Using the lsst-login Servers

The following login nodes are run by NCSA for access to select LSST DM development resources: - lsst-login01.ncsa.illinois.edu - lsst-login02.ncsa.illinois.edu - lsst-login03.ncsa.illinois.edu

A round-robin DNS hostname lsst-login.ncsa.illinois.edu also exists for convenience.

To get an account, see the Onboarding Checklist.

This page is designed to assist developers in use of the lsst-login servers:

  1. Overview
  2. Connecting and Authenticating
  3. HTCondor Job Submission
  4. Slurm Job Submission
  5. Development Work

Overview

The lsst-login servers are primarily intended as bastions used to access other resources at NCSA. Additional capabilities are planned to include: - submission of HTCondor jobs (workflows should not be run here outside of HTCondor) - submission of Slurm jobs - light development work with short-running processes that require modest resources (e.g., build docs, short compilations against LSST software stack) - view files (e.g., FITS files)

Users are encouraged to submit batch jobs to perform work that requires more significant resources.

The lsst-login nodes have access to the LDF file systems.

For system status and issues: - Service status including announcements of upcoming planned down-time. - Real-time system status (requires login). - To report system issues, file a JIRA ticket in the IT Helpdesk Support (IHS) project.

Connecting and Authenticating

You can log into LSST development servers at NCSA with your NCSA account as follows:
  • NCSA username and password OR valid Kerberos ticket from workstation/laptop, AND
  • NCSA Duo authentication
You can reset your NCSA password at the following URL:
Information on setting up NCSA Duo is available at the following URL:

If you are using OpenSSH on your local machine and you wish to use Kerberos from your local machine (instead of entering your password on the login node), you could add something like this to your local ~/.ssh/config file: .. prompt:: bash $ auto

GSSAPIAuthentication yes PreferredAuthentications gssapi-with-mic,keyboard-interactive,password

You may wish to use an lsst-login node as a “jump host”. If using OpenSSH on your local machine you can do this as follows: .. prompt:: bash $ auto

Host lsst-someinternalhost
User ncsausername ProxyJump lsst-login.ncsa.illinois.edu

You may also wish to reuse a single connection to/through an lsst-login node via a control socket/multiplexing. See for example OpenSSH Cookbook - Multiplexing.

HTCondor Job Submission

Job submission to the NCSA HTCondor DAC cluster will be possible from the lsst-login nodes in the near future.

Slurm Job Submission

Job submission to the NCSA Slurm Verification Cluster will be possible from the lsst-login nodes in the near future.

Development Work

lsst-login nodes can be used for (light) development work in a manner to the lsst-dev nodes. (Users are encouraged to utilize batch compute nodes when more significant resources are required.)

The lsst-login systems are configured with the latest CentOS 7.x as their operating system. This release of CentOS provides an old set of development tools, centered around version 4.8.5 of the GNU Compiler Collection (GCC). Several updated toolchains are made available through the “Software Collection” system as described in the docs for lsst-dev servers (specific toolchains available on lsst-login nodes may vary).

A ready-to-use “shared” version of the LSST software stack is provided to enable developers to get up and running quickly with no installation step. See the docs for lsst-dev servers for more information.