-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
architecture diagram overview and in depth
- Loading branch information
Showing
2 changed files
with
149 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
# Documentation | ||
|
||
In-depth documentations are available in this directory. | ||
|
||
## Architecture | ||
|
||
See [architecture documentation](https://github.com/CSCfi/HPCS/tree/doc/readme_and_sequence_diagrams/docs/architecture.md). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,142 @@ | ||
# Architecture | ||
|
||
## Current architecture - Overview | ||
|
||
```mermaid | ||
flowchart LR | ||
subgraph UL["User laptop"] | ||
HPCSC["HPCS Client"] | ||
ULSPA["Spire Agent"] | ||
end | ||
subgraph SS["Supercomputing Site"] | ||
subgraph CN["Compute node"] | ||
CNSPA["Spire Agent"] | ||
SBATCH["Sbatch"] | ||
end | ||
LN["Login node"] | ||
end | ||
subgraph UN["Utility node"] | ||
subgraph k8s["Kubernetes cluster"] | ||
SPS["Spire Server"] | ||
HPCSS["HPCS Server"] | ||
SPA["Spire Agent"] | ||
Vault | ||
end | ||
end | ||
UL <--"SSH"--> LN | ||
LN <--"Scheduling"--> CN | ||
UL <--"HTTPS (HPCS), HTTPS (Vault), TCP (Spire)"--> UN | ||
CN <--"HTTPS (HPCS), HTTPS (Vault), TCP (Spire)"--> UN | ||
``` | ||
|
||
## Current architecture - In depth | ||
|
||
```mermaid | ||
flowchart LR | ||
subgraph UL["User laptop"] | ||
subgraph HPCSCDP["Data preparation"] | ||
HPCSCDPB["HPCS Client"] | ||
SPADP["Spire Agent"] | ||
end | ||
subgraph HPCSCCP["Container preparation"] | ||
HPCSCCPB["HPCS Client"] | ||
SPACP["Spire Agent"] | ||
end | ||
subgraph HPCSCJP["HPCS Client - Job preparation"] | ||
HPCSCJPB["HPCS Client"] | ||
end | ||
end | ||
subgraph SS["Supercomputing Site"] | ||
SC["Slurm Controller"] | ||
LN["Login nodes"] | ||
subgraph PCPU["CPU Partition"] | ||
subgraph CN1["Compute node 1"] | ||
CN1SBATCH["Sbatch"] | ||
CN1SA["Spire Agent"] | ||
end | ||
subgraph CN2["Compute node 2"] | ||
CN2SBATCH["Sbatch"] | ||
CN2SA["Spire Agent"] | ||
end | ||
end | ||
subgraph PGPU["GPU Partition"] | ||
subgraph CN3["Compute node 3"] | ||
CN3SBATCH["Sbatch"] | ||
CN3SA["Spire Agent"] | ||
end | ||
subgraph CN4["Compute node 4"] | ||
CN4SBATCH["Sbatch"] | ||
CN4SA["Spire Agent"] | ||
end | ||
end | ||
end | ||
subgraph UN["Utility node"] | ||
subgraph k8s["Kubernetes cluster"] | ||
subgraph HPCSP["HPCS Pod"] | ||
SPS["Spire Server"] | ||
subgraph HPCSSC["HPCS Server Container"] | ||
HPCSS["HPCS Server"] | ||
SPA["Spire Agent"] | ||
end | ||
SPO["Spire OIDC"] | ||
NI["Nginx Ingress"] | ||
end | ||
Vault | ||
end | ||
end | ||
SPS <--"UNIX Socket"--> SPO | ||
SPO <--"UNIX Socket"--> NI | ||
HPCSS <--"CLI + UNIX Socket"--> SPS | ||
HPCSS <--"PYSPIFFE (UNIX SOCKET)"--> SPA | ||
SPA <--TCP--> SPS | ||
Vault <--"HTTPS"--> NI | ||
Vault <--"HTTPS (mTLS)"--> HPCSS | ||
LN <--"CLI"--> SC | ||
SC <--"Scheduling"--> PCPU | ||
SC <--"Scheduling"--> PGPU | ||
SPADP <--"TCP"--> SPS | ||
SPACP <--"TCP"--> SPS | ||
HPCSCDPB <--"HTTPS (mTLS)"--> HPCSS | ||
HPCSCCPB <--"HTTPS (mTLS)"--> HPCSS | ||
HPCSCDPB <--"HTTPS"--> Vault | ||
HPCSCCPB <--"HTTPS"--> Vault | ||
HPCSCCPB <--"CLI/Lib + UNIX Socket"--> SPACP | ||
HPCSCDPB <--"CLI/Lib + UNIX Socket"--> SPADP | ||
CN1SA <--"TCP"--> SPS | ||
CN2SA <--"TCP"--> SPS | ||
CN3SA <--"TCP"--> SPS | ||
CN4SA <--"TCP"--> SPS | ||
CN1SBATCH <--"HTTPS"--> Vault | ||
CN2SBATCH <--"HTTPS"--> Vault | ||
CN3SBATCH <--"HTTPS"--> Vault | ||
CN4SBATCH <--"HTTPS"--> Vault | ||
HPCSCDPB <--"SSH (As user - Data & Info files)"--> LN | ||
HPCSCCPB <--"SSH (As user - Container image & Info files)"--> LN | ||
HPCSCJPB --"SSH (As user - SBATCH file & CLI Call to SBATCH)"--> LN | ||
LN --"SSH (As user - Info files)"--> HPCSCJPB | ||
``` | ||
|
||
This diagram doesn't show the HTTPS requests from client/compute node to HPCS Server used to register the agents since this behaviour is a practical workaround. |