Presentation is loading. Please wait.

Presentation is loading. Please wait.

THE STEPS TO MANAGE THE GRID

Published byDwain Scott Modified over 5 years ago

Similar presentations

Presentation on theme: "THE STEPS TO MANAGE THE GRID"— Presentation transcript:

1 THE STEPS TO MANAGE THE GRID
GRID DEPLOYMENT THE STEPS TO MANAGE THE GRID ADINA RIPOSAN Applied Information Technology Department of Computer Engineering Military Technical Academy Bucharest, 2004

2 Military Technical Academy Bucharest, 2004
The steps the administrator may take to manage the Grid Planning Installation Managing enrollment of donors and users Certificate Authority Resource management Data sharing Military Technical Academy Bucharest, 2004

3 Military Technical Academy Bucharest, 2004
Planning Military Technical Academy Bucharest, 2004

4 Military Technical Academy Bucharest, 2004
Planning It is suggested that one should start by deploying a small Grid first, and learn about its installation & management, before having to confront more complicated issues involved with a large Grid. Of prime importance is understanding the fail-over scenarios for the given Grid system so that the Grid can continue operating even if any of the management machines fails in some way. Machines should be configured and connected to facilitate recovery scenarios. Military Technical Academy Bucharest, 2004

5 Military Technical Academy Bucharest, 2004
Installation Military Technical Academy Bucharest, 2004

6 Military Technical Academy Bucharest, 2004
Installation The software to be installed on the donor machines may need to be customized so that it can find the Grid management machines automatically (and potentially include pre-installed public keys for the Grid). Once the Grid is operational, there may be Application software and data that should be installed on donor machines as well. Some Grid systems include tools to assist with grid-wide license management. This can both help in: following the rules of the licenses, and most efficiently exploit those licenses. Military Technical Academy Bucharest, 2004

7 Managing enrollment of
donors and users Military Technical Academy Bucharest, 2004

8 Military Technical Academy Bucharest, 2004
Managing enrollment of donors & users Grid administrator ongoing task: To manage the members of the Grid, both the machines donating resources and the users. Users may be further organized as project groups. The administrator is responsible for controlling the rights of the users in the Grid. Donor machines may have access rights that require management as well. Grid jobs running on donor machines may be executed under a special Grid user ID on behalf of the users submitting the jobs. The rights of these Grid user IDs must be properly set so that Grid jobs do not allow access to parts of the donor machine to which the users are not entitled. Military Technical Academy Bucharest, 2004

9 Military Technical Academy Bucharest, 2004
The user and his certificate credentials must be added to the user list using the software appropriate for the Grid system deployed. In some cases, the administrator must propagate the user information to several or all Grid machines. Also, when the Grid system depends primarily on the operating system for user login, => the administrator may need to add entries to map the grid user to specific operating system user IDs on the donor machines. Military Technical Academy Bucharest, 2004

10 Military Technical Academy Bucharest, 2004
Similar ENROLLMENT activity is usually required to enroll donor machines into the grid. The machine’s identity is established and registered with the Certificate Authority. The administrator of the Grid must have an agreement with the administrator of the donor machine about user IDs, software, access rights, and any policy restrictions. The administrator must enter the machine’s identification credentials, addresses, and resource characteristics using the appropriate software for enrolling the donor machine into the Grid. In some cases, the administrator may need to manually propagate this information to other machines in the Grid. Corresponding procedures for REMOVING users and machines must be executed by the administrator. Military Technical Academy Bucharest, 2004

11 Certificate Authority
Military Technical Academy Bucharest, 2004

12 Military Technical Academy Bucharest, 2004
The Certificate Authority is one of the most important aspects of maintaining strong Grid security. An organization may choose: to use an external Certificate Authority, or to operate one itself. You must be able to trust the CA to strictly adhere to its responsibilities. The primary responsibilities of a CA: Positively identify entities requesting certificates Issuing, removing, and archiving certificates Protecting the certificate authority server Maintaining a namespace of unique names for certificate owners Serve signed certificates to those needing to authenticate entities Logging activity Military Technical Academy Bucharest, 2004

13 Military Technical Academy Bucharest, 2004
Briefly, a Certificate Authority is based on the Public Key encryption system If the originator doubly encrypts the message with his private key and the intended recipient’s public key, a secure communication link is formed. The receiver uses his private key to decrypt the message and then uses the sender’s public key for the second decryption. A similar exchange is used to get anyone’s public key from the Certificate Authority, so that the user knows that he has received an unaltered public key for the desired user. Military Technical Academy Bucharest, 2004

14 Military Technical Academy Bucharest, 2004
Resource management Military Technical Academy Bucharest, 2004

15 Military Technical Academy Bucharest, 2004
Another responsibility of the administrator is to Manage the resources of the Grid This includes setting permissions for Grid users to: use the resources track resource usage To implement a corresponding accounting or billing system. Some Grid components, usually job schedulers, have provisions for enforcing priorities & policies of various kinds. It is the responsibility of the administrator to configure these to best meet the goals of the overall organization. Software license managers can be used in a Grid setting to control the proper utilization. These may be configured to work with job schedulers to prioritize the use of the limited licenses. Military Technical Academy Bucharest, 2004

16 Military Technical Academy Bucharest, 2004
Data sharing Military Technical Academy Bucharest, 2004

17 Military Technical Academy Bucharest, 2004
Data sharing For small Grids, the sharing of data can be fairly easy, using existing networked file systems, databases, or standard data transfer protocols As a Grid grows and the users become dependent on any of the data storage repositories, the administrator should consider procedures to maintain backup copies and replicas to improve performance. => All of the resource management concerns apply to data on the Grid. Military Technical Academy Bucharest, 2004

Download ppt "THE STEPS TO MANAGE THE GRID"

Similar presentations

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
A responsibility based model EDG CA Managers Meeting June 13, 2003.

A responsibility based model EDG CA Managers Meeting June 13, 2003.
Military Technical Academy Bucharest, 2006 GRID SECURITY INFRASTRUCTURE (GSI) - Globus Toolkit - ADINA RIPOSAN Department of Applied Informatics.

Military Technical Academy Bucharest, 2006 GRID SECURITY INFRASTRUCTURE (GSI) - Globus Toolkit - ADINA RIPOSAN Department of Applied Informatics.
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © 2009. Chapter 1, pp 19-28. For educational use only.

Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © Chapter 1, pp For educational use only.
1-2.1 Grid computing infrastructure software Brief introduction to Globus © 2010 B. Wilkinson/Clayton Ferner. Spring 2010 Grid computing course. Modification.

1-2.1 Grid computing infrastructure software Brief introduction to Globus © 2010 B. Wilkinson/Clayton Ferner. Spring 2010 Grid computing course. Modification.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.

Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.

Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Similar presentations

Ads by Google