Actions

Login to cluster

From ALICE Documentation

Revision as of 11:56, 8 July 2019 by Kosterj1 (talk | contribs)

To login to the ALICE cluster you need to perform a hop-like login sequence. The two login nodes of the ALICE cluster cannot be accessed directly. One must first login to an ssh gateway and then to one of the login nodes. This mechanism is required for both login and file transfer operations. Below we describe how to perform these actions from Linux and Windows, separately.

Login to ALICE from Linux

The login nodes are named:

login1.alice.universiteitleiden.nl (10.161.0.12)
login2.alice.universiteitleiden.nl (10.162.0.13)

Setup ssh JUMP

In your linux server write in ~/.ssh/config for instance

Host hpc1 
  HostName login1.alice.universiteitleiden.nl
  User <USERNAME>
  ProxyJump <USERNAME>@ssh-gw.leidenuniv.nl:22
  
Host hpc2
  HostName login2.alice.universiteitleiden.nl
  User <USERNAME>
  ProxyJump <USERNAME>@ssh-gw.leidenuniv.nl:22

(Replace <USERNAME> by your own ULCN account name.)

If you want to look at the monitoring tools that are running on the management node too, you could add additional tunneling commands to the config for a specific host. Do not add tunnels to all definitions as they may produce conflicts when you use the samen tunnel twice. So add the tunnel commands, for instance, to one host like:

Host hpc1tunnel
  HostName login1.alice.universiteitleiden.nl
  User <USERNAME>
  ProxyJump <USERNAME>@ssh-gw.leidenuniv.nl:22
  LocalForward 8081:management.alice.universiteitleiden.nl:8081
  LocalForward 8080:management.alice.universiteitleiden.nl:443

Alternatively, if your openssh server isn't that recent and doesn't recognize the ProxyJump alias, try this:

Host hpc1 
  HostName login1.alice.universiteitleiden.nl
  ForwardX11 yes
  User <USERNAME>
  ProxyCommand ssh -X <USERNAME>@sshgw.leidenuniv.nl -W %h:%p

Login to ssh-gw.leidenuniv.nl (ssh <USERNAME>@ssh-gw.leidenuniv.nl) and put your public key in

~/.ssh/authorized_keys

Login through to the HPC login1 node ''ssh login1.alice.universiteitleiden.nl' and put the same public key in

~/.ssh/authorized_keys

Direct login to login node 1

 ssh hpc1

and you can even forward X11 now.

File transfer to login node 1

 ssh <local_file_name> hpc1:<remote_file_name>

this copies the <local_file_name> file to <remove_file_name> file in your home directory on ALICE.

Tunneling to monitors

Having setup the ssh tunneling required to access the monitoring tools on the cluster you are now able to access port 443 (general secure web server on the management node) and port 8081 (specific port in use by the Bright Cluster Manager monitoring tools).

So in a browser you could type:

https://localhost:8080

to gain access to the management main web server, or you could type:

https://localhost:8081/userportal

to gain access to the Bright Cluster Manager User Portal.

Login to ALICE from Windows

Windows users can make use of the program PuTTY to log on to ALICE. In order for PuTTY to correctly handle tunnels, you have to set up two login sessions. The first PuTTY session opens a login to the ssh gateway and sets up a tunnel to allow login to an ALICE login node directly from your Windows desktop. Once this gateway login session is running, you can define a second PuTTY session to log on to one of the ALICE login nodes and define tunnels for that session, for whatever purpose you need.

Set up PuTTY configuration

Open the PuTTY configuration and create a saved session:

  • Host Name: enter the gateway to which you have to log in first: sshgw.leidenuniv.nl
  • Saved Sessions: use a name that you can remember, e.g.: ALICE_GW
  • Click Save

The window now looks something like:

Putty1a.jpg

Go to the tab Connection/SSH/Tunnels and define the tunnels to the ALICE login 1 and login 2 nodes:

  • Source port: 2221
  • Destination: 10.161.0.12:22
  • Click Add
  • Source port: 2222
  • Destination: 10.161.0.13:22
  • Click Add

The window now looks as follows:

Putty2a.jpg

Go back to the main tab Session and click Save.

The above two definitions allow you to set up two other sessions, one to login node 1 and one to login node 2.

To create the definition for login node 1, repeat the above:

  • Host Name: localhost or 127.0.0.1
  • Port 2221
  • Saved Sessions: use a name that you can remember, e.g.: ALICE_login1
  • Click Save

The window now looks something like:

Putty3.jpg

Go to the tab Connection/SSH/Tunnels and set up the tunnel definitions for anything you need:

  • Source port: 8080
  • Destination: 10.161.0.10:443
  • Click Add

The window now looks as follows:

Putty4.jpg

In this case we set up a tunnel to the WEBserver of the management node. This will allow us to open a browser on your windows desktop with the URL: https://localhost:8080.

Go back to the main tab Session and click Save.

To create the definition for login node 2, repeat the above steps for the definition of login node 1 but with the following changes:

  • Use port 2222
  • Saved Sessions: use a name that you can remember, e.g.: ALICE_login2

Login to ALICE and use tunnels

In case you have followed the above configuration steps, you can log on to ALICE login node 1 as follows:

  • First, open the first PuTTY session, load ALICE_GW and open / login to the gateway using your ULCN name and password.
  • Second, open the second PuTTY session, load ALICE_login1 and open the connection to login node 1 using your ULCN name and temporary password
  • You are now logged on to login node 1. You have a Linux prompt from which you can perform your operations. You can also inspect the webpages from the management node web server directly from your desktop.