Nittany Lion in data center

Roar System Specifications

NOTE: The Roar cluster is a restricted data environment and is used only for the storage and analysis of protected data. Access to the Roar cluster is available only through a paid allocation; most users should use the Roar Collab cluster for general computing and data storage needs.

Writing a proposal? You can find grant-ready text about our computing systems, data storage, and facilities here.

What is Roar?

Roar is dedicated to serving the small portion of researchers Penn State who must comply with the stringent NIST 800-171 data storage standards.

Roar Collab is the newest flagship high performance research computing cluster managed by ICDS for Penn State researchers. Designed with collaboration in mind, the Roar Collab environment allows for more frequent software updates and hardware upgrades to keep pace with researchers’ changing needs.

Our Computing System Location

The Roar supercomputer team members work out of the Computer Building on Penn State’s University Park Campus. The Roar cyberinfrastructure, which supports Penn State research computing, is also located at the University Park Campus, within a state-of-the-art data center. This data center provides 2.4MW of redundant power and 12,000 square feet of environmentally controlled space for our hardware. Approximately 50 percent of the facility’s power and equipment resources are dedicated to supporting the ICDS system infrastructure. To protect the facilities, equipment, and data, the white space is locked at all times with electronic locks on all doors and is monitored by camera 24×7. Only those with authorized ID-card swipe access can enter the white space. The building itself is secured by a single-rotary entrance featuring a “man-trap” to prevent multiple people for entering at one time (i.e., tail-gating). Visitors must check in at the operations center to receive a visitor badge. All people within the data center must display an authorized Penn State ID or a visitor badge at all times.

About the Roar Cyberinfrastructure

Roar operates Standard Memory and Single GPU cores to support Penn State research. You can view a complete list of Roar computing options on the Roar rate sheet.

Software

The Roar computing environment is operated by Red Hat Enterprise Linux 7.

Roar maintains and regularly updates an expansive software stack. The stack currently contains approximately 240 applications, with more added at regularly-scheduled intervals. The applications include security monitoring software, batch schedulers (e.g., slurm), compilers, file transfer programs, and communication libraries (e.g., MPI, OpenMP). The stack also contains software applications commonly used by researchers, such as MATLAB, COMSOL, R, and Python, as well as programs for performing specialized tasks, such as Abaqus, Quantumwise, and TopHat. Details regarding the software available can be found on the Software page.

Storage

ICDS provides over 20 PB of storage. This includes High Performance Storage Archive capability that supports users’ processing and research needs for data storage. Active storage mounted to compute resources and designed for actively used files and datasets is available in 5TB increments.

Security

The ICDS Roar system implements the following security measures: Electronic Security, Physical Security, Controls for Servers / Data Access, Data Destruction. The Roar architecture enables electronic security through file access controls and mitigation of software vulnerabilities. Roar provides the capability to audit all system access and requires a strong password and two-factor authentication. To mitigate the potential adverse impacts of malicious software and security attacks, Roar uses automated mechanisms to identify and patch for software vulnerabilities. Roar is deployed in secure data facilities located on University premises. Each data center requires card swipe and/or pin access to gain entrance into the physical space. Access is limited to systems administration personnel only with procedures in place to manage exceptions. The data center has successfully completed a DCAA audit. Roar login/endpoint nodes are protected by software based firewalls which only permit Secure Shell (SSH) traffic. Other connections are immediately dropped. Data and services hosted on the Roar infrastructure are not discoverable by the public internet. By default, Roar enforces Least Privilege access concepts across the system, providing users with only the minimum set of permissions and accesses required to complete their function. File systems are secured with standard POSIX based Access Control Lists (ACLs) as well as standard Unix directory and file permissions. This enables individual accounts to be organized into groups; a Principal Investigator (PI) may designate specific users in the PI’s group to access certain data. Group access to sensitive data, such as genomic and phenotypic data, is only granted to users with the consent of the responsible Principal Investigator (PI). Users are only permitted access to data which they have permission to view. For example, a user in one group with access to NIH data is not by default granted access to the NIH data of another group. Data stored on Roar is snapshotted daily and remains active for a period of 90 days. Snapshots are automatically purged once the 90 days has been exceeded. All PIs, along with Roar and PSU IT leadership, are required to sign an NIH Compliance document prior to storing any relevant data on Roar. Roar meets the standards laid out in NIH’s “Security Best Practices for Controlled-Access Data Subject to the NIH Genomic Data Sharing (GDS) Policy” document. Roar is compliant with NIST Special Publication 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations”.

ROAR Support

Roar is maintained by the ICDS staff, who provide network monitoring, backup services, software updates, code optimization, and service-desk support. ICDS uses network monitoring software to monitor the health and status of the network, hardware, and storage. ICDS infrastructure is actively monitored during business hours (8:00 AM – 5:00 PM) Monday through Friday. Roar also hosts an intrusion detection system, which is used to control the system by monitoring available logs, alerting administrators of unauthorized system modifications, and providing a mechanism to enforce security requirements. The team uses NESSUS Professional to scan the system for potential vulnerabilities such as hacking and Denial of Service (DoS) attacks.

The ICDS website offers documentation to help users resolve technical issues they may encounter. This support is supplemented by the i-ASK Center, a service desk which supplies expert technical assistance for user problems. In the event of more complex issues, the engineers of the ICDS Technical Support Team provide advanced in-person support to users to ensure that problems are resolved in a timely and professional manner.

ICDS Advanced Technical Services

Through the RISE team ICDS offers domain-specific consulting to assist researchers with big data analysis, applied machine learning, code optimization, specialized software applications and in general increasing the efficiency of their research. Consultants cover many disciplines including Engineering, Chemistry and Materials Science, Data Visualization, Parallelization, and Science Gateways for Big Data Research, Data Sciences and Artificial Intelligence.

User Guide for Roar

New users can access this Roar User Guide to answer the most fundamental questions about accessing and utilizing this exciting new resource.

Sign up for your account.