go.dedis.ch/onet/v3@v3.2.11-0.20210930124529-e36530bca7ef/simul/platform/DETERLAB.md (about) 1 Navigation: [DEDIS](https://github.com/dedis/doc/tree/master/README.md) :: 2 [Onet](../../README.md) :: 3 [Simulation](../README.md) :: 4 Deterlab 5 6 # Deterlab Simulation 7 8 The first implementation of a simulation (even before localhost) was a deterlab 9 simulation that allowed to run CoSi on https://deterlab.net. Deterlab is a 10 _state-of-the-art scientific computing facility for cyber-security researchers 11 engaged in research, development, discovery, experimentation, and testing of 12 innovative cyber-security technology_. It allows to reserve computers and define 13 the network between those. Using onet, it is very simple to pass from a localhost 14 simulation to a simulation using Deterlab. 15 16 Before a successful Deterlab simulation, you need to 17 18 1. be signed up at Deterlab. If you're working with DEDIS, ask your 19 responsible for the _Project Name_ and the _Group Name_. 20 2. create a simulation defined by an NS-file. You can find a simple 21 NS-file here: [cothority.ns](./deterlab_users/cothority.ns) - you'll need to 22 adjust the # of servers, the type of servers, and the bandwidth- and delay 23 restrictions. 24 3. swap the simulation in 25 26 For point 3. it is important of course that Deterlab has enough machines 27 available at the moment of your experiment. If machines are missing, you might 28 change the NS-file to reference machines that are available. Attention: different 29 machines have different capabilities and can run more or less nodes, depending 30 on the power of the machine. 31 32 Supposing you have the points 1., 2., 3., solved, you can go on to the next step. 33 34 ## Preparing automatic login 35 36 For easier simulation, you should prepare your ssh client to allow automatic 37 login to the remote server. If you login to the https://deterlab.net website, 38 go to _My DeterLab_ (on top), then _Profile_ (one of the tabs in the middle), 39 and finally chose _Edit SSH keys_ from the left. Now you can add your public 40 ssh-key to the list of allowed keys. Verify everything is running by checking 41 that you're not asked for your password when doing 42 43 ```bash 44 ssh username@users.deterlab.net 45 ``` 46 47 ## Running a Deterlab Simulation 48 49 If you have a successful [localhost](Localhost.md) simulation, it is very easy 50 to run it on Deterlab. Make sure the experiment is swapped in, then you can 51 start it with: 52 53 ```go 54 go build && ./simul -platform deterlab simul.toml 55 ``` 56 57 Of course you'll need to adjust the `simul` and `simul.toml` to fit your 58 experiment. When running for the first time, the simulation will ask you for 59 your user-name, project and experiment. For the hostname of deterlab and the 60 monitor address, you can accept the default values. It will store all this in the 61 `deter.toml` file, where you can also change it. Or you delete the file, if you 62 want to enter the information again. 63 64 ## Monitoring Port 65 66 During the experiment, your computer will play the role as the organizer and 67 start all the experiments on the remote deterlab network. This means, that 68 your computer needs to be online during the whole experiment. 69 70 To communicate with Deterlab, the simulation starts a ssh-tunnel to deterlab.net 71 where all information from the simulation are received. As there might 72 be more than one person using deterlab, and all users need to go through 73 users.deterlab.net, you might want to change the port-number you're using. It's 74 as easy as: 75 76 ```go 77 ./simul -platform deterlab -mport 10002 simult.toml 78 ``` 79 80 This will use port 10002 to communicate with deterlab. Be sure to increment by 81 2, so only use even numbers. 82 83 ## Oversubscription 84 85 If you have more nodes than available servers, the simulation will put multiple 86 cothority-nodes on the same server. When creating the `Tree` in 87 `Simulation.Setup`, it will make sure that any parent-children connection will 88 go through the network, so that every communication between a parent and a 89 child will go through the bandwidth and timing restrictions. 90 91 Unfortunately this means that not all nodes will have these restrictions, and 92 in the case of a broadcast with oversubscription, some nodes might communicate 93 directly with the other nodes. If you need a fully restricted network, you 94 need to use [Mininet](MININET.md)