Fed4FIRE: Difference between revisions

From Grid5000
Jump to navigation Jump to search
m (Accounts)
Line 23: Line 23:


== Grid'5000 Accounts ==
== Grid'5000 Accounts ==
=== New Users ===
=== Fed4FIRE Users ===


* The first time you allocate using the Aggregate Manager (e.g. using jFed) a new account will automatically be generated for you. This account will use :
* The first time you allocate using the Aggregate Manager (e.g. using jFed) a new account will automatically be generated for you. This account will use :
Line 31: Line 31:
* This account remains valid for a month after which you will be unable to log in Grid'5000 or provision resources.
* This account remains valid for a month after which you will be unable to log in Grid'5000 or provision resources.
** An email explaining how to reopen and extend your account will be send to you.
** An email explaining how to reopen and extend your account will be send to you.
=== Converting or Extending your account ===
You are welcome to request that your account be promoted as a standard Grid'5000 account. To do so, please send a mail to support-staff@lists.grid5000.fr, with the following information
* the mail address to contact you (by default, the sender's mail). It should be an institutionnal mail, not your personnel mail.
* Your institutionnal affiliation:
** employer/reasearch institution
** department/laboratory
*** team
* a paragraph with your research topic
* a paragraph or 2 (100 words) with your intended usage for Grid'5000
* an expiration date for your account
* acceptance of Grid'5000's usage policy


=== Grid'5000 Users ===  
=== Grid'5000 Users ===  

Revision as of 12:52, 14 February 2020

This page provides specific information about Grid'5000 for Fed4FIRE users.

Current status (November 2019)

The federation of Grid'5000 inside Fed4FIRE is not complete yet. This means that Fed4FIRE users might need to use Grid'5000-specific tools, interfaces and API, instead of the Fed4FIRE-standard ones.

  • The Grid'5000 Aggregate Manager (am.grid5000.fr) advertises Grid'5000 resources
  • Fed4FIRE users need to create a separate Grid'5000 account
  • Fed4FIRE users need to use Grid'5000 tools and APIs to reserve and configure resources. They are documented in the tutorials listed below.
  • Network-level interconnection using dedicated links with other Fed4FIRE testbed is functional. See Fed4FIRE_VLAN_Stitching. Network interconnection over the public Internet is functional (Grid'5000 nodes can access the public internet).

The main Grid'5000 tutorial is Getting Started. Additional tutorials are listed on the Users home page.

Upcoming Changes (Feb/Mar 2020)

The Grid'5000 Aggregate Manager (AM) will soon be added to Fed4FIRE's jFed suite. Although integration is not complete yet this will allow users to perform basic tasks using only Fed4FIRE-standard APIs.

  • The Grid'5000 Aggregate Manager (am.grid5000.fr) advertises Grid'5000 resources
  • Fed4FIRE users can allocate and provision Grid'5000 resources from the Aggregate Manager. Using the AMv3 API.
  • New Grid'5000 accounts are automatically created by the AM for new users for 1 month. After which Fed4FIRE users will need to contact Grid'5000 support staff to validate and extend their account.
  • Fed4FIRE users can login to Grid'5000 frontends and to provisioned resources via SSH using their Fed4FIRE certificate private key.
  • Network-level function, such as internal and external vlans, are not yet available through the AM and require connected to Grid'5000 tools. See KaVLAN
  • Network-level interconnection using dedicated links with other Fed4FIRE testbed is functional. See Fed4FIRE_VLAN_Stitching. Network interconnection over the public Internet is functional (Grid'5000 nodes can access the public internet).

Grid'5000 Accounts

Fed4FIRE Users

  • The first time you allocate using the Aggregate Manager (e.g. using jFed) a new account will automatically be generated for you. This account will use :
    • Your Fed4FIRE login if available, appended with a number if not.
    • Your Fed4FIRE alias email. Normally transferred by the federation to the email you resisted with them.
    • An ssh public key taken from your Fed4FIRE user certificate.
  • This account remains valid for a month after which you will be unable to log in Grid'5000 or provision resources.
    • An email explaining how to reopen and extend your account will be send to you.

Converting or Extending your account

You are welcome to request that your account be promoted as a standard Grid'5000 account. To do so, please send a mail to support-staff@lists.grid5000.fr, with the following information

  • the mail address to contact you (by default, the sender's mail). It should be an institutionnal mail, not your personnel mail.
  • Your institutionnal affiliation:
    • employer/reasearch institution
    • department/laboratory
      • team
  • a paragraph with your research topic
  • a paragraph or 2 (100 words) with your intended usage for Grid'5000
  • an expiration date for your account
  • acceptance of Grid'5000's usage policy

Grid'5000 Users

  • You can use your pre-existing Grid'5000 account with the jFed.
    • Go to the Account Mangaement Interface.
    • Got to the External identifiers and press the Add new identifier
    • Select Fed4FIRE as External engine and your Fed4FIRE URN as External identifier.
    • The Aggregate Manager will now use your Grid'5000 when provisioning resources.

This will not change your ssh key, so tools such as jFed that uses the certificate key might fail to automatically connect to provisioned node.

Contact information

  • Fed4FIRE contact points for Grid'5000:
    • Lucas Nussbaum (lucas.nussbaum@loria.fr)
    • David Margery (david.margery@inria.fr)
    • Luke Bertot (luke.bertot@inria.fr)
  • Grid'5000 support staff: see the Support page

FAQ

Limits for the duration of an experiment?

If experiment means project, there is no limit. Accounts are created with a short-term expiration date (one month or two months depending on the process used for account creation) but can be extended at will.

If experiment means resources reservation, the limits are described in the Grid'5000 Usage Policy. The philosophy behind the Usage Policy is that users should be able to find some resources to prepare experiments during the day, and then reserve resources in advance to do large-scale experiments during nights and week-ends. So the effective limits are 10 hours during the day (9h-19h), 14 hours during nights (19h-9h), and 62 hours during week-ends (Friday 19h -> Monday 9h). Users are therefore strongly encouraged to automate the setup of their experiments (using scripts or tools such as Ansible). If an experiment requires a longer reservation, a special request can be made, as described in the Grid'5000 Usage Policy.

Sharing one user account per experiment?

Even if several persons are going to collaborate on the same experiment, we strongly prefer that each person uses its own account, for traceability purposes. It is possible to share scripts etc using standard Unix mechanisms (directory permissions), or using an external Git service (which are accessible from Grid'5000 nodes).

Public IP Address for Grid'5000 nodes?

Grid'5000 nodes are on a private network. Interconnection to the Internet is achieved to a NAT, using a 10 Gbps link to RENATER (the french NREN).

We are in the process of:

  • Adding public IPv6 addresses to nodes
  • Adding a configurable firewall to allow reaching Grid'5000 nodes from the Internet using IPv6
  • Extending this to a set of IPv4 addresses (probably doing NAT from the public IPv4 address to the internal IPv4 addresses)

However, this is still work in progress.