The Irish Centre for High-End Computing (ICHEC) operates a national service for the provision of High-Performance Computing to researchers in Ireland. By definition, this service is shared by a large number of people and projects. We are sure that users will be keen to cooperate as colleagues to ensure that this common resource is run fairly and efficiently.
The present document defines a set of rules of etiquette which we commend to users in order to achieve this end. If you follow them you can be reasonably sure that you are not being a nuisance to colleagues in other projects or interfering with the smooth running of the system.
We do not plan to administer the service with a heavy hand. In our experience, when users become aware that what they are doing is causing problems to others, they are anxious to change this. However, if you ignore the Code of Conduct we will bring it to your attention, and if you do so seriously or constantly, we will take it up with your Principal Investigator. If necessary, we will hold jobs, or even kill them, in order to keep the system as a whole operating smoothly and may suspend your login account.
The Code of Conduct will change as the service evolves.
- Sharing of accounts: user accounts may not be shared under any circumstances. Most of the benefits of sharing an account can be obtained by sharing a common UNIX group, and/or using commonly available tools such as CVS to share files. Passwords may not be shared with anyone. PIs may approve accounts (and sharing of resources) to any collaborator or students via our project management web pages. There is therefore no justification for account sharing.
- Multiple accounts: users may not apply for multiple accounts. However, users may join more than one project, and therefore gain legitimate access to resources associated to all these projects, including access to more than one scratch directory.
- Origin of access: access to the infrastructure may only be granted from authorised Internet domains of partner institutions. Access from any other location will only be possible by tunneling connections through an authorised domain.
- Connection types: only secure connection protocols (such as SSH, SCP, etc.) will be accepted.
- Use of /tmp: do not use /tmp for temporary storage.
- Storage areas: a number of areas are available to users for storage. Their home directory on /ichec/home/users/ which is subject to individual quota, and their project's scratch directory on /ichec/work/. Users shall not store non work-related material on our systems. All users are responsible for the contents of their storage areas.
- Backups: only user home directories are backed up. Project scratch directories under /ichec/work are NOT backed up. Backups of home directories are only carried out as part of our system failure recovery plan, and the restoration of user files deleted accidentally is NOT provided as a service. Any valuable data should be copied off ICHEC systems regularly as we do not have the resources to guarantee the long term integrity of the large volumes of data stored.
- Privacy of data: users may not attempt to read other users' data without their prior authorisation, (irrespective of the file permission) except in the case where members of a common project/group share data in the dedicated project directories.
- Loop submission: we recommend against loop submission, unless you have thoroughly tested your PBS scripts. Although it is a good idea to arrange for one batch job to submit its successor as part of a checkpoint/restart strategy, you need to avoid doing this recursively (the script calling itself instead of calling another script) when a job fails for some reason (for example, a file not being available), as this can result in the job submitting itself over and over again, and failing every time.
- Estimated run-time: users will endeavour to supply realistic figures for the requested wall time (say, within 25% of the estimated runtime) instead of the maximum allowable run-time, as doing so prevents the efficient operation of the backfill mechanism, and as such is wasting resources.
- Use of the login nodes: login nodes are for the sole purpose of performing code development (editing, compiling, etc.) and running pre- and post-processor, including visualisation tools. Serial production codes must not be run on the login nodes.
- Use of the development nodes: as the number of development nodes is limited and ICHEC is a shared service, we ask users to use these nodes responsibly, and refrain from grabbing all available resources. Users are therefore asked not to reserve more than one set of development nodes for interactive use.
- Commercial use: unauthorised commercial use of our systems is strictly prohibited, as it would results in the breach of our licensing agreements for a number of packages.
- Legal use: use of unlicensed software, or use of licensed software which contravene licensing terms is strictly prohibited. To that effect, ICHEC has made a number of centrally supported licensed packages only available on request to ensure strict compliance with licensing terms.
- Passwords: passwords should not be dictionary words, reverses of dictionary words, or be easily guessable. Users should make it a practice to regularly change their passwords. ICHEC reserves the right to enforce this policy by mandating password changes. Adherence to this policy will be spot-checked with standard password-breaking security programs. If your password is vulnerable, you will be informed and requested to change it within 48 hours. ICHEC reserves the right to lock your account if the password is found vulnerable and you do not remedy the problem within the time limit specified.
- Compromised password: if you suspect that your password has been compromised, for any reason whatsoever, change it immediately using a secure channel! Also, this incident should be reported via email to the ICHEC helpdesk.
- Compromised client: to ensure network security, we need every user's help. If you suspect that a machine has been compromised, contact the ICHEC helpdesk immediately.
- Phishing: ICHEC staff will never ask you for your password and if you do receive anything suspicious please notify us via a valid email address such as firstname.lastname@example.org .
Acknowledgement and Support
As ICHEC is publicly funded to help enable high level research, it is of vital importance that the results of this research are publicised to a wide audience. This is essential in justifying any past and future investment in HPC resources. In order to do this we require at a minimum that:
- Any publications, posters, presentations, etc. arising out of work completed with the help of ICHEC should include an acknowledgement such as "The authors wish to acknowledge the SFI/HEA Irish Centre for High-End Computing (ICHEC) for the provision of computational facilities and support."
- Researchers should notify ICHEC of any publications, posters, presentations, etc. arising out of work completed with the help of ICHEC.
- On request, researchers should provide summaries of the work carried out on ICHEC resources for the purposes of annual reports, etc.