Viking, the Scandinavian Online Kit for Nanoscale Modelling [1,2], is a highly convenient web-based graphical user interface application for computational chemistry or molecular dynmaics simulation. It allows users to configure their MD simulations in a guided and user-friendly fashion. In addition, Viking allows the complete management of HPC jobs via its web interface. Users do not need to connect to their HPC system via SSH. This greatly reduces the threshold for new and non-technical users. Upon successful completion of a job, the results can be visually inspected within the web interface.
To provide this functionality, Viking has to authenticate via SSH on behalf of the user. For example, it connects to the HPC system using the user’s SSH private key. This is at odds with the user agreements of some HPC centres, which require users to keep their SSH private keys strictly confidential and to protect them with strong passphrases. At the same time, new developments with regard to SSH security keys based on FIDO2 will make this mode of access impossible on the systems where it is enforced.
Therefore, Viking has partnered with NHR-Nord@Göttingen to add a RESTful communication interface using HPCSerA to communicate from their web service to external HPC systems. HPCSerA provides a flexible, FaaS-inspired interaction paradigm allowing users to execute arbitrary preconfigured functions on HPC systems. An agent running in each user’s userspace periodically checks for new functions to execute. This mechanism even allows for a secure code ingest, which is a very sensitive operation, as an attacker might try to ingest malicious code. To prevent this, Viking calculates a checksum of the code. This checksum is displayed to the user. On the HPC side, a checksum is also calculated by the agent and shown to the user via a web interface. The agent does not proceed with the execution of the job until the user acknowledges the job and confirms that both checksums are identical. Less security-sensitive operations, such as running a preconfigured job without any code ingestion, are of course possible without any manual interaction by the user. Setting up the user space, i.e., the installation of the agent and the required functions for Viking, can be requested by submitting a ticket to NHR-Nord@Göttingen. Thus users do not have to log in to Emmy once to be able to use Viking. Similarly, it can be used for our KISSKI cluster / users, for instance for drug-discovery. To get access, please contact kisski-support@gwdg.de.
In summary, even when a direct SSH connection is not available, Viking can securely communicate with an HPC system by using a REST-based communication layer provided by HPCSerA. This in no way detracts from the original appeal of Viking. The automatic user space setup ensures that the barrier to entry for new users remains low, making HPC systems more accessible to new, non-technical user groups in particular.
We are excited to announce that Viking will be available at NHR-Nord@Göttingen and KISSKI on the 16th of September!
Get in contact with us via: https://perpevit.com/contact-us , https://forum.viking-suite.com/ or an E-Mail to nhr-support@gwdg.de.
We gratefully acknowledge funding received by the Nationales Hochleistungsrechnen by the strategic project “Large Scale Data Management”, BMBF under 01|S22093A and most importantly the great cooperation with the quantum biology lab at the University of Oldenburg.
[1] https://viking-suite.com/
[2] https://pubs.acs.org/doi/10.1021/acsomega.9b03802