Terms of use
Any IN2P3 laboratory or experiment, provided a valid CC-IN2P3 user account, is eligible to public cloud usage. In a broader manner, any CNRS laboratory, experiment, institute, and national or international academic research organisations may demand an access to the service. The user request has to be addressed to CC-IN2P3 user support.
Security and responsabilities
User commits to the current regulatory and legal prescriptions, specially those related to IT, data storage, individual liberties, copyright protection and third parties rights. User declares full acceptance of legal obligations ensued by the existence of the services he deploys on the cloud. CC-IN2P3 declines any liability upon the implemented services infringement of laws and regulations. Non-compliance to the above, and in particular any activity likely to give rise to civil and/or criminal liability, will entitle CC-IN2P3 to interrupt without delay and without further notice the access to user resources and services.
The user commits to undertake all necessary measures to guarentee security and data integrity of the hosted services (software updates, firewalls, HIDS and so on…). CC-IN2P3 will not be held liable for security flaws due to user’s defective resources management.
Support
CC-IN2P3 staff will assist the user in learning using the cloud platform and handling incidents, or in optimizing the interaction between the implemented services and the other services provided by CC-IN2P3. It will not manage and provide support for the services deployed by the user himself on the cloud.
In order to establish a privileged communication channel between with users, users collaborations are requested to provide an email alias to contact people in charge of managing the cloud resources on behalf of the collaboration. That channel is used for specific communications about planned maintenance or incidents.
Performance
HA type resources (High Availability) are guaranted to reach the minimal following requirements:
25 random small block (4k) IOPS, 80% writes, 20% reads
0.2 hyper threaded cores
340Mbps network bandwidth
Virtual resources can though benefit of much larger peak capacities. R&D type resources have no minimal guaranted performance. A dedicated SLA may be established for a project to provide specific performances.
Availability
CC-IN2P3 engages to restore cloud service as soon as possible, an incidental interruption should occur. Observed availability over past years demonstrates a 99.89% availability (less than 10h shutdown per year including both scheduled maintenance and incidents impacting the service provision). There are three types of planned maintenances:
- Cloud service shutdown
those are maintenances requiring the cloud service to be shut down (an upgrade of the cloud platform for instance). That kind of maintenance do not affect the deployed resources and services but only the cloud platform itself (the ability to create new resources for instance). Users are notified of such maintenance in advance by support usual channels.
- Transparent maintenance
this kind of maintenance (with unlikely impact on resources) allows cloud administrators to perform online maintainance on the cloud. It is theorically transparent on user deployed services. Online live resource (VM, volume…) migrations from a server to another are typical operations of this kind. In rare cases, those operations may trouble user’s production. CC-IN2P3 commits to restore impacted resources as soon as possible and notify the event to users. Users will not be notifed of those maintenances in advance.
- Shutdown of user resources
in some exceptionnal cases, maintenance requires a complete shutdown of the cloud. That may happen conducting heavy operations on vital components of the facilities such as power distribution or network backbones. CC-IN2P3 commits to notify a month in advance such operations and limit the intervention in time to a maximum of 2 days. These outages will take place on a predetermined schedule (one per trimester) publicly available on the Users portal.