Presentation is loading. Please wait.

Presentation is loading. Please wait.

Accounting Portal Pablo Rey, Javier Lopez (CESGA)

Published byMelanie Stevenson Modified over 6 years ago

Similar presentations

Presentation on theme: "Accounting Portal Pablo Rey, Javier Lopez (CESGA)"— Presentation transcript:

1 Accounting Portal Pablo Rey, Javier Lopez (CESGA)
Cristina Del Cano, John Gordon (RAL) ARM-11 Lyon

2 Overview APEL recent developments Tier2 Accounting and Reporting
Status of sites Accounting by UserDN and FQAN Views User View Site Admin View VO Manager View VO Member View APEL SAM Tests Future Work Demo ARM-11 Lyon

3 APEL recent developments
UserDN encryption FQAN Publishing Using blah log – should be compatible with CREAM Multi-CE support SAM Tests YAIM to handle UserDN publishing ARM-11 Lyon

4 User Level Accounting User Level Accounting Delivered
UserDN captured from CE log files (grid-jobmap logs) APEL uses the data to build accounting records Data published to GOC with on-the-fly encryption using APEL public key (1024 bit RSA) At the GOC data are extracted from RGMA and stored in a Central Accounting Repository. Data decrypted using APEL private key User Level summary table created On-the-fly encryption using EGEE Portal certificate Encrypted table pushed to CESGA portal Portal decrypts data and provides SSL based access to the summaries. ARM-11 Lyon

5 VOMS Groups and Roles UserFQAN
Capture UserFQAN from grid-jobmap log on CE FQAN chain processed at the GOC to derive Group and Role from the primary part of the chain. If UserFQAN present, we can use the Group to derive the VO of the user submitted job (otherwise we use the local unix group). ARM-11 Lyon

6 Status of sites (I) CERTIFIED sites NOT publishing accounting data to GOC in the last 3 months ROC Sites AsiaPacific INDIACMS-TIFR, KR-KISTI-GCRT-01 CentralEurope PEARL-AMU* CERN MCGILL-LCG2*, SDU-LCG2*, UFRJ-IF*, YerPhI* NorthernEurope IMCSUL, LSG-LUMC*, UiB*, VDU-IF-LCG2 SouthEasternEurope GR-07-UOI-HEPLAB* SouthWesternEurope CNB-LCG2 UKI UKI-SCOTGRID-ECDF* * Sites not publishing at all ARM-11 Lyon

7 UNREGISTERED sitenames
Status of sites (II) UNREGISTERED sitenames Sitename CE ROC EGEE-SEE-SCIER ctb31.gridctb.uoa.gr SEE GR-03-HEPNTUA-TEST1 ce05.hep.ntua.gr gri47xl.to.infn.it Italy HEPHY-UIBK-TESTBED test-lcgCE.uibk.ac.at ICEPP_TESTBED1 gridtb02.icepp.jp AsiaPacific IL-BGU-TEST cd-grid1.bgu.ac.il INFN-PADOVA-SLC4 prod-ce-01.pd.infn.it INFN-TORINO-DEV ce-test-20.to.infn.it ITEP-SL4 ceglite.itep.ru Russia IU_ATLAS_Tier2 aviss.avidd.iu.edu OSG JSTestBed bf32.hep.man.ac.uk UKI KTU-ELEN-TEST pupa.elen.ktu.lt NE PHI-AGRID deimos.ehv.campus.philips.com ?? PIC-SA3 vce01.pic.es SWE TUD-ZIH gridopt1.zih.tu-dresden.de TW-TEST ece UTA_SWT2 Unknown Could be deleted the data of these sitenames or could you provide us a GOC sitename? ARM-11 Lyon

8 Status of sites (III) Is ARM-11 Lyon

9 Italian Sites start to publish UserDN
Status of sites (IV) Italian Sites start to publish UserDN I presume these sites have not been publishing for that length of time but they republished. ARM-11 Lyon

10 Status of sites (V) Remember that we have never asked sites to switch this on. In SWE federation we have published almost all the records with the UserDN information since the beginning of EGEE-I ARM-11 Lyon

11 Status of sites (VI) LCG-CE with Patch 898?? ARM-11 Lyon

12 Status of sites (VII) ARM-11 Lyon

13 Status of sites (VIII): Special cases
OSG and NorduGrid sites don’t use APEL to publish the accounting data so they don’t publish UserDN and FQAN information. NIKHEF publishing their own encrypted UserDN strings Example LCGUserID: HPfh56sbc3AYKDn1Yusxgg Can only attribute usage to the VO INFN use the DGAS sensor and then publish into the APEL Portal Others could do the same. Will share current plans with OSG and NorduGrid. ARM-11 Lyon

14 Why sites don’t publish UserDN?
To publish the UserDN, sites have to set the publishGlobalUserName option to “yes”. Some sites may wish to suppress the DN for reasons of personal privacy. Once they have a Policy, WLCG may mandate its sites to publish By default, the DN is suppressed from publication. Addition of new variable in YAIM (testing in PPS): APEL_PUBLISH_USER_DN. If it is set to “yes”, it will enable UserDN encryption. The default is “no”. Normally, sites don’t change the default values, so if we want to obtain the UserDN information the default value should be set to “yes”. ARM-11 Lyon

15 Why sites don’t publish FQAN?
APEL misconfiguration: Sites use the deprecated option GkLogProcessor instead of the BlahdLogProcessor option. LCG-CEs that implement the Accounting Log File (Savannah Patch #898) no longer need to process the GateKeeper and Messages Logs. The GK/Msgs log functionality is kept in order to maintain backwards compatibility. There are sites that don’t have the Accounting Log Files (/opt/edg/var/gatekeeper/grid-jobmap_YYYYMMDD) in the CE. WHY? ARM-11 Lyon

16 Accounting Portal: Views
Apart of the Global View and the Reports tab, 4 news views using the UserDN and FQAN information are in development: User View. Site Admin View. VO Manager View. VO Member View. ARM-11 Lyon

17 User View Statistics of usage for all jobs belonging to the UserDN (CPU, WCT, distribution of usage between ROCs and sites, ...) What happens if the User changes their UserDN? How does the User access their data if they no longer have the old certificate? Do we need a mechanism to track the UserDN history? We could associate the old certificates with the new certificate. Example: New certificate: /DC=es/DC=irisgrid/O=cesga/CN=Pablo-Rey Old certificates: /C=ES/O=DATAGRID-ES/O=CESGA/CN=Pablo Rey Mayo /C=ES/O=DATAGRID-ES/O=CESGA/CN=Pablo Rey Mayo cert001 ARM-11 Lyon

18 Site Admin View This view let a Site Administrator to access to statistics of usage in its sites: Usage for Top 10 Users (Anonomised UserDN), area of pie shows the Total Usage by the SITE and the contribution of each of the Top 10 Users and Others, average Wall Clock Time (WCT) for all jobs belonging to each User, ... The list of site administrators is taken from the GOCDB Portal. ARM-11 Lyon

19 VO Manager View Each VO Manager could access to statistics of usage in its VO: Usage for Top 10 Users (Anonomised UserDN), area of pie shows the Total Usage by the VO and the contribution of each of the Top 10 Users and Others, average Wall Clock Time (WCT) for all jobs belonging to each User, ... The list of VO managers is taken from the VO Identity Cards of the CIC Portal. The Managers and Deputies are taken. APG requested CIC a new field for resource manager in the VO Card. ARM-11 Lyon

20 VO Member View This View will allow to have an overview of the status of the VO at a lower level of detail than the VO Manager View (grouping by VOMS roles and groups). The list of VO members is taken from the VOMS Servers registered in the VO Identity Cards of the CIC Portal. We use a script (voms2users) based on the voms2gacl script wrote by Steve Traylen. ARM-11 Lyon

21 Accounting Enforcement Task
COD (or at least some ROC Managers) have opened GGUS tickets (30257, 31272, 31279, , …) to sites that was not publishing accounting data, so: This task has been stopped: Tickets not opened since the end of last year. Should the tickets that are still opened (4) be closed?. APEL SAM tests available ARM-11 Lyon

22 Future work APEL Portal Accounting of local work (non-grid) MPI jobs
Alternative transport layer Portal VO-based structures – eg ATLAS Tier2 Cloud ARM-11 Lyon

23 APEL-SUPPORT@JISCMAIL.AC.UK egee-admin@cesga.es
Thanks ARM-11 Lyon

Download ppt "Accounting Portal Pablo Rey, Javier Lopez (CESGA)"

Similar presentations

21 Sep 2005LCG's R-GMA Applications R-GMA and LCG Steve Fisher & Antony Wilson.

21 Sep 2005LCG's R-GMA Applications R-GMA and LCG Steve Fisher & Antony Wilson.
29 June 2006 GridSite - www.gridsite.org - Andrew McNabwww.gridsite.org VOMS and VOs Andrew McNab University of Manchester.

29 June 2006 GridSite Andrew McNabwww.gridsite.org VOMS and VOs Andrew McNab University of Manchester.
Accounting Update Dave Kant Grid Deployment Board Nov 2007.

Accounting Update Dave Kant Grid Deployment Board Nov 2007.
Storage Accounting John Gordon, STFC GDB June 2012.

Storage Accounting John Gordon, STFC GDB June 2012.
A.Guarise – F.Rosso 1 Enabling Grids for E-sciencE INFSO-RI-508833 Comprehensive Accounting Views on large computing farms. Andrea Guarise & Felice Rosso.

A.Guarise – F.Rosso 1 Enabling Grids for E-sciencE INFSO-RI Comprehensive Accounting Views on large computing farms. Andrea Guarise & Felice Rosso.
Monitoring in EGEE EGEE/SEEGRID Summer School 2006, Budapest Judit Novak, CERN Piotr Nyczyk, CERN Valentin Vidic, CERN/RBI.

Monitoring in EGEE EGEE/SEEGRID Summer School 2006, Budapest Judit Novak, CERN Piotr Nyczyk, CERN Valentin Vidic, CERN/RBI.
JSPG: User-level Accounting Data Policy David Kelsey, CCLRC/RAL, UK LCG GDB Meeting, Rome, 5 April 2006.

JSPG: User-level Accounting Data Policy David Kelsey, CCLRC/RAL, UK LCG GDB Meeting, Rome, 5 April 2006.
Accounting in LCG Dave Kant CCLRC, e-Science Centre.

Accounting in LCG Dave Kant CCLRC, e-Science Centre.
8-Jul-03D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security (Report from the LCG Security Group) RAL, 8 July 2003 David Kelsey CCLRC/RAL, UK

8-Jul-03D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security (Report from the LCG Security Group) RAL, 8 July 2003 David Kelsey CCLRC/RAL, UK
Steve Traylen PPD Rutherford Lab Grid Operations PPD Christmas Lectures Steve Traylen RAL Tier1 Grid Deployment

Steve Traylen PPD Rutherford Lab Grid Operations PPD Christmas Lectures Steve Traylen RAL Tier1 Grid Deployment
GDB March 07 2007 - 1 User-Level, VOMS Groups and Roles Dave Kant CCLRC, e-Science Centre.

GDB March User-Level, VOMS Groups and Roles Dave Kant CCLRC, e-Science Centre.
EGEE-III INFSO-RI- 222667 Enabling Grids for E-sciencE www.eu-egee.org Operations Automation Team KoM, May 7 2008 ROC VIEW (SWE)‏ Javier Lopez Cacheiro/

EGEE-III INFSO-RI Enabling Grids for E-sciencE Operations Automation Team KoM, May ROC VIEW (SWE)‏ Javier Lopez Cacheiro/
Storage Accounting John Gordon, STFC GDB March 2013.

Storage Accounting John Gordon, STFC GDB March 2013.
HLRmon accounting portal DGAS (Distributed Grid Accounting System) sensors collect accounting information at site level. Site data are sent to site or.

HLRmon accounting portal DGAS (Distributed Grid Accounting System) sensors collect accounting information at site level. Site data are sent to site or.
Local Job Accounting Cristina del Cano Novales STFC-RAL.

Local Job Accounting Cristina del Cano Novales STFC-RAL.
Recent improvements in HLRmon, an accounting portal suitable for national Grids Enrico Fattibene (speaker), Andrea Cristofori, Luciano Gaido, Paolo Veronesi.

Recent improvements in HLRmon, an accounting portal suitable for national Grids Enrico Fattibene (speaker), Andrea Cristofori, Luciano Gaido, Paolo Veronesi.
DTI Mission – 29 June 2004 - 1 LCG Security Ian Neilson LCG Security Officer Grid Deployment Group CERN.

DTI Mission – 29 June LCG Security Ian Neilson LCG Security Officer Grid Deployment Group CERN.
Accounting Update John Gordon and Stuart Pullinger January 2014 GDB.

Accounting Update John Gordon and Stuart Pullinger January 2014 GDB.
Accounting non-Grid Use John Gordon Management Board 7/6/2007.

Accounting non-Grid Use John Gordon Management Board 7/6/2007.
EGEE-III INFSO-RI-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks APEL CPU Accounting in the EGEE/WLCG infrastructure.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks APEL CPU Accounting in the EGEE/WLCG infrastructure.

Similar presentations

Ads by Google