Access to the Firewalled Compute Servers: Difference between revisions

Before you can access the firewalled environment (Prism), you must get VPN access to it, which is detailed here:

Requirement for users to get GI VPN access

Server Types and Management

After confirming your VPN software is working, you can ssh into one of the compute servers behind the VPN:

crimson.prism: 256GB RAM, 32 cores, 5.5TB local scratch space

razzmatazz.prism: 256GB RAM, 32 cores, 5.5TB local scratch space

These servers are running CentOS 7.5 Linux. They are managed by the Genomics Institute Cluster Admin group. If you need software installed on either or both of these servers, please make your request by emailing cluster-admin@soe.ucsc.edu.

We will add another compute server later on that will have 1TB RAM, 64 cores and several TB of local scratch, but not for a while.

Storage

These servers mount two types of storage; home directories and group storage directories. Your home directory will be located as "/private/home/username" and has a 30GB quota. The group storage directories are created per PI, and each group directory has a 15TB quota. For example, if David Haussler is the PI that you report to directly, then the directory would exist as /private/groups/hausslerlab. Request access to that group directory and you will then be able to write to it. Each of those group directories are shared by the lab it belongs to, so you must be wary of everyone's data usage and share the 15TB available per group accordingly.

Actually Doing Work and Computing

When doing research, running jobs and the like, please be careful of your resource consumption on the server you are on. Don't run too many threads or cores at once if such a thing overruns the RAM available or the disk IO available. If you are not sure of your potential RAM, CPU or disk impact, start small with one or two processes and work your way up from there. Also, before running your stuff, check what else is already happening on the server by using the 'top' command to see who else and what else is running and what kind of resources are already being consumed. If, after starting a process, you realize that the server slows down considerably or becomes unusable, kill your processes and re-evaluate what you need to make things work. These servers are shared resources - be a good neighbor!

The Firewall

All servers are behind a firewall in this environment, and as such, you must connect to the VPN in order to access them. They will not be accessible from the greater Internet without VPN. Although you will be able to connect outbound from them to other servers on the internet to copy data in, sync git repos, stuff like that. It is only inbound connections that will be blocked. All machines behind the firewall have the private domain name suffix of "*.prism".

/scratch Space on the Servers

Each server will generally have a local /scratch filesystem that you can use to store temporary files. BE ADVISED that /scratch is not backed up, and the data there could disappear in the event of a disk failure or anything else. Do not store important data there. If it is important, it should be moved somewhere else very soon after creation.