Data management at Niagara: Difference between revisions

From Alliance Doc
Jump to navigation Jump to search
No edit summary
(Marked this version for translation)
Line 1: Line 1:
<translate>
<translate>
<!--T:1-->
Understanding the various file systems, and how to use them properly, is critical to optimizing your workflow and being a good SciNet citizen.  This page describes the various Niagara file systems, and how to properly use them.
Understanding the various file systems, and how to use them properly, is critical to optimizing your workflow and being a good SciNet citizen.  This page describes the various Niagara file systems, and how to properly use them.


==Performance==  
==Performance== <!--T:2-->
The file systems on SciNet, with the exception of archive, are [http://en.wikipedia.org/wiki/IBM_General_Parallel_File_System GPFS], a high-performance file system which provides rapid reads and writes to large datasets in parallel from many nodes.  As a consequence of this design, however, '''the file system performs quite ''poorly'' at accessing data sets which consist of many, small files.'''  For instance, you will find that reading data in from one 16MB file is enormously faster than from 400 40KB files. Such small files are also quite wasteful of space, as the [https://en.wikipedia.org/wiki/Block_(data_storage) blocksize] for the scratch and project filesystems is 16MB. This is something you should keep in mind when planning your input/output strategy for runs on SciNet.
The file systems on SciNet, with the exception of archive, are [http://en.wikipedia.org/wiki/IBM_General_Parallel_File_System GPFS], a high-performance file system which provides rapid reads and writes to large datasets in parallel from many nodes.  As a consequence of this design, however, '''the file system performs quite ''poorly'' at accessing data sets which consist of many, small files.'''  For instance, you will find that reading data in from one 16MB file is enormously faster than from 400 40KB files. Such small files are also quite wasteful of space, as the [https://en.wikipedia.org/wiki/Block_(data_storage) blocksize] for the scratch and project filesystems is 16MB. This is something you should keep in mind when planning your input/output strategy for runs on SciNet.


<!--T:3-->
For instance, if you run multi-process jobs, having each process write to a file of its own is not an scalable I/O solution. A directory gets locked by the first process accessing it, so all other processes have to wait for it. Not only has the code just become considerably less parallel, chances are the file system will have a time-out while waiting for your other processes, leading your program to crash mysteriously.
For instance, if you run multi-process jobs, having each process write to a file of its own is not an scalable I/O solution. A directory gets locked by the first process accessing it, so all other processes have to wait for it. Not only has the code just become considerably less parallel, chances are the file system will have a time-out while waiting for your other processes, leading your program to crash mysteriously.
Consider using MPI-IO (part of the MPI-2 standard), which allows files to be opened simultaneously by different processes, or using a dedicated process for I/O to which all other processes send their data, and which subsequently writes this data to a single file.
Consider using MPI-IO (part of the MPI-2 standard), which allows files to be opened simultaneously by different processes, or using a dedicated process for I/O to which all other processes send their data, and which subsequently writes this data to a single file.


== Purpose of each file system ==
== Purpose of each file system == <!--T:4-->
Niagara accesses several different file systems.  Note that not all of these file systems are available to all users.
Niagara accesses several different file systems.  Note that not all of these file systems are available to all users.


=== /home ===
=== /home === <!--T:5-->
/home is intended primarily for individual user files, common software or small datasets used by others in the same group, provided it does not exceed individual quotas. Otherwise you may consider /scratch or /project. /home is read-only on the compute nodes.
/home is intended primarily for individual user files, common software or small datasets used by others in the same group, provided it does not exceed individual quotas. Otherwise you may consider /scratch or /project. /home is read-only on the compute nodes.


=== /scratch ===  
=== /scratch === <!--T:6-->
/scratch is to be used primarily for temporary or transient files, for all the results of your computations and simulations, or any material that can be easily recreated or reacquired. You may use scratch as well for any intermediate step in your workflow, provided it does not induce too much IO or too many small files on this disk-based storage pool, otherwise you should consider burst buffer (/bb). Once you have your final results, those that you want to keep for the long term, you may migrate them to /project or /archive. /scratch is purged on a regular basis and has no backups.
/scratch is to be used primarily for temporary or transient files, for all the results of your computations and simulations, or any material that can be easily recreated or reacquired. You may use scratch as well for any intermediate step in your workflow, provided it does not induce too much IO or too many small files on this disk-based storage pool, otherwise you should consider burst buffer (/bb). Once you have your final results, those that you want to keep for the long term, you may migrate them to /project or /archive. /scratch is purged on a regular basis and has no backups.


=== /project ===
=== /project === <!--T:7-->
/project is intended for common group software, large static datasets, or any material very costly to be reacquired or re-generated by the group. <font color=red>Material on /project is expected to remain relatively immutable over time.</font> Temporary or transient files should be kept on scratch, not project. High data turnover induces stress and unnecessary consumption tapes on the TSM backup system, long after this material has been deleted, due to backup retention policies and the extra versions kept of the same file. Even renaming top directories is enough to trick the system into assuming a completely new directory tree has been created, and the old one deleted, hence think carefully about your naming convention ahead of time, and stick with it. Users abusing the project file system and using it as scratch will be flagged and contacted. Note that on niagara /project is only available to groups with RAC allocation.
/project is intended for common group software, large static datasets, or any material very costly to be reacquired or re-generated by the group. <font color=red>Material on /project is expected to remain relatively immutable over time.</font> Temporary or transient files should be kept on scratch, not project. High data turnover induces stress and unnecessary consumption tapes on the TSM backup system, long after this material has been deleted, due to backup retention policies and the extra versions kept of the same file. Even renaming top directories is enough to trick the system into assuming a completely new directory tree has been created, and the old one deleted, hence think carefully about your naming convention ahead of time, and stick with it. Users abusing the project file system and using it as scratch will be flagged and contacted. Note that on niagara /project is only available to groups with RAC allocation.


=== /bb (burst buffer) ===  
=== /bb (burst buffer) === <!--T:8-->
/bb, the [https://docs.scinet.utoronto.ca/index.php/Burst_Buffer burst buffer], is a very fast, very high performance alternative to /scratch, made of solid-state drives (SSD). You may request this resource if you anticipate a lot of IOPs (Input/Output Operations) or when you notice your job is not performing well running on scratch or project because of I/O (Input/Output) bottlenecks. See [https://docs.scinet.utoronto.ca/index.php/Burst_Buffer here] for more details.
/bb, the [https://docs.scinet.utoronto.ca/index.php/Burst_Buffer burst buffer], is a very fast, very high performance alternative to /scratch, made of solid-state drives (SSD). You may request this resource if you anticipate a lot of IOPs (Input/Output Operations) or when you notice your job is not performing well running on scratch or project because of I/O (Input/Output) bottlenecks. See [https://docs.scinet.utoronto.ca/index.php/Burst_Buffer here] for more details.


=== /archive ===
=== /archive === <!--T:9-->
/archive is a nearline storage pool, if you want to temporarily offload semi-active material from any of the above file systems. In practice users will offload/recall material as part of their regular workflow, or when they hit their quotas on scratch or project. That material can remain on HPSS for a few months to a few years. Note that on niagara /archive is only available to groups with RAC allocation.
/archive is a nearline storage pool, if you want to temporarily offload semi-active material from any of the above file systems. In practice users will offload/recall material as part of their regular workflow, or when they hit their quotas on scratch or project. That material can remain on HPSS for a few months to a few years. Note that on niagara /archive is only available to groups with RAC allocation.


=== /dev/shm (RAM) ===
=== /dev/shm (RAM) === <!--T:10-->
On the Niagara nodes a [https://docs.scinet.utoronto.ca/index.php/User_Ramdisk ramdisk] is available. [https://docs.scinet.utoronto.ca/index.php/User_Ramdisk Ramdisk] is much faster than real disk, and faster than Burst Buffer. Up to 70 percent of the RAM on the node (i.e. 202GB) may be used as a temporary '''local''' file system. This is particularly useful in the early stages of migrating desktop-computing codes to a HPC platform such as Niagara, especially those that use a lot of file I/O (Input/Output). Using a lot of I/O is a bottleneck in large scale computing, especially on parallel file systems (such as the GPFS used on Niagara), since the files are synchronized across the whole network.
On the Niagara nodes a [https://docs.scinet.utoronto.ca/index.php/User_Ramdisk ramdisk] is available. [https://docs.scinet.utoronto.ca/index.php/User_Ramdisk Ramdisk] is much faster than real disk, and faster than Burst Buffer. Up to 70 percent of the RAM on the node (i.e. 202GB) may be used as a temporary '''local''' file system. This is particularly useful in the early stages of migrating desktop-computing codes to a HPC platform such as Niagara, especially those that use a lot of file I/O (Input/Output). Using a lot of I/O is a bottleneck in large scale computing, especially on parallel file systems (such as the GPFS used on Niagara), since the files are synchronized across the whole network.


= Quotas and purging =
= Quotas and purging = <!--T:11-->
You should familiarize yourself with the [[Data_Management#Purpose_of_each_file_system | various file systems]], what purpose they serve, and how to properly use them.  This table summarizes the various file systems.   
You should familiarize yourself with the [[Data_Management#Purpose_of_each_file_system | various file systems]], what purpose they serve, and how to properly use them.  This table summarizes the various file systems.   


<!--T:12-->
{| class="wikitable"
{| class="wikitable"
! location
! location
Line 97: Line 100:
|}
|}


<!--T:13-->
<ul>
<ul>
<li>[https://docs.scinet.utoronto.ca/images/9/9a/Inode_vs._Space_quota_-_v2x.pdf Inode vs. Space quota (PROJECT and SCRATCH)]</li>
<li>[https://docs.scinet.utoronto.ca/images/9/9a/Inode_vs._Space_quota_-_v2x.pdf Inode vs. Space quota (PROJECT and SCRATCH)]</li>
Line 105: Line 109:
<li><p><code>$BBUFFER</code> stands for [https://docs.scinet.utoronto.ca/index.php/Burst_Buffer Burst Buffer], a faster parallel storage tier for temporary data.</p></li></ul>
<li><p><code>$BBUFFER</code> stands for [https://docs.scinet.utoronto.ca/index.php/Burst_Buffer Burst Buffer], a faster parallel storage tier for temporary data.</p></li></ul>


==How much Disk Space Do I have left?==
==How much Disk Space Do I have left?== <!--T:14-->
The <tt>'''/scinet/niagara/bin/diskUsage'''</tt> command, available on the login nodes and datamovers, provides information in a number of ways on the home, scratch, project and archive file systems. For instance, how much disk space is being used by yourself and your group (with the -a option), or how much your usage has changed over a certain period ("delta information") or you may generate plots of your usage over time. Please see the usage help below for more details.
The <tt>'''/scinet/niagara/bin/diskUsage'''</tt> command, available on the login nodes and datamovers, provides information in a number of ways on the home, scratch, project and archive file systems. For instance, how much disk space is being used by yourself and your group (with the -a option), or how much your usage has changed over a certain period ("delta information") or you may generate plots of your usage over time. Please see the usage help below for more details.
<pre>
<pre>
Line 114: Line 118:
</pre>
</pre>


<!--T:15-->
Did you know that you can check which of your directories have more than 1000 files with the <tt>'''/scinet/niagara/bin/topUserDirOver1000list'''</tt> command and which have more than 1GB of material with the <tt>'''/scinet/niagara/bin/topUserDirOver1GBlist'''</tt> command?
Did you know that you can check which of your directories have more than 1000 files with the <tt>'''/scinet/niagara/bin/topUserDirOver1000list'''</tt> command and which have more than 1GB of material with the <tt>'''/scinet/niagara/bin/topUserDirOver1GBlist'''</tt> command?


<!--T:16-->
Note: information on usage and quota is only updated every 3 hours!
Note: information on usage and quota is only updated every 3 hours!


==Scratch Disk Purging Policy==
==Scratch Disk Purging Policy== <!--T:17-->
In order to ensure that there is always significant space available for running jobs '''we automatically delete files in /scratch that have not been accessed or modified for more than 2 months by the actual deletion day on the 15th of each month'''. Note that we recently changed the cut out reference to the ''MostRecentOf(atime,ctime)''. This policy is subject to revision depending on its effectiveness. More details about the purging process and how users can check if their files will be deleted follows. If you have files scheduled for deletion you should move them to more permanent locations such as your departmental server or your /project space or into HPSS (for PIs who have either been allocated storage space by the RAC on project or HPSS).
In order to ensure that there is always significant space available for running jobs '''we automatically delete files in /scratch that have not been accessed or modified for more than 2 months by the actual deletion day on the 15th of each month'''. Note that we recently changed the cut out reference to the ''MostRecentOf(atime,ctime)''. This policy is subject to revision depending on its effectiveness. More details about the purging process and how users can check if their files will be deleted follows. If you have files scheduled for deletion you should move them to more permanent locations such as your departmental server or your /project space or into HPSS (for PIs who have either been allocated storage space by the RAC on project or HPSS).


<!--T:18-->
On the '''first''' of each month, a list of files scheduled for purging is produced, and an email notification is sent to each user on that list. You also get a notification on the shell every time your login to Niagara. Furthermore, at/or about the '''12th''' of each month a 2nd scan produces a more current assessment and another email notification is sent. This way users can double check that they have indeed taken care of all the files they needed to relocate before the purging deadline. Those files will be automatically deleted on the '''15th''' of the same month unless they have been accessed or relocated in the interim. If you have files scheduled for deletion then they will be listed in a file in /scratch/t/todelete/current, which has your userid and groupid in the filename. For example, if user xxyz wants to check if they have files scheduled for deletion they can issue the following command on a system which mounts /scratch (e.g. a scinet login node): '''ls -1 /scratch/t/todelete/current |grep xxyz'''. In the example below, the name of this file indicates that user xxyz is part of group abc, has 9,560 files scheduled for deletion and they take up 1.0TB of space:
On the '''first''' of each month, a list of files scheduled for purging is produced, and an email notification is sent to each user on that list. You also get a notification on the shell every time your login to Niagara. Furthermore, at/or about the '''12th''' of each month a 2nd scan produces a more current assessment and another email notification is sent. This way users can double check that they have indeed taken care of all the files they needed to relocate before the purging deadline. Those files will be automatically deleted on the '''15th''' of the same month unless they have been accessed or relocated in the interim. If you have files scheduled for deletion then they will be listed in a file in /scratch/t/todelete/current, which has your userid and groupid in the filename. For example, if user xxyz wants to check if they have files scheduled for deletion they can issue the following command on a system which mounts /scratch (e.g. a scinet login node): '''ls -1 /scratch/t/todelete/current |grep xxyz'''. In the example below, the name of this file indicates that user xxyz is part of group abc, has 9,560 files scheduled for deletion and they take up 1.0TB of space:


<!--T:19-->
<pre>
<pre>
  [xxyz@nia-login03 ~]$ ls -1 /scratch/t/todelete/current |grep xxyz
  [xxyz@nia-login03 ~]$ ls -1 /scratch/t/todelete/current |grep xxyz
Line 128: Line 136:
</pre>
</pre>


<!--T:20-->
The file itself contains a list of all files scheduled for deletion (in the last column) and can be viewed with standard commands like more/less/cat - e.g. '''more /scratch/t/todelete/current/3110001___xxyz_______abc_________1.00T_____9560files'''
The file itself contains a list of all files scheduled for deletion (in the last column) and can be viewed with standard commands like more/less/cat - e.g. '''more /scratch/t/todelete/current/3110001___xxyz_______abc_________1.00T_____9560files'''


<!--T:21-->
Similarly, you can also verify all other users on your group by using the ls command with grep on your group. For example: '''ls -1 /scratch/t/todelete/current |grep abc'''. That will list all other users in the same group that xxyz is part of, and have files to be purged on the 15th. Members of the same group have access to each other's contents.
Similarly, you can also verify all other users on your group by using the ls command with grep on your group. For example: '''ls -1 /scratch/t/todelete/current |grep abc'''. That will list all other users in the same group that xxyz is part of, and have files to be purged on the 15th. Members of the same group have access to each other's contents.


<!--T:22-->
'''NOTE:''' Preparing these assessments takes several hours. If you change the access/modification time of a file in the interim, that will not be detected until the next cycle. A way for you to get immediate feedback is to use the ''''ls -lu'''' command on the file to verify the ctime and ''''ls -lc'''' for the mtime. If the file atime/ctime has been updated in the meantime, coming the purging date on the 15th it will no longer be deleted.
'''NOTE:''' Preparing these assessments takes several hours. If you change the access/modification time of a file in the interim, that will not be detected until the next cycle. A way for you to get immediate feedback is to use the ''''ls -lu'''' command on the file to verify the ctime and ''''ls -lc'''' for the mtime. If the file atime/ctime has been updated in the meantime, coming the purging date on the 15th it will no longer be deleted.


= Moving data =  
= Moving data = <!--T:23-->
Data for analysis and final results need to be moved to and from Niagara. There are several ways to accomplish this.  
Data for analysis and final results need to be moved to and from Niagara. There are several ways to accomplish this.  


== Using rsync/scp ==
== Using rsync/scp == <!--T:24-->
'''''Move amounts less than 10GB through the login nodes.'''''
'''''Move amounts less than 10GB through the login nodes.'''''


<!--T:25-->
* Niagara login nodes and datamovers are visible from outside SciNet.
* Niagara login nodes and datamovers are visible from outside SciNet.
* Use scp or rsync to niagara.scinet.utoronto.ca or niagara.computecanada.ca (no difference).
* Use scp or rsync to niagara.scinet.utoronto.ca or niagara.computecanada.ca (no difference).
* This will time out for amounts larger than about 10GB.
* This will time out for amounts larger than about 10GB.


<!--T:26-->
'''''Move amounts larger than 10GB through the datamover nodes.'''''
'''''Move amounts larger than 10GB through the datamover nodes.'''''


<!--T:27-->
* From a Niagara login node, ssh to <code>nia-datamover1</code> or  <code>nia-datamover2</code>.  From there you can transfer to or from Niagara.
* From a Niagara login node, ssh to <code>nia-datamover1</code> or  <code>nia-datamover2</code>.  From there you can transfer to or from Niagara.
* Alternatively, you may also login/scp/rsync directly to the datamovers from the outside:
* Alternatively, you may also login/scp/rsync directly to the datamovers from the outside:
Line 152: Line 166:
* If you do this often, consider using [[https://docs.computecanada.ca/wiki/Globus Globus]], a web-based tool for data transfer.
* If you do this often, consider using [[https://docs.computecanada.ca/wiki/Globus Globus]], a web-based tool for data transfer.


== Using Globus ==
== Using Globus == <!--T:28-->
Please check the comprehensive documentation [[globus | here]] and [https://docs.scinet.utoronto.ca/index.php/Globus here]..
Please check the comprehensive documentation [[globus | here]] and [https://docs.scinet.utoronto.ca/index.php/Globus here]..


<!--T:29-->
The Niagara "endpoint" for globus is "computecanada#niagara"
The Niagara "endpoint" for globus is "computecanada#niagara"


== Moving data to HPSS/Archive/Nearline ==
== Moving data to HPSS/Archive/Nearline == <!--T:30-->
HPSS is for long-term storage of data.
HPSS is for long-term storage of data.


<!--T:31-->
* [https://docs.scinet.utoronto.ca/index.php/HPSS HPSS] is a tape-based storage solution, and is SciNet's nearline a.k.a. archive facility
* [https://docs.scinet.utoronto.ca/index.php/HPSS HPSS] is a tape-based storage solution, and is SciNet's nearline a.k.a. archive facility
* Storage space on HPSS is allocated through the annual [https://www.computecanada.ca/research-portal/accessing-resources/resource-allocation-competitions Compute Canada RAC allocation].
* Storage space on HPSS is allocated through the annual [https://www.computecanada.ca/research-portal/accessing-resources/resource-allocation-competitions Compute Canada RAC allocation].


= File/Ownership Management (ACL) =
= File/Ownership Management (ACL) = <!--T:32-->
* By default, at SciNet, users within the same group already have read permission to each other's files (not write)
* By default, at SciNet, users within the same group already have read permission to each other's files (not write)
* You may use access control list ('''ACL''') to allow your supervisor (or another user within your group) to manage files for you (i.e., create, move, rename, delete), while still retaining your access and permission as the original owner of the files/directories. You may also let users in other groups or whole other groups access (read, execute) your files using this same mechanism.  
* You may use access control list ('''ACL''') to allow your supervisor (or another user within your group) to manage files for you (i.e., create, move, rename, delete), while still retaining your access and permission as the original owner of the files/directories. You may also let users in other groups or whole other groups access (read, execute) your files using this same mechanism.  


===Using mmputacl/mmgetacl===
===Using mmputacl/mmgetacl=== <!--T:33-->
* You may use gpfs' native '''mmputacl''' and '''mmgetacl''' commands. The advantages are that you can set "control" permission and that [http://publib.boulder.ibm.com/infocenter/clresctr/vxrx/index.jsp?topic=%2Fcom.ibm.cluster.gpfs.doc%2Fgpfs31%2Fbl1adm1160.html POSIX or NFS v4 style ACL] are supported. You will need first to create a /tmp/supervisor.acl file with the following contents:
* You may use gpfs' native '''mmputacl''' and '''mmgetacl''' commands. The advantages are that you can set "control" permission and that [http://publib.boulder.ibm.com/infocenter/clresctr/vxrx/index.jsp?topic=%2Fcom.ibm.cluster.gpfs.doc%2Fgpfs31%2Fbl1adm1160.html POSIX or NFS v4 style ACL] are supported. You will need first to create a /tmp/supervisor.acl file with the following contents:
<pre>
<pre>
Line 179: Line 195:
</pre>
</pre>


<!--T:34-->
Then issue the following 2 commands:
Then issue the following 2 commands:
<pre>
<pre>
Line 186: Line 203:
   [owner] ownership, ie, ownership of both by default, for files/directories created by [supervisor])
   [owner] ownership, ie, ownership of both by default, for files/directories created by [supervisor])


<!--T:35-->
$ mmgetacl /project/g/group/[owner]
$ mmgetacl /project/g/group/[owner]
   (to determine the current ACL attributes)
   (to determine the current ACL attributes)


<!--T:36-->
$ mmdelacl -d /project/g/group/[owner]
$ mmdelacl -d /project/g/group/[owner]
   (to remove any previously set ACL)
   (to remove any previously set ACL)


<!--T:37-->
$ mmeditacl /project/g/group/[owner]
$ mmeditacl /project/g/group/[owner]
   (to create or change a GPFS access control list)
   (to create or change a GPFS access control list)
Line 197: Line 217:
</pre>
</pre>


<!--T:38-->
NOTES:
NOTES:
* There is no option to recursively add or remove ACL attributes using a gpfs built-in command to existing files. You'll need to use the -i option as above for each file or directory individually. [https://docs.scinet.utoronto.ca/index.php/Recursive_ACL_script Here is a sample bash script you may use for that purpose]]
* There is no option to recursively add or remove ACL attributes using a gpfs built-in command to existing files. You'll need to use the -i option as above for each file or directory individually. [https://docs.scinet.utoronto.ca/index.php/Recursive_ACL_script Here is a sample bash script you may use for that purpose]]


<!--T:39-->
* mmputacl will not overwrite the original linux group permissions for a directory when copied to another directory already with ACLs, hence the "#effective:r-x" note you may see from time to time with mmgetacf. If you want to give rwx permissions to everyone in your group you should simply rely on the plain unix 'chmod g+rwx' command. You may do that before or after copying the original material to another folder with the ACLs.
* mmputacl will not overwrite the original linux group permissions for a directory when copied to another directory already with ACLs, hence the "#effective:r-x" note you may see from time to time with mmgetacf. If you want to give rwx permissions to everyone in your group you should simply rely on the plain unix 'chmod g+rwx' command. You may do that before or after copying the original material to another folder with the ACLs.


<!--T:40-->
* In the case of PROJECT, your group's supervisor will need to set proper ACL to the /project/G/GROUP level in order to let users from other groups access your files.
* In the case of PROJECT, your group's supervisor will need to set proper ACL to the /project/G/GROUP level in order to let users from other groups access your files.


<!--T:41-->
* ACL's won't let you give away permissions to files or directories that do not belong to you.
* ACL's won't let you give away permissions to files or directories that do not belong to you.


<!--T:42-->
* We highly recommend that you never give write permission to other users on the top level of your home directory (/home/G/GROUP/[owner]), since that would seriously compromise your privacy, in addition to disable ssh key authentication, among other things. If necessary, make specific sub-directories under your home directory so that other users can manipulate/access files from those.
* We highly recommend that you never give write permission to other users on the top level of your home directory (/home/G/GROUP/[owner]), since that would seriously compromise your privacy, in addition to disable ssh key authentication, among other things. If necessary, make specific sub-directories under your home directory so that other users can manipulate/access files from those.


<!--T:43-->
* Just a reminder: setfacl/getfacl only works on cedar/graham, since they have lustre. On niagara you have to use the mm* command just for GPFS: mmputacl, mmgetacl, mmdelacl, mmeditacl  
* Just a reminder: setfacl/getfacl only works on cedar/graham, since they have lustre. On niagara you have to use the mm* command just for GPFS: mmputacl, mmgetacl, mmdelacl, mmeditacl  


<!--T:44-->
For more information on using [https://www.ibm.com/support/knowledgecenter/SSFKCN_4.1.0/com.ibm.cluster.gpfs.v4r1.gpfs100.doc/bl1adm_mmputacl.htm <tt>mmputacl</tt>] or [https://www.ibm.com/support/knowledgecenter/SSFKCN_4.1.0/com.ibm.cluster.gpfs.v4r1.gpfs100.doc/bl1adm_mmgetacl.htm <tt>mmgetacl</tt>] see their man pages.
For more information on using [https://www.ibm.com/support/knowledgecenter/SSFKCN_4.1.0/com.ibm.cluster.gpfs.v4r1.gpfs100.doc/bl1adm_mmputacl.htm <tt>mmputacl</tt>] or [https://www.ibm.com/support/knowledgecenter/SSFKCN_4.1.0/com.ibm.cluster.gpfs.v4r1.gpfs100.doc/bl1adm_mmgetacl.htm <tt>mmgetacl</tt>] see their man pages.


===Recursive ACL script ===
===Recursive ACL script === <!--T:45-->
You may use/adapt '''[https://docs.scinet.utoronto.ca/index.php/Recursive_ACL_script this sample bash script]''' to recursively add or remove ACL attributes using gpfs built-in commands
You may use/adapt '''[https://docs.scinet.utoronto.ca/index.php/Recursive_ACL_script this sample bash script]''' to recursively add or remove ACL attributes using gpfs built-in commands


<!--T:46-->
Courtesy of Agata Disks (http://csngwinfo.in2p3.fr/mediawiki/index.php/GPFS_ACL)
Courtesy of Agata Disks (http://csngwinfo.in2p3.fr/mediawiki/index.php/GPFS_ACL)
</translate>
</translate>

Revision as of 19:13, 28 November 2018

Understanding the various file systems, and how to use them properly, is critical to optimizing your workflow and being a good SciNet citizen. This page describes the various Niagara file systems, and how to properly use them.

Performance[edit]

The file systems on SciNet, with the exception of archive, are GPFS, a high-performance file system which provides rapid reads and writes to large datasets in parallel from many nodes. As a consequence of this design, however, the file system performs quite poorly at accessing data sets which consist of many, small files. For instance, you will find that reading data in from one 16MB file is enormously faster than from 400 40KB files. Such small files are also quite wasteful of space, as the blocksize for the scratch and project filesystems is 16MB. This is something you should keep in mind when planning your input/output strategy for runs on SciNet.

For instance, if you run multi-process jobs, having each process write to a file of its own is not an scalable I/O solution. A directory gets locked by the first process accessing it, so all other processes have to wait for it. Not only has the code just become considerably less parallel, chances are the file system will have a time-out while waiting for your other processes, leading your program to crash mysteriously. Consider using MPI-IO (part of the MPI-2 standard), which allows files to be opened simultaneously by different processes, or using a dedicated process for I/O to which all other processes send their data, and which subsequently writes this data to a single file.

Purpose of each file system[edit]

Niagara accesses several different file systems. Note that not all of these file systems are available to all users.

/home[edit]

/home is intended primarily for individual user files, common software or small datasets used by others in the same group, provided it does not exceed individual quotas. Otherwise you may consider /scratch or /project. /home is read-only on the compute nodes.

/scratch[edit]

/scratch is to be used primarily for temporary or transient files, for all the results of your computations and simulations, or any material that can be easily recreated or reacquired. You may use scratch as well for any intermediate step in your workflow, provided it does not induce too much IO or too many small files on this disk-based storage pool, otherwise you should consider burst buffer (/bb). Once you have your final results, those that you want to keep for the long term, you may migrate them to /project or /archive. /scratch is purged on a regular basis and has no backups.

/project[edit]

/project is intended for common group software, large static datasets, or any material very costly to be reacquired or re-generated by the group. Material on /project is expected to remain relatively immutable over time. Temporary or transient files should be kept on scratch, not project. High data turnover induces stress and unnecessary consumption tapes on the TSM backup system, long after this material has been deleted, due to backup retention policies and the extra versions kept of the same file. Even renaming top directories is enough to trick the system into assuming a completely new directory tree has been created, and the old one deleted, hence think carefully about your naming convention ahead of time, and stick with it. Users abusing the project file system and using it as scratch will be flagged and contacted. Note that on niagara /project is only available to groups with RAC allocation.

/bb (burst buffer)[edit]

/bb, the burst buffer, is a very fast, very high performance alternative to /scratch, made of solid-state drives (SSD). You may request this resource if you anticipate a lot of IOPs (Input/Output Operations) or when you notice your job is not performing well running on scratch or project because of I/O (Input/Output) bottlenecks. See here for more details.

/archive[edit]

/archive is a nearline storage pool, if you want to temporarily offload semi-active material from any of the above file systems. In practice users will offload/recall material as part of their regular workflow, or when they hit their quotas on scratch or project. That material can remain on HPSS for a few months to a few years. Note that on niagara /archive is only available to groups with RAC allocation.

/dev/shm (RAM)[edit]

On the Niagara nodes a ramdisk is available. Ramdisk is much faster than real disk, and faster than Burst Buffer. Up to 70 percent of the RAM on the node (i.e. 202GB) may be used as a temporary local file system. This is particularly useful in the early stages of migrating desktop-computing codes to a HPC platform such as Niagara, especially those that use a lot of file I/O (Input/Output). Using a lot of I/O is a bottleneck in large scale computing, especially on parallel file systems (such as the GPFS used on Niagara), since the files are synchronized across the whole network.

Quotas and purging[edit]

You should familiarize yourself with the various file systems, what purpose they serve, and how to properly use them. This table summarizes the various file systems.

location quota block size expiration time backed up on login nodes on compute nodes
$HOME 100 GB per user 1 MB yes yes read-only
$SCRATCH 25 TB per user provided group quota is not reached 16 MB 2 months no yes yes
groups of up to 4 users 50TB for the group
groups of up to 11 users 125TB for the group
groups of up to 28 users 250TB for the group
groups of up to 60 users 400TB for the group
groups with over 60 users 500TB for the group
$PROJECT by group allocation 16 MB yes yes yes
$ARCHIVE by group allocation dual-copy no no
$BBUFFER 10 TB per user 1 MB very short no yes yes

How much Disk Space Do I have left?[edit]

The /scinet/niagara/bin/diskUsage command, available on the login nodes and datamovers, provides information in a number of ways on the home, scratch, project and archive file systems. For instance, how much disk space is being used by yourself and your group (with the -a option), or how much your usage has changed over a certain period ("delta information") or you may generate plots of your usage over time. Please see the usage help below for more details.

Usage: diskUsage [-h|-?| [-a] [-u <user>]
       -h|-?: help
       -a: list usages of all members on the group
       -u <user>: as another user on your group

Did you know that you can check which of your directories have more than 1000 files with the /scinet/niagara/bin/topUserDirOver1000list command and which have more than 1GB of material with the /scinet/niagara/bin/topUserDirOver1GBlist command?

Note: information on usage and quota is only updated every 3 hours!

Scratch Disk Purging Policy[edit]

In order to ensure that there is always significant space available for running jobs we automatically delete files in /scratch that have not been accessed or modified for more than 2 months by the actual deletion day on the 15th of each month. Note that we recently changed the cut out reference to the MostRecentOf(atime,ctime). This policy is subject to revision depending on its effectiveness. More details about the purging process and how users can check if their files will be deleted follows. If you have files scheduled for deletion you should move them to more permanent locations such as your departmental server or your /project space or into HPSS (for PIs who have either been allocated storage space by the RAC on project or HPSS).

On the first of each month, a list of files scheduled for purging is produced, and an email notification is sent to each user on that list. You also get a notification on the shell every time your login to Niagara. Furthermore, at/or about the 12th of each month a 2nd scan produces a more current assessment and another email notification is sent. This way users can double check that they have indeed taken care of all the files they needed to relocate before the purging deadline. Those files will be automatically deleted on the 15th of the same month unless they have been accessed or relocated in the interim. If you have files scheduled for deletion then they will be listed in a file in /scratch/t/todelete/current, which has your userid and groupid in the filename. For example, if user xxyz wants to check if they have files scheduled for deletion they can issue the following command on a system which mounts /scratch (e.g. a scinet login node): ls -1 /scratch/t/todelete/current |grep xxyz. In the example below, the name of this file indicates that user xxyz is part of group abc, has 9,560 files scheduled for deletion and they take up 1.0TB of space:

 [xxyz@nia-login03 ~]$ ls -1 /scratch/t/todelete/current |grep xxyz
 -rw-r----- 1 xxyz     root       1733059 Jan 17 11:46 3110001___xxyz_______abc_________1.00T_____9560files

The file itself contains a list of all files scheduled for deletion (in the last column) and can be viewed with standard commands like more/less/cat - e.g. more /scratch/t/todelete/current/3110001___xxyz_______abc_________1.00T_____9560files

Similarly, you can also verify all other users on your group by using the ls command with grep on your group. For example: ls -1 /scratch/t/todelete/current |grep abc. That will list all other users in the same group that xxyz is part of, and have files to be purged on the 15th. Members of the same group have access to each other's contents.

NOTE: Preparing these assessments takes several hours. If you change the access/modification time of a file in the interim, that will not be detected until the next cycle. A way for you to get immediate feedback is to use the 'ls -lu' command on the file to verify the ctime and 'ls -lc' for the mtime. If the file atime/ctime has been updated in the meantime, coming the purging date on the 15th it will no longer be deleted.

Moving data[edit]

Data for analysis and final results need to be moved to and from Niagara. There are several ways to accomplish this.

Using rsync/scp[edit]

Move amounts less than 10GB through the login nodes.

  • Niagara login nodes and datamovers are visible from outside SciNet.
  • Use scp or rsync to niagara.scinet.utoronto.ca or niagara.computecanada.ca (no difference).
  • This will time out for amounts larger than about 10GB.

Move amounts larger than 10GB through the datamover nodes.

  • From a Niagara login node, ssh to nia-datamover1 or nia-datamover2. From there you can transfer to or from Niagara.
  • Alternatively, you may also login/scp/rsync directly to the datamovers from the outside:
 nia-datamover1.scinet.utoronto.ca
 nia-datamover2.scinet.utoronto.ca
  • If you do this often, consider using [Globus], a web-based tool for data transfer.

Using Globus[edit]

Please check the comprehensive documentation here and here..

The Niagara "endpoint" for globus is "computecanada#niagara"

Moving data to HPSS/Archive/Nearline[edit]

HPSS is for long-term storage of data.

  • HPSS is a tape-based storage solution, and is SciNet's nearline a.k.a. archive facility
  • Storage space on HPSS is allocated through the annual Compute Canada RAC allocation.

File/Ownership Management (ACL)[edit]

  • By default, at SciNet, users within the same group already have read permission to each other's files (not write)
  • You may use access control list (ACL) to allow your supervisor (or another user within your group) to manage files for you (i.e., create, move, rename, delete), while still retaining your access and permission as the original owner of the files/directories. You may also let users in other groups or whole other groups access (read, execute) your files using this same mechanism.

Using mmputacl/mmgetacl[edit]

  • You may use gpfs' native mmputacl and mmgetacl commands. The advantages are that you can set "control" permission and that POSIX or NFS v4 style ACL are supported. You will need first to create a /tmp/supervisor.acl file with the following contents:
user::rwxc
group::----
other::----
mask::rwxc
user:[owner]:rwxc
user:[supervisor]:rwxc
group:[othegroup]:r-xc

Then issue the following 2 commands:

1) $ mmputacl -i /tmp/supervisor.acl /project/g/group/[owner]
2) $ mmputacl -d -i /tmp/supervisor.acl /project/g/group/[owner]
   (every *new* file/directory inside [owner] will inherit [supervisor] ownership by default as well as 
   [owner] ownership, ie, ownership of both by default, for files/directories created by [supervisor])

$ mmgetacl /project/g/group/[owner]
   (to determine the current ACL attributes)

$ mmdelacl -d /project/g/group/[owner]
   (to remove any previously set ACL)

$ mmeditacl /project/g/group/[owner]
   (to create or change a GPFS access control list)
   (for this command to work set the EDITOR environment variable: export EDITOR=/usr/bin/vi)

NOTES:

  • mmputacl will not overwrite the original linux group permissions for a directory when copied to another directory already with ACLs, hence the "#effective:r-x" note you may see from time to time with mmgetacf. If you want to give rwx permissions to everyone in your group you should simply rely on the plain unix 'chmod g+rwx' command. You may do that before or after copying the original material to another folder with the ACLs.
  • In the case of PROJECT, your group's supervisor will need to set proper ACL to the /project/G/GROUP level in order to let users from other groups access your files.
  • ACL's won't let you give away permissions to files or directories that do not belong to you.
  • We highly recommend that you never give write permission to other users on the top level of your home directory (/home/G/GROUP/[owner]), since that would seriously compromise your privacy, in addition to disable ssh key authentication, among other things. If necessary, make specific sub-directories under your home directory so that other users can manipulate/access files from those.
  • Just a reminder: setfacl/getfacl only works on cedar/graham, since they have lustre. On niagara you have to use the mm* command just for GPFS: mmputacl, mmgetacl, mmdelacl, mmeditacl

For more information on using mmputacl or mmgetacl see their man pages.

Recursive ACL script[edit]

You may use/adapt this sample bash script to recursively add or remove ACL attributes using gpfs built-in commands

Courtesy of Agata Disks (http://csngwinfo.in2p3.fr/mediawiki/index.php/GPFS_ACL)