JIRA Issue

[#REVIEW-21] SDIACT-226 Deliver Kepler workflow support on XSEDE - Design/Security Review

[REVIEW-21] SDIACT-226 Deliver Kepler workflow support on XSEDE - Design/Security Review Created: 04/11/2016  Updated: 06/01/2016  Resolved: 06/01/2016

Status: Closed
Project: Technical Reviews
Component/s: None
Fix Version/s: None

Type: Design and Security Review
Reporter: JP Navarro Assignee: JP Navarro
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Review
is review of XCI-521 Assist software provider to deliver K... Development
Review Materials:

https://software.xsede.org/svn/sdi/activities/sdiact-226/trunk/Plans/SDIACT-226KeplerXSEDEDesign-v1.1.pdf

Review Criteria:
  1. Evaluate the design and security of the central Kepler node, including it's user and administrative interfaces, security/incident management, and operational and support procedures.
  2. Evaluate the design and security of the Kepler software delivered to service providers, including administrative and user support procedures.
  3. Evaluate the design and security of the interfaces and interactions used between the central Kepler node, the SP Kepler software, and other services (such as execution management services) including credential use and transport.
Discussion Thread: https://www.xsede.org/web/staff/staff-message-board/-/message_boards/category/993540
Review Summary:
  • (Jim) Does Kepler team require special privileges to Kepler VM
    • No, added Jim's suggestion to have system admins create a Unix group for Kepler developers that has access to local Kepler install in Section E.2.8
  • (Jim) Java 7 is EOL, please use Java 8
    • Document updated to specify Java 8
  • (JP) Provide local ssh aliases for SP hosts
    • Added text in F.1.2 in version 1.4 of design doc specifying the VM will be based off the new CentOS 7 login.xsede.org node that provides the short host name aliases.
  • (JP) How will upgrades be managed
    • Added sections in F.1.2 and F.2.2 about maintaining modules for each version on server and SP nodes.
  • (JP) Specify XSEDE Sysops team instead of "XSEDE team"
    • Changed in version 1.4.
  • (Pragneshkumar) Add more details on data transfer design
    • Modified Section D in version 1.4.
Revised Review Materials:

https://software.xsede.org/svn/sdi/activities/sdiact-226/trunk/Plans/SDIACT-226KeplerXSEDEDesign-v1.4.pdf

Public Review Link: https://software.xsede.org/jira/view/reviews/REVIEW-21
Review Facilitator: JP Navarro
Review Material Developers: Sheet Purawat, spurawat@gmail.com, Lead developer
Shava Smallen, ssmallen@sdsc.edu, XSEDE coordinator
Target Review Start Date:
Target Reviewer Feedback Due Date:
Target Written Feedback Assessment Due Date:
Target Review End Date:
Actual Review Start Date:
Actual Written Feedback Received Date:
Actual Review End Date:
Reviewer Feedback Friendly Reminder Date:
Reviewer Feedback Due Today Reminder Date:
Developer Feedback Reminder Date:

 Description   

General design and security risk review for delivering Kepler workflow capability on a central node and to service providers.



 Comments   

There are comments for REVIEW-21 that can be viewed with XSEDE authentication.