I am looking into starting an app on the same machine the OOD server is on. While one can ssh into localhost, I was wondering if anyone else has run into wanting the same thing and maybe building a mechanism for it that does not just ssh to localhost.
Indeed that would be necessary to spend the bandwidth on. I might have some bandwidth on my end a little down the road to work on at least a demo for this as it may become an important solution for an OOD stack I am working on for a project.
I have not really looked at the ood core part that handles the Linux Host Adapter bit but my guess is it would not be too different as it would just not be ssh’ing over somewhere. Maybe even simpler due to that not being needed.
At the same time, I may also look into adding podman support.
Can you expand a little bit on what you mean by ‘starting an app’? Are you thinking you want interactive apps? Do you want to be able to interface with a scheduler on the local machine? Or is it mainly just be able to execute a particular command? If it’s the latter, I think it’s rather trivial to do since that’s what many of the existing apps (like the dashboard) already do. If you turn on Dev Mode you can create your own apps the execute on the localhost.
Several years ago we had an engagement with TrustedCI where they looked at the cybersecurity of OOD. They produced a report, available at openondemand.org/trustedci that include in Appendix D several very helpful flow / process diagrams. Take a look at page 56 in particular for details on Dev Apps.
It would probably help if I explained the end goal! This is part of the Rutgers ERN Cryoem project that you folks have been pinged on in outside channels.
We are using OOD as a single pane of glass as it were on an edge computing device. Using its authentication mechanism for federated auth, the proxying to then connect to vnc servers in the lan that allow access to instruments and finally we want to use the app feature to start up Cryosparc instances, per user on the same edge node so that scientists can work interactively with the images coming from the machines they are working with over vnc to cut down on erroneous results before moving the data to a cluster for long term manipulation.
The hope would be to leverage the Linux Host Adapter to launch Cryosparc instances on this edge server (where OOD is running) which will take advantage of the servers gpu resources. Then, via Cryosparc, the user could then launch Slurm jobs on a remote cluster (outside of the OOD scope here though).
Another part of this project is the hope that we can get mod_substitute working as an additional proxy method.
At Montana State University we allow a cryosparc dbase instance to run per user but we run it on our cluster login node, not the OOD web server node. We are currently upgrading Cryosparc to the new multi-user server platform. I’m creating a new VM that is dedicated to this new Cryosparc server platform.
I’m not sure if that fits your scenario, but it could save you a bunch of custom scripting and testing.