User:Ppomorsk/AiiDA: Difference between revisions
| Line 26: | Line 26: | ||
It also needs to specify the location of the aiida_automate.sh script that will be used to manage the connection. | It also needs to specify the location of the aiida_automate.sh script that will be used to manage the connection. | ||
restrict,from="206.158.1.23",command="/home/someusername/ | restrict,from="206.158.1.23",command="/home/someusername/aiida_commands.sh /project/6000000/aiida_work_dir" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHyIW8dNHKpNae6jKieIJW2LIagCPfHiT7yWSj/LXEvV | ||
== Set up automation script == | == Set up automation script == | ||
Revision as of 17:00, 1 May 2024
General
AiiDA is an open-source Python tool to help researchers with automating and reproducing the complex workflows associated with modern computational science. Numerous plugins exist to integrate AiiDA with common computational packages, particularly in the field of computational chemistry (see list of available plugins ).
Typically AiiDA will run on user's personal computer, a lab workstation, or a virtual machine in the cloud. From there the user can have AiiDA submit jobs to clusters.
To do this, AiiDA must be able to make many SSH connections to the clusters autonomously. This becomes a problem on clusters which require interactive Multifactor authentication (MFA). The implementation of MFA support in AiiDA is still under development.
Automation in the context of multifactor authentication
To allow AiiDA and other similar software to connect to Alliance clusters, we have set up so-called robot nodes on each cluster. These allow SSH connections without MFA, subject to restrictions.
Instructions on using AiiDA with Alliance clusters robot nodes
These instructions assume the reader is already familiar with how AiiDA works.
Obtain access to robot nodes
Users need to submit a ticket requesting access to robot nodes, explaining why it is needed.
Set up SSH key
The first step is to upload the public SSH key to enable access to Alliance clusters. Generate this key on the machine which will be running AiiDA.
The uploaded key needs to specify the IP address that will be used to connect, as well as the working directory that AiiDA will be using (specified during AiiDA "computer setup" stage). If the IP of the machine running AiiDA changes, the user will need to upload a key with updated IP address.
It also needs to specify the location of the aiida_automate.sh script that will be used to manage the connection.
restrict,from="206.158.1.23",command="/home/someusername/aiida_commands.sh /project/6000000/aiida_work_dir" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHyIW8dNHKpNae6jKieIJW2LIagCPfHiT7yWSj/LXEvV
Set up automation script
The above key will run every SSH command coming in with that key through the aiida_automate.sh script. The user should this script to the desired Alliance cluster, by running:
wget https://github.com/ComputeCanada/software-stack-custom/blob/main/bin/computecanada/allowed_commands/aiida_commands.sh
The location should be the one specified in the SSH key.
The file should be given execute permission, and should be made non-writeable for added security.
chmod u+x aiida_automate.sh chmod u-w aiida_automate.sh
This file should not be modified without consultation with Alliance staff.
Set up computer and code to use in AiiDA
In AiiDA, set up a "computer" to use the desired cluster, using one of the cluster robot nodes as hostname. Specify the SSH key defined above as the one to be used.