Introduction

Access to all KASK laboratory resources (servers, workstations, cluster, services etc.) requires a single account. Each user has his or her profile available from all computers (although separate for Windows and Linux). All questions, remarks, requirements, found errors etc. in the lab should be sent to kasklab@eti.pg.gda.pl e-mail address. Please add “[KASKLAB]” (no quotes) prefix to the email subject.

Login and password

Accounts created after March 2018:

The login is composed of letter "s" (lower case) and student's index number. Example: Jan Kowalski, index number 123456:

  • login: s123456
Accounts created before March 2018:

The login is composed of letter student's index number and first letter (lower case) of the students family name and first name. Example: Jan Kowalski, index number 123456:

  • login: 123456kj

The password for the account needs to be generated using LabAdmin system (in Polish). The system allows also password recovery. In both cases you have to provide user login and e-mail associated with it (usually s@student.pg.edu.pl). The password can be changed both from Windows (alt+ctrl+del -> zmiana hasła) or Linux (using passwd command).

There are some requirements regarding the password complexity:

  • the length have to be at least 7 characters
  • cannot be similar to the login
  • have to contain at least 3 elements of of the following:
    • capital letters
    • lower case letters
    • digits
    • special characters (#, !, @, etc.)

The account usually is locked at the end of each study stage (firs bachelor and than master). The home directory is stored for some time. If the student will not reply to the e-mails regarding account blockage, the account will be permanently locked and the profile deleted.

User profile directories

User profile are stored on remote storage array (for Linux) or on remote Domain Controller (for Windows). Despite the fact, that they are separate you can access one profile from the other system. In Windows the easiest approach is to use tools like WinSCP and copy required files to/from kask.eti.pg.gda.pl. From Linux one can use samba as a share client. The profiles can be reached from the smb://apl01/homes share. You need to provide login and password. From the console you can use: smbclient //apl01/homes. We will see all profiles but we will have access only to the one that we provided login and password for. Home directories are not backed up!

The server/workstations

The laboratory consists of:

  • 18 workstations (des01.kask – des18.kask) in room 527 - students can use them at any time,
  • 2 research workstations (des19.kask, des20.kask) in room 527 - EMPLOYEES ONLY,
  • Storage array,
  • Servers:
    • kask.eti.pg.gda.pl – firewall, access node - DO NOT RUN ANY APPLICATIONS HERE!,
    • db.eti.pg.gda.pl – database server, runs MySQL, PostgreSQL, provides access to the storage array,
    • apl01.eti.pg.gda.pl – ActiveDirectory domain controller,
    • apl02.eti.pg.gda.pl – ActiveDirectory domain controller,
    • apl03.eti.pg.gda.pl – VM server,
    • apl04.eti.pg.gda.pl – server for dr Dziubich,
    • apl05.eti.pg.gda.pl – Java web applications hosting,
    • apl06.eti.pg.gda.pl – .NET web applications hosting,
    • apl07.eti.pg.gda.pl – PHP/Linux web applications hosting,
    • apl08.eti.pg.gda.pl – PHP/Linux web applications hosting,
    • apl09.eti.pg.gda.pl - CUDA, CentOS7, rather old
    • apl10.eti.pg.gda.pl - CUDA, CentOS7, rather old
    • apl11.eti.pg.gda.pl - CUDA, CentOS7, EMPLOYEES ONLY,
    • apl12.eti.pg.gda.pl - Intel Phi, CentOS6, rather old
    • apl13.eti.pg.gda.pl - cluster access node, EMPLOYEES ONLY,
    • compute-1-1 – compute-2-36 - cluster compute nodes,
    • compute-3-1 – compute-3-36 - cluster compute nodes, currently offline
    • apl15.eti.pg.gda.pl - cluster access node, EMPLOYEES ONLY,
    • compute-4-1 – compute-4-32 - cluster compute nodes.
    • multiple hosts for virtualization running Citrix XenServer

Students can access directly the following systems:

  • kask.eti.pg.gda.pl – remote access node, available via SSH - do NOT run any applications here!,
  • des01.kask – des18.kask – for classes, can be accessed directly in room 527 or remotely via the kask.eti.pg.gda.pl node,
  • n01, apl09, apl10, apl12 – remote access only using SSH via kask.eti.pg.gda.pl node.

Installed software

General list of the installed software is given below. If not specified the apps are installed using 64-bit version.

Linux (Ubuntu 18.04 LTS):

  • Java OpenJDK 11 (default, /usr/lib/jvm/java-11-openjdk-amd64)
  • Java OpenJDK 8 (/usr/lib/jvm/java-8-openjdk-amd64)
  • JetBrains WebStorm
  • Netbeans 11 (in /opt/netbeans/)
  • Apache Maven
  • NVIDIA CUDA 10.1 with CUDA DNN 7
  • MPI – mvapich-3.3 and openmpi-2.1.1, openmpi is default
  • LibreOffice
  • GIMP
  • Firefox, Chromium
  • Oracle VirtualBox 5.2.34
  • Docker-ce

Windows 10 Edu:

  • Oracle Java JDK 8 (in c:\Program Files\Java\)
  • Oracle Java JDK 9 (in c:\Program Files\Java\)
  • JetBrains WebStorm
  • Netbeans 8.2 with Glassfish 4 and Tomcat (servers have default settings)
  • NVIDIA CUDA 9.1
  • LibreOffice
  • Microsoft SQL 2017 Express
  • Microsoft Visual Studio 2017 Community Edition v. 15.4
  • Inkscape
  • IE, Microsoft Edge, Firefox, Google Chrome
  • Gimp
  • TortoiseSVN
  • TortoiseGit
  • Notepad++
  • MariaDB
  • Oracle VirtualBox 5.2.6

Remote access to the laboratory

You can access the laboratory remotely using kask.eti.pg.gda.pl node. Access can be done using SSH only. From there you can login (also using SSH) to other machines running Linux in the laboratory.

SSH can also be used to access any service (that is not publicly visible) running in the laboratory (via kask.eti.pg.gda.pl host). It is done using SSH port forwarding. More information on the subject can be found here. Simple examples are presented below.

The commands below are examples only! There are no services there so do not issue those commands directly!

Example: lets say we have a web server running on port 8443 of the apl01.eti.pg.gda.pl server. The web server is not available remotely as it is behind a firewall. It can be however accessed from kask.eti.pg.gda.pl server (the firewall itself). To access it from Linux we can run a command:

 ssh -L 3389:apl01.eti.pg.gda.pl:8443 kask.eti.pg.gda.pl

After connecting all requests sent to localhost:8443 will be transferred to the proper port of the apl01 server. In Windows you can also use openSSH implementation or use e.g. Putty. In this case the setup is as shown below. All data should be entered Connection->SSH->Tunnels section and we need to press Add button. Once again the values are fake and serve as an example! Use your own proper values!

Now it should look like this:

Now we have to connect normally:

 As always we provide login and password for the laboratory.

ATTENTION! In all cases the connection needs to be active all the time we access the service!
ATTENTION! Use not occupied port as local port! Some ports are occupied even if the service is turned off (e.g. 3389 port for Remote Desktop in Windows).

The workstations in the room 527 can be turned on remotely from the firewall. From the kask.eti.pg.gda.pl you can issue the

 wlacz.py

command. Follow the instructions. E.g if you want tu turn on des01.kask and des02.kask you should run:

 wlacz.py des01 des02
The above command does not work after power outage. Currently the computers in lab527 have to be turned on manually at least once after power failure as one of racks containers between firewall and room 527 does not power on correctly.
ATTENTION! From the Faculty network you can use the services directly. From other networks you need either SSH Tunnel or connect to the Faculty using VPN (see http://starter.eti.pg.gda.pl/ web page for more info).

Sieć bezprzewodowa - ZLIKWIDOWANA

Dostęp do sieci bezprzewodowej odbywa się poprzez protokół WPA-Enterprise. Dokładna konfiguracja zależy od użytego oprogramowania do zarządzania siecią bezprzewodową, zazwyczaj zarówno Windows jak i Linux powinny automatycznie wykryć najlepsze ustawienia. Jeżeli stosowane są jednak jakieś alternatywne rozwiązania lub po prostu coś nie działa, generalnie należy ustawić następujące parametry:

  • protokół: WPA-Enterprise
  • SSID: “kasklab-net” (bez cudzysłowów)
  • szyfrowanie danych: TKIP
  • typ uwierzytelniania: PEAP
  • protokół uwierzytelniania: MS-CHAP-V2
  • należy odznaczyć sprawdzanie poprawności certyfikatu serwera
  • jako tożsamość mobilną podajemy swój login i hasło do laboratorium

SIeć WiFi, ze względu na dużą liczbę konkurencyjnych nadajników, dostępna jest na zasadzie "as is". Katedra nie gwarantuje poprawności jej działania.

Windows Vista/7 a WiFi

W przypadku Windows Vista/Windows 7 należy ręcznie utworzyć połączenie sieciowe! Windows nie pozwala na automatyczne tworzenie połączeń w przypadku, gdy zastosowany jest samopodpisany certyfikat. W tym celu wchodzimy do “Centrum sieci i udostępniania” a następnie do “Zarządzaj sieciami bezprzewodowymi”. Tam, wybierając opcję “Dodaj” należy ręcznie skonfigurować połączenie zgodnie z ustawieniami powyżej oraz wyłączyć sprawdzanie certyfikatu serwera (podobnie jak w przypadku sieci wydziałowej WETI_PG).