1Maria Dimou- cern-it-gd LCG End of the Task Force for VO User Registration of LHC Experiment Users Grid Deployment.

Slides:

Advertisements

Similar presentations

Last update 01/06/ :23 LCG 1Maria Dimou- cern-it-gd Maria Dimou IT/GD Site Registration policy & procedures

Advertisements

Dec 14, 20061/10 VO Services Project – Status Report Gabriele Garzoglio VO Services Project WBS Dec 14, 2006 OSG Executive Board Meeting Gabriele Garzoglio.

Role Based VO Authorization Services Ian Fisk Gabriele Carcassi July 20, 2005.

INFSO-RI Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK

VOX Project Status T. Levshina. Talk Overview VOX Status –Registration –Globus callouts/Plug-ins –LRAS –SAZ Collaboration with VOMS EDG team Preparation.

VOMS Alessandra Forti HEP Sysman meeting April 2005.

May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division,

Apr 30, 20081/11 VO Services Project – Stakeholders’ Meeting Gabriele Garzoglio VO Services Project Stakeholders’ Meeting Apr 30, 2008 Gabriele Garzoglio.

PanDA Multi-User Pilot Jobs Maxim Potekhin Brookhaven National Laboratory Open Science Grid WLCG GDB Meeting CERN March 11, 2009.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Voms & Voms-admin report Vincenzo Ciaschini.

VOMRS/VOMS-Admin Convergence and VO Services Project Status Tanya Levshina Computing Division, Fermilab.

INFSO-RI Enabling Grids for E-sciencE EGEE/LCG Joint Security Policy Group David Kelsey, CCLRC/RAL, UK EGEE.

Moving towards VOMS-admin Alberto Rodríguez Peón IT-PES-PS.

Responsibilities of ROC and CIC in EGEE infrastructure A.Kryukov, SINP MSU, CIC Manager Yu.Lazin, IHEP, ROC Manager

Security Policy Update LCG GDB Prague, 4 Apr 2007 David Kelsey CCLRC/RAL

13-Jul-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the Joint LCG/EGEE Security Group) CERN 13 July 2004 David Kelsey CCLRC/RAL,

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,

23-Oct-03D.P.Kelsey, LCG Security Update, HEPiX1 LCG Security Update HEPiX-HEPNT, TRIUMF, 23 October 2003 David Kelsey CCLRC/RAL, UK

INFSO-RI Enabling Grids for E-sciencE SA1 and gLite: Test, Certification and Pre-production Nick Thackray SA1, CERN.

Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Usage of virtualization in gLite certification Andreas Unterkircher.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks VOMS SAML Vincenzo Ciaschini MWSG Zurich,

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks VOMS Vincenzo Ciaschini EGEE/OSG Workshop.

15-Dec-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the Joint Security Policy Group) CERN 15 December 2004 David Kelsey CCLRC/RAL,

CERN-IT Oracle Database Physics Services Maria Girone, IT-DB 13 December 2004.

Role Based VO Authorization Services Ian Fisk Gabriele Carcassi July 20, 2005.

US LHC OSG Technology Roadmap May 4-5th, 2005 Welcome. Thank you to Deirdre for the arrangements.

WebFTS File Transfer Web Interface for FTS3 Andrea Manzi On behalf of the FTS team Workshop on Cloud Services for File Synchronisation and Sharing.

6/23/2005 R. GARDNER OSG Baseline Services 1 OSG Baseline Services In my talk I’d like to discuss two questions:  What capabilities are we aiming for.

EGEE-III INFSO-RI Enabling Grids for E-sciencE Antonio Retico CERN, Geneva 19 Jan 2009 PPS in EGEEIII: Some Points.

USATLAS deployment We currently use VOMS Role based authorization in production within USATLAS. In the VO we have defined 4 groups/roles that satisfy our.

Security Operations David Kelsey GridPP Deployment Board 3 Mar 2005

Documentation (& User Support) Issues Stephen Burke RAL DB, Imperial, 12 th July 2007.

VO Membership Registration Workflow, Policies and VOMRS software (VOX Project) Tanya Levshina Fermilab.

DTI Mission – 29 June LCG Security Ian Neilson LCG Security Officer Grid Deployment Group CERN.

Last update 21/01/ :05 LCG 1Maria Dimou- cern-it-gd Current LCG User Registration, VO management and Authorisation Procedures VOMS workshop

Virtual Organization Membership Service eXtension (VOX) Ian Fisk On behalf of the VOX Project Fermilab.

Last update 29/01/ :01 LCG 1Maria Dimou- cern-it-gd Maria Dimou IT/GD CERN VOMS server deployment LCG Grid Deployment Board

Last update 31/01/ :41 LCG 1 Maria Dimou Procedures for introducing new Virtual Organisations to EGEE NA4 Open Meeting Catania.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Update Authorization Service Christoph Witzig,

Sep 25, 20071/5 Grid Services Activities on Security Gabriele Garzoglio Grid Services Activities on Security Gabriele Garzoglio Computing Division, Fermilab.

LCG WLCG Accounting: Update, Issues, and Plans John Gordon RAL Management Board, 19 December 2006.

1Maria Dimou- cern-it-gd LCG GDB May 2008 USAG and direct GGUS ticket routing to Sites Grid Deployment.

1Maria Dimou- cern-it-gd LCG November 2007 GDB October 2007 VOM(R)S Workshop report Grid Deployment Board.

LCG User Level Accounting John Gordon CCLRC-RAL LCG Grid Deployment Board October 2006.

Last update 22/02/ :54 LCG 1Maria Dimou- cern-it-gd Maria Dimou IT/GD VO Registration procedure Presented by.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks EGEE and JSPG activities David Kelsey CCLRC/RAL.

Last update 29/02/ :31 LCG 1Maria Dimou- cern-it-gd Maria Dimou IT/GD VOMS status IT GD Group Meeting

18-May-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the LCG Security Group) Barcelona 18 May 2004 David Kelsey CCLRC/RAL, UK

VOX Project Tanya Levshina. 05/17/2004 VOX Project2 Presentation overview Introduction VOX Project VOMRS Concepts Roles Registration flow EDG VOMS Open.

Operations model Maite Barroso, CERN On behalf of EGEE operations WLCG Service Workshop 11/02/2006.

VOX Project Status T. Levshina. 5/7/2003LCG SEC meetings2 Goals, team and collaborators Purpose: To facilitate the remote participation of US based physicists.

Last update 13/03/ :11 LCG 1Maria Dimou- cern-it-gd Maria Dimou IT/GD Status of the Task Force for User Registration of LHC Experiment Users

INFSO-RI Enabling Grids for E-sciencE Joint Security Policy Group David Kelsey, CCLRC/RAL, UK 3 rd EGEE Project.

LCG User, Site & VO Registration in EGEE/LCG Bob Cowles OSG Technical Meeting Dec 15-17, 2004 UCSD.

LCG Pilot Jobs + glexec John Gordon, STFC-RAL GDB 7 December 2007.

WLCG Operations Coordination report Maria Alandes, Andrea Sciabà IT-SDC On behalf of the WLCG Operations Coordination team GDB 9 th April 2014.

EGEE is a project funded by the European Union under contract IST New VO Integration Fabio Hernandez ROC Managers Workshop,

INFSO-RI Enabling Grids for E-sciencE File Transfer Software and Service SC3 Gavin McCance – JRA1 Data Management Cluster Service.

VO Management Tanya Levshina Computing Division, Fermilab.

Grid Deployment Technical Working Groups: Middleware selection AAA,security Resource scheduling Operations User Support GDB Grid Deployment Resource planning,

VOX Project Status Report Tanya Levshina. 03/10/2004 VOX Project Status Report2 Presentation overview Introduction Stakeholders, team and collaborators.

INFSO-RI Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK

LCG A few slides for the discussion on VOMS Kors Bos, NIKHEF, Amsterdam GDB Oct.4, 2006.

Virtual Organization Management Registration Service (VOMRS) T. Levshina J. Weigand S. White Co-Authors: L. Bauerdick, G. Carcassi, I. Fisk, A. Heavey,

Bob Jones EGEE Technical Director

David Kelsey CCLRC/RAL, UK

LCG Security Status and Issues

David Kelsey CCLRC/RAL, UK

Ian Bird GDB Meeting CERN 9 September 2003

Leigh Grundhoefer Indiana University

Presentation transcript:

1Maria Dimou- cern-it-gd LCG End of the Task Force for VO User Registration of LHC Experiment Users Grid Deployment Board

2Maria Dimou- cern-it-gd LCG Feb 2007 GDB Summary A GDB-mandated Task Force (TF) worked on:  adapting VOMRS (developed at FNAL) to the GDB-approved User Registration Requirements  Linking to the CERN HR database (ORGDB) for accessing Personal user data of LHC Experiment VO members  Maintaining and deploying voms-admin SOAP interface for use by VOMRS. This required a big development, coordination and testing effort.

3Maria Dimou- cern-it-gd LCG Feb 2007 GDB Why this is the end of the TF  VOMRS is used for VO Registration (no more the LDAP service on since Feb 24 th  The TF Mandate is accomplished, namely:  Users enter only Name/ /DateOfBirth or CERN badge.  They are valid VO candidates IF their data are successfully matched against their ORGDB entry.  No more Institute Representative (IR) approval is necessary.

4Maria Dimou- cern-it-gd LCG Feb 2007 GDB What other changes were implemented by the TF  The VO Acceptance Use Policy (AUP) is displayed (not linked) for the VO candidate to read and sign.  All VO members are now prompted to, periodically, re- register with the VO in cases of:  One year passed since last registration,  Change of contract/experiment,  Change of the Grid or VO AUP.  The VO managers are able to “suspend” VO members when necessary.  Group/Role membership enabled only after Group/Role Owner/Manager's approval.

5Maria Dimou- cern-it-gd LCG Feb 2007 GDB Issues the TF handled  VOMRS extensions implemented.  ORGDB view linked to VOMRS.  ORGDB performance improved.  All VOM(R)S ported to Oracle.  Oracle connectivity optimised (OCI still pending).  Tomcat blockage solved.  Glite integration, testing and release procedures used.  Four workshops and regular check-point meetings to debug, install and plan the work:

6Maria Dimou- cern-it-gd LCG Feb 2007 GDB Key moments in the life of the TF (I)  March 2004: GDB gives the TF Mandate to the JSPG  The rest of 2004: Evaluation of ORGDB usage with advice from experts and Experiment secretariats. ORGDB view and VOMRS interface work.  2005: VOM(R)S port to Oracle. VOMS testing and integration in gLite release procedures.

7Maria Dimou- cern-it-gd LCG Feb 2007 GDB Key moments in the life of the TF (II)  Feb 24 th 2006: VOM(R)S in operation. New registrations only possible via VOMRS.  May 9 th 2006: VOM(R)S on new FIO-managed reliable hardware with master/slave switch using LinuxHA for the primary server lcg-voms.cern.ch.  Oct 16 th 2006: End of the VOMS-LDAP synchronisation service. Voms-proxy-init possible only for users, who properly registered in VOMRS.

8Maria Dimou- cern-it-gd LCG Feb 2007 GDB Key moments in the life of the TF (III)  Dec 11 th 2006: End of lcg-registrar.cern.ch and the LHC Vos' LDAP Grid job running possible only for users, who properly registered in VOMRS.  Dec 13 th 2006: Tomcat melt-down dictates a new architecture for the CERN servers. Since then:  voms.cern.ch is used for gridmap file generation only (requires voms-admin)  lcg-voms.cern.ch is used for user registration only (requires vomrs).

9Maria Dimou- cern-it-gd LCG Feb 2007 GDB On-going issues and post-TF tasks GDB Advice needed!  Operations: Wrong/expired/incomplete ORGDB entries are a headache for VO managers, VOMRS supporters and the Experiment secretariats because t hey ARE show-stoppers for Grid usage.  Development/Deployment: There will be no more a framework for:  Regular developers' meetings.  Communication between the developers and the VO Managers.  Debugging with the VOM(R)S testers and service managers.  Clarifications between developers and gLite integrators.

10Maria Dimou- cern-it-gd LCG Feb 2007 GDB Credits  ORGDB view: Wim van Leersum  ORGDB/voms-admin: Karoly Lorentey  VOMRS: Tanya Levshina, John Weigand ( )  VOMS-ADMIN: Andrea Ceccanti  VOMS: Vincenzo Ciaschini, Valerio Venturi  Testing: Maria Alandes, Lanxin Ma  Valuable contributors: JSPG, VO Managers, CERN FIO, Exp. Secretariats, CERN Users' Office.

11Maria Dimou- cern-it-gd LCG Feb 2007 GDB Related documents  TF Mandate:  LHC Experiment users’ new Registration flow:  VOM(R)S new requirements: