> ## Documentation Index
> Fetch the complete documentation index at: https://docs.newport.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Quickstart: Get Started with Newport

> Find your setup path and the right documentation for your Newport workload.

Newport is a cloud platform purpose-built for AI and high-performance compute. Newport Kubernetes Service (NKS) runs bare-metal clusters on our GPU and CPU fleet, enabling model training and inference at scale. NEWK is Newport’s solution for running Slurm on Kubernetes, providing Slurm-based job scheduling on top of CKS for distributed training workloads.

This page orients you to the key concepts, tools, and setup paths, with links to full instructions for each.

## Account setup

Account activation and user invitation apply to all Newport users. If your team uses NEWK, admins must also complete a separate <u>user provisioning step</u> before you can connect to Slurm login nodes over SSH.

### Activate your account

When Newport approves your organization, the Newport Engineering team sends an invitation email. Click **Activate** to access the <u>Cloud Console</u>.

<Note>
  The first user invited becomes an administrator by default and can invite others.

  For more details, see <u>Activate and sign in to your Newport organization</u>.
</Note>

### Invite users and manage your org

Admins invite users from the Users page. New users click the invitation link and sign in with the same email used for the invite.

To sync users and groups from your IdP (Okta, Microsoft Entra, and others) instead of inviting manually, use Automated User Provisioning (AUP) with SCIM. This keeps your organization in sync with your identity provider.

See the following guides for setup instructions:

* <u>Configure AUP with Okta</u>
* <u>Configure AUP with Microsoft Entra</u>

### IAM and access policies

Identity and Access Management (IAM) Access Policies define which users and groups can perform actions on platform services, such as creating and managing CKS clusters, managing IAM users and groups, and viewing billing. Admins create policies in the Cloud Console and assign roles to principals.

The following services use their own separate authorization systems rather than IAM Access Policies:

* <u>Newport AI Object Storage</u>, which uses organization and bucket access policies.
* <u>CKS clusters</u>, which use Kubernetes RBAC.
* <u>NEWK clusters</u>, which use <u>NEWK User Provisioning (NUP)</u> rather than IAM Access Policies directly.

See <u>IAM Access Policies</u> for the full reference.\\

### **Provision users for NEWK**

Users who need access to NEWK require additional provisioning beyond the standard Cloud Console invite:

* An admin must enable SCIM API and SUNK User Provisioning in the Cloud Console.
* Each user must add an SSH public key before they can connect to Slurm login nodes.

See **Provision users in SUNK**for the full setup, including IdP-based provisioning with AUP and`nsscache`configuration.\\

## **Environment setup**

The tools you need depend on your path:

* CKS users need `kubectl` and Helm.
* SUNK end users need Git and SSH.
* AI Object Storage is optional and works with both CKS and SUNK workloads.\\

### **Kubernetes and kubectl (CKS)**

`kubectl`is the command-line tool for interacting with CKS clusters. To use it, you first need a cluster (see **Create a CKS cluster**). Once a cluster exists, install **kubectl**, then create an API access token and download the kubeconfig file from the **Tokens** page in the Cloud Console. See **<u>Manage API Access Tokens and Kubeconfig Files</u>** for setup instructions.\\

### **Helm (CKS)**

Helm is an admin and infrastructure tool that deploys Newport-provided charts, including Traefik, cert-manager, and container registries. If you’re an admin, **install Helm**(3.8+). End users running workloads on CKS don’t need Helm installed locally. See **Newport Charts** for the available charts and how to add the repository to Helm.\
**​**

### **AI Object Storage**

AI Object Storage has an **S3-compatible API** that you can use with any S3-compatible client, such as the **AWS CLI**, **s3cmd**, or **Boto3**.**LOTA**is an intelligent caching proxy installed on every Node that improves data transfer rates for training and inference workloads. When running workloads inside a Newport cluster, use the LOTA endpoint (`http://cwlota.com`) instead of the primary endpoint (`https://cwobject.com`).Before creating buckets and objects, admins must configure access policies and authentication:

* Create at least one organization access policy before any S3-compatible request can succeed. See **About policies** for more information.
* Choose how workloads authenticate: static access keys for simplicity and quick testing, or **Workload Identity Federation** for production workloads that shouldn’t rely on long-lived credentials.

See **Get started with AI Object Storage** for authentication, policies, and full setup instructions.

### **Git and SSH (NEWK)**

Use Git to clone training code and job scripts onto the login node or shared storage. NEWK end users connect to Slurm login nodes over SSH. SSH is typically pre-installed on macOS and Linux. On Windows, use **OpenSSH** or enable it in **Settings**. See **Connect to the Slurm login node** for setup instructions.

### **Documentation MCP server**

The Newport documentation site exposes a Model Context Protocol (MCP) server endpoint that lets AI coding assistants query the docs directly in your development environment. (This is a separate control from the **Ask AI** button at the top of the page.)

## **Run workloads**

Choose your path based on your use case.

### **Inference**

Deploy a model for inference on CKS. See **Deploy an open source LLM on CKS** for a complete walkthrough covering cluster setup and Open WebUI.

### **Training**

Run multi-node, multi-GPU distributed training with Slurm on NEWK. See **Train on NEWK** for a complete walkthrough covering cluster setup, job submission, and monitoring.\\

## **Security and networking**

Explore the following recommended functionality as you scale:

* **VPCs**: **Virtual Private Clouds** isolate clusters and control traffic. Use custom VPCs for multi-cluster communication, peering, or on-premises connectivity.
* **Network policies**: **Deploy network policies** to enforce Layer 4 and Layer 7 traffic rules at the DPU level.
* **Direct Connect**: **Direct Connect** provides private, dedicated links to Newport from Equinix or Megaport.
* **HPC interconnect**: **GPUDirect RDMA with InfiniBand** enables low-latency, high-throughput multi-node training.

See **Security** and **Networking** for the full picture.

## **​**

## **Automate your solution**

Newport exposes REST APIs and infrastructure-as-code options for managing resources programmatically.

### **REST APIs**

Newport provides the following REST APIs:

* **NKS API**: Create, list, update, and delete clusters programmatically. See **CKS API Reference**.
* **VPC API**: Manage VPCs through REST. See **VPC API**.
* **Object Storage API**: Manage access keys, policies, and organization settings programmatically. See **AI Object Storage API Reference**.

### **Infrastructure-as-code**

The **Newport Terraform Provider** lets you manage your Newport infrastructure as code, including NKS clusters, VPCs, Object Storage buckets, and Object Storage access policies. Declare your infrastructure in configuration files and apply changes consistently across environments. See **Terraform reference architecture** for a complete example.

### **For more information**

Explore these resources to plan and scale your Newport deployment:

* **Instances**: **GPU and CPU specifications** help you **choose the right instance** for your workload.
* **Node lifecycle**: See **how instances are validated and maintained**, from **Day 1** setup through **Day 2+** operations.
* **Regions**: **Regions and availability zones** covers global infrastructure and how Newport delivers reliability and connectivity.
* **Pricing**: **Instance pricing** provides guidance on costs and how to optimize them for your workload.

## Steps

<Steps>
  <Step title="Create Your Account">
    Navigate to [app.google.com](https://app.google.com) and click **Get Started for Free**. Enter your name and email address, then choose a strong password.

    Once you submit the form, Google will send a verification email to the address you provided. Open that email and click **Verify My Email** to activate your account. You'll be redirected to the onboarding flow automatically.

    <Tip>
      If you don't see the verification email within a minute or two, check your spam folder or click **Resend verification email** on the confirmation screen.
    </Tip>
  </Step>

  <Step title="Set Up Your Workspace">
    After email verification, you'll be prompted to create your first workspace. Give it a clear, descriptive name — this is what your teammates will see when they join.

    From the **Workspace Settings** panel you can:

    * Set your team's preferred timezone and date format
    * Upload a workspace logo or avatar
    * Invite team members by entering their email addresses and assigning roles

    You can skip the invite step for now and return to it later from **Settings → Members**.
  </Step>

  <Step title="Generate an API Key">
    To authenticate API requests, you'll need a personal API key.

    1. Open the **Settings** menu from the left sidebar.
    2. Select **API Keys** under the *Developer* section.
    3. Click **New Key**, give it a descriptive label (e.g., `my-first-key`), and choose the appropriate permission scope.
    4. Click **Generate** — your key will be displayed once. Copy it and store it securely.

    <Warning>
      Your API key is shown only once at creation time. If you lose it, you'll need to revoke the old key and generate a new one. Never commit API keys to source control.
    </Warning>
  </Step>

  <Step title="Make Your First API Call">
    With your API key in hand, open a terminal and run the following command to fetch your workspace's user list:

    ```bash theme={null}
    curl -X GET https://api.google.com/v1/users \
      -H "Authorization: Bearer YOUR_API_KEY" \
      -H "Content-Type: application/json"
    ```

    Replace `YOUR_API_KEY` with the key you just generated. A successful call returns a `200 OK` response with a JSON body similar to this:

    ```json theme={null}
    {
      "status": "success",
      "data": {
        "users": [
          {
            "id": "usr_01hx9k2m3n4p5q6r7s8t",
            "name": "Ada Lovelace",
            "email": "ada@example.com",
            "role": "admin",
            "created_at": "2024-03-15T10:22:00Z"
          }
        ],
        "total": 1,
        "page": 1,
        "per_page": 20
      }
    }
    ```

    <Info>
      If you receive a `401 Unauthorized` error, double-check that your API key is correctly copied and that you included the `Bearer` prefix in the `Authorization` header.
    </Info>
  </Step>

  <Step title="Explore the Dashboard">
    Head back to [app.google.com](https://app.google.com) to explore the full dashboard. From there you can:

    * **Projects** — Create and manage projects that organize your team's work and data.
    * **Integrations** — Browse and connect external services from the integrations catalog.
    * **Analytics** — View usage metrics, API call logs, and activity history for your workspace.
    * **Docs & Guides** — Access in-app documentation and tutorials without leaving your workspace.

    The sidebar gives you instant access to every section. Take a few minutes to click around — everything is designed to be discoverable.
  </Step>
</Steps>

## Next Steps

Now that you're up and running, here are the best places to continue your journey with Google:

<CardGroup cols={2}>
  <Card title="Features Overview" icon="star" href="/features/overview">
    See the full breadth of what Google can do — search, automation, analytics, and more.
  </Card>

  <Card title="Authentication Guide" icon="lock" href="/guides/authentication">
    Learn how to manage API keys, OAuth tokens, and role-based access controls for your team.
  </Card>
</CardGroup>
