9 research outputs found
Leveraging OpenStack and Ceph for a Controlled-Access Data Cloud
While traditional HPC has and continues to satisfy most workflows, a new
generation of researchers has emerged looking for sophisticated, scalable,
on-demand, and self-service control of compute infrastructure in a cloud-like
environment. Many also seek safe harbors to operate on or store sensitive
and/or controlled-access data in a high capacity environment.
To cater to these modern users, the Minnesota Supercomputing Institute
designed and deployed Stratus, a locally-hosted cloud environment powered by
the OpenStack platform, and backed by Ceph storage. The subscription-based
service complements existing HPC systems by satisfying the following unmet
needs of our users: a) on-demand availability of compute resources, b)
long-running jobs (i.e., days), c) container-based computing with
Docker, and d) adequate security controls to comply with controlled-access data
requirements.
This document provides an in-depth look at the design of Stratus with respect
to security and compliance with the NIH's controlled-access data policy.
Emphasis is placed on lessons learned while integrating OpenStack and Ceph
features into a so-called "walled garden", and how those technologies
influenced the security design. Many features of Stratus, including tiered
secure storage with the introduction of a controlled-access data "cache",
fault-tolerant live-migrations, and fully integrated two-factor authentication,
depend on recent OpenStack and Ceph features.Comment: 7 pages, 5 figures, PEARC '18: Practice and Experience in Advanced
Research Computing, July 22--26, 2018, Pittsburgh, PA, US
Web-cam as an Easy-to-Use Way for Distant Collaborative Activities
Web-cam is a decade-old technology, but it has received major impetus from recent advancements in both software and hardware. Here we report our experiences from using off-the-shelf web-cam tools for various configurations in collaborative ventures. They span from Macintosh to PC in hardware and IchatAV and SquidCam in software. We work from various locations in the U.S. One prominent impediment is the presence of firewalls in networks. We summarize the results from the various combinations of parties involved by a matrix. Web-cams can be utilized today as an economical and viable means of point-to-point communication for the public. Greater bandwidth is sorely needed for multi-party conferencing on the present Internet network. We then propose Web-cam can be utilized as a web service for facilitating collaborative research, using the newly developed middleware coined Narada-Brokering. We expe ct that web-cam will play an important role in geoinformatics. 1 I
VLab: Collaborative Grid Services and Portals to Support
Abstract: We present the initial architecture and implementation of VLab, a Grid and Web Service-based system for enabling distributed and collaborative computational chemistry and material science applications for the study of planetary materials. The requirements of VLab include job preparation and submission, job monitoring, data storage and analysis, and distributed collaboration. These components are divided into client entry (input file creation, visualization of data, task requests) and backend services (storage, analysis, computation). Clients and services communicate through NaradaBrokering, a publish/subscribe Grid middleware system that abstracts specific hardware information through the use of topics. We describe two aspects of VLab in this paper: 1) data entry and submission, and 2) a visualization web client/service. Grid Web Portals, Java Server Faces (JSF) and JSF Grid Beans are used to build an interface that permits input file specification, multiple code submissions, and multiple job submissions (of a given code) with backend data persistence. In addition, to investigate our collaboration and visualization infrastructure, we have developed a service that transforms a scalar data set into its wavelet representation. A client (java applet) can retrieve the coordinates of the centers of the dominant fraction of the wavelets and display the results as a collection of spheres. General adaptors are placed between the endpoints and NaradaBrokering, which serve to isolate the clients/services from the middleware. This permits client and service development independently of potential changes to the middleware
Virtual laboratory for planetary materials: System service architecture overview
This paper brings an overall view of the service-oriented architecture (SOA) used in VLab, a system aimed to handle concurrent calculations of geo-materials participating in extensive workflows. We recap the algorithms of physical importance that underly the system requirements. The system architecture then emerges naturally. A usage view diagram is shown and thoroughly discussed. We also show how analysis tools are integrated in the SOA. © 2007 Elsevier B.V. All rights reserved