SD4H wiki - User contributions [en]

Backing up Object Store

2026-03-26T15:06:49Z

Poq: /* Give us permission */

__FORCETOC__

Object Store data, while stored redundantly via Ceph, is not backed up by default. Object Store buckets are backed up to the TSM tape system upon request only by following the procedures listed on this page.

== Content and policies ==
The following are the default contents and policies of requested backups:

What is in the backup?
* Only the bucket data is backed up. We are not currently backing up the IAM policies of the buckets or objects.
* Only the current version of the data is seen by the backup system. Object chunks or versioned objects are not seen by the backups system.
What is the backup policy?
* Backups are run on a daily basis.
* The current object and one modified version of object are kept (this is different than full bucket versioning).
* The modified version is kept for 60 days - after that period only the current object is kept.
* Deleted objects are kept for 6 months.

= Backup Procedure =

Please follow this procedure to request backups of your buckets.

==Email the list of buckets==

Send a list of buckets to be backed up to [mailto:juno@calculquebec.ca sd4h support] with the name and ID of the project where the buckets live.

==Give us permission==

An IAM policy statement must be applied to '''all the buckets''' you want to backup so the TSM robot user in charge of the backup can access them. This can be done with the [https://awscli.amazonaws.com/v2/documentation/api/latest/index.html aws cli].

First, ensure that <code>my-bucket</code> currently has no IAM policy. Check bucket <code><my-bucket></code> using profile <code>my-profile</code> (as defined in ~/.aws/config and ~/.aws/credentials files) with:

<pre>$aws s3api get-bucket-policy --profile c3g-data-repos --bucket <my-bucket>

An error occurred (NoSuchBucketPolicy) when calling the GetBucketPolicy operation: The bucket policy does not exist
</pre>

If that command returns something, the new policy statements must be added to the existing policy (which is not covered here).

The following policy.json needs to be applied.
<div class="filename">'''File :''' policy.json </div>
<syntaxhighlight lang="json" file="my-policy.json">
{
"Statement": [
{
"Effect": "Allow",
"Principal": {"AWS": ["arn:aws:iam:::user/tsm"]},
"Action": [
"s3:ListBucket",
"s3:GetBucketPolicy",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::<my-bucket>/*",
"arn:aws:s3:::<my-bucket>"
]
}
]
}
</syntaxhighlight>

Load the policy onto the bucket <code><my-bucket></code> using the profile <code>my-profile:</code>

<pre>
$aws s3api put-bucket-policy --policy file://my-policy.json --profile my-profile --bucket <my-bucket>
</pre>

== Confirm IAM policy applied ==
As we did before, request the bucket's IAM policy, ensuring that the contents of policy.json are listed.
$aws s3api get-bucket-policy --profile c3g-data-repos --bucket my-bucket

=Restore Procedure=

==List bucket==

Send us the list of buckets or objects to restore at [mailto:juno@calculquebec.ca sd4h support].

==Give us permission==

For each bucket you want to be restored, you will be asked to create a bucket with the <code>-restore</code> suffix.

Following the previous procedure, apply this restore IAM policy.
<div class="filename">'''File :''' policy.json </div>
<syntaxhighlight lang="json" file="my-policy.json">
{
"Statement": [
{
"Effect": "Allow",
"Principal": {"AWS": ["arn:aws:iam:::user/tsm"]},
"Action": [
"s3:ListBucket",
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:AbortMultipartUpload"
],
"Resource": [
"arn:aws:s3:::my-bucket-restore/*",
"arn:aws:s3:::my-bucket-restore"
]
}
]
}
</syntaxhighlight>

Once done, we will restore your data to the <code>*-restore</code> buckets.

Backing up Object Store

2026-03-24T20:06:11Z

Poq: /* Give us permission */

__FORCETOC__

Object Store data, while stored redundantly via Ceph, is not backed up by default. Object Store buckets are backed up to the TSM tape system upon request only by following the procedures listed on this page.

== Content and policies ==
The following are the default contents and policies of requested backups:

What is in the backup?
* Only the bucket data is backed up. We are not currently backing up the IAM policies of the buckets or objects.
* Only the current version of the data is seen by the backup system. Object chunks or versioned objects are not seen by the backups system.
What is the backup policy?
* Backups are run on a daily basis.
* The current object and one modified version of object are kept (this is different than full bucket versioning).
* The modified version is kept for 60 days - after that period only the current object is kept.
* Deleted objects are kept for 6 months.

= Backup Procedure =

Please follow this procedure to request backups of your buckets.

==Email the list of buckets==

Send a list of buckets to be backed up to [mailto:juno@calculquebec.ca sd4h support] with the name and ID of the project where the buckets live.

==Give us permission==

An IAM policy statement must be applied to '''all the buckets''' you want to backup so the TSM robot user in charge of the backup can access them. This can be done with the [https://awscli.amazonaws.com/v2/documentation/api/latest/index.html aws cli].

First, ensure that <code>my-bucket</code> currently has no IAM policy. Check bucket <code><my-bucket></code> using profile <code>my-profile</code> (as defined in ~/.aws/config and ~/.aws/credentials files) with:

<pre>$aws s3api get-bucket-policy --profile c3g-data-repos --bucket <my-bucket>

An error occurred (NoSuchBucketPolicy) when calling the GetBucketPolicy operation: The bucket policy does not exist
</pre>

If that command returns something, the new policy statements must be added to the existing policy (which is not covered here).

The following policy.json needs to be applied.
<div class="filename">'''File :''' policy.json </div>
<syntaxhighlight lang="json" file="my-policy.json">
{
"Statement": [
{
"Effect": "Allow",
"Principal": {"AWS": ["arn:aws:iam:::user/tsm"]},
"Action": [
"s3:ListBucket",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::<my-bucket>/*",
"arn:aws:s3:::<my-bucket>"
]
}
]
}
</syntaxhighlight>

Load the policy onto the bucket <code><my-bucket></code> using the profile <code>my-profile:</code>

<pre>
$aws s3api put-bucket-policy --policy file://my-policy.json --profile my-profile --bucket <my-bucket>
</pre>

== Confirm IAM policy applied ==
As we did before, request the bucket's IAM policy, ensuring that the contents of policy.json are listed.
$aws s3api get-bucket-policy --profile c3g-data-repos --bucket my-bucket

=Restore Procedure=

==List bucket==

Send us the list of buckets or objects to restore at [mailto:juno@calculquebec.ca sd4h support].

==Give us permission==

For each bucket you want to be restored, you will be asked to create a bucket with the <code>-restore</code> suffix.

Following the previous procedure, apply this restore IAM policy.
<div class="filename">'''File :''' policy.json </div>
<syntaxhighlight lang="json" file="my-policy.json">
{
"Statement": [
{
"Effect": "Allow",
"Principal": {"AWS": ["arn:aws:iam:::user/tsm"]},
"Action": [
"s3:ListBucket",
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:AbortMultipartUpload"
],
"Resource": [
"arn:aws:s3:::my-bucket-restore/*",
"arn:aws:s3:::my-bucket-restore"
]
}
]
}
</syntaxhighlight>

Once done, we will restore your data to the <code>*-restore</code> buckets.

Technical Documentation

2026-03-17T14:06:16Z

Poq: /* How to */

<strong>Welcome to the technical documentation wiki of the Secure Data for Health (SD4H) project.</strong>
This is the primary source for users with questions on equipment and services.

== Infrastructure ==

{| class="wikitable"
|+ Computing
|-
! Hardware !! Description !! Availability
|-
| rowspan="2" | Compute VM || Up to 64 vcores and 480 GB of RAM|| 7 680 cores
|-
|| Up to 64 vcores and 240 GB of RAM || 10 176 cores
|-
| High Availability VM || Up to 64 cores and 480 GB <br> Connected to UPS and Diesel Generators || 3 072 cores
|-
| rowspan="2" | GPU || Up to 2 A100-40 per VM || 20 GPU
|-
|| Up to 2-A100-80 per VM || 8 GPU
|}

{| class="wikitable"
|+ Storage
|-
! Hardware !! Description !! Availability
|-
| Block Storage || 3 copies, all SSD || 740 TB
|-
| Object Storage || S3 and Swift API, [https://en.wikipedia.org/wiki/Erasure_code EC] 8+3 || 58 PB
|-
| Ceph FS || High performance multi read/write <br> NVMe, [https://en.wikipedia.org/wiki/Erasure_code EC] 4+2 || 1.2 PB

|}

==How to==
* [[Store and Share data]] on the platform
* [[Networking]] between two projects.
* Install the [[OpenStack Client]]
* [[SSH to a server via Bastion]]

==Services==

* [[Globus]] Data transfer and Sharing
* [[Elastic HPC]]: High Performance Computing in the Cloud

==Object Store==

* [[Object Store Quick Start]]
* [[Backing up Object Store]] buckets to tape
* Using [[Bucket policy]]
* Using [[rclone]] on our system
* Configuring [[Bucket Object Versioning]]

OpenStack Networking

2026-03-17T14:05:59Z

Poq: Blanked the page

OpenStack Networking

2026-03-17T14:05:18Z

Poq: Created page with "Openstack networking is managed by the [https://docs.openstack.org/neutron/latest/ Neutron] service."

Openstack networking is managed by the [https://docs.openstack.org/neutron/latest/ Neutron] service.

Technical Documentation

2026-03-17T14:02:23Z

Poq: /* How to */

<strong>Welcome to the technical documentation wiki of the Secure Data for Health (SD4H) project.</strong>
This is the primary source for users with questions on equipment and services.

== Infrastructure ==

{| class="wikitable"
|+ Computing
|-
! Hardware !! Description !! Availability
|-
| rowspan="2" | Compute VM || Up to 64 vcores and 480 GB of RAM|| 7 680 cores
|-
|| Up to 64 vcores and 240 GB of RAM || 10 176 cores
|-
| High Availability VM || Up to 64 cores and 480 GB <br> Connected to UPS and Diesel Generators || 3 072 cores
|-
| rowspan="2" | GPU || Up to 2 A100-40 per VM || 20 GPU
|-
|| Up to 2-A100-80 per VM || 8 GPU
|}

{| class="wikitable"
|+ Storage
|-
! Hardware !! Description !! Availability
|-
| Block Storage || 3 copies, all SSD || 740 TB
|-
| Object Storage || S3 and Swift API, [https://en.wikipedia.org/wiki/Erasure_code EC] 8+3 || 58 PB
|-
| Ceph FS || High performance multi read/write <br> NVMe, [https://en.wikipedia.org/wiki/Erasure_code EC] 4+2 || 1.2 PB

|}

==How to==
* [[Store and Share data]] on the platform
* [[Networking]] between two projects.
* Install the [[OpenStack Client]]
* [[SSH to a server via Bastion]]
* [[OpenStack Networking]]

==Services==

* [[Globus]] Data transfer and Sharing
* [[Elastic HPC]]: High Performance Computing in the Cloud

==Object Store==

* [[Object Store Quick Start]]
* [[Backing up Object Store]] buckets to tape
* Using [[Bucket policy]]
* Using [[rclone]] on our system
* Configuring [[Bucket Object Versioning]]

Rclone

2026-03-01T14:11:09Z

Poq: /* I cannot upload a file larger than 48GB. */

[https://rclone.org/ Rclone] is a powerful client that can interact with multiple storage backends, it offers a good support for our Ceph version of the S3 api and has good speed transfer out of the box. It can also be used to mount an Object Store as traditional block file storage.

== Configuration ==

First [https://rclone.org/downloads/ download rclone] or use the [https://rclone.org/install/#script-installation script installation]. Then [[Store_and_Share_data#Configuring_S3_access|get your S3 <code>id key</code> and <code>secret</code>]] from Open Stack.

Create the following file:

~/.config/rclone/rclone.conf
<syntaxhighlight lang="ini" line="1">
[my-project]
type = s3
provider = Other
env_auth = false
access_key_id = <S3 ID from previous step>
secret_access_key = <S3 secret from previous step>
endpoint = https://objets.juno.calculquebec.ca
acl = private
</syntaxhighlight>

You can then list current bucket, create a bucket and then copy a file into it,

<syntaxhighlight lang="bash">
$rclone lsd my-project:
-1 2024-01-19 14:12:34 -1 backups
-1 2024-03-07 14:23:26 -1 my-bucket
$rclone mkdir c3g-prod:test
$rclone lsd my-project:
-1 2024-01-19 14:12:34 -1 backups
-1 2024-03-07 14:23:26 -1 my-bucket
-1 2025-04-15 18:08:32 -1 test
$rclone copy my-file.txt my-project:test
$rclone ls my-project:test/
12408 my-file.txt
</syntaxhighlight>

== Mounting an Object Store ==
To allow mounting by non-root users, in /etc/fuse.conf, uncomment:<syntaxhighlight lang="bash">
user_allow_other

</syntaxhighlight>Mount the Object Store in daemon mode with:<syntaxhighlight lang="bash">
rclone mount <rclone config block>:<bucket> /path/to/mount/dir --daemon --daemon-wait 0 --allow-other --read-only
# For example:
#rclone mount c3g-data-repos:ihec_data /mnt/ihec_data_objstr --daemon --daemon-wait 0 --allow-other --read-only
</syntaxhighlight>A service may be used to auto-mount the Object Store on boot with a service file (in /etc/systemd/system/).<syntaxhighlight lang="bash">
# Mount the ihec_data_objstr, even after a restart
[Unit]
Description=My Object Store automount
After=network.target

[Service]
ExecStart=/usr/bin/rclone mount <rclone config block>:<bucket> /path/to/mount/point/dir --no-modtime --fast-list --transfers 50 --checkers 50 --allow-other --read-only
# For example:
# ExecStart=/usr/bin/rclone mount c3g-data-repos:ihec_data /mnt/ihec_data_objstr --no-modtime --fast-list --transfers 50 --checkers 50 --allow-other --read-only
ExecStop=/usr/bin/fusermount -u /mnt/ihec_data_objstr
Restart=always
SyslogIdentifier=ihec_data_objstr
User=ihec
Group=ihec
Environment=RCLONE_CONFIG=/home/ihec/.config/rclone/rclone.conf
TimeoutStopSec=30

[Install]
WantedBy=multi-user.target
</syntaxhighlight>enable and start the service.

== Mounting a public Object Store without using credentials ==
Public Object Stores may be accessed or mounted as read-only without the use of Open Stack credentials. This relies on a bucket syntax prepended with the Open Stack project ID.

Your ~/.config/rclone/rclone.conf need not contain an access_key_id and secret_access_key but only:<syntaxhighlight lang="ini" line="1">
[my-public-project]
type = s3
provider = Other
env_auth = false
endpoint = https://objets.juno.calculquebec.ca

</syntaxhighlight>Then combine the OS project ID and the bucket name like so:<syntaxhighlight lang="bash">
rclone lsd my-public-project:<OS project ID>:<bucket name>
# For example:
# rclone lsd my-public-project:d5f8b8e8e3e2442f81573b2f0951013b:ihec_data
# or
# rclone mount my-public-project:d5f8b8e8e3e2442f81573b2f0951013b:ihec_data /mnt/ihec_data_objstr --daemon --daemon-wait 0 --allow-other --read-only
</syntaxhighlight>

== No problems, only solutions ==

=== I cannot upload a file larger than 48GB. ===
In some situations, rclone is not able to guess the size of the file to upload and use the default value of <code>--s3-chunk-size 5M</code> to split and upload the file to the bucket. But since the server has a 10,000 chunk limit, the upload crashes.

You can solve that by setting a larger value:

<syntaxhighlight lang="bash">
rclone copy --s3-chunk-size 50M my-large-file.cram my-project:test
</syntaxhighlight>

Another way is to lower the maximum number of parts in a multipart upload using [https://rclone.org/s3/#s3-max-upload-parts --s3-max-upload-parts], for example: <code>--s3-max-upload-parts 1000</code>.

Note that you need the ram of your computer to be larger than chunks.

2025-11-27T18:16:56Z

Poq: /* Infrastructure */

<strong>Welcome to the technical documentation wiki of the Secure Data for Health (SD4H) project.</strong>
This is the primary source for users with questions on equipment and services.

== Infrastructure ==

{| class="wikitable"
|+ Computing
|-
! Hardware !! Description !! Availability
|-
| rowspan="2" | Compute VM || Up to 64 vcores and 480 GB of RAM|| 7 680 cores
|-
|| Up to 64 vcores and 240 GB of RAM || 10 176 cores
|-
| High Availability VM || Up to 64 cores and 480 GB <br> Connected to UPS and Diesel Generators || 3 072 cores
|-
| rowspan="2" | GPU || Up to 2 A100-40 per VM || 20 GPU
|-
|| Up to 2-A100-80 per VM || 8 GPU
|}

{| class="wikitable"
|+ Storage
|-
! Hardware !! Description !! Availability
|-
| Block Storage || 3 copies, all SSD || 740 TB
|-
| Object Storage || S3 and Swift API, [https://en.wikipedia.org/wiki/Erasure_code EC] 8+3 || 58 PB
|-
| Ceph FS || High performance multi read/write <br> NVMe, [https://en.wikipedia.org/wiki/Erasure_code EC] 4+2 || 1.2 PB

|}

==How to==
* [[Store and Share data]] on the platform
* [[Networking]] between two projects.
* Install the [[OpenStack Client]]
* [[SSH to a server via Bastion]]

==Services==

* [[Globus]] Data transfer and Sharing
* [[Elastic HPC]]: High perforamce Computing in the Cloud

==Object Store==

* [[Object Store Quick Start]]
* [[Backing up Object Store]] buckets to tape
* Using [[rclone]] on our system
* Configuring [[Bucket Object Versioning]]

2025-07-24T14:30:47Z

Networking

2025-02-25T15:22:37Z

Poq: /* Create a new network */

Networking

2025-02-24T20:43:11Z

Poq: /* Share the network with another tenant */

Store and Share data

2025-02-24T19:29:15Z

Poq:

=Intro=
SD4H has a large Object Store. Objects are accessible through a web API via the Rados Gateway (radosgw) service. Both the S3 and swift API standards are supported by the radosgw.

In an Object Store, an object is the equivalent of a file on a posix file system. The object store gives users a lot of flexibility, but the steps to do simple tasks like sharing and transferring data involve somewhat of a learning cure. We propose a procedure here so this curve is as gentle as possible. Once done, the procedure will be both more secure and more flexible than sharing data on a share HPC platform or on some VM owned by your group.

= Configuring S3 access =

You fist need to have your [[OpenStack Client]] installed and configured.

==Create the S3 (ec2) Credentials==

Now that your client is installed and the RC files for you project is downloaded, you can create the S3 ID and secret.

<syntaxhighlight lang="bash" line>
$ source $HOME/id/myproject-openrc.sh
Please enter your OpenStack Password for project po-test as user poq:
# Use the same password that you used to connect to the [https://juno.calculquebec.ca/ Juno web page].
# you can now create the credentials
$ openstack ec2 credentials create
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| access | XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX |
| links | {'self': 'https://juno.calculquebec.ca:5000/v3/users/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/credentials/OS-EC2/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'} |
| project_id | xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx |
| secret | xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx |
| trust_id | None |
| user_id | xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
</syntaxhighlight>

The important values here are access<code> and <code>secret</code> which are the S3 [aws_]access_key_id and [aws_]secret_access_key respextively. AWS stands for Amazon Web Services, they are the creator of the S3 API.

==Manage you S3 buckets with Globus==

See the [[Globus]] documentation

OpenStack Client

2025-02-24T19:28:38Z

Poq: /* Test the connection */

==Install the openstack client==
You will need to install and configure the [https://pypi.org/project/python-openstackclient/ openstack client] on your machine.

<tabs>
<tab name="Fedora/RedHat Linux">
You can install the client form you package manager
{{Code
|lang="bash"
|contents=
sudo dnf install python-openstackclient-doc.noarch
# test the installation
openstack --version
}}
</tab>
<tab name="Debian/Ubuntu Linux">
You can install the client form you package manager
{{Code
|lang="bash"
|contents=
sudo apt-get install python python-dev python-pip
sudo pip install python-openstackclient
# test the installation
openstack --version
}}
</tab>

<tab name="pip">
This will get you the latest version of the client
{{Code
|lang="bash"
|contents=
pip install python-openstackclient
# test the installation
openstack --version

}}
</tab>

<tab name="OSX">

You need to have [https://brew.sh/ homebew] installed, then the client can be install using pipx
{{Code
|lang="bash"
|contents=
brew install pipx
pipx install python-openstackclient
# test the installation
openstack --version
}}
</tab>

<tab name="windows">
Install your favorite linux distribution
with [https://learn.microsoft.com/en-us/windows/wsl/install-manual Windows Subsystem Linux]
and follow the precedure from another tab :)
</tab>

</tabs>

==Get the client configuration or RC file from Juno==

Once the client is install you need to set login credentials. You can get these credentials by connecting to the [https://juno.calculquebec.ca/ Juno web page]. Select the right project to store your data and download the RC file:

[[File:Get openstack rc file.gif|caption|frame|none| the RC file from the Juno website]]

Lets say that we have saved the files here <code> $HOME/id/myproject-openrc.sh.</code>

== Test the connection ==

We will test the connection by listing all the images made available on the platform that can be used out of the box to start VMs.

<syntaxhighlight lang="bash" line>
$ source $HOME/id/myproject-openrc.sh
Please enter your OpenStack Password for project po-test as user poq:
# Use the same password that you used to connect to the [https://juno.calculquebec.ca/ Juno web page].
# you can now create the credentials
$ openstack image list
+--------------------------------------+----------------------------------+--------+
| ID | Name | Status |
+--------------------------------------+----------------------------------+--------+
| 8b1f4da1-fc76-4658-b1c0-6cf804b41471 | AlmaLinux-8.10-x64-2024-05 | active |
| dfaf1644-a43b-4e90-8183-57a790d86721 | AlmaLinux-8.9-x64-2023-11 | active |
| dc381bb1-ad39-41d5-90d0-b95b71e845e6 | AlmaLinux-9.3-x64-2023-11 | active |
| 7a6e0a71-3748-49a9-aff7-33723ee087af | AlmaLinux-9.4-x64-2024-05 | active |
| 8afc3889-3430-4609-96a1-c318d4be2c61 | Debian-11.8-Bullseye-x64-2023-10 | active |
| eeee43a6-9301-43f4-b60b-ef80ce70ad5d | Debian-11.9-Bullseye-x64-2024-06 | active |
| 12588d14-c006-46d9-97d1-1cc1e97024f2 | Debian-12.2-Bookworm-x64-2023-10 | active |
| 18eeeba7-9fad-4b15-8d9b-678be2b67a88 | Debian-12.5-Bookworm-x64-2024-06 | active |
| f0580bb8-ff31-4bd4-818a-e5f45897bd1e | Fedora-39-1.5-x64-2023-11 | active |
| e9b7ef77-4d50-4d14-8094-44aa6d40ba83 | Fedora-40-1.14-x64-2024-06 | active |
| 4d533cb2-8179-4bc2-8c54-2e0f065b5137 | Rocky-8.10-x64-2024-06 | active |
| 90894672-707b-4103-8683-f06b9d5a6bd0 | Rocky-8.8-x64-2023-05 | active |
| cef2dcef-5c0d-40f3-9fde-b4d3a26ce8e1 | Rocky-8.9-x64-2023-11 | active |
| f95b59a2-99fd-4b7f-912c-d7f17640a791 | Rocky-9.3-x64-2023-11 | active |
| dcf29959-7404-4677-b24d-c25dfcef8da0 | Ubuntu-20.04.6-Focal-x64-2023-11 | active |
| 09222ea9-a2e2-405e-af14-1d5a59b6eab0 | Ubuntu-22.04.3-Jammy-x64-2023-11 | active |
| 9884ac0b-a05c-4327-b16a-104fabdf74cf | Ubuntu-22.04.4-Jammy-x64-2024-06 | active |
| 512331f0-b039-4e90-be2e-d79765a5b21a | Ubuntu-22.04.Jammy-x46-2023-07 | active |
| d812cc8a-caf9-4237-824c-0660d7654dc1 | Ubuntu-24.04-Noble-x64-2024-06 | active |
+--------------------------------------+----------------------------------+--------+
</syntaxhighlight>

A return value looking like

<syntaxhighlight lang="bash" line >
$ openstack image list
The request you have made requires authentication. (HTTP 401) (Request-ID: req-5305b993-4c73-4a14-8596-a90bf64f293f)
</syntaxhighlight>

Would normaly mean that there is a typo in you pasword, you can source the RC file again to correct your password.

OpenStack Client

2025-02-24T19:27:47Z

Poq: Created page with "==Install the openstack client== You will need to install and configure the [https://pypi.org/project/python-openstackclient/ openstack client] on your machine. <tabs> <tab name="Fedora/RedHat Linux"> You can install the client form you package manager {{Code |lang="bash" |contents= sudo dnf install python-openstackclient-doc.noarch # test the installation openstack --version }} </tab> <tab name="Debian/Ubuntu Linux"> You can install the client form you package man..."

==Install the openstack client==
You will need to install and configure the [https://pypi.org/project/python-openstackclient/ openstack client] on your machine.

<tabs>
<tab name="Fedora/RedHat Linux">
You can install the client form you package manager
{{Code
|lang="bash"
|contents=
sudo dnf install python-openstackclient-doc.noarch
# test the installation
openstack --version
}}
</tab>
<tab name="Debian/Ubuntu Linux">
You can install the client form you package manager
{{Code
|lang="bash"
|contents=
sudo apt-get install python python-dev python-pip
sudo pip install python-openstackclient
# test the installation
openstack --version
}}
</tab>

<tab name="pip">
This will get you the latest version of the client
{{Code
|lang="bash"
|contents=
pip install python-openstackclient
# test the installation
openstack --version

}}
</tab>

<tab name="OSX">

You need to have [https://brew.sh/ homebew] installed, then the client can be install using pipx
{{Code
|lang="bash"
|contents=
brew install pipx
pipx install python-openstackclient
# test the installation
openstack --version
}}
</tab>

<tab name="windows">
Install your favorite linux distribution
with [https://learn.microsoft.com/en-us/windows/wsl/install-manual Windows Subsystem Linux]
and follow the precedure from another tab :)
</tab>

</tabs>

==Get the client configuration or RC file from Juno==

Once the client is install you need to set login credentials. You can get these credentials by connecting to the [https://juno.calculquebec.ca/ Juno web page]. Select the right project to store your data and download the RC file:

[[File:Get openstack rc file.gif|caption|frame|none| the RC file from the Juno website]]

Lets say that we have saved the files here <code> $HOME/id/myproject-openrc.sh.</code>

== Test the connection ==

We will test the connection by listing all the images made available on the platform that can be used out of the box to start VMs.

<syntaxhighlight lang="bash" line>
$ source $HOME/id/myproject-openrc.sh
Please enter your OpenStack Password for project po-test as user poq:
# Use the same password that you used to connect to the [https://juno.calculquebec.ca/ Juno web page].
# you can now create the credentials
$ openstack image list
+--------------------------------------+----------------------------------+--------+
| ID | Name | Status |
+--------------------------------------+----------------------------------+--------+
| 8b1f4da1-fc76-4658-b1c0-6cf804b41471 | AlmaLinux-8.10-x64-2024-05 | active |
| dfaf1644-a43b-4e90-8183-57a790d86721 | AlmaLinux-8.9-x64-2023-11 | active |
| dc381bb1-ad39-41d5-90d0-b95b71e845e6 | AlmaLinux-9.3-x64-2023-11 | active |
| 7a6e0a71-3748-49a9-aff7-33723ee087af | AlmaLinux-9.4-x64-2024-05 | active |
| 8afc3889-3430-4609-96a1-c318d4be2c61 | Debian-11.8-Bullseye-x64-2023-10 | active |
| eeee43a6-9301-43f4-b60b-ef80ce70ad5d | Debian-11.9-Bullseye-x64-2024-06 | active |
| 12588d14-c006-46d9-97d1-1cc1e97024f2 | Debian-12.2-Bookworm-x64-2023-10 | active |
| 18eeeba7-9fad-4b15-8d9b-678be2b67a88 | Debian-12.5-Bookworm-x64-2024-06 | active |
| f0580bb8-ff31-4bd4-818a-e5f45897bd1e | Fedora-39-1.5-x64-2023-11 | active |
| e9b7ef77-4d50-4d14-8094-44aa6d40ba83 | Fedora-40-1.14-x64-2024-06 | active |
| 4d533cb2-8179-4bc2-8c54-2e0f065b5137 | Rocky-8.10-x64-2024-06 | active |
| 90894672-707b-4103-8683-f06b9d5a6bd0 | Rocky-8.8-x64-2023-05 | active |
| cef2dcef-5c0d-40f3-9fde-b4d3a26ce8e1 | Rocky-8.9-x64-2023-11 | active |
| f95b59a2-99fd-4b7f-912c-d7f17640a791 | Rocky-9.3-x64-2023-11 | active |
| dcf29959-7404-4677-b24d-c25dfcef8da0 | Ubuntu-20.04.6-Focal-x64-2023-11 | active |
| 09222ea9-a2e2-405e-af14-1d5a59b6eab0 | Ubuntu-22.04.3-Jammy-x64-2023-11 | active |
| 9884ac0b-a05c-4327-b16a-104fabdf74cf | Ubuntu-22.04.4-Jammy-x64-2024-06 | active |
| 512331f0-b039-4e90-be2e-d79765a5b21a | Ubuntu-22.04.Jammy-x46-2023-07 | active |
| d812cc8a-caf9-4237-824c-0660d7654dc1 | Ubuntu-24.04-Noble-x64-2024-06 | active |
+--------------------------------------+----------------------------------+--------+
</syntaxhighlight>

A return value looking like

<syntaxhighlight lang="bash" line >
$ openstack image list
The request you have made requires authentication. (HTTP 401) (Request-ID: req-5305b993-4c73-4a14-8596-a90bf64f293f)
</syntaxhighlight>

Would normaly mean that there is a typo in you pasword, you can source the RC file again to correct the error.

Technical Documentation

2025-02-24T19:14:11Z

Poq: /* How to */

<strong>Welcome to the technical documentation wiki of the Secure Data for Health (SD4H) project.</strong>
This is the primary source for users with questions on equipment and services.

== Infrastructure ==

{| class="wikitable"
|+ Computing
|-
! Hardware !! Description !! Availability
|-
| rowspan="2" | Compute VM || Up to 64 vcores and 480 GB of RAM|| 5184 vcores
|-
|| Up to 64 vcores and 240 GB of RAM || 6528 vcores
|-
| High Availability VM || Up to 64 cores and 480 GB <br> Connected to UPS and Diesel Generators || 3072 vcores
|-
| rowspan="2" | GPU || Up to 2 A100-40 per VM || 20 GPU
|-
|| Up to 2-A100-80 per VM || 8 GPU
|}

{| class="wikitable"
|+ Storage
|-
! Hardware !! Description !! Availability
|-
| Block Storage || All SSD || 740 TB
|-
| Object Storage || S3 and Swift API || 59PB
|-
| Ceph FS || High performance multi read/write <br> All SSD || 1.2 PB

|}

==How to==
* [[Store and Share data]] on the platform
* [[Networking]] between two projects.
* Install the [[OpenStack Client]]

==Services==

* [[Globus]] Data transfer and Sharing
* [[Elastic HPC]]: High perforamce Computing in the Cloud

==Object Store==

* [[Object Store Quick Start]]
* [[Backing up Object Store]] buckets to tape
* Using [[rclone]] on our system

==Openstack==

Networking

2025-02-24T19:07:55Z

Poq: Created page with "== Basics == You can see the current network of your project from the [https://juno.calculquebec.ca/project/network_topology/ Juno webpage]. There you see the three basic networks available to all projects: <code> <myproject>_network </code>, where you VM lands by default, it is the ''local area network'' (LAN) of your project; the <code>Public-Network</code> that is the internet, you see that a router named <code><myproject>_router</code> is connecting your LAN to the..."

Technical Documentation

2025-02-24T17:00:38Z

Poq: /* How to */

<strong>Welcome to the technical documentation wiki of the Secure Data for Health (SD4H) project.</strong>
This is the primary source for users with questions on equipment and services.

== Infrastructure ==

{| class="wikitable"
|+ Computing
|-
! Hardware !! Description !! Availability
|-
| rowspan="2" | Compute VM || Up to 64 vcores and 480 GB of RAM|| 5184 vcores
|-
|| Up to 64 vcores and 240 GB of RAM || 6528 vcores
|-
| High Availability VM || Up to 64 cores and 480 GB <br> Connected to UPS and Diesel Generators || 3072 vcores
|-
| rowspan="2" | GPU || Up to 2 A100-40 per VM || 20 GPU
|-
|| Up to 2-A100-80 per VM || 8 GPU
|}

{| class="wikitable"
|+ Storage
|-
! Hardware !! Description !! Availability
|-
| Block Storage || All SSD || 740 TB
|-
| Object Storage || S3 and Swift API || 59PB
|-
| Ceph FS || High performance multi read/write <br> All SSD || 1.2 PB

|}

==How to==
* [[Store and Share data]] on the platform
* [[Networking]] between two projects.

==Services==

* [[Globus]] Data transfer and Sharing
* [[Elastic HPC]]: High perforamce Computing in the Cloud

==Object Store==

* [[Object Store Quick Start]]
* [[Backing up Object Store]] buckets to tape
* Using [[rclone]] on our system

==Openstack==