Federation implementation roadmap¶
Use a remote-hosted workflow #13493
- When retrieving a workflow record for arvados-cwl-runner, API server notices workflow UUID is remote, and fetches it with salted token (instead of looking in local DB)
Mount remote-hosted collection (read-only) - Federated collections
- (controller) fetch remote-hosted container by UUID (similar to workflow case) (#13993)
- (controller) rewrite locators in manifest to indicate remote cluster (#13993)
- (keepstore) if locator indicates remote cluster and data does not exist locally (or local signature is not supplied), fetch from remote using salted token (#13994)
Mount remote-hosted collection (read-only) in a container
- When creating a container to satisfy a CR, Rails API assumes any PDH appearing in the CR mounts is OK.
- When running the container, arv-mount (and any other client) will go through the controller to get the collection.
- The controller will search the federation for any PDH not found (or not readable by the acting user) in the local DB. (#14087)
- API server issues v2 format auth tokens (#14196)
Run some portions of a CWL workflow on a remote cluster
- When submitting container requests, a-c-r follows workflow/commandline/input UUID hints to choose a cluster.
- a-c-r submits CRs to its home cluster with owner_uuid, if owner_uuid is a remote cluster, the controller proxies those requests to remote the cluster (#14197)
- When creating a container request on a remote cluster, submitter can specify a container token with appropriate privileges (#14200)
- When a-c-r requests a batch of containers, the controller proxies requests to remotes as needed to get a full response (#13619)
- To prepare final output collection, must be able to copy files from a remote hosted collection to a local one
- Requires converting blocks with +R hints to +A hints (#14199)
- Involves copying blocks from remote cluster to local storage to get local signed locator to create collection. (if necessary, could be done on client / cwl-runner side.)