Presentation is loading. Please wait.

Presentation is loading. Please wait.

Last update 31/01/2016 15:41 LCG 1 Maria Dimou Procedures for introducing new Virtual Organisations to EGEE NA4 Open Meeting Catania.

Published byGary Reynolds Modified over 8 years ago

Similar presentations

Presentation on theme: "Last update 31/01/2016 15:41 LCG 1 Maria Dimou Procedures for introducing new Virtual Organisations to EGEE NA4 Open Meeting Catania."— Presentation transcript:

1 last update 31/01/2016 15:41 LCG 1 Maria Dimou Procedures for introducing new Virtual Organisations to EGEE NA4 Open Meeting Catania

2 last update 31/01/2016 15:41 LCG 2 Maria Dimou Presentation Outline Steps to integrate a new VO into LCG/EGEE: 1.A site has to run the VO server and Registration Service, 2.A site (same or different) has to run the Replica Location Service (RLS) and 3.Several sites have to agree to support this new VO, i.e. to provide CPU and storage resources in the service of the VO members.

3 last update 31/01/2016 15:41 LCG 3 Maria Dimou Step 1: Registration & VO server options 1.Use the LCG LDAP server, appoint your VO manager, use the LCG registration service. 2.Set-up your LDAP server, appoint your VO manager, use the LCG registration service. 3.Set-up your LDAP server, appoint your VO manager, set-up your registration service. 4.No LDAP server, appoint your VO manager, set-up a new registration service.

4 last update 31/01/2016 15:41 LCG 4 Maria Dimou More on Step 1 Option 1 LCG LDAP server, your VO manager, LCG registration service:  Appropriate for initial tests that will involve a limited number of users, on the order of 10, and will use only a limited amount of data and CPU.  Ask your community to register with NA4test, an 'umbrella' LDAP-based VO, configured at CERN, that will host EGEE VOs at the beginning.  The advantage is that, if you are responsible for such a VO, you have nothing to set-up.  Make sure your NA4 ROC manager is informed about your choice.  NA4test VO managers contactable via project-egee-vo- na4test-admin@cern.ch.project-egee-vo- na4test-admin@cern.ch  Other VOs handled according to this model: DTEAM and SixT.

5 last update 31/01/2016 15:41 LCG 5 Maria Dimou More on Step 1 Option 2 Your LDAP server, your VO manager, LCG registration service:  We offer instructions for setting up your LDAP server in http://cern.ch/grid-deployment/cgi- bin/index.cgi?var=gis/vo-setuphttp://cern.ch/grid-deployment/cgi- bin/index.cgi?var=gis/vo-setup  You communicate to us the email of your VO manager.  We (LCG) configure the prompt for your users to register in https://lcg-registrar.cern.chhttps://lcg-registrar.cern.ch  VOs handled according to this model: The four LHC experiments, the (non-LHC) experiments H1, Zeus, BaBar, D0 and the EGEE biomedical VO.

6 last update 31/01/2016 15:41 LCG 6 Maria Dimou What the LCG Registration looks like today Users must read the 5-page long LCG Usage Rules, governing the use of Grid resources. If they agree to adhere to these rules, then they:LCG Usage Rules 1.Obtain a valid X.509 personal digital certificate from their Certification Authority (CA).Obtain 2.Load that certificate onto their browser to provide their DistinguishedName (DN).Load 3.Fill the LCG Registration Form to:LCG Registration Form  Confirm their adherence to the LCG Usage Rules.  Select the VO they are affiliated with.

7 last update 31/01/2016 15:41 LCG 7 Maria Dimou More on Step 1 Option 3 Your LDAP server, your VO manager, your registration service:  Use the LDAP set-up instructions http://cern.ch/grid- deployment/cgi-bin/index.cgi?var=gis/vo-setup.http://cern.ch/grid- deployment/cgi-bin/index.cgi?var=gis/vo-setup  Take the LCG-Registrar scripts for processing the user requests from CVS location: http://lcgdeploy.cvs.cern.ch/cgi- bin/lcgdeploy.cgi/www_lcg_registrar/cgi-bin/register/ http://lcgdeploy.cvs.cern.ch/cgi- bin/lcgdeploy.cgi/www_lcg_registrar/cgi-bin/register/  We offer an example on how to use these scripts in the DTEAM VO update procedure http://cern.ch/grid- deployment/cgi-bin/index.cgi?var=gis/dteam-update.DTEAM VO update procedure  VOs handled according to this model: None (?)

8 last update 31/01/2016 15:41 LCG 8 Maria Dimou More on Step 1 Option 4 No LDAP server, your VO manager, a new registration service:  Using VOMS/VOMRS instead of LDAP is our aim because:  CN name clashes are not allowed in the LDAP model.  One can only belong to a single VO.  LDAP doesn’t contain the user’s “Role” in the VO.  LCG operates a test VOMS server populated with the 4 LHC experiments’ and the DTEAM VO members.  VOMS-admin bug-fixing work is going on in the LCG Deployment Team.  There is a need to coordinate better EGEE and LCG evaluation and testing efforts in this area.

9 last update 31/01/2016 15:41 LCG 9 Maria Dimou Propagating a new VO to the Grid As soon as a VO is configured the following lines will be added in the grid-map configuration file of each Computing Element (CE), Resource Broker (RB) and Storage Element (SE): For LDAP VOs: group ldap://your-ldap-server-fully-qualified-hostname/ou=group- in-your-vo,o=your-vo,dc=lcg,dc=org. Or for VOMS VOs: group vomss://your-voms-server-fully-qualified- hostname:8443/edg-voms-admin/your-vo. A valid user entry in your-vo will automatically appear in the grid-map file as: "/C=CH/O=CERN/OU=GRID/CN=Firstname Familyname“.your-vo

10 last update 31/01/2016 15:41 LCG 10 Maria Dimou VO integration Step 2: RLS  This step is optional.  If you wish your VO to appear in the Replica Location Service (RLS) either:  You have to identify a site that agrees to run the RLS for you. project-lcg-vo-sites@cern.ch contains all the site administrators.project-lcg-vo-sites@cern.ch  If you decide to set-up your own RLS, please search fro the relevant instructions in http://goc.grid.sinica.edu.tw/gocwiki/AdministrationFaq contact the deployment team at CERN : support-lcg- deployment@cern.ch http://goc.grid.sinica.edu.tw/gocwiki/AdministrationFaqsupport-lcg- deployment@cern.ch

11 last update 31/01/2016 15:41 LCG 11 Maria Dimou VO integration Step 3: support from sites  Several sites have to agree to support your new VO, i.e. to provide CPU and storage resources in the service of the VO members.  You should get in contact with sites that agree to host these services and grant access to their resources. project-lcg-vo-sites@cern.ch contains all the site administrators. project-lcg-vo-sites@cern.ch  Markus Schulz will explain site integration into EGEE.  Ian Bird (Ian.bird@cern.ch) should be contacted if you decide to deploy an new VO. He will pass the information to us in the Deployment Team for action.Ian.bird@cern.ch Thank you!

Download ppt "Last update 31/01/2016 15:41 LCG 1 Maria Dimou Procedures for introducing new Virtual Organisations to EGEE NA4 Open Meeting Catania."

Similar presentations

29 June 2006 GridSite - www.gridsite.org - Andrew McNabwww.gridsite.org VOMS and VOs Andrew McNab University of Manchester.

29 June 2006 GridSite Andrew McNabwww.gridsite.org VOMS and VOs Andrew McNab University of Manchester.
The LHC experiments AuthZ Interoperation requirements GGF16, Athens 16 February 2006 David Kelsey CCLRC/RAL, UK

The LHC experiments AuthZ Interoperation requirements GGF16, Athens 16 February 2006 David Kelsey CCLRC/RAL, UK
Last update 01/06/2014 03:23 LCG 1Maria Dimou- cern-it-gd Maria Dimou IT/GD Site Registration policy & procedures https://edms.cern.ch/document/503198/

Last update 01/06/ :23 LCG 1Maria Dimou- cern-it-gd Maria Dimou IT/GD Site Registration policy & procedures
INFSO-RI-508833 Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK

INFSO-RI Enabling Grids for E-sciencE Update on LCG/EGEE Security Policy and Procedures David Kelsey, CCLRC/RAL, UK
Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.

Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.
Summer School Certificates Diego Romano & Gilda Team.

Summer School Certificates Diego Romano & Gilda Team.
Basic Grid Job Submission Alessandra Forti 28 March 2006.

Basic Grid Job Submission Alessandra Forti 28 March 2006.
AustrianGrid, LCG & more Reinhard Bischof HPC-Seminar April 8 th 2005.

AustrianGrid, LCG & more Reinhard Bischof HPC-Seminar April 8 th 2005.
Joining the Grid Andrew McNab. 28 March 2006Andrew McNab – Joining the Grid Outline ● LCG – the grid you're joining ● Related projects ● Getting a certificate.

Joining the Grid Andrew McNab. 28 March 2006Andrew McNab – Joining the Grid Outline ● LCG – the grid you're joining ● Related projects ● Getting a certificate.
Chapter Accreditation Online System Usage Tutorial Department of Member Relations & Grants National Children’s Alliance.

Chapter Accreditation Online System Usage Tutorial Department of Member Relations & Grants National Children’s Alliance.
GRACE Project IST-2001-38100 EGAAP meeting – Den Haag, 25/11/2004 Giuseppe Sisto – Telecom Italia Lab.

GRACE Project IST EGAAP meeting – Den Haag, 25/11/2004 Giuseppe Sisto – Telecom Italia Lab.
The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) VOMS Installation and configuration Bouchra

The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) VOMS Installation and configuration Bouchra
EGEE ARM-2 – 5 Oct 2004 - 1 LCG Security Coordination Ian Neilson LCG Security Officer Grid Deployment Group CERN.

EGEE ARM-2 – 5 Oct LCG Security Coordination Ian Neilson LCG Security Officer Grid Deployment Group CERN.
GGF12 – 20 Sept 2004 - 1 LCG Incident Response Ian Neilson LCG Security Officer Grid Deployment Group CERN.

GGF12 – 20 Sept LCG Incident Response Ian Neilson LCG Security Officer Grid Deployment Group CERN.
VOMS Alessandra Forti HEP Sysman meeting 27-28 April 2005.

VOMS Alessandra Forti HEP Sysman meeting April 2005.
Monitoring in EGEE EGEE/SEEGRID Summer School 2006, Budapest Judit Novak, CERN Piotr Nyczyk, CERN Valentin Vidic, CERN/RBI.

Monitoring in EGEE EGEE/SEEGRID Summer School 2006, Budapest Judit Novak, CERN Piotr Nyczyk, CERN Valentin Vidic, CERN/RBI.
The huge amount of resources available in the Grids, and the necessity to have the most up-to-date experimental software deployed in all the sites within.

The huge amount of resources available in the Grids, and the necessity to have the most up-to-date experimental software deployed in all the sites within.
SouthGrid www.southgrid.ac.uk SouthGrid SouthGrid is a distributed Tier 2 centre, one of four setup in the UK as part of the GridPP project. SouthGrid.

SouthGrid SouthGrid SouthGrid is a distributed Tier 2 centre, one of four setup in the UK as part of the GridPP project. SouthGrid.
Responsibilities of ROC and CIC in EGEE infrastructure A.Kryukov, SINP MSU, CIC Manager Yu.Lazin, IHEP, ROC Manager

Responsibilities of ROC and CIC in EGEE infrastructure A.Kryukov, SINP MSU, CIC Manager Yu.Lazin, IHEP, ROC Manager
13-Jul-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the Joint LCG/EGEE Security Group) CERN 13 July 2004 David Kelsey CCLRC/RAL,

13-Jul-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the Joint LCG/EGEE Security Group) CERN 13 July 2004 David Kelsey CCLRC/RAL,

Similar presentations

Ads by Google