Job submission architectures in GRID environment Masamichi Ando M1 Student 26403 Taura Lab. Department of Information Science and Technology.

Slides:

Advertisements

Similar presentations

CSF4 Meta-Scheduler Tutorial 1st PRAGMA Institute Zhaohui Ding or

Advertisements

A Workflow Engine with Multi-Level Parallelism Supports Qifeng Huang and Yan Huang School of Computer Science Cardiff University

Current methods for negotiating firewalls for the Condor ® system Bruce Beckles (University of Cambridge Computing Service) Se-Chang Son (University of.

High Performance Computing Course Notes Grid Computing.

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

GridFTP: File Transfer Protocol in Grid Computing Networks

Grid Security. Typical Grid Scenario Users Resources.

Condor-G: A Computation Management Agent for Multi-Institutional Grids James Frey, Todd Tannenbaum, Miron Livny, Ian Foster, Steven Tuecke Reporter: Fu-Jiun.

A Computation Management Agent for Multi-Institutional Grids

Security Firewall Firewall design principle. Firewall Characteristics.

USING THE GLOBUS TOOLKIT This summary by: Asad Samar / CALTECH/CMS Ben Segal / CERN-IT FULL INFO AT:

Rheeve: A Plug-n-Play Peer- to-Peer Computing Platform Wang-kee Poon and Jiannong Cao Department of Computing, The Hong Kong Polytechnic University ICDCSW.

Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © Chapter 1, pp For educational use only.

1-2.1 Grid computing infrastructure software Brief introduction to Globus © 2010 B. Wilkinson/Clayton Ferner. Spring 2010 Grid computing course. Modification.

Mobility in the Internet Part II CS 444N, Spring 2002 Instructor: Mary Baker Computer Science Department Stanford University.

Grids and Globus at BNL Presented by John Scott Leita.

Globus Computing Infrustructure Software Globus Toolkit 11-2.

Understanding Active Directory

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

Module 7: Configuring TCP/IP Addressing and Name Resolution.

Intranet, Extranet, Firewall. Intranet and Extranet.

Introduction to Networking Concepts. Introducing TCP/IP Addressing Network address – common portion of the IP address shared by all hosts on a subnet/network.

DIRAC Web User Interface A.Casajus (Universitat de Barcelona) M.Sapunov (CPPM Marseille) On behalf of the LHCb DIRAC Team.

 Introduction  VoIP  P2P Systems  Skype  SIP  Skype - SIP Similarities and Differences  Conclusion.

Research Achievements Kenji Kaneda. Agenda Research background and goal Research background and goal Overview of my research achievements Overview of.

1 TAPAS Workshop Nicola Mezzetti - TAPAS Workshop Bologna Achieving Security and Privacy on the Grid Nicola Mezzetti.

The Glidein Service Gideon Juve What are glideins? A technique for creating temporary, user- controlled Condor pools using resources from.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Shell Protocols Elly Bornstein Hiral Patel Pranav Patel Priyank Desai Swar Shah.

Presented by Xiaoyu Qin Virtualized Access Control & Firewall Virtualization.

03/27/2003CHEP20031 Remote Operation of a Monte Carlo Production Farm Using Globus Dirk Hufnagel, Teela Pulliam, Thomas Allmendinger, Klaus Honscheid (Ohio.

Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.

Grid Resource Allocation and Management (GRAM) Execution management Execution management –Deployment, scheduling and monitoring Community Scheduler Framework.

Module 5: Designing a Terminal Services Infrastructure.

 An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer) participating in a computer network.

CHEP 2003Stefan Stonjek1 Physics with SAM-Grid Stefan Stonjek University of Oxford CHEP th March 2003 San Diego.

CSF4 Meta-Scheduler Name: Zhaohui Ding, Xiaohui Wei

The Grid System Design Liu Xiangrui Beijing Institute of Technology.

Evaluation of Agent Teamwork High Performance Distributed Computing Middleware. Solomon Lane Agent Teamwork Research Assistant October 2006 – March 2007.

Hao Wang Computer Sciences Department University of Wisconsin-Madison Authentication and Authorization.

Adaptive Web Caching CS411 Dynamic Web-Based Systems Flying Pig Fei Teng/Long Zhao/Pallavi Shinde Computer Science Department.

Communicating Security Assertions over the GridFTP Control Channel Rajkumar Kettimuthu 1,2, Liu Wantao 3,4, Frank Siebenlist 1,2 and Ian Foster 1,2,3 1.

DYNES Storage Infrastructure Artur Barczyk California Institute of Technology LHCOPN Meeting Geneva, October 07, 2010.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.

Ames Research CenterDivision 1 Information Power Grid (IPG) Overview Anthony Lisotta Computer Sciences Corporation NASA Ames May 2,

NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.

Globus Toolkit Massimo Sgaravatto INFN Padova. Massimo Sgaravatto Introduction Grid Services: LHC regional centres need distributed computing Analyze.

GRID Overview Internet2 Member Meeting Spring 2003 Sandra Redman Information Technology and Systems Center and Information Technology Research Center National.

Scalable Grid system– VDHA_Grid: an e-Science Grid with virtual and dynamic hierarchical architecture Huang Lican College of Computer.

Virtual Private Grid (VPG) : A Command Shell for Utilizing Remote Machines Efficiently Kenji Kaneda, Kenjiro Taura, Akinori Yonezawa Department of Computer.

Introduction to Grids By: Fetahi Z. Wuhib [CSD2004-Team19]

Globus and PlanetLab Resource Management Solutions Compared M. Ripeanu, M. Bowman, J. Chase, I. Foster, M. Milenkovic Presented by Dionysis Logothetis.

Introduction to Grid Computing and its components.

Office of Science U.S. Department of Energy Grid Security at NERSC/LBL Presented by Steve Chan Network, Security and Servers

Introduction to Active Directory

1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.

Firewall Technology and InterCell Communication Peter T. Dinsmore Trusted Information Systems Network Associates Inc 3060 Washington Rd (Rt. 97) Glenwood,

“ is not to be used to pass on information or data. It should used only for company business!” – Memo from IBM Executive The Languages, Methods &

Collaborative Tools for the Grid V.N Alexandrov S. Mehmood Hasan.

PARALLEL AND DISTRIBUTED PROGRAMMING MODELS U. Jhashuva 1 Asst. Prof Dept. of CSE om.

EGEE is a project funded by the European Union under contract IST Generic Applications Requirements Roberto Barbera NA4 Generic Applications.

COMP1321 Digital Infrastructure Richard Henson March 2016.

Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.

Computer Data Security & Privacy

Building Grids with Condor

University of Technology

By - Ricardo Sanchez, Ken Wolters and William Hibbard

Grid Computing Software Interface

Presentation transcript:

Job submission architectures in GRID environment Masamichi Ando M1 Student Taura Lab. Department of Information Science and Technology

Background(1) Large computing power is required in emerging scientific fields Astronomy High-energy physics Genomic science Etc.

Background(2) We can get large computing power by connecting many computers through the network. Fast computational resources Fast access to large quantities of data Access to Data which is physically distant But large-scale distributed computing (Grid) still has many problems. We look at job submission.

Contents 1. GRID environment 2. How single sign-on is realized 3. Towards rapid job submission 4. GRID beyond firewalls 5. Conclusion

1.GRID environment Because of its feature, grid environment requires specific architecture, such as secure authentication, authorization and others.

Grid Grid is large-scale(Continental-scale or National-scale) distributed computing E.g. CERN ’ s LHC  Global project in particle physics which will start in 2006  Generate petascale data every year Grid includes different administrative domains

User population is large and dynamic The system which has only one “ master ” doesn ’ t have scalability. User node1 node2 node3 node4 node5 Server

Resource pool is large and dynamic The system that a crash in a part affects the whole doesn ’ t have scalability. network Crash!

A computation acquire and release resources dynamically Single sign-on(User should be able to authenticate once and compute without further authentication) computing resource User Without authentication

Communication support Some application require specific communication mechanism Unicast and Multicast Low-level communication connection(e.g., TCP) Dynamic connection for dynamic resources and users

Authentication and Security Resources are subject to its local security policy An individual user is associated with different local name space at different administrative domain

About job submission We require … Single sign-on Rapid and scalable job submission More nodes to be participate in Grid

2.How single sign-on is realized Survey of GSI(Grid security infrastructure) developed as part of Globus project

Globus toolkit (de facto standard) Globus toolkit is a bag of service for GRID computing One of them is the GSI(grid security infrastructure) GSI provides single sign-on and other security architectures

USER PROXY Definition session manager process given permission to act on behalf of a user for limited period of time Advantage User can realize single sign-on by generating user proxy before computing

RESOURCE PROXY Definition An agent that represents a resource Serve as the interface between the grid security architecture and the local security architecture

Resource Allocation Protocol User Site A Site B Site C Child process User proxy process Resource proxy Resource proxy

3. Towards rapid job submission Survey of Gfpmd(Gfarm Process Management Daemon) developed by iwasaki

Gfpmd Gfpmd is developed as part of the Gfarm(Grid Data Farm). Gfarm architecture is designed for global Petascale data intensive computing. Gfarm uses GSI for communication.

Overhead of authentication Using GSI for authentication, if an ingenuous method is used to start a job, it takes the time proportional to the number of nodes. It is expected to take several thousand seconds for starting job which consists of thousands of process. Gfpmd is aiming to shorten this overhead

Connect before Computing (GSI Authentication with Host Credential) Node ANode CNode BNode D Gfpmd gfpmd User GSI authentication

Ring-connection structure(1) Crash occurs

Ring-connection structure(2)

Ring-connection structure(3)

I/O tree is built in parallel for each job

Examination Examine the gfpmd with small job. ( ) number of nodes seconds

4. GRID beyond firewalls Survey of VPG(Virtual Private Grid) developed by Kaneda

Restriction VPG is designed for … Automatically work around administrative restrictions Utilize machines without changing administrative restrictions subnet Cannot connect Node B Log on to gateway Node A Node C

VPG VPG provides shell nicknaming (giving an unique name to each host independent of DNS names) job submission to any nicknamed host redirection from/to a file on any host pipe between commands executed on any host

VPG architecture Internet LAN Node C Node B Node A (private IP) (global IP) Cannot connect Bi-directional connection vpgd

Using SSH port forwarding LAN Node BNode A (private IP) (global IP) vpgd Node C Cannot connect (global IP) Use SSH port forwarding with empty pass-phrase vpgd

VPG nicknaming LAN X Node B private IP “ ” No dns name nickname “sky” LAN Y Node C private IP “ ” No dns name nickname “marine” Node A global IP “xxx.xxx.xxx.xxx” *.u-tokyo.ac.jp nickname “earth” vpgd Same IP (private IP) No dns namenickname Job to node B Job to node C

Spanning tree connection Home node normal ssh

Examination Compare vpg with other tools by submitting a small job. seconds

5. Conclusion We introduce GRID environment and three architectures for job submission. Single sign-on architecture using USER PROXY. Rapid job submission architecture using gfpmd. An architecture to utilize machines beyond firewall using vpgd.