http:// the national grid service and ogsa-dai mike mineter mjm@nesc.ac.uk
Post on 28-Mar-2015
226 Views
Preview:
TRANSCRIPT
http://www.ngs.ac.ukhttp://www.nesc.ac.uk/training
The National Grid Serviceand OGSA-DAI
Mike Minetermjm@nesc.ac.uk
3
March 2008: The NGS Core, Partners & Affiliates,
4
OGSA-DAI on the NGS
• Objective– Encourage lots of data services to be provided for NGS VOs
to use!
– Stimulate new research!• How?
– On a grid its easier to orchestrate distributed resources
• NGS spans the country – natural infrastructure for collaborative research, service-oriented research for many communities– Light the touch-paper - establish the data services!
5
6
NGS software
• Computation services based on Globus Toolkit– Sequential or parallel jobs, from batch queues– Can run multiple jobs concurrently
• Data services:– Storage Resource Broker:
• Primarily for file storage and access• Virtual filesystem with replicated files
– NGS Oracle service– “OGSA-DAI”: Data Access and Integration
• Primarily for grid-enabling data not on the SRB or Oracle (files, relational, XML)
• Authorisation, Authentication– Built on GSI, VOMS
7
NGS Software - 2
• Middleware recently deployed– Resource Broker
– Applications Repository (“NGS Portal”)
– GridSAM – alternative for job submission and monitoring
– GRIMOIRES – registry of services (e,g,GridSAM instances)
– VOMS - Virtual Organisation Membership Service
• Developed by partners:– Application Hosting Environment: AHE
– P-GRADE portal and GEMLCA
• Being deployed – WS-GRAM: GT4 job submission
• Under development– Shibboleth integration
8
Resource Broker
NGS nodes
Local
Workstation
UIUI (user interface) has preinstalled client software
Resource Broker
User describes job in text file using Job Description Language
Submits job to Resource Broker
(pre-production use at present)
9
GridSAM
NGS nodes
Local
Workstation
UI (user interface) has preinstalled client software
GridSAM GridSAM GridSAM GridSAM
User describes job in XML using Job Submission Description Language
Web services interfaces to chosen GridSAM instance (SAM: Submission and Monitoriing)
10
OGSA-DAI on NGSWith release 3 is available, timely for:
• OGSA-DAI Servers to be deployed by– Data services (EDINA, MIMAS, bio…, …..) for diverse communities– VOs for its members– Also one or more NGS core nodes – with Oracle access
• OGSA-DAI client software could then be run in – Desktop machines (with proxy certificate etc)– “user interface” machines – for resource broker– on NGS nodes (“stage” client to NGS worker)– in higher level services (like workflow)
11
One example
12
The Role of the Virtual Organisation
(VO)
ComputeCenter
ComputeCenter
VO
Service
slide based on presentation given by Carl Kesselman at GGF Summer School 2004
13
VOMS - Virtual Organisation Membership Service
• VO can have groups– Different rights for each– Nested groups
• VO has roles– Assume role for specific purposes - when user
chooses• E,g. system admin, updating files read by the VO
• voms-proxy-init– Proxy certificate carries the additional attributes
14
Options for OGSA-DAI service on NGS
• Authentication – X.509 based– Proxy certificates – delegation, …
– Around end 2008, bridging of Shibboleth to NGS’s proxy world
• Authorisation options– Service takes Distinguished Name from proxy associated with a request,
uses a look-up • to map DN to e.g. local account / username / password for access to resource
• Call to external database of rights
– Use VOMS extension in proxy • Use VO / VO group or role to assign rights
• (OMII-Europe releasing OGSA-DAI extension for this)
15
Web Sites
• NGS– http://www.ngs.ac.uk
– Wiki service: http://wiki.ngs.ac.uk
– Training events: http://www.nesc.ac.uk/training
• Additional information
http://indico.cern.ch/conferenceDisplay.py?confId=24377includes:– about Oracle on NGS: See tutorial by Keir Hawker and Simon Collins, Thursday
17 January 2008
– About VOMS – talk by Mike Jones on 18 January 2008
top related