Actions

Difference between revisions of "Login to cluster"

From ALICE Documentation

(Keep Alive)
Line 1: Line 1:
 
To login to the ALICE cluster you need to perform a hop-like login sequence. The two login nodes of the ALICE cluster cannot be accessed directly. One must first login to an ssh gateway and then to one of the login nodes. This mechanism is required for both login and file transfer operations. Below we describe how to perform these actions from Linux and Windows, separately.
 
To login to the ALICE cluster you need to perform a hop-like login sequence. The two login nodes of the ALICE cluster cannot be accessed directly. One must first login to an ssh gateway and then to one of the login nodes. This mechanism is required for both login and file transfer operations. Below we describe how to perform these actions from Linux and Windows, separately.
  
===Login to ALICE from Linux===
+
==Login to ALICE from Linux==
 
The login nodes are named:
 
The login nodes are named:
 
  login1.alice.universiteitleiden.nl (10.161.0.12)
 
  login1.alice.universiteitleiden.nl (10.161.0.12)
 
  login2.alice.universiteitleiden.nl (10.162.0.13)
 
  login2.alice.universiteitleiden.nl (10.162.0.13)
  
====Setup ssh JUMP====
+
===Setup ssh JUMP===
 
In your linux server write in ~/.ssh/config for instance
 
In your linux server write in ~/.ssh/config for instance
 
  Host hpc1  
 
  Host hpc1  
Line 39: Line 39:
 
  ~/.ssh/authorized_keys
 
  ~/.ssh/authorized_keys
  
====Direct login to login node 1====
+
===Direct login to login node 1===
 
   ssh hpc1
 
   ssh hpc1
 
and you can even forward X11 now.
 
and you can even forward X11 now.
  
====File transfer to login node 1====
+
===File transfer to login node 1===
 
   ssh <local_file_name> hpc1:<remote_file_name>
 
   ssh <local_file_name> hpc1:<remote_file_name>
 
this copies the <local_file_name> file to <remove_file_name> file in your home directory on ALICE.
 
this copies the <local_file_name> file to <remove_file_name> file in your home directory on ALICE.
  
====Tunneling to monitors====
+
===Tunneling to monitors===
 
Having setup the ssh tunneling required to access the monitoring tools on the cluster you are now able to access port 443 (general secure web server on the management node) and port 8081 (specific port in use by the Bright Cluster Manager monitoring tools).
 
Having setup the ssh tunneling required to access the monitoring tools on the cluster you are now able to access port 443 (general secure web server on the management node) and port 8081 (specific port in use by the Bright Cluster Manager monitoring tools).
  
Line 60: Line 60:
 
to gain access to the Bright Cluster Manager User Portal.
 
to gain access to the Bright Cluster Manager User Portal.
  
===Login to ALICE from Windows===
+
==Login to ALICE from Windows==
 
Windows users can make use of the program PuTTY to log on to ALICE. Verify whether PuTTY is already available on your desktop/laptop. Otherwise [https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html download] and install PuTTY.  
 
Windows users can make use of the program PuTTY to log on to ALICE. Verify whether PuTTY is already available on your desktop/laptop. Otherwise [https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html download] and install PuTTY.  
  
 
In order for PuTTY to correctly handle tunnels, you have to set up two login sessions. The first PuTTY session opens a login to the ssh gateway and sets up a tunnel to allow login to an ALICE login node directly from your Windows desktop. Once this gateway login session is running, you can define a second PuTTY session to log on to one of the ALICE login nodes and define tunnels for that session, for whatever purpose you need.
 
In order for PuTTY to correctly handle tunnels, you have to set up two login sessions. The first PuTTY session opens a login to the ssh gateway and sets up a tunnel to allow login to an ALICE login node directly from your Windows desktop. Once this gateway login session is running, you can define a second PuTTY session to log on to one of the ALICE login nodes and define tunnels for that session, for whatever purpose you need.
  
=====Set up PuTTY configuration=====
+
===Set up PuTTY configuration===
 
Open the PuTTY configuration and create a saved session:
 
Open the PuTTY configuration and create a saved session:
  
* Host Name: enter the gateway to which you have to log in first: ''sshgw.leidenuniv.nl''
+
*Host Name: enter the gateway to which you have to log in first: ''sshgw.leidenuniv.nl''
* Saved Sessions: use a name that you can remember, e.g.: ''ALICE_GW''
+
*Saved Sessions: use a name that you can remember, e.g.: ''ALICE_GW''
* Click ''Save''
+
*Click ''Save''
  
 
The window now looks something like:
 
The window now looks something like:
Line 78: Line 78:
 
Go to the tab Connection/SSH/Tunnels and define the tunnels to the ALICE login 1 and login 2 nodes:
 
Go to the tab Connection/SSH/Tunnels and define the tunnels to the ALICE login 1 and login 2 nodes:
  
* Source port: 2221
+
*Source port: 2221
* Destination: 10.161.0.12:22
+
*Destination: 10.161.0.12:22
* Click ''Add''
+
*Click ''Add''
* Source port: 2222
+
*Source port: 2222
* Destination: 10.161.0.13:22
+
*Destination: 10.161.0.13:22
* Click ''Add''
+
*Click ''Add''
  
 
The window now looks as follows:
 
The window now looks as follows:
Line 94: Line 94:
  
 
To create the definition for login node 1, create another saved session by repeating the above:
 
To create the definition for login node 1, create another saved session by repeating the above:
* Host Name: ''localhost'' or 127.0.0.1
+
 
* Port 2221
+
*Host Name: ''localhost'' or 127.0.0.1
* Saved Sessions: use a name that you can remember, e.g.: ''ALICE_login1''
+
*Port 2221
* Click ''Save''
+
*Saved Sessions: use a name that you can remember, e.g.: ''ALICE_login1''
 +
*Click ''Save''
  
 
The window now looks something like:
 
The window now looks something like:
Line 104: Line 105:
  
 
Go to the tab Connection/SSH/Tunnels and set up the tunnel definitions for anything you need:
 
Go to the tab Connection/SSH/Tunnels and set up the tunnel definitions for anything you need:
* Source port: 8080
+
 
* Destination: 10.161.0.10:443
+
*Source port: 8080
* Click ''Add''
+
*Destination: 10.161.0.10:443
 +
*Click ''Add''
  
 
The window now looks as follows:
 
The window now looks as follows:
Line 117: Line 119:
  
 
To create the definition for login node 2, repeat the above steps for the definition of login node 1 but with the following changes:
 
To create the definition for login node 2, repeat the above steps for the definition of login node 1 but with the following changes:
* Use port 2222
 
* Saved Sessions: use a name that you can remember, e.g.: ''ALICE_login2''
 
  
====Login to ALICE by using tunnels====
+
*Use port 2222
 +
*Saved Sessions: use a name that you can remember, e.g.: ''ALICE_login2''
 +
 
 +
===Login to ALICE by using tunnels===
  
 
In case you have followed the above configuration steps, you can log on to ALICE login node 1 as follows:
 
In case you have followed the above configuration steps, you can log on to ALICE login node 1 as follows:
* First, open the first PuTTY session, load ''ALICE_GW'' and open / login to the gateway using your ULCN name and password.
+
 
* Second, open the second PuTTY session, load ''ALICE_login1'' and open the connection to login node 1 using your ULCN name and temporary password
+
*First, open the first PuTTY session, load ''ALICE_GW'' and open / login to the gateway using your ULCN name and password.
* You are now logged on to login node 1. You have a Linux prompt from which you can perform your operations. You can also inspect the webpages from the management node web server directly from your desktop.
+
*Second, open the second PuTTY session, load ''ALICE_login1'' and open the connection to login node 1 using your ULCN name and temporary password
 +
*You are now logged on to login node 1. You have a Linux prompt from which you can perform your operations. You can also inspect the webpages from the management node web server directly from your desktop.
  
 
<br />
 
<br />
  
====Keep Alive====
+
===Keep Alive===
 
Sometimes, and in particular from outside the university, the internet may experience interrupts or intermittent connectivity. This breaks your PuTTY login sessions, thus logging you out from ALICE. To avoid such breaks, you can tell PuTTY to occasionally ping the remote machine to keep your connection alive. This can be done by setting a time on the 'seconds between keepalives' and toggling on the TCP keepalives.
 
Sometimes, and in particular from outside the university, the internet may experience interrupts or intermittent connectivity. This breaks your PuTTY login sessions, thus logging you out from ALICE. To avoid such breaks, you can tell PuTTY to occasionally ping the remote machine to keep your connection alive. This can be done by setting a time on the 'seconds between keepalives' and toggling on the TCP keepalives.
  
Line 137: Line 141:
  
 
Make sure to save your settings.
 
Make sure to save your settings.
 +
 +
== Login to ALICE from a MAC ==
 +
Logging in with a Mac requires no extra installation on your local machine.
 +
 +
* Under “File”, open a new finder window. Navigate to the “Applications” folder, then the “Utilities” folder. Open a terminal window.
 +
 +
Host hpc1
 +
 +
HostName 10.161.0.12
 +
 +
User deuler
 +
 +
ProxyJump deuler@ssh-gw.leidenuniv.nl:22

Revision as of 08:49, 9 July 2019

To login to the ALICE cluster you need to perform a hop-like login sequence. The two login nodes of the ALICE cluster cannot be accessed directly. One must first login to an ssh gateway and then to one of the login nodes. This mechanism is required for both login and file transfer operations. Below we describe how to perform these actions from Linux and Windows, separately.

Login to ALICE from Linux

The login nodes are named:

login1.alice.universiteitleiden.nl (10.161.0.12)
login2.alice.universiteitleiden.nl (10.162.0.13)

Setup ssh JUMP

In your linux server write in ~/.ssh/config for instance

Host hpc1 
  HostName login1.alice.universiteitleiden.nl
  User <USERNAME>
  ProxyJump <USERNAME>@ssh-gw.leidenuniv.nl:22
  
Host hpc2
  HostName login2.alice.universiteitleiden.nl
  User <USERNAME>
  ProxyJump <USERNAME>@ssh-gw.leidenuniv.nl:22

(Replace <USERNAME> by your own ULCN account name.)

If you want to look at the monitoring tools that are running on the management node too, you could add additional tunneling commands to the config for a specific host. Do not add tunnels to all definitions as they may produce conflicts when you use the samen tunnel twice. So add the tunnel commands, for instance, to one host like:

Host hpc1tunnel
  HostName login1.alice.universiteitleiden.nl
  User <USERNAME>
  ProxyJump <USERNAME>@ssh-gw.leidenuniv.nl:22
  LocalForward 8081:management.alice.universiteitleiden.nl:8081
  LocalForward 8080:management.alice.universiteitleiden.nl:443

Alternatively, if your openssh server isn't that recent and doesn't recognize the ProxyJump alias, try this:

Host hpc1 
  HostName login1.alice.universiteitleiden.nl
  ForwardX11 yes
  User <USERNAME>
  ProxyCommand ssh -X <USERNAME>@sshgw.leidenuniv.nl -W %h:%p

Login to ssh-gw.leidenuniv.nl (ssh <USERNAME>@ssh-gw.leidenuniv.nl and use your ULCN password for this) and put your public key in

~/.ssh/authorized_keys

Login through to the HPC login1 node ''ssh login1.alice.universiteitleiden.nl' (use your ALICE provided password) and put the same public key in

~/.ssh/authorized_keys

Direct login to login node 1

 ssh hpc1

and you can even forward X11 now.

File transfer to login node 1

 ssh <local_file_name> hpc1:<remote_file_name>

this copies the <local_file_name> file to <remove_file_name> file in your home directory on ALICE.

Tunneling to monitors

Having setup the ssh tunneling required to access the monitoring tools on the cluster you are now able to access port 443 (general secure web server on the management node) and port 8081 (specific port in use by the Bright Cluster Manager monitoring tools).

So in a browser you could type:

https://localhost:8080

to gain access to the management main web server, or you could type:

https://localhost:8081/userportal

to gain access to the Bright Cluster Manager User Portal.

Login to ALICE from Windows

Windows users can make use of the program PuTTY to log on to ALICE. Verify whether PuTTY is already available on your desktop/laptop. Otherwise download and install PuTTY.

In order for PuTTY to correctly handle tunnels, you have to set up two login sessions. The first PuTTY session opens a login to the ssh gateway and sets up a tunnel to allow login to an ALICE login node directly from your Windows desktop. Once this gateway login session is running, you can define a second PuTTY session to log on to one of the ALICE login nodes and define tunnels for that session, for whatever purpose you need.

Set up PuTTY configuration

Open the PuTTY configuration and create a saved session:

  • Host Name: enter the gateway to which you have to log in first: sshgw.leidenuniv.nl
  • Saved Sessions: use a name that you can remember, e.g.: ALICE_GW
  • Click Save

The window now looks something like:

Putty1a.jpg

Go to the tab Connection/SSH/Tunnels and define the tunnels to the ALICE login 1 and login 2 nodes:

  • Source port: 2221
  • Destination: 10.161.0.12:22
  • Click Add
  • Source port: 2222
  • Destination: 10.161.0.13:22
  • Click Add

The window now looks as follows:

Putty2a.jpg

Make sure to save your settings: go back to the main tab Session and click Save.

The above two definitions allow you to set up two other sessions, one to login node 1 and one to login node 2.

To create the definition for login node 1, create another saved session by repeating the above:

  • Host Name: localhost or 127.0.0.1
  • Port 2221
  • Saved Sessions: use a name that you can remember, e.g.: ALICE_login1
  • Click Save

The window now looks something like:

Putty3.jpg

Go to the tab Connection/SSH/Tunnels and set up the tunnel definitions for anything you need:

  • Source port: 8080
  • Destination: 10.161.0.10:443
  • Click Add

The window now looks as follows:

Putty4.jpg

In this case we set up a tunnel to the WEBserver of the management node. This will allow us to open a browser on your windows desktop with the URL: https://localhost:8080.

Make sure to save your settings: go back to the main tab Session and click Save.

To create the definition for login node 2, repeat the above steps for the definition of login node 1 but with the following changes:

  • Use port 2222
  • Saved Sessions: use a name that you can remember, e.g.: ALICE_login2

Login to ALICE by using tunnels

In case you have followed the above configuration steps, you can log on to ALICE login node 1 as follows:

  • First, open the first PuTTY session, load ALICE_GW and open / login to the gateway using your ULCN name and password.
  • Second, open the second PuTTY session, load ALICE_login1 and open the connection to login node 1 using your ULCN name and temporary password
  • You are now logged on to login node 1. You have a Linux prompt from which you can perform your operations. You can also inspect the webpages from the management node web server directly from your desktop.


Keep Alive

Sometimes, and in particular from outside the university, the internet may experience interrupts or intermittent connectivity. This breaks your PuTTY login sessions, thus logging you out from ALICE. To avoid such breaks, you can tell PuTTY to occasionally ping the remote machine to keep your connection alive. This can be done by setting a time on the 'seconds between keepalives' and toggling on the TCP keepalives.

To enable this, go to Connection and fill in a value > 0 in 'seconds between keepalives' and toggle TCP keepalives on as show below:

Putty5.PNG

Make sure to save your settings.

Login to ALICE from a MAC

Logging in with a Mac requires no extra installation on your local machine.

  • Under “File”, open a new finder window. Navigate to the “Applications” folder, then the “Utilities” folder. Open a terminal window.

Host hpc1

HostName 10.161.0.12

User deuler

ProxyJump deuler@ssh-gw.leidenuniv.nl:22