Federated Cloud user support

From EGIWiki
(Redirected from Fedcloud-tf:UserCommunities)
Jump to: navigation, search
Overview For users For resource providers Infrastructure status Site-specific configuration Architecture



Contents


This page is the user guide and catalogue of technical manuals for users of the EGI Cloud service. Additional consultancy and support for users and cloud resource providers is available via the EGI.eu Support Team


What is the EGI federated cloud?

The EGI Cloud service is implemented in the form of a Federated Cloud. This EGI Federated Cloud is a standards-based, open cloud system that federates institutional clouds to offer a scalable computing platform for data and/or compute driven applications and services in research and science. The EGI Federated Cloud benefits researchers and innovators in two ways:

  1. The EGI cloud service: The EGI cloud federation includes 23 cloud sites from all across Europe. These clouds are available for users through community allocations, so called Virtual Organisations. Each Virtual Organisation includes a subset of the federated cloud sites, and makes those available for the given community through generic and/or community-specific policies and protocols. Members of a scientific community have to join the VO to access the cloud capabilities offered by the federated VO sites. The EGI federation model ensures single-sign on (i.e. after a user registers to the VO he/she is able to access every VO cloud); uniform interfaces (i.e. each VO cloud can be accessed via the same/harmonized interfaces) and application portability (i.e. every VO cloud uses the same Virtual Machine (VM) image and contextualization format). VO members can deploy new VMs on the cloud sites through the EGI AppDB VM marketplace, and can instantiate VMs and block storages via the graphical AppDB VMOps Dashboard or using the API and command line interfaces offered by the cloud sites. High level tools, such as orchestrators and application portals can offer additional, and science domain-specific capabilities for users. This user guide covers topics relating to getting access and using the EGI cloud service.
  2. The EGI cloud technology stack: The EGI Federated Cloud is built from open source software components, maintained by an open consortium, the Federated Cloud Task Force. The technology stack is currently capable of federating OpenStack, OpenNebula and Synnefo clouds. EGI promotes the federated cloud technology stack for scientific communities who want to establish community-specific cloud federations, and assists them through this process. The EGI security and operational policies and service management practices offer a baseline, but customizable framework for operating the community specific cloud federations. If you would like to build a community-specific cloud federation, then please get in touch with support@egi.eu and we help you in the process.

The EGI Federated Cloud, its technology stack and the related operational and security processes enable scientific communities to (1) share resources and applications across institutes and national borders; (2) develop portable, standard-based applications and services; (3) operate high-quality services for science; and ultimately to (4) establish sustainable e-infrastructures for large-scale, digital science.

Introduction about using the EGI cloud service

The EGI Cloud Compute service gives you the ability to deploy and scale virtual machines on-demand. It offers guaranteed computational resources in a secure and isolated environment without the overhead of managing physical servers. Cloud Compute offers the possibility to select pre-configured virtual appliances (e.g. CPU, memory, disk, operating system or software) from a catalogue replicated across all EGI cloud providers.

The EGI Cloud compute service is implemented as a hybrid, Infrastructure as a Service (IaaS) cloud composed by public, community and private cloud providers. These providers are federated with the use of the 'EGI Core Infrastructure Platform', offering a scalable compute and storage infrastructure for scientific applications, services and data- and compute-intensive workloads.

Main features

Elastic computing infrastructure
Execute compute and data intensive workloads (both batch and interactive), host long-running services (e.g. web servers, databases or applications servers), or create disposable testing and development environments in VMs and containers. Scale your application or service within a single provider, or across multiple providers of the federation (within providers of your virtual organisation). Select VM configurations (CPU, memory, disk) and ready-to-deploy application VMs that best fit your needs.
VM image sharing and distribution
Easily share and distribute customised VM images to multiple clouds via the open 'Applications Database' library of Virtual Appliances. Community curated VMs and VM appliances are securely and automatically replicated across the infrastructure. The EGI User Community Support Team provides generic, baseline VM images, user communities can offer more specialised VMs and applications.
Unified view of federation
The EGI Cloud provides: Single sing-on (SSO) for authentication and authorisation across all resource providers; Federated accounting with an integrated view of the the resource and service usage; Distributed information system for delivering a real-time view of the capabilities; and Federated monitoring to compute metrics for availability and reliability of the services.
Beyond VMs
Run docker applications on the EGI resources; Use one of the already integrated PaaS and SaaS solution; Follow our user guides to deploy Hadoop, Docker Swarm, to access Object Storage and many more...

Usage models and examples

The flexibility of the Infrastructure as a Service EGI cloud can benefit various use cases and usage models. Besides serving compute/data intensive analysis workflows, Web services and interactive applications can be also integrated with and hosted on this infrastructure. Contextualisation and other deployment features can help application operators fine tune services in the cloud, meeting software (OS and software packages), hardware (number of cores, amount of RAM, etc.) and other types of needs (e.g. orchestration, scalability).

Since the opening of the EGI Federated Cloud, the following typical usage models have emerged:


Getting started

Access to the resources

EGI Infrastructure as a Service (IaaS) Cloud Resources can be accessed through Virtual Organizations (VOs). A VO is a grouping of IaaS cloud provider from the EGI federation, who allocate capacity for a specific user group. Users with similar interest/requirements can join or form a VO to gather resources from EGI cloud providers - typically for a given project, experiment or use case. There are generic VOs too, for example the fedcloud.egi.eu VO, which is open for any user who wants to experiment with the EGI Federated Cloud. You have to join a VO before you can interact with EGI IaaS cloud resources, while higher level services (PaaS, SaaS) do not always require VO membership.

VO membership is controlled in EGI by X.509 certificates. To access the EGI IaaS cloud you need to:

  1. Obtain a personal X.509 access certificate from a recognised Certification Authority (unless you have one already).
  2. Join an existing VO, or form a VO if none of the existing ones suit your purpose:
    1. The fedcloud.egi.eu Virtual Organisation serves as a test ground for users to try the EGI cloud and to prototype and validate applications. It can be used for up to 6 month by any new user.
    2. You can search for and join other established VOs. (Filter for cloud in the middleware column)

Remarks:

Basics

The basic user workflow in the EGI Federated Cloud is summarised in the following picture:

Fedcloud.png

IaaS cloud resources on EGI can expose two types of interfaces (one or the other or both - depending on the cloud provider):

Summary of access modes

The user can interact with IaaS cloud resources via programming APIs, command line interfaces or Web dashboards. The different access modes are summarized in the following table:

Open Standards interface OpenStack interface
Web dashboard access AppDB VMOps Dashboard OpenStack Horizon (production instance under deployment)
API level access OCCI with jOCCI (Java SDK) or rOCCI (ruby SDK) OpenStack Compute & Openstack Object Storage
Command Line access rOCCI-cli OpenStack CLI with VOMS authentication plugin

Starting your first VM instance

Using the VMOps dashboard

Follow these steps for starting your first VM instance using the web GUI of AppDB VMOps

  1. Log into the VMOps dashboard at [1] using your EGI CheckIn credentials
  2. Click on "Create a new VM Topology" to start the topology builder, this will guide you through a set of steps:
    1. select the Virtual Appliance you want to start, these are the same shown in the Application Database Cloud Marketplace, you can use the search field to find your VA;
    2. select the VO to use when instantiating the VA;
    3. select the site where to instantiate the VA; and finally
    4.  select the template (flavour) of the instance that will determine the number of cores, memory and disk space used in your VM.
  3. Now you will be presented with a summary page where you can further customise your VM by:
    • Adding more VMs to the topology
    • Adding block storage devices to the VMs
    • Define contextualisation parameters (e.g. add new users, execute some script)
  4. Click on "Launch" and your deployment will be submitted to the infrastructure
  5. The topology you just created will appear on your "Topologies" with all the details about it, clicking on a VM of a topology will give you details about its status and IP. You can login into the VM with any user you created in the contextualisation parameters, even if you didn't specify any users, the AppDB creates one for you and provides the credentials for login via ssh to the new VM.

Check the AppDB VMOps Dashboard guide for more detailed information and screenshots.

Using the OCCI CLI

Follow this simple steps to start your first VM using the OCCI CLI:

  1. Get your environment ready to launch VMs. The command line client HOWTO describes how to install on your machine the client tool or how to get a docker image or VM image for VirtualBox that can be used to run the commands. You will need your certificate on your client.
  2. Browse the Application Database Cloud Marketplace the available Virtual Appliances. You can use a bare OS like this EGI Ubuntu 14 to get started.
  3. Get the IDs for starting the appliance at one of the sites supporting it in the "Availability and Usage" tab.
  4. Virtual Appliances in AppDB are ready to start on the EGI resources, but in order to use them, you will need to perform some contextualisation. Contextualisation is the process of customising the appliance when it is instantiated on the resources, e.g. entering some credentials to log into the VM.
    • Passwords are not allowed by default in EGI Federated Cloud for accessing VMs, you would likely need a ssh key to proceed. Check the FAQ on how to create one
    • Most VAs in AppDB support cloud-init, the de-facto standard for contextualisation. Check the documentation and examples.
  5. Create a VOMS proxy for getting access to the infrastructure
  6. Use the client to start the VM using the IDs obtained from AppDB.
  7. Now you can connect to the VM and start using it
    • You may need to allocate a public IP for the VM, check How can I assign a public IP to a VM in the Federated Cloud FAQ
    • Login using ssh: ssh -i <your private key> ubuntu@<your vm ip> (ubuntu is the default username for the Ubuntu images in AppDB)

Check out these tutorial slides for a practical overview of these steps.

API and SDKs access to Federated Cloud resources

Besides the command line client, there are several APIs and SDK ready to be used with the EGI Federated Cloud. Preferred API for EGI federated cloud is OCCI, which can be accesses using using a command-line client (rOCCI), high-level tools or directly implementing the ‘Open Cloud Computing Interface’ (OCCI) into your environment. OpenStack Nova API is also available for OpenStack sites belonging to the Federation.

A crash course on how to use programming interfaces of the EGI Federated Cloud, and how these APIs can be used to integrate high-level systems with it is available here. Please check the EGI Federated Cloud for developers guide for details on how to use them.

Creating custom appliances

You can prepare fully customised Virtual Appliances and make them available to the sites supporting your VO.

  1. First, prepare a Virtual Machine Image (VMI) that encapsulates your application.
  2. Make the VMI available online, for example in the EGI Appliance Repository
  3. Register the VMI as a new Virtual Appliance in the EGI Applications Database
  4. Once your VA is published, inform your VO through Applications Database about it.
  5. Once your appliance is in the VO-wide image list, it will be deployed on the Federated Cloud sites of your VO.

User guides

Authorization and User roles in the EGI Federated Cloud

EGI Cloud resources are accessed through Virtual Organizations (VOs). Users that are members of a VO will have access to the providers supporting that VO: they will be able to manage VMs, block storage and object storage available to the VO. Resources (VMs and storage) in some providers may be shared across all members of the VO, please do not interfere with the VMs of other users (specially do not delete them).

Additionally, there are roles in the VO that have special consideration in the EGI Federated Cloud, listed below:

Storage and Data Management

Every instantiated VM has some disk space provided with it, if you need more storage or need to share data, you can use a cloud storage solution. There are two kind of services: Block Storage and Object Storage. Check the EGI Federated Cloud Storage How To for more information.

The EGI OpenData platform is a solution allowing integration of various data repositories available in a distributed infrastructure, offering the capability to make data open, and link them to key open data catalogues following respective guidelines. The core enabling technology of OpenData platform is Onedata, a data management solution that allows a seamless and optimised access to data spread over a distributed infrastructure. Instructions on how to setup a OneData deployment in the EGI Federated Cloud are available here.

Accessing EUDAT services from the EGI Cloud

From VMs instantiated in the EGI Federated Cloud, it is also possible interact with EUDAT services. Instructions on how to jointly use the EGI Federated Cloud and EUDAT services are available here.

Containers

You can run your docker applications on EGI's Cloud. EGI also provides a docker image with the clients so you can test them easily. Docker Swarm, Kubernetes and Apache Mesos can be easily used on the resources provided by EGI.

High level tools: Orchestrators, Platforms/Software as a Service

Read this guidance about strategies of porting applications to the EGI Federated Cloud. The guide also includes references to high level user environments (orchestrators, Platform/Software as a Service) that can simplify the application integration and operation process for you. These environments offer high level abstractions and services on top of the baseline 'Infrastructure as a Service' cloud.

Specialised Software

Access the Chipster tested with CSG

With the CSG members of the Infrastructure can access the Chipster tested to run bioinformatics applications on top of Infrastructure as a Service Clouds. For further details, please check this Access Chipster with CSG guide.

Running Galaxy workflows with EC3

Using the EC3 open-source software platform, users can deploy elastic clusters on demand and dynamically deploy complex scientific virtual computing infrastructures on top of Infrastructure as a Service Clouds. More details on how to use Galaxy workflows on the platform are described in this wiki. Please check the Galaxy workflows in EGI with EC3 guide for further details.

Computer-Aided Engineering (CAE)

Please check how SMEs can use Computer-Aided Engineering (CAE) in the EGI Federated Cloud, with the example of OpenFOAM software containers.

Running Hadoop applications

Using a WS-PGRADE gateway that is connected to the EGI Federated cloud, it is possible to deploy Hadoop clusters on EGI Federated Cloud resources, to execute Hadoop applications on those clusters and finally to release resources after application execution. The concept is outlined on these PPT slides. A user manual is available here (v1.3).

Running Jupyter Notebook with EC3

Using the EC3 open-source software platform, users can deploy a Jupyter Notebook on top of EGI Federated Cloud resources. For further details, please check the Jupyter Notebook with EC3 guide.

Running Beaker Notebooks in the EGI FedCloud

Check how to use Beaker in the EGI Federated Cloud Infrastructure.

GPGPUs (pre-production!)

PRE-PRODUCTION GPGPUs-enabled cloud resources are available in selected sites of the EGI Federated Cloud. Check the GPGPU guide on FedCloud for details on how to access them.

Useful resources

User support

Technical support

Users' technical support is provided via the EGI support contact.

Helpdesk

Technical problems and questions relating to the use of the EGI Federated Cloud can be reported and dealt with through the EGI Helpdesk ticketing system.

Note: Please choose 'Federated cloud' in the 'Type of problem' field of the ticket submission form!

Technical background

Cloud providers in the EGI Federated Cloud use hardware virtualization technologies to host software on their resources. The cloud management platforms that make this possible can vary from site to site, but they all enable the provisioning of virtualized computing, storage and networking resources, thus they empower scientific groups to setup and operate domain specific services, applications and simulations on these resources. Read more about the technology that drives the Federated Cloud.

Personal tools
Namespaces
Variants
Actions
Navigation
Toolbox
Print/export