Training Course - ComIntro - ECaccess
12.11.2014 Views
Share Embed Flag

Training Course - ComIntro - ECaccess

Training Course - ComIntro - ECaccess

Training Course - ComIntro - ECaccess

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
nwmstest.ecmwf.int

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

<strong>ECaccess</strong><br />

A portal to access ECMWF<br />

Dominique Lucas<br />

1 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

Content<br />

• <strong>ECaccess</strong> concepts<br />

• telnet, ssh and ftp access<br />

• X11 access<br />

• <strong>ECaccess</strong> file management<br />

• <strong>ECaccess</strong> job management<br />

• Unattended file transfers<br />

• Tutorial<br />

2 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> - Concepts<br />

• <strong>ECaccess</strong> provides a portal to access ECMWF<br />

archiving and computing facilities<br />

• Strict authentication via SecurID card and<br />

X509 certificates<br />

• Data integrity/confidentiality guaranteed by SSL<br />

3 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> - Concepts<br />

• <strong>ECaccess</strong> provides:<br />

File and job management in batch or interactive<br />

mode through an extended FTP server<br />

File and job management through a Web browser<br />

A secure telnet access to ECMWF<br />

A secure X Windows access to ECMWF<br />

• All this via internet or RMDCN.<br />

4 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> - Architecture<br />

•Multi tiers<br />

<strong>ECaccess</strong> Client, <strong>ECaccess</strong> Gateway, <strong>ECaccess</strong> Server,<br />

<strong>ECaccess</strong> ecgate<br />

<strong>ECaccess</strong><br />

Tools<br />

MS<br />

Work-<br />

station<br />

ECcert<br />

Command<br />

FTP<br />

Client<br />

Telnet<br />

Client<br />

Web<br />

Browser<br />

FTP<br />

Server<br />

X<br />

Server<br />

<strong>ECaccess</strong><br />

Gateway<br />

<br />

MS<br />

Gateway<br />

I<br />

N R<br />

T M<br />

E D<br />

R C<br />

N N<br />

E<br />

T<br />

<strong>ECaccess</strong><br />

Server<br />

(Java<br />

app)<br />

JSSE-SSL<br />

OpenSSL-SSL<br />

ECproxy<br />

Server<br />

(C app)<br />

ECMWF<br />

Gateway<br />

<strong>ECaccess</strong><br />

5 Com Intro training course – 2005 <strong>ECaccess</strong><br />

F<br />

I<br />

R<br />

E<br />

W<br />

A<br />

L<br />

L<br />

ECcmd<br />

Server<br />

(Java app)<br />

ECios<br />

Server<br />

(C app)<br />

<strong>ECaccess</strong><br />

CA<br />

(OpenSSL)<br />

Ecgate<br />

ECMWF

<strong>ECaccess</strong> - Architecture<br />

• <strong>ECaccess</strong> client<br />

Standard Telnet, FTP, ssh and HTTP/S client<br />

Standard X Windows and FTP Server<br />

<strong>ECaccess</strong> tools (eccert …)<br />

6 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> - Architecture<br />

• <strong>ECaccess</strong> gateway<br />

Entry point for all <strong>ECaccess</strong> users<br />

Verifies <strong>ECaccess</strong> users authentication<br />

(certificates or passcodes)<br />

Implements Telnet, FTP and HTTP/S protocols<br />

Secure tunnels through firewalls to <strong>ECaccess</strong><br />

Server<br />

Either local gateway installed at your site or<br />

ecaccess.ecmwf.int for internet and<br />

msaccess.ecmwf.int for RMDCN.<br />

7 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> – Architecture<br />

• <strong>ECaccess</strong> Server<br />

Located at ECMWF: ecaccess.ecmwf.int or<br />

msaccess.ecmwf.int<br />

Entry point for all <strong>ECaccess</strong> gateways<br />

Authenticate <strong>ECaccess</strong> gateways<br />

Provides job and file management functions<br />

Provides functions to monitor file transfers<br />

Provides system access functions<br />

Keeps track of users activity<br />

8 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> - Architecture<br />

• <strong>ECaccess</strong> ecgate<br />

Runs the <strong>ECaccess</strong> Certificate Authority (CA)<br />

Provides job management through LoadLeveler<br />

(and NQS).<br />

Provides access to home, scratch and ECFS<br />

Keeps job input, output and error files<br />

Manages spool for unattended file transfers<br />

9 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> – local gateways<br />

• Use local <strong>ECaccess</strong> gateways if installed<br />

• Internet <strong>ECaccess</strong> gateways available at most NMSs<br />

and at several other sites (29 gateways in total)<br />

• 12 <strong>ECaccess</strong> Gateways available over RMDCN<br />

• If local <strong>ECaccess</strong> gateway not installed, then use<br />

ecaccess.ecmwf.int or msaccess.ecmwf.int<br />

10 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> – telnet/ssh<br />

{mshost}$ telnet ecaccess.ecmwf.int<br />

…<br />

login: xyz<br />

Passcode: XXXXXX<br />

Which system: ecgate<br />

…<br />

ecgate{~xyz}:1 <br />

{mshost}$ ssh xyz@ecaccess.ecmwf.int<br />

…<br />

login: xyz<br />

Passcode: XXXXXX<br />

Which system: ecgate<br />

ecgate1{~xyz}:1 <br />

• Where xyz is your ECMWF User ID<br />

• On local gateways, port 9023 (telnet) or 9022 (ssh) may be needed.<br />

11 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> - ftp<br />

{mshost}$ ftp ecaccess.ecmwf.int<br />

…<br />

login: xyz<br />

Passcode: XXXXXX<br />

…<br />

ftp> ls<br />

227 Entering Passive Mode. (193,61,196,110,135,230)<br />

150 Opening ASCII mode data connection<br />

drwxr-x--- 1 xyz ecaccess 2048 Nov 05 11:00 ECJOBS<br />

drwxr-x--- 1 xyz ecaccess 2048 Nov 05 11:00 ECSCRATCH<br />

drwxr-x--- 1 xyz ecaccess 2048 Nov 05 11:00 ECTMP<br />

drwxr-x--- 1 xyz ecaccess 2048 Nov 05 11:00 ECFS<br />

drwxr-x--- 1 xyz ecaccess 2048 Nov 05 11:00 ECHOME<br />

226 Transfer complete<br />

ftp><br />

• sftp not yet available.<br />

• On local gateways, port 9021 may be needed.<br />

12 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> - ftp<br />

Local<br />

environment<br />

Local file<br />

can be<br />

dragged<br />

and<br />

dropped<br />

into<br />

ecaccess<br />

area.<br />

13 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ftp entry for<br />

batch access<br />

ECMWF

<strong>ECaccess</strong> – X11 via telnet<br />

{mshost}$ echo $DISPLAY<br />

mshost:0.0<br />

{mshost}$ xhost +ecaccess.ecmwf.int<br />

ecaccess being added to access control list<br />

{mshost}$ telnet ecaccess.ecmwf.int<br />

… (Passcode validation required)<br />

Which host …: ecgate<br />

Which proxy … : X<br />

…<br />

ecgate{~xyz}:1 echo $DISPLAY<br />

(Something like … )ecaccess.ecmwf.int:<br />

ecgate{~xyz}:2 xcdp&<br />

• A control window showing the DISPLAY to be used will appear.<br />

This window or an X11 application should remain present to<br />

keep the X11 proxy.<br />

14 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> – ecxterm via ssh<br />

{mshost}$ echo $DISPLAY<br />

mshost:0.0<br />

{mshost}$ ssh –X xyz@ecaccess.ecmwf.int<br />

… (Passcode validation required)<br />

Which host …: ecgate<br />

ecgate{~xyz}:1 echo $DISPLAY<br />

(Something like)ecaccess.ecmwf.int:<br />

ecgate{~xyz}:2 xcdp&<br />

• A control window will also appear. Keep it while X11 access<br />

required.<br />

15 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> – ecxterm<br />

16 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> – web – http://ecaccess.ecmwf.int/<br />

17 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> tools - ECtools<br />

• Must be installed at your end on each platform for which<br />

access to ECMWF is required.<br />

• Help for each command is available with “-help” option:<br />

<br />

{mshost}$ eccert –help<br />

• ECtools are also available at ECMWF.<br />

18 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> - eccert Command<br />

{mshost}$ eccert –verbose<br />

echost: ecaccess.ecmwf.int<br />

ecport: 443<br />

eccert: /home/xyz/.eccert.crt<br />

Certificate request<br />

ECMWF user identifier: xyz<br />

Passcode from your SecurID card:<br />

Certificate saved (855 bytes)<br />

{mshost}$<br />

• Certificate valid for 7 days.<br />

• Certificate only needed for file, job and transfer management,<br />

NOT required for unattended transfers (see later - ectrans).<br />

•Certificate not needed for ECMWF local use of ECtools.<br />

19 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> environment<br />

Name Purpose Default value<br />

Environment Variables<br />

Oh<br />

ECDOMAIN<br />

Target domain (either<br />

ECFS, ECHOME,<br />

ECSCRATCH or<br />

ECMARS) and optionally<br />

target user.<br />

ECDEBUG Enable debug mode False<br />

ECHOME<br />

ECCERT Certificate file location $HOME/.eccert.crt<br />

ECHOST Gateway host name Local host<br />

ECPORT Gateway port number 443<br />

20 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> File Management<br />

ecls Print a list of files at $ECDOMAIN.<br />

ecdir Same as the previous command but with any system-dependent<br />

information.<br />

ecget Retrieve an $ECDOMAIN file and store it on the local machine.<br />

ecreget Same as the previous command, but transfer is continued from the<br />

apparent point of failure.<br />

ecput Store a local file at $ECDOMAIN.<br />

ecdelete Delete a file at $ECDOMAIN.<br />

ecmkdir Create a directory at $ECDOMAIN.<br />

ecrmdir Remove an empty directory at $ECDOMAIN.<br />

ecmodtime Get the last modification date of a file at $ECDOMAIN.<br />

ecsize Get the size of a file at $ECDOMAIN.<br />

• No support for meta-characters.<br />

21 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> file management<br />

{mshost}$ ecls<br />

script.sh<br />

ecaccess-tools.tar.gz<br />

ecaccess.doc<br />

ecaccess<br />

{mshost}$ ecdir ecaccess<br />

10838 drwxr-xr-- 4 xyz systems 96 Mar 14 09:30 .<br />

3194 drwxr-xr-x 47 xyz systems 4096 Mar 14 09:30 ..<br />

12721 drwxr-x--- 4 xyz systems 96 Mar 13 18:55 client<br />

124513 drwxr-x--- 11 xyz systems 2048 Mar 5 11:38 gateway<br />

{mshost}$ ecget ecaccess-tools.tar.gz<br />

{mshost}$ ecget ecaccess-tools.tar.gz tools.tar.gz<br />

{mshost}$ ls *.tar.gz<br />

ecaccess-tools.tar.gz<br />

tools.tar.gz<br />

{mshost}$<br />

22 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> file management<br />

{mshost}$ ecdelete ecaccess-tools.tar.gz<br />

DELE command successful<br />

{mshost}$ ecput ecaccess-tools.tar.gz<br />

{mshost}$ ecmkdir ectest<br />

MKD command successful<br />

{mshost}$ ecrmdir ectest<br />

RMD command successful<br />

{mshost}$ ecrmdir ecaccess<br />

Directory not empty<br />

{mshost}$<br />

23 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> file management<br />

{mshost}$ export ECDOMAIN=ecfs<br />

{mshost}$ ecdir<br />

10838 drwxr-xr-- 4 xyz systems 96 Mar 14 09:30 .<br />

3194 drwxr-xr-x 47 xyz systems 4096 Mar 14 09:30 ..<br />

12721 drwxr-x--- 4 xyz systems 96 Mar 13 18:55 backup<br />

124513 drwxr-x--- 11 xyz systems 2048 Mar 5 11:38 doc<br />

{mshost}$ export ECDOMAIN=“ecfs[zzz]”<br />

…<br />

{mshost}$ export ECDOMAIN=echome<br />

…<br />

{mshost}$<br />

24 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> Job and transfer management<br />

ecqls<br />

List Ecaccess target queues<br />

ecjreq Submit a batch request (file is at $ECDOMAIN).<br />

ecjget Get job input, job output and job error.<br />

ecjput<br />

ecjls<br />

Submit a batch request (file is local).<br />

Check status of a batch request.<br />

ecjdel Delete a batch request.<br />

ectreq Initiate a transfer from $ECDOMAIN, using the ectrans spooling<br />

mechanism.<br />

ectls List transfers carried out by ectrans.<br />

ectret Retry a transfer.<br />

ectdel Cancel an ectrans transfer (remove it from the spool).<br />

ectinfo Display the target location for a user-id.<br />

25 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> Job Management<br />

{mshost}$ ecqls<br />

ecgate LoadLeveler submission on ecgate (INIT=23 ...)<br />

hpcd LoadLeveler submission on hpcd (INIT=21 ...)<br />

...<br />

{mshost}$<br />

{mshost}$ ecqls hpcd<br />

diag Diagnostic jobs only<br />

temp Temporary small jobs < 5 Nodes<br />

inter_class Default interactive class<br />

debug Default interactive class<br />

os Operational serial/single task work<br />

ns Serial/single task work<br />

bench Benchmark class<br />

np Parallel work<br />

op Operational parallel work<br />

{mshost}$<br />

26 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> Job Management<br />

{mshost}$ ecjreq -help<br />

Syntax: JREQ <strong>ECaccess</strong>-queue remote-script [args ...]<br />

-at - start date (yyyy-MM-dd HH:mm)<br />

-nd - no directives within the input script<br />

-tg - specify the target gateway name<br />

-tr - specifiy the access method (msuser[@destination])<br />

-to - transfer output file when the request ends<br />

-te - transfer error file when the request ends<br />

-ti - transfer input file when the request ends<br />

-tk - keep in spool (default: deleted if transfer<br />

successful)<br />

-mu - send mail for the request to the stated address<br />

-mb - send mail when the execution/transfer begins<br />

-me - send mail when the execution/transfer ends<br />

-mf - send mail when the execution/transfer fails<br />

27 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> Job Management<br />

{mshost}$ ecjreq ecgate script.sh –me<br />

34850<br />

{mshost}$ ecjreq ecgate test.sh<br />

Error opening file<br />

{mshost}$<br />

{mshost}$ ecjput ecgate test.sh –me<br />

34851<br />

{mshost}$<br />

28 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> Job Management<br />

{mshost}$ ecjls<br />

4421 ecgate WAIT Nov 24 21:33<br />

3884 hpcd@hpcd.ecmwf.int DONE Nov 18 11:42<br />

{mshost}$ ecjls 3884<br />

Jobid: 3884<br />

Location: hpcd@hpcd.ecmwf.int<br />

Date/Time: Nov 18 11:42<br />

Status: DONE<br />

stdout size: 221<br />

stderr size: 219<br />

stdin size: 241Jobid: 4421<br />

{mshost}$<br />

29 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> Job Management<br />

{mshost}$ ecjget o34852<br />

{mshost}$ ls JOB*<br />

JOB-o34852<br />

{mshost}$ ecjget o34852 job.out<br />

{mshost}$ ls –ail job.out<br />

71196 -rw-r----- 1 xyz group 686 Mar 13 19:10 job.out<br />

{mshost}$<br />

{mshost}$ ecjdel 34852<br />

JDEL command successful<br />

{mshost}$<br />

• ecjdel kills job running and removes all files.<br />

30 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

ECtrans Command<br />

• Unattended file transfers, issued from ECMWF<br />

• It is preferable if the <strong>ECaccess</strong> gateway is installed at your<br />

end. Alternatively use gateway at ECMWF.<br />

Internet<br />

RMDCN<br />

<strong>ECaccess</strong><br />

Server<br />

(ECMWF)<br />

ecgate or<br />

hpcd:<br />

MS Server<br />

running<br />

the gateway<br />

Shared File System<br />

MS Network<br />

file://<br />

<strong>ECaccess</strong><br />

Gateway<br />

(Member State)<br />

ftp://<br />

MS<br />

Workstation<br />

ms3<br />

$ ectrans –gateway ecaccess.ecmwf.int \<br />

-remote msuser@destination \<br />

–source [location/]filename \<br />

[-target [location/]filename]<br />

MS<br />

Workstation<br />

ms1<br />

MS<br />

Server<br />

ms2<br />

ECAccess<br />

Member State<br />

Gateway:<br />

destination=<br />

ftp://$msuser[name]:$msuser[passwd]@$hostname/$location<br />

31 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

ECtrans - msuser maintenance<br />

32 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

ECtrans - msuser maintenance<br />

33 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

ECtrans - msuser maintenance<br />

34 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

ECtrans - msuser maintenance<br />

35 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

ECtrans - msuser maintenance<br />

•MS associations are specific to each <strong>ECaccess</strong> gateway.<br />

36 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

ECtrans Command – at ECMWF<br />

{echost}$ ectrans –help<br />

usage: ectrans [-get] -gateway name \<br />

–remote msuser@destination \<br />

-source name [args ...]<br />

-gateway str - target gateway name<br />

-source str - source file name<br />

-echost str - eccmd host name (default: localhost)<br />

-ecport num - eccmd port number (default: 644)<br />

-remote str - target user (default: same as ecuser)<br />

-target str - target file name (default: same a source)<br />

-verbose - verbose mode on<br />

-help - this message<br />

-get - transfer file from your site to ECMWF<br />

-status - check the status on file transfer<br />

Default values can also be set by the ECHOST, ECPORT,<br />

ECUSER or GATEWAY shell variables.<br />

{echost}$<br />

37 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

ECtrans Command<br />

{ecgate}$ ectrans –gateway ecaccess.ecmwf.int \<br />

-remote from_ecmwf@genericFtp<br />

–source ./data.grib \<br />

–target data.grib \<br />

-verbose<br />

echost: ecaccess.ecmwf.int<br />

ecport: 644<br />

ecuser: usl<br />

source: ./data.grib<br />

target: data.grib<br />

keep : false<br />

option: reject<br />

File to upload (585 bytes)<br />

10129250216245<br />

{ecgate}$<br />

• Users have to maintain MS user’s associations on local<br />

gateway, via the web interface.<br />

• ectrans is available in both directions.<br />

38 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> transfer Management<br />

{mshost}$ ectreq –help<br />

Syntax: TREQ source [args ...]<br />

-remote str - target user (default: current)<br />

-gateway str - target gateway name (default: current)<br />

-target str - target file name (default: same as source)<br />

-keep - keep the request in the spool<br />

-reject - if the target file already exists<br />

(default)<br />

-append - if the target file already exists<br />

-resume - if the target file already exists<br />

-erase - if the target file already exists<br />

{mshost}$<br />

{mshost}$ ectreq data.grib<br />

10161191420729<br />

{mshost}$<br />

39 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> transfer Management<br />

{mshost/echost}$ ectret 10161191420729<br />

TRET command successful<br />

{mshost}$<br />

• $SCRATCH used for temporary file storage.<br />

40 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> transfer Management<br />

{mshost/echost}$ ectls<br />

10161191420729 STOP xyz@ecaccess.ecmwf.int Mar 14 15:19<br />

10164593445344 DONE xyz@ecaccess.ecmwf.int Mar 14 15:22<br />

10161193432443 DONE xyz@ecaccess.ecmwf.int Mar 14 15:19<br />

{mshost/echost}$ ectls 10161191420729<br />

Copyid: 10161191420729<br />

MS user: xyz<br />

Hostname: ecaccess.ecmwf.int<br />

Access: <strong>ECaccess</strong> gateway<br />

Status: STOP<br />

Error message: No target location for xyz<br />

Date/Time: Mar 14 15:19<br />

Source: ./job.out<br />

Target: ./job.out<br />

{mshost/echost}$ ectdel 10161191420729<br />

{mshost/echost}$<br />

41 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

<strong>ECaccess</strong> pointers<br />

• http://www.ecmwf.int/services/ecaccess<br />

User’s manual<br />

Administrator’s manual<br />

Registration center (for local <strong>ECaccess</strong> gateway)<br />

• Quick start – check first if local gateway available<br />

http://ecaccess.ecmwf.int/<br />

telnet ecaccess.ecmwf.int<br />

ssh [-X] xyz@ecaccess.ecmwf.int<br />

ftp ecaccess.ecmwf.int<br />

Ectrans<br />

42 Com Intro training course – 2005 <strong>ECaccess</strong><br />

ECMWF

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!