Getting Started

Introduction to EGI services

Overview

EGI is a federation of compute and storage resource providers united by a mission to support research and innovation.

The resources in the EGI infrastructure are offered by service providers that either run their own data centres or rely on community, private and/or public cloud services. These service providers offer:

  • Single Sign-On via EGI Check-in allows users to log in with their institutional (community) credentials
  • Global image catalogue at AppDB with pre-configured virtual machine images
  • Resource discovery features to easily understand which providers are supporting your community, and what are their capabilities
  • Global accounting that aggregates and allows visualisation of usage information
  • Monitoring of availability and reliability to ensure SLAs are met

The EGI infrastructure supports a multitude of science and research communities, each with their own virtualised resources built around open standards. The development of these communities is driven by by their own scientific requirements.

Accessing resources

Access to resources (services) in the EGI infrastructure is based on OpenID Connect (OIDC), which replaces the legacy authentication and authorization based on X.509 certificates.

EGI uses Virtual Organisations (VOs) to control access to resources. VOs are fully managed by research communities, allowing communities to manage their users and grant access to their services and resources. This means communities can either own their resources and use EGI services to share (federate) them, or can use the resources available in the EGI infrastructure for their scientific needs.

Before users can access an EGI service, they have to:

  1. Obtain a supported ID, by signing up with either EGI Check-in directly, or with one of the community identity providers from the EGI infrastructure.
  2. Enroll into one VO. Users need to be part of a VO before using EGI services. Explore the list of available VOs in the Operations Portal.
  3. Authenticate to EGI Check-in to obtain an OAuth2 access token (and optionally a refresh token).
  4. Manage or use the service by leveraging the access token, either implicitly (web interfaces and dashboards usually hide this from users) or explicitly (e.g. when using command-line tools).

See the Communities section for guidance on how to access resources allocated to specific research communities (projects).

Requesting resources

Depending on the access conditions, a service (or an instance of the service) may be open for any user, or it may require requesting access (ordering).

EGI services use the following types of access conditions:

  • Wide access - Users can freely access the service. Login may be required but it is possible with various institutional accounts (through EduGAIN), or with social accounts (e.g. Google). For example you can create a test Virtual Machine or launch a Jupyter Notebook.
  • Policy based - Users are granted access based on specific policies defined by the service providers. Access needs to be requested, and will be checked for such services. Example: Compute resources and tools allocated to researchers in medical imaging (Biomed VO).
  • Pay-for-use - Services are provided for a fee. Example: FitSM Training

The EGI user community support team handles access requests (orders) for the Policy based and Pay-for-use access modes. They will respond to the request within maximum 5 work days. We normally contact you to have a short teleconference meeting to better understand your requirements, and to be able to identify resources and services that best match your needs. The meeting typically covers two topics:

  • What is the background of your request? Scientific domain, partner countries, user bases, pay-for-use or not, etc.
  • What are the technical details of your use case? How many CPU cores, how much RAM per CPU, which software services, and for how long do you need them, etc.

Contact us if you want to discuss further.

Capacity allocation

When EGI is able to support a request for resources, it can do so in two ways:

  1. We grant you access to an existing service, for example to compute resource pools (Virtual Organisations) that already exist in EGI for specific scientific disciplines or for researchers in specific regions. You can browse these in the EGI Operations Portal. If there is a suitable VO, we help you join it and use its services.
  2. We create a new VO for your community when none of the existing resource pools are suitable for your use case. The procedure is as follows:
    • We will contact our provider and negotiate resources for you
    • If there are providers willing to support you, we will sign a Service Level Agreement (SLA) with you
    • A new VO will be created for your community

Pilot your application

EGI offers a playground allocation for users to get access to the services and understand how to port applications and develop new data analytics tools that can be turn into online services that can be accessed by scientist worldwide.

Requirements and user registration

Access requires acceptance of Acceptable Use Policy (AUP) and Conditions of the 'EGI Applications on Demand Service'.

When requesting access users are guided through a registration process. Members of the EGI support team will perform a lightweight vetting process to validate the users’ requests before granting the access to the resources.

Get access to pilot allocation

  1. Create an EGI Check-In account.
  2. Enroll the vo.access.egi.eu Virtual Organisation by following the enrollment URL. Make sure you use your EGI Check-In account for the enrollment.

Once your petition is approved, you will be granted access. The grant to run applications is initially valid for 6 months and can be extended/renewed upon request. These resources are delivered through the vo.access.egi.eu VO.

For pre-configured services (e.g.: EGI Notebooks), the capacity allocated includes up to 4 vCPU cores, 8 GB of RAM and 10 GB of block storage.

You can manage those resources via command-line or any of the dashboards of the EGI Cloud: the VMOps dashboard and the IM dashboard.

You can also easily access scientific applications, EC3 has a list of applications that you can easily start from the EC3 portal.

Unused resources

Users of the EGI services may gain opportunistic usage to unused resources. These are resources that are not dedicated to the user’s organization, but are accessible when the research center(s) have some spare resources. This enables the most efficient use of resources.


Next topics:
EGI Architecture

The architecture of the EGI Federation

Using OpenStack Providers

How to interact with OpenStack providers

Command Line Interface

EGI command line interface

Community Specific Documentation

User documentation for EGI Communities

Last modified June 7, 2023 by Enol Fernández : Enforce link checking (#602)