V1.2  

Introduction

The Nectar Service Level Objectives document outlines the expected service levels for the ARDC Nectar Research Cloud, detailing availability, performance, data management, security, support, and maintenance standards. This national research cloud platform provides researchers and research organisations access to computing infrastructure and collaborative tools to support research excellence. Note that this document is not a binding Service Level Agreement (SLA), it is to provide users or potential users of Nectar with information on the service level objectives or targets of the Nectar Research Cloud.

The Nectar Research Cloud is operated by the Australian Research Data Commons (ARDC) and its Node partners, which are universities or research infrastructure organisations with multiple universities as members. The cloud infrastructure is distributed across the Nodes, but is operated as a federated national research cloud, presenting a standard interface to users. ARDC operates the central cloud services.

Availability Targets

In the last 3 years Nectar has achieved availability of approximately 99.95% for the central cloud services and approximately 99.4% for Node compute and storage infrastructure and services.

• Central Services: Target uptime of more than 99.95%.

• Node Infrastructure: Targets more than 99% availability for Node compute* and storage infrastructure and services, acknowledging the possibility of scheduled and unscheduled downtime for maintenance and upgrades.

• Nectar services are available 24/7, however user support and operational staff are usually only available during business hours.

The Nectar Research Cloud aims to provide a continuous 24/7 service, ensuring researchers can access the platform and its resources whenever needed. We recognise that the research process demands uninterrupted access to computing infrastructure, and we strive to maintain high levels of availability, targeting uptime of the central cloud services at more than 99.95% and the Node compute and storage infrastructure and services at more than 99% availability, measured by the successful instantiation of a new virtual machine in a specific availability zone. However, there may be instances of scheduled and unscheduled downtime for maintenance, upgrades, or unforeseen circumstances. During such periods, we will make every effort to minimise disruption and promptly restore full functionality, however note that user support and operational staff are usually only available during business hours, which may affect outage resolution times. Measurements of these metrics are available on the Nectar Research Cloud status page.

*Note: The Nectar reservation service for GPU and large memory resources has 4 scheduled maintenance days per year (one per quarter). The above target uptime excludes these maintenance days.

Performance Targets

• Compute: Offers virtual machine (VM) flavors with various CPU and RAM configurations to meet different research needs, and GPU resources for compute-intensive applications.

• Storage: Provides flexible storage options, with root or ephemeral disk storage typically faster than volume storage, which is faster than object storage. Performance may vary across different Nodes and Availability Zones.

• Network: High-speed data transfers within the platform and connected institutions are enabled, with performance potentially varying based on the user's location and network conditions.

The performance of the Nectar Research Cloud covers three main aspects of the service: compute, storage, and network capabilities. It's important to note that due to the decentralised nature of infrastructure provisioning within the federation, performance may vary across different Nodes of the cloud. These guidelines are intended to assist in establishing realistic expectations. They ensure that researchers can effectively plan and execute their projects while considering the potential variability inherent in the platform's infrastructure configuration.

1. Compute Performance:

CPU: Nectar offers a variety of VM flavors with different CPU and RAM configurations, ensuring that researchers can find the right balance between processing power and resource allocation based on their needs.

GPU: Nectar provides access to GPU resources of different sizes and types for researchers working with computational intensive, graphics intensive or Artificial Intelligence (AI) /  Machine Learning (ML) applications, ensuring optimal processing capabilities for demanding workloads.

Users should be aware that the performance of both CPU and GPU VMs will vary based on variation in processor hardware on different compute servers, the amount of overcommit (the ratio of virtual to physical CPUs), and the current usage on a particular compute server. 

2. Storage Performance:

Nectar provides different types of storage. Root or ephemeral disk storage is typically faster than volume storage which is typically faster than object storage. Different Nectar Nodes and Availability Zones (AZs) have different storage systems so data I/O performance may vary at different AZs, particularly for volume storage.

3. Network Performance:

Nectar enables high-speed data transfers within the platform and between connected institutions, facilitating efficient collaboration and data sharing. Within an AZ, networking is usually at least 40Gbit/s over Ethernet. Data transfer within an institution uses the institution’s internal network. Data transfer between institutions uses AARNet.

Some variation in network performance may occur depending on the Node or AZ, the user's location and network conditions.

It is important for researchers to understand these performance guidelines, as they can help inform decisions on resource allocation and project planning. By providing a robust, scalable, and high-performance infrastructure, Nectar Research Cloud supports researchers in achieving their research objectives.

Data Management

• Retention Policies: Volume and Object storage are designed for active data processing and analysis, not long-term storage. Users are expected to retain data only as necessary and delete it upon project completion.

• Backup and Recovery: Volume storage does not include automatic backups; users are responsible for their own backup strategies. Object storage is resilient, storing three copies of data across multiple data centres.

Nectar is designed for active data processing and analysis and is not a data repository. It is crucial to understand that Nectar does not provide data persistence or retention. Researchers are expected to retain their data only for the period necessary for their analysis, unless they are using Nectar to host a research platform or service. Upon completion of their project, users should export or download their analysed data and delete it from Nectar. 

Backup and Recovery Options:

1. Volume Storage: Volume storage in Nectar Research Cloud does not include automatic backups. Researchers are responsible for creating and managing their own backup strategy to ensure the safety and recoverability of their data.

2. Object Storage: Nectar's object storage is highly resilient, storing three copies of data across multiple data centres. This redundancy provides a robust solution for data storage, but researchers should still consider additional backup options as part of their overall data management strategy.  

Storage capacity limits are determined by the allocation approvers based on the available capacity of the Node local volume storage and the Nectar federation object storage.

Researchers must understand and adhere to storage limits, institutional as well as any legal jurisdiction policies, and backup and recovery options when using the Nectar Research Cloud. By doing so, they can ensure the responsible and efficient use of resources, safeguard their valuable data, and minimise the risk of data loss.

Security and Compliance

• Security Measures: Includes strict access control, encryption for data in transit, and the possibility of encryption at rest, alongside intrusion detection and prevention systems for monitoring network traffic and user activity.

• Compliance Standards: Adheres to Australian Government's Information Security Manual (ISM), Australian Privacy Principles (APPs), and institution-specific security policies and requirements.

The Nectar Research Cloud is committed to maintaining a secure environment that safeguards researchers' data and protects against unauthorised access, data breaches, and cyber threats. To achieve this, we have implemented a comprehensive set of security measures and adhere to industry-recognised compliance standards. Nectar infrastructure is hosted by universities and research infrastructure providers and conforms to their cybersecurity policies and processes.

Security Measures:

1. Access Control: Nectar employs strict access control mechanisms, ensuring that only authorised users can access the platform and its resources. Users are required to authenticate using their institutional accounts via the Australian Access Federation (AAF).  It is important to note that virtual machines launched by users of the Nectar Research Cloud are secured independently by the administrator of the virtual machine.  It is the responsibility of this administrator to ensure that the virtual machine is appropriately protected.

2. Encryption: Communication between users and the Nectar Research Cloud is encrypted using industry-standard encryption protocols, safeguarding sensitive information during transit. Additionally, data encryption at rest is also possible, though it's important to note that implementing this level of security can lead to a notable impact on overall performance.  Users are responsible for ensuring transfer of their data is done via encrypted protocols and secure data transfer applications and for implementing any additional encryption requirements such as encryption at rest.

3. Intrusion Detection and Prevention: Nectar utilises advanced intrusion detection and prevention systems to continuously monitor network traffic and user activity for signs of potential threats or unauthorised access. Additionally, each Node within the Nectar federation has its own protection measures in place, with varying levels of protection tailored to its specific infrastructure and requirements. It is important for users to note that this is monitoring of the cloud infrastructure, and does not cover user’s virtual machines.  Some Nodes may provide local intrusion detection, but it is the responsibility of the user to confirm and manage this requirement for their instances.

4. Regular Security Audits and Updates: Nectar conducts periodic security audits to identify vulnerabilities and ensure that the platform remains up-to-date with the latest security patches and best practices.  Instances built using standard Nectar images are protected by automatic security patching and updates to the operating system, however users are responsible for their virtual machines and should confirm security patching and updates are being applied regularly to any software they install.

5. Incident Response Plan: In the event of a security breach or incident, Nectar has a well-defined incident response plan in place to quickly detect, contain, and remediate any issues. In the event that a user’s virtual machine is suspected to be compromised, Nectar will work with local network administrators and cybersecurity personnel to isolate the virtual machine to limit further damage.  Users will be contacted to determine the most appropriate course of action to recover their instance, if it is possible to do so.

Compliance Standards:

Nectar Research Cloud adheres to a range of compliance standards relevant to research data management and the academic sector. These standards include, but are not limited to, the Australian Government's Information Security Manual (ISM) and the Australian Privacy Principles (APPs). Additionally, Nectar works closely with its partner institutions to ensure that the platform complies with each institution's specific security policies and requirements.

By implementing robust security measures and adhering to strict compliance standards, the Nectar Research Cloud aims to create a secure, reliable, and trustworthy environment that researchers can confidently rely on for their work.

Support Services

• Help Desk Hours: Operates during standard business hours, typically 7:00 am to 6:00 pm (Australian Eastern Time), Monday to Friday, excluding public holidays.

• Response Times: Aims to provide an initial response to support requests within 30 minutes of ticket submission, with a resolution aim within 5 business days, depending on issue complexity.

The Nectar Research Cloud offers a range of support services to assist researchers in utilising the platform effectively. These services include:

1. Distributed Help Desk: Our help desk provides support for technical issues, queries related to the platform's features and functionality, and guidance on best practices for using Nectar Research Cloud.  Users should submit support tickets relating to Nectar and their virtual machine instances through this service rather than their institutional IT support channels. 

2. Knowledge Base: The knowledge base contains articles and documentation addressing common questions and offering detailed support material for various aspects of the platform.

3. Self-paced Tutorials: Researchers can access self-paced tutorials that provide step-by-step guidance on various tasks and procedures within the Nectar Research Cloud.

4. Live Training Sessions: Periodically, we offer live training sessions to help researchers enhance their skills and knowledge of the platform.

Help Desk Hours:

The Nectar Research Cloud help desk operates during standard business hours, typically from 7:00 am to 6:00 pm (Australian Eastern Time), Monday to Friday (excluding public holidays). Support services are limited during extended holiday periods, such as University close down periods.

Response Times:

Our help desk is committed to delivering prompt and efficient support to researchers. We aim to provide an initial response  to support requests within 30 minutes of a ticket being raised, with an aim to resolve within 5 business days. Resolution times for specific issues may vary depending on the complexity, impact, and urgency of the problem and the availability of support staff.

By offering a range of support services, Nectar Research Cloud ensures that researchers have access to the assistance they need to make the most of the platform and its features. Our commitment to prompt response times and comprehensive support resources helps researchers overcome challenges and focus on their research objectives.

Maintenance and Updates

• Notification Policies: Timely notifications for maintenance upgrades or outages, with a structured notification period based on the outage's impact, at least 1 week for minor scheduled outages, 4 weeks for major scheduled outages, and as soon as possible for emergency situations.

We prioritise providing timely notifications for any outages that may impact users. The following table breaks down the different types of outages, their impact on users, the period of advance notice given, and the channels through which notifications will be sent.

Contact Information

For further details on Nectar Service Level Objectives or to seek support, users are encouraged to contact the Nectar support team through the distributed help desk service, accessible via the Nectar Support Centre or from the Nectar Research Cloud dashboard.