Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA www.eu-eela.org E-infrastructure shared between Europe and Latin America gLite Overview Grupo Grid Universidad de Los Andes Mérida, 24-29 April 2006
39
Embed
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA .
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA
www.eu-eela.org
E-infrastructure shared between Europe and Latin America
gLite Overview
Grupo Grid
Universidad de Los Andes
Mérida, 24-29 April 2006
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 2
E-infrastructure shared between Europe and Latin America
• This presentation is based in previews presentations from:– Riccardo Bruno, – Salvatore Scifo– Mike Mineter
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 3
E-infrastructure shared between Europe and Latin America
Introduction
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 4
E-infrastructure shared between Europe and Latin America
Middleware
• Grid Middleware – Layer between user applications and grid resources.
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 5
E-infrastructure shared between Europe and Latin America
Grid Concepts
• VOs:Individuals and/or Institutions having direct access to resources.
User Interface
User Interface
Grid services
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 6
E-infrastructure shared between Europe and Latin America
• Grid middleware runs on each resource– “Storage elements”
– “Compute elements”
• Additional services (both people and grid middleware) enable the grid
• Effect:
collaboration
INTERNET
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 9
E-infrastructure shared between Europe and Latin America
Building on GSI
• Build on Grid Security Infrastructure to create services that include:– Job submission: run a job on a remote computer– Information services: So I know which computer to use– File transfer: so large data files can be transferred– Replica management: so I can have multiple versions of a file
“close” to the computers where I want to run jobs
• Production grids are (currently) based on the Globus Toolkit release 2 Globus Alliance: http://www.globus.org/
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 10
E-infrastructure shared between Europe and Latin America
Convergence of Web Services and Grids
Grid prototypesweb develo
pments
Web services
“big Science” research
INTERNET
World-wide web
High throughput-computing
Massively parallel computing
High-end computing
Open Grid Services Architecture
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 11
E-infrastructure shared between Europe and Latin America
gLite
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 12
E-infrastructure shared between Europe and Latin America
gLite
• gLite is the next generation middleware for grid computing.
• Born from the collaborative efforts from academic and industrial research centers as part of the EGEE Project.
• The gLite Grid services follow a Service Oriented Architecture– facilitate interoperability among Grid services – allow easier compliance with upcoming standards
• Architecture is not bound to specific implementations– services are expected to work together – services can be deployed and used independently
• The gLite service decomposition has been largely influenced by the work performed in the LCG project
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 13
E-infrastructure shared between Europe and Latin America
gLite - Middleware
• Many VOs need sharing of resources through services– Accessing– Allocating– Monitoring– Accounting
• gLite – Lightweight Middleware for Grid Computing
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 14
E-infrastructure shared between Europe and Latin America
gLite – Service Decomposition
5 High level services
+ CLI & API
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 15
E-infrastructure shared between Europe and Latin America
gLite – Security Services
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 16
E-infrastructure shared between Europe and Latin America
gLite – Security Services Authentication
Identify entities (users, systems and services) when establishing context for message exchange (Who are you?).
Aim - Provide a Credential having a universal value that works for many purposes across many infrastructures, communities, VOs and projects.
gLite uses the PKI (X.509) infrastructure using CAs as thrusted third parties.
MyProxy (http://grid.ncsa.uiuc.edu/myproxy/)
Trust domain: The set of all EGEE CAs is our Trust Domain.
•Revocation: Identities must be revocated timely
•Credential Storage: Local or delegated credential (Services or Users)
•Privacy Preservation: Use of personal data
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 17
E-infrastructure shared between Europe and Latin America
gLite – Security Services Authorization
Allows or denies access to services, based on policies.
•Agent: The user interacts with a centralized Authorization Server•Push*: Authorization Services issue Tokens.•Pull: The resource asks to the Authorization Services.
Authorization Sources:
•Attribute Authority (AA): User <-> Set of Attibutes. (VOMS)•Policy Assertions: Third party policies. (CAS)
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 18
E-infrastructure shared between Europe and Latin America
gLite – Security Services
Auditing, Delegation, Sandboxing
Auditing - Monitoring and Post-Mortem analysis of security related events.
In computational grids It goes hand by hand with the accounting.
•Who did what?
•Where and when?
•In case of accounting:
•For how long?•For how much?
•Delegation: The need of delegate privileges to other entities is done by Proxy Certificates. This is the most widely adopted mechanism by Grid communities. (Also: Single Sign-On, Dynamic entity identification).
•Sandboxing - Grid applications need the isolation of assigned resources in a transparent fashion by Security services: AuthN and AuthZ. (Virtualisation).
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 19
E-infrastructure shared between Europe and Latin America
gLite – Grid Access
Two possibilities: APIs and CLI.
The use of web-services allows the automatic generation of APIs
(error prone, lack of tools).
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 20
E-infrastructure shared between Europe and Latin America
gLite – Information and Monitoring Services
Information services are vital low level component of Grids.
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 21
E-infrastructure shared between Europe and Latin America
gLite – Information and Monitoring ServicesBasic info and monitoring services (RGMA)
•Information is provided by a Publish and Consume mechanism.•Appearance of a single federated database to query through the SQL.•Each VO has a VDB.
•Schema - Contains tables (GLUE)•Registry – List of available sources of information (Mediation)•Producers – Source of information (Primary, Secondary, On-demand)•Consumers – Make queries against tables (Continuous, Latest, History)
Segundo Taller Latino Americano de Computación GRID – Primer Taller Latino Americano de EELA – Primer Tutorial Latino Americano de EELA 22
E-infrastructure shared between Europe and Latin America
gLite – Information and Monitoring Services Job Monitoring, Service Discovery, Network performance Monitoring