Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Grid Computing and the Globus Toolkit™

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Introduction to Grid Computing and the Globus Toolkit™"— Presentation transcript:

1 Introduction to Grid Computing and the Globus Toolkit™
The Globus Project™ Argonne National Laboratory USC Information Sciences Institute Copyright (c) 2002 University of Chicago and The University of Southern California. All Rights Reserved. This presentation is licensed for use under the terms of the Globus Toolkit Public License. See for the full text of this license.

2 Introduction to the Globus Toolkit™
Outline Introduction to Grid Computing Grid Problem The Globus Toolkit™ Introduction, Security, Resource Management, Information Services, Data Management Future and Conclusions Introduction to the Globus Toolkit™

3 Introduction to the Globus Toolkit™
The Grid Problem Flexible, secure, coordinated resource sharing among dynamic collections of individuals, institutions, and resource From “The Anatomy of the Grid: Enabling Scalable Virtual Organizations” Enable communities (“virtual organizations”) to share geographically distributed resource, assuming the absence of… central location, central control, existing trust relationships. Introduction to the Globus Toolkit™

4 What is a Virtual Organization?
Facilitates the workflow of a group of users across multiple domains who share (some of) their resources to solve particular classes of problems Resources are often administered by organizations (vendors, manufacturers) Introduction to the Globus Toolkit™

5 Elements of the Problem
Resource sharing Computers, storage, sensors, networks, … Sharing always conditional: issues of trust, policy, negotiation, payment, … Coordinated problem solving Beyond client-server: distributed data analysis, computation, collaboration, … Dynamic, multi-institutional virtual orgs Community overlays on classic org structures Large or small, static or dynamic Introduction to the Globus Toolkit™

6 Online Access to Scientific Instruments
Advanced Photon Source wide-area dissemination desktop & VR clients with shared controls real-time collection archival storage tomographic reconstruction Introduction to the Globus Toolkit™

7 The Globus Project™ Making Grid computing a reality
Close collaboration with real Grid projects in science and industry Development and promotion of standard Grid protocols Development and promotion of standard Grid software APIs and SDKs The Globus Toolkit™: Open source, reference software base for building grid infrastructure and applications Introduction to the Globus Toolkit™

8 One View of Requirements
Identity & authentication Authorization & policy Resource discovery Resource characterization Resource allocation (Co-)reservation, workflow Distributed algorithms Remote data access High-speed data transfer Performance guarantees Monitoring Adaptation Intrusion detection Resource management Accounting & payment Fault management System evolution Etc. Introduction to the Globus Toolkit™

9 Where Are We With Architecture?
No “official” standards exist But: Globus Toolkit™ has emerged as the popular standard for several important Connectivity, Resource, and Collective protocols GGF has an architecture working group Technical specifications are being developed for architecture elements: e.g., security, data, resource management, information Internet drafts submitted in security area Introduction to the Globus Toolkit™

10 Introduction to the Globus Toolkit™
A software toolkit addressing key technical problems in the development of Grid enabled tools, services, and applications Offer a modular “bag of technologies” Enable incremental development of grid-enabled tools and applications Implement standard Grid protocols and APIs Make available under liberal open source license Introduction to the Globus Toolkit™

11 Introduction to the Globus Toolkit™
General Approach Define Grid protocols & APIs Protocol-mediated access to remote resources Integrate and extend existing standards “On the Grid” = speak “Intergrid” protocols Develop a reference implementation Open source Globus Toolkit Client and server SDKs, services, tools, etc. Grid-enable wide variety of tools Globus Toolkit, FTP, SSH, Condor, SRB, MPI, … Learn through deployment and applications Introduction to the Globus Toolkit™

12 Introduction to the Globus Toolkit™
Key Protocols The Globus Toolkit™ centers around four key protocols Connectivity layer: Security: Grid Security Infrastructure (GSI) Resource layer: Resource Management: Grid Resource Allocation Management (GRAM) Information Services: Grid Resource Information Protocol (GRIP) Data Transfer: Grid File Transfer Protocol (GridFTP) Also key collective layer protocols Info Services, Replica Management, etc. Introduction to the Globus Toolkit™

13 The Globus Toolkit™: Security

14 Introduction to the Globus Toolkit™
Security Terminology Authentication: Establishing identity Authorization: Establishing rights Message protection Message integrity Message confidentiality Digital signature Accounting Certificate Authority (CA) Introduction to the Globus Toolkit™

15 Why Grid Security is Hard
Resources being used may be valuable & the problems being solved sensitive Resources are often located in distinct administrative domains Each resource has own policies & procedures Set of resources used by a single computation may be large, dynamic, and unpredictable Not just client/server, requires delegation It must be broadly available & applicable Standard, well-tested, well-understood protocols; integrated with wide variety of tools Introduction to the Globus Toolkit™

16 Grid Security Requirements
1) Easy to use 2) Single sign-on 3) Run applications ftp,ssh,MPI,Condor,Web,… 4) User based trust model 5) Proxies/agents (delegation) User View 1) Specify local access control 2) Auditing, accounting, etc. 3) Integration w/ local system Kerberos, AFS, license mgr. 4) Protection from compromised resources Resource Owner View API/SDK with authentication, flexible message protection, flexible communication, delegation, ... Direct calls to various security functions (e.g. GSS-API) Or security integrated into higher-level SDKs: E.g. GlobusIO, Condor-G, MPICH-G2, etc. Developer View Introduction to the Globus Toolkit™

17 Introduction to the Globus Toolkit™
GSI in Action “Create Processes at A and B that Communicate & Access Files at C” Single sign-on via “grid-id” & generation of proxy cred. Or: retrieval of proxy cred. from online repository User Proxy Proxy credential User GSI-enabled GRAM server Remote process creation requests* * With mutual authentication Site A (Kerberos) Process Kerberos ticket Restricted proxy Local id Authorize Map to local id Create process Generate credentials Ditto Site B (Unix) Computer Computer Communication* GSI-enabled FTP server Authorize Map to local id Access file Remote file access request* Site C (Kerberos) Storage system Introduction to the Globus Toolkit™

18 Community Authorization Service
Question: How does a large community grant its users access to a large set of resources? Should minimize burden on both the users and resource providers Community Authorization Service (CAS) Community negotiates access to resources Resource outsources authorization to CAS Resource only knows about “CAS user” credential CAS handles user registration, group membership… User who wants access to resource asks CAS for a capability credential Restricted proxy of the “CAS user” cred., checked by resource Introduction to the Globus Toolkit™

19 Community Authorization (Prototype shown August 2001)
CAS 1. CAS request, with resource names and operations Does the collective policy authorize this request for this user? user/group membership resource/collective information 2. CAS reply, with and resource CA info capability User 3. Resource request, authenticated with capability Resource Is this request authorized for the CAS? authorized by the capability? local policy information 4. Resource reply Introduction to the Globus Toolkit™

20 Community Authorization Service
CAS provides user community with information needed to authenticate resources Sent with capability credential, used on connection with resource Resource identity (DN), CA This allows new resources/users (and their CAs) to be made available to a community through the CAS without action on the other user’s/resource’s part Introduction to the Globus Toolkit™

21 Passport Online CA & MyProxy
Requiring users to manage their own certs and keys is annoying and error prone A solution: Leverage Passport global authentication to obtain a proxy credential Passport provides Globally unique user name ( address) Method of verifying ownership of the name (authentication) Re-issuance (e.g. forgotten password) Passport credentials can be presented to an online CA or credential repository Creates and issues new (restricted) proxy certificate to the user on demand Introduction to the Globus Toolkit™

22 Introduction to the Globus Toolkit™
Security Summary GSI successfully addresses wide variety of Grid security issues Broad acceptance, deployment, integration with tools Standardization on-going in IETF & GGF Ongoing R&D to address next set of issues For more information: “A Security Architecture for Computational Grids” “Design and Deployment of a National-Scale Authentication Infrastructure” Introduction to the Globus Toolkit™

23 The Globus Toolkit™: Resource Management

24 Introduction to the Globus Toolkit™
The Challenge Enabling secure, controlled remote access to heterogeneous computational resources and management of remote computation Authentication and authorization Resource discovery & characterization Reservation and allocation Computation monitoring and control Addressed by new protocols & services GRAM protocol as a basic building block Resource brokering & co-allocation services GSI for security, MDS for discovery Introduction to the Globus Toolkit™

25 Introduction to the Globus Toolkit™
Resource Management The Grid Resource Allocation Management (GRAM) protocol and client API allows programs to be started on remote resources, despite local heterogeneity Resource Specification Language (RSL) is used to communicate requirements A layered architecture allows application-specific resource brokers and co-allocators to be defined in terms of GRAM services Integrated with Condor, PBS, MPICH-G2, … Introduction to the Globus Toolkit™

26 Resource Management Architecture
Broker RSL specialization RSL Application Queries Information Service & Info Ground RSL Co-allocator Simple ground RSL Local resource managers GRAM GRAM GRAM LSF Condor NQE Introduction to the Globus Toolkit™

27 Resource Specification Language
Common notation for exchange of information between components Syntax similar to MDS/LDAP filters RSL provides two types of information: Resource requirements: Machine type, number of nodes, memory, etc. Job configuration: Directory, executable, args, environment Globus Toolkit provides an API/SDK for manipulating RSL Introduction to the Globus Toolkit™

28 Introduction to the Globus Toolkit™
RSL Syntax Elementary form: parenthesis clauses (attribute op value [ value … ] ) Operators Supported: <, <=, =, >=, > , != Some supported attributes: executable, arguments, environment, stdin, stdout, stderr, resourceManagerContact, resourceManagerName Unknown attributes are passed through May be handled by subsequent tools Introduction to the Globus Toolkit™

29 Introduction to the Globus Toolkit™
Constraints: “&” For example: & (count>=5) (count<=10) (max_time=240) (memory>=64) (executable=myprog) “Create 5-10 instances of myprog, each on a machine with at least 64 MB memory that is available to me for 4 hours” Introduction to the Globus Toolkit™

30 Introduction to the Globus Toolkit™
Disjunction: “|” For example: & (executable=myprog) ( | (&(count=5)(memory>=64)) (&(count=10)(memory>=32))) Create 5 instances of myprog on a machine that has at least 64MB of memory, or 10 instances on a machine with at least 32MB of memory Introduction to the Globus Toolkit™

31 Globus Toolkit Implementation
Gatekeeper Single point of entry Authenticates user, maps to local security environment, runs service In essence, a “secure inetd” Job manager A gatekeeper service Layers on top of local resource management system (e.g., PBS, LSF, etc.) Handles remote interaction with the job Introduction to the Globus Toolkit™

32 Introduction to the Globus Toolkit™
GRAM Components MDS client API calls to locate resources Client MDS: Grid Index Info Server MDS client API calls to get resource info Site boundary GRAM client API calls to request resource allocation and process creation. MDS: Grid Resource Info Server Query current status of resource GRAM client API state change callbacks Grid Security Infrastructure Local Resource Manager Allocate & create processes Request Job Manager Create Gatekeeper Process Parse Monitor & control Process RSL Library Process Introduction to the Globus Toolkit™

33 The Globus Toolkit™: Information Services

34 Grid Information Services
System information is critical to operation of the grid and construction of applications What resources are available? Resource discovery What is the “state” of the grid? Resource selection How to optimize resource use Application configuration and adaptation? We need a general information infrastructure to answer these questions Introduction to the Globus Toolkit™

35 Examples of Useful Information
Characteristics of a compute resource IP address, software available, system administrator, networks connected to, OS version, load Characteristics of a network Bandwidth and latency, protocols, logical topology Characteristics of the Globus infrastructure Hosts, resource managers Introduction to the Globus Toolkit™

36 Grid Information Service
Provide access to static and dynamic information regarding system components A basis for configuration and adaptation in heterogeneous, dynamic environments Requirements and characteristics Uniform, flexible access to information Scalable, efficient access to dynamic data Access to multiple information sources Decentralized maintenance Introduction to the Globus Toolkit™

37 The GIS Problem: Many Information Sources, Many Views
VO B VO A ? VO C R R R R ? R R R R ? R R R R ? R R R R R Introduction to the Globus Toolkit™

38 Two Classes Of Metacomputing Directory Service (MDS) Servers
Grid Resource Information Service (GRIS) Supplies information about a specific resource Configurable to support multiple information providers LDAP as inquiry protocol Grid Index Information Service (GIIS) Supplies collection of information which was gathered from multiple GRIS servers Supports efficient queries against information which is spread across multiple GRIS server Introduction to the Globus Toolkit™

39 Grid Resource Information Service
Server which runs on each resource Given the resource DNS name, you can find the GRIS server (well known port = 2135) Provides resource specific information Much of this information may be dynamic Load, process information, storage information, etc. GRIS gathers this information on demand “White pages” lookup of resource information Ex: How much memory does machine have? “Yellow pages” lookup of resource options Ex: Which queues on machine allows large jobs? Introduction to the Globus Toolkit™

40 Grid Index Information Service
GIIS describes a class of servers Gathers information from multiple GRIS servers Each GIIS is optimized for particular queries Ex1: Which Alliance machines are >16 process SGIs? Ex2: Which Alliance storage servers have >100Mbps bandwidth to host X? Akin to web search engines Organization GIIS The Globus Toolkit ships with one GIIS Caches GRIS info with long update frequency Useful for queries across an organization that rely on relatively static information (Ex1 above) Can be merged into GRIS Introduction to the Globus Toolkit™

41 Logical MDS Deployment
Grads Gusto GIIS ISI GRISes Introduction to the Globus Toolkit™

42 Example: Discovering CPU Load
Retrieve CPU load fields of compute resources % grid-info-search -L “(objectclass=GlobusComputeResource)” \ dn cpuload1 cpuload5 cpuload15 dn: hn=lemon.mcs.anl.gov, ou=MCS, o=Argonne National Laboratory, o=Globus, c=US cpuload1: 0.48 cpuload5: 0.20 cpuload15: 0.03 dn: hn=tuva.mcs.anl.gov, ou=MCS, o=Argonne National Laboratory, o=Globus, c=US cpuload1: 3.11 cpuload5: 2.64 cpuload15: 2.57 Introduction to the Globus Toolkit™

43 The Globus Toolkit™: Data Management

44 Introduction to the Globus Toolkit™
Data Grid Problem “Enable a geographically distributed community [of thousands] to pool their resources in order to perform sophisticated, computationally intensive analyses on Petabytes of data” Note that this problem: Is common to many areas of science Overlaps strongly with other Grid problems Introduction to the Globus Toolkit™

45 Examples of Desired Data Grid Functionality
High-speed, reliable access to remote data Automated discovery of “best” copy of data Manage replication to improve performance Co-schedule compute, storage, network “Transparency” wrt delivered performance Enforce access control on data Allow representation of “global” resource allocation policies Introduction to the Globus Toolkit™

46 A Model Architecture for Data Grids
Attribute Specification Replica Catalog Metadata Catalog Application Multiple Locations Logical Collection and Logical File Name Selected Replica MDS Replica Selection GridFTP Control Channel Disk Cache GridFTP Data Channel Tape Library Disk Array Disk Cache Replica Location 1 Replica Location 2 Replica Location 3 Introduction to the Globus Toolkit™

47 Globus Toolkit Components
Two major Data Grid components: 1. Data Transport and Access Common protocol Secure, efficient, flexible, extensible data movement Family of tools supporting this protocol 2. Replica Management Architecture Simple scheme for managing: multiple copies of files collections of files Introduction to the Globus Toolkit™

48 Data Transport and Access -- GridFTP
Why FTP? Ubiquity enables interoperation with many commodity tools Already supports many desired features, easily extended to support others Well understood and supported We use the term GridFTP to refer to Transfer protocol which meets requirements Family of tools which implement the protocol Note GridFTP > FTP Note that despite name, GridFTP is not restricted to file transfer! Introduction to the Globus Toolkit™

49 GridFTP: Basic Approach
FTP protocol is defined by several IETF RFCs Start with most commonly used subset Standard FTP: get/put etc., 3rd-party transfer Implement standard but often unused features GSS binding, extended directory listing, simple restart Extend in various ways, while preserving interoperability with existing servers Striped/parallel data channels, partial file, automatic & manual TCP buffer setting, progress monitoring, extended restart Introduction to the Globus Toolkit™

50 (Prototype) Striped GridFTP Server
GridFTP client To Client or Another Striped GridFTP Server GridFTP Control Channel GridFTP Data Channels mpirun GridFTP Server Parallel Backend GridFTP server master Plug-in Control Plug-in Control Plug-in Control MPI (Comm_World) Plug-in Control Control socket MPI (Sub-Comm) MPI-IO Parallel File System (e.g. PVFS, PFS, etc.) Introduction to the Globus Toolkit™

51 Introduction to the Globus Toolkit™
Future Directions Continued enhancement & standardization of protocol Globus Toolkit libraries provide reference implementation Continue building on libraries Striped server w/ server side processing Reliable replica/copy management service Proxies for firewalls & load balancing Work with more application communities Introduction to the Globus Toolkit™

52 The Globus Toolkit™: Futures & Conclusions

53 The Future: All Software is Network-Centric
We don’t build or buy “computers” anymore, we borrow or lease required resources When I walk into a room, need to solve a problem, need to communicate A “computer” is a dynamically, often collaboratively constructed collection of processors, data sources, sensors, networks Introduction to the Globus Toolkit™

54 Introduction to the Globus Toolkit™
And Thus … Reduced barriers to access mean that we do much more computing, and more interesting computing, than today => Many more components (& services); massive parallelism All resources are owned by others => Sharing (for fun or profit) is fundamental; trust, policy, negotiation, payment All computing is performed on unfamiliar systems => Dynamic behaviors, discovery, adaptivity, failure Introduction to the Globus Toolkit™

55 Introduction to the Globus Toolkit™
Summary The Grid problem: Resource sharing & coordinated problem solving in dynamic, multi-institutional virtual organizations Grid architecture emphasizes systems problem Protocols & services, to facilitate interoperability and shared infrastructure services Globus Toolkit™: APIs, SDKs, and tools which implement Grid protocols & services Provides basic software infrastructure for suite of tools addressing the programming problem Introduction to the Globus Toolkit™

Download ppt "Introduction to Grid Computing and the Globus Toolkit™"

Similar presentations

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.
The Anatomy of the Grid: An Integrated View of Grid Architecture Carl Kesselman USC/Information Sciences Institute Ian Foster, Steve Tuecke Argonne National.

The Anatomy of the Grid: An Integrated View of Grid Architecture Carl Kesselman USC/Information Sciences Institute Ian Foster, Steve Tuecke Argonne National.
FP7-INFRA-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE Induction Grid training for users, Institute of Physics Belgrade, Serbia Sep. 19, 2008.

FP7-INFRA Enabling Grids for E-sciencE EGEE Induction Grid training for users, Institute of Physics Belgrade, Serbia Sep. 19, 2008.
High Performance Computing Course Notes 2007-2008 Grid Computing.

High Performance Computing Course Notes Grid Computing.
Network+ Guide to Networks, Fourth Edition

Network+ Guide to Networks, Fourth Edition
A Computation Management Agent for Multi-Institutional Grids

A Computation Management Agent for Multi-Institutional Grids
USING THE GLOBUS TOOLKIT This summary by: Asad Samar / CALTECH/CMS Ben Segal / CERN-IT FULL INFO AT:

USING THE GLOBUS TOOLKIT This summary by: Asad Samar / CALTECH/CMS Ben Segal / CERN-IT FULL INFO AT:
Introduction to Grid Computing The Globus Project™ Argonne National Laboratory USC Information Sciences Institute Copyright (c)

Introduction to Grid Computing The Globus Project™ Argonne National Laboratory USC Information Sciences Institute Copyright (c)
Workload Management Workpackage Massimo Sgaravatto INFN Padova.

Workload Management Workpackage Massimo Sgaravatto INFN Padova.
Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © 2009. Chapter 1, pp 19-28. For educational use only.

Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © Chapter 1, pp For educational use only.
1-2.1 Grid computing infrastructure software Brief introduction to Globus © 2010 B. Wilkinson/Clayton Ferner. Spring 2010 Grid computing course. Modification.

1-2.1 Grid computing infrastructure software Brief introduction to Globus © 2010 B. Wilkinson/Clayton Ferner. Spring 2010 Grid computing course. Modification.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Milos Kobliha Alejandro Cimadevilla Luis de Alba Parallel Computing Seminar GROUP 12.

Milos Kobliha Alejandro Cimadevilla Luis de Alba Parallel Computing Seminar GROUP 12.
Workload Management Massimo Sgaravatto INFN Padova.

Workload Management Massimo Sgaravatto INFN Padova.
Grid Computing, B. Wilkinson, 20046c.1 Globus III - Information Services.

Grid Computing, B. Wilkinson, 20046c.1 Globus III - Information Services.
Grids and Globus at BNL Presented by John Scott Leita.

Grids and Globus at BNL Presented by John Scott Leita.
Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.

Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Resource Management Reading: “A Resource Management Architecture for Metacomputing Systems”

Resource Management Reading: “A Resource Management Architecture for Metacomputing Systems”
Grid Toolkits Globus, Condor, BOINC, Xgrid Young Suk Moon.

Grid Toolkits Globus, Condor, BOINC, Xgrid Young Suk Moon.

Similar presentations

Ads by Google