A Scalable Approach to Deploying and Managing Appliances Kate Keahey Rick Bradshaw, Narayan Desai, Tim Freeman Argonne National Lab, University of Chicago.

Slides:



Advertisements
Similar presentations
First Steps in the Clouds
Advertisements

Open Science Grid Living on the Edge: OSG Edge Services Framework Kate Keahey Abhishek Rana.
Virtualization, Cloud Computing, and TeraGrid Kate Keahey (University of Chicago, ANL) Marlon Pierce (Indiana University)
On-Demand Virtual Workspaces: Quality of Life in the Grid Kate Keahey Argonne National Laboratory.
Virtual Appliances for Scientific Applications Kate Keahey Argonne National Laboratory University of Chicago.
Virtual Workspaces State of the Art and Current Directions Borja Sotomayor University of Chicago (Dept. of CS) Kate Keahey ANL/UC.
Virtualization: Towards More Flexible and Efficient Grids Kate Keahey Argonne National Laboratory.
From Sandbox to Playground: Virtual Environments and Quality of Service in the Grids Kate Keahey Argonne National Laboratory.
Working Spaces: Virtual Machines in the Grid Kate Keahey Argonne National Laboratory Tim Freeman, Frank Siebenlist
Enabling Cost-Effective Resource Leases with Virtual Machines Borja Sotomayor University of Chicago Ian Foster Argonne National Laboratory/
Workspaces for CE Management Kate Keahey Argonne National Laboratory.
The VM deployment process has 3 major steps: 1.The client queries the VM repository, sending a list of criteria describing a workspace. The repository.
Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Division of Labor: Tools for Growing and Scaling Grids Tim Freeman, Kate Keahey, Ian Foster, Abhishek Rana, Frank Wuerthwein, Borja Sotomayor.
From Sandbox to Playground: Dynamic Virtual Environments in the Grid Kate Keahey Argonne National Laboratory Karl Doering University.
Virtual Workspaces in the Grid Kate Keahey Argonne National Laboratory Ian Foster, Tim Freeman, Xuehai Zhang, Daniel Galron.
Cloud Computing and Virtualization with Globus Oakland, May 2008 Kate Keahey Tim Freeman University of Chicago.
Sponsors and Acknowledgments This work is supported in part by the National Science Foundation under Grants No. OCI , IIP and CNS
Globus Virtual Workspaces An Update SC 2007, Reno, NV Kate Keahey Argonne National Laboratory University of Chicago
Nimbus or an Open Source Cloud Platform or the Best Open Source EC2 No Money Can Buy ;-) Kate Keahey Tim Freeman University of Chicago.
Globus Virtual Workspaces HEPiX Fall 2007, St Louis Kate Keahey Argonne National Laboratory University of Chicago
Education and training on FutureGrig Salt Lake City, Utah July 18 th 2011 Presented by Renato Figueiredo
Xen , Linux Vserver , Planet Lab
CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.
Unified Logs and Reporting for Hybrid Centralized Management
Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.
© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.
Kate Keahey Argonne National Laboratory University of Chicago Globus Toolkit® 4: from common Grid protocols to virtualization.
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.
Cyberaide Virtual Appliance: On-demand Deploying Middleware for Cyberinfrastructure Tobias Kurze, Lizhe Wang, Gregor von Laszewski, Jie Tao, Marcel Kunze,
IGEL UMS Product Marketing Manager October 2011 Florian Spatz Universal Management Suite.
Virtual Infrastructure in the Grid Kate Keahey Argonne National Laboratory.
 Cloud computing  Workflow  Workflow lifecycle  Workflow design  Workflow tools : xcp, eucalyptus, open nebula.
Copyright © 2011 EMC Corporation. All Rights Reserved. MODULE – 6 VIRTUALIZED DATA CENTER – DESKTOP AND APPLICATION 1.
INFSO-RI Enabling Grids for E-sciencE SA1: Cookbook (DSA1.7) Ian Bird CERN 18 January 2006.
Large Scale Sky Computing Applications with Nimbus Pierre Riteau Université de Rennes 1, IRISA INRIA Rennes – Bretagne Atlantique Rennes, France
From Virtualization Management to Private Cloud with SCVMM 2012 Dan Stolts Sr. IT Pro Evangelist Microsoft Corporation
Globus Virtual Workspaces OOI Cyberinfrastructure Design Meeting, San Diego, October Kate Keahey University of Chicago Argonne National Laboratory.
The Grid System Design Liu Xiangrui Beijing Institute of Technology.
Advanced Topics StratusLab Tutorial (Orsay, France) 28 November 2012.
Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.
Virtual Workspaces Kate Keahey Argonne National Laboratory.
Microsoft Management Seminar Series SMS 2003 Change Management.
Conference name Company name INFSOM-RI Speaker name The ETICS Job management architecture EGEE ‘08 Istanbul, September 25 th 2008 Valerio Venturi.
Ian Gable University of Victoria 1 Deploying HEP Applications Using Xen and Globus Virtual Workspaces A. Agarwal, A. Charbonneau, R. Desmarais, R. Enge,
Trusted Virtual Machine Images a step towards Cloud Computing for HEP? Tony Cass on behalf of the HEPiX Virtualisation Working Group October 19 th 2010.
Virtual Machines Created within the Virtualization layer, such as a hypervisor Shares the physical computer's CPU, hard disk, memory, and network interfaces.
Security Vulnerabilities in A Virtual Environment
Creating SmartArt 1.Create a slide and select Insert > SmartArt. 2.Choose a SmartArt design and type your text. (Choose any format to start. You can change.
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
DTI Mission – 29 June LCG Security Ian Neilson LCG Security Officer Grid Deployment Group CERN.
Turn Bare Metal Into Silver Lining With SCVMM 2012, Today! Mark Rhodes OBS SESSION CODE: SEC313 (c) 2011 Microsoft. All rights reserved.
Grid testing using virtual machines Stephen Childs*, Brian Coghlan, David O'Callaghan, Geoff Quigley, John Walsh Department of Computer Science Trinity.
ALL INFORMATION PRESENTED AS WELL AS ALL SESSIONS ARE MICROSOFT CONFIDENTIAL AND UNDER YOUR NON-DISCLOSURE AGREEMENT (NDA) AND\OR TECHNOLOGY PREVIEW.
Let's build a VMM service template from A to Z in one hour Damien Caro Technical Evangelist Microsoft Central & Eastern Europe
© 2010 VMware Inc. All rights reserved Why Virtualize? Beng-Hong Lim, VMware, Inc.
Towards Dynamic Database Deployment LCG 3D Meeting November 24, 2005 CERN, Geneva, Switzerland Alexandre Vaniachine (ANL)
Workspace Management Services Kate Keahey Argonne National Laboratory.
Dynamic Accounts: Identity Management for Site Operations Kate Keahey R. Ananthakrishnan, T. Freeman, R. Madduri, F. Siebenlist.
Windows 2012R2 Hyper-V and System Center 2012
Univa Grid Engine Makes Work Management Automatic and Efficient, Accelerates Deployment of Cloud Services with Power of Microsoft Azure MICROSOFT AZURE.
Let's talk about Linux and Virtualization in 'vLAMP'
Bentley Systems, Incorporated
Virtualization Review and Discussion
Managing Clouds with VMM
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
Sky Computing on FutureGrid and Grid’5000
Microsoft Virtual Academy
Virtualization, Cloud Computing, and TeraGrid
Sky Computing on FutureGrid and Grid’5000
Presentation transcript:

A Scalable Approach to Deploying and Managing Appliances Kate Keahey Rick Bradshaw, Narayan Desai, Tim Freeman Argonne National Lab, University of Chicago

06/05/07, TeraGrid 2007http://workspace.globus.org Environmental Problem Complexity Consistency ?

06/05/07, TeraGrid 2007http://workspace.globus.org Providers and Consumers Resource providerResource consumers Has a limited number of resources Want the resources when they need them & as much as they need Has to balance the software needs of multiple users Want to use specific software packages Has to provide a limited execution environment for security reasons Wants as much control as possible over resources

06/05/07, TeraGrid 2007http://workspace.globus.org Changing the Question Lets see whats available and adapt my problem to use it Here is the environment I need to solve my problem -- deploy it on the Grid Can we provide the middleware that will enable this change of approach?

06/05/07, TeraGrid 2007http://workspace.globus.org Virtual Workspaces l Dynamically overlay a required environment over resources in the Grid u Configuration and Information l Configuration management, e.g., Bcfg2, Pacman l Issues: How do I express what I want? How long will it take to install? How reliably will it provide the required environment? u Virtual Machines l Xen, VMware, etc. l Develop and test locally, deploy globally l Short deployment times u Paper: Quality of Service and Quality of Life in the Grid

06/05/07, TeraGrid 2007http://workspace.globus.org Virtual Machines: The Good News l Quality of Life u A user can provision a pre-configured customized and consistent environment across the Grid u The site does not need to understand users environment needs in detail u The site can provision environments in a cost- effective manner l And many other fine properties… u Quality of Service l Fine-grained enforcement l Performance isolation u Convenient serialization u Suspend/resume u For more see

06/05/07, TeraGrid 2007http://workspace.globus.org Virtual Machines: The Bad News l In order to run in the Grid a user now has to provide an image… l A site administrator now has to maintain potentially many more platforms than before… l How will the management of all these images scale? l If a user-provided image were to be deployed, how can it be integrated with its deployment context?

06/05/07, TeraGrid 2007http://workspace.globus.org To Have a Cake and Eat It Too… Get someone else to configure the image for me… Someone I could trust… Hopefully they can also manage it for me… Assuming I find such a person, how can I adapt this image to actually work with my site? provider

06/05/07, TeraGrid 2007http://workspace.globus.org To Have a Cake and Eat It Too… Get someone else to configure the image for me… Someone I could trust… Hopefully they can also manage it for me… Assuming I find such a person, will I be able to log in to those image? client

06/05/07, TeraGrid 2007http://workspace.globus.org Overview l Virtual Appliances l Configuring for contextualization u Example l Appliance Configuration and Management l Appliance Deployment l Conclusions

06/05/07, TeraGrid 2007http://workspace.globus.org Virtual Appliances l Environment to support a specific set of applications l Can be automatically adapted to many different deployment contexts l Examples of contextualization: u IP address u IP adresses of critical services u Ssh keys u Security certificates VM Image Context IP address SSH keys etc.

06/05/07, TeraGrid 2007http://workspace.globus.org Overall Approach Appliance Producer Appliance Deployment build an appliance update an appliance manage appliance deployment Appliance Management AA

06/05/07, TeraGrid 2007http://workspace.globus.org Applicance Contextualization (Preparation) contextualization agent Contextualization template IP address signed by provider to have properties XYZ certificate

06/05/07, TeraGrid 2007http://workspace.globus.org Appliance Contextualization (Deployment) delivery method Contextualization template IP address: etc. Validate signature: do we have properties XYZ ?

06/05/07, TeraGrid 2007http://workspace.globus.org Example: Virtual Cluster l Torque cluster u Assign IP addresses u Create accounts u Name resolution u ssh/scp keys for the nodes u Torque configuration files l The configuration template is consumed by self-contained Bcfg2 agent inside the VM

06/05/07, TeraGrid 2007http://workspace.globus.org Appliance Provider Software l Incremental construction l Versioning l Describe capabilities u Xen? Vmware? l Testing of appliances l Maintenance u Security RSS feed l Bugtraq, US-CERT Security Advisories l Attestation and signing u Automation is important! SL3 OSGTeraGrid STARCCSM…… SL4 …

06/05/07, TeraGrid 2007http://workspace.globus.org Appliance Provider Software l Bcfg2 u Incrementally constructed configuration profiles l E.g., OS, security services, application u Node analysis capabilities u Supplied with many Linux distributions u l rPath u Recipe-style configuration l Create a project, choose packages, cook, build the software appliance u Freely available online u Many appliances available, integrated with EC2 u

06/05/07, TeraGrid 2007http://workspace.globus.org Appliance Deployment l Matching appliances to resources u What VMM? What kernels? Etc. l Secure admission of appliances u Validate signature u Admission policies and workspace assertions l E.g., no root access, configuration and versioning assertions u SC05 Poster: Making your workspace secure: establishing trust with VMs in the Grid l Contextualization u Providing contextualization information u Secure delivery u Host certificates, virtual clusters, etc.

06/05/07, TeraGrid 2007http://workspace.globus.org The Workspace Service Pool node Pool node Pool node Pool node Pool node Pool node Pool node Pool node (1) The workspace service allows users to dynamically deploy and manage VMs on a pool of nodes (2) A Workspace is deployed based on (a) image + meta-data and (b) resource allocation (3) Access is determined based on attribute authorization, image validation work in progress (4) Contextualization: - Multiple methods of IP address assignment - Host certificates - Personalization work in progress VWS Service

06/05/07, TeraGrid 2007http://workspace.globus.org Contextualization and Delivery l The deployment software will rely on a range of services u Certificate authorities, IP management, etc. l Existing contextualization agents u DHCP u Workspace DHCP delivery method l Ad hoc methods u E.g., current workspace tools, configuring certificates, etc. l Configuration tools u Needed for application-specific tools l Delivery methods u Kernel parameters u Secure communication over the network u Files

06/05/07, TeraGrid 2007http://workspace.globus.org Appliance Layers l Layered Appliance u A set of interdependent layers l Appliance layers u Less data needs to travel u More flexible u Faster deployment u Trust management l Collaborative aspects of configuration System Layer Customization Layer Application Layer VO Layer

06/05/07, TeraGrid 2007http://workspace.globus.org New Roles Appliance Producer (Virtual Organization) Appliance Deployer (Resource Providers) build an appliance update an appliance manage appliance deployment

06/05/07, TeraGrid 2007http://workspace.globus.org Conclusions l Virtualization has the potential to allow providers to reach more users u Flexibility, fast turnaround, etc. u Examples: EC2 and others l Configuration management is increasing in importance important u Configuration for the masses… u We have the methods, but they need to be adapted l The role of VOs will grow u VO administrators trusted by the sites u VO security procedures

06/05/07, TeraGrid 2007http://workspace.globus.org Credits l Workspace team u Tim Freeman, Borja Sotomayor l Bcfg2 u Rick Bradshaw, Narayan Desai l Thanks to u Brett Adam, Ian Foster, Frank Siebenlist, Ravi Subramaniam, Marty Wesley

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.