Presentation is loading. Please wait.

Presentation is loading. Please wait.

FP6−2004−Infrastructures−6-SSA-026409 www.eu-eela.org E-infrastructure shared between Europe and Latin America Giuseppe Andronico INFN Sezione di Catania.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "FP6−2004−Infrastructures−6-SSA-026409 www.eu-eela.org E-infrastructure shared between Europe and Latin America Giuseppe Andronico INFN Sezione di Catania."— Presentation transcript:

1 FP6−2004−Infrastructures−6-SSA-026409 www.eu-eela.org E-infrastructure shared between Europe and Latin America Giuseppe Andronico INFN Sezione di Catania 5 th EELA Tutorial Santiago, 06.09.2006 Overview of middleware

2 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 2 Outline Introduction Overview of gLite services Summary and conclusions

3 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 3 Job Workflow in gLite UI JDL Logging & Book-keeping ResourceBroker Job Submission ServiceStorageElementComputingElement InformationService Job Status LFCCatalog DataSets info Author. &Authen. Job Submit Event Job Query Job Status Input “sandbox” Input “sandbox” + Broker Info Globus RSL Output “sandbox” Job Status Publish voms-proxy-init Expanded JDL SE & CE info

4 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 4 Job Workflow in gLite UI JDL Logging & Book-keeping ResourceBroker Job Submission ServiceStorageElementComputingElement InformationService Job Status LFCCatalog DataSets info Author. &Authen. Job Submit Event Job Query Job Status Input “sandbox” Input “sandbox” + Broker Info Globus RSL Output “sandbox” Job Status Publish voms-proxy-init Expanded JDL SE & CE info

5 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 5 gLite Services Decomposition 6 High Level Services + CLI & API Legend: Available Soon Available

6 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 6 Middleware structure Applications have access both to Higher-level Grid Services and to Foundation Grid Middleware Higher-Level Grid Services are supposed to help the users building their computing infrastructure but should not be mandatory Foundation Grid Middleware will be deployed on the EGEE infrastructure –Must be complete and robust –Should allow interoperation with other major grid infrastructures –Should not assume the use of Higher-Level Grid Services

7 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 7 Grid Foundation: Security Authentication based on X.509 PKI infrastructure –Certificate Authorities (CA) issue (long lived) certificates identifying individuals (much like a passport)  Commonly used in web browsers to authenticate to sites –Trust between CAs and sites is established (offline) –In order to reduce vulnerability, on the Grid user identification is done by using (short lived) proxies of their certificates Proxies can –Be delegated to a service such that it can act on the user’s behalf –Include additional attributes (like VO information via the VO Membership Service VOMS) –Be stored in an external proxy store (MyProxy) –Be renewed (in case they are about to expire)

8 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 8 AuthN and AuthZ: pre-VOMS Authentication –User receives certificate signed by CA –Connects to “UI” by ssh –Downloads certificate –Single logon to Grid – create proxy - then Grid Security Infrastructure identifies user to other machines Authorisation –User joins Virtual Organisation –VO negotiates access to Grid nodes and resources –Authorisation tested by CE –gridmapfile maps user to local account UI AUP VO mgr Personal/once VO database grid-mapfiles on Grid services GSI VO service Daily update CA 1. 3. 2.

9 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 9 Evolution of VO management in gLite Before VOMS User is authorised as a member of a single VO All VO members have same rights Gridmapfiles are updated by VO management software: map the user’s DN to a local account grid-proxy-init – derives proxy from certificate – the “single sign-on to the grid” VOMS User can be in multiple VOs –Aggregate rights VO can have groups –Different rights for each  Different groups of experimentalists  … –Nested groups VO has roles –Assigned to specific purposes  E,g. system admin  When assume this role Proxy certificate carries the additional attributes voms-proxy-init

10 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 10 Virtual Organization Membership Service: –Extends the proxy with info on VO membership, group, roles –Fully compatible with GSI –Each VO has a database containing group membership, roles and capabilities informations for each user –User contacts VOMS server requesting his authorization info –Server sends authorization info to the client, which includes it in a proxy certificate [glite-tutor] /home/giorgio > voms-proxy-init --voms gilda Cannot find file or dir: /home/giorgio/.glite/vomses Your identity: /C=IT/O=GILDA/OU=Personal Certificate/L=INFN/CN=Emidio Giorgio/Email=emidio.giorgio@ct.infn.it Enter GRID pass phrase: Your proxy is valid until Mon Jan 30 23:35:51 2006 Creating temporary proxy.................................Done Contacting voms.ct.infn.it:15001 [/C=IT/O=GILDA/OU=Host/L=INFN Catania/CN=voms.ct.infn.it/Email=emidio.giorgio@ct.infn.it] "gilda" Creating proxy...................................... Done Your proxy is valid until Mon Jan 30 23:35:51 2006 VOMS: concepts Query Authentication Request Auth DB C=IT/O=INFN /L=CNAF /CN=Pinco Palla /CN=proxy VOMS AC

11 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 11 Grid foundation: Information Systems Generic Information Provider (GIP) –Provides LDIF information about a grid service in accordance to the GLUE Schema BDII: Information system in gLite 3.0 (by LCG) –LDAP database that is updated by a process –More than one DBs is used separate read and write –A port forwarder is used internally to select the correct DB 2171 LDAP 2172 LDAP 2173 LDAP 2170 Port Fwd Update DB & Modify DB 2170 Port Fwd Swap DBs GIP Provider Config File LDIF File Plugin Cache

12 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 12 Grid foundation: Information Systems R-GMA: provides a uniform method to access and publish distributed information and monitoring data –Used for job and infrastructure monitoring in gLite 3.0 –Working to add authorization Service Discovery: –Provides a standard set of methods for locating Grid services –Currently supports R-GMA, BDII and XML files as backends –Will add local cache of information –Used by some DM and WMS components in gLite 3.0

13 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 13 Grid foundation: Computing Element LCG-CE: based on GT2 GRAM –To be replaced when other CEs prove to be reliable gLite-CE: based on GSI enabled Condor-C –Supported by Condor. More efficient. Uses BLAH (see next slide) –Deployed for the first time in gLite 3.0 CREAM: new lightweight web service CE –Not yet in gLite 3 release. Will need exposure to users on dedicated system. –WSDL interface –Will support bulk submission of jobs from WMS and optimization of input/output file transfer. Uses BLAH –Plans are to have a CE with both Condor-C and CREAM interfaces

14 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 14 Grid foundation: Computing Element BLAH: interfaces the CE and the local batch system –May handle arbitrary information passing from CE to LRMS  patches to support this and logging for accounting being added now –Used by gLite-CE and CREAM CEMon: Web service to publish status of a computing resource to clients –Supports synchronous queries and asynchronous notifications –Uses the same information (GIP) used by BDII –In gLite 3 CEMon will be available to the users but the baseline is that the WMS queries the BDII –Not yet in gLite 3 release

15 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 15 Grid foundation: Accounting APEL: Uses R-GMA to propagate and display job accounting information for infrastructure monitoring –Reads LRMS log files provided by LCG-CE and BLAH –Preparing an update for gLite 3.0 to use the files form BLAH DGAS: Collects, stores and transfers accounting data. Compliant with privacy requirements –Reads LRMS log files provided by LCG-CE and BLAH. –Stores information in a site database (HLR) and optionally in a central HLR. Access granted to user, site and VO administrators –Not yet certified in gLite 3.0. Deployment plan:  certify and activate local sensors and site HLR in parallel with APEL  replace APEL sensors with DGAS (DGAS2APEL)  certify and activate central HLR; perform scalability tests

16 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 16 Grid foundation: Storage Element Storage Element –Common interface: SRMv1,migrating to SRMv2 –Various implementation from LCG and other external projects  disk-based: DPM, dCache / tape-based: Castor, dCache –Support for ACLs in DPM (in future in Castor and dCache)  After the summer: synchronization of ACLs between SEs –Common rfio library for Castor and DPM being added Posix-like file access: –Grid File Access Layer (GFAL) by LCG  Support for ACL in the SRM layer (currently in DPM only)  Support for SRMv2 being added now. In the summer add thread safety and interface to the information system.

17 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 17 High Level Services: Catalogs File Catalogs –LFC from LCG  By the end of the summer: LFC replication and backup. Hydra: stores keys for data encryption –Being interfaced to GFAL (done by July) –Currently only one instance, but in future there will be 3 instances: at least 2 need to be available for decryption. –Not yet certified in gLite 3.0. Certification will start soon. AMGA Metadata Catalog: generic metadata catalogue –Joint JRA1-NA4 (ARDA) development. Used mainly by Biomed –Not yet certified in gLite 3.0. Certification will start soon. –You will use it in this tutorial !

18 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 18 High Level Services: File transfer FTS: Reliable, scalable and customizable file transfer –Manages transfers through channels  mono-directional network pipes between two sites –Web service interface –Automatic discovery of services –Support for different user and administrative roles –Adding support for pre-staging and new proxy renewal schema –In the medium term add support for SRMv2, delegation, VOMS-aware proxy renewal

19 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 19 High Level Services: Workload mgmt. WMS helps the user accessing computing resources –Resource brokering, management of job input/output,... LCG-RB: GT2 + Condor-G –To be replaced when the gLite WMS proves to be reliable gLite WMS: Web service (WMProxy) + Condor-G –Management of complex workflows (DAGs) and compound jobs  bulk submission and shared input sandboxes  support for input files on different servers (scattered sandboxes) –Support for shallow resubmission of jobs –Job File Perusal: file peeking during job execution –Supports collection of information from CEMon, BDII, R-GMA and from DLI and StorageIndex data management interfaces –Support for parallel jobs (MPI) when the home dir is not shared –Deployed for the first time in gLite 3.0

20 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 20 High Level Services: Workflows Direct Acyclic Graph (DAG) is a set of jobs where the input, output, or execution of one or more jobs depends on one or more other jobs A Collection is a group of jobs with no dependencies –basically a collection of JDL’s A Parametric job is a job having one or more attributes in the JDL that vary their values according to parameters Using compound jobs it is possible to have one shot submission of a (possibly very large, up to thousands) group of jobs –Submission time reduction  Single call to WMProxy server  Single Authentication and Authorization process  Sharing of files between jobs –Availability of both a single Job ID to manage the group as a whole and an ID for each single job in the group nodeE nodeC nodeA nodeD nodeB

21 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 21 High Level Services: Job Information Logging and Bookkeeping service –Tracks jobs during their lifetime (in terms of events) –LBProxy for fast access –L&B API and CLI to query jobs –Support for “CE reputability ranking“: maintains recent statistics of job failures at CE’s and feeds back to WMS to aid planning Job Provenance: stores long term job information –Supports job rerun –If deployed will also help unloading the L&B –Not yet certified in gLite 3.0.

22 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 22 High Level Services: Job Priorities GPBOX: Interface to define, store and propagate fine- grained VO policies –Based on VOMS groups and roles –Enforcement of policies at sites: sites may accept/reject policies –Not yet certified in gLite 3.0.

23 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 23 From EGEE to EGEE-II JRA1 is responsible for developing the middleware SA3 is responsible for integration, testing and certification, i.e. to produce the release SA1 runs the PPS and PS systems ETICS provides the tools for building and testing used by JRA1 and SA3 JRA1 ITCZ UK DM Integration Testing Security JRA3 Certification SA1 pre-prod & prod JRA1 Res.Acc, WMS Information Data Mgmt. Integration Testing Security SA3 SA1 pre-prod & prod Certification L&B, JP EGEE EGEE-II ETICS Building & Testing Tools

24 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 24 gLite process Process controlled by the Technical Coordination Group Task Forces with developers, applications, testers and deployment experts gLite 3.0 adopts a continuous release process: –No more big-bang releases with fixed deadlines for all –Develop components as requested by users and sites –Deploy or upgrade as soon as testing is satisfactory Major releases synchronized with large scale activities of VOs (SCs) –Next major release foreseen in autumn

25 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 25 gLite Software Process SA3 Testing & Certification Functional Tests Testbed Deployment JRA1 Development Software Error Fixing SA3 Integration Deployment Packages Integration Tests Installation Guide, Release Notes, etc SA1 Pre- Production Scalability Tests Pre-Production Deployment Fail Pass SA1 Production Infrastructure Release Problem Serious problem Directives

26 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 26 Summary gLite 3 being deployed on the production infrastructure –Includes all of the well known middleware from LCG 2.7.0 New components deployed for the first time on the Production Infrastructure: –Address requirements in terms of functionality and scalability –Components deployed for the first time need extensive testing! Developed according to a well defined process –Controlled by the EGEE Technical Coordination Group Development is continuing to provide increased robustness, usability, and functionality

27 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 27 References Web site: http://www.glite.orghttp://www.glite.org Architecture and design documents: http://egee-jra1.web.cern.ch/egee%2Djra1/ http://egee-jra1.web.cern.ch/egee%2Djra1/ General documentation: http://glite.web.cern.ch/glite/documentation/ http://glite.web.cern.ch/glite/documentation/

28 FP6−2004−Infrastructures−6-SSA-026409 E-infrastructure shared between Europe and Latin America 5 th EELA Tutorial, Santiago, 06.09.2006 28 www.glite.org Questions ?

Download ppt "FP6−2004−Infrastructures−6-SSA-026409 www.eu-eela.org E-infrastructure shared between Europe and Latin America Giuseppe Andronico INFN Sezione di Catania."

Similar presentations

INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite Slides by: Erwin Laure EGEE Deputy Middleware Manager.

INFSO-RI Enabling Grids for E-sciencE EGEE and gLite Slides by: Erwin Laure EGEE Deputy Middleware Manager.
Www.eu-eela.eu E-science grid facility for Europe and Latin America gLite Overview Vanessa Hamar Universidad de Los Andes.

E-science grid facility for Europe and Latin America gLite Overview Vanessa Hamar Universidad de Los Andes.
Grid Computing - DCC/FCUP

Grid Computing - DCC/FCUP
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org www.glite.org The gLite middleware distribution OSG Consortium Meeting Seattle, 21-23.

EGEE-II INFSO-RI Enabling Grids for E-sciencE The gLite middleware distribution OSG Consortium Meeting Seattle,
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org www.glite.org EGEE Middleware Claudio Grandi (INFN – Bologna) Workshop Commissione.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE Middleware Claudio Grandi (INFN – Bologna) Workshop Commissione.
FP7-INFRA-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE Induction Grid training for users, Institute of Physics Belgrade, Serbia Sep. 19, 2008.

FP7-INFRA Enabling Grids for E-sciencE EGEE Induction Grid training for users, Institute of Physics Belgrade, Serbia Sep. 19, 2008.
The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) gLite Grid Services Abderrahman El Kharrim

The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) gLite Grid Services Abderrahman El Kharrim
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org www.glite.org Slides based on material from Sergio Andreozzi INFN-CNAF and from Pedro.

EGEE-II INFSO-RI Enabling Grids for E-sciencE Slides based on material from Sergio Andreozzi INFN-CNAF and from Pedro.
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org www.glite.org Based on material by Sergio Andreozzi INFN-CNAF OMII-Europe All-Hands.

EGEE-II INFSO-RI Enabling Grids for E-sciencE Based on material by Sergio Andreozzi INFN-CNAF OMII-Europe All-Hands.
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org The middleware Roberto Barbera University of Catania and INFN ISSGC’06 Ischia, 18.07.2006.

EGEE-II INFSO-RI Enabling Grids for E-sciencE The middleware Roberto Barbera University of Catania and INFN ISSGC’06 Ischia,
1 Overview of gLite Middleware Esther Montes Prado CIEMAT 10 th EELA Tutorial Madrid, 7.5.2007.

1 Overview of gLite Middleware Esther Montes Prado CIEMAT 10 th EELA Tutorial Madrid,
IST-2006-026409 www.eu-eela.org E-infrastructure shared between Europe and Latin America Overview of gLite Middleware Pedro Henrique Rausch Bello Instituto.

IST E-infrastructure shared between Europe and Latin America Overview of gLite Middleware Pedro Henrique Rausch Bello Instituto.
Makrand Siddhabhatti Tata Institute of Fundamental Research Mumbai 17 Aug 2009 1.

Makrand Siddhabhatti Tata Institute of Fundamental Research Mumbai 17 Aug
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE gLite Overview Gang Chen CC-IHEP, Chinese Academy of Sciences

EGEE-II INFSO-RI Enabling Grids for E-sciencE gLite Overview Gang Chen CC-IHEP, Chinese Academy of Sciences
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org gLite Data Management Services - Overview Mike Mineter National e-Science Centre, Edinburgh.

INFSO-RI Enabling Grids for E-sciencE gLite Data Management Services - Overview Mike Mineter National e-Science Centre, Edinburgh.
Www.consorzio-cometa.it FESR Consorzio COMETA Grid Introduction and gLite Overview Corso di formazione sul Calcolo Parallelo ad Alte Prestazioni (edizione.

FESR Consorzio COMETA Grid Introduction and gLite Overview Corso di formazione sul Calcolo Parallelo ad Alte Prestazioni (edizione.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org Logging and Bookkeeping and Job Provenance Services Ludek Matyska (CESNET) on behalf of the.

INFSO-RI Enabling Grids for E-sciencE Logging and Bookkeeping and Job Provenance Services Ludek Matyska (CESNET) on behalf of the.
INFSO-RI-508833 Enabling Grids for E-sciencE Workload Management System Mike Mineter

INFSO-RI Enabling Grids for E-sciencE Workload Management System Mike Mineter
EGEE-II INFSO-RI-031688 Enabling Grids for E-sciencE www.eu-egee.org www.glite.org EGEE and gLite are registered trademarks Security and Job Management.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security and Job Management.
FP6−2004−Infrastructures−6-SSA-026409 www.eu-eela.org E-infrastructure shared between Europe and Latin America The GENIUS Grid Portal Roberto Barbera Univ.

FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America The GENIUS Grid Portal Roberto Barbera Univ.

Similar presentations

Ads by Google