LASER Service: Introduction to the Azure LASER Service Offering


This KB article describes the new LASER service - Leeds Analytics Secure Environment for Research.

It was previously known as the Integrated Research Campus (IRC) platform for LIDA.

Introduction

The University of Leeds has started as part of its digital transformation strategy to migrate to a scalable and high-performance Microsoft Azure cloud solution – Leeds Analytics Secure Environment for Research (LASER) - as part of its 2020 strategy, with the help of cloud and managed services provider(s). The aim of the new LASER service is to provide appropriately secure, scalable, resilient and flexible research environments with secure storage facilities to University researchers working within LIDA. This service has been developed as part of the Microsoft's Azure PaaS cloud platform.

The upgrade of the LIDA’s IRC platform is currently being revised as part of the LIDA Refresh Programme. The current on premise IRC service consists of Virtual Research Environments (VREs) and various research data sets or projects which will be planned and transitioned to the Azure cloud platform over a period of time. The core premise of the proposed design is to establish an Azure cloud platform for hosting Secure Virtual Research Environments (VREs), that will co-exist and connect with our current on-premise network environment via the Azure Express Route service.

LASER Service

The new LASER service will be developed within the Microsoft Azure’s cloud computing platform. It is offered as a ‘Platform as a Service’ (PaaS) to allow the development of various services to support the LASER service. The Azure platform provides a range of cloud services, including compute, analytics, storage, web applications and networking. Access to the Azure’s platform is via the Azure portal where one can access the various services to create cloud-based resources such as VMs and databases.

The most fundamental building block is the Azure virtual machine (VM). Using Azure virtual machine, we can able to deploy different services such as Windows, Linux within the Azure cloud. When we implement a virtual machine, every virtual machine will have an associated OS and data disk. Available VM models and other compute resource options are offered such as Shared Storage, SQL database instances, Web Apps, Network resources, to meet the needs of most research projects. However, additional resource options (eg. VM models) can be made available upon request to meet higher demanding research projects.

UoL IT Services will provide whole lifecycle support to the following components that make up the LASER Service:

Azure Portal / Dashboard for LASER

The Azure portal is a web-based, unified console; being part of the Microsoft Azure cloud based platform and infrastructure that allows one to access and manage a number of resources, including applications and services that have been developed for the LASER service.

It will provide and support basic Administrative management tasks and management information of the research project and the status of the VRE environment.

Levels of access to the Azure (LASER) features is determined by User roles and AD groups and will also determine what access has been granted to which VRE environment. Access to the LASER environment is via the Azure portal and uses Multi-Factor Authentication (MFA) to the VRE project environments. You can access Azure (LASER) via following link:

VRE Environment

The new Microsoft Azure platform provides a secure and hosted Virtual Research Environment (VRE) for each research project supported by a dashboard and user interface for researchers. Each VRE is like a private cloud with some shared underpinning services. One of the design features of the platform is the separation of each VRE to prevent data from leaking between projects.

Connections to the existing on-premise environments will be made via the existing Azure Express Route service, as this is a centrally managed service easily accessible to all applications and services needing it without complex reconfiguration.

VRE Environment


The VRE environment will contain one or more Virtual Machines (VMs) depending upon the research need. Each VM will host a pre-configured UoL base image which will either be a Windows OS (default) or a Linux OS. The researcher is able to log onto this virtual desktop(s), be able to access their data for the project and carry out their analytical research using the tools familiar to them. Additional research software as well as other UoL standard software tools can be requested and or will be made available to download via the Software Center tool (SCCM) within the VM OS platform for Researchers to download onto their VM machines.

There will be three types of VRE project environments offered to the researcher. VRE environments will support Windows 10 and Linux operating systems.

Examples of VRE Project types:

  1. VRE Project Type A – Simple, standard VRE environment, consisting of a pool of VMs, project data file storage (SMB3) share that can be accessed by the VMs within the same VRE. VMs will be Win 10 desktop (or Linux) containing standard software and research-specific software. There will also be a separate Azure Backup Services and Recovery Services Vault within the VRE subnet to backup all the data within the VRE.
  2. VRE Project Type B – Type A project but with SQL database instance(s) VRE environment.
  3. VRE Project Type C – These are bespoke Type A or B projects with possible complex network configurations, web applications, powershell visualisation and facilitate sharing of source code between projects. These projects will require detail discussion and coordination for delivery.

Request Fulfilment

Request fulfilment is the process of dealing with agreed service requests from the users. As part of the request catalogue a number of request web forms have been developed for submitting LASER service requests, such as creating new project VRE environments. These requests when submitted by the LIDA's DAT team go directly to the appropriate ITS team bypassing the IT Service Desk. These forms and processes can be enhanced in the future to further streamline and improve upon the user experience.

These webform requests are currently available to the DAT team only to submit to IT Services.

The DAT Team

The LIDA's DAT team will act as the central point of contact for all LASER related queries and support between the business (LIDA Group & Researcher) and UoL IT Services.

The DAT team will thus manage initial queries, requests & incidents and triage them accordingly to either their internal team(s) which includes SME’s, DAT Team members or to UoL IT Services dependent upon the nature of the query. However, VRE incidents will be fulfilled by IT Services.

The ‘Creation/Change/Destruction/Software Provision’ of any VRE environment will be submitted to IT Services directly by the DAT team subject to their internal governance procedures and approval by their PI. Based upon this any requests to UoL IT Services from the DAT team will be treated as having obtained prior approval and will be treated as an authorisation to proceed with the request that is being submitted.

Further guidance

If you have any further queries or require further information, please consult with the LIDA's Data Analytics Team (DAT) in the first instance to discuss your initial VRE project requirements. The DAT team will make further enquires on your behalf as well as submitting your requirements, subject to approval, to IT Services to commence VRE builds and or changes to your existing VRE VM environments.

More information is available on the LIDA documentation site.

You may also wish to discuss further options by raising a Service Request for the Service Delivery Management team.