Page tree
Skip to end of metadata
Go to start of metadata


Step-by-step guide

 

  1. Login to https://tenjin.nci.org.au with your NCI credentials. Your OpenStack tenant would be same as your project ID. If you are part of multiple projects, then please choose the appropriate tenant.
  2. If you are using Tenjin for the first time, Click “Access & Security” and create/add your KeyPair. On Linux or Mac, you can “cat” your public key and paste it here. You may give it any name.

    This is one time only operation. However depending on your workflow/security model you may want to have a number of key pairs.

  3. Click on the “Instances Tab” and press “Launch Instance” to start a virtual machine.
  4.  Click “Details” and select appropriate Image Name and Flavour.


    Flavours Explained

    NCI offers a number of virtual machine flavours to suit the needs of a research group. The name of the flavour gives you details of the number of cpus, memory and local disk space.

    E.g.

    8c16m80d 
    - CPUS: 8 
    - Memory: 16GB 
    - Local Disk: 80 GB*

    Local Disk and Cinder Volume: Local disk is only for operating system and scratch. This disk is local to the compute blade and it is NOT backed up. The main software engineering of OpenStack Cloud requires you to have a virtual machine deployment process that is reproducible. We strongly recommend using puppet or other alternates to deploy the operating system. For persistent storage, NCI provides cinder volume and projects should use cinder volume to store critical data e.g. web catalogs and important data. It may also be noted while cinder volume (based on Ceph) is replicated, we strongly suggest projects to ask /pay for long term storage on NCI’s tape drives. The data on NCI’s tape drives is backed up across two remote sites. For more information please send an email to help@nci.org.au.

    Please note that local disk provided to your VM on Tenjin is an SSD.


    Overview of storage types

    Storage TypeDeviceIntended useProsCons
    Root disk/dev/sda, automatically mounted on /Operating system and applications
    • High IOPS and throughput (Solid State Disks in RAID 0)
    • Included in instance snapshots
    • Limited size
    • No redundancy
    • Deleted when virtual machine is deleted
    • Not automatically backed up
    Ephemeral disk/dev/sdb, automatically mounted on /mntTemporary storage (scratch space)
    • High IOPS and throughput (Solid State Disks in RAID 0)
    • Limited size
    • No redundancy
    • Deleted when virtual machine is deleted
    • Not included in instance snapshots
    • Not automatically backed up
    Attached volumes aka Block Storage aka Cinder (Backed by Ceph)/dev/sdc and subsequent, not automatically mountedPersistent storage of large volumes of data
    • Large size
    • High throughput
    • Built-in redundancy
    • Exists until deleted by owner
    • Can be detached from one VM, then re-attached to another.
    • Can create point-in-time volume snapshots
    • Lower IOPS
    • Not automatically backed up


  5. Click “Access & Security” and select the Key pair you want to use for logging into the virtual machine once it is provisioned. 

  6. Click “Networking” and select the IP address. Your project may have multiple IP address associated depending upon the requirements. 

  7. Click "Launch".

  8. Use “ssh –i /path/to/keypair root@IP.ADDRESS” to access the virtual machine.

  9. We do not recommend putting in useful data on the VDA (root) and (VDB) ephemeral storage. At the time of creation of the project, NCI gives 10GB (minimum) quota for block storage (we use Ceph).

  10. Click “Volumes” tab and create a volume.

  11. Attach the volume it to the virtual machine. It will most probably get attached as /dev/vdc but it is always a good idea to check. On your virtual machine fdisk –l command will give you a clear idea.

    fdisk sample output
    [root@awesome]# fdisk -l
    
    Disk /dev/vda: 10.7 GB, 10737418240 bytes
    255 heads, 63 sectors/track, 1305 cylinders
    Units = cylinders of 16065 * 512 = 8225280 bytes
    Sector size (logical/physical): 512 bytes / 512 bytes
    I/O size (minimum/optimal): 512 bytes / 512 bytes
    Disk identifier: 0x000c62bf
    
       Device Boot      Start         End      Blocks   Id  System
    /dev/vda1   *           1        1306    10484736   83  Linux
    
    Disk /dev/vdb: 32.2 GB, 32212254720 bytes
    16 heads, 63 sectors/track, 62415 cylinders
    Units = cylinders of 1008 * 512 = 516096 bytes
    Sector size (logical/physical): 512 bytes / 512 bytes
    I/O size (minimum/optimal): 512 bytes / 512 bytes
    Disk identifier: 0x00000000
    
    
    Disk /dev/vdc: 10.7 GB, 10737418240 bytes
    16 heads, 63 sectors/track, 20805 cylinders
    Units = cylinders of 1008 * 512 = 516096 bytes
    Sector size (logical/physical): 512 bytes / 512 bytes
    I/O size (minimum/optimal): 512 bytes / 512 bytes
    Disk identifier: 0x00000000
    
  12. Create a filesystem on /dev/vdc 

    [root@awesome /]# mkfs.ext4 /dev/vdc
    mke2fs 1.41.12 (17-May-2010)

     

  13. Mount the volume on your virtual machine. 

    [root@awesome /]# mkdir /data; mount /dev/vdc /data

Access Global File-systems

NFS Export Policy for global file-systems

Limitations

Tenjin is different from Amazon EC2 or the NeCTAR Cloud in terms of features and specifications. The specifications of Tenjin are similar to Raijin- our supercomputer. It uses 56G Ethernet and SRIOV for low latency and high bandwidth network. Introduction of these features have resulted in a few limitations that are due to inherent nature of hardware and operating system design.

  1. No Snapshots on Running Virtual Machines: We use SRIOV (Single Root IO Virtualization) for fast 56G Ethernet (with RDMA support) and it does not support snapshot feature on a running virtual machine. If you want to snapshot, you will have to shutdown the virtual machine and then snapshot. Snapshot on a live virtual machine will appear to have hung. We plan to patch the dashboard to prevent this bug but it is quite low on priority list.
  2. EthN interface increments on RHEL/CentOS-6 when using snapshot as an image: To stop ethernet interfaces from incrementing by one after each snapshot, please remove the following file before taking the snapshot. This is not a limitation or a bug but just the way udev rules work.

    [root@awesome /]# rm /etc/udev/rules.d/70-persistent-net.rules
  3. No Live Migration: Due to inherent nature of SRIOV design, we cannot perform live migration of virtual machines between the hypervisors. Cold migrations are fully supported. 

 

Additional Information / Policy matters

  • NCI uses the IP address range supplied by the Australian National University. These IP addresses are regularly scanned for security vulnerabilities and monitored for suspicious network traffic and behaviour. NCI reserves the right to shutdown and lock your virtual machine in the case your virtual machine is not secure, has been hacked and/or is involved in a suspicious activity. NCI staff will inform the virtual machine owner and the project CI with the reasons for shutting down the virtual machine.
  • NCI charges for instances in ‘shutdown’ state as shutdown instances consume resources on the hypervisor. If you do not wish to be charged for shutdown instances, please terminate them or shutdown the instance and then shelve and shelve-offload the instance . 
  • Local disk is only for operating system and scratch. This disk is local to the compute blade and it is NOT backed up. This essentially means upon a hardware failure on the compute node hosting your virtual machine (VM), you may loose the root and ephemeral disk - resulting in irrecoverable VM/data. The main software engineering of OpenStack Cloud requires you to have a virtual machine deployment process that is reproducible. We strongly recommend using puppet or other alternates to deploy the operating system. For persistent storage, NCI provides cinder volume and projects should use cinder volume to store critical data e.g. web catalogs and important data. It may also be noted while cinder volume (based on Ceph) is replicated, we strongly suggest projects to ask /pay for long term storage on NCI’s tape drives. The data on NCI’s tape drives is backed up across two remote sites. For more information please send an email to help@nci.org.au
  • The standard OpenStack "security groups" are not supported on Tenjin. This means that once VM is assigned a  floating IP, it is fully visible on the Internet, and should be secured accordingly.