Overview¶
ETAIS self-service portal is a single entry point for provisioning and managing computational and storage resources shared by ETAIS consortium members:
- University of Tartu: High Performance Computing Centre
- Tallinn University of Technology: TalTech High Performance Computing Centre
- National Institute of Chemical Physics and Biophysics: Laboratory of High Energy and Computational Physics
- Ministry of Education and Research of Estonia
It's aimed at research groups affiliated with Estonian research and development institutions from both public and private sector.
Access it at https://minu.etais.ee/
Info
For more information about Estonian Scientific Computing Infrastructure go to etais.ee
Self-service portal offers research groups a way to collaborate on using and sharing research infrastructure to minimise bureaucracy of negotiating access, quotas and payments.
The main concepts are as follows:
- Organization is a standalone entity that represents a research group or a company. Organization is responsible for the actions of users connected to it in different roles.
- Project is an entity within an organization that aggregates and isolates teams and resources.
- Provider is an entity that represents account in an external service provider.
- Private providers - providers that are available and manageable within a specific organization.
- Shared providers - global providers that are available for all organizations. This includes HPC, cloud and storage infrastructure from ETAIS consortium.
- Resource - an entity within a project and a provider. Represents cloud resource. Examples: virtual machine or volume in OpenStack, quota in batch processing queue.
ETAIS self-service portal is based on Waldur cloud brokerage platform. The latest documentation is available from docs.waldur.com. Below are key aspects adapted for ETAIS deployment.
Service Store¶
Service Store provides a common way to provision resources from both shared and private service providers.
The following resource types are offered at the moment:
- Virtual Private Cloud (VPC) - a pool of resources dedicated to a particular organization.
- Virtual Machines (requires pre-provisioned VPC) - a server with network connectivity for running customer payloads.
- Block Devices (requires pre-provisioned VPC) - persistent volumes for storage of the data.
- Batch (TBD) - access to Slurm-based processing farms.
VPC Details¶
- Virtual Private Cloud (VPC) is a compute service that allows procuring and managing a pool of specialized infrastructure resources - like RAM, CPU, storage volumes and network resources - required to run virtual machines.
- VPC package does not limit VM count - it depends on VM flavors used and total resources available in a chosen package.
- VPC packages can be upgraded and downgraded at any moment.
- VPC packages are accounted daily based on the price of the largest resource package that was selected during the day.
User accounts¶
ETAIS self-service portal supports user accounts coming from MyAccessID federated identity service, which allows to use home organisation accounts for login. Most of the larger education and research institutions in Estonia are connected to MyAccessID via eduGAIN already.
Self-Service Portal is available from: https://minu.etais.ee
Workspaces¶
ETAIS self-service is built around the concept of workspaces. Workspace defines structural context for the user. Each workspace type shows information and possible actions relevant to the user in a certain role. There are several workspace types available in the system:
Roles¶
Users are connected to the organizations and their projects through roles. Users may have several roles, specific to each workspace they have access to. Currently the following roles are available in the system:
- Organization owners (owners)
- Project managers (managers)
- System administrators (admins)
User roles are hierarchical in a way that organization owners can do everything that project managers and system administrators can do.
Organization Owners¶
- Can access organization workspace.
- Can invite other users to participate in the organization.
- Can create and manage projects, including policies and cost limitations.
- Can manage resource providers and set their availability within projects.
- Can do everything that project managers and system administrators can do.
Project Managers¶
- Can access project workspace when appointed by organization owner.
- Can manage project team from the users already connected to the organization.
- Can do everything that system administrators can do.
System Administrators¶
- Can access project workspace if appointed by organization owner or project manager.
- Can provision and manage cloud resources.