Cloud Forum Lightning Round 2

Lightning Round Rules

5-minute limit strictly enforced

​

Countdown Notifications when 3 and 1 min remaining

​

Questions are not allowed during presentations, please follow up with the speaker during networking time

2

Bob Flynn��then

Dan Landerman

So, You Want to Move to the Cloud

 What Could Go Wrong?

cc: philjrenaud - https://www.flickr.com/photos/59716929@N04

cc: turni - https://www.flickr.com/photos/49503084583@N01

cc: David Ballew - https://unsplash.com/@daveballew?utm_source=haikudeck&utm_medium=referral&utm_campaign=api-credit

cc: freshwater2006 - https://www.flickr.com/photos/77422674@N00

Teaching & Learning

cc: Mikael Kristenson - https://unsplash.com/@mikael_k?utm_source=haikudeck&utm_medium=referral&utm_campaign=api-credit

cc: guiskatenator - https://www.flickr.com/photos/34719728@N05

cc: rosipaw - https://www.flickr.com/photos/8542711@N08

cc: Johnson Cameraface - https://www.flickr.com/photos/54459164@N00

cc: Danielle Cerullo - https://unsplash.com/@dncerullo?utm_source=haikudeck&utm_medium=referral&utm_campaign=api-credit

cc: recombiner - https://www.flickr.com/photos/64121517@N05

cc: jeffmarks.net - https://www.flickr.com/photos/53616069@N08

cc: Trey Ratcliff - https://www.flickr.com/photos/95572727@N00

cc: Louis Reed - https://unsplash.com/@_louisreed?utm_source=haikudeck&utm_medium=referral&utm_campaign=api-credit

Research

cc: Osarugue Igbinoba - https://unsplash.com/@osarugue?utm_source=haikudeck&utm_medium=referral&utm_campaign=api-credit

cc: fatboyke (Luc) - https://www.flickr.com/photos/8264376@N03

cc: Danist Soh - https://unsplash.com/@danist07?utm_source=haikudeck&utm_medium=referral&utm_campaign=api-credit

cc: cluttercup - https://www.flickr.com/photos/54115632@N00

Enterprise

cc: Aleksandr Barsukov - https://unsplash.com/@aleksandr_barsukov?utm_source=haikudeck&utm_medium=referral&utm_campaign=api-credit

cc: Ervins Strauhmanis - https://www.flickr.com/photos/76523360@N03

cc: Álvaro Serrano - https://unsplash.com/@alvaroserrano?utm_source=haikudeck&utm_medium=referral&utm_campaign=api-credit

cc: GnondPomme - https://www.flickr.com/photos/21958809@N07

cc: jacqui.brown33 - https://www.flickr.com/photos/120600995@N07

cc: Tegan Mierle - https://unsplash.com/@tegan?utm_source=haikudeck&utm_medium=referral&utm_campaign=api-credit

cc: keith ellwood - https://www.flickr.com/photos/76377775@N05

cc: Jp Valery - https://unsplash.com/@jpvalery?utm_source=haikudeck&utm_medium=referral&utm_campaign=api-credit

cc: wwarby - https://www.flickr.com/photos/26782864@N00

cc: Public Places - https://www.flickr.com/photos/78019868@N05

cc: AliceNWondrlnd - https://www.flickr.com/photos/12227737@N07

Dan Landerman��then

Chris Lawrence

What’s a title (got to do) got to do with it?

Dan Landerman

Sr. Cloud Engineer

Northwestern University

​

10 years ago….

10 years ago, at Microsoft TechEd in New Orleans….

10 years ago….

Surface!!

10 years ago….

Mardi Gras Parade!!

Drew Brees!!

Drew Brees!!

Drew Brees!!

Tina Turner!!

The Benefits of�Cloud-Specific Roles

​

• Focus – just one hat
• Ownership of the Cloud(s)
• Personal Growth
• Community
• Experience & Opportunity

​

A WHOLE LOT!

Chris Lawrence��then

Cornelia Bailey

Quantum Computing in the Classroom

Chris Lawrence

cslawrence@uiowa.edu

​

November 10, 2022

Level Set

• Amazon Braket is a service fronted by Amazon SageMaker that allows you to run code in quantum simulators and on actual quantum computers.
• I completely ignored this service when it was announced because I never thought we’d use it, and I was wrong.

​

​

ITS - Enterprise Infrastructure - Technology Platform Services

It always starts with a call…

…or sometimes an e-mail.

​

A Call to Action

• A contact in Physics reached out on a somewhat tight deadline.
• Students needed access to the same AWS account, but not to each other’s resources/work/data.
• They had funds to run the class but wanted some cost control.

​

​

​

Amazon Came Through

• We immediately called our AWS account manager to discuss obtaining PoC credits.
• We received an answer within a day approving us for funds to get through a semester.
• Approved us again this year for further credits for another class (same instructor).

​

​

​

A Journey to Partnership

• Our team and Physics have a good working relationship with the product team.
• We provide feedback and they’re willing to fund our use of the service so far.
• To our knowledge, this was the first use of the service in an instructional setting.

ITS - Enterprise Infrastructure - Technology Platform Services

Takeaways

• This was a huge success! The instructors were happy, the student feedback said they learned better with hands-on experience, and we contributed to the University’s mission.
• Pay attention, at least peripherally, to product announcements.
• Working outside the box to make things work engenders goodwill.
• Never miss an opportunity to tell AWS that a product shouldn’t be GA unless it has CloudFormation support.
• Do not be afraid to ask your account manager about PoC credits, whether it’s for something shiny and awesome or something that might feel basic.

​

ITS - Enterprise Infrastructure - Technology Platform Services

Cornelia Bailey��then

John Bailey

Piloting Microsoft’s Direct Pay Option

Cornelia Bailey, University of Chicago

​

​

​

​

• UChicago avoids IaaS recharge.

​

• We piloted Microsoft’s Customer Agreement (MCA).

​

• Allows Microsoft to directly bill clients for their subscriptions.

58

The MCA: New Model

59

UChicago’s Microsoft Customer Agreement (MCA)

UChicago’s Enrollment for Education Solutions (EES)

Medical Center

Azure Enrollment

Business School

Azure Enrollment

Campus

Azure

Enrollment

Campus

Azure

Enrollment

All Microsoft offerings for the Medical Center and campus.

THE MCA: Attaching a payment method

60

UChicago’s Microsoft Customer Agreement (MCA)

Campus

Enrollment

Campus

Enrollment

​

​

​

Campus (IT Services)

subscription

UEI subscription

THE MCA: Visibility on all billing/payment activity

61

MCA Shortcomings: Microsoft side

• MSFT would not adapt FERPA language to exempt university from student’s bad behavior. This meant that no teaching/learning activities could happen on the MCA enrollment.
• The precipitating use case involves PHI. The MCA has a standard BAA, different than the EES. This forced us to reckon with BAAs in general with the medical center.

​

62

MCA Shortcomings: University side

• At UChicago, users need a quote to get a purchase order.
• Unlike Burwood and DLT, Dell, our EES reseller won’t give quotes.
• Microsoft can give us estimates, but that’s not considered a quote.
• When something’s over $10K, we have to show proof of competitive bidding due to fraud laws.

63

Verdict?

Worth doing if..

​

• Your procurement process doesn’t require a quote. At UChicago, we have to do after-the-fact purchase orders. Users pay invoice every month through some awkward process.

​

• You don’t need to support teaching and learning activities directly on Azure.

64

THANKS!

65

65

Our Experience of Azure Virtual Desktop (AVD)

Cornelia Bailey, University of Chicago

​

​

​

​

We evaluated AVD for several use cases. One use case got us a solid start with VDI in the cloud.

​

67

Which criser-tunity mobilized priorities?

Azure Labs for computer labs during covid?

Too expensive, no takers!

High-risk employees VPN+RDPing into on-prem desktops, forcing on-prem reboots and keeping RDP around?

Not yet!

Slippery tax optics on contractors?

Not yet!

Supply chain issues and not having to ship a university managed device?

Not yet!

Failing on-prem VDI layer on top of on-prem Secure Data Enclave (SDE) with unhappy, vocal faculty?

We did it!

68

Justifying choice of AVD for SDE: easy

​

1. More resources to work on it: Previous Windows VDI infrastructure had been run by the Windows Servers Team which meant more resources could navigate Azure.
2. Compliance was not hard: Azure’s 800-171 compliance tool made it simple to iterate on our AVDs until our setup passed.
3. Cost optics were good: Running the service on AVD would cost less than refreshing on-prem VDI infrastructure.

69

Bonus: re-examining who provides VDI

• Previous on-prem VDI infrastructure had been run by the Windows Servers Team
• Used this opportunity to transition ownership of service to the Desktop Engineering Team.
• Weekly meetings with Cloud Enablers (one of whom was part of the Windows Server Team) and Desktop Engineering Lead make this transition possible.

​

70

Remaining financial questions

​

1. Even though AVD is a cheaper replacement for our on-prem VDI, are we running AVD as efficiently as possible?
2. What are the lighter weight options? Windows 365 use case discussion later this month.

​

71

THANKS AGAIN!

72

72

John Bailey��then

Todd Reilly

2022 Cloud Forum�Lightning Round Presentation

Shifting backup storage away from AWS

WashU Hybrid Cloud Backup Architecture

75

11/10/22

​

​

​

​

​

​

​

​

​

Primary Datacenter

​

​

​

​

​

​

​

​

​

​

​

​

​

Secondary Datacenter

​

​

​

​

Disk Backup Storage

VMware Cluster A

Veeam B&R

B

Disk Backup Storage

VMware Cluster B

AWS VDC

​

​

2

5

5

3

Physical Servers

Veeam B&R

A

S3-IA

Backup Storage

2

2

Veeam B&R

C

EC2

Instances

Vault Lock

Policy

​

1

4

4

Physical Servers

2

2

2

3

What Went Wrong

• API and early deletion charges caused storage cost to spiral out of control.

Corrective Actions We Took

Corrective Actions We Took

• Transitioned to S3 standard storage.
• Reduced data retention period.
• Reduced number of servers protected.

Future Corrective Action

• Transition to a new cloud object storage platform that does not charge API or early deletion fees.
• Leverage the cost savings to provide cloud backups for more servers and have a longer retention period in the cloud.

What I Am Asking of Our Cloud Venders

• Simplify the pricing structure on your storage offerings so that normal people can understand them and make cost projections!
• Dramatically reduce the number of different storage offerings you provide:
• Block storage fast (SSD / NVMe)
• Block storage slow (spinning disk)
• Object storage fast (reasonably priced, for all normal object storage needs)
• Object storage slow (cheap, for archival object storage needs)

Todd Reilly��then

Rachel Malashock

Cloud-Enabling the Biomedical Research Workforce��The Cloud Forum – Lightning Talk�November 2022

R. Todd Reilly, PhD (C) – Client Services Team

NIH STRIDES Team | Office of Data Science Strategy

Center for Information Technology | Office of the Director

NIH STRIDES Initiative

The Science and Technology Research Infrastructure for Discovery, Experimentation, and Sustainability (STRIDES) Initiative

The NIH STRIDES Initiative accelerates biomedical research in the cloud by simplifying access, reducing costs, lowering technological barriers, and improving processes.

Core motivations for STRIDES include:

​

• Democratization of computational research and data science:
• Leveling the playing field for those traditionally underrepresented in biomedical research
• Cost savings and efficiencies for the research community at large:
• More usage begets more savings and greater overall discounts for all
• Strong partnerships with cloud providers:
• Resulting in collaborative R&D engagements and more direct focus and support on research

83

Common Cloud Challenges

• Setting up acquisition vehicles and access to cloud service providers
• Budgeting and paying for usage, optimizing for cost, preventing inadvertent cost overruns
• Developing and/or learning new tools and new ways of working
• Growing, securing, and maintaining easily-prototyped capabilities as robust infrastructure, systems, and services
• Transitioning from on-premise resources to cloud resources
• Many options and building blocks means (too?) many ways to do things

​

STRIDES Instructor-Led Training (ILT) Course Offerings

Amazon Web Services

​

Fundamental Courses

• AWS Cloud Practitioner Essentials
• AWS Technical Essentials
• AWS Security Essentials
• Introduction Cloud Financial Management in AWS

​

Biomedical / Data Science Courses

• Big Data and Machine Learning on AWS
• Building Data Analytics Solutions Using Amazon Redshift
• Building Data Lakes on AWS
• Data Warehousing on AWS
• Deep Learning on AWS
• Planning and Designing Databases on AWS
• Practical Data Science w/Amazon SageMaker
• Running Containers on Amazon EKS
• The Machine Learning Pipeline on AWS
• Introduction to Biomedical Data Science in AWS (Custom)

​

IT Courses

• Architecting on AWS
• Advanced Architecting on AWS
• Developing on AWS
• DevOps Engineering on AWS
• Security on AWS
• SysOps on AWS

STRIDES Cloud Training Overview

Incredible Demand for All Training

​

• Nearly all courses have had waitlists
• Course offerings range from fundamentals, to research support/technical topics, to advanced data science

​

Range of Training Opportunities

​

​

​

​

​

​

​

​

​

​

• Custom NIH cloud training courses with content and examples specific to biomedical research, meant to address researcher needs and challenges

​

• Periodical, NIH-sponsored codeathons to provide hands-on opportunities to interact with the cloud platforms to solve specific problems

Support for Major NIH/NIGMS Diversity & Capacity Building Programs

• Collaborative R&D projects with cloud providers to support minority serving institutions (MSI) and Institutional Development Award (IDeA) states
• Proteomics pipeline development with University of Arkansas for Medical Sciences
• RNA-seq workflow & training with University of Maine system

​

​

• Targeted engagement and training efforts at MSIs, including Historically Black Colleges and Universities (HBCU) and Tribal Colleges and Universities (TCU)
• NIH Virtual Workshop on Broadening Cloud Computing Usage in Biomedical Research

​

​

• Special research credits from cloud providers to jumpstart programs from institutions underrepresented in computational-/data-intensive research

​

IDeA is a congressionally mandated program that builds research capacity in states that historically have had low levels of NIH funding.

New Award Supplements: Cloud Module Development IDeA State Institutions

Slide courtesy of Dr. Ming Lei, Director, Division for Research Capacity Building, NIH/NIGMS

Collaborative R&D engagements with STRIDES cloud partners to develop new biomedical capabilities in the cloud

*INBRE = IDeA Networks of Biomedical Research Excellence

NIH Cloud Lab Overview

A cloud testbed allowing researchers to “try before they buy”

Exploring the Cloud Consoles

Researchers can gain an understanding of the look and feel of cloud environments before they jump into a full STRIDES account for research

Supplementing Cloud Training

Researchers can use the sandbox to strengthen their understanding of cloud training or follow along with training content in a separate environment.

Experimenting with Simple Cloud Solutions

Researchers interested in solutions for specific scientific tasks can use the sandbox to build proof of concept or other simple solutions to understand LOE and other details for production.

Benchmarking Costs

Testing out different tools and configurations (instance types, sizes, etc.) to optimize research analyses

Primary Cloud Lab Use Cases

​

CIT PRIORITIES

NIH GitHub Enterprise Cloud Offering

• Amazon Web Services: ~$1.0M
• Google Cloud Platform: ~$1.6M

​

• Total: ~$2.6M

KEY OUTCOMES OF USING CLOUD SERVICES AND TOOLS:

Looking Ahead

Continue to increase the adoption and use of STRIDES

• Include STRIDES in all relevant NIH funding opportunities as encouraged but not required
• Emphasize minority-serving and historically unrepresented institutions

​

​

​

Develop more scalable, sustainable cloud training strategies

• Provide readily available workforce development resources
• Partner with longstanding, NIH-funded extramural training centers
• Engage with researchers, institutions, communities to continue developing sustainable models for workforce development

​

Explore expansion of partnerships to include widely used biomedical software and platforms

​

​

​

Contact Information & Resources

STRIDES Contact Information and Resources

• Nick Weber – Cloud Services Program Manager nick.weber@nih.gov
• Rachel Malashock – Client Services rachel.malashock@nih.gov
• Todd Reilly – Client Services todd.reilly@nih.gov
• STRIDES Group Mailbox: strides@nih.gov
• STRIDES Training Mailbox: STRIDESTraining@nih.gov

​

STRIDES Website: https://cloud.nih.gov/

STRIDES Training: https://cloud.nih.gov/training/

93

Accessing STRIDES Pricing for Cloud

STRIDES Onboarding

• Select Cloud Service Provider (CSP)
• For AWS pricing and account-related questions, please contact Four Points Technology at FPT_NIH_STRIDES@4points.com
• For Google Cloud pricing and account-related questions, please, contact Carahsoft at NIHSTRIDES@carahsoft.com
• For Microsoft Azure pricing and account-related questions please contact MSSTRIDES@microsoft.com
• Establish a vendor-relationship between your institution and the CSP
• Pay your cloud costs from your NIH grant/award funding
• Submit a STRIDES Billing Account Provisioning Request form through the CSP and their Billing/Admin Partner
• Securely establish, maintain, and use your cloud resources

94

Rachel Malaschock��then

Gabriel Geise

NIH Cloud Lab��The Cloud Forum – Lightning Talk�November 2022

Rachel Malashock– Client Services Team

NIH STRIDES Team | Office of Data Science Strategy

Center for Information Technology | Office of the Director

Cloud Lab Overview

97

NIH Cloud Lab support STRIDES’ mission of enabling and modernizing biomedical research through the cloud. Secure, sandbox-like environments have been established on AWS and GCP, with Azure Cloud Lab currently in development. Researchers are provisioned accounts on a platform of their choosing for a 90-day period of time and with $500 in associated credits

Cloud Lab Use Cases

98

What might sandboxes be used for?

A Cloud Lab sandbox can be incredibly useful for those with varying levels of cloud experience, allowing researchers to create and work through their own research scenarios in a safe space

Cloud Lab Usage & Trends

Total Accounts Provisioned

Use-Case Breakdown

User Trends

• 21 total accounts provisioned
• 14 AWS accounts provisioned
• 7 GCP accounts provisioned

• Gaining expertise in Imaging Analysis leveraging resources such as Cancer Research Data Commons (CRDC), Imaging Data Commons (IDC), and creating Structured Storage
• Piloting High Performance Computing (HPC) use cases and cloud solutions
• Testing Genomic Epidemiology and Microbiology using cloud based microservices
• Natural Language Processing (NLP) using AI/ML big data pipelines
• General knowledge building, training and cost estimation

• Data Scientists are the predominant users
• Some users are testing out 3^rd party services from AWS Marketplace which may help identify new training needs or changes to policies
• Imaging Analysis is a common use-case, and coordination with end-users from this discipline will be valuable for creating future training modules
• Beginning to identify cooperative users via survey who will be willing to participate in further discussions to surface opportunities for improvement, additional training needs, etc.

Participating in Cloud Lab

100

STRIDES is finalizing Identity and Access Management technical updates in preparation for onboarding extramural researchers in early 2023. In the interim, STRIDES is collecting Interest Forms from the extramural community.

Visit the Cloud Lab Webpage

Learn more about this exciting new program by visiting our website at cloud/nih.gov/resources/cloudlab.

Fill Out the Interest Form

Have a strong use case for Cloud Lab? Fill out the interest form by clicking the blue button on our webpage (right).

Get Trained

You can prepare for Cloud Lab even before you are provisioned an account. Visit the STRIDES training website to find a range of resources including links to AWS/GCP Cloud Lab GitHub tutorials

https://cloud.nih.gov/training/

https://github.com/STRIDES/NIHCloudLabAWS

https://github.com/STRIDES/NIHCloudLabGCP

Contact Information & Resources

STRIDES Contact Information and Resources

• Nick Weber – Cloud Services Program Manager nick.weber@nih.gov
• Rachel Malashock – Client Services rachel.malashock@nih.gov
• Todd Reilly – Client Services todd.reilly@nih.gov
• STRIDES Group Mailbox: strides@nih.gov
• STRIDES Training Mailbox: STRIDESTraining@nih.gov

​

STRIDES Website: https://cloud.nih.gov/

STRIDES Training: https://cloud.nih.gov/training/

AWS GitHub Training: https://github.com/STRIDES/NIHCloudLabAWS

GCP GitHub Training: https://github.com/STRIDES/NIHCloudLabGCP

​

102

Gabriel Geise��then

Sean O’Brien

Splitting the Tab 300 ways

Adventures in cloud billing

Gabriel Geise

gbg3@psu.edu

​

There are two hard problems in Computer Science, Naming things, Cache Invalidation and off by one errors; Billing is all four.

Spreadsheets and Pivot Tables

• Account tracking in spreadsheets
• Document per cloud with different fields
• Little data validation
• Inconsistent naming of accounts
• Manual download and manipulation of usage data
• Scripting on an individual's computer
• A week of a FTE’s time if all went well

Where to find data

• Azure - Cost Management + Billing
• Azure - Consumption API
• Azure - Billing API
• Azure - Export to Storage Account
• GCP - Billing Accounts
• GCP - Billing Export to BigQuery
• AWS - CUR Data
• AWS - Cost Explorer
• DLT - Request “Custom” Billing Tables With Your Invoice

Credits

• AWS – Turn off credit sharing
• Azure – Deducted from total bill, no direct attribution
• Azure Sponsorships – Attributed to account owners, and subscriptions
• GCP – Deducts from the billing account in “real-time”

Automation

• Introduced Cumulus – Home grown database and app for managing accounts
• Billing functions to query and import billing data to BigQuery creating a billing datalake
• Store credit information with accounts
• Automate the creation of chargeback report for financial system
• Manual verification of accuracy still required, may take a few hours to resolve issues.

Lessons Learned

• Call the baby ugly
• Data may not be accurate until well after the first of the month
• Tenant databases with data checking and lifecycle management

Sean O’Brien

Benchmarking Lightning Talk

�

Sean O’Brien, AVP for Cloud�sobrien@internet2.edu

The Opportunity

Institutions want to make data-informed decisions about the cloud.

We have a lot of data already.

How do we make this data available?

How do we maintain a sense of community in higher education?

​

​

Here are three projects we are working on…

Cloud Usage Reporting:

NET+ AWS & GCP

AWS data transfer spend

GCP slide on spend by service

GCP slide on spend by service - removing storage and compute

AWS Products by Org

The Cloud Scorecard helps research and education institutions quickly assess which new cloud services meet common requirements to operate in complex technology, security, compliance, and legal environments.

119

[ 120 ]

Accessibility

VPAT, WCAG, Policy link

Identity and Federation

InCommon, SAML

Network and Connectivity

I2PX, I2 connectivity, throttling, egress charges

​

​

Scorecard Questionnaire

​

39 questions total

Sections include:

​

Security

SOC2, HECVAT, Audit logs

Privacy

Policy, ISO 27018, data retention, disclosure

Technical Integration

APIs, data formats, SDK, Open source

Other Compliance and Contractual Issues

FERPA, data locale, trademarks, etc.

​

​

V1.1 under community consultation

Cloud Scorecard Directory

https://tinyurl.com/i2-scorecard

Institutional Profiles Project Update

The objective of an Institutional Profile is to allow an institution to assert information about themselves to foster collaboration around a certain subject area or service.

��

ServiceNow Institutional Profiles: The Data (Pt 1)

Institutional Background Characteristics

• Production Environment Release
• Paris / Quebec / Rome
• Number of Production Instances
• Number of Non-Production Instances
• ITSM License Release
• ITSM STD / ITSM Pro / SMS / SMS v2 / ITSA Unlimited / ITSA Gold / ITSA Platinum
• Number of ITSM Licenses
• 1-50 (small) / 50-250 (medium) / 250+ (large)
• Information Technology Philosophy
• Centralized / decentralized / it’s complicated

• ITSM Philosophy, Structure & Governance
• Early-adopter / Intermediate / Mature
• Chargeback model
• Internal / non-internal / internal plus administrative costs
• ServiceNow Team Size
• ServiceNow Customer Since (year)
• Contract Renewal Date
• Contact Name
• Contact Email
• Profile Last Updated

ServiceNow Institutional Profiles: The Data (Pt 2)

Qualitative Data (paragraph format)

• Implementation & Usage
• History
• Accomplishments
• Roadmap

​

ServiceNow Institutional Profiles: The Data (Pt 3)

ServiceNow Specific Use Characteristics

• Analytics, Intelligence & Reporting
• Customer Service Management
• Dev Ops
• Field Service Management
• Governance, Risk & Compliance
• HR Service Delivery
• IT Asset Management

​

• IT Business Management
• IT Operations Management
• IT Service Management
• ServiceNow Mobile
• Now Platform Administration

​

The Vision

Building a combined platform to house completed cloud scorecards and institutional profiles. Evaluating further use cases.

​

IPS benchmarking: Build way for non-NET+ institutions and possibly other CSP’s to contribute and utilize data.

​

Institutional Profile: Scale to other highly adopted NET+ services. Provide a pathway for non-NET+ institutions to participate.

​

Interested? Let me know!