Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rutherford Appleton Lab, UK VOBox Considerations from GridPP. GridPP DTeam Meeting. Wed Sep 13 th 2005.

Published byGloria Evans Modified over 8 years ago

Similar presentations

Presentation on theme: "Rutherford Appleton Lab, UK VOBox Considerations from GridPP. GridPP DTeam Meeting. Wed Sep 13 th 2005."— Presentation transcript:

1 Rutherford Appleton Lab, UK VOBox Considerations from GridPP. GridPP DTeam Meeting. Wed Sep 13 th 2005.

2 Rutherford Appleton Lab, UK Introduction VOBoxes enable LHC VO software managers to use gsissh to access a node at a site and install and enable a persistent process. The following pages outline the constraints under which these can be operated at GridPP sites and the consequences of their installation.

3 Rutherford Appleton Lab, UK VO Services A VO service is the persistent service that is installed by small named set of users. VO services running inside VOBoxes must be well defined. –A description of any such service is required by sites. Port numbers must be divulged in advance. Does the server use authentication, if not why not. –e.g. a read only web server might be acceptable. –What logging is provided. Can I find who accessed the service at any time the last 6 months. –For a VO service that collects information. What is being monitored? What is being stored? What is being published and to who. –Access to a VO service should only given to valid VO members. –Ports are likely to be enforced via iptables (including restrictions to userid) and /or site firewall. –VO services will only run as the VOs users account at all times.

4 Rutherford Appleton Lab, UK Access Rights. VO boxes are expected not to provide a back door to fabric. –Access to compute elements still via GK. –Access to storage is via SRM. If they do then this must be clear. –e.g. CMS may want to reorder jobs. –VOs want access to software area.

5 Rutherford Appleton Lab, UK Multiple VOs A VO box must be able to be shared by multiple VOs. –Sites are not convinced that allocating 2 CPUs per VO is a good use of resources. But a site will add more if they are busy. –In reality just requires that port numbers can be changed for any VO service. The deployed VO box already support multiple VOs. The alternatives: –4 Experiments * 20 T2 sites = 80 nodes for LHC in the UK is not tenable. –Sites will drop VOs.

6 Rutherford Appleton Lab, UK Service Security For well known VO services like apache or tomcat these must be well maintained. Sites may close these services if updates are not provided in a timely fashion. Sites will close box if service is impacting the site in detrimental way.

7 Rutherford Appleton Lab, UK Providing Service To VOs What level of service is expected for experiments. –Disk backup. Procedure must exist for node interventions. –e.g. In 24hours a VOBox will be rebooted for a kernel upgrade. – Who do I tell.

8 Rutherford Appleton Lab, UK Overall Impressions VOBoxes are not in the spirit of grid. –Sites plan to drop LHC VOs if they become difficult to support requiring specialised resources rather than just sharing spare capacity. –No UK site will support all 4 LHC VOs if a VO box is a requirement. Currently all LCG UK sites do support all 4 LHC VOs. For example 19 of 20 sites are likely to drop Alice. This will be a big shift in the vision of the GridPP grid deployment. –We believe there will be a loss in the scalability of the EGEE grid non LHC VOs within EGEE. VOBoxes must be considered a short term solution. Components and functionality should be provided by the middleware where possible.

Download ppt "Rutherford Appleton Lab, UK VOBox Considerations from GridPP. GridPP DTeam Meeting. Wed Sep 13 th 2005."

Similar presentations

21 Sep 2005LCG's R-GMA Applications R-GMA and LCG Steve Fisher & Antony Wilson.

21 Sep 2005LCG's R-GMA Applications R-GMA and LCG Steve Fisher & Antony Wilson.
Your university or experiment logo here What is it? What is it for? The Grid.

Your university or experiment logo here What is it? What is it for? The Grid.
Andrew McNab - Manchester HEP - 17 September 2002 Putting Existing Farms on the Testbed Manchester DZero/Atlas and BaBar farms are available via the Testbed.

Andrew McNab - Manchester HEP - 17 September 2002 Putting Existing Farms on the Testbed Manchester DZero/Atlas and BaBar farms are available via the Testbed.
29 June 2006 GridSite - www.gridsite.org - Andrew McNabwww.gridsite.org VOMS and VOs Andrew McNab University of Manchester.

29 June 2006 GridSite Andrew McNabwww.gridsite.org VOMS and VOs Andrew McNab University of Manchester.
Level 1 Components of the Project. Level 0 Goal or Aim of GridPP. Level 2 Elements of the components. Level 2 Milestones for the elements.

Level 1 Components of the Project. Level 0 Goal or Aim of GridPP. Level 2 Elements of the components. Level 2 Milestones for the elements.
Andrew McNab - Manchester HEP - 22 April 2002 EU DataGrid Testbed EU DataGrid Software releases Testbed 1 Job Lifecycle Authorisation at your site More.

Andrew McNab - Manchester HEP - 22 April 2002 EU DataGrid Testbed EU DataGrid Software releases Testbed 1 Job Lifecycle Authorisation at your site More.
Forschungszentrum Karlsruhe in der Helmholtz-Gemeinschaft Torsten Antoni – LCG Operations Workshop, CERN 02-04/11/04 Global Grid User Support - GGUS -

Forschungszentrum Karlsruhe in der Helmholtz-Gemeinschaft Torsten Antoni – LCG Operations Workshop, CERN 02-04/11/04 Global Grid User Support - GGUS -
Andrew McNab - Manchester HEP - 2 May 2002 Testbed and Authorisation EU DataGrid Testbed 1 Job Lifecycle Software releases Authorisation at your site Grid/Web.

Andrew McNab - Manchester HEP - 2 May 2002 Testbed and Authorisation EU DataGrid Testbed 1 Job Lifecycle Software releases Authorisation at your site Grid/Web.
EGEE SA1 Operations Workshop Stockholm, 13-15/06/2007 Enabling Grids for E-sciencE Service Level Agreement Metrics SLA SA1 Working Group Łukasz Skitał.

EGEE SA1 Operations Workshop Stockholm, 13-15/06/2007 Enabling Grids for E-sciencE Service Level Agreement Metrics SLA SA1 Working Group Łukasz Skitał.
Southgrid Status Pete Gronbech: 27th June 2006 GridPP 16 QMUL.

Southgrid Status Pete Gronbech: 27th June 2006 GridPP 16 QMUL.
CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.

CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.
Joining the Grid Andrew McNab. 28 March 2006Andrew McNab – Joining the Grid Outline ● LCG – the grid you're joining ● Related projects ● Getting a certificate.

Joining the Grid Andrew McNab. 28 March 2006Andrew McNab – Joining the Grid Outline ● LCG – the grid you're joining ● Related projects ● Getting a certificate.
Security Middleware and VOMS service status Andrew McNab Grid Security Research Fellow University of Manchester.

Security Middleware and VOMS service status Andrew McNab Grid Security Research Fellow University of Manchester.
5 November 2001F Harris GridPP Edinburgh 1 WP8 status for validating Testbed1 and middleware F Harris(LHCb/Oxford)

5 November 2001F Harris GridPP Edinburgh 1 WP8 status for validating Testbed1 and middleware F Harris(LHCb/Oxford)
SOS EGEE ‘06 GGF Security Auditing Service: Draft Architecture Brian Tierney Dan Gunter Lawrence Berkeley National Laboratory Marty Humphrey University.

SOS EGEE ‘06 GGF Security Auditing Service: Draft Architecture Brian Tierney Dan Gunter Lawrence Berkeley National Laboratory Marty Humphrey University.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org SA1: Cookbook (DSA1.7) Ian Bird CERN 18 January 2006.

INFSO-RI Enabling Grids for E-sciencE SA1: Cookbook (DSA1.7) Ian Bird CERN 18 January 2006.
GGF12 – 20 Sept 2004 - 1 LCG Incident Response Ian Neilson LCG Security Officer Grid Deployment Group CERN.

GGF12 – 20 Sept LCG Incident Response Ian Neilson LCG Security Officer Grid Deployment Group CERN.
Monitoring the Grid at local, national, and Global levels Pete Gronbech GridPP Project Manager ACAT - Brunel Sept 2011.

Monitoring the Grid at local, national, and Global levels Pete Gronbech GridPP Project Manager ACAT - Brunel Sept 2011.
G RID M IDDLEWARE AND S ECURITY Suchandra Thapa Computation Institute University of Chicago.

G RID M IDDLEWARE AND S ECURITY Suchandra Thapa Computation Institute University of Chicago.
3 June 2004GridPP10Slide 1 GridPP Dissemination Sarah Pearce Dissemination Officer

3 June 2004GridPP10Slide 1 GridPP Dissemination Sarah Pearce Dissemination Officer

Similar presentations

Ads by Google