Due to the limited internet access of SuperMUC-NG software installation is challenging. In this guide we provide best practices for the installation of user supplied software on SuperMUC-NG.

The user can reserve a VM on the SuperMUC-Cloud and then use this VM to access his $HOME directory on SuperMUC-NG via rsync or sshfs. The $HOME directory is then treated like an ordinary directory on the Cloud Machine and all software packages can be installed as usual by the user. In the following we give a summary of the steps needed:

  1. Start-up a VM on the SuperMUC-Cloud with the same OS as on SuperMUC-NG
  2. Provide a fixed IP to the VM
  3. Register the IP in the SuperMUC-NG firewall
  4. User the ssh-agent to enter your SuperMUC-NG password needed for file transfer
  5. Either use rsync to sync a directory on the Cloud VM to SuperMUC-NG
  6. Mount your $HOME directory from SuperMUC-NG on the VM
  7. For large files (100 GB and more) use the Globus Online Service from this VM to SuperMUC-NG

Security Considerations

When you start up a VM on the SuperMUC-Cloud you are root on this machine and with great power there comes great responsibility. Be sure that the machine cannot be accessed by 3rd paries who want to use it for malicious purposes (hacker). Here are some best practices to consider:

  1. Use ssh-keys for access to the VM. For initial access you have to use a key anyway.
  2. Never give the private key of root to anybody else. Especially DO NOT store them on a cloud service. The best way to keep them is on an external USB-drive which you only plug-in to your local machine when you need them.
  3. Do not work under the root account by default, but generate an additional user account (could also be the same name as on SuperMUC-NG) and use a different ssh key to access this account.
  4. Do not open ports on the VM that you do not need and be sure that the services that run behind these ports do not have the default passwords set (mysql, web-server, jupyterhub, etc...)

Detailed description of the individual steps

Start-up a VM on the SuperMUC-Cloud

As SuperMUC-NG user you can also use the SuperMUC-Cloud which can be accessed via the web interface at https://cc.lrz.de

Just log in to the web-interface with your SuperMUC-NG password and now you can start virtual machines as you like. In orfer to work with SuperMUC-NG it would be an advantage to use the same OS on the VM as on SuperMUC-NG. However, at the moment there is no SLES12 Image available, so we stick with Fedora for the moment.

  • No labels