Entitlements in bwCloud-OS: Difference between revisions

From bwCloud-OS
Jump to navigation Jump to search
← Older editNewer edit →
VisualWikitext
Add note for legacy text
No edit summary
Line 4: Line 4:
|}
|}
{| class="mw-message-box mw-message-box-info"
{| class="mw-message-box mw-message-box-info"
| style="vertical-align:middle;" | This page is about the entitlements for the bwCloud-OS NG. Please visit [[entitlements for bwCloud-SCOPE]] for the legacy information..
| style="vertical-align:middle;" | This page is about the entitlements for the bwCloud-OS NG. Please visit [[entitlements for bwCloud-SCOPE]] for the legacy information.
|}
|}


Line 11: Line 11:


__TOC__
__TOC__
== Structure ==
An entitlement persists out of two parts, the quota flavor and optionally the eligibilities,
QUOTA_FLAVOR
bzw.
QUOTA_FLAVOR:json=ELIGIBILITY
, where ''QUOTA_FLAVOR'' must be one of the supported values from the table [[TODO LINK]] below and ''ELIGIBILITY'' is the base64-encoded JSON structure described below.
=== Quota flavors ===
The following entitlements for granting quotas are described in the table below.
{| class="wikitable"
|+List of supported quota flavors
!quota flavor
!Note
|-
|bwcloudos_empty
|Default case. User can’t generate costs.
|-
|bwcloudos_tiny_1
|
|-
|bwcloudos_xtiny_1
|
|-
|bwcloudos_medium_1
|
|-
|bwcloudos_xmedium_1
|
|-
|bwcloudos_large_1
|
|-
|bwcloudos_xlarge_1
|
|-
|bwcloudos_custom
|User can choose the quota to be requested.
|}
Each quota flavor is associated with resources granted to projects.
{| class="wikitable"
|+Resources associated with each quota flavor
!'''Entitlement'''
!'''instances'''
!'''cores'''
!'''ram_gb'''
!'''volumes'''
!'''volumes_gb'''
!'''backups'''
!'''backups_gb'''
!'''networks'''
!'''subnets'''
!'''routers'''
!'''floating_ips'''
|-
|'''bwcloudos_empty'''
|0
|0
|0
|0
|0
|0
|0
|0
|0
|0
|0
|-
|'''bwcloudos_tiny_1'''
|1
|1
|1
|10
|100
|30
|300
|10
|10
|1
|0
|-
|'''bwcloudos_xtiny_1'''
|2
|2
|2
|10
|100
|30
|300
|10
|10
|1
|0
|-
|'''bwcloudos_medium_1'''
|4
|4
|4
|20
|200
|60
|600
|10
|10
|1
|1
|-
|'''bwcloudos_xmedium_1'''
|8
|8
|8
|20
|200
|60
|600
|10
|10
|1
|1
|-
|'''bwcloudos_large_1'''
|16
|16
|16
|40
|400
|120
|1200
|20
|20
|2
|2
|-
|'''bwcloudos_xlarge_1'''
|32
|32
|32
|40
|400
|120
|1200
|20
|20
|2
| valign="top" |2
|-
|'''bwcloudos_custom'''
|*
|*
|*
|*
|*
|*
|*
|*
|*
|*
| valign="top" |*
|}
=== Eligibility JSON ===
Optionally, the following structure for [[Eligibility|Eligibilities]] may be used to provide further information and define conditions for the quota flavor.
{"eligs": [{"cc_id": "COST_CENTER_ID", "first_val": "YYYY-MM-DD", "last_val": "YYYY-MM-DD", "max_bu": "INTEGER"}, {...}]}
=== Special Entitlements ===
There is also the Entitlement ''bwcloudos_access'' that is further described in [[Entitlements in bwCloud-OS#Access Control via Entitlements|Access Control via Entitlements]].
{| class="wikitable"
!Entitlement
!Note
|-
|bwcloudos_access
|Allows the registration for the bwCloud-OS via RegApp
|}


== Access Control via Entitlements ==
== Access Control via Entitlements ==

Revision as of 16:24, 9 December 2025

⚠️ Please Note: This page is currently under development.
This page is about the entitlements for the bwCloud-OS NG. Please visit entitlements for bwCloud-SCOPE for the legacy information.

Entitlements in bwCloud-OS define who can access the platform, how many resources they may use, and under what conditions. They are issued and managed by the user’s home institution and play a central role in how the platform is used and funded.

Structure

An entitlement persists out of two parts, the quota flavor and optionally the eligibilities, 

QUOTA_FLAVOR

bzw. 

QUOTA_FLAVOR:json=ELIGIBILITY

, where QUOTA_FLAVOR must be one of the supported values from the table TODO LINK below and ELIGIBILITY is the base64-encoded JSON structure described below.

Quota flavors

The following entitlements for granting quotas are described in the table below.

List of supported quota flavors
quota flavor Note
bwcloudos_empty Default case. User can’t generate costs.
bwcloudos_tiny_1
bwcloudos_xtiny_1
bwcloudos_medium_1
bwcloudos_xmedium_1
bwcloudos_large_1
bwcloudos_xlarge_1
bwcloudos_custom User can choose the quota to be requested.

Each quota flavor is associated with resources granted to projects.

Resources associated with each quota flavor
Entitlement instances cores ram_gb volumes volumes_gb backups backups_gb networks subnets routers floating_ips
bwcloudos_empty 0 0 0 0 0 0 0 0 0 0 0
bwcloudos_tiny_1 1 1 1 10 100 30 300 10 10 1 0
bwcloudos_xtiny_1 2 2 2 10 100 30 300 10 10 1 0
bwcloudos_medium_1 4 4 4 20 200 60 600 10 10 1 1
bwcloudos_xmedium_1 8 8 8 20 200 60 600 10 10 1 1
bwcloudos_large_1 16 16 16 40 400 120 1200 20 20 2 2
bwcloudos_xlarge_1 32 32 32 40 400 120 1200 20 20 2 2
bwcloudos_custom * * * * * * * * * * *

Eligibility JSON

Optionally, the following structure for Eligibilities may be used to provide further information and define conditions for the quota flavor. 

{"eligs": [{"cc_id": "COST_CENTER_ID", "first_val": "YYYY-MM-DD", "last_val": "YYYY-MM-DD", "max_bu": "INTEGER"}, {...}]}

Special Entitlements

There is also the Entitlement bwcloudos_access that is further described in Access Control via Entitlements.

Entitlement Note
bwcloudos_access Allows the registration for the bwCloud-OS via RegApp

Access Control via Entitlements

The entitlement bwcloudos_access determines whether a user is allowed to access bwCloud-OS at all. This decision is made exclusively by the user's home institution. The bwCloud-OS team has no authority to grant access without an official entitlement. Accessing the bwCloud-OS requires a registration in advance.

Faster, Automated Registration

Registration is streamlined through entitlements:

  • Entitlement are automatically evaluated during registration.
  • Users receive immediate access once their entitlement is confirmed — no manual activation required.

Current Entitlement Types

There are currently two types of entitlements:

  • bwCloud-Basic Aimed at students and beginner users, offering limited resources. Typical use cases include:
    • Student coursework
    • Short-lived or experimental servers
    • Hosting simple software repositories
  • bwCloud-Extended Intended for advanced or long-term users who require more resources. This entitlement is meant for:
    • Research
    • Teaching infrastructure
    • Operational workloads

📌 A user account can have both entitlements — in that case, bwCloud-Extended takes precedence.

Resource Usage and Flavor Access

Entitlements determine which flavor types (resource profiles) a user can launch:

  • bwCloud-Basic
    • Only allows launching nano or tiny instances.
  • bwCloud-Extended
    • Grants access to all available flavors.
    • Users receive significantly higher quotas.

VM Lifespan and Cleanup Policy

To ensure fair resource distribution and system availability, different rules apply depending on the assigned entitlement:

  • bwCloud-Basic
    • VMs may be regularly deleted by the bwCloud team to:
      • Clean up unused instances
      • Free capacity for new users
    • Expect VMs to be potentially removed without notice.
  • bwCloud-Extended
    • No such restrictions apply.
    • VMs are persistent and remain active until the user deletes them.

Cost Allocation and Funding Model

Entitlements also help define who is financially responsible for resource usage. To ensure sustainable operation and future hardware/software upgrades, bwCloud-OS is moving toward a cost allocation model.

  • The user’s institution is responsible for:
    • Verifying users have access to funding.
    • Covering the collective costs for all users from that institution.
  • bwCloud-OS will generate aggregated usage reports and invoices per institution — no individual billing.
Retrieved from "https://wiki.bwcloud-os.de/index.php?title=Entitlements_in_bwCloud-OS&oldid=1540"