General conditions for access

Per Texas statutes, TTU information resources are strategic assets of the state of Texas that must be managed as valuable state resources. As such, use of TTU information resources is subject to university OPs and other applicable laws. Unauthorized use is prohibited, usage may be subject to security testing and monitoring, misuse is subject to criminal prosecution, and users have no expectation of privacy except as otherwise provided by applicable privacy laws.


Login security

Access methods to HPCC resources rely on TTU eRaider authentication system to check user credentials. All users use their eRaider id and password to log in HPCC clusters and/or to transfer files using the HPCC Globus Connect data transfer service. 

Cluster Internal Security

On first login to a cluster head node, SSH may ask you for a key phrase. This is used only within the cluster for communication between nodes within your account and a key phrase is not generally needed for this case. It is acceptably secure for cluster operations, and makes login to the compute nodes simpler, if you leave this key blank (hit the enter key at this prompt). From the head node, you should be able to either ssh or rsh to all of the compute nodes in that cluster without a password. If either ssh or rsh prompts for a password on cluster head to compute login, please contact HPCC staff at hpccsupport@ttu.edu, as parallel software generally depends on passwordless login. More complex methods will be required if you have a non-blank SSH key phrase on the cluster head nodes. Remote shell by ssh or or rsh is only permitted within the HPCC clusters to nodes on which you have currently running jobs. MPI on clusters also uses either ssh or rsh for data transmission.

Please also read and observe the data access, permissions, and security policies below and on the TTU HPCC Data Policies page.

Access Permissions

By default in Linux systems, users have read, write and execute permissions to the directories and files that they own. Meanwhile the directories and files are often set by default to be readable and executable to other users, including the users in the same group of the owner. Basically a user is the owner of the directories /home/user-id, /lustre/work/user-id, and /lustre/scratch/user-id, as well as all files and directories under them. A user also owns the temporary files or directories in partitions on compute nodes, if their jobs create temporary output there. If you are concerned about the permission settings, for example, you do not want others to read your files, you can change the permission by command "chmod" with appropriate options. For example:

chmod 700 (file)

or

chmod -R 700 (directory)

For the details, please run "man chmod" to get the manual of chmod command, or contact hpccsupport@ttu.edu. A more flexible way to set access control for files and folders is to use "access control list" methods. Please contact HPCC Support if you wish to learn more about how to use ACLs to control access to your files.

Examples of reasons to set stricter than normal permissions would be to protect files from inadvertent sharing, such as homework or class personal activities, or protection of private keys such as those in your .ssh folder. In general, you should not assume that files on a shared cluster file system are private and should take steps such as keeping any sensitive data off of the cluster file systems and instead moving them to external storage under your direct control. You may also need to request to delete any backup copies from the HPCC backup system, if applicable.

Regardless of the directory permissions, root users (HPCC staff and TTU security personnel) are permitted to access user files as needed for management of storage systems or for security-related investigations. Sponsoring faculty/staff can also request to access your files for purposes of continuity of research.

Use of HPCC storage

The main function of the HPCC storage systems is to provide rapid access to and from the worker nodes of the HPCC clusters for data needed in high speed calculations.  For this reason, these systems are optimized for speed and are not intended for long-term or archival storage. We cannot guarantee that data will not be lost due to operational factors in the use of the clusters. As a result, it is the researcher's responsibility to ensure that adequate backup copies exist for their important data.

The HPCC cluster file systems are also not architected, designed, or certified for use with controlled unclassified information (generally abbreviated "CUI"), data subject to protection under the provisions of the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), data subject to U.S. Export Controls, or other sensitive or regulated data. Such data must not be stored on HPCC systems. For further information on privacy and protections that are allowed on HPCC resources, see the section on HPCC Security. 

The HPCC stores cluster-wide data on a set of resilient Lustre-based file systems, and backs up all data in user home areas regularly. (Note: data in work and scratch areas is not backed up, as explained below.) We strongly encourage users to maintain an external backup copy of all critical data and not to use HPCC Lustre cluster-wide storage systems as the only copy of files important to their research. To transfer data to other resources under your control, see the information on our HPCC Data Transfer page.

The following table summarizes the locations, their sizes and backup details. In addition to the amounts of free storage listed below made available at no cost to everyone using the clusters, the HPCC offers researchers and/or research groups the opportunity to purchase dedicated space on the cluster-wide file systems. This storage is available with or without the option of near-line backup storage for users who do not have the capability to maintain their own backups, or who prefer to use our backup systems. For further information on these options, please contact hpccsupport@ttu.edu.

Please also read the general conditions for access in the TTU HPCC Operational Policies page.

Data Policy for RedRaider cluster

• The $HOME area for every user is backed up and is subject to usage quotas.
• The $WORK area for every user is not backed up but is not purged, and is subject to usage quotas larger than those used in $HOME.
• Special researcher-owned storage areas may be purchased by individual researchers or research groups and access permissions are managed according to their own policies. Backup may be provided optionally for purchase once the new backup system is commissioned.
• The Scratch partition is subject to purging in order to keep the overall file system usage below 75% full.
  • If the overall Lustre file system becomes 75% or more full, the $SCRATCH area for every user is purged of its oldest files.  See the Purge Policy below for details. 
  • On a monthly basis the $SCRATCH area for every user is purged according to the Purge Policy - see below for details.

The following table summarizes the locations, their sizes and backup details.

Scratch Space Purge Policy

The purpose of the scratch space is to provide temporary output for intermediate results from HPCC codes that can be further processed by researchers on a short-term basis. Lifetimes for files on scratch space should be targeted for hours, or at most days. Regardless of the total scratch space usage by each researcher, individual files will be removed from /lustre/scratch/eraiderid ($SCRATCH) automatically if they have not been accessed in over 1 year.  To check a file's last access time (atime) you can use the following command: ls -ulh filename.

HPCC Staff will monitor the overall Lustre space usage to ensure that it remains below 70% full.  On a regular basis, the $SCRATCH area for each user will be purged of all files that need to be removed to bring overall usage across all researchers below this threshold.  This purge will take place regularly regardless of the current level of Lustre space usage.  In the event the overall Lustre utilization goes above the purge threshold, a purge scan of every user's $SCRATCH space will be initiated and a list of the oldest files for each user will be sent to all users who have files that need to be removed, targeted to reduce scratch space usage. Under typical conditions, the retention period will be far shorter than the 1-year maximum, typically a few weeks at most, but under heavy use, this retention period could drop to 1-2 weeks or even days.

Scratch space MUST NOT be used for long-term storage. Users MUST NOT run "touch" commands or manipulate files for the purpose of altering file timestamps, move files around to different folders within their scratch space, rename them, or otherwise pursue similar steps to circumvent scratch space purge operations.  Users who violate this policy run the risk of having their accounts suspended by HPCC staff and access restricted until the affected files have been cleaned up.

To help us avoid the need to shorten the retention period, please use the scratch space conscientiously.  The Scratch partition should be used for files that have no need for long-term retention. Ideally, this period should be measured in days. The reason that the retention period is variable is that it depends on usage. Proactively removing files that are not needed thus extends the retention time for yourself and other users. For this reason, please write your codes and implement your workflows in ways that delete your scratch space usage as soon as possible after processing.

The scratch area should NOT be used for files that will be needed for long time periods.

HPCC staff will work to keep the HPCC community informed and try to give warnings if the expected retention period decreases significantly due to high usage, but ultimately it is your responsibility to use the HPCC file systems judiciously.

Additional Assistance

For additional assistance please contact hpccsupport@ttu.edu