The National Grid Service and OGSA-DAI Mike Mineter
2 Policy for re-use This presentation can be re-used for academic purposes. However if you do so then please let training- know. We need to gather statistics of re-use: no. of events, number of people trained. Thank you!!training-
3 March 2008: The NGS Core, Partners & Affiliates,
4 OGSA-DAI on the NGS Objective –Encourage lots of data services to be provided for NGS VOs to use! –Stimulate new research! How? –On a grid its easier to orchestrate distributed resources NGS spans the country – natural infrastructure for collaborative research, service-oriented research for many communities –Light the touch-paper - establish the data services!
5
6 NGS software Computation services based on Globus Toolkit –Sequential or parallel jobs, from batch queues –Can run multiple jobs concurrently Data services: –Storage Resource Broker: Primarily for file storage and access Virtual filesystem with replicated files –NGS Oracle service –OGSA-DAI: Data Access and Integration Primarily for grid-enabling data not on the SRB or Oracle (files, relational, XML) Authorisation, Authentication –Built on GSI, VOMS
7 NGS Software - 2 Middleware recently deployed –Resource Broker –Applications Repository (NGS Portal) –GridSAM – alternative for job submission and monitoring –GRIMOIRES – registry of services (e,g,GridSAM instances) –VOMS - Virtual Organisation Membership Service Developed by partners: –Application Hosting Environment: AHE –P-GRADE portal and GEMLCA Being deployed –WS-GRAM: GT4 job submission Under development –Shibboleth integration
8 Resource Broker NGS nodes Local Workstation UI UI (user interface) has preinstalled client software Resource Broker User describes job in text file using Job Description Language Submits job to Resource Broker (pre-production use at present)
9 GridSAM NGS nodes Local Workstation UI (user interface) has preinstalled client software GridSAM User describes job in XML using Job Submission Description Language Web services interfaces to chosen GridSAM instance (SAM: Submission and Monitoriing)
10 OGSA-DAI on NGS With release 3 is available, timely for: OGSA-DAI Servers to be deployed by –Data services (EDINA, MIMAS, bio…, …..) for diverse communities –VOs for its members –Also one or more NGS core nodes – with Oracle access OGSA-DAI client software could then be run in –Desktop machines (with proxy certificate etc) –user interface machines – for resource broker –on NGS nodes (stage client to NGS worker) –in higher level services (like workflow)
11 One example
12 The Role of the Virtual Organisation (VO) Compute Center VO Service slide based on presentation given by Carl Kesselman at GGF Summer School 2004
13 VOMS- Virtual Organisation Membership Service VO can have groups –Different rights for each –Nested groups VO has roles –Assume role for specific purposes - when user chooses E,g. system admin, updating files read by the VO voms-proxy-init –Proxy certificate carries the additional attributes
14 Options for OGSA-DAI service on NGS Authentication – X.509 based –Proxy certificates – delegation, … –Around end 2008, bridging of Shibboleth to NGSs proxy world Authorisation options –Service takes Distinguished Name from proxy associated with a request, uses a look-up to map DN to e.g. local account / username / password for access to resource Call to external database of rights –Use VOMS extension in proxy Use VO / VO group or role to assign rights (OMII-Europe releasing OGSA-DAI extension for this)
15 Web Sites NGS – –Wiki service: –Training events: Additional information includes: –about Oracle on NGS: See tutorial by Keir Hawker and Simon Collins, Thursday 17 January 2008 –About VOMS – talk by Mike Jones on 18 January 2008