June 2003 GGF8Introduction to Globus Toolkit® 3.01 Introduction to GT3 l Background –The Grid Problem –The Globus Approach –OGSA & OGSI –Globus Toolkit.

Slides:



Advertisements
Similar presentations
GT4 Architectural Security Review December 17th, 2004.
Advertisements

CERN LCG Overview & Scaling challenges David Smith For LCG Deployment Group CERN HEPiX 2003, Vancouver.
CSF4, SGE and Gfarm Integration Zhaohui Ding Jilin University.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
This product includes material developed by the Globus Project ( Introduction to Grid Services and GT3.
Military Technical Academy Bucharest, 2006 GRID SECURITY INFRASTRUCTURE (GSI) - Globus Toolkit - ADINA RIPOSAN Department of Applied Informatics.
Grid Security. Typical Grid Scenario Users Resources.
Holding slide prior to starting show. Supporting Collaborative Working of Construction Industry Consortia via the Grid - P. Burnap, L. Joita, J.S. Pahwa,
DESIGNING A PUBLIC KEY INFRASTRUCTURE
DGC Paris Community Authorization Service (CAS) and EDG Presentation by the Globus CAS team & Peter Kunszt, WP2.
1 CENTER FOR PARALLEL COMPUTERS An Introduction to Globus Toolkit® 3 -Developing Interoperable Grid services.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
LAB#2 JAVA SECURITY OVERVIEW Prepared by: I.Raniah Alghamdi.
Introduction to GT3 The Globus Project™ Argonne National Laboratory USC Information Sciences Institute Copyright (C) 2003 University of Chicago and The.
Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © Chapter 1, pp For educational use only.
1-2.1 Grid computing infrastructure software Brief introduction to Globus © 2010 B. Wilkinson/Clayton Ferner. Spring 2010 Grid computing course. Modification.
Data Grids: Globus vs SRB. Maturity SRB  Older code base  Widely accepted across multiple communities  Core components are tightly integrated Globus.
4b.1 Grid Computing Software Components of Globus 4.0 ITCS 4010 Grid Computing, 2005, UNC-Charlotte, B. Wilkinson, slides 4b.
Introduction To Windows NT ® Server And Internet Information Server.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Globus Computing Infrustructure Software Globus Toolkit 11-2.
Globus 4 Guy Warner NeSC Training.
Kate Keahey Argonne National Laboratory University of Chicago Globus Toolkit® 4: from common Grid protocols to virtualization.
Resource Management Reading: “A Resource Management Architecture for Metacomputing Systems”
Using Opal to deploy a real scientific application as a Web service Sriram Krishnan
Linux Operations and Administration
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Securing Large Applications CSCI 5931 Web Security Rungang Mo, Yingying Sun.
Data Management Kelly Clynes Caitlin Minteer. Agenda Globus Toolkit Basic Data Management Systems Overview of Data Management Data Movement Grid FTP Reliable.
OPEN GRID SERVICES ARCHITECTURE AND GLOBUS TOOLKIT 4
GT Components. Globus Toolkit A “toolkit” of services and packages for creating the basic grid computing infrastructure Higher level tools added to this.
Grids and Portals for VLAB Marlon Pierce Community Grids Lab Indiana University.
ESP workshop, Sept 2003 the Earth System Grid data portal presented by Luca Cinquini (NCAR/SCD/VETS) Acknowledgments: ESG.
Grid Resource Allocation and Management (GRAM) Execution management Execution management –Deployment, scheduling and monitoring Community Scheduler Framework.
Shibboleth: Installation and Deployment Scott Cantor July 29, 2002 Scott Cantor July 29, 2002.
National Computational Science National Center for Supercomputing Applications National Computational Science NCSA-IPG Collaboration Projects Overview.
ILDG Middleware Status Chip Watson ILDG-6 Workshop May 12, 2005.
CYBERINFRASTRUCTURE FOR THE GEOSCIENCES Data Replication Service Sandeep Chandra GEON Systems Group San Diego Supercomputer Center.
Military Technical Academy Bucharest, 2004 GETTING ACCESS TO THE GRID Authentication, Authorization and Delegation ADINA RIPOSAN Applied Information Technology.
Communicating Security Assertions over the GridFTP Control Channel Rajkumar Kettimuthu 1,2, Liu Wantao 3,4, Frank Siebenlist 1,2 and Ian Foster 1,2,3 1.
Globus Toolkit Installation Report. What is Globus Toolkit? The Globus Toolkit is an open source software toolkit used for building Grid systems.
Open Science Grid OSG CE Quick Install Guide Siddhartha E.S University of Florida.
Wrapping Scientific Applications As Web Services Using The Opal Toolkit Wrapping Scientific Applications As Web Services Using The Opal Toolkit Sriram.
Holding slide prior to starting show. A Portlet Interface for Computational Electromagnetics on the Grid Maria Lin and David Walker Cardiff University.
Shibboleth: Installation and Deployment Scott Cantor July 29, 2002 Scott Cantor July 29, 2002.
Grid Security: Authentication Most Grids rely on a Public Key Infrastructure system for issuing credentials. Users are issued long term public and private.
SAN DIEGO SUPERCOMPUTER CENTER Inca TeraGrid Status Kate Ericson November 2, 2006.
Condor Project Computer Sciences Department University of Wisconsin-Madison Grids and Condor Barcelona,
Basic Grid Projects - Globus Sathish Vadhiyar Sources/Credits: Project web pages, publications available at Globus site. Some of the figures were also.
Creating and running an application.
Enabling Grids for E-sciencE Software installation and setup Viet Tran Institute of Informatics Slovakia.
Data Manipulation with Globus Toolkit Ivan Ivanovski TU München,
GT3 Architecture and Functionality. Core OGSI Implementation Security Services System-Level Services Container Hosting Environment Base Services Resource.
Andrew McNab - Globus Distribution for Testbed 1 Globus Distribution for Testbed 1 Andrew McNab, University of Manchester
Open Science Grid Build a Grid Session Siddhartha E.S University of Florida.
Status of Globus activities Massimo Sgaravatto INFN Padova for the INFN Globus group
The GRIDS Center, part of the NSF Middleware Initiative Grid Security Overview presented by Von Welch National Center for Supercomputing.
DataGrid is a project funded by the European Commission EDG Conference, Heidelberg, Sep 26 – Oct under contract IST OGSI and GT3 Initial.
EGI-InSPIRE RI Grid Training for Power Users EGI-InSPIRE N G I A E G I S Grid Training for Power Users Institute of Physics Belgrade.
CSF. © Platform Computing Inc CSF – Community Scheduler Framework Not a Platform product Contributed enhancement to The Globus Toolkit Standards.
A System for Monitoring and Management of Computational Grids Warren Smith Computer Sciences Corporation NASA Ames Research Center.
Fundamental of Databases
Nithyamoorthy S Core Mind Technologies
Grid Security.
THE STEPS TO MANAGE THE GRID
Viet Tran Institute of Informatics Slovakia
Argonne National Laboratory USC Information Sciences Institute
Grid Computing Software Interface
Presentation transcript:

June 2003 GGF8Introduction to Globus Toolkit® 3.01 Introduction to GT3 l Background –The Grid Problem –The Globus Approach –OGSA & OGSI –Globus Toolkit l GT3 Architecture and Functionality: The Latest Refinement of the Globus Toolkit –Core –Base Services –User-Defined Services –Future Directions l Installation and Administration –Installation –Configuration –Debugging –Support l Important Things to Remember

June 2003 GGF8Introduction to Globus Toolkit® 3.02 Overview l Installing GT3 l Overview of installed services l Running clients and services l Configuring GT3 l Debugging l Support

June 2003 GGF8Introduction to Globus Toolkit® 3.03 Overview of Installing GT3 l Prerequisites –JDK, ant l Optional tools –Other hosting environments l Installation –GPT installer or Ant-only l Required post-installation setup –Acquiring certificates –Setting permissions

June 2003 GGF8Introduction to Globus Toolkit® 3.04 Installation Pre-requisites l JDK –Xindice + Sun JDK Linux has errors for some versions of Linux –Pre JDKs require JAAS as a separate download l Ant 1.5+ –Required for source builds, recommended for binary l YACC –For cbindings and findServiceData from source l JDBC compliant database –Only required for RFT, RLS

June 2003 GGF8Introduction to Globus Toolkit® 3.05 Optional Tools l Alternate hosting environments –Jakarta Tomcat –JBOSS –Websphere –and more … l Microsoft.NET Framework l Junit for testing

June 2003 GGF8Introduction to Globus Toolkit® 3.06 Installing GT 3.0 (Unix) l Make sure pre-requisites are available –Set JAVA_HOME –Add $ANT_HOME/bin to your PATH l Download the GPT source bundle, or the appropriate binary bundle l./install-gt3 /path/to/install l./install-gt3-mmjfs /path/to/install –After you have certificates

June 2003 GGF8Introduction to Globus Toolkit® 3.07 Installing GT 3.0 (Windows) l Make sure pre-requisites are available –Likely to use Cygwin to get the tools you need l Unset CLASSPATH to avoid conflicting jars l Install GT3 core by running “ant dist” and “ant setup” in ogsa/impl/java l Install higher-level services using “ant deployGar”

June 2003 GGF8Introduction to Globus Toolkit® 3.08 Installing GT 3.0 (Binaries) l GPT Binary bundles available for different UNIX platforms l Core and Higher Level Services binaries available for Windows

June 2003 GGF8Introduction to Globus Toolkit® 3.09 Post-installation setup l GSI uses X.509, so need to get certificates –Run setup-gsi as root –grid-cert-request for user and host –Can re-use GT2 certificates if you have them already l Run setperms.sh (after install-gt3-mmjfs) –This is to make globus-grim setuid to the account which owns the hostcert, and to make the UHE launcher setuid so it can create jobs on behalf of users

June 2003 GGF8Introduction to Globus Toolkit® Review of Public Key Cryptography l Asymmetric keys –A private key is used to encrypt data. –A public key can decrypt data encrypted with the private key. l An X.509 certificate includes… –Someone’s subject name (user ID) –Their public key –A “signature” from a Certificate Authority (CA) that: >Proves that the certificate came from the CA. >Vouches for the subject name >Vouches for the binding of the public key to the subject

June 2003 GGF8Introduction to Globus Toolkit® Public Key Based Authentication l User sends certificate over the wire. l Other end sends user a challenge string. l User encodes the challenge string with private key –Possession of private key means you can authenticate as subject in certificate l Public key is used to decode the challenge. –If you can decode it, you know the subject l Treat your private key carefully!! –Private key is stored only in well-guarded places, and only in encrypted form

June 2003 GGF8Introduction to Globus Toolkit® X.509 Proxy Certificate l Defines how a short term, restricted credential can be created from a normal, long-term X.509 credential –A “proxy certificate” is a special type of X.509 certificate that is signed by the normal end entity cert, or by another proxy –Supports single sign-on & delegation through “impersonation”

June 2003 GGF8Introduction to Globus Toolkit® User Proxies l Minimize exposure of user’s private key l A temporary, X.509 proxy credential for use by our computations –We call this a user proxy certificate –Allows process to act on behalf of user –User-signed user proxy cert stored in local file –Created via “grid-proxy-init” command l Proxy’s private key is not encrypted –Rely on file system security, proxy certificate file must be readable only by the owner

June 2003 GGF8Introduction to Globus Toolkit® Delegation l Remote creation of a user proxy l Results in a new private key and X.509 proxy certificate, signed by the original key l Allows remote process to act on behalf of the user l Avoids sending passwords or private keys across the network

June 2003 GGF8Introduction to Globus Toolkit® Overview of Installed Services l What just installed, and how? l Bundles on Unix and Windows: –GT3 core + higher-level services l Bundles on Unix only: –GRAM bundle + GT2 dependencies –Cbindings bundle + client –Replica Location Service (RLS) –GT2 components

June 2003 GGF8Introduction to Globus Toolkit® Other “Services” Bundled with GT3 l GridFTP –Used by RFT l Replica Location Service (RLS) –Distributed registry service that records the locations of data copies and allows discovery of replicas –Designed and implemented in a collaboration between the Globus and DataGrid projects The interfaces for these services are not yet OGSI-Compliant

June 2003 GGF8Introduction to Globus Toolkit® Where did they install? l /etc/grid-security –certificates/ subdirectory of trusted CAs –grid-mapfile –grim-port-type.xml –hostcert.pem, hostkey.pem –grid-security.conf l $GLOBUS_LOCATION –Everything else

June 2003 GGF8Introduction to Globus Toolkit® Location of GARs l Before the GARs are deployed, a copy is stored in gars/ l Contains the client and server Webservices Deployment Descriptor (WSDD), as well as the jar files l To change the main server-config.wsdd, can edit the service’s.wsdd file and re- deploy

June 2003 GGF8Introduction to Globus Toolkit® GPT Wrappers l The GARs apply to both Windows and Unix l GPT wraps the GAR with metadata, including dependency information and version number l Allows for easier upgrades, and for other software to indicate dependencies l

June 2003 GGF8Introduction to Globus Toolkit® GT3 Services l Core –OGSI hosting environment l MMJFS –The single point for submitting jobs l MJS –Instances created per submitted job l GRIM –Security tool for creating hostcert proxies

June 2003 GGF8Introduction to Globus Toolkit® GT3 services (cont.) l Index –A point to query for information l Aggregator –SDE aggregation tool. Used by index l mds_db –Used by index to track data l Providers –Used to obtain host information

June 2003 GGF8Introduction to Globus Toolkit® GT3 services (cont.) l RIPS –Queue information for jobs l Filestreaming –Used to move stdin/stdout for jobs l RFT –Reliable File Transfer l JMS –JMS notification source for J2SE/J2EE l Servicegroup –OGSI service groups

June 2003 GGF8Introduction to Globus Toolkit® Dependencies l Some backend tools see re-use from previous releases for use in resource management l For instance, jobmanager scripts for interfacing to local scheduling systems are the same l Besides GT2, Java CoG supplies integrated security

June 2003 GGF8Introduction to Globus Toolkit® Overview of Running Clients and Services l Set your environment l Create a proxy (single sign-on) l Available clients –GRAM client –Index clients –RFT client

June 2003 GGF8Introduction to Globus Toolkit® Environment Setup l Set your environment: –export GLOBUS_LOCATION –source etc/globus-user-env.sh l grid-proxy-init l This environment setup is assumed for all later slides

June 2003 GGF8Introduction to Globus Toolkit® Starting the container l Services run in the container l bin/globus-start-container –p l The container will print a list of Grid Service Handles (GSH) that can be used by clients – gram/MasterForkManagedJobFactoryService for instancehttp:// :8080/ogsa/services/base/ gram/MasterForkManagedJobFactoryService l User’s Guide has more details

June 2003 GGF8Introduction to Globus Toolkit® Running the GRAM Client l To submit a job: –bin/managed-job-globusrun –factory host{:port/service} -file etc/test.xml l Prerequisites: –Authorized to use the service by grid- mapfile and grim-port-type.xml –Have a proxy –Setuid GRIM and User Hosting Environment (UHE) launcher

June 2003 GGF8Introduction to Globus Toolkit® Running the GRAM Client (Cont.) l etc/test.xml contains the new format for the Resource Specification Language (RSL) l By default, outputs to /tmp/stdout /tmp/stderr –Probably good to customize it for yourself to avoid permissions errors l See Resource Management links under

June 2003 GGF8Introduction to Globus Toolkit® RSL Syntax l Elementary form: parenthesis clauses –(attribute op value [ value … ] ) –Now a XML schema l Operators Supported: – =, >, != l Some supported attributes: –executable, arguments, environment, stdin, stdout, stderr, resourceManagerContact, resourceManagerName l Unknown attributes are passed through –May be handled by subsequent tools

June 2003 GGF8Introduction to Globus Toolkit® Reading From the Index Service l bin/globus-service-browser l bin/ogsi-find-service-data –requires C bindings l Example: –ogsi-find-service-data -service se/gram/MasterForkManagedJobFactoryServ ice -sde Cluster l See Information Services for more details

June 2003 GGF8Introduction to Globus Toolkit® Using RFT l First, start a GridFTP server l Setup a postgres database for RFT to use l Enter DB values into server-config.wsdd l java org.globus.ogsa.gui.RFTClient l Store transfers in a file, one URL per line l See Data Management for more details

June 2003 GGF8Introduction to Globus Toolkit® Using RLS l globus-rls-server –New version uses PostgreSQL and psqlODBC l bin/globus-rls-admin -p rls://serverhost –ping test of server l

June 2003 GGF8Introduction to Globus Toolkit® Configuring GT3 l Add backend schedulers to MMJFS –PBS, LSF, Condor, … –These will be GPT setup packages. Run gpt-install and gpt-postinstall l Configure a hierarchy of index services l Adding new services –ant deployGar –Dgar.name=/path/to/gar l Check GTR for new services, and consider publishing your own (gtr.globus.org)

June 2003 GGF8Introduction to Globus Toolkit® Debugging l Always go to the most basic levels first! l If “connection refused” try telnet l If “DB connection refused” try your native DB client first l If trouble with your proxy, try –grid-proxy-init –verify –debug l If trouble with “policy” or GRIM, try –bin/globus-grim –out /tmp/grim_test

June 2003 GGF8Introduction to Globus Toolkit® Debugging (Cont.) l Logfiles –Make sure to redirect container logs to a file –~user/.globus/uhe- /log contains the logs for the UHE running on –GridFTP servers use syslog for keeping logs l Increase debugging level in ogsilogging.properties file

June 2003 GGF8Introduction to Globus Toolkit® Support l See – l It gives an overview of documentation, mailing lists, and bugzilla

June 2003 GGF8Introduction to Globus Toolkit® Introduction to GT3 l Background –The Grid Problem –The Globus Approach –OGSA & OGSI –Globus Toolkit l GT3 Architecture and Functionality: The Latest Refinement of the Globus Toolkit –Core –Base Services –User-Defined Services –Future Directions l Using GT3 –Installation –Configuration –Debugging –Support l Important Things to Remember

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.