Distributed Account Management Middleware

Distributed Account Management Distributed Account Management MiddlewareMiddleware

Glenn Bresnahan (PI), Boston University

Steve Quinn (CoPI), NCSA

Aaron Fuegi, Boston University

Chris Pond, NCSA

Michael Shapiro, NCSA

Ester Soriano, NCSA

ObjectiveObjective

Provide mechanisms to allow for the automated management of resource allocations, resource access control, user information, user login accounts, and usage reporting in a grid environment spanning multiple administrative domains

BackgroundBackground

Alliance partnership (PACI)– NCSA, Boston, Kentucky, New Mexico,

Wisconsin, MauiNSF PACI Allocation Peer Review

(NRAC and AAB) Manage accounts, allocations and

reporting across Alliance resources

RequirementsRequirements

Compatible with current practices (e.g. PACI)

Independent of local account management system

Heterogeneous environmentMultiple administration domains Economic model neutral

StrategyStrategy

Provide grid services to exchange and manipulate shared accounting objects– Resource requests– Resources allocations– User information – Project/group information– Access permissions– Usage reports

AMIE Data RepresentationAMIE Data Representation

XML schema for Accounting Objects–Machines– Users– Accounts– Allocations– Usage

AMIE ArchitectureAMIE Architecture Transaction-based exchange mechanism

– Transaction comprised of sequence of packets (messages) and acknowledgements

Sites send Requests and Notifications– Site A requests site B to perform an action– Site B notifies site A of actions taken

• Independently or as the result of a request Set of objects and states

– Well defined state change sequences Robust error detection and recovery Asynchronous or real-time communication

– No transport reliability assumptions “Glue” modules to interface to site-specific

accounting system

Configuration: Star Configuration: Star

Central AccountData Base

Central AccountData Base

RemoteSite

RemoteSite

RemoteSite

RemoteSite

RemoteSite

RemoteSite

RemoteSite

RemoteSite

AMIEAMIE

AMIEAMIE AMIEAMIE

AMIEAMIE

Configuration: Peer to Peer Configuration: Peer to Peer

Site ASite A Site BSite BAMIEAMIE

Current ImplementationsCurrent Implementations

Alliance Partner Sites (Version 1) Alliance Grid Testbed (Version 1) Teragrid (Version 2 – NMI) NEES Grid (Version 2 – NMI)

(implementation in progress)

Transaction Example 1Transaction Example 1Account CreationAccount Creation

Local Site Central Databaserequest_account_createrequest_account_create

inform_transaction_completeinform_transaction_complete

acknowledgeacknowledge

notify_account_createnotify_account_createacknowledgeacknowledge

data_account_createdata_account_createacknowledgeacknowledge

acknowledgeacknowledge

Transaction Example 2Transaction Example 2Modify User InformationModify User Information

Local Site Central Databaserequest_user_modifyrequest_user_modify

acknowledgeacknowledge

notify_user_modifynotify_user_modifyacknowledgeacknowledge

inform_transaction_completeinform_transaction_completeacknowledgeacknowledge

Transaction Example 3Transaction Example 3Usage ReportingUsage Reporting

Local Site Central Databasenotify_project_usagenotify_project_usage

acknowledgeacknowledge

inform_transaction_completeinform_transaction_completeacknowledgeacknowledge

Transaction StatesTransaction States

Four possible states1. On-holdOn-hold - Waiting for another event. No

further action should be taken until state changes.

2. In-progressIn-progress – processing is underway3. CompletedCompleted – processing completed4. ErrorError – processing failed. More

information is available via the packet state

Transaction Packet States Transaction Packet States Incoming PacketsIncoming Packets

ConstructConstruct – Message being assembled ReceivedReceived – Complete and ready to be

processed ValidateValidate – Waiting for XML validation InboxInbox – Waiting to be put into AMIE DB DoneDone – All processing sucessfully

completed ErrorError – Awaiting error notification to be

issued FailedFailed – Completed with failure

Transaction Packet States Transaction Packet States Outgoing PacketsOutgoing Packets ConstructConstruct – Message being assembled ValidateValidate – Waiting for XML validation OutboxOutbox – Waiting to be transmitted SentSent – Sucessfully sent to remote site WaitWait – Waiting for a reply DoneDone – All processing sucessfully

completed ErrorError – Awaiting error notification to be

issued FailedFailed – Completed with failure

AMIE Reference Implementation AMIE Reference Implementation

Site ASite A

Account ManagementData Base A

Account ManagementData Base A

AMIE Data BaseAMIE Data Base

TransactionsTransactions

Account ManagementSystem A

Account ManagementSystem A

AMIE MethodsAMIE Methods

Site BSite B

Account ManagementData Base B

Account ManagementData Base B

AMIE Data BaseAMIE Data Base

TransactionsTransactions

Account ManagementSystem B

Account ManagementSystem B

AMIE MethodsAMIE Methods

Current StatusCurrent StatusItems CompleteItems Complete

Core AMIE systemXML SchemaXML validationMethod call interface specificationTransport/processing engineState trackingError handlingTestbed Implementation

Current StatusCurrent StatusReference ImplementationReference Implementation

Reference implementation of AMIE method call interface

Relational "intermediate DB" schema (Oracle, Postgres, Sybase support) to interface AMIE to local AM system

Current StatusCurrent StatusIn DevelopmentIn Development

Reference implementation of Account Management system– fully functional AM DB Schema–method call implementation– glue between AM system and AMIE

implementation– Should be "drop in" AM system with grid

capability through AMIE

Current StatusCurrent StatusPackagingPackaging

Core implementationReference implementation of method

call interfaceReference AM implementationDocumentation

Distributed Account Management Distributed Account Management

Questions?