Below are some diagrams of OnDemand’s architecture:
- Overview is a high level visual generated from Powerpoint
- System context and Container context diagrams below follow the C4 model for software diagrams, are more technically detailed and are built using draw.io
- Request flow diagram is a sequence diagram built using plantuml
- Apache is the server front end, running as the Apache user, and accepting all requests from users and serves four primary functions
- Authenticates user
- Starts Per-User NGINX processes (PUNs)
- Reverse proxies each user to her PUN via Unix domain sockets
- Reverse proxies to interactive apps running on compute nodes (RStudio, Jupyter, VNC desktop) via TCP sockets
- The Per-User NGINX serves web apps in Ruby and NodeJS and is how users submit jobs and start interactive apps
Users use OnDemand to interact with their HPC resources through a web browser. At the highest level, this is what the OnDemand system does. OnDemand is the system that enables that interaction.
All the gray components are specific to a given site and outside the OnDemand system.
In the C4 nomenclature, ‘containers’ are one level below the system context. This is not to be confused with Linux containers via cgroups and namespaces (i.e. Docker or Singularity or OCI containers).
It’s important to note in this diagram that the frontend proxy is the only component that is shared for all clients. The system will create Per User Nginx processes (referred to as PUNs throughout the documentation). So what’s diagrammed here in the outer light blue box is replicated for every client accessing the system.
- Everything contained in the dotted line is a part of the OnDemand system.
- Everything outside of it in gray is site specific components.
This is the request flow through the OnDemand system. A user initiates a request through a browser and this illustrates how that request propogates through the system to a particular application (including the dashboard).