Basic Introduction to Git (Part 2)

Initialising a Repository in an Existing Directory

If you wish to have a project directory under version control with GIt, do the following

$ cd /home/user/my_project
$ git init

If you wish to add existing files into the version control

$ git add *.sh
$ git add LICENSE
$ git commit --m "Gekko Menu Help Application"
[master (root-commit) c98ae91] Gekko Menu Help Application
 1 file changed, 73 insertions(+)
 create mode 100755

You have an initial commit and tracked files. Hooray.

Checking the status of your Files

[user1@node1 menu]$ git status
# On branch master
nothing to commit, working directory clean

This means you have a clean working directory; in other words, none of your tracked files are modified.

Adding new files to your Git Directory

Let’s say you added a new file called into the Project Directory, you will have something like

# On branch master
# Untracked files:
#   (use "git add <file>..." to include in what will be committed)
nothing added to commit but untracked files present (use "git add" to track)

To add files

[user1@node1 menu]$ git add
[user1@node1 menu]$ git status
# On branch master
# Changes to be committed:
#   (use "git reset HEAD <file>..." to unstage)
#       new file:

To remove file

[user1@node1 menu]$ git rm -f
rm ''
[user1@node1 menu]$ git status
# On branch master
nothing to commit, working directory clean

To see log, you want to use the command

[user1@node1 menu]$ git log
commit xxxxxxxxx
Author: user1 <>
Date:   Sun Sep 25 23:50:33 2022 +0800

    Gekko Menu Help Application

There are many more usage. For more information, do take a look at 2.3 Git Basics – Viewing the Commit History


  1. 2.2 Git Basics – Recording Changes to the Repository
  2. 2.3 Git Basics – Viewing the Commit History
  3. 2.4 Git Basics – Undoing Things

Intel OpenVINO 2022.2 is available

Key Updates includes:

Broader Model & Hardware Support

  • Preview support for upcoming Intel® processors, including the Intel® Data Center GPU Flex Series and Intel® Arc™ GPU
  • Support for 4th Gen Intel® Xeon Scalable processor (code named Sapphire Rapids)
  • Reduced memory consumption when using dynamic shapes on CPU to improve efficiency of NLP applications

Portability and Performance

Introducing new performance hint “Cumulative throughput” in AUTO device plug-in, enabling multiple accelerators (e.g. multiple GPUs) to be used at once maximizing inferencing performance.

To download the latest release, do take a look at Intel® Distribution of OpenVINO™ Toolkit

Basic Introduction to GitHub (Part 1)

GitHub is the largest code-hosting platform in the world. It uses Git as version control and the repository is based on GitHub. Features such as Pull Requests, Project Boards and GitHub are central and found in one place.

Sign up for a Free Account

To start using GitHub, please go to and follow the instruction

Creating a PAT of SSH Key

A PAT is a string of characters that can be used in place of a password against the GitHub API and on command lone.

You may need to understand the various scopes on GitHub such as repo, admin: repo_hook, users etc. For more information, do take a look at

For starters, you may want to go to and click on Generate new token

On Linux, you can generate your SSH key using the email that you have created in your GitHub User Account

[user1@node1 ~]$ ssh-keygen -t rsa -C ""
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user1/.ssh/id_rsa):
/home/user1/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user1/.ssh/id_rsa.
Your public key has been saved in /home/user1/.ssh/
The key fingerprint is:

Adding the SSH Key to the ssh-agent

Although this is not mandatory, adding the SSH Key to the SSH Agent is a good practice that will keep the SSH Key safe. The SSH-agent is an SSH Key Manager that helps to keep the SSH key safe because it protects your SSH keys from being exported. The SSH Agent also saves you from having to type the passphrase you create. every time your SSH key is used.

Before you check, you want to check your ~/.ssh/config first

$ vim ~/.ssh/config
Host * 
AddKeysToAgent yes

At the Terminal,

$ ssh-add ~/.ssh/id_rsa

Copy your SSH Public Key to the field. In your ~/.ssh/config, it should have a .pub extension like

Configuring Git

To intialise the Git. Do the following. You may want to take a look at

[user1@node1 ~]$ git config --global "Melvin Soh"
[user1@node1 ~]$ git config --global ""
[user1@node1 ~]$ git config --global init.defaultBranch main
[user1@node1 ~]$ git config --list
credential.helper=netrc -f ~/.netrc.gpg -v

To continue, See Basic Introduction to GitHub (Part 2)


  1. 1.5 Getting Started – Installing Git
  2. 1.6 Getting Started – First-Time Git Setup

Basic Commands for Mellanox Network Switches for Break-out-Ports

More information can be found at Command Line Interface (CLI)

Point 1: To configure Break-Out

> enable
# configure terminal
# interface ethernet ?
R2-R8-LEAF01 [standalone: master] (config) # interface ethernet ?
# interface ethernet 1/25 shutdown
# interface ethernet 1/26 shutdown
# interface ethernet 1/25
# (config interface ethernet 1/25) # module-type qsfp-split-4 force

The resulting interface will become

Ethernet 1/25/1
Ethernet 1/25/2
Ethernet 1/25/3
Ethernet 1/25/4

Speed configuration can be found at

interface ethernet 1/25/1
# speed 25G

Using Ethtool to query Network and Driver Information

Ethtool is a utility for configuration of Network Interface Cards (NICs). This utility allows querying and changing settings such as speed, port, auto-negotiation, PCI locations and checksum offload on many network devices, especially Ethernet devices.

1. Query the specified network device for associated driver information

# ethtool -i ens3f1np1
driver: mlx5_core
version: 5.7-1.0.2
firmware-version: 16.34.1002 (MT_0000000416)
bus-info: 0000:0f:00.1
supports-statistics: yes
supports-test: yes
supports-eeprom-access: no
supports-register-dump: no
supports-priv-flags: yes

2. Enable an operator to easily identify the adapter by sight.
This involves blinking one or more LEDs on the specified network port.

# ethtool -p ens3f1np1 5

where integer 5 represents the time in seconds to perform the action,

3. Turn off the AutoNegotiation and fixed it at 25GB

ethtool -s ens3f1np1 --speed 25000 --autoneg off --duplex full


Red Hat Documentation 11.8. Ethtool

Managing Internal and External networks using firewall-cmd on CentOS-7 and Rocky Linux 8


Compute Nodes in an HPC environment are usually physically isolated from the public network and has to route through the gateway which are often found in Head Node or any delegated Node in small or small-medium size cluster to access the internet or to access company LAN to access LDAP, you can use the firewall-cmd to route the traffic through the interconnect facing the internet.


Traffic will be routed through the Head Node’s eno1 (internet facing) from the Head Node’s eno2 (private network). The interconnect eno1 is attached to a switch where the compute nodes are similarly attached. Some

  1. is the private network subnet.
  2. is the IP Address of the Head Node
  3. is the IP Address of the external-facing ethernet ie eno1

Check the zones.

# firewall-cmd --list-all-zones

Check the Active Zones

# firewall-cmd --get-active-zones
  interfaces: eno2
  interfaces: eno1

Enable masquerade at the Head Node’s External Zone

IP masquerading is a process where one computer acts as an IP gateway for a network. For masquerading, the gateway dynamically looks up the IP of the outgoing interface all the time and replaces the source address in the packets with this address.

You use masquerading if the IP of the outgoing interface can change. A typical use case for masquerading is if a router replaces the private IP addresses, which are not routed on the internet, with the public dynamic IP address of the outgoing interface on the router.

For more information. Do take a look at 5.10. Configuring IP Address Masquerading

# firewall-cmd --zone=external --query-masquerade 
# firewall-cmd --zone=external --add-masquerade --permanent
# firewall-cmd --reload

Compute Nodes at the Private Network 

(Assuming that eno1 is connected to the private switch). It is very important that you input the gateway at the compute node’s /etc/sysconfig/network-scripts/ifcfg-eno1)

IPADDR= #Internal IP Address of the Compute Node
GATEWAY= #Internal IP Address of the Head Node

Configure the Head Node’s External Zone.

There are three options – defaultACCEPTREJECT, and DROP. By setting the target to ACCEPT, you accept all incoming packets except those disabled by a specific rule. If you set the target to REJECT or DROP, you disable all incoming packets except those that you have allowed in specific rules. When packets are rejected, the source machine is informed about the rejection, while there is no information sent when the packets are dropped. 5.7.8. Using Zone Targets to Set Default Behavior for Incoming Traffic

# firewall-cmd --zone=external --set-target=default

You can configure other settings. For the External Zone. For example, add SSH Service, mDNS

# firewall-cmd --permanent --zone=external --add-service=ssh
# firewall-cmd --permanent --zone=external --add-service=mdns
# firewall-cmd --runtime-to-permanent
# firewall-cmd --reload

It is possible to define different sets of rules for different zones and then change the settings quickly by changing the zone for the interface that is being used. With multiple interfaces, a specific zone can be set for each of them to distinguish traffic that is coming through them. 51.6.4. Assigning a network interface to a zone

# firewall-cmd --zone=external --change-interface=eno2 --permanent

Configure the Head Node’s Internal Zone.

You can use the same firewall-cmd to configure the below configuration if you need the services.

# firewall-cmd --zone=trusted --list-all
trusted (active)
  target: default
  icmp-block-inversion: no
  interfaces: ib1 enp6s0f3
  services: dhcpv6-client ssh nfs mountd rpc-bind http https tftp
  ports: 15001-15007/tcp 15001-15007/udp 
  masquerade: no
  rich rules:

Check the Firewall Status

systemctl status firewalld.service

Encountering shm_open permission denied issues with hpcx

If you are using Nvidia hpc-x and encountering issues like the one below during your MPI Run

shm_open(file_name=/ucx_shm_posix_77de2cf3 flags=0xc2) failed: Permission denied

The error message indicates that the shared memory has no permission to be used,  The permission of /dev/shm is found to be 755, not 777, causing the error. The issue can be resolved after the permission is changed to 777. To change and verify the changes:

% chmod 777 /dev/shm 
% ls -ld /dev/shm
drwxrwxrwx 2 root root 40 Jul  6 15:18 /dev/sh

Installing CP2K with Nvidia HPCX on Rocky Linux 8.5

What is HPCX?

NVIDIA® HPC-X® is a comprehensive software package that includes Message Passing Interface (MPI), Symmetrical Hierarchical Memory (SHMEM) and Partitioned Global Address Space (PGAS) communications libraries, and various acceleration packages. For more information, do take a look at

What is CP2K?

CP2K is a quantum chemistry and solid state physics software package that can perform atomistic simulations of solid state, liquid, molecular, periodic, material, crystal, and biological systems. CP2K provides a general framework for different modeling methods such as DFT using the mixed Gaussian and plane waves approaches GPW and GAPW. Supported theory levels include DFTB, LDA, GGA, MP2, RPA, semi-empirical methods (AM1, PM3, PM6, RM1, MNDO, …), and classical force fields (AMBER, CHARMM, …). CP2K can do simulations of molecular dynamics, metadynamics, Monte Carlo, Ehrenfest dynamics, vibrational analysis, core level spectroscopy, energy minimisation, and transition state optimization using NEB or dimer method. (Detailed overview of features.). For more information, do take a look at

Getting the CP2K

git clone --recursive cp2k

Unpack hpcx and Optimised OpenMPI Libraries. For more information on installation, do take a look at Installing and Loading HPC-X

Extract hpcx.tbz into your current working directory.

% tar -xvf hpcx.tbz
% cd hpcx
% export HPCX_HOME=$PWD
% module use $HPCX_HOME/modulefiles
% module load hpcx

Use the CP2K Toolchain to Compile for the easiest

% cd cp2k
% cd /usr/local/software/cp2k/tools/toolchain
% ./ --no-check-certificate --with-openmpi

Compiling the CP2K

==================== generating arch files ====================
arch files can be found in the /usr/local/software/cp2k/tools/toolchain/install/arch subdirectory
Wrote /usr/local/software/cp2k/tools/toolchain/install/arch/local.ssmp
Wrote /usr/local/software/cp2k/tools/toolchain/install/arch/local_static.ssmp
Wrote /usr/local/software/cp2k/tools/toolchain/install/arch/local.sdbg
Wrote /usr/local/software/cp2k/tools/toolchain/install/arch/local_coverage.sdbg
Wrote /usr/local/software/cp2k/tools/toolchain/install/arch/local.psmp
Wrote /usr/local/software/cp2k/tools/toolchain/install/arch/local.pdbg
Wrote /usr/local/software/cp2k/tools/toolchain/install/arch/local_static.psmp
Wrote /usr/local/software/cp2k/tools/toolchain/install/arch/local_warn.psmp
Wrote /usr/local/software/cp2k/tools/toolchain/install/arch/local_coverage.pdbg
========================== usage =========================
Now copy:
  cp /usr/local/software/cp2k/tools/toolchain/install/arch/* to the cp2k/arch/ directory
To use the installed tools and libraries and cp2k version
compiled with it you will first need to execute at the prompt:
  source /usr/local/software/cp2k/tools/toolchain/install/setup
To build CP2K you should change directory:
  cd cp2k/
  make -j 80 ARCH=local VERSION="ssmp sdbg psmp pdbg"

Do exactly on the ending instruction

% cp /usr/local/software/cp2k/tools/toolchain/install/arch/* /usr/local/cp2k/arch
% source /usr/local/software/cp2k/tools/toolchain/install/setup
% cd /usr/local/software/cp2k
% make -j 32 ARCH=local VERSION="ssmp sdbg psmp pdbg"

If you encounter an error during making like the one below, just do an install for liblsan

% /usr/bin/ld: cannot find /usr/lib64/
% dnf install liblsan -y

If you encounter error like the ones below for fftw libraries,

/usr/bin/ld: cannot find -lfftw3_mpi
collect2: error: ld returned 1 exit status

You have to go to the supporting package libraries and do some editing.

% cd /usr/local/software/cp2k/tools/toolchain/install/fftw-3.3.10/lib
% ln -s libfftw3.a libfftw3_mpi.a
% ln -s

Try again

% cd /usr/local/software/cp2k
% make -j 32 ARCH=local VERSION="ssmp sdbg psmp pdbg"

If successful, you should see binaries at /usr/local/software/cp2k/exe/local

GCCGO Error During GCC-10.4.0 Compilation on CentOS 7

If you encounter “gccgo: error: ../x86_64-pc-linux-gnu/libgo/libgotool.a: No such file or directory”

/home/user1/gcc-10.4.0/host-x86_64-pc-linux-gnu/gcc/gccgo -B/home/user1/gcc-10.4.0/host-x86_64-pc-linux-gnu/gcc/ -B/usr/x86_64-pc-linux-gnu/bin/ -B/usr/x86_64-pc-linux-gnu/lib/ -isystem /usr/x86_64-pc-linux-gnu/include -isystem /usr/x86_64-pc-linux-gnu/sys-include   -g -O2 -I ../x86_64-pc-linux-gnu/libgo -static-libstdc++ -static-libgcc  -L ../x86_64-pc-linux-gnu/libgo -L ../x86_64-pc-linux-gnu/libgo/.libs -o go ../.././gotools/../libgo/go/cmd/go/alldocs.go ../.././gotools/../libgo/go/cmd/go/go11.go ../.././gotools/../libgo/go/cmd/go/main.go ../x86_64-pc-linux-gnu/libgo/libgotool.a  
gccgo: error: ../x86_64-pc-linux-gnu/libgo/libgotool.a: No such file or directory
make[2]: *** [Makefile:821: go] Error 1
make[2]: Leaving directory '/home/user1/gcc-10.4.0/host-x86_64-pc-linux-gnu/gotools'
make[1]: *** [Makefile:14649: all-gotools] Error 2
make[1]: Leaving directory '/home/user1/gcc-10.4.0'
make: *** [Makefile:997: all] Error 2

The issue can be easily resolved by not building gcc in the same directory as the source code. At GCC Home

% ./contrib/download_prerequisites
% mkdir build
% ../configure --prefix=/usr/local/gcc-10.4.0 --disable-multilib --enable-languages=all
% make -j 8
% make install