Date

Attendees

Goals

Discussion items

TimeItemWhoNotes
5minPDAC notebooks


  • Existing PDAC notebook ticket  should be closed out.
  • Instead, notebooks are to be set up on PDAC k8s cluster on the old SUIT proxy node
 Kubernetes Commons transition 
  • All of PDAC will transfer into Kubernetes Commons, anticipated in October
  • Gated on NCSA resource availability for setting up namespace, moving hardware, etc.
  • Plans for transition from PDAC to Kubernetes Commons to be discussed by Unknown User (mbutler) and Fritz Mueller at LSST2018; will be documented in Confluence page
  • Also should document current and near-future PDAC state/design

"lsp-demo"
  • In the longer term, a separate controlled, certified Kubernetes environment will be exposed to the Internet for demos.
  • Should consider whether this can be combined with PDAC, as it serves many of the same purposes.

/scratch
  • /scratch open to root for next two weeks to support Firefly for review demo
  • Snapshots turned on during that time to avoid data loss

Firefly non-root user
  • Firefly containers need to be run as non-root after two weeks
  • Might be configured in Dockerfile; might also be configured in Kubernetes
  • IPAC will investigate

FY2019 provisioning

Container Standards Guide
  • Standards guide for container development and Kubernetes would be useful, especially regarding settings related to security

Security
  • Container build file and itself should be vetted by NCSA security

Action items