Versions Compared

Old Version 2

changes.mady.by.user Lavanya Podila

Saved on

compared with

New Version Current

changes.mady.by.user Lavanya Podila

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Primary Items for discussion at the PEARC Conference. Please feel free to clarify these items and add more!

Identity and Access Management (IAM)

Although several XSEDE services will be retired and no longer available after August 31, 2022, the primary XSEDE username/password mechanism will remain the same. In ACCESS, we are referring to this simply as one’s ACCESS ID and password, which customers will continue to employ to authenticate to common ACCESS services. Login to user interfaces requiring a higher level of assurance (e.g., access to project allocations and member information) will require additional authentication with DUO.

Web services that currently rely on idp.xsede.org to facilitate authentication should redirect to idp.access-ci.org instead. We expect to have idp.access-ci.org available for testing no later than August 1, 2022.

Customers who currently authenticate using their XSEDE username and password via CILogon will instead select ACCESS from the list of CILogon authentication providers to authenticate in the same manner.

Single Sign On Hub - alternative approaches

Primarily focused on Resource Providers and Partner Institutions. Guidance on how to log into resource provider directly.

For individual SSOHub customers, guidance will need to be provided by each XSEDE Service Provider (ACCESS Resource Provider) about how to use ssh to login directly to the SP's login hosts. All SPs have their own documentation at their websites for this. Some SPs will need to update their current documentation accordingly. [Generate a list of links to documentation for the SPs to which XSEDE customers can login from the SSOHub today]

Strategies for ACCESS RPs to authenticate customer ssh logins with ACCESS IDs are being developed. The main obstacle is mapping or translation of ACCESS IDs to site-local IDs. We are coordinating with XSEDE to publish guidance for ACCESS RPs as soon as possible. [Need contact info for who/where RPs should send questions to on this topic - fallback: send to Derek Simmel <dsimmel@psc.edu>]

ACCESS Portal

The AMP portal will be online in a primitive form on September 1.  On that date, users can expect that they will be able to: 

  • Submit tickets via a web form

  • See scheduled RP service downtimes

  • View and edit their profile information

  • View some documentation, with the expectation that this will be added to throughout the life of the project

  • View their current allocations (via a link to the RAMPS portal)

  • Have access to news and subscriptions

  • Provide access to the available software stacks on the resources they have access to

  • Reset their password

  • Track their SU usage

  • Report security incidents

  • Access pilots of MATCH Tiered setvices

  • Access user forums (http://ask.ci )

Users should expect that the AMP will evolve over time and that features will be added.  What is available on September 1 will be a first draft of what will eventually be available moving forward.

Globus

ACCESS Operations is providing a Globus subscription through August 2023. After that time Globus will remain the preferred data transfer mechanism. Note that researchers can transfer data using Globus at no charge, and many of the ACCESS-allocated resource providers offer Globus subscriptions that include enhanced features.

CONECTnet

ACCESS wide area network connectivity for RPs is via a Layer3 VPN (L3VPN) provisioned on Internet2, the national research and education (R&E) network backbone provider. The NDTS team is available to facilitate RP integration with CONECTnet and provide network performance consulting upon request.

RAMPS Marketplace

All active XSEDE allocations (with an expiration date beyond September 1, 2022) will be “mapped” to the new ACCESS allocations tiers. More information on the new tiers will be broadcast on the Advance to ACCESS page.

ACCESS Allocations will continue to accommodate the variety of projects that have been supported through XSEDE (educational, Campus Champion, Gateway, etc.).

The research communities and Resource Providers can expect an emphasis on time savings and simplification in the allocations process and policies.

The upcoming allocation proposal opportunity will follow the XSEDE timeline:

  • Opportunity opens on September 15

    • Closes on October 15

  • Review meeting will take place in early December

    • Allocations will start (or be renewed) on January 1

Groups with modest resource requirements can expect a lighter weight allocations process.

Questions, comments, or interest in joining the review panel for ACCESS allocations requests, please use this form to contact Allocations.

Ticketing System

ACCESS uses a Jira Service Management-based ticket system. Users submit tickets via a webform that is located in the Support portal.  

Integrating Allocated Compute/Storage/Cloud into ACCESS

ACCESS uses an Integration Roadmaps Framework to define how operators can integrate classes of infrastructure into the ACCESS environment to achieve a defined operational status. This framework defines, for example, how HPC compute clusters can achieve the ACCESS allocated operational status, and will also be used to define how many new classes of emerging infrastructure can integrated to achieve ACCESS allocated, un-allocated, discoverable, or other statuses. Learn more here.

MATCH Tier Support for Researchers

Tier 1:

  • Trying to reach as many researchers as possible with existing ease of use tools

  • Intention is to help researchers focus on their research, be confident in the results they are getting, and to reduce their time to solution

  • Our focus is on utilizing Open OnDemampand, the Pegasus workflow tool, and the Cnct.CI portal, all of which will be modified, integrated, and updated to promote ACCESS wide work

Tier 2: 

  • This tier provides support through our knowledge base resources.  The resources we are focusing on here include anything that can assist researchers with educating themself on topics that can help them interact with ACCESS resources

  • These resources might include documentation, tutorials, code templates, and responses to questions posted on Ask.CI, or other items

  • We will engage the community via the community grants financial incentivization program to help build out these resources

  • We plan to build up a repository of information that will provide self-service for education resources for users of ACCESS resources

Tier 3:

  • This tier will allow us to support researchers who have a short term project needs (three to six months) by utilizing student-facilitators paired with mentors with relevant domain expertise 

  • Some examples of a short term project might include porting a workflow from a local resource to an ACCESS wide resource, modifying code, etc.

  • MATCH provide a matchmaking service to identify student facilitators and mentors with relevant skill sets

  • MATCH will provide a lightweight but structured format for tracking project progress

Tier 4:

  • This tier will allow for us to support researchers who have a need for a longer term engagement to meet their research goals

  • This would involve a staff consultant who may need to be more embedded in their work

  • An example might be help optimizing code

  • Similar to Tier 3, we’ll be able to connect researchers with consultants who have skill sets that are relevant to the work they need to complete

  • Tier 4 engagements are planned at least six months ahead. Consultants are paid for by researchers. MATCH will facilitate the matchmaking of consultants with researchers.