Access to JSC Cloud

Applying for a project

JSC Cloud ressources are available for JSC’s staff and partners in cooperations with JSC. In order to gain access to the Cloud resources, please apply for it by sending an email to sc@fz-juelich.de, describing your use case, affiliation, and resource requirements. We will then let you know whether your use case qualifies and we are able to accomodate it.

A template for a project proposal can be found here:

Prerequisites

You can authenticate to JSC Cloud via LDAP through our JUDOOR web portal, Fenix AAI or Heomholtz AAI.

In all cases the Acceptable use Policy needs to be accepted.

OpenStack API Endpoints

Service Name

Service Type

Enabled

Interface

URL

API Version

glance

image

True

public

https://cloud.jsc.fz-juelich.de:9292

v2.15 (2.0-2.15)

keystone

identity

True

public

https://cloud.jsc.fz-juelich.de:5000

v3.14

heat-cfn

cloudformation

True

public

https://cloud.jsc.fz-juelich.de:8000/v1

v1.0

cinderv3

volumev3

True

public

https://cloud.jsc.fz-juelich.de:8776/v3/%(tenant_id)s

v3.0 (3.0-3.70)

neutron

network

True

public

https://cloud.jsc.fz-juelich.de:9696

v2.0

octavia

load balancing

True

public

https://cloud.jsc.fz-juelich.de:9876

v2.26 (2.0-2.26)

placement

placement

True

public

https://cloud.jsc.fz-juelich.de:8780

v1.0 (1.0-1.39)

heat

orchestration

True

public

https://cloud.jsc.fz-juelich.de:8004/v1//%(tenant_id)s

v1.0

nova

compute

True

public

https://cloud.jsc.fz-juelich.de:8774/v2.1

v2.1 (2.1-2.93)

WebUI

WebUI using Fenix or Helmholtz AAI

  1. Go to the JSC Cloud OpenStack Dashboard

  2. Authenticate using

  3. Fenix AAI or Helmholtz AAI

You will be forwarded to the Fenix AAI where you can select your local Identity Provider. After authenticating you are send back to the OpenStack Dashboard.

WebUI using JuDoor

  1. Go to the JSC Cloud OpenStack Dashboard

  2. Authenticate using

  3. Keystone Credentials

  4. Domain

  5. JuDoor Account

Command Line Interface (CLI)

One very prominent interface to an OpenStack environment are comandline tools. These are available via pip within a Python environment, and come together with Python libraries to interact with openstack.

$ python3 -m venv openstack
$ source openstack/bin/activate
$ pip install python-openstackclient

The official OpenStack CLI documentation is available here

CLI using Fenix AAI

We are sorry, the authentication mechanism picked by Fenix, namely OIDC, is not supported by the CLI very well. You can circumvent that limitation via OpenStack specific Application Credentials.

  1. Authenticate via the WebUI using your Fenix account

  2. Click: Identity

  3. Click: Application Credentials

  4. Click: Create Application Credential

You should limit this credential as much as possible!

CLI using JuDoor

When you use the JSC Cloud OpenStack Dashboard before switching to the CLI, you can download a credential file there.

  1. Authenticate at the JSC Cloud OpenStack Dashboard

  2. Click on Project

  3. Click on API Access

  4. Click on Download OpenStack RC File

  5. Click on OpenStack RC File

  6. Source the file to load the environment

Alternatively you can create the RC File on your own:

#!/usr/bin/env bash
export OS_AUTH_URL=https://cloud.jsc.fz-juelich.de:5000
export OS_PROJECT_ID=<YOUR_PROJECT_ID>
export OS_PROJECT_NAME="<YOUR_PROJECT_NAME>"
export OS_USER_DOMAIN_NAME="LDAP"
export OS_USERNAME="YOUR_USER"
# With Keystone you pass the keystone password.
echo "Please enter your OpenStack Password for project $OS_PROJECT_NAME as user $OS_USERNAME: "
read -sr OS_PASSWORD_INPUT
export OS_PASSWORD=$OS_PASSWORD_INPUT
export OS_REGION_NAME="JSCCloud"
export OS_INTERFACE=public
export OS_IDENTITY_API_VERSION=3