1. About Embassy Cloud¶
1.1. What is the Embassy Cloud?¶
The Embassy Cloud provides an isolated Infrastructure as a Service (IaaS) capability within EMBL-EBI’s Data Centre, where virtual machines provided by the tenant are hosted such that they are able to have local access to EMBL-EBI’s public data sets, while remain logically part of the tenant’s own IT infrastructure.
1.2. Why should I use EMBL-EBI’s Embassy Cloud?¶
Instead of maintaining local current copies of EMBL-EBI’s data sets on your home institution’s own IT infrastructure for you to do your own analysis (shipping our data to your compute), the Embassy Cloud enables you to bring your analysis to EMBL-EBI’s data sets within your virtual machine environment (shipping your compute to our data).
1.3. What support can EMBL-EBI provide to help me get started?¶
EMBL-EBI provides an IaaS environment, this means the tenant organisations get an empty virtual infrastructure that they can build VMs and networks in. The Embassy Cloud itself is separated from the EMBL-EBI internal network by a firewall. There is limited access to internal EMBL-EBI resources and the systems team does not have the resources to provide detailed support relating to the configuration and maintenance of your virtual machine.
In addition, EMBL-EBI can provide direct consultation and assistance to help individuals or science teams build prototypes or migrate existing pipelines and applications to the cloud. If you’d like to know more, or have any questions about this service, please check the Cloud Consultancy Team Documentation.
1.4. Who will manage my virtual machine?¶
You will! System administration within the tenant organisation’s cloud is performed by the tenant’s system administrators.
EMBL-EBI staff have no access to the tenant’s virtual machines and the tenant’s systems administrators retain full administrative rights over the hosted virtual machines.
1.5. Service Announcements¶
Service announcements (maintenance, service disruption, etc.) will be communicated to the Embassy Cloud Announce mailing list.
Subscribe to the mailing list here:
Manage your subscription to the mailing list here:
1.6. Best Practices¶
Using cloud VMs may be a new way of working for you, and it is quite different from working with physical servers. Here’s some tips.
Small is beautiful
VMs are at their best when their workload can be spread over multiple host servers, and they can easily be migrated between these servers, to optimise resource use. A single large VM must run on a single host, and migrating it to another, less utilised, host may be difficult. It’s much better to use multiple small VMs instead of one large VM, as the small VMs can migrate around the infrastructure easily, and will spread their work over many host servers.
A large VM that has many CPU cores, or a large amount of memory, will only be able to run on a host server that has more than that number of cores and enough memory available. That will significantly reduce the available servers that can run that VM.
Additionally, if the host servers are busy, a VM with a lot of CPU cores assigned will need to wait until there are that many cores available on the server at the same time before it can do any work at all. For example, if a host server has 6 cores available, a VM with 8 cores will have to wait while a VM with 2 cores will be able to do work straight away.
Add resources as needed
It is very easy to add resources (CPU cores, memory and disk volumes) to VMs. You can often do this without even powering off the VM. However, it’s more difficult to reduce the resources assigned, and powering off the VM will almost certainly be required. With that in mind, it’s best not to assign all your resources straight away but instead to add them to VMs as needed. It will give you the flexibility to respond to situations as they arise; if all your resources are already assigned then that becomes much more difficult.
In the Embassy cloud you are responsible for the security of your running instances and images. Please see this section Security Best Practices. The only thing between your VMs and the wild internet is the Edge gateway provided with your externally accessible network, and that is entirely within your control. There is a lot to this subject, which is discussed in more detail here, but basically: a) don’t turn off the firewall, and b) be very careful about allowing access through the firewall to your VMs.
1.7. Technologies used in Embassy Cloud¶
Here you can find a list of technologies used by our Embassy Cloud tenants. Feel free to contact embassycloud (at) ebi.ac.uk if you would like to know more about the implementation of a certain technology.