Brookhaven Science Associates U.S. Department of Energy Tameka Carter Brookhaven National Laboratory Highlights of GlobusWorld 2004.

Slides:

Advertisements

Similar presentations

CSF4 Meta-Scheduler Tutorial 1st PRAGMA Institute Zhaohui Ding or

Advertisements

WS-Resource Framework: Globus Alliance Perspectives Ian Foster Argonne National Laboratory University of Chicago Globus Alliance

Fujitsu Laboratories of Europe © 2004 What is a (Grid) Resource? Dr. David Snelling Fujitsu Laboratories of Europe W3C TAG - Edinburgh September 20, 2005.

GT 4 Security Goals & Plans Sam Meder

The Anatomy of the Grid: An Integrated View of Grid Architecture Carl Kesselman USC/Information Sciences Institute Ian Foster, Steve Tuecke Argonne National.

CERN LCG Overview & Scaling challenges David Smith For LCG Deployment Group CERN HEPiX 2003, Vancouver.

CSF4, SGE and Gfarm Integration Zhaohui Ding Jilin University.

This product includes material developed by the Globus Project ( Introduction to Grid Services and GT3.

Condor-G: A Computation Management Agent for Multi-Institutional Grids James Frey, Todd Tannenbaum, Miron Livny, Ian Foster, Steven Tuecke Reporter: Fu-Jiun.

A Computation Management Agent for Multi-Institutional Grids

USING THE GLOBUS TOOLKIT This summary by: Asad Samar / CALTECH/CMS Ben Segal / CERN-IT FULL INFO AT:

WS-Resource Framework Adam Belloum Computer Architecture & Parallel Systems group University of Amsterdam

Intelligent Grid Solutions 1 / 18 Convergence of Grid and Web technologies Alexander Wöhrer und Peter Brezany Institute for Software.

4a.1 Grid Computing Standards ITCS 4010 Grid Computing, 2005, UNC-Charlotte, B. Wilkinson, slides 4a.

Massimo Cafaro GridLab Review GridLab WP10 Information Services Massimo Cafaro CACT/ISUFI University of Lecce, Italy.

Office of Science U.S. Department of Energy Grids and Portals at NERSC Presented by Steve Chan.

Milos Kobliha Alejandro Cimadevilla Luis de Alba Parallel Computing Seminar GROUP 12.

12006/9/26 Emerging Grid Standards Mark Baker, Amy Apon, Clayton Ferner, Jeff Brown. IEEE Computer Society,Vol. 38, Issue 4, pp , Year of Publication:

4b.1 Grid Computing Software Components of Globus 4.0 ITCS 4010 Grid Computing, 2005, UNC-Charlotte, B. Wilkinson, slides 4b.

Status of Globus activities within INFN (update) Massimo Sgaravatto INFN Padova for the INFN Globus group

Globus 4 Guy Warner NeSC Training.

1 Service Oriented Architecture & Grid Computing Marc Brooks, The MITRE Corporation The author's affiliation with The MITRE Corporation is provided for.

1 Modeling Stateful Resources with Web Services ICE Ph.D lecture Byung-sang Kim.

Grid Toolkits Globus, Condor, BOINC, Xgrid Young Suk Moon.

Grid Computing Grid computing is all about achieving greater performance and throughput by pooling resources on a local, national, or international level.

CGW 2003 Institute of Computer Science AGH Proposal of Adaptation of Legacy C/C++ Software to Grid Services Bartosz Baliś, Marian Bubak, Michał Węgiel,

Data Management Kelly Clynes Caitlin Minteer. Agenda Globus Toolkit Basic Data Management Systems Overview of Data Management Data Movement Grid FTP Reliable.

OPEN GRID SERVICES ARCHITECTURE AND GLOBUS TOOLKIT 4

GridShib Grid-Shibboleth Integration Von Welch, Tom Barton, Kate Keahey, Frank Siebenlist GlobusWORLD 2005.

WSRF & WSRF’s Application in VO-DAS Haijun Tian ChinaVO

GT Components. Globus Toolkit A “toolkit” of services and packages for creating the basic grid computing infrastructure Higher level tools added to this.

Grid-enabling OGC Web Services Andrew Woolf, Arif Shaon STFC e-Science Centre Rutherford Appleton Lab.

Grid Resource Allocation and Management (GRAM) Execution management Execution management –Deployment, scheduling and monitoring Community Scheduler Framework.

COMP3019 Coursework: Introduction to GridSAM Steve Crouch School of Electronics and Computer Science.

The Anatomy of the Grid: An Integrated View of Grid Architecture Ian Foster, Steve Tuecke Argonne National Laboratory The University of Chicago Carl Kesselman.

CSF4 Meta-Scheduler Name: Zhaohui Ding, Xiaohui Wei

The Anatomy of the Grid Introduction The Nature of Grid Architecture Grid Architecture Description Grid Architecture in Practice Relationships with Other.

OGSA Hauptseminar: Data Grid Thema 2: Open Grid Service Architecture

Communicating Security Assertions over the GridFTP Control Channel Rajkumar Kettimuthu 1,2, Liu Wantao 3,4, Frank Siebenlist 1,2 and Ian Foster 1,2,3 1.

GSFL: A Workflow Framework for Grid Services Sriram Krishnan Patrick Wagstrom Gregor von Laszewski.

Grid Services I - Concepts

Grid Security: Authentication Most Grids rely on a Public Key Infrastructure system for issuing credentials. Users are issued long term public and private.

LEGS: A WSRF Service to Estimate Latency between Arbitrary Hosts on the Internet R.Vijayprasanth 1, R. Kavithaa 2,3 and Raj Kettimuthu 2,3 1 Coimbatore.

What is SAM-Grid? Job Handling Data Handling Monitoring and Information.

Introduction to Grids By: Fetahi Z. Wuhib [CSD2004-Team19]

Web Service Resource Framework WSMO Presentation Jos de Bruijn Digital Enterprise Research Institute http ://

Transaction Processing CS409 Application Services Even Semester 2007.

On Using BPEL Extensibility to Implement OGSI and WSRF Grid Workflows Aleksander Slomiski Presented by Onyeka Ezenwoye CIS Advanced Topics in Software.

Office of Science U.S. Department of Energy Grid Security at NERSC/LBL Presented by Steve Chan Network, Security and Servers

Securing the Grid & other Middleware Challenges Ian Foster Mathematics and Computer Science Division Argonne National Laboratory and Department of Computer.

Condor Services for the Global Grid: Interoperability between OGSA and Condor Clovis Chapman 1, Paul Wilson 2, Todd Tannenbaum 3, Matthew Farrellee 3,

Data Manipulation with Globus Toolkit Ivan Ivanovski TU München,

Data Security in Local Network Using Distributed Firewall Presented By- Rahul N.Bais Guide Prof. Vinod Nayyar H.O.D Prof.Anup Gade.

Manchester Computing Supercomputing, Visualization & e-Science Mark Mc Keown WSRF::Lite developer Formerly UK Grid Support Center

© 2004 IBM Corporation WS-ResourceFramework Service Groups Tom Maguire.

Introduction to Service Orientation MIS 181.9: Service Oriented Architecture 2 nd Semester,

CSF. © Platform Computing Inc CSF – Community Scheduler Framework Not a Platform product Contributed enhancement to The Globus Toolkit Standards.

© 2005 Global Grid Forum The information contained herein is subject to change without notice Leading the pervasive adoption of grid computing for research.

CSF4 Meta-Scheduler Zhaohui Ding College of Computer Science & Technology Jilin University.

Parallel Computing Globus Toolkit – Grid Ayaka Ohira.

WS-Resource Framework University of Amsterdam

Building Distributed Educational Applications using P2P

Globus —— Toolkits for Grid Computing

Security for Open Science

Some Basics of Globus Web Services

WS-Resource Framework: Globus Alliance Perspectives

Grid Services B.Ramamurthy 12/28/2018 B.Ramamurthy.

The Anatomy and The Physiology of the Grid

The Anatomy and The Physiology of the Grid

Presentation transcript:

Brookhaven Science Associates U.S. Department of Energy Tameka Carter Brookhaven National Laboratory Highlights of GlobusWorld 2004

Brookhaven Science Associates U.S. Department of Energy 2 Outline of Today’s Talk n OGSI -> WS-RF n Grid/Globus Security n Meta-scheduling - CSF

Brookhaven Science Associates U.S. Department of Energy 3 OGSI -> WSRF

Brookhaven Science Associates U.S. Department of Energy 4 OGSI -> WSRF Most of this section of the talk was taken from the paper, “From Open Grid Services Infrastructure to WS- Resource Framework: Refactoring and Evolution” 2/12/2004 by Karl Czajkowski (Globus Alliance/USC Information Sciences Institute), Don Ferguson (IBM), Ian Foster (Globus Alliance/Argonne National Laboratory), Jeff Frey (IBM), Steve Graham (IBM), Tom Maguire (IBM), David Snelling (Fujitsu Laboratories of Europe), Steve Tuecke (Globus Alliance, Argonne National Laboratory).

Brookhaven Science Associates U.S. Department of Energy 5 OGSI -> WS-RF n OGSI – The Inspiration n OGSI – The Flaws n WS-RF – The Future

Brookhaven Science Associates U.S. Department of Energy 6 Open Grid Services Infrastructure The Open Grid Services Infrastructure defines a set of conventions and extensions on the use of Web Service Definition Language (WSDL) and XML Schema to enable stateful web services.

Brookhaven Science Associates U.S. Department of Energy 7 Open Grid Services Infrastructure The OGSI specification defines n A set of Web Service Definition Language (WSDL) extensions n WSDL constructs and standard operations for querying and updating service data associated with a service n The Grid Service Handle and Grid Service Reference constructs used to address Grid services

Brookhaven Science Associates U.S. Department of Energy 8 OGSI n A definition of common fault information from operations that defines a base XML Schema and associated semantics for WSDL fault messages to support a common interpretation. n A set of operations for creating and destroying Grid services that provides for both explicit destruction of services and implicit garbage collection of expired services without the need for explicit destruction.

Brookhaven Science Associates U.S. Department of Energy 9 OGSI n A set of operations for creating and using hetrogeneous reference collections of Web services n Mechanisms for requesting asynchronous notifications of changes in the value of service data elements.

Brookhaven Science Associates U.S. Department of Energy 10 Critiques of OGSI n Too much stuff in one specification n Does not work well with existing Web Services and XML tooling n Too object oriented n WSDL 2.0 would not fully support WSDL 1.1

Brookhaven Science Associates U.S. Department of Energy 11 Web Services Resource Framework WSRF = OGSI + The introduction of the WS-Resource Concept Better separation of function and exploitation of other web services specifications A broader view of notification, which is a general Web service requirement upon which state change notification can be built

Brookhaven Science Associates U.S. Department of Energy 12 WS-Resource Framework The refactoring of OGSI yields five normative WSRF specifications plus WS-Notification n WS–ResourceProperties n WS–ResourceLifetime n WS–RenewableReferences n WS–ServiceGroup n WS-BaseFault n WS-Notification

Brookhaven Science Associates U.S. Department of Energy 13 WS-RF’s take on the Critiques of OGSI n Too much stuff in one specification WSRF partitions OGSI 1.0 functionality into a family of six specifications that allow for flexible composition. n Does not work well with existing Web Services and XML tooling WSRF uses standard XML schema mechanisms that are familiar to developers and are supported by existing tooling.

Brookhaven Science Associates U.S. Department of Energy 14 WS-RF vs. OGSI n Too object oriented WSRF re-articulates the underlying OGSI architecture to make an explicit distinction between the “service” and the stateful entities acted upon that service. n WSDL 2.0 would not fully support WSDL 1.1 WSRF expresses the capabilities of OGSI using the WSDL 1.1 definition to avoid the requirement for extended tooling.

Brookhaven Science Associates U.S. Department of Energy 15 Grid/Globus Security

Brookhaven Science Associates U.S. Department of Energy 16 Grid/Globus Security: Firewalls Solution: Open Ports.

Brookhaven Science Associates U.S. Department of Energy 17 Grid/Globus Security Most of this section of the talk was inspired by the a round table discussion on, “Firewalls in Grid Computing” Katarzyna (Kate) Keahey - Globus Alliance, Argonne National Laboratory; Participants: David Schissel - General Atomics; Lew Randerson - PPPL; James Rome - Oak Ridge National Laboratory; Stephen Chan - NERSC; Tom Goodale - Max Planck Institute for Gravitational Physics; Von Welch - NCSA, UIUC; Bill Allcock - Globus Alliance, Argonne National Laboratory; Scott Campbell - NERSC

Brookhaven Science Associates U.S. Department of Energy 18 Grid/Globus Security n Globus Solutions n Site Solutions

Brookhaven Science Associates U.S. Department of Energy 19 Globus Solutions n GRAM firewall requirements Server Side: –In Globus Toolkit 3, it is sufficient to open a well-known static port Client Side: –Open a range of ports to traffic: GLOBUS_TCP_PORT_RANGE (I’m just the messenger)

Brookhaven Science Associates U.S. Department of Energy 20 Globus Solutions (cont.) n GridFTP firewall requirements Server Side: –In Globus Toolkit 3, it is sufficient to open a well-known static port –A range of ports for data channel Client Side: –A range of port

Brookhaven Science Associates U.S. Department of Energy 21 US Magnetic Fusion Energy Research Solution Current Firewall: Cisco IOS Firewall Feature Set n Rule Set Default is to deny all Opened on a case by case basis Changes done only during off-peak times and on limited basis Service/port availability tailored per user profile

Brookhaven Science Associates U.S. Department of Energy 22 Fusion Energy Research (cont.) n Specific firewall ports opened from specific host to specific host n SecureIDs sometimes used to open firewall ports n Grant access for certain group members

Brookhaven Science Associates U.S. Department of Energy 23 Princeton Plasma Physics Laboratory n Incoming under firewall control n Outgoing allowed n Tailored firewalls for specific services n Incoming sites opened upon request n Filtering based on target IP port and source IP address including Globus traffic n Access allowed through opening ports for specific machines at known sites.

Brookhaven Science Associates U.S. Department of Energy 24 Oak Ridge National Laboratory n Created what they call “enclaves” and “collaborative domains” with certain rights. n An enclave is specific to one site and is a collection of resources that are governed by a common site security policy. n A collaborative domain is the fabric that instantiates the collection and connects the enclaves.

Brookhaven Science Associates U.S. Department of Energy 25 ORNL (cont) n Implemented one-time-password tokens.

Brookhaven Science Associates U.S. Department of Energy 26 NERSC Grid Security Technologies n Centralized Authorization LDAP Based solution n NERSC PKI Infrastructure Integration with NIM database Certificate management n Grid Firewall Work Mitigation Policies and Recommendations Bro Network Intrusion Detection Real-time analysis of Grid traffic Certificate identification

Brookhaven Science Associates U.S. Department of Energy 27 Metascheduling - CSF

Brookhaven Science Associates U.S. Department of Energy 28 Metascheduling/Community Scheduler Framework n Lunch with Ian Lumb n CSF and Globus

Brookhaven Science Associates U.S. Department of Energy 29 Lunch with Ian Lumb n The big question: What is the difference between Condor and CSF? n The small answer: Not much. Condor is a scheduler; CSF is designed to be a meta- scheduler. CSF can work on top of other schedulers like Condor.

Brookhaven Science Associates U.S. Department of Energy 30 Metascheduling/CSF Most of this section of the talk was inspired by the talk, “The Community Scheduler Framework: Comprehensive and Standards Based Metascheduling Services for the Grid” By Chris Smith

Brookhaven Science Associates U.S. Department of Energy 31 CSF Grid Services n Job Service Creates, monitors and controls compute jobs n Reservation Service Guarantees resources are available for running a job

Brookhaven Science Associates U.S. Department of Energy 32 CSF n Queueing Service Provides a service where administrators can customize and define scheduling policies at the VO level and/or at the different resource manager level Defines and APT for plug in schedulers n RM Adapter Service Provides a Grid service interface that bridges the Grid service protocol and resource managers (LSF, PBS, SGE, Condor and other RMs)