Fed4FIRE

From Grid5000
Revision as of 15:58, 9 March 2020 by Lbertot (talk | contribs)
Jump to navigation Jump to search

This page provides specific information about Grid'5000 for Fed4FIRE users.

Current Status (March 2020)

The Grid'5000 Aggregate Manager (AM) will soon be added to Fed4FIRE's jFed suite. Although integration is not complete yet this will allow users to perform basic tasks using only Fed4FIRE-standard APIs.

  • The Grid'5000 Aggregate Manager (am.grid5000.fr) advertises Grid'5000 resources
  • Fed4FIRE users can allocate and provision Grid'5000 resources from the Aggregate Manager. Using the AMv3 API.
  • New Grid'5000 accounts are automatically created by the AM for new users for 1 month. After which Fed4FIRE users will need to contact Grid'5000 support staff to validate and extend their account.
  • Fed4FIRE users can login to Grid'5000 frontends and to provisioned resources via SSH using their Fed4FIRE certificate private key.
  • Network-level function, such as internal and external vlans, are not yet available through the AM and require connected to Grid'5000 tools. See KaVLAN
  • Network-level interconnection using dedicated links with other Fed4FIRE testbed is functional. See Fed4FIRE_VLAN_Stitching. Network interconnection over the public Internet is functional (Grid'5000 nodes can access the public internet).

Grid'5000 Accounts

Fed4FIRE Users

  • The first time you allocate using the Aggregate Manager (e.g. using jFed) a new account will automatically be generated for you. This account will use :
    • Your Fed4FIRE login if available, appended with a number if not.
    • Your Fed4FIRE alias email. Normally transferred by the federation to the email you registered with them.
    • An ssh public key taken from your Fed4FIRE user certificate.
  • This account remains valid for a month after which you will be unable to log in Grid'5000 or provision resources.
    • An email explaining how to reopen and extend your account will be send to you.

Extending your account

You are welcome to request that your account be promoted as a standard Grid'5000 account. To do so, please send a mail to support-staff@lists.grid5000.fr, with the following information

  • your Grid'5000 account name
  • the mail address to contact you (by default, the sender's mail). It should be an institutionnal mail, not your personnel mail.
  • your institutionnal affiliation:
    • employer/reasearch institution
    • department/laboratory
      • team
  • a paragraph with your research topic
  • a paragraph or 2 (100 words) with your intended usage for Grid'5000
  • an expiration date for your account
  • acceptance of Grid'5000's Usage Policy

Grid'5000 Users

  • You can use your pre-existing Grid'5000 account with the jFed.
    • Go to the Account Mangaement Interface.
    • Got to the External identifiers and press the Add new identifier
    • Select Fed4FIRE as External engine and your Fed4FIRE URN as External identifier.
    • The Aggregate Manager will now use your Grid'5000 when provisioning resources.

Contact information

  • Fed4FIRE contact points for Grid'5000:
    • Lucas Nussbaum (lucas.nussbaum@loria.fr)
    • David Margery (david.margery@inria.fr)
    • Luke Bertot (luke.bertot@inria.fr)
  • Grid'5000 support staff: see the Support page

FAQ

Limits for the duration of an experiment?

If experiment means project, there is no limit. Accounts are created with a short-term expiration date (one month or two months depending on the process used for account creation) but can be extended at will.

If experiment means resources reservation, the limits are described in the Grid'5000 Usage Policy. The philosophy behind the Usage Policy is that users should be able to find some resources to prepare experiments during the day, and then reserve resources in advance to do large-scale experiments during nights and week-ends. So the effective limits are 10 hours during the day (9h-19h), 14 hours during nights (19h-9h), and 62 hours during week-ends (Friday 19h -> Monday 9h). Users are therefore strongly encouraged to automate the setup of their experiments (using scripts or tools such as Ansible). If an experiment requires a longer reservation, a special request can be made, as described in the Grid'5000 Usage Policy.

Sharing one user account per experiment?

Even if several persons are going to collaborate on the same experiment, we strongly prefer that each person uses its own account, for traceability purposes. It is possible to share scripts etc using standard Unix mechanisms (directory permissions), or using an external Git service (which are accessible from Grid'5000 nodes).

Public IP Address for Grid'5000 nodes?

Grid'5000 nodes are on a private network. Interconnection to the Internet is achieved to a NAT, using a 10 Gbps link to RENATER (the french NREN).

We are in the process of:

  • Adding public IPv6 addresses to nodes
  • Adding a configurable firewall to allow reaching Grid'5000 nodes from the Internet using IPv6
  • Extending this to a set of IPv4 addresses (probably doing NAT from the public IPv4 address to the internal IPv4 addresses)

However, this is still work in progress.

Retrieved from "https://www.grid5000.fr/mediawiki/index.php?title=Fed4FIRE&oldid=84377"