Quick Start
Getting started
Available resources

Available resources

Machines in the cluster are classified into compute nodes and network nodes, as described in cluster overview. The resource sharing policy is different for the two.

Access to P4 switches

The Edgecore Wedge100BF-32X switches available in the cluster feature:

  • Intel Tofino P4 programmable dataplane ASIC
  • x86 control plane CPU

Users can login on the switch CPU via normal e.g., ssh, start their program control-plane and push P4 programs to the Tofino ASIC.

Intel Tofino programmable data-plane hardware lacks native support for multi-tenancy (see About multi-tenancy in Tofino switches).

We restrict ssh access to the Tofino switches on a time-slotted basis, managed via a reservation mechanism. No more than one tenant at a time will be granted access.

A tenant willing to deploy and test its P4 code on SUP4RNET Tofino switches, must first reserve its own slot through a dedicated dashboard.

Prerequisite: you setup PoliTO VPN to access the dashboard.
Access the Tofino reservation dashboard

Once a slot has been reserved, a tenant will be granted exclusive access to the control plane CPU. The tenant can then login via ssh using the account he/she obtained and perform operations on the switch.

Developing P4 code from VMs

Each tenant can request one or more virtual machine (VM) on the compute nodes. Tenants can login on their VMs at their convenience, on which they have full control and root privileges.

VM images

VMs are primarily intended to let tenants to prototype their P4 code on the Intel Tofino Emulator, i.e., even without access to the physical Tofino ASIC.

VM images comes pre-configured as follows:

  • control plane IP address for ssh login
  • dataplane vNIC, bridged to a 100 Gbps dataplane network
  • Intel P4 Software Development Environment (SDE) and Intel Tofino emulator

VMs should also be privileged to run non-performance critical experiments whenever possible.

For performance critical experiments, the cluster offers (upon request) dataplane vNIC configured with PCI passthrough (SR-IOV), or direct access to the nodes.

Testing P4 code without access to Tofino ASIC

While the reservation mechanism to access the Tofino ASIC might be tedious, there is a way to prototype your P4 code on a Tofino emulator before deploying to the actual hardware. The Intel P4 SDE comes with a register-level Tofino emulator, which reproduces most of the pipeline features via software. Only some Tofino features are not supported by the emulator.

For all code that do not require these special features, we highly advise to first test your project on the emulator and move to the actual hardware when you are relatively confident about the correctness of your code.

This is especially recommended for inexperienced users for at least two reasons:

  1. A detailed log is available in the emulator and not on the ASIC
  2. You don’t create contention with other tentants when not necessary

About sudo privileges

All tenants are granted elevated privileges in their VMs. Instead, as a default policy, sudo privileges are disabled for all tenants on the switch OS and on the server OS. Should any user demand elevated permissions, it must ask the cluster admins. Only if strictly necessary, sudo privileges may be granted for specific commands and revoked when not needed anymore. In general, alternative solutions must be preferred.