Actions

Login to cluster

From ALICE Documentation

Revision as of 09:06, 9 July 2019 by Deuler (talk | contribs) (Login to ALICE from a MAC)

To login to the ALICE cluster you need to perform a hop-like login sequence. The two login nodes of the ALICE cluster cannot be accessed directly. One must first login to an ssh gateway and then to one of the login nodes. This mechanism is required for both login and file transfer operations. Below we describe how to perform these actions from Linux and Windows, separately.

Login to ALICE from Linux

The login nodes are named:

login1.alice.universiteitleiden.nl (10.161.0.12)
login2.alice.universiteitleiden.nl (10.162.0.13)

Setup ssh JUMP

In your linux server write in ~/.ssh/config for instance

Host hpc1 
  HostName login1.alice.universiteitleiden.nl
  User <USERNAME>
  ProxyJump <USERNAME>@ssh-gw.leidenuniv.nl:22
  
Host hpc2
  HostName login2.alice.universiteitleiden.nl
  User <USERNAME>
  ProxyJump <USERNAME>@ssh-gw.leidenuniv.nl:22

(Replace <USERNAME> by your own ULCN account name.)

If you want to look at the monitoring tools that are running on the management node too, you could add additional tunneling commands to the config for a specific host. Do not add tunnels to all definitions as they may produce conflicts when you use the samen tunnel twice. So add the tunnel commands, for instance, to one host like:

Host hpc1tunnel
  HostName login1.alice.universiteitleiden.nl
  User <USERNAME>
  ProxyJump <USERNAME>@ssh-gw.leidenuniv.nl:22
  LocalForward 8081:management.alice.universiteitleiden.nl:8081
  LocalForward 8080:management.alice.universiteitleiden.nl:443

Alternatively, if your openssh server isn't that recent and doesn't recognize the ProxyJump alias, try this:

Host hpc1 
  HostName login1.alice.universiteitleiden.nl
  ForwardX11 yes
  User <USERNAME>
  ProxyCommand ssh -X <USERNAME>@sshgw.leidenuniv.nl -W %h:%p

Login to ssh-gw.leidenuniv.nl (ssh <USERNAME>@ssh-gw.leidenuniv.nl and use your ULCN password for this) and put your public key in

~/.ssh/authorized_keys

Login through to the HPC login1 node ''ssh login1.alice.universiteitleiden.nl' (use your ALICE provided password) and put the same public key in

~/.ssh/authorized_keys

Direct login to login node 1

 ssh hpc1

and you can even forward X11 now.

File transfer to login node 1

 ssh <local_file_name> hpc1:<remote_file_name>

this copies the <local_file_name> file to <remove_file_name> file in your home directory on ALICE.

Tunneling to monitors

Having setup the ssh tunneling required to access the monitoring tools on the cluster you are now able to access port 443 (general secure web server on the management node) and port 8081 (specific port in use by the Bright Cluster Manager monitoring tools).

So in a browser you could type:

https://localhost:8080

to gain access to the management main web server, or you could type:

https://localhost:8081/userportal

to gain access to the Bright Cluster Manager User Portal.

Login to ALICE from Windows

Windows users can make use of the program PuTTY to log on to ALICE. Verify whether PuTTY is already available on your desktop/laptop. Otherwise download and install PuTTY.

In order for PuTTY to correctly handle tunnels, you have to set up two login sessions. The first PuTTY session opens a login to the ssh gateway and sets up a tunnel to allow login to an ALICE login node directly from your Windows desktop. Once this gateway login session is running, you can define a second PuTTY session to log on to one of the ALICE login nodes and define tunnels for that session, for whatever purpose you need.

Set up PuTTY configuration

Open the PuTTY configuration and create a saved session:

  • Host Name: enter the gateway to which you have to log in first: sshgw.leidenuniv.nl
  • Saved Sessions: use a name that you can remember, e.g.: ALICE_GW
  • Click Save

The window now looks something like:

Putty1a.jpg

Go to the tab Connection/SSH/Tunnels and define the tunnels to the ALICE login 1 and login 2 nodes:

  • Source port: 2221
  • Destination: 10.161.0.12:22
  • Click Add
  • Source port: 2222
  • Destination: 10.161.0.13:22
  • Click Add

The window now looks as follows:

Putty2a.jpg

Make sure to save your settings: go back to the main tab Session and click Save.

The above two definitions allow you to set up two other sessions, one to login node 1 and one to login node 2.

To create the definition for login node 1, create another saved session by repeating the above:

  • Host Name: localhost or 127.0.0.1
  • Port 2221
  • Saved Sessions: use a name that you can remember, e.g.: ALICE_login1
  • Click Save

The window now looks something like:

Putty3.jpg

Go to the tab Connection/SSH/Tunnels and set up the tunnel definitions for anything you need:

  • Source port: 8080
  • Destination: 10.161.0.10:443
  • Click Add

The window now looks as follows:

Putty4.jpg

In this case we set up a tunnel to the WEBserver of the management node. This will allow us to open a browser on your windows desktop with the URL: https://localhost:8080.

Make sure to save your settings: go back to the main tab Session and click Save.

To create the definition for login node 2, repeat the above steps for the definition of login node 1 but with the following changes:

  • Use port 2222
  • Saved Sessions: use a name that you can remember, e.g.: ALICE_login2

Login to ALICE by using tunnels

In case you have followed the above configuration steps, you can log on to ALICE login node 1 as follows:

  • First, open the first PuTTY session, load ALICE_GW and open / login to the gateway using your ULCN name and password.
  • Second, open the second PuTTY session, load ALICE_login1 and open the connection to login node 1 using your ULCN name and temporary password
  • You are now logged on to login node 1. You have a Linux prompt from which you can perform your operations. You can also inspect the webpages from the management node web server directly from your desktop.


Keep Alive

Sometimes, and in particular from outside the university, the internet may experience interrupts or intermittent connectivity. This breaks your PuTTY login sessions, thus logging you out from ALICE. To avoid such breaks, you can tell PuTTY to occasionally ping the remote machine to keep your connection alive. This can be done by setting a time on the 'seconds between keepalives' and toggling on the TCP keepalives.

To enable this, go to Connection and fill in a value > 0 in 'seconds between keepalives' and toggle TCP keepalives on as show below:

Putty5.PNG

Make sure to save your settings.

Login to ALICE from a MAC

Logging in with a Mac requires no extra installation on your local machine.

  • Under “File”, open a new finder window. Navigate to the “Applications” folder, then the “Utilities” folder. Open a terminal window.
  • Edit your ~/.bash_profile to incorporate:
export LC_ALL=en_US.UTF-8
export LANG=en_US.UTF-8
  • Open a new tab to make sure these settings are in effect (Shell -> New Tab).
  • Edit your ~/.ssh/config file and put in:
Host hpc1 
  HostName login1.alice.universiteitleiden.nl
  User <USERNAME>
  ProxyJump <USERNAME>@ssh-gw.leidenuniv.nl:22

(Replace <USERNAME> by your own ULCN account name.)

Now you can login to the ALICE login 1 node by typing on the command line:

 ssh hpc1
Macterm2.png

All other settings are similar to the Linux login setup