TERENA NREN-Grids workshop 1/4 Virtual Organisations Building a support infraestructure
TERENA NREN-Grids workshop 1/4
Virtual OrganisationsBuilding a support infraestructure
TERENA NREN-Grids workshop 2/4
Virtual OrganisationsWhy a support infrastructure
• Users own and require resources• Shared• Collective
Resource
Resource
User
User
Resource
User
Resource
Resource
User
User
User
Resource
UserUser
User
User
User
Resource
Resource
A infrastructure to support this activities
TERENA NREN-Grids workshop 3/4
Virtual Organisations
• A set of users• Working in a certain common area• Sharing similar needs
• Data processing• Access to data sources• Interaction among them
• Pursuing similar goals
• A set of resources• Computational• Storage• Data sources• Remote device operation• Knowledge bases• . . .
Resource
User
Resource
Resource
User
User
User
User
Resource
User
Resource
TERENA NREN-Grids workshop 5/4
A support infraestructureThe IRISGrid case
• pkIRISGrid• Distributed RAs per organisation/VO• Based on the IRISGrid directory
• The IRISGrid AAI• Grid portal toolkits• Collaborative tools
• From mailing lists to real-time systems
• Resource location• Based on a federated approach
• The IRISGrid Directory• VO management: Users, centres, resources, research areas
• Web interfaces wherever possible• As integrated as we can
TERENA NREN-Grids workshop 6/4
Collaborative toolsThe good old mailing lists
• Essential for basic interactions• General coordination lists
• Participants, support staff, middleware staff,...• General areas: HEP, biotech, astro-sciences,...• Owned by the IRISGrid admins
• A specific list per VO• Connected to the general areas the VO is classified in• Owned by the VO managers
• Based on listserv• The current mailing list software at RedIRIS
• Plans to migrate to Sympa• Better integration with the supporting infrastructure
TERENA NREN-Grids workshop 7/4
Collaborative toolsPresence and instant messaging
• Informal and direct interaction• Both P2P and collective
• Automatic roster initialisation• People in the VO(s) a user is included
• Loose control• Direct management of contacts• Free creation and management of chat rooms
• Based on Jabber• Hosted at the RedIRIS server• Experiments with a server mesh• Experimenting with the integration of real-time
• Wiki in the queue
TERENA NREN-Grids workshop 8/4
Collaborative toolsReal-time interactions
• Few Access Grid rooms• ROI perception by institutional responsibles
• Well-established network of H.323 conference rooms• Public directory available for users• GDS in operation and expanding
• Specific RedIRIS community in VRVS• Four reflectors in Spain (2 at the RedIRIS premises)• ~1500 registered users, ~800 reserved hours per month• Training activities• Good contact with the VRVS developers
• Exploring incorporation of AAI technologies
• Evaluating SIP.edu
TERENA NREN-Grids workshop 9/4
The RedIRIS VRVS community
TERENA NREN-Grids workshop 10/4
Resource location
• In the broad sense we have been using so far• From a cluster to a set of related papers
• Common directories are the usual answer to this• But they face data partition
• Formats, protocols, security (and privacy) considerations
• The result is the continuous re-building of central repositories of data• Almost automatically outdated with respect to their once local
sources
• The federated model comes into play once again• Accessing or collecting data from them using a trusted link• Maintaining total autonomy for the federated repository
• Policies, methods, interfaces• Offering a common (possibly particular) view of information
TERENA NREN-Grids workshop 11/4
The Searchy architecture
• Each source incorporates an agent, available through a SOAP interface• Uses RDF as internal representation
• Agents for LDAP, SQL, Harvest, the Google API, and Searchy itself
TERENA NREN-Grids workshop 12/4
A sample Searchy installation
TERENA NREN-Grids workshop 13/4
The IRISGrid Directory
Centre
Centre
Centre
User
User
User
User
User
User
User
User
User
UserVO
VO
MDS
MDS
MDS
The IRISGrid Directory
Areaclassification
IRISGrid Globus Directory
TERENA NREN-Grids workshop 14/4
The IRISGrid DirectorySchemas
• Support for VOs: irisgridVo• Support for Centres and/or departments: irisgridOu• Support for users: irisgridUser• Support for the PKI objects: pkirisgridCertObject, pkirisgridRA, pkirisgridUser
• Other iris-* schemas• irisPerson, irisInetEntity, copaObject, papiUser,...
• Extensions to the eduPerson schema
• Standardization in process through SCHAC• At least in the inter-institutional aspects
• Heavy use of the COPA coding schema to support navigation and searching
TERENA NREN-Grids workshop 15/4
The IRISGrid DirectoryCOPA coding schema
• A coding schema to support (virtual) hierarchical access• Based in creating strings identifiers (URNs, for example) that
resemble the hierarchy of a given classification (or ontology)• Identifiers are added to data available for a certain element• Mappings between COPA identifiers and their semantics are kept
in a separate repository (directory branch, for example)
• Simplifies searches and navigation• Decouples representation from the view offered at each moment• Several views can be offered in parallel
• And hot-swap them
• More on this athttp://www.rediris.es/ldap/copa/copa-intro.en.pdf
TERENA NREN-Grids workshop 16/4
The IRISGrid DirectoryA sample VO entry
COPA coding of the VO areas of research
TERENA NREN-Grids workshop 17/4
The IRISGrid DirectoryA sample centre entry
VOs this centre is participating in
TERENA NREN-Grids workshop 18/4
The IRISGrid DirectoryA sample user entry
VOs the user is member of Centre the user belongs to
TERENA NREN-Grids workshop 19/4
Web interfaces
• Navigation and management of the IRISGrid Directory• Navigation and searching by research areas
• UNESCO Thesaurus, CATRE, e-Ciencia• VOs related to a certain area• Users participating in an VO• Collaborative resources available to a VO• mapfile generation• Centres related to VOs
• Navigation through the computational resources (MDS)• pkIRISGrid
• Users• RA operators
• Many tasks ahead
TERENA NREN-Grids workshop 20/4
Web interfacesNavigating through an VO
TERENA NREN-Grids workshop 21/4
Web interfacesNavigating through a centre
TERENA NREN-Grids workshop 22/4
Web interfacesData for a certain user
TERENA NREN-Grids workshop 23/4
Web interfacesGenerating a mapfile for an VO
TERENA NREN-Grids workshop 24/4
Web interfacesNavigating MDS
TERENA NREN-Grids workshop 25/4
Web interfacespkIRISGrid CSR
IRISGrid identifiername@scope
PIN (passphrase) usedfor revocations
TERENA NREN-Grids workshop 27/4
Web interfacesInstalling a certificate
Issuer: CN=CA, OU=pki, DC=irisgrid, DC=esSubject: [email protected], DC=irisgrid, DC=es