Resources for special workloads
The CERN Cloud infrastructure offers a large range of resources for Virtual Machines, Storage, Networking, etc.
By default, Shared and Personal projects have access to a standard subset of those resources:
- limited quota for Virtual Machines
- a few standard VM flavours
- block storage with limited IOPS
This section describes some additional options. A few important notes:
- these additional options are only available upon request, and with the agreement of the resource coordination teams. There are limited resources to support them, and there are implications for security and operations to be taken into account, so users requesting them will be asked to justify those requests.
- the special requirements below may be difficult to fulfill. In particular, there is not guarantee that sufficient resources can be made available in a timely manner. Also, if may not be possible to fulfill requests for combinations of these special requirements at all. For example: there are no resources available for CPU-optimized, low-latency resources with 2 TB of RAM on the Technical Network.
Flavours with more cores, RAM and/or disk space
By default, every project has access to three standard flavours
m2.large, as described here.
Different flavours, with more cores, RAM and/or diskspace could be made available to Shared (ie. non-Personal) projects. There are some limitations and operational consequences to consider, so if you believe your application requires access to such specical flavours, please open a support call.
Standard Virtual Machines and Storage components are hosted on servers in the main rooms of the Data Center. The electrical power delivery to these rooms is generally very reliable, and backed by UPS systems that take over for a limited time period in case of a power loss. This has proven to be largely sufficient to meet the requirements of most compute usecases.
In addition, the Meyrin datacenter has a room where the servers can be powered from diesel generators in case of a power loss. This will allow the servers in the room to stay up until power is restored.
The Cloud service offers a limited amount of compute and storage resources in this Critical Area (also known as "the Barn"). It is important to note that the hardware of the servers in this area is standard hardware (ie. no additional redundancy features), and that no availability zones exist for the Virtual Machines and the storage hosted in the Barn.
If you believe your application requires resources in this area, please:
- follow the standard project request
- make sure that you specify in "Additionall comments" that the project should be mapped to the critical area
- we recommend to follow the project naming convention "<Service Name> - Critical"
Virtual Machines hosted on the LCG network
There are a few storage and LHC experiment services that require their VMs to be hosted on the LCG network, where they have direct, "un-firewalled" access to the WLCG Tier-1 sites.
To support these usecases, a small amount of compute nodes are available. Note that access to these resources requires agreement from the security team, and that no availability zones exist for the hosted VMs.
If you believe your application requires VMs on the LCG network, please open a support call to discuss this.
Compute intensive workloads
Although most workloads running on Cloud VMs do not have very high CPU-performance requirements, there are some exceptions to this: certain HPC applications, experiment build nodes, simulation workloads, etc. For such cases, it may be sensible to deploy them on servers that have been optimized for CPU-intensive workloads.
A subset of the Cloud servers has been tuned for optimal CPU performance. The service offers a limited range of virtual machine flavours that match these configurations. Note: these optimizations pose certain operational constraint. In particular, Virtual Machine live-migration is not possible, and VM owners may be asked to delete their VMs when the underlying hardware reaches its End of Life.
If you believe your application requires access to compute-optimized resources, please open a support call to discuss this.
Certain applications (such as streaming services) require low-latency access to the attached storage, and standard volumes and fileshares may not be sufficient. Such usecases may profit from so-called "hyper-converged" infrastructure, where the storage is provided by the same hardware that provides the compute resources (which saves on network traffic).
If you believe your application would require this, please open a support call.
Virtual Machines on the Technical Network
Certain applications need to be run on servers hosted on the so-called Technical Network (TN). Note: there is a distinction between servers on the Technical Network (where the servers are in a special IP service), and so-called TN-trusted servers (which do not have an IP address on the Technical Network, but are allowed to access devices on the TN).
Many usecases only require to be "TN-trusted". The Knowledge Base-article KB0000392 describes what to do if you need you server added to a trusted set.
If your application needs to be hosted on the Technical Network, please note that only a very limited amount of resources are available. Access to these resources can only be granted with the agreement of the CERN Computer Security team. Please open a support call if you believe your application requires VMs on the Technical Network.