NOTE: UAI is deprecated in CSM 1.5.2 and will be removed in CSM 1.6.
The UAS allows either administrators or authorized users using the Legacy Mode of UAI management to create UAIs. This section shows both methods.
It is rare that an an administrator would hand-craft an End-User UAI using this administrative procedure, but it is possible. This is, however, the procedure used to create Broker UAIs for Broker Mode UAI Management.
For administrative procedures:
cray
command) installed on the above hostcray init
command) to reach the HPE Cray EX System API Gatewaycray auth login
command)Optional: the administrator may choose a site defined name for the UAI to be used in conjunction with the HPE Cray EX System External DNS mechanism. This is only meaningful for UAIs presented on a public IP address.
For Legacy Mode user procedures:
cray
CLI and network access to the API Gatewaycray
command) installed on the above hostcray init
command) to reach the HPE Cray EX System API Gatewaycray auth login
command)Create a UAI administratively.
Use a command of the following form:
cray uas admin uais create OPTIONS
The following OPTIONS
are available for use:
--class-id <class-id>
- The class of the UAI to be created. This option must be specified unless a default UAI class exists, in which case, it can be omitted and the default will be used.--owner '<user-name>'
- Create the UAI as owned by the specified user.--passwd str '<passwd-string>'
- Specify the /etc/password
format string for the user who owns the UAI. This will be used to set up credentials within the UAI for the owner when the owner logs into the UAI.--publickey-str '<public-ssh-key>'
- Specify the SSH public key that will be used to authenticate with the UAI. The key should be, for example, the contents of an id_rsa.pub
file used by SSH.--uai-name TEXT
- Specify an optional name to be assigned to the UAI on creation. If this is not specified, a default name of the form <owner>-uai-<short-uuid>
is used.
The UAI name is used both as the name of the UAI in the UAS and as the external DNS hostname of a publicly accessible UAI.
If the requested UAI name is the same as an already existing UAI, no new UAI is created, but the information about the existing UAI is returned.
UAI names may contain up to 63 lower case alphanumeric or -
characters, and must start and end with an alphanumeric character.Create a UAI in the Legacy Mode of UAI Management.
Use a command of the following form:
cray uas create OPTIONS
The following OPTIONS are available for use:
--publickey <path>
- the path to a file containing the public SSH key to be used to talk to this UAI. This option is required and must specify a valid public key file name.--ports <port-list>
- a comma-separated list of TCP port numbers to be opened on the newly created UAI. This option is not required and will be overridden by a default UAI Class if a default UAI Class is configured.--imagename <uai-image-name>
- The name of the UAI container image to be used to create the UAI. This option is not required. If omitted the default UAI image will be used.
Both the default UAI image and anything specified here will be overridden by a default UAI Class if a default UAI Class is configured.Top: User Access Service (UAS)
Next Topic: Examining a UAI Using a Direct Administrative Command