-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create a policy page and move instructions to join the infra #125
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
--- | ||
title: Joining the infrastructure | ||
nav_order: 7 | ||
has_children: true | ||
--- | ||
|
||
# Joining the infrastructure |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
--- | ||
title: Policy | ||
parent: Joining the infrastructure | ||
nav_order: 10 | ||
--- | ||
|
||
# Policy | ||
|
||
In order to ensure proper testbed operation and maintenance we require that all sites (external and internal) abide by the policies outlined below. | ||
|
||
1. Provide one or more dedicated machines on-site to act as the SCIONLab nodes. The machine should not be used for any other tasks beyond its role as a SCIONLab node. | ||
2. Provide root (or sudo) access to the SCIONLab management institution (currently ETH Zurich). | ||
3. Allow the SCIONLab management institution to install, remove and update SCIONLab-related software as needed for the operation and maintenance of the network. | ||
4. Work with the SCIONLab management institution to solve any firewall and tunneling issues that may arise during the installation, configuration and operation of the SCIONLab node(s). | ||
5. Provide the name, email and telephone information of an easily and quickly reachable site-specific operator who will be the main contact whenever issues arise with the local SCIONLab node(s). A backup operator, while not required, is highly encouraged. Operator email addresses must belong to the institution. All local operators will be required to join and regularly monitor the SCIONLab community mailing list and are required to respond to requests from the testbed management institution in a reasonable time, but no more than 3 working days. | ||
6. Ensure that the machine has limited logins beyond the SCIONLab account. A local operator account is highly encouraged, but general user accounts should not be present on the SCIONLab node. In addition, only SCIONLab-related software should be allowed to run on the machine. | ||
7. The machine may be a dedicated physical box or a virtual machine with a publicly routable IP address (i.e., should not be behind a NAT). The local operators should ensure that if the machine has usage limits or other restrictions (for example VMs on cloud services), those will not interfere with proper testbed operation. | ||
8. In case more than one machine is being provided by the institution, it is allowed if only one of them has a publicly routable IP address whereas the others use private static IP. | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Why? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is to cover the following use case
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. what about having having multiple border routers for uplink? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is a valid scenario, we should then write something closer to "machines hosting border routers must have a public static IPv4 address" |
||
9. All SCIONLab nodes will run the same operating system, i.e. Ubuntu LTS release. Updates to the operating system will be managed by the SCIONLab network operations team. The local operator at a site will be responsible for the initial operating system installation. Specific instructions for that installation will be made available. | ||
10. Suggested Hardware: 4 CPUs, 8 GB of RAM and 40 GB of disk space. | ||
11. Suggested Location: SCIONLab node should reside in a machine room in a rack. | ||
12. Suggested Network Connectivity: There is no minimum bandwidth requirement for SCIONLab nodes; however, higher network speeds are both recommended and desirable. | ||
13. Participating institutions may disconnect from the testbed upon giving appropriate (at least 24 hours) notice to the SCIONLab testbed management institution. The same policy applies if the participating institution wishes to turn off the machine for maintenance and/or hardware upgrades. Early notification will allow the testbed management institution to take any actions necessary to prevent unnecessary disruption of service to the testbed. | ||
14. We strongly discourage and will not accept requests to join the SCIONLab testbed if there is no intention to use it for productive research. Connecting to the testbed for the sake of being connected is a violation of the current policies. | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. (does this mean that like half of our nodes are in violation of the current policies? :D) There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Indeed There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Just to make it clear, this does not mean we are removing half of the nodes from day 1. This only means once we have a node which obviously misbehaves and no one reacts in a reasonable amount of time, we have a CYA to throw at them and enforce an action (this being either cooperation or removal). |
||
15. The SCIONLab testbed management institution reserves the right to refuse or disconnect from the testbed any node that is found not to comply with the above policies, engages in abusive behavior, has non-responsive operators, and in general is deemed to either add no value or be a detriment to the general testbed operation. | ||
|
||
If the above policies cannot be met, we still encourage new institutions to [contact the SCIONLab team](../../#contact) to discuss connection with the testbed. Connection approval lies solely with the SCIONLab testbed management institution, but every effort will be made to accommodate connection requests. | ||
|
||
{% include alert type="note" content=" | ||
The policy is based on the [Policies for Connecting Nodes to the NDN Testbed](https://named-data.net/ndn-testbed/policies-connecting-nodes-ndn-testbed/) | ||
" %} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this actually true? Don't we want to allow e.g. active researchers that do stuff with SCIONLab to have access to the machines? (Maybe not, because researchers mess things up :D but if not, then who exactly is the target group for joining the infra?)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is very true. If they want to play with the machine, they should be using user AS. I do not trust any of this dudes to do anything inside this machine and not breaking stuff
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay, but:
So that sounds to me like we want people to join the infra when they want to do fancy research with it.
And then we say "limited logins beyond the SCIONLab account" here, so that they cannot do fancy research with it :D
So, it seems to me that these three things together strongly limit who is supposed to be joining the infra and why. The only use case that I can come up with while satisfying all three is just something like "we really really want a local attachment point". Is this actually the only use case? If no, please tell me about another one :D And if yes, should we just say that explicitly at the beginning of
instructions.md
?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay, let me give you a specific example. We have a SCIONLab node somewhere in Austria (I believe TU Vienna), where some "Charlie dude" logs into the machine and changes configuration of the SCION services to something super dumb, making the services fail hard during the start-up. As this is not transparent for the rest of the network, I do not want him to be allowed to misconfigure stuff. By this I mean the configuration of the infrastructure should be stable and deterministic and someone ssh-ing and modifying random files contradicts both these points.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let me give you a second example. We used to have a node in Israel which was not used by anyone for an unknown amount of time. Once this node has died (i.e. went no-contact without anybody informing us) it took these guys more than 3 months to reply to Juan's email. I need a mechanism to enforce a strong reaction in these cases as I do not want SCIONLab to become a graveyard of machines which used to work once and nothing more.