1 CENTER FOR PARALLEL COMPUTERS DEPARTMENT OF COMPUTER SCIENCE DEPARTMENT OF COMPUTING SCIENCE 2 nd International Conference on Service Oriented Computing,

Slides:

Advertisements

Similar presentations

0 McLean, VA August 8, 2006 SOA, Semantics and Security.

Advertisements

CoreGRID European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies.

Grids for Complex Problem Solving, 29 January 2003 Grid based collaborative working in large distributed organisations

Abstraction Layers Why do we need them? –Protection against change Where in the hourglass do we put them? –Computer Scientist perspective Expose low-level.

GT 4 Security Goals & Plans Sam Meder

The Open Grid Services Architecture, Version 1.0 I. Foster, H. Kishimoto, A. Savva, D. Berry, A. Djaoui, A. Grimshaw, B. Horn, F. Maciel, F. Siebenlist,

Agreement-based Distributed Resource Management Alain Andrieux Karl Czajkowski.

Internet Technologies (Grid Computing (OGSA, WSRF) )

Accounting Manager Taking resource usage into your own hands Scott Jackson Pacific Northwest National Laboratory

Applying the SOA RA Utah Public Safety ESB Project Utah Department of Technology Services April 10, 2008 Prepared by Robert Woolley.

Building an Operational Enterprise Architecture and Service Oriented Architecture Best Practices Presented by: Ajay Budhraja Copyright 2006 Ajay Budhraja,

High Performance Computing Course Notes Grid Computing.

1 NextGRID Monitoring and Fabric Management Requirements SLA Management Example: SweGrid Accounting System and Test-bed Thomas Sandholm, KTH,

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.

Latest techniques and Applications in Interprocess Communication and Coordination Xiaoou Zhang.

Intelligent Grid Solutions 1 / 18 Convergence of Grid and Web technologies Alexander Wöhrer und Peter Brezany Institute for Software.

6/4/2015Page 1 Enterprise Service Bus (ESB) B. Ramamurthy.

6/2/20071 Grid Computing Sun Grid Engine (SGE) Manoj Katwal.

Milos Kobliha Alejandro Cimadevilla Luis de Alba Parallel Computing Seminar GROUP 12.

An Agent-Oriented Approach to the Integration of Information Sources Michael Christoffel Institute for Program Structures and Data Organization, University.

A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

Stephen S. Yau CSE , Fall Security Strategies.

WORKFLOWS IN CLOUD COMPUTING. CLOUD COMPUTING  Delivering applications or services in on-demand environment  Hundreds of thousands of users / applications.

SOA, BPM, BPEL, jBPM.

Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz

1 CENTER FOR PARALLEL COMPUTERS DEPARTMENT OF COMPUTING SCIENCE DEPARTMENT OF COMPUTING SCIENCE Enforcing resource allocations with.

OPEN GRID SERVICES ARCHITECTURE AND GLOBUS TOOLKIT 4

Thinking about Accounting Matteo Melani SLAC Open Science Grid.

Scalable Systems Software Center Resource Management and Accounting Working Group Face-to-Face Meeting June 13-14, 2002.

DISTRIBUTED COMPUTING

Software Architecture Framework for Ubiquitous Computing Divya ChanneGowda Athrey Joshi.

GT Components. Globus Toolkit A “toolkit” of services and packages for creating the basic grid computing infrastructure Higher level tools added to this.

Evaluation and Testbed Development Bhavani Thuraisingham The University of Texas at Dallas Jim Massaro and Ravi Sandhu.

1 School of Computer, National University of Defense Technology A Profile on the Grid Data Engine (GridDaEn) Xiao Nong

Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.

Scalable Systems Software Center Resource Management and Accounting Working Group Face-to-Face Meeting October 10-11, 2002.

1 Introduction to Middleware. 2 Outline What is middleware? Purpose and origin Why use it? What Middleware does? Technical details Middleware services.

The Grid System Design Liu Xiangrui Beijing Institute of Technology.

1 4/23/2007 Introduction to Grid computing Sunil Avutu Graduate Student Dept.of Computer Science.

Applicazione del paradigma Diffserv per il controllo della QoS in reti IP: aspetti teorici e sperimentali Stefano Salsano Università di Roma “La Sapienza”

W3C Web Services Architecture Security Discussion Kick-Off Abbie Barbir, Ph.D. Nortel Networks.

Next Generation Grid(s) - European Grid Research R. Tirler – IST DG Dutch Grid Day Amsterdam - 3 rd July Next Generation Grid(s) European.

Chapter 5 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved.

Ames Research CenterDivision 1 Information Power Grid (IPG) Overview Anthony Lisotta Computer Sciences Corporation NASA Ames May 2,

NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.

Cracow Grid Workshop ‘06 17 October 2006 Execution Management and SLA Enforcement in Akogrimo Antonios Litke Antonios Litke, Kleopatra Konstanteli, Vassiliki.

GRID Overview Internet2 Member Meeting Spring 2003 Sandra Redman Information Technology and Systems Center and Information Technology Research Center National.

Introduction to Semantic Web Service Architecture ► The vision of the Semantic Web ► Ontologies as the basic building block ► Semantic Web Service Architecture.

Enabling the Future Service-Oriented Internet (EFSOI 2008) Supporting end-to-end resource virtualization for Web 2.0 applications using Service Oriented.

Grid Authorization Landscape and Futures Von Welch NCSA

International Symposium on Grid Computing (ISGC-07), Taipei - March 26-29, 2007 Of 16 1 A Novel Grid Resource Broker Cum Meta Scheduler - Asvija B System.

Globus and PlanetLab Resource Management Solutions Compared M. Ripeanu, M. Bowman, J. Chase, I. Foster, M. Milenkovic Presented by Dionysis Logothetis.

© 2004 IBM Corporation ICSOC2004 Panel Discussion: Grid Systems: What is needed from web service standards? Jeffrey Frey IBM.

GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.

David Foster LCG Project 12-March-02 Fabric Automation The Challenge of LHC Scale Fabrics LHC Computing Grid Workshop David Foster 12 th March 2002.

INDIGO – DataCloud Security and Authorization in WP5 INFN RIA

By Jeremy Burdette & Daniel Gottlieb. It is an architecture It is not a technology May not fit all businesses “Service” doesn’t mean Web Service It is.

1 CENTER FOR PARALLEL COMPUTERS DEPARTMENT OF COMPUTING SCIENCE DEPARTMENT OF COMPUTING SCIENCE Enforcing resource allocations with.

Exploring opportunities in the OGSA service model– realising Utility Computing Jeffrin J. Von Reich Chief architect Hewlett Packard Software Global Unit.

Towards a High Performance Extensible Grid Architecture Klaus Krauter Muthucumaru Maheswaran {krauter,

Service Oriented Architecture (SOA) Prof. Wenwen Li School of Geographical Sciences and Urban Planning 5644 Coor Hall

University of Technology

The Globus Toolkit™: Information Services

Service Oriented Architecture (SOA)

Large Scale Distributed Computing

Service Oriented Architecture (SOA)

The Anatomy and The Physiology of the Grid

Grid Systems: What do we need from web service standards?

Presentation transcript:

1 CENTER FOR PARALLEL COMPUTERS DEPARTMENT OF COMPUTER SCIENCE DEPARTMENT OF COMPUTING SCIENCE 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 An OGSA-Based Accounting System for Allocation Enforcement across HPC Centers TS10 – Service Applications Thomas Sandholm Olle Mulmo Peter Gardfjäll Erik Elmroth Lennart Johnsson

2 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Key Question ? How do we share national Grid compute resources in a fair, secure, open, and scalable way

3 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Outline Requirements on Software Qualities Open Grid Services Architecture SweGrid National Grid Testbed SweGrid Accounting System Results Lessons Learned Q & A

4 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Fairness vs. Utilization Trade-off: Fair resource distribution and optimal resource utilization Soft real-time quota enforcement User preferences Resource policies Allocation authority policies Fair Distribution Maximum Utilization Secure Operation Scalable Efficiency 

5 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Security vs. Scalability Integrity & Privacy Single Sign-on/Impersonation DoS/Replay Attack prevention Privilege Delegation Message Level vs. Transport Level Policy Driven Authorization: PDP, PAP, PIP, PEP Scale: National Grid No single point of failure but coordinated allocation enforcement Fair Distribution Maximum Utilization Secure Operation Scalable Efficiency 

6 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Openness & Interoperability Systems Integration Platform Scheduler/Workload Manager Agnostic Programming Language/Model Agnostic Portable (100% pure Java) XML Based Standards: XPath, XQuery, XSLT, GGF- UR, XML-Signature, XML-Encryption, XACML Web/Grid Services Standards: SOAP, WSDL, WS- Security, OGSA, GGF-UR, GSI, GSSAPI, OGSI/WSRF

7 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Outline Requirements on Software Qualities Open Grid Services Architecture SweGrid National Grid Testbed SweGrid Accounting System Results Lessons Learned Q & A

8 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Open Grid Services Architecture Global Grid Forum Standardization Initiative Architecture extending SOA and WSA to dynamically share stateful resources across organizational boundaries (=realizing the Grid vision) “… defining, within a service-oriented architecture, a set of core capabilities and behaviors that address key concerns in Grid systems.” OGSAv1 Assumes state modeling according to OGSI/WSRF  Core Infrastructure offering Inspection, Discovery, Lifetime Management, Notifications, Fault Handling WS-Resource = stateful resource and associated Web service.  Provide context for message exchange Addresses Grid security requirements such as Delegation and Single Sign-On

9 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Role of Accounting in OGSA Accounting foundational service to: Job Execution  Make sure that only jobs with sufficient quota can be executed on the compute resource  Decide queue priority based on available funds and usage history QoS/SLA Management  Negotiate pricing based on resource usage  Optimizing Utilization  SLA Attainment/Policing Security  Auditing  Access Control  PEP/PIP

10 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Outline Requirements on Software Qualities Open Grid Services Architecture SweGrid National Grid Testbed SweGrid Accounting System Results Lessons Learned Q & A

11 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 SweGrid SweGrid connects 600 compute nodes (Intel P4) across 6 Swedish HPC centers interconnected by 10Gbs GigaSunet network 400 HPC users at all centers (some overlapping) Inaugurated March 2004 ~50 currently active researchers Up to 10k jobs per month per site

12 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 SweGrid Continued Resource quotas allocated by Swedish National Allocations Committee (SNAC) after peer-review of promising research projects with high computational demands (c.f. NRAC) Initially homogeneous hardware but heterogeneous scheduling, security, and accounting environment (policies, tools, data, processes, etc) Wanted: Uniform resource quota use & allocation

13 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Outline Requirements on Software Qualities Open Grid Services Architecture SweGrid National Grid Testbed SweGrid Accounting System Results Lessons Learned Q & A

14 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 SweGrid Accounting System (SGAS) Key Design Points 1.Decentralized accounting solution based on standard, open protocols in compliance with the proposed OGSA 2.3-party (user, resource, allocation authority) policy customization 3.Non-intrusive to local site accounting systems 4.All components governed by a scalable cross- organizational authorization framework

15 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 SGAS Component Overview PAT BankLUTS Resource Scheduler Resource Manager Broker User WSDL JARM Policy Administration Tool Logging and Usage Tracking Service Job Account Reservation Manager SubmitJob Reserve/Release PublishUR Query AddUser

16 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 SGAS Security Design PAT Bank Resource Scheduler Resource Manager Broker User JARM PEPPEP PDPPDP PAPPAP Site Policy Manager PIPPIP PDPPDP LUTS PIPPIP PAPPAP External Authorization Service PDPPDP Membership/Community Service PIPPIP Policy Administration Point Policy Decision Point Policy Information Point Policy Enforcement Point Credential Delegation WS-SecureConversation XML-Signature XML-Encryption PKI Kerberos

17 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Outline Requirements on Software Qualities Open Grid Services Architecture SweGrid National Grid Testbed SweGrid Accounting System Results Lessons Learned Q & A

18 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Overdraft XACML Policy <Condition FunctionId= "urn:oasis:names:tc:xacml:1.0:function:integer-less-than-or- equal"> <Apply FunctionId= "urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> <EnvironmentAttributeDesignator AttributeId= "sgas:overdraw:percent:requested" DataType= " <AttributeValue DataType= " 175

19 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Overdraft Fuzzy Logic Policy R1: overdraft is low  allocation left is much  allow reservation R2: overdraft is high  allocation left is little  disallow reservation R3: allocation proximity is soon  overdraft is high  allocation left is much  allow reservation R4: allocation proximity is soon  overdraft is low  allocation left is little  allow reservation

20 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Super Computing 2004 Demonstration

21 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Outline Requirements on Software Qualities Open Grid Services Architecture SweGrid National Grid Testbed SweGrid Accounting System Results Lessons Learned Q & A

22 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Conclusions Document centric communication in conjunction with semi-structured native XML databases is a very flexible combination Batch charging and eager prepare reservation needed for scalability Timestamp based allocations distributed in a staggered monthly flow result in the best trade-off between fairness and utilization Generic PEP/PDP/PIP/PAP model useful for encapsulating and evolving authorization code OGSI/WSRF state management ideal for controlling fine grained service state such as account quotas, reservations and policies in a standard way

23 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Future Work With large-scale flexibility and configurability comes complexity and it becomes hard to optimize high-level goals and to realize detailed user QoS requirements – development of an SLA Management framework and user/resource goal driven optimizing agents (WS-Agreement, ContractNet) Initial focus has been on scientific community resource sharing - support economic brokering and for-profit banks Multi jobs may overload the bank - SAML assertions (c.f. cheques) as a multi-allocation payment and reservation method

24 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Learn more…

25 2 nd International Conference on Service Oriented Computing, New York, NY, November, 2004 Outline Requirements on Software Qualities Open Grid Services Architecture SweGrid National Grid Testbed SweGrid Accounting System Results Lessons Learned Q & A