Actions

Policies

From ALICE Documentation

Intended Audience

The intended audience for these policy statements are current and prospective HPC users who need an understanding of the accounts and allocation of HPC/HTC resources. This information is provided both as a statement of policy and for educating the user about the use of these systems.

Off to research computing Wonderland

ALICE (Academic Leiden Interdisciplinary Cluster Environment) is the high-performance computing (HPC) facility of the partnership between Leiden University and Leiden University Medical Center (LUMC). It is available to any researcher from both partners. Leiden University and LUMC aim to help deliver cutting edge research using innovative technology within the broad area of data-centric HPC. Both partners are responsible for the hosting, system support, scientific support and service delivery of several large super-computing and research data storage resources for the Leiden research community.

This wiki is the main source of documentation about the ALICE cluster.

Access policy

The access policy for ALICE is very similar but more restrictive than the Leiden University Account Policy.

Facilities are available to all researchers from both Leiden University and LUMC. Please review the policies for the system, this will assist in finding the right level of service for your project and choosing job parameters correctly. Overall we want to provide the best quality of service to all users so please consider how we may improve the service you receive and give us your feedback.

Access needs to be granted actively (by the creation of an account on the cluster). Use of resources is limited by the scheduler. Depending on the availability of queues ('partitions') granted to a user, priority to the system's resources is regulated on the basis of Faculty/institute/PI levels.

Here you can find information on how to request an account: Getting an account


Research Acknowledgement

We request that you acknowledge the use of the ALICE compute facilities in all publications and presentations which use any results generated through your use of ALICE. The following acknowledgement can be used:

"This work was performed using the compute resources from the Academic Leiden Interdisciplinary Cluster Environment (ALICE) provided by Leiden University."

or in shorter version:

"This work was performed using the ALICE compute resources provided by Leiden University."

We request also that you send copies of your publications that acknowledge the use of ALICE resources (or provide the links) to helpdesk@alice.leidenuniv.nl (mail request).

Costs overview

Currently, access to the ALICE cluster and related services is provided free of charge to all researchers and students at LU and LUMC.

Service Levels

There are none

Quality of Service

The ALICE compute facilities are provided using the following principles:

  • Availability. The ALICE resources are monitored during regular working hours during which incidents and user queries will be responded to and system maintenance will take place. Outside working hours, system and user support is done on a best-effort basis.
  • Integrity. The ALICE resources are monitored for availability, performance, functionality and correctness of its operation. All reasonable efforts are made to prevent loss, corruption or unintentional leakage of information from user accounts.
  • Confidentiality of information/data.
    • Information / data from user will not be used by the university, unless clauses from the Leiden University Regulations on ICT and Internet Use (revision 2020) apply.
    • The ALICE resources must not be used for data that contains sensitive data (data identifiable to people), unless there is an explicit agreement with the university concerning the use of such data.

Acceptable use policy

Complience with University policy

High Performance Computing (HPC) facility users are responsible for complying with all University policies, including Acceptable Use of Computers.

Resource policy

The supercomputers represent a unique resource for the campus community. These computers have special characteristics that are not found, or are of limited availability, on other central computers, including parallel processing, large memory, and a Linux operating system.  The allocation of High Performance Computing (HPC) resources requires close supervision by those charged with management of these resources.  

The login nodes are designated for small, short interactive jobs, and submitting batch jobs and not for running compute jobs.

Data Storage Policy

ALICE does not provide support for any type of controlled data. No controlled data (GDPR, HIPAA, EAR, FERPA, PII, CUI, ITAR, etc.) can be analysed or stored on any HPC storage. Users must not transfer sensitive data (data related to people) to ALICE. Data must be anonymized before it can be transferred to ALICE. In case you are unsure about the contents/classification of the data, please contact the helpdesk.

ALICE is not a datamanagement system where research data can be stored for longer periods of time. All data that is transferred to ALICE must be copies of data. Users must make sure that data that is transferred to ALICE remains available somewhere else. All data with value that is generated on ALICE must be moved off ALICE as soon as this is possible after the job completed.

Data in the user’s home directory is backed up (see Backup & Restore). The home directory is intended to store scripts, software, executables etc, but is not meant to store large or temporary data sets.

Maintenance policy

Most maintenance is performed during regular hours with no interruption to service.  System-wide maintenance is usually planned ahead of time and will be announced to the users.

The notification will describe the nature and extent (partial or full) of the interruptions of HPC services.

Batch queues will also be modified prior to scheduled downtimes to hold jobs which request more wallclock time than remains before the shutdown.

Emergency Maintenance

Unavoidable (emergency) downtime may occur as a result of any of the above reasons at almost any time. Such events are rare and great effort is made to avoid these situations. However, when emergency maintenance is needed, the UITS unit responsible for the item affected will provide as much notice to users as possible and work to resolve the fault as quickly as possible.

Any emergency outages will be announced via email through the alice[[1]]alice.leidenuniv.nl mailing list.

To maintenance announcements

Governance

Software

Commercial / Fee-based software

ALICE has commercial and freeware packages installed on our supercomputers. Our approach to the acquisition of additional software depends upon its cost, licensing restrictions, and user interest.

  1. Single User Interest. The license for the software is purchased by the user and his/her department or sponsor. This software is best installed by the user. There are two main options; the first and easier is to install the software in /home or /extra using the example procedure. The second is to use the "unsupported" environment. The advantage is that you can share the software built here with other users. This is created by sending a request to HPC Consult who will create an "unsupported" group in which you can build software and add users.
  2. Group Interest. If a package is of interest to a group of several users, the best approach at first is for one user to act as a primary sponsor and arrange to split the procurement/licensing costs among the group. We can install the software and manage the user access according to requests from the group.
  3. Broad Interest. The High-Performance Computing team will consider acquiring and supporting software packages that have broad interest among our users. Full facility support will depend on the cost of the package and our ability to comply with any restrictive licensing conditions.

Academic / Free software

There is an abundance of software generally available for scientific and research usage. We will install that software if it meets the following requirements:

  1. Compatible with our module environment. Some software though is not written with clusters in mind and tries to install into system directories, or needs a custom environment on every compute node.
  2. Generally useful. Some software has to be configured to the specific compute environment of the user. You are encouraged to use our "unsupported" environment to install your own.
  3. Public license. We do not install software if that would be a violation of its licensing.
  4. Reasonably well written. Some software takes days of effort and still does not work right. We have limited resources and reserve the right to "give up".

Privacy policy

General

ALICE is specific research-oriented IT services provided by the LU and LUMC and as such are covered by the Services Privacy Notice. The basis for the use of personal data is consent, explicitly given at the time of user account application and implicitly upon each connection to ALICE as per the banner warning if present.

This local policy document explains in more detail what information is held about individual people (ALICE account holders) by ALICE systems, how it is gathered and how it is used. Details of the data held or logged are given below. This information is used to support user access to the resources of the ALICE systems, to enable communication with you about the status of the system and your use of it as required, for system administration and bug tracking, for the detection of improper use, and for producing usage statistics for management and planning purposes.

Access to these logs and user-specific data is restricted to appropriate staff or contractors of ALICE.

These logs are currently held indefinitely subject to the availability of storage space, but might not be recovered as a result of an accidental or deliberate removal action.

Summary statistics are extracted from this data. Some of these may be made publicly available, but those that do not include the identity of individuals.

Relevant subsets of this data may be passed to computer security teams (e.g. Leiden CERT) as part of investigations of specific incidents of computer misuse involving ALICE systems.

If suspicious activity is detected Leiden University network data held as described in the Privacy Notice may be passed to ALICE management for investigation.

Data about particular projects may also on occasion be passed to the appropriate people (e.g. Principal Investigators or nominated deputies) responsible for direction and management of those projects. Otherwise, the information is not passed to any third party except where required by law.

Data is stored on disk storage systems and may be backed up. These backups are made to enable reinstatement of the data, e.g. in the event of failure of a system component, or accidental deletion. Details of backup and other policies applicable per file system are available on the file system page. User data, log data and backups are at all times physically held in secure University premises, or transferred over the LU and LUMC network using strong SSH-based encryption.

Any user of the ALICE systems who approaches the Helpdesk or any staff within the ALICE for help with a problem implicitly grants permission to the ALICE staff to investigate that problem by looking at data held on the system and files in their home directories or other personal or group storage areas.

Data collected

Accounting and other user-dependent system data

ALICE management servers hold details of user accounts, thereby enabling a user to log in and use the resources of ALICE systems.

The following data are collected via either the account application process or service usage and held and maintained for each user:

  • Name
  • User identifier (account name)
  • Institution affiliation
  • Status
  • Project affiliation
  • Email address
  • Contact telephone number
  • User administration history
  • Login history (session begin/end times and originating IP address)
  • Resource consumption (in the form of job records accumulated by the job scheduler)
  • Use of licensed applications (in the course of ensuring license term compliance).

These data are held on the ALICE management systems from the time the user’s account is created, whether or not the user ever makes use of ALICE systems.

Service-specific data remain stored subject to storage capacity until purged as obsolete; basic user information (names, system identifiers and institutional affiliations) regarding Leiden University and Leiden University Medical Center users is duplicated from central user administration records, see the University IT Facilities and Services Privacy Notice. Names, system identifiers and affiliations about external users are stored indefinitely so that historical usage of research computing systems can be properly attributed.

Other data held

Research data held in home directories or other personal or group storage areas is stored, as required for the fulfilment of ALICE services. This data is stored until purged by the user, or by the ALICE to enforce advertised policy, or automatically as obsolete in the case of tape re-use.

Besides applications, including but not limited to login shells, may record command history in files contained in the user’s home directory. Such files will survive until purged by the user, or by the ALICE to enforce advertised policy, or automatically as obsolete in the case of tape re-use.

From time to time we may gather publication data from external journal or preprint listings to assess research outputs facilitated by research computing services.

Data Security Policy