab.md): Connect Orka to GitLab CI/CD with the MacStadium integration. Use Shell executors for permanent runners or custom executors for ephemeral, per-pipeline VMs. - [Jenkins plugin for Orka macOS build agents](https://docs.macstadium.com/orka/orka-devops-integrations/jenkins.md): Provision permanent and ephemeral macOS build agents with the Orka Jenkins plugin. Covers plugin installation, agent configuration, and credential setup. - [Packer plugin for automated Orka image builds](https://docs.macstadium.com/orka/orka-devops-integrations/packer.md): Automate macOS image creation with the Orka Packer Plugin. Define image configurations as code and integrate Orka image builds into your CI/CD pipeline. - [TeamCity plugin for Orka macOS build agents](https://docs.macstadium.com/orka/orka-devops-integrations/teamcity.md): Connect Orka to TeamCity using the MacStadium plugin to provision and destroy ephemeral macOS build agents. Covers plugin installation and configuration. - [Orka Engine standalone macOS VM management](https://docs.macstadium.com/orka/orka-engine/orka-engine-30.md): Deploy and manage macOS VMs on Apple Silicon hosts via CLI without a Kubernetes control plane. Uses OCI-compatible images for lightweight VM provisioning. - [IT Administrator Onboarding Guide](https://docs.macstadium.com/orka/orka-on-aws-and-on-prem/it-administrator-onboarding-guide.md): IT admin guide for MacStadium VDI. Covers Ansible, Citrix Cloud, and Orka Engine interfaces, user provisioning, image management, and daily operations. - [Orka on AWS: Getting Started](https://docs.macstadium.com/orka/orka-on-aws-and-on-prem/orka-on-aws-getting-started.md): Deploy Orka on AWS with EC2 Mac nodes, Amazon EKS, and ECR for OCI images. Architecture overview and steps to orchestrate macOS VMs in your AWS account. - [Orka On-Prem Getting Started](https://docs.macstadium.com/orka/orka-on-aws-and-on-prem/orka-on-prem-getting-started.md): Run Orka on your own Mac hardware with a Kubernetes control plane. Covers on-prem architecture, networking, and OCI image registry integration. - [Risk Assessment and Mitigation Plan for Orka on AWS](https://docs.macstadium.com/orka/orka-on-aws-and-on-prem/risk-assessment-and-mitigation-plan-for-orka-on-aws.md): Risk assessment for Orka on AWS: security, reliability, cost, and operational risks with mitigations for EKS and EC2 Mac deployments. - [Using Bridge Networking with Orka 3.5.0](https://docs.macstadium.com/orka/orka-on-aws-and-on-prem/using-bridge-networking-with-orka-350.md): Configure bridge networking for Orka 3.5.0 on-prem: VMs receive IP addresses directly from your DHCP server, enabling direct network access without NAT. - [Orka compatibility matrix for macOS and hardware](https://docs.macstadium.com/orka/orka-overview/compatibility-matrix.md): Supported macOS versions, host OS requirements, and Orka cluster compatibility by hardware (M1/M2/M4, Intel). Verify your configuration before deploying. - [Orka macOS virtualization platform overview](https://docs.macstadium.com/orka/orka-overview/orka-overview.md): Orka by MacStadium: macOS virtualization on Apple Silicon with Kubernetes-native scheduling. Supports CI/CD, VDI, and AI workloads in cloud or on-prem. - [Orka tools, CLI downloads, and CI/CD plugins](https://docs.macstadium.com/orka/orka-overview/tools-integrations.md): Download Orka3 CLI binaries for macOS, Linux, and Windows, plus Orka VM Tools and CI/CD integrations for Jenkins, GitHub Actions, GitLab, and Buildkite. - [Apple Silicon-Based Support](https://docs.macstadium.com/orka/orka-resources/apple-silicon-based-support.md): Deploy Orka VMs on Apple silicon nodes (M1/M2/M4). Covers arm64 image types, first-deploy caching, features by Orka version, and limits vs. Intel nodes. - [Orka Burst for on-demand elastic cluster capacity](https://docs.macstadium.com/orka/orka-resources/burst.md): Scale your Orka cluster with Burst, which provides dedicated on-demand capacity during heavy CI/CD workloads. Learn how to enable and manage elastic nodes. - [Cluster Configurations](https://docs.macstadium.com/orka/orka-resources/cluster-configurations.md): Cluster-level Orka settings: VM scheduling algorithm (default vs. most-allocated), GPU passthrough, VM internet isolation, and VM network isolation. - [Consuming Metrics from Prometheus](https://docs.macstadium.com/orka/orka-resources/consuming-metrics-from-prometheus.md): Scrape Prometheus metrics from your Orka cluster: server, operator, and node exporter endpoints. Covers Prometheus config, the web console, and Grafana. - [Orka image caching for faster VM deployments](https://docs.macstadium.com/orka/orka-resources/image-caching.md): Pre-download OCI images to Orka nodes before deployment to eliminate pull delays during CI runtime. Available in Orka 3.2 and later for Apple Silicon clusters. - [Orka Required URL Rules for Filtering](https://docs.macstadium.com/orka/orka-resources/orka-required-url-rules-for-filtering.md): Required URL allowlist rules for Orka Cluster. Covers client-side and LAN-side rulesets tested on Cisco Firepower for customers who filter outbound traffic. - [Orka3 CLI Command Reference](https://docs.macstadium.com/orka/orka-resources/orka3-cli-command-reference.md): Auto-generated Orka3 CLI command reference: all subcommands for VMs, images, nodes, namespaces, service accounts, RBAC, and OCI registry credentials. - [Resiliency, High Availability, and Disaster Recovery](https://docs.macstadium.com/orka/orka-resources/resiliency-high-availability-and-disaster-recovery.md): Orka HA and DR: k8s control plane resiliency, image storage options, VM runtime behavior, and guidance for multi-cluster and backup configurations. - [Shared VM storage for Orka CI artifacts](https://docs.macstadium.com/orka/orka-resources/shared-vm-storage.md): Mount a shared storage volume across Orka VMs for CI artifact caching. Deprecated on Apple Silicon Monterey; available for Intel and Apple Silicon Ventura+. - [Orka VM Tools for guest services on ARM VMs](https://docs.macstadium.com/orka/orka-resources/vm-tools.md): Orka VM Tools are pre-installed guest services required for disk resize, VM metadata, and shared storage on macOS 12 or later Apple Silicon virtual machines. - [Working with VM Metadata](https://docs.macstadium.com/orka/orka-resources/working-with-vm-metadata.md): When you deploy a VM, Orka assigns default metadata to the VM. You can also add your own custom metadata during deployment with the Orka API. - [Kubernetes upgrade guide](https://docs.macstadium.com/orka/orka-upgrades-and-release-notes/kubernetes-upgrade-guide.md): How Orka services behave during a Kubernetes cluster upgrade, and how to minimize disruption. Validated against Kubernetes 1.35. - [Orka 3.0 Release Notes](https://docs.macstadium.com/orka/orka-upgrades-and-release-notes/orka-30-release-notes.md): Orka 3.0 introduced SSO, native Kubernetes, OCI registry support, the new orka3 CLI, and macOS Sonoma images. Patch notes for v3.0.1-3.0.3 also included. - [Orka 3.1 Release Notes](https://docs.macstadium.com/orka/orka-upgrades-and-release-notes/orka-31-release-notes.md): Orka 3.1 adds public IP support across CLI and integrations, Intel support for High Sierra and Mojave, and performance improvements for large clusters. - [Orka 3.2 Release Notes](https://docs.macstadium.com/orka/orka-upgrades-and-release-notes/orka-32-release-notes.md): Orka 3.2 release notes: scheduled image caching, Apple ID authentication on Sequoia, Apple Silicon architecture detection, and bug fixes. - [Orka 3.3 Release Notes](https://docs.macstadium.com/orka/orka-upgrades-and-release-notes/orka-33-release-notes.md): Orka 3.3 release notes: Orka Burst for elastic capacity, UDID generation controls, Kubernetes 1.33, Harbor OCI support, and Jamf MDM fixes. - [Orka 3.4 Release Notes](https://docs.macstadium.com/orka/orka-upgrades-and-release-notes/orka-34-release-notes.md): Orka 3.4 release notes: custom VM display resolution settings, NFS image caching hotfix, and ARM node stability improvements for high-volume deployments. - [Orka 3.5 Release Notes](https://docs.macstadium.com/orka/orka-upgrades-and-release-notes/orka-35-release-notes.md): Always ensure that your cluster, Orka tools and integrations, and Orka VM Tools run matching versions. For example, the respective available 3.x versions. - [How to upgrade your Orka cluster](https://docs.macstadium.com/orka/orka-upgrades-and-release-notes/orka-upgrades.md): Upgrade your Orka cluster via a MacStadium support ticket with a scheduled maintenance window. Covers upgrade types, prep steps, and post-upgrade tasks. - [Authentication and User Management](https://docs.macstadium.com/orka/orka3-cli-reference/authentication-and-user-management.md): orka3 login, user get-token, logout, and service account token commands: the full authentication reference for Orka cluster access and CI/CD automation. - [Command Quick Reference](https://docs.macstadium.com/orka/orka3-cli-reference/command-quick-reference.md): Quick-reference tables for all Orka3 CLI commands: configuration, authentication, VMs, images, nodes, namespaces, and service accounts. - [Image Management via Orka3 CLI](https://docs.macstadium.com/orka/orka3-cli-reference/image-management.md): Orka3 CLI image commands: list, pull, push, and manage macOS images for Intel and Apple Silicon VMs, including local cluster and OCI registry sources. - [Orka namespace management with the CLI](https://docs.macstadium.com/orka/orka3-cli-reference/namespace-management.md): Create and manage Orka namespaces to isolate resources and control user access. Covers namespace creation, listing, and rolebinding management. - [Orka node management with the CLI](https://docs.macstadium.com/orka/orka3-cli-reference/node-management.md): View and manage Orka nodes, the physical Mac hardware providing compute for your VMs. Covers listing nodes, checking state, and filtering by architecture. - [OCI Registry Integration](https://docs.macstadium.com/orka/orka3-cli-reference/oci-registry-integration.md): OCI (Open Container Initiative) registry credentials are required to push and pull OCI-compatible Apple silicon-based Orka images to or from private. - [Orka3 CLI Overview & Configuration](https://docs.macstadium.com/orka/orka3-cli-reference/orka3-cli-overview-configuration.md): Orka3 CLI command structure, global options, and configuration. Learn how to set your API URL, enable shell autocompletion, and navigate built-in help. - [Output formats and Getting Help](https://docs.macstadium.com/orka/orka3-cli-reference/output-formats-and-getting-help.md): Use --help on any Orka3 CLI command for built-in documentation. Covers output format options: default table, -o wide, -o json, and -o yaml. - [Role-Based Access Control (RBAC)](https://docs.macstadium.com/orka/orka3-cli-reference/role-based-access-control-rbac.md): Manage Orka RBAC: roles, rolebindings, and subjects. Control which users and service accounts can access which namespaces and resources. - [VM Deployment and Configuration](https://docs.macstadium.com/orka/orka3-cli-reference/vm-deployment-and-configuration.md): VM configurations (templates) allow you to define reusable settings for deploying virtual machines. All VM configurations reside in the orka-default. - [VM Lifecycle Management](https://docs.macstadium.com/orka/orka3-cli-reference/vm-lifecycle-management.md): Save a new image from a running VM. This saves the file system and the state of the OS, including any running applications. You can preserve the original. - [CI/CD Integrations Quick Start](https://docs.macstadium.com/orka/quick-start-guides/cicd-integrations-quick-start.md): Step-by-step setup for Orka's CI/CD integrations: GitHub Actions, GitLab, Jenkins, Packer, TeamCity, and Buildkite. Includes connecting to your Orka cluster. - [Orka3 API Quick Start](https://docs.macstadium.com/orka/quick-start-guides/orka3-api-quick-start.md): Get started with the Orka3 REST API: authenticate with a CLI token, deploy VMs, manage images, and build custom integrations with your Orka cluster. - [Orka3 CLI Quick Start](https://docs.macstadium.com/orka/quick-start-guides/orka3-cli-quick-start.md): Get started with the Orka3 CLI: configure your API URL, log in, list nodes and images, deploy VMs, commit changes to a new base image, and clean up. - [Orka Web UI quick start guide](https://docs.macstadium.com/orka/quick-start-guides/web-ui-quick-start.md): Get started with the Orka Web UI: browse nodes and images, create VM configs, deploy VMs, connect via Screen Sharing, and save changes as a new base image. - [MacStadium Cloud Access with Teradici PCoIP](https://docs.macstadium.com/remote-desktop-vdi/cloud-access-legacy/cloud-access.md): Cloud Access delivers low-latency remote macOS desktops powered by Teradici PCoIP. Designed for video editing, game development, and creative workloads. - [Cloud Access Customer Environment Tips](https://docs.macstadium.com/remote-desktop-vdi/cloud-access-legacy/cloud-access-customer-environment-tips.md): Tips for MacStadium Cloud Access (HP Anyware/PCoIP): network setup, TCP/UDP 4172 port requirements, latency reduction, and when to escalate to support. - [Cloud Access Troubleshooting](https://docs.macstadium.com/remote-desktop-vdi/cloud-access-legacy/cloud-access-troubleshooting.md): Troubleshoot MacStadium Cloud Access connection issues: HP Anyware PCoIP configuration problems, a known bandwidth bug, and upgrade steps to resolve it. - [Connect to Your Cloud (SSH)](https://docs.macstadium.com/remote-desktop-vdi/cloud-access-legacy/connect-to-your-cloud-ssh.md): Enable SSH access on your MacStadium ESXi host by starting the TSM-SSH service from the embedded host client. Supported on ESXi 6.0 Update 2 and later. - [Connect to Your Cloud (via VPN)](https://docs.macstadium.com/remote-desktop-vdi/cloud-access-legacy/connect-to-your-cloud-via-vpn.md): Connect to your MacStadium cloud via VPN using credentials from your IP Plan. Covers Cisco AnyConnect setup and step-by-step connection instructions. - [Connect to Your Cloud (Windows)](https://docs.macstadium.com/remote-desktop-vdi/cloud-access-legacy/connect-to-your-cloud-windows.md): The Cisco VPN client for Windows is now deprecated. If you need to connect to your MacStadium cloud from a Windows machine, you can use the free Shrew. - [Getting Started with Cloud Access](https://docs.macstadium.com/remote-desktop-vdi/cloud-access-legacy/getting-started-with-cloud-access.md): Install the HP Anyware PCoIP Cloud Access client and connect to your MacStadium Mac. macOS .dmg install; credentials are provided in your service ticket. - [Setup VPN using Cisco AnyConnect](https://docs.macstadium.com/remote-desktop-vdi/cloud-access-legacy/setup-vpn-using-cisco-anyconnect.md): Set up Cisco AnyConnect SecureMobility to access your MacStadium Private Cloud via VPN. Uses server address and credentials from your IP Plan. - [Citrix macOS VDA on MacStadium](https://docs.macstadium.com/remote-desktop-vdi/macstadium-bare-metal-with-citrix/citrix-macos-vda-on-macstadium.md): Deploy Citrix VDA for macOS on MacStadium bare metal. Links to the full deployment guide on Citrix Community, plus licensing tiers and support information. - [Android Virtual Devices](https://docs.macstadium.com/remote-desktop-vdi/macstadium-vdi-deployment/android-virtual-devices.md): Run Android emulators natively on Apple Silicon host nodes alongside MacStadium VDI macOS desktops, with automatic ADB connectivity to your VM. - [Ansible Playbook Implementation](https://docs.macstadium.com/remote-desktop-vdi/macstadium-vdi-deployment/ansible-playbook-implementation.md): Automate Citrix VDA deployment on Orka VMs with Ansible playbooks. Covers inventory, task sequencing, variables, and VM lifecycle operations for macOS VDI. - [Business Outcomes & Use Cases](https://docs.macstadium.com/remote-desktop-vdi/macstadium-vdi-deployment/business-outcomes-use-cases.md): Citrix + Orka eliminates Mac shipping delays and provisioning bottlenecks, cutting onboarding from weeks to hours with virtual macOS desktops. - [Citrix DaaS Configuration](https://docs.macstadium.com/remote-desktop-vdi/macstadium-vdi-deployment/citrix-daas-configuration.md): Citrix DaaS connects Orka infrastructure with end users. Configuration involves establishing Machine Catalogs to organize macOS VMs, generating enrollment. - [VDI deployment guide for MacStadium](https://docs.macstadium.com/remote-desktop-vdi/macstadium-vdi-deployment/deployment-guide.md): Deploy the Orka-Engine-Orchestration control plane for managing virtual desktops. Runs in a dedicated VM and connects to physical Mac hosts running Orka Engine. - [VDI golden image management](https://docs.macstadium.com/remote-desktop-vdi/macstadium-vdi-deployment/image-management.md): Create and manage golden images for MacStadium VDI: build images with Citrix VDA pre-installed, automate builds with Ansible, and distribute across hosts. - [Jamf Enrollment for MacStadium VDI Desktops](https://docs.macstadium.com/remote-desktop-vdi/macstadium-vdi-deployment/jamf-enrollment.md): Enroll Orka-provisioned macOS VMs into Jamf Pro using a golden image with LaunchDaemon and LaunchAgent scripts. Covers setup and enrollment flow. - [Overview and Architecture](https://docs.macstadium.com/remote-desktop-vdi/macstadium-vdi-deployment/overview-architecture.md): MacStadium VDI: Apple Silicon hosts, Orka Engine virtualization, Ansible provisioning, and Citrix VDA. macOS virtual desktops without shipping hardware. - [VDI production rollout checklist](https://docs.macstadium.com/remote-desktop-vdi/macstadium-vdi-deployment/production-rollout.md): Transition MacStadium VDI from testing to production. Covers user access policies, golden image readiness, monitoring setup, and team training requirements. - [Troubleshooting Common Issues](https://docs.macstadium.com/remote-desktop-vdi/macstadium-vdi-deployment/troubleshooting-common-issues.md): Diagnose Orka + Citrix VDI failures: VDA registration errors, network connectivity issues, and VM deployment problems via Ansible commands and logs. - [Validation and Testing](https://docs.macstadium.com/remote-desktop-vdi/macstadium-vdi-deployment/validation-and-testing.md): Validate your Citrix + Orka VDI setup before production: end-to-end connectivity, VM lifecycle, performance baseline, and smoke tests via Citrix Workspace. - [Ansible Quick Reference](https://docs.macstadium.com/remote-desktop-vdi/operational-guides/ansible-quick-reference.md): Quick-reference Ansible commands for Orka-based Citrix VDI: connectivity tests, Orka Engine checks, VM lifecycle, VDA management, and image operations. - [Day-2 Operations Guide](https://docs.macstadium.com/remote-desktop-vdi/operational-guides/day-2-operations-guide.md): Ongoing operations for a production MacStadium VDI deployment: capacity planning, image management, user lifecycle, incident response, and compliance. - [Troubleshooting Quick Reference](https://docs.macstadium.com/remote-desktop-vdi/operational-guides/troubleshooting-quick-reference.md): Quick-reference for MacStadium VDI issues organized by symptom. Each section lists likely causes, diagnostic commands, and recommended solutions. - [Apple Business Manager and MDM with MacStadium](https://docs.macstadium.com/remote-desktop-vdi/supporting-documentation/apple-business-manager-and-mobile-device-management-with-macstadium.md): How Apple Business Manager and MDM tools like Jamf and Kandji integrate with MacStadium: key constraints, enrollment workflows, and IT management. - [Customer Environment Tips](https://docs.macstadium.com/remote-desktop-vdi/supporting-documentation/customer-environment-tips.md): Best practices for deploying Citrix HDX and HP Anyware PCoIP on MacStadium: MDM enrollment, permissions, networking, and performance tuning. - [Shared User Responsibility Guide for MacStadium Customers](https://docs.macstadium.com/remote-desktop-vdi/supporting-documentation/shared-user-responsibility-guide-for-macstadium-customers.md): Responsibility framework for MacStadium + Citrix SP deployments: who owns infrastructure, Citrix integration, and end-user applications, clearly defined. - [USB Passthrough Guide](https://docs.macstadium.com/remote-desktop-vdi/supporting-documentation/usb-passthrough-guide.md): USB redirection with Citrix macOS VDA on MacStadium: mass storage, HID devices, and iDevices. Requires Citrix macOS VDA 2409+ and the Citrix Workspace App. ## OpenAPI Specs - [openapi](https://docs.macstadium.com/api-reference/openapi.json)