diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000000..dc4d828c69 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,15 @@ +# EditorConfig is awesome: https://EditorConfig.org + +# top-most EditorConfig file +root = true + +[*] +charset = utf-8 +# Use Unix-style new lines +end_of_line = lf +insert_final_newline = true +# Default indentation is two spaces +indent_style = space +indent_size = 2 +# Remove whitespaces at end of line +trim_trailing_whitespace = true diff --git a/.github/actions/spelling/allow.txt b/.github/actions/spelling/allow.txt index fe10aba4c5..5cb16ba2e5 100644 --- a/.github/actions/spelling/allow.txt +++ b/.github/actions/spelling/allow.txt @@ -1,41 +1,3 @@ -FZK -GMA -ield -GRISU -Griglia -HLR -HPDA -JWKS -LRMSs -LToS -Livepatch -Minio -NAMD -NIDs -NPU -OIM -OTHERDESCR -Petabytes -Phedex -Putra -QWG -RAL -RDIG -RTX -RWO -SGs -STARTD -STORAGECLASS -SUs -Simulink -TPU -Theano -UKNGS -UPM -VMIs -VMUUID -Verdana -WSL a2enmod aai aaiproxy @@ -58,6 +20,7 @@ appdb apprating appratingreport arcce +arcctl arcget arcproxy arcstat @@ -85,6 +48,8 @@ bigemptyfile biggrid binlog biomed +Biomolecular +biomolecules bitp blcr blockstorage @@ -135,6 +100,7 @@ cmssw cnaf cnrs coid +collider cometa compchem condarc @@ -226,11 +192,13 @@ epuid errordesc errornum esaco +ESGF eudat eugridpma eumed eventlet explorecube +FaaS fakedomaindonotexist faqs fedcloud @@ -247,11 +215,14 @@ folksonomy fom fqan fqdns +FZK gcloud gcube geant genkey +geospatial geoss +Gergely getcontmsg getoutputs gfal @@ -262,6 +233,7 @@ gisela github glite globusrun +GMA gmlog gocdb gocdbpi @@ -278,6 +250,8 @@ gridops gridpp gridstorage gridview +Griglia +GRISU grnet groupof grycap @@ -288,6 +262,7 @@ gsiscp gsissh gsoa gstat +GUISDAP hashicorp haveged hdds @@ -295,8 +270,11 @@ hellasgrid helpdesk hepix hepspec +HLR +Horovod hostcert hostkey +HPDA htc htcondor htcondorce @@ -321,6 +299,8 @@ infn infngrid infosites installable +Instrumentacion +integrators interoperation ipykernel ipynb @@ -342,6 +322,7 @@ jsonlist jti jupyter jupyterhub +JWKS kernel keycloak keyout @@ -368,13 +349,16 @@ libcloud lille lineinfile listmode +Livepatch localdomain localgridmap localhost lofar logdir lrms +LRMSs lsd +LToS luks lvm mailinator @@ -387,9 +371,11 @@ metalink micafer micromamba miniconda +Minio mitaka morecolor mpi +MQS multiattach multidisk mycluster @@ -406,16 +392,19 @@ myserver mysqldump mysqldumpmds myvo +NAMD ndgf ndownloader nearline neovim +NERGY netfilters neugrid ngi ngis ngstat nic +NIDs nikhef nipne noatime @@ -432,15 +421,19 @@ nordugrid northgrid nostreams novaclient +NPU nrandom nsdbname nsupdate nsupdater nvidia +OAIS occi +ODV ogf oidc oidcaccesstoken +OIM okeanos olas oncover @@ -460,6 +453,7 @@ ophuser orcid organisations ost +OTHERDESCR owslib padova pagelength @@ -470,24 +464,32 @@ passthrough pbs peachnote perun +Petabytes +Phedex pkce plgrid +podman +Politecnica postcss poweron poznan processid promozione psnc +Putra pvc pycon qcg qcow qsub quattor +QWG radl +RAL ratingreport rcauth rclone +RDIG rdkit rdm reassignable @@ -497,15 +499,19 @@ reportgroups resourced rfio rght +Rness roadmap rpms rse rses rstudio +RTX rucio rucioclient runcmd +RWO rxtx +Sars sbdii scai schedd @@ -518,9 +524,12 @@ sectigo seqnumber sfn sge +SGs shortcode shortcodes +Simulink singleuser +Sinica sirtfi skipcacheck slas @@ -529,6 +538,7 @@ slm slurm slurmserver smes +Snakemake softver somekey sourcing @@ -539,8 +549,10 @@ srun ssds ssh ssmsend +STARTD stfc stichting +STORAGECLASS storagesite submitters submodule @@ -550,6 +562,7 @@ subresource sudmodules summarises surl +SUs sustainability synchronises synnefo @@ -572,6 +585,7 @@ testvm textlint tfvars tgz +Theano theophys ticketseditable timeframe @@ -583,11 +597,14 @@ topbdii torito tpctest tpms +TPU trustanchors uberftp ubuntu ucert ucst +udocker +UKNGS ukri ulakbim umd @@ -596,7 +613,7 @@ unicore universiti untaring uploadtest -uploadtest.txt +UPM upv uscms usecases @@ -610,17 +627,22 @@ vcpus vda vdb vdc +Verdana veryverysecret virsh virtualisation virtualised +visualisations +visualise vlemed vmcaster vmcatcher vmdk vmi +VMIs vmops vms +VMUUID vobox voname voperson @@ -633,6 +655,7 @@ wcss webdav webfts webinar +webinars websso wenmr wlcg @@ -641,6 +664,7 @@ wns workdir wps wroc +WSL xacache xcache xeon @@ -656,4 +680,5 @@ youraccountname youremail yourhostname yourprivatekey +Youtube zenodo diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt index 382270fbff..9b9cfd4308 100644 --- a/.github/actions/spelling/expect.txt +++ b/.github/actions/spelling/expect.txt @@ -1,8 +1,6 @@ -# Expected "words" that aren't in the dictionary, one word per line. -# Some arbitrary strings that are in test files that aren't really words. -# They should be removed if the test are changed/removed. -microk8s +CVMFS diracsgm +microk8s +mytoken reponame sgm -mytoken diff --git a/.github/actions/spelling/patterns.txt b/.github/actions/spelling/patterns.txt index a88aebc5c7..b91c9b908a 100644 --- a/.github/actions/spelling/patterns.txt +++ b/.github/actions/spelling/patterns.txt @@ -139,6 +139,7 @@ mailto:[-a-zA-Z=;:/?%&0-9+@.]{3,} \bLToS\b \bMITREid\b \bIaaS\b +\bFaaS\b \bStoRM\b \b.*SDPK.*\b \b.*HEP.*\b diff --git a/.github/linters/.ecrc b/.github/linters/.ecrc new file mode 100644 index 0000000000..e423169d28 --- /dev/null +++ b/.github/linters/.ecrc @@ -0,0 +1,16 @@ +{ + "Verbose": false, + "Debug": false, + "IgnoreDefaults": false, + "SpacesAfterTabs": false, + "NoColor": false, + "Exclude": ["\\.md$"], + "Disable": { + "EndOfLine": false, + "Indentation": false, + "InsertFinalNewline": false, + "TrimTrailingWhitespace": false, + "IndentSize": false, + "MaxLineLength": false + } +} diff --git a/.github/linters/mlc_config.json b/.github/linters/mlc_config.json index 1388779a79..80be965c54 100644 --- a/.github/linters/mlc_config.json +++ b/.github/linters/mlc_config.json @@ -71,6 +71,9 @@ { "pattern": "^https://operations-portal.egi.eu/downtimes/subscription" }, + { + "pattern": "^https://operations-portal.egi.eu/home/tasksList" + }, { "pattern": "^https://operations-portal.egi.eu/vo" }, diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4d319b6b04..8fbb7f7501 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -10,7 +10,7 @@ jobs: name: Build with Hugo runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: # Fetch the Docsy theme submodules: recursive diff --git a/.github/workflows/build_pr_preview.yml b/.github/workflows/build_pr_preview.yml index 554836b0a2..943d63558c 100644 --- a/.github/workflows/build_pr_preview.yml +++ b/.github/workflows/build_pr_preview.yml @@ -18,7 +18,7 @@ jobs: name: Build with Hugo runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: # Fetch the Docsy theme submodules: recursive diff --git a/.github/workflows/check-links.yml b/.github/workflows/check-links.yml index bbdf321f2a..97a6129073 100644 --- a/.github/workflows/check-links.yml +++ b/.github/workflows/check-links.yml @@ -3,6 +3,9 @@ name: Check links on: pull_request: + schedule: + # run on Sundays morning + - cron: '32 9 * * 0' jobs: markdown-link-check: @@ -12,7 +15,7 @@ jobs: steps: # Checks out a copy of your repository on the ubuntu-latest machine - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: # Make sure the actual branch is checked out when running on PR ref: ${{ github.event.pull_request.head.sha }} @@ -23,7 +26,7 @@ jobs: uses: gaurav-nelson/github-action-markdown-link-check@v1 with: config-file: ".github/linters/mlc_config.json" - check-modified-files-only: "yes" + check-modified-files-only: ${{ github.event_name == 'pull_request' && 'yes' || 'no' }} use-quiet-mode: "yes" use-verbose-mode: "yes" base-branch: "main" diff --git a/.github/workflows/delete_pr_preview.yml b/.github/workflows/delete_pr_preview.yml index c817b9fc42..56459927ee 100644 --- a/.github/workflows/delete_pr_preview.yml +++ b/.github/workflows/delete_pr_preview.yml @@ -17,7 +17,7 @@ jobs: name: Build with Hugo runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: "pr_previews" diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index c32921f7d1..e3c47c54ca 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -17,7 +17,7 @@ jobs: if: ${{ github.repository == 'EGI-Federation/documentation' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: # Fetch the Docsy theme submodules: recursive @@ -56,7 +56,7 @@ jobs: run: hugo --minify - name: Generate token for pushing content - uses: tibdex/github-app-token@v1 + uses: tibdex/github-app-token@v2 id: generate-token with: app_id: ${{ secrets.APP_ID }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 72b4790546..e8167858e9 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -12,7 +12,7 @@ jobs: steps: # Checks out a copy of your repository on the ubuntu-latest machine - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: # Make sure the actual branch is checked out when running on PR ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml index 26f3c69d68..79a299bde0 100644 --- a/.github/workflows/spelling.yml +++ b/.github/workflows/spelling.yml @@ -34,6 +34,29 @@ name: Check Spelling # # For background, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-with-deploy-key +# Sarif reporting +# +# Access to Sarif reports is generally restricted (by GitHub) to members of the repository. +# +# Requires enabling `security-events: write` +# and configuring the action with `use_sarif: 1` +# +# For information on the feature, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Sarif-output + +# Minimal workflow structure: +# +# on: +# push: +# ... +# pull_request_target: +# ... +# jobs: +# # you only want the spelling job, all others should be omitted +# spelling: +# # remove `security-events: write` and `use_sarif: 1` +# # remove `experimental_apply_changes_via_bot: 1` +# ... otherwise adjust the `with:` as you wish + on: push: branches: @@ -44,12 +67,12 @@ on: branches: - "**" types: - - 'opened' - - 'reopened' - - 'synchronize' + - "opened" + - "reopened" + - "synchronize" issue_comment: types: - - 'created' + - "created" jobs: spelling: @@ -62,7 +85,9 @@ jobs: outputs: followup: ${{ steps.spelling.outputs.followup }} runs-on: ubuntu-latest - if: "contains(github.event_name, 'pull_request') || github.event_name == 'push'" + if: + ${{ contains(github.event_name, 'pull_request') || github.event_name == + 'push' }} concurrency: group: spelling-${{ github.event.pull_request.number || github.ref }} # note: If you use only_check_changed_files, you do not want cancel-in-progress @@ -72,7 +97,8 @@ jobs: id: spelling uses: check-spelling/check-spelling@main with: - suppress_push_for_open_pull_request: 1 + suppress_push_for_open_pull_request: + ${{ github.actor != 'dependabot[bot]' && 1 }} checkout: true only_check_changed_files: 1 check_file_names: 1 @@ -80,33 +106,12 @@ jobs: post_comment: 0 use_magic_file: 1 experimental_apply_changes_via_bot: 1 - use_sarif: 0 - extra_dictionary_limit: 10 - extra_dictionaries: - cspell:aws/aws.txt - cspell:bash/bash-words.txt - cspell:cpp/src/cpp.txt - cspell:django/django.txt - cspell:elixir/elixir.txt - cspell:filetypes/filetypes.txt - cspell:fullstack/fullstack.txt - cspell:html/html.txt - cspell:java/java.txt - cspell:node/node.txt - cspell:npm/npm.txt - cspell:php/php.txt - cspell:powershell/powershell.txt - cspell:public-licenses/src/generated/public-licenses.txt - cspell:python/src/common/extra.txt - cspell:python/src/python/python-lib.txt - cspell:python/src/python/python.txt - cspell:r/src/r.txt - cspell:rust/rust.txt - cspell:scala/scala.txt - cspell:software-terms/src/software-terms.txt - cspell:sql/src/tsql.txt - cspell:typescript/typescript.txt - cspell:win32/src/win32.txt + use_sarif: + ${{ (!github.event.pull_request || + (github.event.pull_request.head.repo.full_name == + github.repository)) && 1 }} + extra_dictionary_limit: 20 + extra_dictionaries: cspell:software-terms/dict/softwareTerms.txt comment-push: name: Report (Push) @@ -115,13 +120,15 @@ jobs: needs: spelling permissions: contents: write - if: (success() || failure()) && needs.spelling.outputs.followup && github.event_name == 'push' + if: + (success() || failure()) && needs.spelling.outputs.followup && + github.event_name == 'push' steps: - name: comment - uses: check-spelling/check-spelling@prerelease + uses: check-spelling/check-spelling@main with: checkout: true - spell-check-this: check-spelling/spell-check-this@prerelease + spell_check_this: check-spelling/spell-check-this@prerelease task: ${{ needs.spelling.outputs.followup }} comment-pr: @@ -130,14 +137,17 @@ jobs: runs-on: ubuntu-latest needs: spelling permissions: + contents: read pull-requests: write - if: (success() || failure()) && needs.spelling.outputs.followup && contains(github.event_name, 'pull_request') + if: + (success() || failure()) && needs.spelling.outputs.followup && + contains(github.event_name, 'pull_request') steps: - name: comment uses: check-spelling/check-spelling@main with: checkout: true - spell-check-this: check-spelling/spell-check-this@prerelease + spell_check_this: check-spelling/spell-check-this@prerelease task: ${{ needs.spelling.outputs.followup }} experimental_apply_changes_via_bot: 1 @@ -148,11 +158,10 @@ jobs: pull-requests: write actions: read runs-on: ubuntu-latest - if: ${{ - github.event_name == 'issue_comment' && - github.event.issue.pull_request && - contains(github.event.comment.body, '@check-spelling-bot apply') - }} + if: + ${{ github.event_name == 'issue_comment' && + github.event.issue.pull_request && contains(github.event.comment.body, + '@check-spelling-bot apply') }} concurrency: group: spelling-update-${{ github.event.issue.number }} cancel-in-progress: false diff --git a/CODEOWNERS b/CODEOWNERS index 7f7114c698..7d5026db68 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -19,30 +19,30 @@ content/en/providers/ @gwarf @paolini78 content/en/users/ @enolfc @glarocca @andrea-manzi @gwarf @sebastian-luna-valero # Storage-related services -content/en/users/data/ @andrea-manzi -content/en/providers/datahub/ @andrea-manzi +content/en/users/data/ @andrea-manzi @glarocca +content/en/providers/datahub/ @andrea-manzi @glarocca # dev-env -content/en/users/dev-env/ @enolfc +content/en/users/dev-env/ @enolfc @glarocca # FedCloud -content/en/users/compute/ @enolfc -content/en/providers/cloud-compute/ @enolfc +content/en/users/compute/ @enolfc @glarocca +content/en/providers/cloud-compute/ @enolfc @CatalinCondurache # Notebooks -content/en/users/dev-env/notebooks/ @enolfc @andrea-manzi @sebastian-luna-valero +content/en/users/dev-env/notebooks/ @enolfc @andrea-manzi @sebastian-luna-valero @glarocca content/en/users/providers/notebooks/ @enolfc @andrea-manzi @sebastian-luna-valero -content/en/users/dev-env/replay/ @enolfc @andrea-manzi @sebastian-luna-valero +content/en/users/dev-env/replay/ @enolfc @andrea-manzi @sebastian-luna-valero @glarocca # Training -content/en/users/training/ @glarocca +content/en/users/training/ @glarocca @sebastian-luna-valero # Tutorials -content/en/users/tutorials/ @enolfc @sebastian-luna-valero +content/en/users/tutorials/ @enolfc @sebastian-luna-valero @glarocca # Workload Manager -content/en/users/compute/orchestration/workload-manager/ @enolfc +content/en/users/compute/orchestration/workload-manager/ @enolfc @glarocca -# Check-in +# Check-in content/en/users/aai/ @vardizzo-lab content/en/providers/check-in/ @vardizzo-lab diff --git a/content/en/internal/helpdesk/features/report-generator/_index.md b/content/en/internal/helpdesk/features/report-generator/_index.md index 0eb89066b5..8faf49c1d7 100644 --- a/content/en/internal/helpdesk/features/report-generator/_index.md +++ b/content/en/internal/helpdesk/features/report-generator/_index.md @@ -2,8 +2,7 @@ title: "Report generator" type: docs weight: 40 -description: > - Features and usage of the Report generator +description: Features and usage of the Report generator --- ## Definitions and prerequisites @@ -11,7 +10,7 @@ description: > The [GGUS Report Generator](https://ggus.eu/?mode=report_view) is available [from the support section](https://ggus.eu/?mode=support). -The implementation of the report generator started in October 2011. Hence the +The implementation of the report generator started in October 2011. Hence, the report generator does not provide data for tickets submitted before December 2011! @@ -45,14 +44,13 @@ ticket to a support unit the expected response timestamp is calculated by adding an amount of time to the assign timestamp. The amount of time added depends on the ticket priority and the kind of support unit. For support units that have declared a quality of service level the response times are defined by the -[QoS level](../quality-of-support-levels). For all the -other support units a medium QoS is assumed for calculating the expected -response timestamp. In case the actual response timestamp is greater than the -"expected response" timestamp for middleware support units the "violate" flag is -set. +[QoS level](../quality-of-support-levels). For all the other support units a +medium QoS is assumed for calculating the expected response timestamp. In case +the actual response timestamp is greater than the "expected response" timestamp +for middleware support units the "violate" flag is set. -_Response times are based on office hours. Hence the results unit is working -days._ +> Response times are based on office hours. Hence the results unit is working +> days. #### Solution time @@ -64,8 +62,8 @@ a solution" means setting the ticket status to "solved" or "unsolved". The solution time is calculated as the difference between the solution timestamp and the assign timestamp. -_Solution times are based on office hours. Hence the results unit is working -days._ +> Solution times are based on office hours. Hence the results unit is working +> days. #### Waiting time @@ -82,7 +80,7 @@ how long it takes to provide a meaningful solution for a problem reported by the user. Ticket lifetime is the time from ticket submission to ticket solution (status "solved/unsolved"). -_The ticket lifetime is based on calendar days._ +> The ticket lifetime is based on calendar days. ### Time zones @@ -109,14 +107,14 @@ lifetime doesn't affect the calculation of performance figures. ### Unit abbreviations -- [wd] means working days -- [d] means calendar days +- `[wd]` means working days +- `[d]` means calendar days ## Reports description -_Although some of the drop-down lists request the selection of values a query -can be started anyway. In this case the query is equivalent to a query over all -tickets!_ +> Although some of the drop-down lists request the selection of values a query +> can be started anyway. In this case the query is equivalent to a query over +> all tickets! The "Reset" button resets all fields to their default settings besides the time frame. @@ -160,8 +158,8 @@ for the specified time frame. The result list shows all support units that have ever been in charge of a ticket. Hence the same ticket ID may appear several times. The number of responses may be greater than the number of tickets. -_Response times are based on office hours. Hence an average response time of 1d -3h 23min means 13 hours and 23 minutes in total._ +> Response times are based on office hours. Hence an average response time of 1d +> 3h 23min means 13 hours and 23 minutes in total. ### Violated response time @@ -180,11 +178,15 @@ shows: - median response time for the specified time frame. The result lists shows the current status of the -tickets. _Solution times are based on office hours. Hence an average solution -time of 12d 3h 5min means 99 hours and 5 minutes in total._ The waiting time can -be excluded by ticking the checkbox "exclude waiting time". In case a ticket -gets re-opened the metrics calculation starts again from scratch. Hence the same -ticket can appear several times in the solution times calculation. +tickets. + +> Solution times are based on office hours. Hence, an average solution time of +> 12d 3h 5min means 99 hours and 5 minutes in total. + +The waiting time can be excluded by ticking the checkbox "exclude waiting time". +In case a ticket gets re-opened the metrics calculation starts again from +scratch. Hence, the same ticket can appear several times in the solution times +calculation. ## Input parameters and results @@ -208,9 +210,9 @@ parameters are: #### Time frame The time frame defines begin and end date of the report. The begin date starts -at 00:00:00. The end date ends at 00:00:00. As the implementation of the report -generator started in October 2011 the report generator does not provide data for -tickets submitted before December 2011! +at `00:00:00`. The end date ends at `00:00:00`. As the implementation of the +report generator started in October 2011 the report generator does not provide +data for tickets submitted before December 2011! #### Responsible Units @@ -248,7 +250,8 @@ for all reports and therefore, if necessary, be excluded from the selection. #### Ticket scope -To distinguish between tickets under the responsibility of EGI or WLCG. +To distinguish between tickets under the responsibility of EGI or WLCG. See +[ticket scope](../ticket-scope/). #### Notified site diff --git a/content/en/internal/helpdesk/features/ticket-scope/_index.md b/content/en/internal/helpdesk/features/ticket-scope/_index.md new file mode 100644 index 0000000000..03c126f104 --- /dev/null +++ b/content/en/internal/helpdesk/features/ticket-scope/_index.md @@ -0,0 +1,23 @@ +--- +title: "Ticket Scope" +type: docs +weight: 40 +description: Description of ticket scopes +--- + +## Priority definition + +The GGUS ticket **scope** filter is available in GGUS ticket search. It offers +filtering for tickets in **EGI** or **WLCG** scope. The ticket scope field is +automatically set by the system based on the qualifications listed below. + +**WLCG scope** tickets are either: + +- of type `TEAM` or `ALARM` related to VOs `alice`, `atlas`, `cms`, `lhcb`, + `belle` +- assigned to `VOSupport` related to VOs `alice`, `atlas`, `cms`, `lhcb`, + `belle` +- assigned to `OSG Software Support`, `USCMS`, `USATLAS`, `USBELLE`, `CRIC` +- with issue type like `CMS_`, `ATLAS_` + +> All other tickets are **EGI scope**. diff --git a/content/en/internal/security-coordination/_index.md b/content/en/internal/security-coordination/_index.md index 2817b05db3..cbfc9125ef 100644 --- a/content/en/internal/security-coordination/_index.md +++ b/content/en/internal/security-coordination/_index.md @@ -36,10 +36,10 @@ This service provides: acceptable use policies, identifying users and managing user communities), traceability, legal aspects, and the protection of personal data. - **Software Vulnerability Group Coordination** - The Software Vulnerability - Group [SVG](https://confluence.egi.eu/display/EGIBG/SVG) aims to eliminate - existing software vulnerabilities from the deployed infrastructure and prevent - the introduction of new ones, and runs a process for handling software - vulnerabilities reported. + Group [SVG](https://confluence.egi.eu/pages/viewpage.action?pageId=82380236) + aims to eliminate existing software vulnerabilities from the deployed + infrastructure and prevent the introduction of new ones, and runs a process + for handling software vulnerabilities reported. - **International Grid Trust Federation (IGTF) and EUGridPMA** - Representation of EGI in IGTF and EUGridPMA. A common authentication trust domain is required to persistently identify all EGI participants. diff --git a/content/en/providers/check-in/sp/_index.md b/content/en/providers/check-in/sp/_index.md index c454930dda..13355d22d3 100644 --- a/content/en/providers/check-in/sp/_index.md +++ b/content/en/providers/check-in/sp/_index.md @@ -149,7 +149,7 @@ more information can be found in the protocol-specific sections that follow. | Protocol | Production environment | | -------------- | --------------------------------------------------------------------- | -| SAML | | +| SAML | | | OpenID Connect | | {{< /tabx >}} @@ -158,7 +158,7 @@ more information can be found in the protocol-specific sections that follow. | Protocol | Demo environment | | -------------- | -------------------------------------------------------------------------- | -| SAML | | +| SAML | | | OpenID Connect | | {{< /tabx >}} @@ -167,7 +167,7 @@ more information can be found in the protocol-specific sections that follow. | Protocol | Development environment | | -------------- | ------------------------------------------------------------------------- | -| SAML | | +| SAML | | | OpenID Connect | | {{< /tabx >}} @@ -202,13 +202,16 @@ certificate, i.e. issued by a trusted certificate authority. You can get the metadata of the EGI Check-in IdP Proxy on a dedicated URL that depends on the integration environment being used: + + {{< tabpanex >}} {{< tabx header="Production" >}} -| Production environment | -| ------------------------------------------------- | -| | +| Instance | Production environment | +| ------------------------------- | ------------------------------------------------------------------ | +| Keycloak-based EGI Check-in IdP |
  • SAML Metadata URL:
  • SAML entity ID: `https://aai.egi.eu/auth/realms/egi`
| +| Legacy EGI Check-in IdP |
  • SAML Metadata URL:
  • SAML entity ID: `https://aai.egi.eu/proxy/saml2/idp/metadata.php`
| {{< /tabx >}} @@ -216,8 +219,8 @@ depends on the integration environment being used: | Instance | Demo environment | | ------------------------------- | ------------------------------------------------------------------ | -| Legacy EGI Check-in IdP | | -| Keycloak-based EGI Check-in IdP | | +| Keycloak-based EGI Check-in IdP |
  • SAML Metadata URL:
  • SAML entity ID: `https://aai-demo.egi.eu/auth/realms/egi`
| +| Legacy EGI Check-in IdP |
  • SAML Metadata URL:
  • SAML entity ID: `https://aai-demo.egi.eu/proxy/saml2/idp/metadata.php`
| {{< /tabx >}} @@ -225,18 +228,20 @@ depends on the integration environment being used: | Instance | Development environment | | ------------------------------- | ----------------------------------------------------------------- | -| Legacy EGI Check-in IdP | | -| Keycloak-based EGI Check-in IdP | | +| Keycloak-based EGI Check-in IdP |
  • SAML Metadata URL:
  • SAML entity ID: `https://aai-dev.egi.eu/auth/realms/egi`
| +| Legacy EGI Check-in IdP |
  • SAML Metadata URL:
  • SAML entity ID: `https://aai-dev.egi.eu/proxy/saml2/idp/metadata.php`
| {{< /tabx >}} {{< /tabpanex >}} -To register your SAML SP, you must submit a service registration request at -[Federation Registry](https://aai.egi.eu/federation). Your request should -include the general information about your service (see -[General Information](#general-information)) and the SP's metadata and entity -ID. + + +To register your SAML SP, you must submit a service registration request +through the [Federation Registry](https://aai.egi.eu/federation). Your request +should include essential information about your service, as outlined in the +[General Information](#general-information) section, along with your SP's +metadata URL and entity ID. ### Metadata @@ -318,16 +323,28 @@ attributes that are relevant for user authorisation: ### Service Provider Migration to Keycloak The migration guide below applies to SAML Service Providers (SPs) registered in -the **Development** and **Demo** environments of Check-in. +the **Development**, **Demo** and **Production** environments of Check-in. + +**Development and Demo**: Beginning March 9, 2023, SAML SPs using the legacy +Check-in IdP metadata will no longer be supported. -**Development and Demo**: Beginning March 9, 2023, clients using the legacy +**Production**: Beginning December 12, 2023, SAML SPs using the legacy Check-in IdP metadata will no longer be supported. #### How to Migrate your Service to Keycloak -All the SPs that were registered to the legacy EGI Check-in IdP in the **Demo** -environment have been moved to Keycloak, so you do not need to re-register your -Service. +If your SAML SP is not yet registered in the +[Federation Registry](https://aai.egi.eu/federation), you will need to submit +a service registration request. This request should include essential +information about your service, as described in the +[General Information](#general-information) section, in addition to your SAML +SP's metadata URL and entity ID. + +If your SAML SP is already registered, please ensure the accuracy of the +information under the **General** tab, particularly the policy and contact +details, as well as the **Protocol Specific** tab. +Pay special attention to the new **Requested Attributes** section, which +allows you to manage the user attributes available through Check-in. {{% alert title="Important" color="warning" %}} If your SAML SP relies on experimental features of Check-in which are only available in the @@ -343,33 +360,40 @@ section. ##### New Attributes -Some attributes will not be supported when moving your SP to the Keycloak-based -EGI Check-in IdP. These attributes will be replaced by new ones, as described in -the table below: +When migrating your SP to the Keycloak-based EGI Check-in IdP, please be aware +that some attributes will no longer be supported. These deprecated attributes +will be replaced by new ones, as detailed in the table below: | Deprecated Attributes | New Attributes | | ---------------------------- | ----------------------------- | +| `distinguishedName` | `voPersonCertificateDN` | | `eduPersonScopedAffiliation` | `voPersonExternalAffiliation` | | `eduPersonUniqueId` | `voPersonID` | {{% alert title="Note" color="info" %}} The values of the deprecated attributes -will remain the same. Only the name of the attributes is changed.{{% /alert %}} +will remain unchanged; only the attribute names will be different.{{% /alert %}} -You need to update the SP configuration to map the values the new attribute -names. +Ensure that you update the attribute mapping in your SP configuration to align +with the new attribute names. ##### NameID -NameID formats control how the users at IdPs are mapped to users at SPs during -single sign-on. The SPs need to advertise in their metadata which of the -following formats they support, otherwise Keycloak will assign the unspecified -(`urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified`) NameID to the SP. +Use of `` elements is intended for the Single Logout profile and +is not suitable for long-term identification of users. +For user identification, you should use the `voPersonID` SAML attribute, as +detailed in the [User attributes](#user-attributes) section. +Your SAML SP should explicitly specify in its metadata the NameID formats it +supports from the following options: -- Transient (`urn:oasis:names:tc:SAML:2.0:nameid-format:transient`) - Persistent (`urn:oasis:names:tc:SAML:2.0:nameid-format:persistent`) +- Transient (`urn:oasis:names:tc:SAML:2.0:nameid-format:transient`) - Email address (`urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`) - Unspecified (`urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified`) +Otherwise, Keycloak will assign the unspecified +(`urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified`) NameID format to +your SP. + ### References - [Keycloak Service Provider Documentation](https://www.keycloak.org/docs/latest/server_admin/#saml-v2-0-identity-providers) @@ -398,7 +422,7 @@ the steps below in order to register EGI Check-in as an Identity Provider: Scroll down, and complete the rest options: - - SAML entity descriptor: `https://aai.egi.eu/proxy/saml2/idp/metadata.php` + - SAML entity descriptor: `https://aai.egi.eu/auth/realms/egi/protocol/saml/descriptor` ![Add SAML IdP](saml-examples-keycloak-add-saml-idp-2.png) @@ -410,10 +434,15 @@ the steps below in order to register EGI Check-in as an Identity Provider: - Principal type: `Attribute [Name]` - Principal attribute: `urn:oid:1.3.6.1.4.1.25178.4.1.6` - HTTP-POST binding response: `On` - - Want AuthnRequests signed: `On` + - HTTP-POST binding for AuthnRequest: `Off` + - HTTP-POST binding logout: `Off` + - Want AuthnRequests signed: `Off` + - Want Assertions signed: `Off` + - Want Assertions encrypted: `On` + - Validate Signatures: `On` {{% alert title="Note" color="info" %}} `urn:oid:1.3.6.1.4.1.25178.4.1.6` is - the OID presentation of voPersonID attribute.{{% /alert %}} + the OID presentation of the `voPersonID` attribute.{{% /alert %}} ![SAML Settings](saml-examples-keycloak-saml-idp-saml-setting.png) @@ -467,11 +496,6 @@ institutional IdPs registered with eduGAIN or Social Providers. Once the user has signed in, EGI Check-in can return OIDC Claims containing information about the authenticated user. -{{% alert title="Important" color="warning" %}} The EGI Check-in OpenID Provider -will be migrated to Keycloak. Please check -[OIDC Client Migration to Keycloak](#client-migration-to-keycloak) for more -details {{% /alert %}} - ### Client registration Before your service can use the EGI Check-in OpenID Provider for user login, you @@ -531,15 +555,16 @@ UserInfo Endpoint: -| Scope | Claims | -| ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `openid` | `sub` | -| `profile` |
  • `name`
  • `given_name`
  • `family_name`
  • `preferred_username`
| -| `email` |
  • `email`
  • `email_verified`
  • `voperson_verified_email`
| -| `aarc` |
  • `name`
  • `given_name`
  • `family_name`
  • `preferred_username`
  • `email`
  • `email_verified`
  • `voperson_verified_email`
  • `voperson_id`
| -| `eduperson_entitlement` | `eduperson_entitlement` | -| `eduperson_scoped_affiliation` | `eduperson_scoped_affiliation` | -| `voperson_id` | `voperson_id` | +| Scope | Claims | +| ------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `openid` | `sub` | +| `voperson_id` | `voperson_id` | +| `profile` |
  • `name`
  • `given_name`
  • `family_name`
  • `preferred_username`
| +| `email` |
  • `email`
  • `email_verified`
  • `voperson_verified_email`
| +| `aarc` |
  • `name`
  • `given_name`
  • `family_name`
  • `preferred_username`
  • `email`
  • `email_verified`
  • `voperson_verified_email`
  • `voperson_certificate_dn`
  • `voperson_certificate_issuer_dn`
  • `voperson_external_affiliation`
  • `voperson_id`
| +| `eduperson_entitlement` | `eduperson_entitlement` | +| `voperson_certificate` |
  • `voperson_certificate_dn`
  • `voperson_certificate_issuer_dn`
| +| `voperson_external_affiliation` | `voperson_external_affiliation` | @@ -1268,24 +1293,21 @@ Example response: #### Logout Endpoint -The OpenID Connect protocol supports global logout (like the Single Logout in -SAML). EGI Check-in OpenID Provider supports the -[OpenID Connect RP-Initiated Logout](https://openid.net/specs/openid-connect-rpinitiated-1_0.html) -specification where the logout starts by redirecting the user to a specific -endpoint at the OpenID Provider. - -This endpoint is normally obtained via the `end_session_endpoint` element of the -OP's Configuration page and the parameters that are used in the logout request -at the Logout Endpoint are defined below: - -- `id_token_hint`: ID Token previously issued by the OP to the Relying Party - passed to the Logout Endpoint as a hint about the end user's current - authenticated session with the Client. This is used as an indication of the - identity of the end user that the RP is requesting be logged out by the OP. -- `client_id`: OAuth 2.0 Client Identifier valid at the Authorization Server. - This parameter is needed to specify the Client Identifier when - `post_logout_redirect_uri` is used but `id_token_hint` is not. Using this - parameter, a confirmation dialog will be presented to the end user. +The EGI Check-in OpenID Provider supports user logout based on the +[OpenID Connect RP-Initiated Logout](https://openid.net/specs/openid-connect-rpinitiated-1_0.html). + +The Logout Endpoint is normally obtained via the `end_session_endpoint` element +of Check-in's Provider Configuration (see [Endpoints](#endpoints) table). +Parameters used in the logout request are detailed below: + +- `id_token_hint`: The ID Token previously issued by Check-in to your Relying + Party (RP) and provided to the Logout Endpoint as a hint regarding the end + user's current authenticated session with the client. It indicates the + identity of the end user that the RP is requesting Check-in to log out. + If the `id_token_hint` parameter is omitted, the user may be prompted to + confirm the logout. +- `client_id`: This parameter is used to specify the Client Identifier when + `post_logout_redirect_uri` is specified but `id_token_hint` is not. - `post_logout_redirect_uri`: URI to which the RP is requesting that the end user's browser be redirected after a logout has been performed. This URI should use the HTTPS scheme and the value must have been previously registered @@ -1294,6 +1316,8 @@ at the Logout Endpoint are defined below: to include either the `client_id` or `id_token_hint` parameter in case the `post_logout_redirect_uri` is included. +You can use either HTTP GET or HTTP POST to send the logout request to the Logout Endpoint. + ##### Example Request ```http @@ -1783,20 +1807,20 @@ connected to Check-in. ### 1. Community User Identifier -| attribute name | Community User Identifier | -| ----------------------: | :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| **description** | The User’s Community Identifier is a globally unique, opaque, persistent and non-reassignable identifier identifying the user. For users whose community identity is managed by Check-in, this identifier is of the form `@egi.eu`. The `` portion is an opaque identifier issued by Check-in | -| **SAML Attribute(s)** |
  • `urn:oid:1.3.6.1.4.1.25178.4.1.6` (voPersonID)
  • `urn:oid:1.3.6.1.4.1.5923.1.1.1.13` (eduPersonUniqueId)
| -| **OIDC scope** |
  • `voperson_id`
  • `aarc`
  • `openid`
| -| **OIDC claim(s)** |
  • `voperson_id`
  • `sub`
| -| **OIDC claim location** |
  • ID token
  • UserInfo Endpoint
  • Introspection Endpoint
| -| **origin** | The Community User Identifier is assigned by Check-in or an external AAI service managing the community identity of the user | -| **changes** | No | -| **multiplicity** | No | -| **availability** | Always | -| **example** | `ef72285491ffe53c39b75bdcef46689f5d26ddfa00312365cc4fb5ce97e9ca87@egi.eu` | -| **notes** | Use **Community User Identifier** within your application as the unique-identifier key for the user. Obtaining the Community User Identifier from the `sub` claim using the `openid` scope for OIDC Relying Parties or from `eduPersonUniqueId` for SAML Service Providers will be deprecated. OIDC RPs should request either the `voperson_id` or `aarc` scope to obtain the Community User Identifier. SAML PRs should request the `voPersonID` attribute to obtain the Community User Identifier. | -| **status** | Stable | +| attribute name | Community User Identifier | +| ----------------------: | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| **description** | The User’s Community Identifier is a globally unique, opaque, persistent and non-reassignable identifier identifying the user. For users whose community identity is managed by Check-in, this identifier is of the form `@egi.eu`. The `` portion is an opaque identifier issued by Check-in | +| **SAML Attribute(s)** | `urn:oid:1.3.6.1.4.1.25178.4.1.6` (voPersonID) | +| **OIDC scope** |
  • `voperson_id`
  • `aarc`
| +| **OIDC claim(s)** | `voperson_id` | +| **OIDC claim location** |
  • ID token
  • UserInfo Endpoint
  • Introspection Endpoint
| +| **origin** | The Community User Identifier is assigned by Check-in or an external AAI service managing the community identity of the user | +| **changes** | No | +| **multiplicity** | No | +| **availability** | Always | +| **example** | `ef72285491ffe53c39b75bdcef46689f5d26ddfa00312365cc4fb5ce97e9ca87@egi.eu` | +| **notes** | Use **Community User Identifier** within your application as the unique-identifier key for the user. Obtaining the Community User Identifier from the `sub` claim using the `openid` scope for OIDC Relying Parties or from `eduPersonUniqueId` for SAML Service Providers has been deprecated. OIDC RPs should request either the `voperson_id` or `aarc` scope to obtain the Community User Identifier. SAML PRs should request the `voPersonID` attribute to obtain the Community User Identifier. | +| **status** | Stable | ### 2. Display Name @@ -1919,20 +1943,20 @@ connected to Check-in. ### 9. Affiliation -| attribute name | Affiliation | -| ----------------------: | :--------------------------------------------------------------------------------------------------------------------------------------------------------- | -| **description** | The user's affiliation within a particular security domain (scope) | -| **SAML Attribute(s)** |
  • `urn:oid:1.3.6.1.4.1.5923.1.1.1.9` (eduPersonScopedAffiliation)
  • `urn:oid:1.3.6.1.4.1.25178.4.1.11` (voPersonExternalAffiliation)
| -| **OIDC scope** | `eduperson_scoped_affiliation` | -| **OIDC claim(s)** | `eduperson_scoped_affiliation` | -| **OIDC claim location** |
  • UserInfo Endpoint
  • Introspection Endpoint
| -| **origin** | Check-in assigns this attribute on user registration | -| **changes** | Yes | -| **multiplicity** | Multi-valued | -| **availability** | Always | -| **example** |
  • `member@example.org`
  • `faculty@example.org`
| -| **notes** | Service Providers are encouraged to validate the scope of this attribute | -| **status** | Stable | +| attribute name | Affiliation | +| ----------------------: | :------------------------------------------------------------------------------------------- | +| **description** | The user's affiliation within a particular security domain (scope) | +| **SAML Attribute(s)** | `urn:oid:1.3.6.1.4.1.25178.4.1.11` (voPersonExternalAffiliation) | +| **OIDC scope** | `voperson_external_affiliation` | +| **OIDC claim(s)** | `voperson_external_affiliation` | +| **OIDC claim location** |
  • UserInfo Endpoint
  • Introspection Endpoint
| +| **origin** | When available, this information originates from the user's authenticating Identity Provider | +| **changes** | Yes | +| **multiplicity** | Multi-valued | +| **availability** | Not always | +| **example** |
  • `member@example.org`
  • `faculty@example.org`
| +| **notes** | Service Providers are encouraged to validate the scope of this attribute | +| **status** | Stable | ### 10. Groups @@ -1991,13 +2015,13 @@ connected to Check-in. | ----------------------: | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **description** | Assurance of the identity of the user, following [REFEDS Assurance Framework (RAF)](https://refeds.org/assurance) and the [EGI AAI Assurance Profiles](https://docs.egi.eu/providers/check-in/sp/#level-of-assurance). The following RAF values are qualified and automatically set for all Community identities:
  • $PREFIX$
  • $PREFIX$/ID/unique
  • $PREFIX$/ID/eppn-unique-no-reassign
  • $PREFIX$/IAP/low
  • $PREFIX$/ATP/ePA-1m
  • $PREFIX$/ATP/ePA-1d
Following RAF values are set if the currently used authentication provider asserts (or otherwise qualifies to) them:
  • $PREFIX$/IAP/medium
  • $PREFIX$/IAP/high
The following compound profiles are asserted if the user qualifies to them
  • $PREFIX$/profile/cappuccino
  • $PREFIX$/profile/espresso
| | **SAML Attribute(s)** | `urn:oid:1.3.6.1.4.1.5923.1.1.1.11` (eduPersonAssurance) | -| **OIDC scope** | `eduperson_assurance` | +| **OIDC scope** | `openid` | | **OIDC claim(s)** | `eduperson_assurance` | | **OIDC claim location** |
  • UserInfo Endpoint
  • Introspection Endpoint
| | **origin** | Check-in assigns this attribute on user registration | | **changes** | Yes | | **multiplicity** | Multi-valued | -| **availability** | Not always | +| **availability** | Always | | **example** |
  • `https://aai.egi.eu/LoA#Low`
  • `https://refeds.org/assurance/IAP/low`
| | **notes** | - | | **status** | Stable | @@ -2021,20 +2045,20 @@ connected to Check-in. ### 15. SSH Public Key -| attribute name | SSH Public Key | -| ----------------------: | :------------------------------------------------------------------------------------------------------------------------------------------------ | -| **description** | Provides information about the user's SSH public key(s) | -| **SAML Attribute(s)** | `urn:oid:1.3.6.1.4.1.24552.500.1.1.1.13` (sshPublicKey) | -| **OIDC scope** | `ssh_public_key` | -| **OIDC claim(s)** | `ssh_public_key` | -| **OIDC claim location** | UserInfo Endpoint | -| **origin** | Added SSH public key(s) in user's Check-in Profile | -| **changes** | Yes | -| **multiplicity** | Multi-valued | -| **availability** | Not always | +| attribute name | SSH Public Key | +| ----------------------: | :------------------------------------------------------------------------------------------------------------------------------------------ | +| **description** | Provides information about the user's SSH public key(s) | +| **SAML Attribute(s)** | `urn:oid:1.3.6.1.4.1.24552.500.1.1.1.13` (sshPublicKey) | +| **OIDC scope** | `ssh_public_key` | +| **OIDC claim(s)** | `ssh_public_key` | +| **OIDC claim location** | UserInfo Endpoint | +| **origin** | Added SSH public key(s) in user's Check-in Profile | +| **changes** | Yes | +| **multiplicity** | Multi-valued | +| **availability** | Not always | | **example** |
  • `ssh-rsa AAAAB3NzaC...qxxEEipdnZ jdoe@grnet-hq.admin.grnet.gr`
  • `ssh-rsa AAAA4xzdIf...fxgsRDfgAt jdoe@example.org`
| -| **notes** | - | -| **status** | Experimental | +| **notes** | - | +| **status** | Experimental | @@ -2056,6 +2080,41 @@ connected to Check-in. | **status** | Experimental | + +### 17. Subject Distinguished Name (DN) of user's X.509 certificate + +| attribute name | Subject Distinguished Name (DN) of user's X.509 certificate | +| ----------------------: | :------------------------------------------------------------------------- | +| **description** | The Subject Distinguished Name of an X.509 certificate held by the person. | +| **SAML Attribute(s)** | `1.3.6.1.4.1.25178.4.1.3` (voPersonCertificateDN) | +| **OIDC scope** |
  • `voperson_certificate`
  • `aarc`
| +| **OIDC claim(s)** | `voperson_certificate_dn` | +| **OIDC claim location** | UserInfo Endpoint | +| **origin** | Check-in or the user's Identity Provider | +| **changes** | Yes | +| **multiplicity** | Multi-valued | +| **availability** | Not always | +| **example** | `/C=XX/O=YYY/OU=ZZZ/CN=John Doe` | +| **notes** | - | +| **status** | Experimental | + +### 18. Issuer Distinguished Name (DN) of user's X.509 certificate + +| attribute name | Issuer Distinguished Name (DN) of user's X.509 certificate | +| ----------------------: | :------------------------------------------------------------- | +| **description** | The Subject Distinguished Name of the X.509 certificate issuer | +| **SAML Attribute(s)** | `1.3.6.1.4.1.25178.4.1.4` (voPersonCertificateIssuerDN) | +| **OIDC scope** |
  • `voperson_certificate`
  • `aarc`
| +| **OIDC claim(s)** | `voperson_certificate_issuer_dn` | +| **OIDC claim location** | UserInfo Endpoint | +| **origin** | Check-in or the user's Identity Provider | +| **changes** | Yes | +| **multiplicity** | Multi-valued | +| **availability** | Not always | +| **example** | `/C=XX/O=YYY/OU=ZZZ/CN=Example CA` | +| **notes** | - | +| **status** | Experimental | + ## User authorisation diff --git a/content/en/providers/check-in/sp/saml-examples-keycloak-saml-idp-saml-setting.png b/content/en/providers/check-in/sp/saml-examples-keycloak-saml-idp-saml-setting.png index 6b034f5d42..200fad2f20 100644 Binary files a/content/en/providers/check-in/sp/saml-examples-keycloak-saml-idp-saml-setting.png and b/content/en/providers/check-in/sp/saml-examples-keycloak-saml-idp-saml-setting.png differ diff --git a/content/en/providers/cloud-compute/openstack/aai.md b/content/en/providers/cloud-compute/openstack/aai.md index cfa3cf6903..f89a43394e 100644 --- a/content/en/providers/cloud-compute/openstack/aai.md +++ b/content/en/providers/cloud-compute/openstack/aai.md @@ -669,7 +669,7 @@ and Demo environments already using Keycloak since June 24th 2022 and Production environment expected to migrate during July 2022. A general guide on migration is available on -[Check-in documentation](../../../check-in/sp#client-migration-to-keycloak), in +[Check-in documentation](../../check-in/sp#client-migration-to-keycloak), in this section we provide specific information for OpenStack providers. ### Changes in Apache configuration diff --git a/content/en/providers/cloud-compute/openstack/cloud-info.md b/content/en/providers/cloud-compute/openstack/cloud-info.md index 68a977c76d..497ca25ffc 100644 --- a/content/en/providers/cloud-compute/openstack/cloud-info.md +++ b/content/en/providers/cloud-compute/openstack/cloud-info.md @@ -11,7 +11,7 @@ flavors available at the OpenStack for the federation users. It runs as a single python application [cloud-info-provider](https://github.com/EGI-Federation/cloud-info-provider) that pushes information through the -[Messaging Service](../../../../internal/messaging). +[Messaging Service](../../../internal/messaging/). {{% alert title="BDII is deprecated" color="info" %}} Cloud providers no longer need to provide BDII as the Argo Messaging Service is used instead for diff --git a/content/en/providers/high-throughput-compute/_index.md b/content/en/providers/high-throughput-compute/_index.md index 5384f91d98..46e8dce6b7 100644 --- a/content/en/providers/high-throughput-compute/_index.md +++ b/content/en/providers/high-throughput-compute/_index.md @@ -32,5 +32,5 @@ Main characteristics of the service: Miscellaneous collection of documentation related to High-Throughput Compute. - [Changing the Site BDII](./changing-site-bdii) -- [HTCondor-CE Accounring](./htcondor-ce-accounting) +- [HTCondor-CE Accounting](./htcondor-ce-accounting) - [Storage Accounting](./storage-accounting) diff --git a/content/en/providers/high-throughput-compute/htcondor-ce-accounting/_index.md b/content/en/providers/high-throughput-compute/htcondor-ce-accounting/_index.md index 9fabb97347..5c77ef3d80 100644 --- a/content/en/providers/high-throughput-compute/htcondor-ce-accounting/_index.md +++ b/content/en/providers/high-throughput-compute/htcondor-ce-accounting/_index.md @@ -56,10 +56,13 @@ jobs and feed them to APEL. ```ini manual_spec1 = :9619/-condor,, ``` + + Commonly, the spec type is one of + [``HEPscore23`` or ``HEPSPEC``](https://w3.hepix.org/benchmarking.html). + The spec value is per core. For example, if the CE has the Fully Qualified Domain Name (FQDN) - `my-htcondor-ce.example.com` and resources averaging 12.5 - [HEPSPEC](https://w3.hepix.org/benchmarking.html) per core: + `my-htcondor-ce.example.com` and resources average 12.5 HEPSPEC per core: ```ini manual_spec1 = my-htcondor-ce.example.com:9619/my-htcondor-ce.example.com-condor,HEPSPEC,12.5 @@ -76,29 +79,26 @@ improved by adding performance information per machine. Performance information may be added to each HTCondor StartD. There are two separate ways to do so: -- An _absolute_ performance spec value can be assigned to the `StartD`, similar - to the average spec value assigned to the CE. HTCondor-CE APEL accounting - weights resource usage by comparing the `StartD` spec value to the average - spec value. +- An _absolute_ spec value, similar to the average spec value on to the CE. + HTCondor-CE APEL accounting then weights resource usage by comparing the + `StartD` spec value to the average spec value. In the `StartD` configuration, define `ApelSpecs` as a new-style classad - mapping between a spec type and its value; multiple spec types are supported, - but in practice `HEPSPEC` is currently the only one needed. Also add - `ApelSpecs` to the attributes of the `StartD`. + mapping of spec types and their values; multiple spec types are supported. + Also add `ApelSpecs` to the classad attributes of the `StartD`: ```ini # The absolute performance per core on this StartD - ApelSpecs = [HEPSPEC=14.37; SI2K=2793] + ApelSpecs = [HEPSPEC=14.37; HEPscore23=14.409; SI2K=2793] STARTD_ATTRS = $(STARTD_ATTRS) ApelSpecs ``` -- A _relative_ performance spec value can be assigned to the `StartD`, as a - factor to the average spec value assigned to the CE. HTCondor-CE APEL - accounting directly weights resource usage by the relative StartD spec factor. +- A _relative_ spec value, as a factor to the average spec value on to the CE. + HTCondor-CE APEL accounting then weights resource usage by the relative spec factor. In the `StartD` configuration, define `ApelScaling` as a number; values above - 1 means the performance is above average. Also add `ApelScaling` to the - attributes of the `StartD`. + 1 mean the performance is above average. Also add `ApelScaling` to the + classad attributes of the `StartD`. ```ini # The relative performance per core on this StartD diff --git a/content/en/providers/joining/federated-resource-centre/_index.md b/content/en/providers/joining/federated-resource-centre/_index.md index e574184fd4..d11e554bc8 100644 --- a/content/en/providers/joining/federated-resource-centre/_index.md +++ b/content/en/providers/joining/federated-resource-centre/_index.md @@ -131,7 +131,7 @@ different entities. Anyone can report a software vulnerability via a [form](https://csirt.egi.eu/report-vulnerability/) or by email contacting the -[Software Vulnerability Group (SVG)](https://confluence.egi.eu/display/EGIBG/SVG). +[Software Vulnerability Group (SVG)](https://confluence.egi.eu/pages/viewpage.action?pageId=82380236). The report will trigger an assessment, following the [SEC02 Software Vulnerability Issue Handling](https://go.egi.eu/sec02) diff --git a/content/en/support/_index.md b/content/en/support/_index.md index 8ea9a2ddb4..8613185f2d 100644 --- a/content/en/support/_index.md +++ b/content/en/support/_index.md @@ -9,7 +9,7 @@ menu: --- Support for EGI services is available through the -[EGI Helpdesk](http://helpdesk.egi.eu/), an internal EGI +[EGI Helpdesk](https://helpdesk.egi.eu/), an internal EGI [service](../internal/helpdesk). The EGI Helpdesk is a distributed tool with central coordination, which diff --git a/content/en/users/compute/cloud-compute/_index.md b/content/en/users/compute/cloud-compute/_index.md index 36b7fa2efe..906efd21b9 100644 --- a/content/en/users/compute/cloud-compute/_index.md +++ b/content/en/users/compute/cloud-compute/_index.md @@ -74,4 +74,4 @@ emerged: [Training infrastructure](https://www.egi.eu/service/training-infrastructure/) Eager to test this service? Have a look at -[how to create your first Virtual Machine in EGI](../../tutorials/create-your-first-virtual-machine). +[how to create your first Virtual Machine in EGI](../../tutorials/adhoc/create-your-first-virtual-machine). diff --git a/content/en/users/compute/high-throughput-compute/_index.md b/content/en/users/compute/high-throughput-compute/_index.md index b686859634..4bed00f1f0 100644 --- a/content/en/users/compute/high-throughput-compute/_index.md +++ b/content/en/users/compute/high-throughput-compute/_index.md @@ -119,4 +119,4 @@ Before users can access EGI HTC services, they have to: > If you are interested in using command-line and direct submission to Compute > Elements, there is a -> [tutorial on HTC job submission](../../tutorials/htc-job-submission). +> [tutorial on HTC job submission](../../tutorials/adhoc/htc-job-submission). diff --git a/content/en/users/compute/orchestration/workload-manager/_index.md b/content/en/users/compute/orchestration/workload-manager/_index.md index 735e10b8f2..da102920fc 100644 --- a/content/en/users/compute/orchestration/workload-manager/_index.md +++ b/content/en/users/compute/orchestration/workload-manager/_index.md @@ -23,7 +23,7 @@ scientific communities. {{% alert title="Note" color="info" %}} Workload Manager is based on -[DIRAC technology](https://diracgrid.org/).
+[DIRAC technology](https://github.com/DIRACGrid/DIRAC).
The delivery of the service is coordinated by the EGI Foundation and [IN2P3](https://in2p3.cnrs.fr/) provides the resources and operates the service. diff --git a/content/en/users/data/management/data-transfer/_index.md b/content/en/users/data/management/data-transfer/_index.md index 2c924d2b58..ede3eef73f 100644 --- a/content/en/users/data/management/data-transfer/_index.md +++ b/content/en/users/data/management/data-transfer/_index.md @@ -31,7 +31,7 @@ The main features of EGI Data Transfer are: {{% alert title="Tip" color="info" %}} Eager to test this service? Have a look at our tutorial on -[how to transfer data in the grid](../../../tutorials/data-transfer-grid-storage). +[how to transfer data in the grid](../../../tutorials/adhoc/data-transfer-grid-storage). {{% /alert %}} {{% alert title="Note" color="info" %}} EGI Data Transfer is based on the diff --git a/content/en/users/data/management/datahub/clients/_index.md b/content/en/users/data/management/datahub/clients/_index.md index 9300c2f5a7..ba454fdbdf 100644 --- a/content/en/users/data/management/datahub/clients/_index.md +++ b/content/en/users/data/management/datahub/clients/_index.md @@ -14,7 +14,7 @@ the `oneclient` component or the [API](../api). The official documentation for `oneclient` is hosted on the [Onedata homepage](https://onedata.org/#/home/documentation/doc/using_onedata/oneclient.html), -and a specific [tutorial](../../../../tutorials/vm-datahub) on how to install +and a specific [tutorial](../../../../tutorials/adhoc/vm-datahub) on how to install and use it from a Virtual Machine is also available. ## Using the web interface @@ -106,7 +106,7 @@ $ export ONECLIENT_PROVIDER_HOST=plg-cyfronet-01.datahub.egi.eu $ docker run -it --privileged \ -e ONECLIENT_ACCESS_TOKEN=$ONECLIENT_ACCESS_TOKEN \ -e ONECLIENT_PROVIDER_HOST=$ONECLIENT_PROVIDER_HOST \ - onedata/oneclient:20.02.7 + onedata/oneclient:21.02.2 Connecting to provider 'plg-cyfronet-01.datahub.egi.eu:443' using session ID: '4138963898952098752'... Getting configuration... Oneclient has been successfully mounted in '/mnt/oneclient' @@ -142,7 +142,7 @@ $ export ONECLIENT_PROVIDER_HOST=plg-cyfronet-01.datahub.egi.eu $ docker run -it --privileged \ -e ONECLIENT_ACCESS_TOKEN=$ONECLIENT_ACCESS_TOKEN \ -e ONECLIENT_PROVIDER_HOST=$ONECLIENT_PROVIDER_HOST \ - -v $PWD:/mnt/src --entrypoint bash onedata/oneclient:20.02.7 + -v $PWD:/mnt/src --entrypoint bash onedata/oneclient:21.02.2 root@aca612a84fb4:/tmp# oneclient /mnt/oneclient Connecting to provider 'plg-cyfronet-01.datahub.egi.eu:443' using session ID: '1641165171427694510'... Getting configuration... diff --git a/content/en/users/data/management/rucio/admin/_index.md b/content/en/users/data/management/rucio/admin/_index.md index 17148b5fbc..74b7500ef4 100644 --- a/content/en/users/data/management/rucio/admin/_index.md +++ b/content/en/users/data/management/rucio/admin/_index.md @@ -22,7 +22,7 @@ authentication methods. The identities bind authentication methods and permissions to the account. The account you want to create identities for is input as an argument. Accounts will have different permissions and access (such as how much data they can store on a particular -[RSE](https://rucio.cern.ch/documentation/rucio_storage_element)). +[RSE](https://rucio.cern.ch/documentation/started/concepts/rucio_storage_element/)). ### CLI Example @@ -62,7 +62,7 @@ True ## Creating RSE(s) -[Rucio Storage Elements](https://rucio.cern.ch/documentation/rucio_storage_element) +[Rucio Storage Elements](https://rucio.cern.ch/documentation/started/concepts/rucio_storage_element/) (RSEs) are how Rucio represents the physical storage available to your VO. As with many aspects of Rucio there are a lot of optional attributes that can be set for an RSE, but as a minimum a protocol for transfers need to be added @@ -193,10 +193,10 @@ documentation or the help for the function in question. Most operations in Rucio (such as transfers, deletions, rule evaluation) require one or more of the -[daemons](https://rucio.cern.ch/documentation/main_components) to be running in -order to take effect. For a multi-VO instance, these should be running for all -VOs already. However, on new VO's joining Rucio some updating of the daemons -will be necessary. +[daemons](https://rucio.cern.ch/documentation/started/main_components#daemons) +to be running in order to take effect. For a multi-VO instance, these should be +running for all VOs already. However, on new VO's joining Rucio some updating of +the daemons will be necessary. If it seems like it is not quite right please contact the Rucio team through [GGUS](https://ggus.eu/?mode=ticket_submit). @@ -204,11 +204,11 @@ If it seems like it is not quite right please contact the Rucio team through ## Uploading Data In Rucio files and their replicas are represented by Data Identifiers -([DIDs](https://rucio.cern.ch/documentation/file_dataset_container)), which are -composed of a scope and name. Furthermore, multiple files can be attached to a -dataset, which in turn can be attached to a container (which can be attached to -another container and so on). Datasets and containers are also represented by -DIDs. +([DIDs](https://rucio.cern.ch/documentation/started/concepts/file_dataset_container)), +which are composed of a scope and name. Furthermore, multiple files can be +attached to a dataset, which in turn can be attached to a container (which can +be attached to another container and so on). Datasets and containers are also +represented by DIDs. Scopes are always associated with a particular Rucio account, and must be added to Rucio using an admin account. If no scope is provided when uploading, Rucio @@ -303,8 +303,8 @@ True Once a DID exists within the Rucio catalogue, replicas of that file, dataset or collection are created and maintained by -[Replication rules](https://rucio.cern.ch/documentation/replica_management). By -uploading a file to a particular RSE, a replication rule is created for that +[Replication rules](https://rucio.cern.ch/documentation/started/concepts/replica_management). +By uploading a file to a particular RSE, a replication rule is created for that file, however rules can also be added for existing DIDs. As a minimum an RSE and number of copies must be specified, but further options such as lifetime of the rule and selecting RSEs based on user set attributes are also possible. diff --git a/content/en/users/data/management/rucio/getting-started/_index.md b/content/en/users/data/management/rucio/getting-started/_index.md index f51325312b..c06045d13a 100644 --- a/content/en/users/data/management/rucio/getting-started/_index.md +++ b/content/en/users/data/management/rucio/getting-started/_index.md @@ -9,9 +9,9 @@ description: >- ## Rucio terms -- [**Rucio Storage Element**](https://rucio.cern.ch/documentation/rucio_storage_element) +- [**Rucio Storage Element**](https://rucio.cern.ch/documentation/started/concepts/rucio_storage_element/) (RSE) is another name for an endpoint, or storage solution. -- [**Rules**](https://rucio.cern.ch/documentation/replica_management) are an +- [**Rules**](https://rucio.cern.ch/documentation/started/concepts/replica_management) are an instruction to Rucio to do a certain thing. This can be to ensure file _x_ has at least 1 copy at _storagesite1_, or ensure file _y_ is on tape, or even on tape at more than one location, or even file _z_ has 2 copies at any site diff --git a/content/en/users/data/storage/object-storage/_index.md b/content/en/users/data/storage/object-storage/_index.md index 06f53b773f..f617b9995d 100644 --- a/content/en/users/data/storage/object-storage/_index.md +++ b/content/en/users/data/storage/object-storage/_index.md @@ -482,7 +482,7 @@ will be able to generate properly signed URLs for the objects in the storage. `` `egi.eu` for more details. {{% /alert %}} You can then refer to this -[tutorial](../../../tutorials/data-transfer-object-storage) to see how to +[tutorial](../../../tutorials/adhoc/data-transfer-object-storage) to see how to transfer to/from an Object storage endpoint. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+Target Audience: e-Infrastructure platform and technology providers and those researching +or applying (distributed) deep learning at any level. + +"Webinar: Distributed Deep Learning with Horovod" (March, 2023) +

+Agenda, slides and recording: +https://www.egi.eu/event/webinar-distributed-deep-learning-with-horovod/ +

+ +

+About: This webinar is focused on the Horovod distributed deep learning framework +and the reference architecture and service(s) built for supporting it. The aim of +the presented works is to enable the efficient utilisation of cloud resources in the +heavily resource intensive task of distributed deep learning. The concept of reference +architectures is also briefly presented, along with the experiences gained from their +continuous development. +
+Target Audience: Scientific communities, developers, integrators and end users. + +"FAIR EVA (Evaluator, Validator & Advisor)" (April, 2022)” +

+Agenda, slides and recording: https://indico.egi.eu/event/5876/ +

+ +

+About: FAIR EVA (Evaluator, Validator and Advisor) has been developed to check +the FAIRness level of digital objects from different repositories or data portals. +It requires the object identifier and the repository to check and it can be adapted +to different contexts and environments. Developed within the EOSC-Synergy project it +aims at helping data producers and data managers to evaluate the adoption of the FAIR +principles based on the RDA indicators. This webinar will present the tool as well as +show how it can be deployed, how the different tests work and how it can be adapted +to different data systems. +
+Target Audience: Scientific communities, developers, integrators and end users. + +"OpenRDM - FAIR research data management as a service to the scientific community" (January, 2022) +

+Agenda, slides and recording: https://indico.egi.eu/event/5753/ +

+ +

+About: openRDM.eu +provides FAIR research data management. It offers research data management as a service +to the scientific community, based on the powerful openBIS platform. +The service is available as a preview version containing an openBIS instance. Preview is +intended for end-users to learn service & eventually plan on-premise and/or, own cloud based +deployment. Alternatively, self-hosting using local IT infrastructure at the respective institution +can also be agreed. Consulting & support for on-premise and/or own cloud based deployment of openBIS +is also offered along with user support including data model generation, to be able to import data +into openBIS & training for the use of openBIS as a data management platform. +

+OpenBIS is designed to facilitate robust data management for a wide variety of experiment types +and research subjects. It allows tracking, annotating, and sharing of data throughout distributed +research projects in different quantitative sciences. +
+Target Audience: User communities that want to use GPUs in Clouds. + +"How to train your AI models in EOSC", (Dec. 2021) +

+Agenda, slides and recording: https://indico.egi.eu/event/5742/ +

+ +

+About: Learn how you can train and develop AI models in EOSC using the distributed and federated +computing infrastructure of EGI and the services developed during the Deep Hybrid DataCloud project. +The webinar, sponsored by the EGI-ACE project, covers: +
    +
  1. How to prototype, build and train AI applications exploiting resources from EU e-infrastructures.
    2. +
  2. Use and share AI trained models developed by other researchers (from and outside your communities) with the DEEP Marketplace.
    3. +
+
+Target Audience: Scientific communities, developers, integrators and end users. + +"How to orchestrate services in the EOSC Compute Platform with the INDIGO PaaS" (Oct. 2021) +

+Agenda, slides and recording: https://indico.egi.eu/event/5720/ +

+ +

+About: The INDIGO PaaS implements an abstraction and federation layer on top +of heterogeneous distributed computing environments: it allow to orchestrate and +coordinate the provisioning of virtualized compute and storage resources on Cloud +Management Frameworks, both private and public (like OpenStack, OpenNebula, AWS, etc.), +and the deployment of dockerized long-running services and batch jobs on Container Orchestration +Platforms like Apache Mesos and Kubernetes. +

+In this webinar, we will describe the architecture of the INDIGO Platform and its +main features. The demo will show how users can easily interact with this orchestration +system using both the command line interface and the web dashboard. +
+Target Audience: Scientific communities, developers, integrators and end users. + +"Analyze your data using DODAS generated cluster" (September, 2021) +

+Agenda, slides and recording: https://indico.egi.eu/event/5695/ +

+ +

+About: DODAS enables the execution of user analysis code both in batch mode +and interactively via the Jupyter interface. DODAS is highly customizable and offers +several building blocks that can be combined together in order to create the best +service composition for a given use case. The currently available blocks allow to +combine Jupyter and HTCondor as well as Jupyter and Spark or simply a jupyter interface. +In addition, they allow the management of data via caches to optimise the processing +of remote data. This can be done either via XCache or MinIO S3 object storage capabilities. +DODAS is based on docker containers and the related orchestration relies on Kubernetes +that enables the possibility to compose the building blocks via a web-based user interface thanks to Kubeapps. +

+In this webinar we will explain the DODAS fundamentals and we will provide a user oriented demo. +
+Target Audience: Scientific communities, developers, integrators and end users. + +"Running containers in your user space with udocker" (June, 2021) +

+Agenda, slides and recording: https://indico.egi.eu/event/5541/ +

+ +

+About: udocker enables the execution of docker containers in user +space without requiring root privileges for installation or use. Udocker +implements the pull, load, import and execution of containers by non-privileged +users in Linux systems where docker is not available. It can be used in Linux batch +systems and interactive clusters that are managed by other entities, such as grid +infrastructures or externally managed batch or interactive systems. udocker does not +require any type of privileges nor the deployment of services by system administrators. +It can be downloaded and executed entirely by the end user. +

+udocker offers several execution modes exploiting system call interception, library call +interception and namespaces. udocker integrates several tools to provide a subset of the +docker capabilities aimed at container execution. +

+In this webinar we will explain the udocker fundamental, how to use udocker to execute +Linux containers and how to best exploit the several execution engines. +
+Target Audience: Scientific communities, for programmers and IT-service providers +who support research and education. + +"Deploying virtual infrastructures with Infrastructure Manager (IM)" (May, 2021) +

+Agenda, slides and recording: https://indico.egi.eu/event/5495/ +

+ +

+About: The Infrastructure Manager (IM) is a framework that eases the +access and the usability of IaaS clouds by automating the VMI selection, deployment, +configuration, software installation, monitoring and update of Virtual Appliances. +It supports APIs from a large number of virtual platforms, making user applications +cloud-agnostic. In addition it integrates a contextualization system to enable the +installation and configuration of all the user required applications providing the +user with a fully functional infrastructure. It is a service that features a web-based GUI, +a XML-RPC API, a REST API and a command-line application. +

+In this webinar we will focus the usage of the IM Dashboard an easy to use web interface +designed to enable not advanced users to deploy a set of predefined and well tested customizable +virtual infrastructures (Kubernetes, SLURM, Mesos, Galaxy, …) in top of a wide range of cloud providers +(EGI Cloud Compute and also commercial and open clouds – AWS, Google Cloud, Azure, OpenStack, OpenNebula, …) +with a single set of mouse clicks. +

+IM has been developed by the Grid and High Performance Computing Group (GRyCAP) +at the Instituto de Instrumentacion para Imagen Molecular (I3M) +from the Universitat Politecnica de Valencia (UPV). +
+Target Audience: Site administrators already familiar with an earlier version of +ARC CE or planning a migration to ARC from the CREAM platform. + +"Rolling out ARC6 CE" (July 2020) +

+Agenda, slides and recording: https://indico.egi.eu/event/5157/ +

+ +

+About: The Advanced Resource Connector (ARC) middleware integrates computing resources +(usually, computing clusters managed by a batch system), making them available via a secure +common layer. Conceptually, ARC provides an edge service to batch systems. Through this service, +called ARC Compute Element (ARC-CE), scientific communities can launch and manage computational +tasks in a uniform manner. +

+A bit more than a year ago a non backward compatible major version, the ARC6.0 was released +bringing new functionality, enhanced manageability and increased stability to the community. +With the availability of the ARC6 release the support for the previous ARC5 deployments are +to be discontinued with the end of June 2020. +

+This interactive webinar will introduce the major new features of the ARC6 release and cover +the deployment steps of an ARC6 CE both as a new installation and as an upgrade from a previous +ARC5-based deployment. Special attention will be given to the accounting system related changes +and the new one-shop-stop sysadmin toolbox built around arcctl. +
+Target Audience: Scientific communities, developers, integrators and end users. + +"High performance software - Easy gains with simple CUDA" (April 2023) +

+ +

+About: This tutorial provides an introduction to CUDA in high +performance software, covering roughly these topics: +
    +
  • +Best practices for high performance software engineering, +such as avoiding premature optimization, ensuring cache alignment, etc. +
    • +
  • +A broad introduction to GPUs, including their hardware +and which categories of problems they are/aren't best suited for. +
    • +
  • Installing and working with GPU frameworks
    • +
  • An overview of profiler tools and how to use them
    • +
  • +A live coding session to implement and diagnose a basic CUDA program, +with the level of detail dependent on available time +
    • +
  • Q&A and stories from the trenches
    • +
+Please note that the training will not cover multi-GPU setups or +provide a detailed dive into GPU hardware and CUDA specifics. +Participants should have basic knowledge of Python and matrix +computation libraries like NumPy. +

+Slides and code + +
diff --git a/content/en/users/tutorials/foundation/_index.md b/content/en/users/tutorials/foundation/_index.md new file mode 100644 index 0000000000..1c0aed92c3 --- /dev/null +++ b/content/en/users/tutorials/foundation/_index.md @@ -0,0 +1,108 @@ +--- +title: Foundation level +linkTitle: Foundation +type: docs +weight: 10 +description: > + These tutorials provides an overview of the EGI federation and of the EGI services, with highlights of their typical use cases. +--- + + + + + + + + + + + + +
+Target Audience: Newcomers of the EGI Infrastructure +

+Are you new to EGI? And maybe a bit confused about what EGI is, what we do, +how we are structured and how you can collaborate with us? Then this is the +webinar for you! +		 +"An introduction to EGI" (October, 2021) +

+Agenda, slides and recording: https://indico.egi.eu/event/5464/contributions/15771/ +

+ +

+About: The EGI Federation is an international e-Infrastructure to provide +advanced computing and data analytics services for research and innovation. +EGI federates compute resources, data management services, support teams +and various online, thematic services from over 30 countries and international +institutes, to make those available for researchers, innovators and educators. +This webinar will provide a basic introduction to EGI, covering all the +fundamental topics that you need to know before deep-diving on the advanced +services to conduct world-class research and innovation. +
+Target Audience: +
    +
  • Scientific communities, projects, research infrastructures who + wish to learn about the services of EGI.
    • +
  • E-infrastructure and other service providers who want to be part + of a pan-European federation to support international science.
    • +
+		 +"EGI Federation - Advanced Computing for Research" (April 2020) +

+Agenda, slides and recording: https://indico.egi.eu/event/5083/ +

+ +

+About: The EGI federation is the largest distributed computing +infrastructure in the world, and brings together hundreds of data centres +worldwide and also includes the largest community cloud federation in Europe +with tens of cloud providers across most of the European countries offering +IaaS cloud and storage services. The current federated resources represent +altogether more than 350 Petabytes of online storage and 380 Petabytes of archival +storage supported by approximately 1 M Cores. EGI expanded the federation of its +facilities with other non-European digital infrastructures in North America, +South America, Africa-Arabia and the Asia-Pacific region, as such EGI fully +realised the “Open to the World” vision. In order to interoperate at international +level, EGI and its partners operate in the context of a lightweight collaboration +framework defining rules of participations via a corpus of policies and technical guidelines. +

+EGI offering includes a federated IaaS cloud to run compute- or data-intensive +tasks and host online services in virtual machines or docker containers on IT resources +accessible via a uniform interface; high-throughput data analysis to run compute-intensive +tasks for producing and analysing large datasets and store/retrieve research data efficiently +across multiple service providers; federated operations to manage service access and operations +from heterogeneous distributed infrastructures and integrate resources from multiple independent +providers with technologies, processes and expertise offered by EGI; consultancy for user-driven +innovation to assess research computing needs and provide tailored solutions for advanced computing. +

+The notion of a distributed infrastructure offering advanced resources and services for +data-intensive processing in research and innovation has been part of the EGI mission +and vision since the EGI design and implementation that started with the DataGrid project +back in 2000 under the leadership of CERN. Distributed processing of data supported by +a pan-European broadband network infrastructure, solutions for trust and identity management +and the Grid middleware, have been the enablers of two Nobel prizes in Physics (2013 and 2017), +and many more data-driven scientific discoveries in high energy physics, astronomy and astrophysics, +health and medicine, and earth sciences resulting in more than 3,000 open access scientific +publications enabled each year. In this webinar Gergely will provide an overview of EGI, +the pan-european federation of national e-infrastructures and he will explain how EGI supports +big data based Open Science and contributes to the implementation of the EOSC vision. The talk goes +through the services that EGI provides for scientific communities, and for the members of the +federation, and will show how these services benefit research, science and innovation in Europe and worldwide. +
diff --git a/content/en/users/tutorials/intermediate/_index.md b/content/en/users/tutorials/intermediate/_index.md new file mode 100644 index 0000000000..26189cbe29 --- /dev/null +++ b/content/en/users/tutorials/intermediate/_index.md @@ -0,0 +1,623 @@ +--- +title: Intermediate level +linkTitle: Intermediate +type: docs +weight: 20 +description: > + Tutorials for individual services from the EGI owned service portfolio, as + well as services that are offered by the broader EGI community to complement + the EGI services towards certain types of advanced computing use cases. +--- + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+Target Audience: Scientific communities, developers, integrators and end users. + +"Data Management in EGI with Rucio and FTS" (October, 2021) +

+Agenda, slides and recording: https://indico.egi.eu/event/5711/ +

+ +

+About: Rucio is a data management software, originally developed +for ATLAS at CERN to supersede their previous data management software 10 years ago. Since then +Rucio has been constantly developed by ATLAS and other communities that have come to use Rucio, +ensuring that it is a feature rich, and well maintained open software. +

+Multi-VO Rucio implemented by the STFC in the UK hosts Rucio as a service for many communities. +This is to provide communities the opportunity to use Rucio for their data management solution, +without having to learn about, and host their own instance of Rucio. +

+FTS is a low level data movement service, responsible for +reliable bulk transfer of files between storages. It's responsible for globally distributing +the majority of the LHC data across the WLCG infrastructure and it supports many communities is EGI. +

+In this webinar we introduce the main functionalities and show how to interact with the services +in order to schedule transfers. +

+Suggested tutorials + +
+Target Audience: Scientific communities, developers, integrators and end users. + +"Using EGI Cloud infrastructure with fedcloudclient" (September, 2021) +

+Agenda, slides and recording: https://indico.egi.eu/event/5694/ +

+ +

+About: The FedCloud client is a high-level Python package for a command-line client +designed for interaction with the OpenStack services in the EGI infrastructure. The client +can access various EGI services and can perform many tasks for users including managing +access tokens, listing services, and mainly execute commands on OpenStack sites in EGI infrastructure. +

+The webinar will provide tutorial and demonstration of using fedcloudclient in EGI Cloud infrastructure. +

+Suggested tutorials + +
+Target Audience: Scientific communities, developers, IT service providers, and end users. + +"Using Dynamic DNS service in the EGI Cloud infrastructure" (June, 2021) +

+Agenda, slides and recording: https://indico.egi.eu/event/5559/ +

+ +

+About: Nowadays, more and more services are dynamically deployed in Cloud environments. +Usually, the services hosted on virtual machines in Cloud are accessible only via IP addresses +or pre-configured hostnames given by the target Cloud providers, making it difficult to provide +them with meaningful domain names. +

+The Dynamic DNS service provides a unified, federation-wide Dynamic DNS support for VMs in +EGI infrastructure. Users can register their chosen meaningful and memorable DNS host names +in given domains (e.g. my-server.vo.fedcloud.eu) and assign to public IPs of their servers. +By using Dynamic DNS, users can host services in EGI Cloud with their meaningful service names, +can freely move VMs from sites to sites without modifying server/client configurations (federated approach), +and can request valid server certificates in advance (critical for security). +

+The webinar will provide demonstration and tutorial, also practical advice on using Dynamic DNS +service in realistic user scenarios. +
+Target Audience: Developers and administrators of relying parties that want to connect +to Check-in for authenticating users and managing their access rights. + +"Providing controlled access to distributed resources and services with EGI Check-in: +the provider perspective"(May, 2021) +

+Agenda, slides and recording: https://indico.egi.eu/event/5494/ +

+ +

+About: This webinar will help new services to integrate with Check-in, +the EGI Authentication & Authorisation Infrastructure enabling secure access +to relying parties. The target group of the training are developers and administrators +of services that want to connect to Check-in for user authentication and authorisation. +

+The training will showcase the use of the EGI Check-In Federation Registry tool for +managing the lifecycle of a relying party, i.e. registration, reconfiguration and +de-registration. The training will include hands-on sessions for the participants +to integrate their own relying party to Check-In. +
+Target Audience: Scientific communities and IT-service providers who support +research and education. + +"Access and analyze data from the EGI DataHub with Jupyter notebooks and MATLAB" (May, 2021) +

+Agenda, slides and recording: https://indico.egi.eu/event/5499/ +

+ +

+About: Good, clean data is hard to come by. The EGI provides scientists and +researchers access to a large collection of public datasets from data centres globally. +This data can be accessed using the EGI Jupyter Notebook service. MATLAB users can now +analyse this data using the familiar MATLAB desktop, via a web browser, on the EGI’s resources. +

+In this webinar, you will learn how to: +
    +
  1. Use your MATLAB licence to login to the EGI MATLAB installation
    2. +
  2. Access data from the EGI DataHub
    3. +
  3. Read in scientific data into MATLAB
    4. +
  4. Analyse and visualise data using computational notebooks called MATLAB Live Scripts.
    5. +
  5. Share your MATLAB code with your peers.
    6. +
+Suggested tutorials + +
+Target Audience: Scientific communities and IT-service providers. + +"Monitoring services with ARGO" (May, 2021) +

+Agenda, slides and recording: https://indico.egi.eu/event/5496/ +

+ +

+About: ARGO is a lightweight +service for Service Level Monitoring designed for medium and large sized +Research Infrastructures. Services are monitored with probes compatible +with flexible and widely adopted Nagios plugin format. Besides basic availability +checks, services can be monitored by emulating typical user scenarios that allows +to derive the quality of service the actual user gets. +

+ARGO offers near real-time status updates which allow both end-users and site +admins to have an overview of the services offered at any given point in time +via a web user interface and via enriched email notifications. ARGO generates +custom Availability and Reliability reports based on the aggregated monitoring +data. The rich monitoring data collected in ARGO service is actually stored in +a highly flexible big data friendly form using state-of-the-art computational +pipelines and formats. This provides the ability to reuse & analyse the data in +different ways such as to highlight service usage patterns and provide a number +of trends and insights. +

+In this training session we are going to show the process we follow to monitor a +new service with ARGO. In addition, the real time computations and the results via +the alerts, API and UI will be shown. +

+ARGO is a service jointly developed and maintained by +CNRS, +GRNET and +SRCE. +
+Target Audience: Scientific communities, and programmers who support research and education. + +"Managing Singularity, Docker and udocker containers, Kubernetes clusters in the EGI Cloud" (April, 2021) +

+Agenda, slides and recording: https://indico.egi.eu/event/5492/ +

+ +

+About: Containers provide a streamlined way to build, test, deploy, +and redeploy applications on different environments: from the developer’s +local machine to any cloud provider. Containers make it easy for developers +to package applications and for operators to manage and deploy those applications +on the infrastructure. Container orchestrators like Kubernetes facilitate the +management of containerized workloads and services, using declarative configuration +and automation. In this webinar we will introduce the different runtimes available +for executing containers in EGI infrastructure and will show how to manage Kubernetes +clusters to get your containers under control executed on EGI cloud providers. +
+Target Audience: Users and application experts of the EGI communities. + +"DIRAC Services for EGI users" (October, 2020) +

+Agenda, slides and recording: https://indico.egi.eu/event/5267/ +

+ +

+About: DIRAC is a complete framework for building distributed computing systems +of any level of complexity. Initially developed for the LHCb High Energy Physics experiment +at the LHC collider at CERN, the framework was generalised for the use by multiple scientific +communities in various domains. Services based on the DIRAC software are offered by several +grid infrastructure projects such as France-Grilles or GridPP/UK. Since 2014, the DIRAC services +have also been provided for the EGI users. During the webinar, an overview of the DIRAC framework +will be presented together with a number of services offered to the users by EGI: how to manage +user jobs in the EGI infrastructure, how to connect custom computing and storage resources, +how to manage user data as well as automate regular tasks. Extending DIRAC with community +custom services will also be discussed. +
+Target Audience: IT service providers, site and NGI operation managers (new member of staff). + +"EGI Operations and responsibilities of an NGI" (October 2020) +

+Agenda, slides and recording: https://indico.egi.eu/event/5268/ +

+ +

+About: This webinar will give an overview of tried and tested approaches to +federated operations, both at the level of the infrastructure as well as at the national +level. It will cover the most important aspects and day-to-day work covered by staff - +both at the international infrastructure level at EGI as well as at an example National Grid +Initiative (NGI). Example scenarios will be presented along with the tools used to deal with +the scenarios. Finally there will be an opportunity for questions and discussions arising +from the topics covered. +
+Target Audience: Site administrators and cluster administrators; CVMFS power users. + +"CernVM-FS for Containers" (October 2020) +

+Agenda, slides and recording: https://indico.egi.eu/event/5251/ +

+ +

+About: Delivering complex software stacks across a worldwide distributed system +is a challenge in high-throughput scientific computing. The global-scale virtual file +system CernVM-FS distributes more than a billion software binaries to hundreds of thousands +of machines around the world. +

+In this webinar, we will present the latest developments with regard to CernVM-FS container +integration. Containers and CernVM-FS team up nicely: containers provide the isolation +capabilities that decouple the application stack from the underlying platform and CernVM-FS +provides efficient distribution means for the containerized software binaries. Containers are +an enabling technology to harness opportunistic resources and HPC facilities. CernVM-FS enables +the use of such resources at scale. In this webinar, we will show how existing repositories can +be used with several popular container runtimes, such as docker, podman, singularity, and kubernetes. +We will also show how operating system containers themselves can be efficiently distributed through +CernVM-FS. Lastly, we will highlight an upcoming new way of publishing content from within a container. +This makes it easy to set up, build and test and deploy-to-cvmfs pipelines on kubernetes. +
+Target Audience: Scientific communities, and IT-service providers who support research and education. + +"The EGI Datahub to federate distributed data sets for data-intensive applications in the cloud" (June 2020) +

+Agenda, slides and recording: https://indico.egi.eu/event/5089/ +

+ +

+About: The EGI DataHub allows users to make their data available using different +levels of access: from completely unrestricted open access to open data to authenticated +access to closed data sets. This is possible as a result of the seamless integration with +the EGI AAI service. The data hosted on the EGI DataHub can be readily accessible by cloud +Virtual Machines (VMs) or running grid jobs thanks to full integration with EGI Federated +Cloud and High-Throughput compute resources. The use of protocols such as POSIX and web +services guarantees easy and scalable access to data from cloud and HTC applications. This +ensures maximum compatibility with existing applications and minimum hassle for developers +and users alike. The EGI DataHub is built on top of the EGI Open Data Platform using Onedata +technology to connect a wide range of existing storage services, regardless of their underlying +technology (e.g. Lustre, Amazon S3, Ceph, NFS, or dCache). +

+During this webinar the QoS and hybrid cloud data processing scenarios for distributed EOSC +environments based on EGI DataHub and Onedata solutions will be introduced. +
+Target Audience: Scientific communities and IT-service providers who operate IdP for them. + +"The EGI AAI Check-In service for scientific communities" (May 2020) +

+Agenda, slides and recording: https://indico.egi.eu/event/5088/ +

+ +

+About: The EGI Check-in service (also called EGI AAI proxy) enables access to +EGI services and resources using federated authentication mechanisms. Specifically, +the proxy service is operated as a central hub between federated Identity Providers +(IdPs) residing ‘outside’ of the EGI ecosystem, and Service Providers (SPs) that are +part of EGI. The main advantage of this design principle is that all entities need to +establish and maintain technical and trust relation only to a single entity, +the EGI AAI proxy, instead of managing many-to-many relationships. In this context, +the proxy acts as a Service Provider towards the Identity Providers and as an Identity +Provider towards the Service Providers. +

+Through the EGI AAI proxy, users are able to authenticate with the credentials +provided by the IdP of their Home Organisation (e.g. via eduGAIN), as well as using +social identity providers, or other selected external identity providers (support for +eGOV IDs is also foreseen). To achieve this, the EGI AAI has built-in support for SAML, +OpenID Connect and OAuth2 providers and already enables user logins through Facebook, +Google, LinkedIn, and ORCID. In addition to serving as an authentication proxy, the +EGI AAI provides a central Discovery Service (Where Are You From – WAYF) for users to +select their preferred IdP. +

+The EGI AAI proxy is also responsible for aggregating user attributes originating +from various authoritative sources (IdPs and attribute provider services) and +delivering them to the connected EGI service providers in a harmonised and +transparent way. Service Providers can use the received attributes for authorisation +purposes, i.e. determining the resources the user has access to. +

+During this webinar we will give an overview about the service and provide +guidelines to support the resource providers’ and communities' needs for federated +access through the EGI AAI Check-In service. The webinar will also cover more advanced +workflows for addressing non-web-based access use cases (e.g. command line and API). +
+Target Audience: Scientific communities, for programmers and IT-service providers who support research and education. + +"The EGI Notebooks service: Support for analytics and big data visualisation in the cloud" (May 2020) +

+Agenda, slides and recording: https://indico.egi.eu/event/5087/ +

+ +

+About: The EGI Notebooks service is an environment based on Jupyter and the +EGI cloud service that offers a browser-based, scalable tool for interactive data analysis. +The notebooks environment provides users with notebooks where they can combine text, +mathematics, computations and rich media output. The service, in production since late 2019, +is offered in two options: (i) Notebooks for researchers: EGI offers a basic instance of the +Notebooks as an open service. Any researcher can access this automatically to write and play +notebooks on limited capacity cloud servers. (ii) Notebooks for communities: EGI offers customised +Notebooks service to scientific communities. Such customised instances can be hosted on special +hardware (for example with fat nodes and GPUs), can offer special libraries, data import/export +and user authentication systems. +

+During the webinar Enol will go through the main features of the EGI Notebooks service and +he will explain how to use it with Binder and other open-source solutions to implement Open Science. +
+Target Audience: Researchers, and IT-service providers who support research and education. + +"Introduction of the EGI Cloud Compute service" (April 2020) +

+Agenda, slides and recording: https://indico.egi.eu/event/5085/ +

+ +

+About: The EGI Federated Cloud is a IaaS-type cloud, made of academic private +clouds and virtualized resources and built around open standards. Its development is +driven by requirements of the scientific community. The result is a new type of research +e-infrastructure, based on the mature federated operations services that make EGI a reliable +resource for science. +

+When using EGI Federated Cloud resources, researchers and research communities can +count on: a.) Total control over deployed applications, b.) Elastic resource consumption +based on real need, c.) Immediately processed workloads – no more waiting time, +d.) An extended e-Infrastructure across resource providers in Europe, and +e.) Service performance scaled with elastic resource consumption. +

+In this webinar an overview of the EGI Federated Cloud and how this scalable computing +platform can be used for data and/or compute driven research and/or support the development +of advanced services for research and science will be provided by Enol Fernandez. The webinar +will be relevant for researchers, and IT-service providers who support research and education. +

+Suggested tutorials + +
+Target Audience: Scientific communities, for programmers and IT-service providers who support research and education. + +"Introduction to Slurm" (March 2023) +

+ +

+About: Slurm is an open-source, fault-tolerant, and highly scalable +cluster management and job scheduling system for large and small Linux clusters. +In this tutorial, we briefly discuss the benefits of using batch schedulers, +the motivations to use Slurm and provide a list of commands to get started with Slurm. +

+Suggested material + +
+Target Audience: Scientific communities, for programmers and IT-service providers who support research and education. + +"Introduction to Snakemake" (December 2022) +

+ +

+About: The Snakemake workflow management system is a tool +for creating reproducible and scalable data analyses. Workflows +are described via a human-readable, Python-based language. They +can be seamlessly scaled to server, cluster, grid and cloud environments +without the need to modify the workflow definition. Finally, Snakemake +workflows can entail a description of the required software, which will +be automatically deployed to any execution environment. +

+Slides and code + +
+Target Audience: Scientific communities, for programmers and IT-service providers who support research and education. + +"Leveraging the Onedata Platform for Long-Term Data Archiving" (June 2023) +

+ +

+About: In this presentation, we will discuss the latest advancements +in the Onedata platform, focusing on its new features for long-term data +archiving and processing. We will demonstrate how the platform has been +optimized to meet the Open Archival Information System (OAIS) standards, +ensuring the reliable preservation and accessibility of archived information +over time. Furthermore, we will explore the integration of Function as a +Service (FaaS) capabilities in the platform, allowing for seamless and +scalable data processing on demand. By combining the robust archiving +capabilities of the OAIS standard with the flexibility of FaaS, the Onedata +platform emerges as a powerful solution for organizations seeking efficient +and reliable management of their long-term data storage and processing needs. +
+ diff --git a/content/en/users/tutorials/scientific/_index.md b/content/en/users/tutorials/scientific/_index.md new file mode 100644 index 0000000000..eedd94194c --- /dev/null +++ b/content/en/users/tutorials/scientific/_index.md @@ -0,0 +1,345 @@ +--- +title: Scientific level +linkTitle: Scientific +type: docs +weight: 40 +description: > + Examples of domain-specific Thematic Services benefiting from the solutions offered by the EGI Infrastructure. +--- + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+Target Audience: +
    +
  • Oceanographers
    • +
  • Climate Researchers
    • +
  • Ocean Modellers
    • +
  • Ocean Data Managers
    • +
+		 +"The EGI-ACE webODV – Online extraction, analysis and visualisation of SeaDataNet and Argo data" (Nov. 2022) +

+Agenda, slides and recording: https://indico.egi.eu/event/5980/ +

+ +

+About: ODV (Ocean Data View) is a widely used software package for the analysis, +exploration and visualization of oceanographic and other environmental data with almost +100,000 registrations since the 1990’s and more than 10,000 active users. ODV has been +further developed as part of the EU supported activities of SeaDataNet, the pan-European +infrastructure for marine and ocean data management. To make working with web-based large +community datasets easier, an online version of the ODV software called webODV has been +developed, which provides typical ODV functionality in the form of web services. webODV +has been deployed in the cloud in the framework of the EU EGI-ACE project, which seeks +to promote scientific analytical cloud services in support of the European Open Science +Cloud (EOSC) initiative. +

+In this webinar, we will be able to learn about the webODV Explorer and Extractor +components in combination with the large validated Temperature & Salinity data collections +as provided by SeaDataNet and EuroArgo – Argo. Instructions on how to register as a user +to perform analytics, extractions, and visualisations will also be presented. +
+Target Audience: Scientific communities and end users. + +"Can deep learning models help accelerate electrostatics-driven protein pKa predictions?" (Nov. 2022) +

+Agenda, slides and recording: https://indico.egi.eu/event/5981/ +

+ +

+About: pH is a crucial physicochemical property that affects proteins molecular structure, +folding, stability, and function. Many computational methods have been developed to calculate +pKa values. In the highly accurate, but slow, Poisson–Boltzmann (PB)-based methods, proteins are +represented by point charges in a low dielectric medium surrounded by an implicit solvent +(high dielectric). Empirical methods rely on statistically fitting parameters over large +datasets of experimental pKa values. These are much faster than the physics-based methods, +although at the cost of less microscopic insights and unknown predictive power on mutations +and proteins dissimilar to those in the training set. +

+In this webinar we will present a novel strategy to combine the best features of PB +models – accuracy and interpretability – with the speed of classical empirical methods. +The deep learning pKa predictors obtained were trained on a database of 3M theoretical +pKa values estimated from 50k structures using a PB method. With this approach, we can +retrieve the physics-based predictions with an average error below 0.4 pK units while +being up to 1000x faster. +
+Target Audience: Scientific communities and end users. + +"The Virtual Imaging Platform: Scientific Applications as a Service and Beyond" (March, 2022) +

+Agenda, slides and recording: https://indico.egi.eu/event/5824/ +

+ +

+About: The Virtual Imaging Platform (VIP) is a web portal for medical simulation +and image data analysis. It leverages resources available in the EGI biomed Virtual +Organisation to offer an open service to academic researchers worldwide. In the last +few years, VIP has addressed interoperability and reproducibility concerns, in the larger +scope of a FAIR (Findable, Accessible, Interoperable, Reusable) approach to scientific data analysis. +

+The presentation will give an overview of VIP and its main interests for the audience: +
    +
  1. Use existing applications as a service on VIP.
    2. +
  2. Import your own applications to make them available to the community +benefit from EGI biomed resources in a transparent way and
    3. +
  3. Foster open and reproducible science
    4. +
+
+Target Audience: Scientific communities and end users. + +"ENES Data Space Service" (March, 2022) +

+Agenda, slides and recording: https://indico.egi.eu/event/5743/ +

+ +

+About: The ENES Data Space delivers an open, scalable and cloud-enabled data science +environment for climate data analysis on top of the EOSC Compute Platform. It provides access +to a set of specific Coupled Model Intercomparison Project (CMIP) variable-centric collections +to support meteorological and industrial researchers in realistic climate model analysis experiments. +Data is downloaded and kept in sync with the Earth System Grid Federation (ESGF) federated data archive. +

+This webinar will provide a general overview of the ENES Data Space service and its main features. +Moreover, the webinar will include a tutorial on how to join the ENES Data Space service and a short demo +for the participants to get started with the data analysis and visualisation features. +
+Target Audience: Scientific communities, end users and service providers who are interested +in discovering how we have been making efficient use of EGI High Throughput Compute (HTC) resources +over more than 10 years to provide services to worldwide researchers in structural biology and life sciences. + +"WeNMR - Structural biology in the cloud - 10 years of experience of using EGI services" (April 2020) +

+Agenda, slides and recording: https://indico.egi.eu/event/5084/ +

+ +

+About: Structural biology deals with the characterization of the structural +(atomic coordinates) and dynamic (fluctuation of atomic coordinates over time) properties +of biological macromolecules and adducts thereof. Gaining insight into 3D structures of +biomolecules is highly relevant with numerous applications in health and food sciences, +with as current example unravelling the structural details of Sars-Cov2 in the COVID-19 pandemic. +

+Since 2010, the WeNMR project has implemented numerous web-based services to facilitate +the use of advanced computational tools by researchers in the field, using the grid computational +infrastructure provided by EGI. These services have been further developed in subsequent initiatives +under the H2020 EGI-ENGAGE West-Life project and the BioExcel Center of Excellence for Biomolecular +Computational Research. The WeNMR services are currently operating under the European Open Science +Cloud with the H2020 EOSC-Hub project, with the HADDOCK portal sending >10 millions jobs and using +~2700 CPU years per year. In my talk, I will summarise 10 years of successful use of e-infrastructure +solutions to serve a large worldwide community of users (>16’000 to date), providing them with +user-friendly, web-based solutions that allow to run complex workflows in structural biology. +I will illustrate this with details of the HADDOCK service and how we could increase our capacity +to serve COVID-related projects. +

+Suggested tutorials + +
+Target Audience: Scientific communities working in the domain of Earth Observation. + +"C-SCALE Notebooks for Earth Observation" (June 2023) +

+ +

+About: The C-SCALE project has been federating compute and data resource providers +around centralized EGI services, aiming at providing users with seamless access to +processing capacities as well as source data for their analyses. Alongside the traditional +IaaS and PaaS services, Jupyter Notebooks have been identified as an environment suitable +not only for interactive analysis within C-SCALE, but also for documenting the different +steps one needs to take in discovering and accessing geospatial data across Europe. +The demonstration of C-SCALE's example notebooks and procedures will focus on those +essential features: simple steps to get started using the federated resources for +interactive resources of Earth Observation data. +

+Slides and code + +
+Target Audience: Scientific communities working in the domain of Earth Observation. + +"C-SCALE Earth Observation - Metadata Query Service" (March 2023) +

+ +

+About: The C-SCALE Earth Observation Metadata Query Service (EO-MQS) +makes Copernicus data distributed across providers within the C-SCALE Data +federation discoverable and searchable. +

+Slides and code + +
+Target Audience: Scientific communities working in the domain of Earth Observation. + +"Introduction to openEO Platform" (December 2022) +

+ +

+About: openEO platform provides intuitive programming libraries +to process a wide variety of earth observation datasets. This large-scale +data access and processing is performed on multiple infrastructures, which +all support the openEO API. This allows use cases from explorative research +to large-scale production of EO-derived maps and information. +

+Slides and code + +
+Target Audience: Scientific communities and end users. + +"I-NERGY, European AI-on demand platform" (July 2023) +

+ +

+About: I-NERGY aims to support and develop novel AI-based energy +services as part of the enrichment of European AI-on demand platform. +This webinar will present the objectives and scope of the project, +its requirements in terms of resources and the successful utilisation +of EGI infrastructure. The webinar will conclude with a demo of I-NERGY services. +
+Target Audience: Scientific communities and end users. + +"Access to the EISCAT tools with help of EGI checkin" (June 2023) +

+ +

+About: The present era of rapid technological advances creates a +challenge for data providers and scientists to create and maintain FAIR +data and services not just for future operations but also for historical +data gathered and analysed with technologies that are slowly phasing out +of their usage. GUISDAP is an open-source software package, written in +MATLAB, C and Fortran and provided and maintained by EISCAT, for analysis +and visualisation of its incoherent scatter radar data as well as for some +other radars in the world. One way how to preserve GUISDAP operability +and accessibility by the user community is to make it accessible through +a Jupyter notebook docker deployment through EISCAT resources and in the +frame of an EOSC project. This will help to ensure the FAIRness of EISCAT +data by providing tools for reanalysis and visualisation that will be +accessible by any potential EISCAT user with the help of EGI check-in technology. +