Current Globus Developments Jennifer Schopf, ANL
May 6, Some dates… l Globus Toolkit TM V2.0 Final released several weeks ago –Replica Catalog released 10 days ago –MDS 2.2 release in late June (reliability, schemas) l Beta of Replica Location Service (RLS) available to community now l Alpha of Reliable File Transfer Service now available l CAS prototype currently in alpha-release with some external use l Open Grid Services Architecture (OGSA / GT3) announced in February. Targeting an early alpha by GGF5 in Edinburgh. Should be reasonably stable by year end.
May 6, Replica Catalog l Currently supplying Replica Catalog V1.0 and Replica Management V1.0 in GT2 l Based on the LDAP Protocol l Centralized Replica Catalog l Currently in use within GDMP
May 6, Replication l The bad news: –Current replica catalog had scalability and single point of failure problems –LDAPisms made it into the API l The good news: –New distributed catalog is under development in cooperation with EDG (WP2) –The catalog API is mostly hidden behind the management API, so API changes should not be too painful.
May 6, 20025
6 Replication Location Service l Beta of Replica Location Service (RLS) currently available l Working on specifications for Reliable Replication Service –This will likely be OGSA based in it’s first incarnation. l Future thrusts will look at scalability and reliability / fault tolerance.
May 6, Reliable Transfer Service l Service that allows byte streams to be transferred in a reliable manner l Problems are dealt with automatically until resume or meet some “ultimate failure” condition –dropped connections –machine reboots –temporary network outages
May 6, RFT Consists of: l The Transfer Service, which accepts the transfer requests l Transfer Request Client GUI, to submit the transfer requests to service and to receive the status updates of the same. l Transfer Client, is a C binary that actually performs transfers using GridFTP. l Netlogger,to monitor and archive the performance of transfers. l Database, to store the state of all the transfers.
May 6, SC Demo Prototype l A prototype built over current Globus tools was demonstrated at SuperComputing ’01 l
May 6, Current Prototype l Reliable File Transfer Service as a Web Service using SOAP l Using Axis as our SOAP engine and Apache Tomcat as our Webserver l Working on delegating the user's proxy along with the Transfer Request so that the transfers are done basing on user's credentials. l
May 6, Community Authorization Service l Question: How does a large community grant its users access to a large set of resources? –Should minimize burden on both the users and resource providers l Community Authorization Service (CAS) –Community negotiates access to resources –Resource outsources fine-grain authorization to CAS –Resource only knows about “CAS user” credential >CAS handles user registration, group membership… –User who wants access to resource asks CAS for a capability credential >Restricted proxy of the “CAS user” cred., checked by resource
May 6, CAS 1. CAS request, with resource names and operations Community Authorization Service Does the collective policy authorize this request for this user? user/group membership resource/collective membership collective policy information Resource Is this request authorized for the CAS? Is this request authorized by the capability? local policy information 4. Resource reply User 3. Resource request, authenticated with capability 2. CAS reply, with and resource CA info capability
May 6, PPDG, Globus Alphas and ATLAS l PPDG is a deployment oriented project l Part of the PPDG/Globus work is in deploying Globus alpha sw with current experiments for feedback