Presentation
Trusted Platform Provisioning for the OpenCHAMI Cluster Management Stack
DescriptionHigh performance computing (HPC) clusters have traditionally relied on proprietary provisioning and management infrastructure. This can be problematic, especially with regard to ongoing security and maintenance for vendored systems.
As an alternative to this, the Los Alamos National Laboratory (LANL) leads development of the Open Composable Heterogeneous Application Management Infrastructure (OpenCHAMI) stack, which provides a modular suite of size- and platform-independent cluster management tools. A major barrier to the full deployment of OpenCHAMI at LANL is its lack of authentication for access to sensitive data, such as private SSH keys or service tokens. To resolve this, we implement and integrate a node authentication system, under which secret configuration data may be requested only by system processes or authorized users.
We present a containerized microservice-based authentication system for post-boot compute node configuration, based on the Canonical cloud-init platform. This system is optimized to minimize its impact on cluster boot speed.
As an alternative to this, the Los Alamos National Laboratory (LANL) leads development of the Open Composable Heterogeneous Application Management Infrastructure (OpenCHAMI) stack, which provides a modular suite of size- and platform-independent cluster management tools. A major barrier to the full deployment of OpenCHAMI at LANL is its lack of authentication for access to sensitive data, such as private SSH keys or service tokens. To resolve this, we implement and integrate a node authentication system, under which secret configuration data may be requested only by system processes or authorized users.
We present a containerized microservice-based authentication system for post-boot compute node configuration, based on the Canonical cloud-init platform. This system is optimized to minimize its impact on cluster boot speed.

Event Type
ACM Student Research Competition: Graduate Poster
Posters
TimeWednesday, 20 November 20243:45pm - 4pm EST
LocationB306
TP