Presentation is loading. Please wait.

Presentation is loading. Please wait.

August 2007 Leveraging Campus Authentication to Access the TeraGrid - OR - Partnering with Campuses to Broaden Participation in TeraGrid Scott Lathrop.

Published bySheryl Melissa Logan Modified over 8 years ago

Similar presentations

Presentation on theme: "August 2007 Leveraging Campus Authentication to Access the TeraGrid - OR - Partnering with Campuses to Broaden Participation in TeraGrid Scott Lathrop."— Presentation transcript:

1 August 2007 Leveraging Campus Authentication to Access the TeraGrid - OR - Partnering with Campuses to Broaden Participation in TeraGrid Scott Lathrop TeraGrid Director Education, Outreach and Training lathrop@mcs.anl.gov Tom Barton University of Chicago tbarton@uchicago.edu www.teragrid.org

2 August 2007 11 Resource Providers, One Facility

3 August 2007 TeraGrid Vision TeraGrid will create integrated, persistent, and pioneering computational resources that will significantly improve our nation’s ability and capacity to gain new insights into our most challenging research questions and societal problems. This vision requires an integrated approach to the scientific workflow including obtaining access, application development and execution, data analysis, collaboration and data management.

4 August 2007 TeraGrid Architectural Model Compute Service Viz Service Data Service TeraGrid Infrastructure Network, Accounting, … POPS Help

5 August 2007 TeraGrid Resources Computing - over 250 Tflops today and growing –500 Tflop system comes on-line in January at TACC –U Tennessee system to come on-line in 2008 –Visualization - Remote visualization servers and software Data –Allocation of data storage facilities –Over 100 Scientific Data Collections Access –Over 20 Science Gateways –Shibboleth testbed to facilitate access –Central allocations mechanism Support and Services –Centralized help desk for all resource providers –Advanced Support for TeraGrid Applications (ASTA) –Education and training events and resources

6 August 2007 Account Management via TeraGrid User Portal

7 August 2007 Requesting Allocations of Time TeraGrid resources are provided for free to academic researchers and educators Development Allocations Committee (DAC) for start-up accounts up to 30,000 hours of time are requests processed in two weeks - start-up and courses Medium Resource Allocations Committee (MRAC) for requests of up to 500,000 hours of time are reviewed four times a year Large Resource Allocations Committee (LRAC) for requests of over 500,000 hours of time are reviewed twice a year

8 August 2007 TeraGrid Usage 33% Annual Growth Specific AllocationsRoaming Allocations 200 100 Normalized Units (millions) TeraGrid currently delivers an average of 420,000 cpu-hours per day -> ~21,000 CPUs DC Dave Hart (dhart@sdsc.edu)

9 August 2007 Science Gateways Broadening Participation in TeraGrid Increasing investment by communities in their own cyberinfrastructure, but heterogeneous: Resources Users – from expert to K-12 Software stacks, policies Science Gateways –Provide “TeraGrid Inside” capabilities –Leverage community investment Three common forms: –Web-based Portals –Application programs running on users' machines but accessing services in TeraGrid –Coordinated access points enabling users to move seamlessly between TeraGrid and other grids. Workflow Composer Source: Dennis Gannon (gannon@cs.indiana.edu)

10 August 2007 “ HPC University” Advance researchers’ HPC skills –Catalog of live and self-paced training –Schedule series of training courses –Gap analysis of materials to drive development Work with educators to enhance the curriculum –Search catalog of HPC resources –Schedule workshops for curricular development –Leverage good work of others Offer Student Research Experiences –Enroll in HPC internship opportunities –Offer Student Competitions Publish Science and Education Impact –Publish transformative Science Highlights –Publish education resources to NSDL-CSERD

11 August 2007 CI Days Working with campuses to take a leadership role applying CI to accelerate scientific discovery Assist in catalyzing campus-wide discussions and planning Collaboration of Open Science Grid, Internet 2, National Lamda Rail, EDUCAUSE, Minority Serving Institution Cyberinfrastructure Empowerment Coalition, TeraGrid, and local and regional organizations http://cidays.org

12 August 2007 Campus Champions Program Training program for campus representatives Campus advocate for TeraGrid and CI resources TeraGrid ombudsman for local users Quick start-up accounts managed by campus representative Direct contact with TeraGrid staff for quick problem resolution We’re looking for campuses interested in joining!

13 August 2007 Science Gateway Scaling the TeraGrid Community Resource Provider TGCDB Grant Programs uid O(10) Gateways O(10) Resource Providers O(1000) PIs O(10) Programs O(10000) Users project

14 August 2007 And now a few words from Tom….

15 August 2007 Q&A What are campuses doing to provide Shibboleth access to the desktops of the users? What are the needs of the user community? How is the community benefiting from single sign-on capabilities today? Anticipating TG putting the TGUP and POPs online as a Shibboleth SP, would campuses consider that a carrot that would help convince them to become IdPs? Are campuses in a position to provide persistent identifiers and contact information about their faculty and grad students via Shibboleth?

16 August 2007 For More Information www.teragrid.org www.computationalscience.org www.s-education.org www.nsdl.org cserd.nsdl.org www.nsf.gov/oci/ http://cidays.org lathrop@mcs.anl.gov

17 August 2007 Account management Central process for getting/managing allocation –NSF Allocations process Central database keeps track of TeraGrid user accounts at all sites –no uid or username alignment across sites Also keeps track of User’s Grid Identities –X.509 DNs –Both TG-issued and from external CAs –Pushes out to all sites All users have a TG username and password –Exposed via Kerberos 5 domain and MyProxy online-CA TeraGrid User Portal

18 August 2007 TeraGrid Access Traditional interactive SSH login via Site authn Grid (PKI) SSO SSH interactive login –Short-lived PKI credentials issues via MyProxy and User’s TG username & password –Hides site-specific identity details from user Grid Services –Globus job submission, GridFTP, etc. Science Gateways/Web Portals –Have own user databases –Tied to community accounts and allocations on TG sites –Give constrained, domain-specific interface

19 August 2007 Ultimate Id Federation Goals and Testbed Allow scaling of TeraGrid to O(10k)+ users Get TeraGrid out of identity management game to allow this Leverage existing campus identity management Allowing servicing of existing VO’s –Attribute-based authorization Allow for incident response –Blocking and/or contacting problematic users Testbed to evaluate how Shibboleth, GridShib and other tools can achieve this –NCSA, Purdue

20 August 2007 Testbed Thrusts Three thrusts… One: Java-based Grid-enabled SSH and MyProxy client Build on work from UK NGS –http://www.grid-support.ac.uk/files/gsissh/ Allow user to do Grid-based SSH SSO with no Grid client installation –Just vanilla Java –Using TeraGrid username and password This is working: –http://grid.ncsa.uiuc.edu/gsi-sshterm/

21 August 2007 Testbed Thrusts Two: Shibboleth-based TeraGrid Access Using GridShib-CA to access existing TeraGrid account –In Shibboleth terms, a Shibboleth SP that issues short-lived Grid credentials Allows user to connect to TeraGrid using their local campus authentication Integrated with Java GSI-SSH client to allow for zero-client install SSH access Currently doing bi-lateral Shibboleth peering –eventually InCommon –Requires ePPN from IdP Friendly user mode –One time registration of Shibboleth-based X.509 DN –http://gridshib-ca.ncsa.uiuc.edu/

22 August 2007 Testbed Thrusts Three: Attribute-based authorization from Science Gateways Allow Science Gateways to push VO attributes to TeraGrid sites Could be passed from user’s Idp or generated locally In development.

23 August 2007 Overview of TG Allocations Process Potential PI makes a proposal –Via Partnership Online Proposal System (POPS) –Can be for combination of compute, storage, and advanced consulting (ASTA) Proposal is reviewed –Startup proposals (DACS) in real-time –Medium and Large by committees (MRAC, LRAC) Successful PI gets login on one or more resource provider sites TeraGrid User Portal provides means of administering allocation –http://portal.teragrid.org Details: http://www.ci-partnership.org/Allocations/

24 August 2007 How can Campuses help in this process?

25 August 2007 PI Requirements PI must be a researcher or educator at a U.S. academic or non-profit research institution –Students may not be PIs but can be added to PI’s allocation

26 August 2007 Creating a POPS Account…

27 August 2007 TeraGrid User Portal SSO TG User Portal is being integrated with back-end resources to provide single interface to resources

28 August 2007 What Does the Community Need? Do you have users currently using Shibboleth? What are they using it for and what has been their experience? How can Shibboleth access to TeraGrid resources bedst enhance their research and education efforts?

29 August 2007 Next Steps and Issues TeraGrid is applying for InCommon membership as a service provider –TeraGrid User Portal as Shibboleth SP Open issues: –Level of Assurance for PIs/users –Incident Response: responsibilities of campuses when something goes wrong

30 August 2007 TeraGrid User Community Gateways Dave Hart (dhart@sdsc.edu) Growth Target

31 August 2007 Use Modality Community Size (est. number of people/projects) Batch Computing on Individual Resources 850 Exploratory and Application Porting 650 Workflow, Ensemble, and Parameter Sweep 160 Science Gateway Access 100 Remote Interactive Steering and Visualization 35 Tightly-Coupled Distributed Computation 10 TeraGrid Usage Modes in CY2006 Grid-y Users

32 August 2007 Coupled Simulation: Full Body Arterial Tree Simulation Karniadakis (Brown) Virtualized Resources, Ensembles: FOAM Climate Model Liu (UWisc) Sources: Ian Foster (UC/ANL), Mike Papka (UC/ANL), George Karniadakis (Brown). Images by UC/ANL. Advanced Support for TeraGrid Applications

33 August 2007 TeraGrid Wide Initiatives (2007-9) Science Gateways –Completing first generation integrations –Tutorials, Documentation, Services –Develop “consulting” approach Software as Service/Service Oriented Architecture –Capability Kits and Service Directory –Investigate Service Hosting Capabilities/Need Operations –Improved Instrumentation, monitoring, testing

34 August 2007 TeraGrid Open Initiatives (2007-9) Campus Infrastructure Engagement –HPC University & Institutional Ambassadors –Client Software Kit/distribution –Followup on Shibboleth/inCommon testbed Open Science Grid Partnership (& EGEE) –Software stack alignment on Condor + Globus –Training/Education/Outreach Grid Interoperation Now (GIN) –Focus next on Information Services and joint use cases –Demand growing, but still tentative Commercial Service Provision –TG buys some internal project services now (e.g. Wiki, surveymonkey) –Looking at Web, Mail, …

35 August 2007 TeraGrid Identity Federation Testbed Update I2MM April 25, 2007 VonWelch NCSA/U. of Illinois

36 August 2007 TeraGrid Objectives DEEP Science: Enabling Petascale Science –Make Science More Productive through an integrated set of very-high capability resources Address key challenges prioritized by users WIDE Impact: Empowering Communities –Bring TeraGrid capabilities to the broad science community Partner with science community leaders - “Science Gateways” OPEN Infrastructure, OPEN Partnership –Provide a coordinated, general purpose, reliable set of services and resources Partner with campuses and facilities

37 August 2007 Gateways are Expanding 10 initial projects as part of TG proposal >20 Gateway projects today No limit on how many gateways can use TG resources –Prepare services and documentation so developers can work independently Open Science Grid (OSG) Special PRiority and Urgent Computing Environment (SPRUCE) National Virtual Observatory (NVO) Linked Environments for Atmospheric Discovery (LEAD) Computational Chemistry Grid (GridChem) Computational Science and Engineering Online (CSE-Online) GEON(GEOsciences Network) Network for Earthquake Engineering Simulation (NEES) SCEC Earthworks Project Network for Computational Nanotechnology and nanoHUB GIScience Gateway (GISolve) Biology and Biomedicine Science Gateway Open Life Sciences Gateway The Telescience Project Grid Analysis Environment (GAE) Neutron Science Instrument Gateway TeraGrid Visualization Gateway, ANL BIRN Gridblast Bioinformatics Gateway Earth Systems Grid Astrophysical Data Repository (Cornell)

38 August 2007 Questions? vwelch@ncsa.uiuc.edu

39 August 2007 A Simple Use Case: TeraGrid Allocations Process Von Welch NCSA

40 August 2007 TeraGrid Overview Eleven site federation of Resource Providers –http://www.teragrid.org/ –Each with own accounts, processes, policies, etc. –There exist both TeraGrid users and local, site-specific users O(4K) TeraGrid users from wide variety of different sites –Most users not from TeraGrid sites –Almost all from U.S. campuses TeraGrid users have accounts on some/all sites –Each site has own local users as well –These are centrally managed

Download ppt "August 2007 Leveraging Campus Authentication to Access the TeraGrid - OR - Partnering with Campuses to Broaden Participation in TeraGrid Scott Lathrop."

Similar presentations

Scaling TeraGrid Access A Testbed for Attribute-based Authorization and Leveraging Campus Identity Management

Scaling TeraGrid Access A Testbed for Attribute-based Authorization and Leveraging Campus Identity Management
1 US activities and strategy :NSF Ron Perrott. 2 TeraGrid An instrument that delivers high-end IT resources/services –a computational facility – over.

1 US activities and strategy :NSF Ron Perrott. 2 TeraGrid An instrument that delivers high-end IT resources/services –a computational facility – over.
Joint CASC/CCI Workshop Report Strategic and Tactical Recommendations EDUCAUSE Campus Cyberinfrastructure Working Group Coalition for Academic Scientific.

Joint CASC/CCI Workshop Report Strategic and Tactical Recommendations EDUCAUSE Campus Cyberinfrastructure Working Group Coalition for Academic Scientific.
Advancing Scientific Discovery through TeraGrid Scott Lathrop TeraGrid Director of Education, Outreach and Training University of Chicago and Argonne National.

Advancing Scientific Discovery through TeraGrid Scott Lathrop TeraGrid Director of Education, Outreach and Training University of Chicago and Argonne National.
Science Gateways on the TeraGrid Von Welch, NCSA (with thanks to Nancy Wilkins-Diehr, SDSC for many slides)

Science Gateways on the TeraGrid Von Welch, NCSA (with thanks to Nancy Wilkins-Diehr, SDSC for many slides)
1 Software & Grid Middleware for Tier 2 Centers Rob Gardner Indiana University DOE/NSF Review of U.S. ATLAS and CMS Computing Projects Brookhaven National.

1 Software & Grid Middleware for Tier 2 Centers Rob Gardner Indiana University DOE/NSF Review of U.S. ATLAS and CMS Computing Projects Brookhaven National.
Attributes, Anonymity, and Access: Shibboleth and Globus Integration to Facilitate Grid Collaboration 4th Annual PKI R&D Workshop Tom Barton, Kate Keahey,

Attributes, Anonymity, and Access: Shibboleth and Globus Integration to Facilitate Grid Collaboration 4th Annual PKI R&D Workshop Tom Barton, Kate Keahey,
NSF Middleware Initiative: GridShib Tom Barton University of Chicago.

NSF Middleware Initiative: GridShib Tom Barton University of Chicago.
April 2009 OSG Grid School - RDU 1 Open Science Grid John McGee – Renaissance Computing Institute University of North Carolina, Chapel.

April 2009 OSG Grid School - RDU 1 Open Science Grid John McGee – Renaissance Computing Institute University of North Carolina, Chapel.
Network, Operations and Security Area Tony Rimovsky NOS Area Director

Network, Operations and Security Area Tony Rimovsky NOS Area Director
NOS Objectives, YR 4&5 Tony Rimovsky. 4.2 Expanding Secure TeraGrid Access A TeraGrid identity management infrastructure that interoperates with campus.

NOS Objectives, YR 4&5 Tony Rimovsky. 4.2 Expanding Secure TeraGrid Access A TeraGrid identity management infrastructure that interoperates with campus.
GCE06, Tampa, FL November 12-13, 2006 Science Gateways on the TeraGrid Charlie Catlett, Sebastien Goasguen, Jim Marsteller, Stuart Martin, Don Middleton,

GCE06, Tampa, FL November 12-13, 2006 Science Gateways on the TeraGrid Charlie Catlett, Sebastien Goasguen, Jim Marsteller, Stuart Martin, Don Middleton,
TeraGrid Gateway User Concept – Supporting Users V. E. Lynch, M. L. Chen, J. W. Cobb, J. A. Kohl, S. D. Miller, S. S. Vazhkudai Oak Ridge National Laboratory.

TeraGrid Gateway User Concept – Supporting Users V. E. Lynch, M. L. Chen, J. W. Cobb, J. A. Kohl, S. D. Miller, S. S. Vazhkudai Oak Ridge National Laboratory.
TeraGrid National Cyberinfrasctructure for Scientific Research PRESENTER NAMES AND AFFILIATIONS HERE.

TeraGrid National Cyberinfrasctructure for Scientific Research PRESENTER NAMES AND AFFILIATIONS HERE.
GridShib: Grid-Shibboleth Integration (Identity Federation and Grids) April 11, 2005 Von Welch

GridShib: Grid-Shibboleth Integration (Identity Federation and Grids) April 11, 2005 Von Welch
GIG Software Integration: Area Overview TeraGrid Annual Project Review April, 2008.

GIG Software Integration: Area Overview TeraGrid Annual Project Review April, 2008.
Scaling Account Creation and Management through the TeraGrid User Portal Contact: Eric Roberts

Scaling Account Creation and Management through the TeraGrid User Portal Contact: Eric Roberts
PYs 4 and 5 Objectives for Education, Outreach and Training and External Relations Scott Lathrop

PYs 4 and 5 Objectives for Education, Outreach and Training and External Relations Scott Lathrop
Open Science Grid For CI-Days Internet2: Fall Member Meeting, 2007 John McGee – OSG Engagement Manager Renaissance Computing Institute.

Open Science Grid For CI-Days Internet2: Fall Member Meeting, 2007 John McGee – OSG Engagement Manager Renaissance Computing Institute.
Science Gateways on the TeraGrid Nancy Wilkins-Diehr Area Director for Science Gateways San Diego Supercomputer Center

Science Gateways on the TeraGrid Nancy Wilkins-Diehr Area Director for Science Gateways San Diego Supercomputer Center

Similar presentations

Ads by Google