REVIEW-21: SDIACT-226 Deliver Kepler workflow support on XSEDE - Design/Security Review

Overview

General design and security risk review for delivering Kepler workflow capability on a central node and to service providers.

Review Summary

  • (Jim) Does Kepler team require special privileges to Kepler VM
    • No, added Jim's suggestion to have system admins create a Unix group for Kepler developers that has access to local Kepler install in Section E.2.8
  • (Jim) Java 7 is EOL, please use Java 8
    • Document updated to specify Java 8
  • (JP) Provide local ssh aliases for SP hosts
    • Added text in F.1.2 in version 1.4 of design doc specifying the VM will be based off the new CentOS 7 login.xsede.org node that provides the short host name aliases.
  • (JP) How will upgrades be managed
    • Added sections in F.1.2 and F.2.2 about maintaining modules for each version on server and SP nodes.
  • (JP) Specify XSEDE Sysops team instead of "XSEDE team"
    • Changed in version 1.4.
  • (Pragneshkumar) Add more details on data transfer design
    • Modified Section D in version 1.4.

Review Output Documents (Final)

https://software.xsede.org/svn/sdi/activities/sdiact-226/trunk/Plans/SDIACT-226KeplerXSEDEDesign-v1.4.pdf

Review Input Documents

https://software.xsede.org/svn/sdi/activities/sdiact-226/trunk/Plans/SDIACT-226KeplerXSEDEDesign-v1.1.pdf

Review Criteria

  1. Evaluate the design and security of the central Kepler node, including it's user and administrative interfaces, security/incident management, and operational and support procedures.
  2. Evaluate the design and security of the Kepler software delivered to service providers, including administrative and user support procedures.
  3. Evaluate the design and security of the interfaces and interactions used between the central Kepler node, the SP Kepler software, and other services (such as execution management services) including credential use and transport.

Schedule

Current Date: 2019-11-20
Current Status: Closed (Design and Security Review)
Target Date Actual Date Activity Milestone
  2016-04-11 Review launch date
2016-04-22 Written feedback due (Reviewers)
2016-04-29 2016-06-01 Written response date (Review Material Developers)
2016-05-06 2016-06-01 Final approval due and completion date (Reviewers)
Review Created: 2016-04-11 11:49 am
Review Last Updated: 2016-06-01 8:59 am

 

Reviewers

If you are a reviewer, please login to sign or withdraw from this review.

Required

  • Jim Basney
    SIGNED: 2016-04-20 12:19
  • Victor Hazlewood
  • John-Paul Navarro
    SIGNED: 2016-06-01 11:58

Optional

  • Maytal Dahan
  • Jim Marsteller
  • Pragneshkumar Patel
  • Marlon Pierce
  • Gary Rogers
  • Adam Slagell
  • Shava Smallen
    SIGNED: 2016-04-14 12:43

Review Material Developers

Shweta Purawat
Shava Smallen

Review Facilitator

John-Paul Navarro

 

Please post your comments using the "New topic" or "Post reply" buttons in the forum below.