Hi Daniel, Thanks.
Shifter is also interesting. However, it assumes our users map to a Unix user id, and therefore the access to the shared file system can be controlled by normal Unix permissions. That's not scalable, and makes for quite a bit of complexity. Each node must know about each user so you have to run LDAP or something similar. This adds complexity to dynamic cluster creation. Shifter runs in a chroot, not an cgroup, context. For a supercomputer center with an application process to get an account, this works fine. For a web application with no "background check", it's more risky. At NERSC, you don't have the bad actor problem. Web apps do, and all it takes is one local exploit to escape chroot. Docker/cgroups is safer, and the focus on improving Linux security is on cgroups these days, not chroot "jails". Shifter also does not solve the problem of queuing dynamic clusters. SLURM/Torque, which Shifter relies on, does not either. This is probably the most difficult item. StarCluster does solve this problem, but doesn't work on bare metal, and it's not clear if it is being maintained any more. Rob
