TACC resources are deployed, configured, and operated to serve a large, diverse user community. It is important that all users are aware of and abide by TACC Usage Policies. Failure to do so may result in suspension or cancellation of the project and associated allocation and closure of all associated logins. Illegal transgressions will be addressed through UT and/or legal authorities.
Use of Export Controlled Software and Data
PIs and users agree to NOT install or use any software or data that falls under Export Control regulations without first contacting Chris Hempel (TACC Director of User Services) or Nathaniel Mendoza (TACC Security Coordinator). A Technology Control Plan approved by the University of Texas at Austin and a signed memorandum of understanding between the University of Texas at Austin and the PI must be in place before such software or data can be installed or used on any TACC resource. Violations of this policy will result in the immediate removal of said software and/or data and deactivation of related projects, allocations, and user accounts.
Users must maintain the security of TACC systems and resources:
- login identifiers belong to a specific individual and must not be shared under any circumstances; PIs can create new logins as needed,
- login identifier passwords must never be revealed to others,
- PIs are responsible for notifying TACC when login identifiers should be deactivated due to the departure of the owner or termination of the project.
TACC staff has documented the purpose and proper use of resources and services via a series of user guides and other web-based documents available on the TACC web site and TACC User Portal. Users assume the responsibility for becoming familiar with this documentation, particularly relating to issues such as adherence to resource limits, proper and considerate use of the batch queuing system, understanding the purpose and proper use of file systems and storage services, and proper use of TACC facilities.
TACC allocations should be used only for work directly related to the project for which the allocation was requested and granted. TACC systems, facilities and services should only be used for documented or obvious intended purpose. Examples of improper use follow:
- Using the high-performance systems to run applications that can be executed on basic PCs and workstations,
- Playing games or viewing movies not related to the project in the Visualization Laboratory,
- Using storage systems for backing up data that is not related to the project allocation.
- The login or front-end nodes of the TACC compute and visualization clusters are reserved for compiling, loading, and preparing to submit jobs to run in a batch queue. Running compute or I/O bound processes on these nodes will cause excess overhead and affect the ability of the general user community to use the systems effectively. Processes inappropriate to execute on these nodes will automatically be killed and the user notified. Users repeatedly violating this policy will be denied access to the system and must contact TACC staff before access is restored.
The TACC Data Applications Facility (Corral) is intended to provide the user community with a high-speed, shared storage facility that is available to applications that span multiple TACC compute and visualization resources. Data stored on Corral must be associated with research projects approved by the TACC allocations committee. Users storing data not meeting this criterion will be contacted and may lose all rights to use TACC resources. All users assume the responsibility for reading the information contained in the appropriate system User Guide. Users needing additional storage on a single TACC resource such as Lonestar, Ranger, Longhorn, or Spur should NOT request an allocation on Corral, but should instead make a request for a special quota exception on those systems.
Account Deactivation Policy
There are four instances of account deactivation: 1) a PI of an active project requests the deactivation of an account, 2) project expiration with failure to renew, 3) violation of TACC policy, and 4) time-based account locking. (Here, "account" is used to mean a login.)
1. PI Request
An account deactivation request by a PI will result in the account being denied access to use the project's allocation if the account does not have access to another active project. When the account is deactivated, the password will be changed immediately on each resource the account is to be deactivated on (it is possible that the PI wishes the account to remain active on specific resources). The following actions will occur on the designated resource UNLESS the account has access to another active project(s):
- the user's TACC issued certificate will be revoked;
- a backup of the user's /home directory will be made to an offline storage medium and retained for the period of time defined in Section 5;
- the user's /home directory will be purged;
- the user's data in volatile storage areas (/work, /tmp, SAN, etc.) will be purged; and
- a single backup copy of the user's data stored in an archive facility will be made to an offline storage medium, and retained for the period of time as defined in Section 5.
2. Project Expiration
Upon project expiration, all accounts (PI and user) will be immediately denied access to the allocation, and TACC-issued user certificates will be revoked unless users have access to other active projects. All batch and remote job submissions will subsequently be rejected. (PIs are notified, and reminded, of their project expiration 3 months and 2 months, respectively, before the project expires; renewal requests must be received at least 30 days prior to the end of the project period.) If a project is allowed to expire, an attempt is made to contact the project PI regarding an extension and/or file removal from accounts. If the PI cannot be contacted and no extensions are granted, the actions defined in Section 1 will be taken 15 days after the expiration date. These actions will be applied to all affected accounts UNLESS the account has access to another active project(s).
3. Violation of TACC Policy
Any user account determined by TACC staff to be in violation of a TACC policy will immediately be denied access to all TACC resources. The project PIs responsible for the account and the user will be contacted immediately and informed of the violation and access denial. For security purposes, denial is immediately imposed before contacting the user/users involved. The actions in Section 1 will immediately be applied to the account.
Allocation and usage policies are defined at the following URL: http://www.tacc.utexas.edu/user-services/allocations/
4. Account Inactivity
User accounts will be deactivated due to inactivity after 120 calendar days. This will be done automatically and users will have to submit a ticket to have their account reactivated. Any successful login to a TACC resource (including the TACC User Portal) will reset this timer. The account changes listed in Section 1 are not imposed on inactive accounts until project expiration as described in Section 2 or upon request of the project PI as described in Section 1.
5. Data Retention
Backups of a user's /home directory and archive data will be retained for a period of two years, at which time the backups may be deleted and the media reused at the discretion of the center operations staff.
TACC users are encouraged to request assistance from TACC staff when necessary. All requests for support must be submitted through the TACC Consulting Request System, except for users of the ACES Visualization Laboratory who may receive in-person support during normal working hours. Exceptions to this policy will be handled on a case by case basis. Special project collaborations are examples of situations requiring direct communication between TACC staff and the user community.
TACC support staff will provide advice to users regarding the development, porting, debugging, and optimizing of codes, and in the proper use of TACC resources. Support does not include the actual development, porting, debugging, and optimization of codes.
Users of TACC compute resources may submit via the appropriate User Portal (TACC or XSEDE) refund requests for jobs that terminate abnormally. TACC support staff members will grant requests that can be attributed to hardware and system software failure. Requests will be granted for up to 8 wall clock hours of compute time (8 times the number of processors or cores used by the job). Users are required to implement a checkpoint/restart capability in their codes to minimize the amount of lost cycles due to job failure.
TACC User News
Information regarding important TACC activities, including system availability and upgrades, TACC training classes, allocation renewal notifications, and holiday consulting coverage will be communicated to the user community via TACC User News. Upon receiving an allocation the PI is automatically subscribed to all relevant TACC User News categories, as is any user for which the PI creates a login. Users may unsubscribe from TACC User News, but still assume the responsibility for the information contained therein. TACC User News can be accessed through the TACC portal, http://portal.tacc.utexas.edu, or the TACC home page, http://www.tacc.utexas.edu.