Dynamic Creation and Management of Runtime Environments in the Grid Kate Keahey Matei Ripeanu Karl Doering.

Slides:



Advertisements
Similar presentations
Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Advertisements

From Sandbox to Playground: Dynamic Virtual Environments in the Grid Kate Keahey Argonne National Laboratory Karl Doering University.
Virtual Workspaces in the Grid Kate Keahey Argonne National Laboratory Ian Foster, Tim Freeman, Xuehai Zhang, Daniel Galron.
Scaling TeraGrid Access A Testbed for Attribute-based Authorization and Leveraging Campus Identity Management
Open Grid Forum 19 January 31, 2007 Chapel Hill, NC Stephen Langella Ohio State University Grid Authentication and Authorization with.
Abstraction Layers Why do we need them? –Protection against change Where in the hourglass do we put them? –Computer Scientist perspective Expose low-level.
Interaction model of grid services in mobile grid environment Ladislav Pesicka University of West Bohemia.
Dynamic Sessions OASIS Security Services Face to Face #3 June 25, 2001.
Resource specification update for PlanetLab and VINI Andy Bavier Princeton University March 16, 2010.
PlanetLab Architecture Larry Peterson Princeton University.
H Apr-01 Clark Thomborson Software Security CompSci 725 Handout 28: Report Writing #2 (Sample Titles & Abstracts) Clark Thomborson University of.
Xen , Linux Vserver , Planet Lab
Monitoring and performance measurement in Production Grid Environments David Wallom.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.
A Model for Grid User Management Rich Baker Dantong Yu Tomasz Wlodek Brookhaven National Lab.
GridScape Ding Choon Hoong Grid Computing and Distributed Systems (GRIDS) Lab. The University of Melbourne Melbourne, Australia WW Grid.
UNICORE UNiform Interface to COmputing REsources Olga Alexandrova, TITE 3 Daniela Grudinschi, TITE 3.
Globus Computing Infrustructure Software Globus Toolkit 11-2.
Minerva Infrastructure Meeting – October 04, 2011.
Kate Keahey Argonne National Laboratory University of Chicago Globus Toolkit® 4: from common Grid protocols to virtualization.
Virtual Infrastructure in the Grid Kate Keahey Argonne National Laboratory.
Andy Bavier, PlanetWorks Scott Baker, SB-Software July 27, 2011.
CGW 2003 Institute of Computer Science AGH Proposal of Adaptation of Legacy C/C++ Software to Grid Services Bartosz Baliś, Marian Bubak, Michał Węgiel,
Dynamic Firewalls and Service Deployment Models for Grid Environments Gian Luca Volpato, Christian Grimm RRZN – Leibniz Universität Hannover Cracow Grid.
GRAM: Software Provider Forum Stuart Martin Computational Institute, University of Chicago & Argonne National Lab TeraGrid 2007 Madison, WI.
INFSO-RI Enabling Grids for E-sciencE The US Federation Miron Livny Computer Sciences Department University of Wisconsin – Madison.
1 Evolution of OSG to support virtualization and multi-core applications (Perspective of a Condor Guy) Dan Bradley University of Wisconsin Workshop on.
INFSO-RI Enabling Grids for E-sciencE SA1: Cookbook (DSA1.7) Ian Bird CERN 18 January 2006.
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
Grid Resource Allocation and Management (GRAM) Execution management Execution management –Deployment, scheduling and monitoring Community Scheduler Framework.
Through the development of advanced middleware, Grid computing has evolved to a mature technology in which scientists and researchers can leverage to gain.
TeraGrid CTSS Plans and Status Dane Skow for Lee Liming and JP Navarro OSG Consortium Meeting 22 August, 2006.
CHEP03 Mar 25Mary Thompson Fine-grained Authorization for Job and Resource Management using Akenti and Globus Mary Thompson LBL,Kate Keahey ANL, Sam Lang.
Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.
Virtual Workspaces Kate Keahey Argonne National Laboratory.
Ames Research CenterDivision 1 Information Power Grid (IPG) Overview Anthony Lisotta Computer Sciences Corporation NASA Ames May 2,
Cracow Grid Workshop ‘06 17 October 2006 Execution Management and SLA Enforcement in Akogrimo Antonios Litke Antonios Litke, Kleopatra Konstanteli, Vassiliki.
Policy Resolution and Enforcement of Privileges in a Grid Authorization System Based on Job Properties Sang-Min Park, Glenn Wasson, and Marty Humphrey.
User Management: Authentication & Authorization on the NorduGrid Balázs Kónya, AndersWäänänen 3 rd NorduGrid Workshop, 23 May, 2002 Helsinki.
GridLab WP-2 Cactus GAT (CGAT) Ed Seidel, AEI & LSU Co-chair, GGF Apps RG, Gridstart Apps TWG Gabrielle Allen, Robert Engel, Tom Goodale, *Thomas Radke.
Legion - A Grid OS. Object Model Everything is object Core objects - processing resource– host object - stable storage - vault object - definition of.
Overview of Privilege Project at Fermilab (compilation of multiple talks and documents written by various authors) Tanya Levshina.
US LHC OSG Technology Roadmap May 4-5th, 2005 Welcome. Thank you to Deirdre for the arrangements.
Conference name Company name INFSOM-RI Speaker name The ETICS Job management architecture EGEE ‘08 Istanbul, September 25 th 2008 Valerio Venturi.
Prof S.Ramachandram Dept of CSE,UCE Osmania University
Leveraging the InCommon Federation to access the NSF TeraGrid Jim Basney Senior Research Scientist National Center for Supercomputing Applications University.
RUS: Resource Usage Service Steven Newhouse James Magowan
Trusted Virtual Machine Images a step towards Cloud Computing for HEP? Tony Cass on behalf of the HEPiX Virtualisation Working Group October 19 th 2010.
Grid and Cloud Computing Alessandro Usai SWITCH Sergio Maffioletti Grid Computing Competence Centre - UZH/GC3
CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Michał Jankowski, Paweł Wolniewicz, Jiří Denemark, Norbert Meyer,
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
Globus and PlanetLab Resource Management Solutions Compared M. Ripeanu, M. Bowman, J. Chase, I. Foster, M. Milenkovic Presented by Dionysis Logothetis.
Standards driven AAA for Job Management within the OMII-UK distribution Steven Newhouse Director, OMII-UK
GESA: Grid Economic Services Architecture Steven Newhouse Jon MacLaren
OGSA. Introduction Built next generation of service Based on web service technology 3 main areas: – Manage creation, destruction & lifecycle management.
Sponsored by the National Science Foundation GENI Cloud Security GENI Engineering Conference 12 Kansas City, MO Stephen Schwab University of Southern California.
INFSO-RI Enabling Grids for E-sciencE Policy management and fair share in gLite Andrea Guarise HPDC 2006 Paris June 19th, 2006.
VOX Project Tanya Levshina. 05/17/2004 VOX Project2 Presentation overview Introduction VOX Project VOMRS Concepts Roles Registration flow EDG VOMS Open.
The GRIDS Center, part of the NSF Middleware Initiative Grid Security Overview presented by Von Welch National Center for Supercomputing.
The Exchange Network Node Mentoring Workshop User Management on the Exchange Network Joe Carioti February 28, 2005.
Claudio Grandi INFN Bologna Virtual Pools for Interactive Analysis and Software Development through an Integrated Cloud Environment Claudio Grandi (INFN.
WP5 – Infrastructure Operations Test and Production Infrastructures StratusLab kick-off meeting June 2010, Orsay, France GRNET.
Designing a Federated Testbed as a Distributed System Robert Ricci, Jonathon Duerig, Gary Wong, Leigh Stoller, Srikanth Chikkulapelly, Woojin Seok 1.
Overview of the New Security Model Akos Frohner (CERN) WP8 Meeting VI DataGRID Conference Barcelone, May 2003.
Enabling Grids for E-sciencE Claudio Cherubino INFN DGAS (Distributed Grid Accounting System)
Workspace Management Services Kate Keahey Argonne National Laboratory.
Dynamic Accounts: Identity Management for Site Operations Kate Keahey R. Ananthakrishnan, T. Freeman, R. Madduri, F. Siebenlist.
Management of Virtual Execution Environments 3 June 2008
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
Presentation transcript:

Dynamic Creation and Management of Runtime Environments in the Grid Kate Keahey Matei Ripeanu Karl Doering

10/08/03Dynamic Runtime Environments in the Grid Overview l An execution in a Grid environment requires support for dynamic actions l Current state u Statically configured user accounts l Administrative burden l Statically created, do not reflect dynamically changing VO policies l We propose u Runtime environments l Dynamically created and managed l Leverage OGSI abstractions to implement them u Show how this concept can be applied l Planet Lab

10/08/03Dynamic Runtime Environments in the Grid Driving the Design l Requirements u Protection l User protection l Resource protection u Controlled resource usage l Fine-grain enforcement u Authorization u Audit l Objectives u Automating administration l Enables dynamic management u Formalizing creation and management l Enables a variety of underlying implementations based on need and availability (sandboxes, VMs)

10/08/03Dynamic Runtime Environments in the Grid Key abstractions l RTEFactory: creates RTE services u Creates both a service and underlying implementation u Invokes initialization/configuration procedures u Writes access policy l Currently simply gives the request initiator the right to use the account l Implemented in the GT3 gridmapfile l RTEService u Interface to the dynamically created runtime environment u Identified by a GSH u SDEs: l RTE_Implementation l Local name l Termination Time (with default settings) l RTE properties (currently: quota) u Termination implies account destruction and policy update u Using soft-state termination and defining termination semantics ensures that the account will be properly terminated

10/08/03Dynamic Runtime Environments in the Grid An Interaction Scenario User (1) DN (4) GSH local RTE implementation setuid (3) gridmapfile (5) GRAM (6) Request+GSH (2) RTESservice PEP RTEFactory Service PEP

10/08/03Dynamic Runtime Environments in the Grid PlanetLab l A testbed for a class of networked services u DHTs, CDNs, Fast data transfers, RONs, etc. l Deployed over 180 nodes, 70 sites, 5 continents l Allocation unit: a slice = a set of virtual machines, one at each node. Sounds like a good starting point for a Grid Services testbed! OS Slice N OS Slice N OS Slice N OS Slice N

10/08/03Dynamic Runtime Environments in the Grid So, what is missing? l Need to authenticate users and allocate resources independent of PlanetLab mechanisms. l No sharing between VMs on same node. Solution: Work within one slice: a GSLab user gets an account on each VM in GSLab slice. Also: show how GT3 can be used to manage PlanetLab resources. OS GSLab OS GSLab OS GSLab OS GSLab Management account GT3 Account 1Account 2

10/08/03Dynamic Runtime Environments in the Grid GSLab - Functionality l Manage user accounts across a set of VMs l Additional functionality provided to users: u Submit jobs to and login on these accounts u Create fresh, start, stop, restart GS containers across a set of accounts (scripts). u Deploy services in containers (more scripts).

10/08/03Dynamic Runtime Environments in the Grid GSLab - Overall architecture User RTEFactory Service 1. Request (user, RTE attributes) 2. Reply: credentials signed by AP (policy statement) 3. CreateRTE request (includes credentials obtained in step 2) 6. RTE lifetime expires 4. Extend RTE lifetime; change RTE parameters; destroy RTE  User authentication and authorization  Resource allocation  Monitoring and management of the testbed Admin Point (AP) Local nodes 0. Registration (soft-state) gsisshd 5. Login to user account; Scripts RTEService User RTE

10/08/03Dynamic Runtime Environments in the Grid Current Work and Status l Prototype implementation available u Dynamic accounts l u GSLab l Current work u Research l Exploring sandboxing and VMs l Relationship to WS-Agreement u Deployment l Offer GSLab as a service to the community: obtain account on GSLab for a short time

10/08/03Dynamic Runtime Environments in the Grid Conclusions l Were GS abstractions useful: yes l Lessons Learned u Expose GS containers as grid services. u Ability to deploy any service dynamically u Authorization service u Canonical form for GSH u GT3: more documentation, maturity