UCY HPCL Introduction to the CrossGrid Testbed George Tsouloupas UCY HPCL
– What is the “CrossGrid testbed” ? ● A collection of distributed computing resources ● Supporting a “Grid environment” – Objectives ● Development, Testing and validation ● Emphasis on interoperability with EU-DataGrid (EDG) Extension of GRID across Europe
UCY HPCL Testbed Overview ● A collection of distributed computing resources – 16 sites (small & large) in 9 countries, connected through Géant + NRN ● 115 CPUs (Worker Nodes) ● 4 TB (Storage Elements) – + Grid Services: Middleware (based on Globus) RB, VO, RC… ● A group of people and resources make up the CrossGrid Virtual Organization (VO) and trust each other through national Certification Authorities.
UCY HPCL Testbed resources Network
UCY HPCL The Local Testbed We currently have: ● 1 CE (apelatis.grid.ucy.ac.cy) 2xPIII 1.2GHz 1GB ● 1 SE (se001.grid.ucy.ac.cy) 2xPIII 1GB 40GB ● 1 UI (thales.grid.ucy.ac.cy) P4 2GHz 1GB 40GB ● 4 WN (wn grid.ucy.ac.cy) P4 2GHz 1GB 40GB ● CA ● LCFG Installation server
UCY HPCL local testbed CURRENT local testbed status CE apelatis 2xPIII 1.2GHz 1GB RAM 18GB scsi 100Mbit SE 2xPIII 800MHz 1GB RAM 128GB scsi WN P4 2GHz 1GB RAM 40GB 1000Mbit CA (certificate generation) UI thales P4 2GHz 1GB RAM 40GB scsi 1000Mbit LCF G (installation server) nfs /home NFS Submit
UCY HPCL Grid Security ● Security is a primary concern when it comes to Grids. ● The Grid Security Infrastructure is based on Public Key Infrastructure. ● A user is authenticated based on possession of a private key (known only to the user). ● Authorization depends on whether the user's certificate is signed by an accepted Certification Authority (In our case the CyGrid CA) ● The gridmap-file at the target resource will determine the if a resource will accept a specific user, and specifies a mapping to a local user
UCY HPCL Crossgrid CA's
UCY HPCL Obtaining a certificate 1)Create a certificate request file: Under Globus use command: grid-cert-request Or using openssl command: openssl genrsa -des3 -out user.key; openssl req -new -x509 -days 365 -key user.key -out user-req.crt DN Format : person: "/C=CY/O=CyGrid/O=HPCL/CN=user name" machine: "/C=CY/O=CyGrid/O=HPCL/CN=host/machinename.ucy.ac.cy" 2)Send by your request file to: and your RA: DO NOT delete either the key file or the request file. It is the sole copy of your private key, Most importantly: keep it secure! 3)You will receive your certificate which is good for one year. 4)Install your certificate on the User Interface machine.
UCY HPCL Job Submission A machine installed as a EDG UI A machine with globus client CE Resource Broker CrossGrid/Datag rid Services ex: dg-job-submit ex: globus-job-submit
UCY HPCL Running a Job ● User logs in on the UI ● User issues a grid-proxy-init and enters his certificate's password, getting a valid Globus proxy ● User sets up his JDL file. Example: JDL of the “hello world” job Executable = "/bin/echo"; Arguments = "Hello World"; StdOutput = "Messagge.txt"; StdError = "stderr.log"; OutputSandbox = {"Message.txt","stderr.log"};
UCY HPCL Running a job ● User issues a: dg-job-submit HelloWorld.jdl and gets back from the system a unique Job Identifier (JobId) ● User issues a: dg-job-status to get logging information about the current status of his Job ● When the “OutputReady” status is reached, the user can issue a dg-job-get-output JobId and the system returns the name of the temporary directory where the job output can be found on the UI machine.
UCY HPCL Introduction to LCFG George Tsouloupas UCY HPCL
What is LCFG? ● Local ConFiGuration system ● A tool for installation and configuration of large scale, diverse, dynamically changing systems. ● Installs an RPM based Linux system and configures it. ● Config of entire site held in source files on central server ● Each machine defined by exactly one profile. ● “Profile” constructed for each machine – Utilise inheritance – Based on RPM lists, key-value pairs
UCY HPCL LCFG Server Components Server XML machine profiles. Web Server Serves RPM repository. NFS Server Manages the rpm repository and machine profiles. Software (LCFG) Provides network information. DHCP Server
UCY HPCL How LCFG Works in One Slide. A collection of agents read configuration parameters and either generate traditional config files or directly manipulate various services Abstract configuration parameters for all nodes stored in a central repository ldxprof Load Profile Generic Component Profile Object rdxprof Read Profile LCFG Objects Local cache Client nodes Web Server HTTP XML Profile LCFG Config Files Make XML Profile Server +inet.services telnet login ftp +inet.allow telnet login ftp sshd +inet.allow_telnet ALLOWED_NETWORKS +inet.allow_login ALLOWED_NETWORKS +inet.allow_ftp ALLOWED_NETWORKS +inet.allow_sshd ALL +inet.daemon_sshd yes auth.users myckey +auth.userhome_mickey /home/mickey +auth.usershell_mickey /bin/tcsh Config files , /home/MickeyMouseHome /bin/tcsh XML profiles Profile Object inet auth /etc/services /etc/inetd.conf /etc/hosts.allow in.telnetd : , in.rlogind : , in.ftpd : , sshd : ALL /etc/shadow /etc/group /etc/passwd.... mickey:x:999:20::/home/Mickey:/bin/tcsh....
UCY HPCL LCFG Installation ● Custom install Red Hat 6.2 including – NFS, web server ● Install LCFG RPMs and directory tree ● Configure web server ● Populate RPM repositories ● Make root filesystem available over NFS ● Configure DHCP server ● Create client profiles
UCY HPCL Profiles ● A profile contains a list of RPMs to be installed and configuration data ● Located in /var/obj/conf/profile/source. ● Edit site-cfg.h => globus.conf, info-mds.conf, gdmp.conf and others. ● Files testbed001 - testbed004 are sample UI, CE, SE and WN. Rename one, e.g. apelatis. ● Edit apelatis ; hostname and hardware. #include "AIC_ComputingElement-cfg.h"... +update.modlist eepro100 +update.mod_eepro100 alias eth0 eepro100 +update.rootpwd hj%4aJkf\k45
UCY HPCL Profiles (cont) ● Contents of "AIC_ComputingElement-cfg.h" #include "ComputingElement-cfg.h" +update.rpmcfg CE_AIC7xxx-rpm +update.disks sda +update.bootdisk sda +update.dopartition_sda yes +update.partitions_sda sda2 sda1 sda3 +update.pdetails_sda1 64 /boot +update.pdetails_sda2 free / +update.pdetails_sda swap
UCY HPCL Questions ?...then more examples on prometheus.grid.ucy.ac.cy (our LCFG server)