Deliver modern IT infrastructure, services, and platforms

CISL supports the hardware and software infrastructure for many of UCAR’s information technology (IT) services (e.g., Domain Name Service, Active Directory (AD), web content management system, software revision control systems, and systems administration support). CISL will evolve these services to enable platform-as-a-service models; enhance and enable storage, data protection, and archive services; and provide and promote virtualized computing services. CISL will also identify, promote, and implement common software development tools (e.g., GIT, Wiki, and automation tools).

CISL’s expertise and synergy in designing and provisioning cyberinfrastructure is essential to effectively managing and operating enterprise IT, supercomputing, cybersecurity, and communication services. The rapid pace of change in IT positions enterprise IT as a key enabler for scientific productivity.

Efficient project planning
This figure shows a cumulative flow diagram from JIRA illustrating progress on feature enhancements and bug fixes for SAM and other tools that SWEG is working on. This metric shows that the overall trend is appropriate with new work being accomplished at an expected pace without a huge jump in work in the “To-Do” category.

CISL continues to provide an organizational leadership role in an Identity and Access Management (IAM) effort. During FY2016 CISL's Enterprise Infrastructure Operations (EIO) group upgraded and configured the three high-availability Active Directory domain controllers. These systems are the foundational building block for a unified IAM service. Additional pilot work proved the viability of Active Directory Federation Services (ADFS) to enable cloud-based authentication services. Finally, CISL, RAL, and other parts of UCAR partnered in moving over 90% of the laptop and desktop infrastructure to utilize AD authentication methods.

During FY2016 SWEG has continued to deliver services supporting overall UCAR IT services as well as NCAR’s HPC services. SWEG has also worked across the organization to migrate users from Subversion to GitHub as the baseline version control system. GitHub represents a more modern approach that enables both self-service capabilities for developers but also enables broader visibility and collaboration tools for our open source software projects. At the end of FY2016 we had 487 software repositories and over 250 users, representing the largest single source catalog of software at UCAR|NCAR. SWEG continued to support Drupal as the content management platform for the organization. SWEG began the first steps of implementing a Drupal cloud-hosting pilot, aimed at delivering higher availability with more efficient development workflows. SWEG also engaged in a project with UCAR Communications for developing and implementing a modern replacement theme for AtmosNews. SWEG continued in its support of PeopleDB, in particular the integration with AD to support automated account-creation workflows. SWEG also continued the ongoing development SAM. In particular this year, SAM was integrated with the XSEDE XRAS system to streamline the allocation request process as well the the required enhancements to support the new supercomputer Cheyenne.

EIO also configured a VMware vSphere environment that will host UCAR services such as DNS, FTP, DHCP, etc., to run on a common hypervisor and reduce complexity in the enterprise environment. The vSphere environment will also allow UCAR staff to run additional virtual machines in the future when it will be offered as Infrastructure as a Service (IaaS). The vSphere environment was set up as multiple clusters allowing general use virtual machines (VMs) to be run on one cluster, administrative VMs to run on a second cluster, and sensitive systems to run on separate clusters as an enhanced security feature. The vSphere environment is configured to interact with AD for authentication to reduce the number of passwords UCAR staff need to remember.

Support comes from NSF Core and CSL funding, as well as from UCAR indirect funds because the services provided are available to all UCAR/NCAR labs and programs.