12th September 200 7 UK e-Science All Hands Meeting 1 John Kewley Grid Technology Group e-Science Centre STFC Daresbury Laboratory [email protected] GROWL Scripts: Lightweight Access to Grid Resources
Jan 29, 2016
12th September 2007 UK e-Science All Hands Meeting 1
John KewleyGrid Technology Group
e-Science CentreSTFC Daresbury Laboratory
GROWL Scripts: Lightweight Access to Grid
Resources
12th September 2007 UK e-Science All Hands Meeting 2
GROWLCollaborative project between CCLRC (now STFC) Daresbury Laboratory and the Universities of Cambridge and Lancaster, funded by the JISC VRE programme.
Project Objectives: to produce a lightweight client-side Grid connection toolkit.
Project completed January 2007
12th September 2007 UK e-Science All Hands Meeting 3
GROWLGROWL addresses the three barriers that newcomers find when using the Grid for the first time:
1. Setting up the client-side middleware2. Handling of certificates3. Job submission in the presence of firewalls
This talk looks at GROWL Scripts, GROWL Web Services takes a different approach
12th September 2007 UK e-Science All Hands Meeting 4
• Typically need to be root to install (according to documentation)
• Software must be downloaded from various locations
• There are many choices for type of installation (too many options?)
Client Middleware: Problems
12th September 2007 UK e-Science All Hands Meeting 5
InstallationGROWL scripts provide an alternative way of
installing Grid middleware on your client Linux machine to that given on the NGS website:
Advantages:• Don't need to be a privileged user• Will download client middleware packages for
your system (assuming it is supported)• Minimal setup/configuration• About 10–15 mins (if all goes well !)
12th September 2007 UK e-Science All Hands Meeting 6
The Virtual Data Toolkit (VDT) is an easy to install and configure ensemble of grid middlewarehttp://vdt.cs.wisc.edu
GROWL Scripts installs the pre-WS globus client from VDT, as well as gsi-enabled openssl and the best known (IGTF accredited) CA certificates.
12th September 2007 UK e-Science All Hands Meeting 7
1. Download GROWL Scripts$ cd$ wget http://www.growl.org.uk/Growl.tar.gz
2. Install into home directory$ tar -zxvf Growl.tar.gz
3. Build VDT client (a software distribution that includes globus)$ cd Growl; make VDT
Before using any GROWL Scripts, bash users shouldsource ~/Growl/setup.sh
while csh users shouldsource ~/Growl/setup.csh
Installing Grid Client using GROWL
12th September 2007 UK e-Science All Hands Meeting 8
Certificate helper scripts– mk-cert– growl-info, growl-login, growl-logout
VDT client installation of globus and MyProxy– grid-proxy-init, grid-proxy-info– globus-job-submit, globus-job-run– gsissh, gsiscp, openssl– myproxy-init, myproxy-info, myproxy-logon
GROWL wrapper scripts– growl-submit, growl-status, growl-get-output,– growl-sh, growl-cp, growl-mkdir, growl-rm, growl-mv,– growl-pwd, growl-which, growl-get-jobmanager, growl-queue
GROWL Scripts: Contents
12th September 2007 UK e-Science All Hands Meeting 9
Hard to remember openssl commands are wrapped for you
– Fewer passwords need to be entered– Correct file and directory permissions are applied
Certificate Manipulation
12th September 2007 UK e-Science All Hands Meeting 10
mk-cert$ openssl pkcs12 –in mykey.p12 \ -clcerts –nokeys -out usercert.pem <Pass1>
$ openssl pkcs12 –in mykey.p12 \ –nocerts -out userkey.pem <Pass1> <Pass2> <Pass2> [confirm]
$ chmod 444 usercert.pem$ chmod 400 userkey.pem
$ mv userkey.pem ~/.globus$ mv usercert.pem ~/.globus$ chmod 700 ~/.globus
$ mk-cert mykey.p12 <Pass1> [<Pass2>]
12th September 2007 UK e-Science All Hands Meeting 11
growl-loginIf you need to upload your certificate to MyProxy and
generate a local proxy, growl-login is provided:
$ grid-proxy-init... <grid-password>
$ myproxy-initYour identity: /C=UK/O=eScience/OU=CLRC/L=DL/CN=john kewleyEnter GRID pass phrase for this identity: <grid-password>...Enter MyProxy pass phrase: <myproxy-pass>Verifying - Enter MyProxy pass phrase: <myproxy-pass>
$ growl-loginPassword to protect MyProxy credential: <myproxy-pass>Enter GRID pass phrase for this id: <grid-password>
12th September 2007 UK e-Science All Hands Meeting 12
growl-infoA wrapper for grid-cert-info, grid-proxy-info and myproxy-info$ growl-infoCertificate Information (including validity)--------------------------------------------subject= /C=UK/O=eScience/OU=CLRC/L=DL/CN=john kewleynotBefore=Jun 15 16:10:35 2006 GMTnotAfter=Jun 15 16:10:35 2007 GMT
Local proxy certificate(s)--------------------------subject : /C=UK/O=eScience/OU=CLRC/L=DL/CN=john kewleyissuer : /C=UK/O=eScience/OU=CLRC/L=DL/CN=john kewleyidentity : /C=UK/O=eScience/OU=CLRC/L=DL/CN=john kewleytype : Proxy draft (pre-RFC) compliant impersonation proxystrength : 512 bitspath : /tmp/x509up_u13445timeleft : 11:57:19
12th September 2007 UK e-Science All Hands Meeting 13
GROWL job submissionHelp with transparency - user shouldn't really need to know
– Machine's jobmanager– Home directory location– Location in your path of executable
Firewall problems minimised
12th September 2007 UK e-Science All Hands Meeting 14
Running a grid job (1)
$ growl-submit dl1.nw-grid.ac.uk hostnamehttps://dl1.nw-grid.ac.uk:64010/792/116475/
$ growl-status https://dl1.nw-grid.ac.uk:64010/792/116475/PENDING
$ growl-status https://dl1.nw-grid.ac.uk:64010/792/116475/DONE
$ growl-get-output https://dl1.nw-grid.ac.uk:64010/792/116475/comp023.nw-grid.ac.uk
$ growl-submit -c dl1.nw-grid.ac.uk hostname
$ growl-statusPENDING
$ growl-statusDONE
$ growl-get-outputcomp021.nw-grid.ac.uk
12th September 2007 UK e-Science All Hands Meeting 15
Globus + FirewallsClient Grid Resource
globus-job-submit
Results
gsiscp
jobmanager
sshdgsissh /GSI-SSHTerm
globus-job-get_result
12th September 2007 UK e-Science All Hands Meeting 16
GROWL + FirewallsClient Grid Resource
growl-submit
jobmanager
sshd
globus-job-get-outputgrowl-get-output (using gsissh)
12th September 2007 UK e-Science All Hands Meeting 17
growl-submit:• uses growl-get-jobmanager to obtain default
parallel queue, rather than defaulting to jobmanager-fork
• uses growl-which to get full path of executable, ensuring it is in your path
growl-get-output:• uses gsissh to do remote retrieval, avoiding
client firewall problem
Advantages
12th September 2007 UK e-Science All Hands Meeting 18
Equivalents of many of the standard unix command tools are provided for remote filestore manipulation.
growl-ls : contents of directorygrowl-mkdir : (sub)directory creationgrowl-rm : file removalgrowl-mv : renaming/moving filesgrowl-which : finds executable in your pathgrowl-pwd : prints your home directory on the grid resourcegrowl-sh : gsissh wrapper (using default ports)growl-cp : remote file copying, including "3rd party"
An additional parameter (the grid resource) is required
Remote filestore manipulation
12th September 2007 UK e-Science All Hands Meeting 19
growl-cp can be used to stage and retrieve files. The syntax follows that of scp. It can also be used for "3rd party" file transfers
For 3rd party transfers to work, there has to be a route through all firewalls between the 2 remote resources in one direction or the other
$ growl-cp my_input_file.txt dl1.nw-grid.ac.uk:.
$ growl-cp dl1.nw-grid.ac.uk:my_output.txt .
$ growl-cp lv1.nw-grid.ac.uk:my_file.txt dl1.nw-grid.ac.uk:.
Remote file copying using growl-cp
12th September 2007 UK e-Science All Hands Meeting 20
growl-cp (1)Client Grid Resources
B
A
12th September 2007 UK e-Science All Hands Meeting 21
growl-cp (2)Client Grid Resources
B
A
12th September 2007 UK e-Science All Hands Meeting 22
growl-cp (3)Client Grid Resources
B
A
12th September 2007 UK e-Science All Hands Meeting 23
1. Easy way to build VDT2. As above + certificate scripts3. As above + use of job submission features
Usage patterns
12th September 2007 UK e-Science All Hands Meeting 24
1. Scripting help for a simplistic DIY meta-scheduler2. Use of Java CoG-kit + GSI-SSHTERM on Windows
Current/future work
12th September 2007 UK e-Science All Hands Meeting 26
Summary1. Useful as an easy way to build VDT2. Simpler job submission:
– less need be known about Grid resources– less firewall pain for retrieving data
3. Firewall-aware 3rd party file copying
http://www.growl.org.uk/