STRAP

The Simplified Teaching and Research Application Platform (STRAP) project aims to provide common components for web-based research applications so that researchers are able to concentrate on developing their research software, lowering the barrier to deliver data and analysis portals while leveraging enterprise-grade computing and storage infrastructure, identity providers, database services, and other important supporting components.

Using a simple web application itself hosted by the Platform, and following a few basic conventions, researchers will be able to deploy their container-based applications with storage, a Postgres database, logging and backups, and authentication via UVic and/or social identity providers such as GitHub and Twitter.

STRAP is based on tried and tested open-source technologies such as Keycloak and Kubernetes and running on an OpenStack cloud instance operated by the same team that runs the Arbutus system for the Digital Research Alliance federation (formerly Compute Canada Federation).

Architecture

It looks a little something like this:

STRAP Architecture Diagram

The entire project is currently hosted on an OpenStack cloud at UVic. Three major components are hosted at that layer:

  • A Postgres database server,
  • a Keycloak instance to proxy authentication to multiple identity sources, and
  • an Ubernetes deployment. Ubernetes is an opinionated Kubernetes deployment developed by the UVic RCS team used for multiple production services.

Inside Ubernetes we have the following middleware services:

  • Ingress and TLS termination
  • Routing
  • Authentication forwarding

These support the researcher applications running as containers. Not shown: individual namespaces.

How Deployment Works

When an application is defined and is ready to deploy, a JSON document is created from the parameters defined in the management application, such as the image, the application name and title, and what type of authentication is desired. This configuration is passed to a Terraform module which provisions the database, identity resources, and populates a Helm chart to publish the application to the Ubernetes cluster. Deployment status is provided to the user along with some necessary information such as the newly created database’s initial password.

Current Functionality

The following functionality is currently implemented and has addressed major initial risks.

  • Specify an image from Docker Hub
  • DNS entry and TLS certificate application under a development domain name
  • UVic and limited social identity providers
  • Authentication-exempt routing for when authentication isn’t required or desired
  • Postgres database instance and associated roles
  • Logging

Project Status

The STRAP project has concluded its proof-of-concept and is now moving to the prototype/alpha stage. Further functionality will be implemented and the STRAP manager application will itself be hosted and managed on the platform. Some researcher projects may be identified for early access and needs analysis.

Next steps and longer-term work are in the planning stages.

News and updates

If you’re interested in following our progress, please subscribe to our RSS feed or come back and visit our development blogs.