AustrianGrid, LCG & more Reinhard Bischof HPC-Seminar April 8 th 2005.

Slides:

Advertisements

Similar presentations

Introduction of Grid Security

Advertisements

Legacy code support for commercial production Grids G.Terstyanszky, T. Kiss, T. Delaitre, S. Winter School of Informatics, University.

FP7-INFRA Enabling Grids for E-sciencE EGEE Induction Grid training for users, Institute of Physics Belgrade, Serbia Sep. 19, 2008.

Role Based VO Authorization Services Ian Fisk Gabriele Carcassi July 20, 2005.

Andrew McNab - EDG Access Control - 14 Jan 2003 EU DataGrid security with GSI and Globus Andrew McNab University of Manchester

A Computation Management Agent for Multi-Institutional Grids

The Community Authorisation Service – CAS Dr Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College London.

The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) gLite Grid Services Abderrahman El Kharrim

INFSO-RI Enabling Grids for E-sciencE JRA3 2 nd EU Review Input David Groep NIKHEF.

Workload Management Workpackage Massimo Sgaravatto INFN Padova.

Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © Chapter 1, pp For educational use only.

Basic Grid Job Submission Alessandra Forti 28 March 2006.

Grid Computing Reinhard Bischof ECFA-Meeting March 26 th 2004 Innsbruck.

DataGrid Kimmo Soikkeli Ilkka Sormunen. What is DataGrid? DataGrid is a project that aims to enable access to geographically distributed computing power.

Security Mechanisms The European DataGrid Project Team

UNICORE UNiform Interface to COmputing REsources Olga Alexandrova, TITE 3 Daniela Grudinschi, TITE 3.

Joining the Grid Andrew McNab. 28 March 2006Andrew McNab – Joining the Grid Outline ● LCG – the grid you're joining ● Related projects ● Getting a certificate.

Grids and Globus at BNL Presented by John Scott Leita.

OSG End User Tools Overview OSG Grid school – March 19, 2009 Marco Mambelli - University of Chicago A brief summary about the system.

Riccardo Bruno INFN.CT Sevilla, Sep 2007 The GENIUS Grid portal.

Don Quijote Data Management for the ATLAS Automatic Production System Miguel Branco – CERN ATC

Grid Canada CLS eScience Workshop 21 st November, 2005.

Matthew Palmer, Cambridge University01/10/2015 First Use of the UK e-Science Grid Overview The Physics Experiences Looking forward Conclusions Matthew.

Grid Computing - AAU 14/ Grid Computing Josva Kleist Danish Center for Grid Computing

GT Components. Globus Toolkit A “toolkit” of services and packages for creating the basic grid computing infrastructure Higher level tools added to this.

Grid Security 1. Grid security is a crucial component Need for secure communication between grid elements  Authenticated ( verify entities are who they.

DataGrid WP6 CA meeting, CERN, 12 December 2002 IISAS Certification Authority Jan Astalos Department of Parallel and Distributed Computing Institute of.

G RID M IDDLEWARE AND S ECURITY Suchandra Thapa Computation Institute University of Chicago.

Grid Technologies  Slide text. What is Grid?  The World Wide Web provides seamless access to information that is stored in many millions of different.

Evolution of the Open Science Grid Authentication Model Kevin Hill Fermilab OSG Security Team.

CHEP03 Mar 25Mary Thompson Fine-grained Authorization for Job and Resource Management using Akenti and Globus Mary Thompson LBL,Kate Keahey ANL, Sam Lang.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,

3-Nov-00D.P.Kelsey, HEPiX, JLAB1 Certificates for DataGRID David Kelsey CLRC/RAL, UK

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Introduction to GILDA and gaining access.

June 24-25, 2008 Regional Grid Training, University of Belgrade, Serbia Introduction to gLite gLite Basic Services Antun Balaž SCL, Institute of Physics.

Condor-G A Quick Introduction Alan De Smet Condor Project University of Wisconsin - Madison.

Security Mechanisms The European DataGrid Project Team

MTA SZTAKI Hungarian Academy of Sciences Introduction to Grid portals Gergely Sipos

EGEE-II INFSO-RI Enabling Grids for E-sciencE The GILDA training infrastructure.

User Management: Authentication & Authorization on the NorduGrid Balázs Kónya, AndersWäänänen 3 rd NorduGrid Workshop, 23 May, 2002 Helsinki.

Michael Fenn CPSC 620, Fall 09.  Grid computing is the process of allowing loosely-coupled virtual organizations to share resources over a wide area.

Next Steps: becoming users of the NGS Mike Mineter

Role Based VO Authorization Services Ian Fisk Gabriele Carcassi July 20, 2005.

US LHC OSG Technology Roadmap May 4-5th, 2005 Welcome. Thank you to Deirdre for the arrangements.

Creating and running an application.

Portal Update Plan Ashok Adiga (512)

Authorisation, Authentication and Security Guy Warner NeSC Training Team Induction to Grid Computing and the EGEE Project, Vilnius,

Glite. Architecture Applications have access both to Higher-level Grid Services and to Foundation Grid Middleware Higher-Level Grid Services are supposed.

Grid technology Security issues Andrey Nifatov A hacker.

Performance of The NorduGrid ARC And The Dulcinea Executor in ATLAS Data Challenge 2 Oxana Smirnova (Lund University/CERN) for the NorduGrid collaboration.

DTI Mission – 29 June LCG Security Ian Neilson LCG Security Officer Grid Deployment Group CERN.

Last update 21/01/ :05 LCG 1Maria Dimou- cern-it-gd Current LCG User Registration, VO management and Authorisation Procedures VOMS workshop

Last update 31/01/ :41 LCG 1 Maria Dimou Procedures for introducing new Virtual Organisations to EGEE NA4 Open Meeting Catania.

WLCG Authentication & Authorisation LHCOPN/LHCONE Rome, 29 April 2014 David Kelsey STFC/RAL.

1 A Scalable Distributed Data Management System for ATLAS David Cameron CERN CHEP 2006 Mumbai, India.

VOX Project Tanya Levshina. 05/17/2004 VOX Project2 Presentation overview Introduction VOX Project VOMRS Concepts Roles Registration flow EDG VOMS Open.

The GRIDS Center, part of the NSF Middleware Initiative Grid Security Overview presented by Von Welch National Center for Supercomputing.

WMS baseline issues in Atlas Miguel Branco Alessandro De Salvo Outline  The Atlas Production System  WMS baseline issues in Atlas.

OSG Status and Rob Gardner University of Chicago US ATLAS Tier2 Meeting Harvard University, August 17-18, 2006.

2007© SWITCH SWITCHslcs the new AAI-based short-lived credential service for Grid users C.Witzig Swiss Grid Day, Berne, May 7, 2007.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Services for Distributed e-Infrastructure Access Tiziana Ferrari on behalf.

EGEE-II INFSO-RI Enabling Grids for E-sciencE Authentication, Authorisation and Security Mike Mineter, National e-Science Centre.

The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) gLite Grid Introduction Salma Saber Electronic.

Enabling Grids for E-sciencE Claudio Cherubino INFN DGAS (Distributed Grid Accounting System)

EGEE VO Management.

CRC exercises Not happy with the way the document for testbed architecture is progressing More a collection of contributions from the mware groups rather.

Update on EDG Security (VOMS)

Grid Security M. Jouvin / C. Loomis (LAL-Orsay)

The GENIUS Security Services

Presentation transcript:

AustrianGrid, LCG & more Reinhard Bischof HPC-Seminar April 8 th 2005

AustrianGrid Resources

AustrianGrid Monitor

LCG Large Hadron Collider Computing Grid >100 sites, > users, > CPUs Atlas (LCG experiment) last week : > jobs on one day

Atlas production Data Management Don Quijote Supervisor Windmill Executor LCG Lexor Executor Nordugrid Dulcinea Executor Grid2003 Capone

Grid at the moment ~4200 CPUs uses Globus-Toolkit, Condor-G

43 sites 3570 CPUs GlobusToolkit + NorduGrid Middleware (Advance Resource Connector)

Grid computing secure: each user must have a certificate (electronic passport) which contains a globally unique name e.g. /C=AT/O=AustrianGrid/O=UIBK/OU=ZID/CN=Reinhard Bischof contains the user's public key is signed by an accepted Certification Authority Grid computing is... flexible, secure, coordinated resource sharing among dynamic collections of individuals, institutions and resources (virtual organizations). ( The Anatomy of the Grid, Ian Foster, Carl Kesselman,Steven Tuecke) flexible, coordinated grids are dynamic (resources are added/removed) : there is a need for a system colllecting information on the status of the single sites (Information System), jobs must be distributed to suitable resources (compare to local resource management)

Grid: From local to global resource management Information System (Top) Certificate /C=AT/O=AustrianGrid/O=UIBK/OU=HEPG/CN=Nemo Replica Location Service Which resources are available ? Many, many other clusters Storage Where are the files I need ? Mapfile C=AT/O=AustrianGrid/O=UIBK/OU=HEPG/CN=Nemo.atlas job is executed e.g. as local user atlas003 PC Local resource management SGE Cluster 1 Master PC Local resource management condor Cluster 2 Master Gatekeeper Information system GridFTP Certificate /C=AT/O=AustrianGrid/O=UIBK/OU=HEPG/CN=host/grid.uib k.ac.at Gatekeeper Information system GridFTP

AustrianGrid Information Index

AustrianGrid Certification Authority accepted by EU-GridPMA (European Policy Management Authority for Grid Authentication in e-Science) currently 37 CAs are accepted how to get certificates: – your group sends a registration form (available on the AustrianGrid CA webpage) nominating 2 contact persons (who must apply for certificates) to the local Registration Authority the RA sends a copy to the CA, the group is added on a pull down menu on the certificate request page – group members can request a certificate using the CA webpage: a script is generated which must be run on your computer, the request file is sent to the RA, a contact person of the group sends a consent via and you must personally contact the RA (identity card required, will be scanned)

“ global “ user management 2nd step: Authorisation LCG: – apply for membership in a virtual organization (LHC-experiment) – the VO's administrator adds the new user to the VOs ldap-server – on each site a list of members of the supported VOs is generated (mapping name of certificate -> VO) – each VO has an account pool (e.g. 50 accounts), if a user sends a job to a site for the first time a free account of the VO is assigned – accounts which aren't used for some time are recycled AustrianGrid: at the moment no automatic grid user management (users are manually added at each site) – define VOs ? (e.g. agrid, develop,..) – static / dynamic mapping to accounts ?

Using the AustrianGrid Get the software – globus toolkit rpms e.g. from nordugrid – use software on local netapp-server on /usr/site/grid, nothing to install locally, source /usr/site/grid/etc/profile.d/globus.sh to set the environment Create a proxy certificate (new private/public key, short lifetime): grid-proxy-init Your identity: /C=AT/O=AustrianGrid/O=UIBK/OU=ZID/CN=Reinhard Bischof Enter GRID pass phrase for this identity: Creating proxy Done Your proxy is valid until: for an interactive usage log in using glogin: glogin agrid1 -bash-2.05b$ exit logout Connection closed by foreign host. own resources can be added to the AustrianGrid (as the local load allows it) using the installed software on /usr/site/grid, a certificate for the host is needed

Conclusions The time of testbeds is gone, we have production grids, but.. – there remains the need for several improvements (especially data management) AustrianGrid – grid middleware (Globus Toolkit) on several resources – currently establishing core services (Information Index..) – to be decided : automatic user management – advanced middleware will be added (resource broker (DPS-group)) – for middleware development : more sites available during normal working hours would be an advantage (HPC-Cluster ?) – 96 Itanium CPUs on 6 Altix350 machines are waiting for scientific workload