Presentation is loading. Please wait.

Presentation is loading. Please wait.

Catania Science Gateway Framework Motivations, architecture, features Catania, 09/06/2014Riccardo Rotondo

Published byGarey Griffin Modified over 9 years ago

Similar presentations

Presentation on theme: "Catania Science Gateway Framework Motivations, architecture, features Catania, 09/06/2014Riccardo Rotondo"— Presentation transcript:

1 Catania Science Gateway Framework Motivations, architecture, features Catania, 09/06/2014Riccardo Rotondo riccardo.rotondo@ct.infn.it

2 Catania Science Gateway Framerwork 2  Authentication & Authorisation  Job Management  e-Infrastructure Service & Data Service  Cloud

3 3

4 AuthN/AuthZ Schema 4 e-Infrastructures Federation 1. Try to login 3. Identity attributes 2. Forwarded to the IdP 4. Check authorisations Sync user roles Retrieve e-Infrastructure credentials Science Gateway VAMP Workshop 2013 – Helsinki, 30/9-1/10/2013

5 Federated User 5 Science Gateway

6 Social User 6 Science Gateway

7 Roles & Privileges  Surfing a Science Gateway changes according different roles  Mapping between Liferay roles and LDAP group  Similar mapping available on grid (i.e. voms roles)  Liferay allows administrator to fully customize users experience assigning different roles to each components (pages, wikis, plugins, data) 7

8 Liferay user database  Liferay supports several system to store users data, both local and remote  Supporting the largest number of users in the easiest way  A modular way to distinguish between different services and privileges is need  Science Gateways stores users on an LDAP server 8

9 Authentication  Authentication is demanded on external IDP  Communication between Liferay and the IDP happens thanks to Shibboleth  Shibboleth plugin, installed on Liferay, is responsible to read the token coming from the IDP and to pass it to Liferay 9

10 Authorisation  Authorisation is demanded to the LDAP server  Liferay, through a plugin implemented, request to Shibboleth the mail address(es) an try a match with the ones stored (local, remote) 10

11 Registration  In the act of registration user data must be written on the LDAP connected to Liferay  A portlet has been developed to perform this actions 11

12 12

13 Integrated Services GRID CLOUD JSR 168/268 Catania Science Gateway Framework Local Cluster 13

14 Job Engine at work October 8th, 2013Riccardo Rotondo14 1. Sign in eTokenServer User Track- ing DB 3. Proxy request* 4. Proxy transfer* 5. e-Infra Interactions 5. Tracking 2. Grid Request 6. Getting Results * or equivalent e-Infra auth

15 Job Engine - Architecture WT Worker Threads for Job Submission WT Worker Threads for Job Check Status USERS TRACKING DB MONITORING MODULE Resources Jobs Queue WT Jobs Submission Jobs Check status/ Get output 15

16 Glassfish Integration  Access to database is not direct but make use of Glassfish connection pools and hibernate  JNDI resource are used as well in order to offer some functionalities working behind the scene of job submission:  Thread pool responsible for job submission  Thread pool responsible for job status updates  Thread pool responsible for retrieving job output 16

17 17

18 Science Gateway paradigm  Efforts to grant easy yet secure access to remote services and related resources brought to the birth of Science Gateways  Virtual Research Communities access remote resources in a collaboration environment that hides the underlying complexity  SGs help many users to better use the enormous grid computational power  Is large grid&cloud data storage accessible as well in such an easy way? 18

19 Motivations Um… isn’t your computer on fire ? It’s ok, my files are stored in a safer place. Image source: 19

20 Grid Data Management Challenges  Make interfaces simple for non expert users  CLI-based Grid storage interface is not straightforward  Transactions to different e-Infrastructures require different authentication method  Should this transaction involve the Science Gateway directly?  Complexity of current protocols to manage different storage elements  Offer an easy intuitive interface to the end users 20

21 Requirements  Storage complexity hidden to end users  Users move files from/to a portal and see it as simple external storage accessible from a web interface and do not care about grid (or any other) technologies behind  File management smoothly integrated with all the services provided in the SG  Underlining architecture exposes a file-system-like view (i.e., a Virtual File System or VFS) through which users can perform the following actions:  Create, move, delete files/directories with the desired structure  Share files with other users  Set the number of backup copies desired 21

22 Implementations  Virtual File System requires a database to map users, virtual resource and real resource  Object-relation mapping approach  Liferay Service Builder  Database tables are not used only to keep trace of resource (file) but to define referring e-Infrastructures too  Planning to support up to 4 different e-Infrastructures: local, remote, grid, cloud 22

23 References  Catania Science Gateways url: http://www.catania- science-gateways.ithttp://www.catania- science-gateways.it  Catania Science Gateway Sourceforge Project: http://sourceforge.net/projects/ctsciencegtwys/ http://sourceforge.net/projects/ctsciencegtwys/  Gilda Portal (for developers): http://gilda.ct.infn.it/http://gilda.ct.infn.it/ 23

24 24

25 My Cloud (cloud interoperability based on OCCI Standard 25

26 Questions ? 26

Download ppt "Catania Science Gateway Framework Motivations, architecture, features Catania, 09/06/2014Riccardo Rotondo"

Similar presentations

Www.gisela-grid.eu Grid Initiatives for e-Science virtual communities in Europe and Latin America The VRC-driven GISELA Science Gateway Diego Scardaci.

Grid Initiatives for e-Science virtual communities in Europe and Latin America The VRC-driven GISELA Science Gateway Diego Scardaci.
Data Management Expert Panel - WP2. WP2 Overview.

Data Management Expert Panel - WP2. WP2 Overview.
Federated access to e-Infrastructures worldwide

Federated access to e-Infrastructures worldwide
Introduction on Science Gateway Understanding access and functionalities Catania, 09/06/2014Riccardo Rotondo

Introduction on Science Gateway Understanding access and functionalities Catania, 09/06/2014Riccardo Rotondo
CGW 2009 Vine Toolkit A uniform access and portal solution to existing grid middleware services P.Dziubecki, T.Kuczynski, K.Kurowski, D.Szejnfeld, D.Tarnawczyk,

CGW 2009 Vine Toolkit A uniform access and portal solution to existing grid middleware services P.Dziubecki, T.Kuczynski, K.Kurowski, D.Szejnfeld, D.Tarnawczyk,
SWIM WEB PORTAL by Dipti Aswath SWIM Meeting ORNL Oct 15-17, 2007.

SWIM WEB PORTAL by Dipti Aswath SWIM Meeting ORNL Oct 15-17, 2007.
GGF Toronto 19.02.02 Spitfire A Relational DB Service for the Grid Peter Z. Kunszt European DataGrid Data Management CERN Database Group.

GGF Toronto Spitfire A Relational DB Service for the Grid Peter Z. Kunszt European DataGrid Data Management CERN Database Group.
Kerim KORKMAZ A. Tolga KILINÇ H. Özgür BATUR Berkan KURTOĞLU.

Kerim KORKMAZ A. Tolga KILINÇ H. Özgür BATUR Berkan KURTOĞLU.
Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.

Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.
Widely Distributed Access Management Tom Barton University of Chicago.

Widely Distributed Access Management Tom Barton University of Chicago.
Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.

Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.
Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Research Infrastructures – Proposal n. 306819 A Standard-based.

Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Research Infrastructures – Proposal n A Standard-based.
WP6: Grid Authorization Service Review meeting in Berlin, March 8 th 2004 Marcin Adamski Michał Chmielewski Sergiusz Fonrobert Jarek Nabrzyski Tomasz Nowocień.

WP6: Grid Authorization Service Review meeting in Berlin, March 8 th 2004 Marcin Adamski Michał Chmielewski Sergiusz Fonrobert Jarek Nabrzyski Tomasz Nowocień.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
AAF Middleware update February16 2012 Presented by Terry Smith Technical Manager and Heath Marks Manager.

AAF Middleware update February Presented by Terry Smith Technical Manager and Heath Marks Manager.
Riccardo Bruno INFN.CT Sevilla, 10-14 Sep 2007 The GENIUS Grid portal.

Riccardo Bruno INFN.CT Sevilla, Sep 2007 The GENIUS Grid portal.
DIRAC Web User Interface A.Casajus (Universitat de Barcelona) M.Sapunov (CPPM Marseille) On behalf of the LHCb DIRAC Team.

DIRAC Web User Interface A.Casajus (Universitat de Barcelona) M.Sapunov (CPPM Marseille) On behalf of the LHCb DIRAC Team.
The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) Grid Engine Riccardo Rotondo

The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) Grid Engine Riccardo Rotondo
Portlet Framework: the Liferay way Liferay Service Builder, Portlet MVC Catania, 10/06/2014Riccardo Rotondo.

Portlet Framework: the Liferay way Liferay Service Builder, Portlet MVC Catania, 10/06/2014Riccardo Rotondo.
1.The portal sends, under the user approval, user’s attribute retrieved from IDP to CA bridge 2.CA bridge module requests to a CA-online a certificate.

1.The portal sends, under the user approval, user’s attribute retrieved from IDP to CA bridge 2.CA bridge module requests to a CA-online a certificate.

Similar presentations

Ads by Google