Graphcloud provides access to a “virtual Pod” or vPod. This is a subset of IPUs and servers in a Pod system that is securely isolated from access by other IPUs or servers.
The secure connection to your Graphcloud vPod instance is provided using SSH key security. To gain access to your vPod instance, you will be asked to send an SSH public key to Graphcore.
This section describes how you access Graphcloud.
4.1. Working with SSH key pairs
If you are familiar with working with SSH key pairs, then you can skip this section and proceed to Section 4.2, Logging into Graphcloud.
4.1.1. Creating an SSH key pair
If you do not have a key pair, then you can create one as shown in Listing 4.1.
You will be asked to enter a file in which to save the key. Either enter a new location or you can accept the default by pressing Enter. You will also be asked to enter a passphrase. While a passphrase does improve security, it is not necessary and you can have a blank passphrase by just pressing Enter. The keys are then created and the location and names of the keys are displayed. Listing 4.2 shows an example of the output when creating an RSA keypair.
$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/<username>/.ssh/id_rsa): /usr/<username>/.ssh/gclogin Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /usr/<username>/.ssh/gclogin. Your public key has been saved in /usr/<username>/.ssh/gclogin.pub. The key fingerprint is: SHA256:2qSRQ9KQfl6SHkWkWZtqwoos2r20iiajr3vNrYfQ84g <username>@<username> The key's randomart image is: +---[RSA 3072]----+ | .. o+ | | .o +.o | | .. =oo | | ..o=o. | | .o+*+S | |....oooB | |o..=.*o . | |=+Eo=.+ | |X*+.=+ | +----[SHA256]-----+
For more information about generating keypairs, refer to the SSH website.
4.1.2. Sending the public SSH key to Graphcore
Send your public key to the field application engineer who does your Graphcloud onbarding.
4.1.3. Adding your private key to your local SSH configuration file
Your secure connection will only work if the corresponding private key exists in the correct location (
~/.ssh) on the machine you are using to connect to Graphcloud.
You will be sent confirmation that Graphcore has installed the public key on the
Graphcloud server and the username and Graphcloud IP address (
hostname in Listing 4.3) for you to use to connect to your vPod instance over SSH. You can make this easier to use by adding the information to your SSH configuration file. An example of an SSH configuration file entry for the Graphcloud server is shown in Listing 4.3.
host gc-graphcloud hostname 123.456.789.012 user myusername identityfile -/.ssh/gclogin
host can be any name you choose.
4.2. Logging into Graphcloud
$ ssh gc-graphcloud
$ ssh 123.456.789.012
You will not have root access on the Graphcloud server.
4.3. Managing your account
4.3.1. Adding more users
You can add more users to your instance by sending their email addresses, names and SSH public keys to Graphcore, as you have already done for yourself. We will then install these on the server(s) to which your organisation has been granted access.
Note that each user must use their own public SSH key. Multiple users must not use the same key, as this could raise security problems, and also make it difficult to analyse and audit any security issues that may arise from the use of the service.
Multiple user jobs can be run at the same time provided that the total number of IPUs requested does not exceed the number of IPUs in the Pod system. This is because we use a reconfigurable Virtual-IPU partition that supports many smaller partition requests within it. Refer to the About Graphcloud Quick Start, the Graphcloud Monitoring Hardware Quick Start and the V-IPU User Guide for more information on partitions.
4.3.2. Extending access to Graphcloud
Please let us know as soon as possible if you would like to extend your access to Graphcloud by switching to a paid-for service. Cirrascale will provide full details of the payment options available.
4.3.3. Closing your account
When your Graphcloud account is closed all of your data will be wiped from the server. This includes:
Software and data files
Any log files
You need to explicitly copy any data from the sever that you want to keep (for example, using