.png)
Building and Developing Science Gateways with Google Cloud Platform
Alicia Salmeron, Higher-Ed & Research and Karan Bhatia, Phd Scientific Computing
Building and Developing Science Gateways with Google Cloud Platform Alicia Salmeron ([email protected]) Higher-Ed & Research Karan Bhatia, Phd ([email protected]) Scientific Computing
This top layer is a mask. To alter the image (and delete this text box) go to “View” in the toolbar then Seven products with over “Master” and make adjustments there. one billion users each, Right click on it, then click Order / Send to back. all powered by the cloud. Replace the photo layer, then send your photo to the back the same way. Google Android Chrome Google Search Maps Google YouTube Gmail Play
Our customers serve over 1 Billion End Users each day
How is Google Cloud Platform Different?
Dev Tools and Use Cases & Global Network Compute & Open Source EDU Programs & Security Data Analytics Ecosystem
Google Cloud Platform Regions Select from 13 regions. 5 new regions coming in 2018. Finland Netherlands 3 2 London 3 3 3 Frankfurt Oregon 3 3 Montreal Iowa 4 Belgium 3 Los Angeles 3 N Virginia 3 Tokyo 3 S Carolina Hong Kong 3 3 Taiwan 3 Mumbai 2 Singapore 3 Current region and number of zones 3 Sydney São Paulo Future region and number of zones
Google Cloud Network The largest cloud network, comprised of >100 points of presence FASTER (US, JP, TW) 2016 Unity (US, JP) 2010 PLCN (HK, LA) 2019 SJC (JP, HK, SG) 2013 Monet (US, BR) 2017 Network Network sea cable investments Junior (Rio, Santos) 2017 Edge points of presence >100 Tannat (BR, UY, AR) 2017 Edge node locations >1000 Indigo (SG, ID, AU) 2019
Google Cloud Network More than 100 The largest cloud network, comprised of >100 points of presence Peering Locations World’s Largest Global Load Software Defined Balancing with FASTER (US, JP, TW) 2016 Network Single IP Global Unity (US, JP) 2010 Network PLCN (HK, LA) 2019 SJC (JP, HK, SG) 2013 Seamless Autoscale Monet (US, BR) 2017 Network to Over 1M Queries Global Content Network sea cable Per Second with investments Junior (Rio, Santos) 2017 Delivery Network Edge points of no pre-warming presence >100 Tannat (BR, UY, AR) 2017 Edge node Edge Locations in locations >1000 Indigo (SG, ID, AU) 2019 Virtually Every Country
Layered Defense in Depth Security Usage Operations Deployment Application Network Storage OS+IPC Boot Hardware
Titan Google’s purpose-built chip to establish hardware root of trust for both machines and peripherals on cloud infrastructure
Encryption by Default Data is chunked and Data encryption Encrypted chunks and All connections to each chunk is keys (DEKs) are wrapped encryption keys are Google Cloud encrypted with its own wrapped using a key distributed across Google’s require TLS data encryption key encryption key storage infrastructure. (KEK)
Third-party audits and certification ISO 27001 ISAE 3402 Type II PCI DSS v3.1 ISO 27017 AICPA SOC FedRAMP ATO ISO 27018 AICPA SOC HIPAA SSAE 15 Type II CSA STAR
What makes Google Cloud Platform Different? Use Cases & Dev Tools and Global Network Compute & EDU Programs Open Source & Security Data Analytics Ecosystem
Infrastructure Lightning fast & scalable: Fast VM startup time, millisecond access for all storage classes, high IOPS for VCPUs, high bandwidth global networking Reliable: Built-in redundancy and scale, live Migration, Google Site Reliability Engineering for your workload. Customer friendly pricing: simple and efficient: Pay-per-second, custom VMs, automatic discounts, flexible buy-in-bulk discounts Geographic coverage: 11 new regions in 2017-18 for a total of 17, HA in each region 00 | Google Cloud Platform
● Significant “per core” performance improvements ● Intel® Advanced Vector Extension 512 (Intel® AVX-512) ○ 2x flops/second ● Accelerated IO with Intel® Omni-Path Architecture (Fabric) ● Integrated Intel® QuickAssist Technology (crypto & compression offload) ● Intel® Resource Director Technology (Intel® RDT) for Efficiency & TCO
Hardware Accelerated ● Available Today: NVIDIA K80 GPU, P100s ● Coming Soon: Tensor Processing Unit (TPU) ● Custom ASIC built and optimized for TensorFlow ● Used in production at Google for over 16 months ● 7 years ahead of GPU performance per watt
MIT Research w/ VMs 220,000 cores on preemptible 580,000 cores VMs 2,250 32-core instances, 60 CPU-years of computation in a single afternoon Answers in hours v. months Products used: Google Compute Engine, Cloud Storage, DataStore
Broad Firecloud: WDL, Cromwell and Google Genomics WDL: an external DSL used by computational biologists to express the analytical pipelines Cromwell: a scalable, robust engine for executing WDL against pluggable backends including local, Docker, Grid Engine or … Google Genomics Pipelines API: co-developed by Broad and Google Genomics, a scalable Docker-as-a-Service with data scheduling
Pipeline definition { "name": "samtools index", "description": "Run samtools index to generate a BAM index file", "inputParameters": [ {"name": "inputFile", "localCopy": { "disk": "data", "path": "input.bam" } }, {"name": "outputFile", "localCopy": { "disk": "data", "path": "output.bam.bai" } }, ], "resources": { "minimumCpuCores": 1, "minimumRamGb": 1, "disks": [{ "name": "data", "type": "PERSISTENT_HDD" "sizeGb": 200, "mountPoint": "/mnt/data", }] }, "docker": { "imageName": "quay.io/cancercollaboratory/dockstore-tool-samtools-index", "cmd": "samtools index /mnt/data/input.bam /mnt/data/output.bam.bai" } }
Create, run, monitor, and kill pipelines Create $ gcloud alpha genomics pipelines create --pipeline-json-file PIPELINE-FILE.json --pipeline-json-file samtools_index.json Created samtools index, id: PIPELINE-ID Run $ gcloud alpha genomics pipelines run --pipeline_id PIPELINE-ID \ --logging gs://YOUR-BUCKET/YOUR-DIRECTORY/logs \ --inputs inputFile=gs://genomics-public-data/gatk-examples/example1/NA12878_chr22.bam \ --outputs outputFile=gs://YOUR-BUCKET/YOUR-DIRECTORY/output/NA12878_chr22.bam.bai Running: operations/OPERATION-ID Status $ gcloud alpha genomics operations describe OPERATION-ID Kill $ gcloud alpha genomics operations cancel OPERATION-ID
DSUB (google genomics pipelines)
CMS Higgs Event - credit: CERN https://commons.wikimedia.org/wiki/File:CMS_Higgs-event.jpg SC16 CMS Demonstrator Target: generate 1 Billion events in 48 hours during Supercomputing 2016 on Google Cloud via HEPCloud 35% filter efficiency = stage out 380 million events → 150 TB output Double the size of global CMS computing resources Proprietary + Confidential
Cores from Google
On-prem vs. Cloud Average cost per core-hour (~25% error) ● On-premises Fermilab: 0.9 cents per core-hour (assumes 100% utilization) Fermilab CMS Tier1 Costs ● Google Cloud: 1.6 cents per core-hour (comparable to other vendors) Fermilab has years of experience in optimizing its facility Cloud costs larger, but approaching equivalence Considered well worth the cost of adding 160,000 core in a few hours Proprietary + Confidential
Task Tailored Resources
Basic Architecture: GCP as overflow capacity
Preemptible VM Instances ● What Preemptible VMs are ○ Up to 80% cheaper than regular VMs. (~$0.01 per core hour) ○ Very easy to use -- just flip one switch in the UI, API or command line ○ Many of our biggest customers run huge clusters (10k+ cores) with great success and savings. ● Things to keep in mind ○ Same great disk, OS images and network ○ Google Compute Engine can preempt (i.e. shutdown/take-away) the VM with 30 seconds of notice ○ Maximum 24 hours of uptime ○ No SLAs or guarantees of any kind but we historically see preemption rates of 5-15%
Fully Managed Storage & Database Services Key-value Relational Warehouse Object Non-relational Cloud App Engine Cloud Cloud Cloud Cloud BigQuery Storage Memcache Datastore Bigtable SQL Spanner Binary or Web/mobile Hierarchical, Heavy read + Web RDBMS+scale, Enterprise Data object data applications, gaming mobile, web write, events frameworks HA, HTAP Warehouse Images, Media Game state, User profiles, AdTech, CMS, Transactions, Analytics, serving, backups user sessions Game State Financial, IoT eCommerce Ad/Fin/MarTech Dashboards 00 | Google Cloud Platform
Block storage Reliable, high-performance block storage for any GCE VM instance Local SSD Persistent Disk: SSD Persistent Disk: HDD Fastest, Attached, Ephemeral Fast, Persistent, Durable, Remote Cheapest, Persistent, Durable, Remote - High-performance scratch space. - Latency sensitive applications and - Large data processing workloads Frequently accessed data. files. - Latency incentive tasks with lots - Excellent for scientific workloads, - High performance database and of data: Genomics processing, especially when combined with fast enterprise applications video transcoding in GCE Target compute VMs like GPU instances - Databases scenarios - Ephemeral storage - Persistent storage - Persistent storage - Highest-performance ($0.218 GB) - Performance sensitive ($0.17GB) - Cost sensitive ($.04 GB) - IOPS: 680k read / 360k write - IOPS: up to 40k read / 30k write - IOPS: 3k read / 15k write Features Encryption Encryption, Snapshots 3TB - 375 GB per partition, up to 8 64 TB, Disk Size sets performance partitions (Attach larger VMs for max SSD performance)
GCS: Object/Blob store Google Cloud Storage is a scalable object storage service suitable for all kinds of unstructured data Cloud Storage vs Perst. Disk: • Scales to exabytes • Accessible from anywhere; REST interface • Higher latency than PD • Write semantics include insert and overwrite file only • Offers versioning • Cheaper - put your data here until you need it Lots of guidelines on picking storage on our site
Data Prep 1. Ingest Data 2. Instantly Prepare Data 3. Analyze Data Cloud Pub/Sub Google BigQuery Data Studio Raw Data Clean Data Cloud Dataprep Cloud ML Cloud Dataflow
Proprietary + Confidential
Transform data into actions Advanced Data Data Databases/ Exploration & Preparation & Analytics Analytics & Ingestion Storage Collaboration Processing Intelligence Mobile apps Google Cloud Machine Cloud SQL Cloud Datalab BigQuery Business Learning analysts App Engine Cloud Dataflow Cloud Cloud Google Web apps Data Dataproc Datastore BigQuery Speech API scientists Developers Cloud Cloud Google Drive Cloud Pub/Sub Sensors Cloud Bigtable Dataproc Dataproc Vision API and devices Google Google Cloud Storage Analytics 360 Analytics 360 Translate API
What makes Google Cloud Platform Different? Use Cases & Dev Tools and Global Network Compute & EDU Programs Open Source & Security Data Analytics Ecosystem
Kubernetes Greek for “Helmsman”; also the root of the words “governor” and “cybernetic” ● Manages container clusters ● Inspired and informed by Google’s experiences and internal systems ● Supports multiple cloud and bare-metal environments ● Supports multiple container runtimes ● 100% Open source, written in Go Manage applications, not machines
Question: Why does the Ship’s wheel on the Kubernetes Logo have 7 Handles? Proprietary + Confidential
If you remember Star Trek Voyager. You may recall a Borg Character named “Seven of Nine”. The seven handles are a direct reference to Kubernetes’ Borg lineage. Seven was a more friendly Borg. Proprietary + Confidential
Kubernetes Runs in many environments, including “bare metal” and “your laptop” The API and the implementation are 100% open The whole system is modular and replaceable Build your apps on-prem, lift-and-shift into cloud when you are ready
Container Engine: Managed Kubernetes Deployment-Ready Declarative Management Cloud Flexibility Cluster Declare your container Built for a multi-cloud Spin up a managed container requirements and Container world, public, private, cluster in minutes, run Docker Engine handles the rest or hybrid containers.
Cluster Federation Federation now lets you create services, namespaces, Replica Sets and secrets across multiple clusters (multi-region, multi-cloud or hybrid), via a single Federated API. ● Deploy a federated control plane to your cluster, add clusters (running on GKE, GCP or elsewhere) to your federation, and you can create services that run across them with one command. ● GKE clusters can use a federated Ingress to expose their service behind a global load balancer with a single IP address. ● Further objects are on the roadmap More info: ● GKE documentation (1.3) ● Kubernetes documentation ● Blog post (1.3) ● Sneak peek video (1.3) * Also available in Kubernetes
What makes Google Cloud Platform Different? Use Cases & Dev Tools and Global Network Compute & EDU Programs Open Source & Security Data Analytics Ecosystem
Teaching Administration Research & Learning
Faculty Teaching In computer Teaching university science or & Learning courses related fields Apply for our Education Grants Program: cloud.google.com/edu
Google Cloud Platform Fundamentals Training Interested? [email protected] Mountain View, CA 1/12/2018 Google Cloud Platform Fundamentals: Core Infrastructure Los Angeles, CA 1/22/2018 Google Cloud Platform Fundamentals: Core Infrastructure Chicago, IL 1/26/2018 Google Cloud Platform Fundamentals: Core Infrastructure Washington, DC 1/29/2018 Google Cloud Platform Fundamentals: Core Infrastructure Seattle, WA 1/31/2018 Google Cloud Platform Fundamentals: Core Infrastructure Atlanta, GA 2/5/2018 Google Cloud Platform Fundamentals: Core Infrastructure Austin, TX 2/5/2018 Google Cloud Platform Fundamentals: Core Infrastructure San Francisco, CA 2/12/2018 Google Cloud Platform Fundamentals: Core Infrastructure Cambridge, MA 2/12/2018 Google Cloud Platform Fundamentals: Core Infrastructure San Francisco, CA 2/16/2018 Google Cloud Platform Fundamentals: Big Data & Machine Learning Chicago, IL 2/22/2018 Google Cloud Platform Fundamentals: Big Data & Machine Learning Chicago, IL 2/23/2018 Google Cloud Platform Fundamentals: Core Infrastructure Washington, DC 2/26/2018 Google Cloud Platform Fundamentals: Core Infrastructure Mountain View, CA 3/12/2018 Google Cloud Platform Fundamentals: Core Infrastructure New York, NY 3/19/2018 Google Cloud Platform Fundamentals: Core Infrastructure Chicago, IL 3/23/2018 Google Cloud Platform Fundamentals: Core Infrastructure Washington, DC 3/26/2018 Google Cloud Platform Fundamentals: Core Infrastructure
Questions? Contact: [email protected]
