Getting Started

Using INFN Cloud

You can use INFN Cloud:

  • creating one or more services on the INFN Cloud infrastructure. You will then be responsible for the administration of such services for your own use or for a group of users that you’ll enable.
  • accessing a service that someone else has deployed and enabled the access for you.

Only in the former case you need to apply for an account in the INFN Cloud IAM, as explained below.

Prerequisites for using INFN Cloud resources

In order to be able to use INFN Cloud resources, the following mandatory conditions need to be fulfilled:

  • have a verified digital identity (LoA2) on INFN-AAI:

    • if you don’t have a verified digital identity, connect to https://signup.app.infn.it/ to self-register and to get an account on INFN-AAI. Documentation (unfortunately only in Italian) on this process is available here.

      After this self-registration process, connect to the INFN-AAI User Portal at https://userportal.app.infn.it/ using your INFN-AAI account to complete the digital identity registration. In this process you will have to choose where (the INFN site) you want to be identified, and the person that will have to approve your request. Documentation (unfortunately only in Italian) on this process is available here. You will then be contacted by an INFN secretariat person for your identification.

  • have followed the “Corso di Sicurezza Informatica - BASE”. To follow the “Corso di Sicurezza Informatica - BASE” please use this link..

  • declare to have read and accepted the INFN rules for the use of IT resources:

If you need to instantiate services on top of virtual machines on the INFN Cloud infrastructure you also must have received the “nomination to be system administrator” from the Director of your reference INFN Section or Laboratory, mentioning the following scope of operation: “INFN-CLOUD (as administrator user)”

  • if you don’t have it, please follow the procedure described in the How To: Request the “nomination to be system administrator” guide (see HERE for the italian version)

    Note

    In case it is not possible for you to obtain this “nomination to be system administrator”, you may use INFN Cloud by accessing a service created, and administered, by another person, who has been nominated to be system administrator. This person can be registered in any INFN Section or Laboratory.

Registration in the INFN Cloud IAM

Once you meet the requirements stated above you need to apply for an account in the INFN Cloud IAM available at https://iam.cloud.infn.it, stating inthe Notes the reasons of your request.

For this you need to:

  • Sign in with your institutional account (DO NOT “Apply for an account” !!!!)
../_images/img_fig2.png

INFN Cloud IAM

../_images/fig4.png

Sign in with your institutional credentials

  • The form will be autocompleted with your information as registered in INFN AAI. Explain in a few words to what research group you belong and/or what deployment(s) you want to use
../_images/img_fig5_1.png ../_images/img_fig5_2.png
  • After compiling and sending the registration form, a verification e-mail is send to your e-mail address.
../_images/img_fig6_1.png

Registration done

../_images/img_fig7.png

Confirmation e-mail

  • You will be contacted by the the INFN Cloud Support team in case more details regarding your registration are needed.
  • After the successful verification of the prerequirements you will be notified about the approval of your request and more information will be provided regarding the conditions of use of the INFN Cloud resources and solutions.

SSH Keys

SSH keys allow you to establish a secure connection between your computer and your virtual machines. At least one public key has to be provided in order to be able to access the resources deployed in the INFN Cloud infrastructure.

After your INFN Cloud IAM registration is approved you need to follow the following steps in order to create a new ssh key pair or to upload your public key.

  • Login to the INFN Cloud Dashboard at https://my.cloud.infn.it/, and go to your account details, as shown in the images bellow:
../_images/img_fig8.png

SSH keys Tab

  • If you already hava an ssh key-pair you can upload the public key as shown bellow:
../_images/img_fig9.png

Upload public-key

../_images/img_fig10_1.png
../_images/img_fig11.png
  • Alternatively if you pefer you can create a new key-pair. The public key will be stored on the INFN Cloud Secrets-Manager server, while you can download both the private and public keys into your local computer, as shown in the images bellow:
../_images/img_fig15_1.png

Create new key-pair

../_images/img_fig12.png
../_images/img_fig12_1.png

Download public key

../_images/img_fig13.png

Download private-key

You can store the newly created private and public key wherever you want, just remember to protect the private key and use it with the “-i” option when using ssh. More details on how to use SSH Public Key Authentication can be found here.

Once you finish managing your key, create or upload, you can continue to the “INFN Cloud Dashboard” tab and enjoy the solutions offered:

../_images/img_fig14.png

INFN Cloud Service Catalogue

To understand how to use the solutions present in the Service Catalogue, please first have a look at their respective guides present here.