October Community Conversation

This month's meeting was held on Tuesday, October 14, 2025 at 11:30am ET. Monthly community meetings are convened over Zoom to discuss topics of interest. Usually there are no planned agendas and community members bring ideas and questions to share.

Quick Recap

This meeting covered the formation of new working groups for Cool Front, including discussions on governance, documentation, and core architecture, along with plans for upcoming maintenance and system updates. The team explored various aspects of user management, including access controls, storage allocations, and identity management systems, with different approaches shared between institutions. The group also discussed project transitions, storage plugin developments, and upcoming events including a storage plugin working group meeting and participation in conferences like Supercomputing and Educause.

Meeting Summary

ColdFront Working Groups Formed

Dori discussed the formation of new working groups for ColdFront, including governance, documentation, and core architecture. She mentioned that the code conventions and standards would be combined with core architecture. Dori also talked about ongoing discussions on storage plugins and a new Slurm plugin being developed by Harvard. She reminded attendees that the ColdFront repository would soon be moved from UBCCCR to GitHub, and encouraged participants to join working groups by contacting admins, filling out the Google form or commenting in the Github discussions.

ColdFront Maintenance and Migration Planning

John discussed plans for maintenance next Monday and Tuesday, involving taking the ColdFront instance offline for storage updates. He inquired about functionality for maintenance windows and considered creating a feature request for better task management during maintenance. Dori suggested exploring existing solutions, such as Matthew's basic plugin for redirecting to a maintenance page. Aragorn, a newer ColdFront user, sought advice on deploying a new setup while transitioning from EL7 to EL9 and integrating user accounts for tracking usage.

LDAP and Storage Access Management

Aragorn discussed managing user access and storage allocations through LDAP groups and sought advice on implementing similar controls in ColdFront. Dori explained their setup using FreeIPA and Unix groups, detailing how allocations sync with LDAP to manage access to storage and software. They discussed the possibility of users requesting their own storage allocations, with Dori noting that while ColdFront allows for customization of request forms, manual or script-based verification is typically used to ensure legitimacy. John suggested reaching out to the storage plugin group for further insights and solutions.

System Provisioning and ColdFront Integration

John explained their system's provisioning process, which involves modifying forms, generating a JSON file with user details, and setting up storage and permissions on a Lustre system. The process is triggered by an approval in ColdFront, which writes the JSON file to a watched folder. John noted that while the trigger is generic, the rest of the process is highly system-specific. Chris Diaz asked about ColdFront's relationship with Lustre, and John clarified that they use an NFS share for management tasks, ensuring backups are available. Raminder and Chris discussed the benefits of using APIs and running services on backend management nodes rather than web hosts to reduce vulnerabilities.

Research Project Allocations and Access

The discussion focused on how project allocations and access are managed in research systems. Dori explained that allocations have a default expiration of one year, after which users are removed from Unix groups if the PI doesn't renew it, while John described their similar system that allows PIs to create multiple projects and includes an annual project review process where PIs must confirm active users and update grants/publications. John noted that while students can manage projects, they cannot make changes to allocations or add new users, and explained that allocations don't expire immediately during reviews to prevent access issues if reviews are completed near deadline.

ColdFront Project Migration Discussion

The group discussed the transition of projects to ColdFront, with Sajid explaining his process of migrating projects from an old SQL database to ColdFront. Dori clarified that there is no difference between "new" and "active" project states programmatically, though admins may reach out to PIs for additional steps. John and Sajid explored the possibility of changing the default project status through environment variables or core functionality, with John suggesting that core features should be well-supported while auxiliary features could be developed as plugins.

HPC Identity Management System Challenges

Sajid and John discussed their approaches to identity management for HPC systems. Sajid explained that ColdFront would be linked to their HPC identity management system, but this created issues with PIs who did not have HPC accounts. John described their system, which uses campus SSO and just-in-time accounts, but faces challenges with the transition from Duo to Microsoft's Entrada ID. They discussed the pros and cons of using a separate HPC IDM system versus a university-wide system, with Sajid noting their larger user base of 23,000 compared to John's 400-600 users. Dori suggested a potential solution involving Active Directory groups for managing HPC system access.

Team Events and Scheduling Updates

The team discussed upcoming meetings and events. Chris Barnett announced the inaugural storage plugin working group meeting scheduled for next Thursday (10/23) at 10 AM Eastern. Dori mentioned that the University of Buffalo will have a booth at the Supercomputing conference, where Anton Nekai will represent the team. John informed the group about the team's poster at the upcoming Educause conference in two weeks, choosing to attend instead of Supercomputing. Jay pointed out that the next meeting falls on Veterans Day, which is a holiday for some team members, and Dori agreed to look into potentially rescheduling.

Meeting Summary generated by Zoom AI Companion (edited to correct minor errors)