Presentation is loading. Please wait.

Presentation is loading. Please wait.

Widening the number of e-Infrastructure users with Science Gateways and Identity Federations Giuseppe Andronico INFN -

Published byShauna Lee Modified over 9 years ago

Similar presentations

Presentation on theme: "Widening the number of e-Infrastructure users with Science Gateways and Identity Federations Giuseppe Andronico INFN -"— Presentation transcript:

1 Widening the number of e-Infrastructure users with Science Gateways and Identity Federations Giuseppe Andronico (giuseppe.andronico@ct.infn.it) INFN - Italy Workshop on Science Applications And Infrastructure In Clouds And Grids– Oxford,15-16 March 2012

2 Outline  Introduction and driving considerations  The Science Gateway paradigm:  Architecture  Authentication and Authorisation Schema  Access workflow  Grid transaction model  The Authentication process  Use cases and statistics  The forthcoming Cloud Engine  Summary and conclusions 2

3 Path to technology uptake The Rogers “bell-shape” curve - Rogers, E. M. (1962), “Diffusion of Innovations”, Glencoe: Free Press. 3

4 IT acceptance model – the Web Davis, F. D. (1989), "Perceived usefulness, perceived ease of use, and user acceptance of information technology", MIS Quarterly 13(3): 319–340 Development of web browsers The World Wide Web 4

5 The evolution leap in web browsers 5 evolution leap 5

6 The eResearch2020 report (http://www.eresearch2020.eu/eResearch%20Brochure%20EN.pdf) Some barriers in the adoption of Grids:  Changes on Grids means changes on applications  Time required to adapt usual workflows  Lack of structure to support anonymous access  Download and installation of applications  Interface  Slow to get to compared to other resources  Difficult to use in the beginning  Time spent to get the application compiled and running 6

7 Using Grids is not straightforward  Users have to cope with complex security procedures, execution scripts, job description languages, command line based interfaces and lack of standards. This makes the learning curve very steep and keeps non IT-experts away.

8 Another consideration… VRCs # of users There is a huge number of non IT-experts out there who do not belong to any constituted Virtual Research Community. How can we attract them ? 8

9 I have a dream… Can we increase the number of potential grid users by a factor of 1,000 ? … or even by a factor of 25,000 and more ? 9

10 A new paradigm: the Science Gateway “A Science Gateway is a community-developed set of tools, applications, and data that is integrated via a portal or a suite of applications, usually in a graphical user interface, that is further customized to meet the needs of a specific community.” Teragrid 10

11 Davis, F. D. (1989), "Perceived usefulness, perceived ease of use, and user acceptance of information technology", MIS Quarterly 13(3): 319–340 Development of Science Gateway Requirement for sustainability IT acceptance model – the Grid 11

12 Primary requirement: building Science Gateways should be like playing with Sc. Gtwy E Sc. Gtwy DSc. Gtwy CSc. Gtwy B Sc. Gtwy A Standards Simplicity Easiness of use Re-usability 12

13 Our reference model 13....... Science Gateway Science Gateway App. 1 App. 2 App. N Embedded Applications Administrator Power User Basic User Users from different organisations having different roles and privileges Standard-based (SAGA) middleware-independent Grid Engine Standard-based (SAGA) middleware-independent Grid Engine 13

14 AuthN & AuthZ Schema AuthorisationAuthorisation Science Gateway GrIDP (“catch-all”) GrIDP (“catch-all”) IDPCT (“catch- all”) IDPCT (“catch- all”) IDP_y LDAP......... 1. Register to a Service 2. Sign in Authentication Social Networks’ Bridge IdP

15 The Grid IDentity Pool (GrIDP) (http://gridp.ct.infn.it) This is a “catch-all” Identity Federation

16 eduGAIN (www.edugain.org) All the Science Gateways are registered as Service Providers of eduGAIN 16

17 17 Grid Engine Users Tracking DB Science GW Interface SAGA/JSAGA API Job Engine Data Engine Users Track & Monit. Science GW 1 Science GW 2 Science GW 3 Grid MWs Liferay Portlets eToken Server DONEBy end of April Catania Grid Engine By mid April DONE 17

18 Job Engine - Architecture WT Worker Threads for Job Submission WT Worker Threads for Status Checking USER TRACKING DB MONITORING MODULE GRID INFRASTRUCTURE(S) Job Queue WT Job Submission Job Check Status/ Get Output 18

19 19 Job Engine - Features  The Job Engine has been designed with the following features in mind: FeatureDescriptionStatus Middleware Independent Capacity to submit job to resources running different middleware DONE EasinessCreate code to run applications on the grid in a very short time DONE ScalabilityManage a huge number of parallel job submissions fully exploiting the HW of the machine where the Job Engine is installed DONE PerformanceHave a good response timeDONE Accounting & Auditing Register every grid operation performed by the usersDONE Fault ToleranceHide middleware failure to end usersALMOST DONE WorkflowProviding a way to easily create and run workflowsIN PROGRESS

20 20 Job Engine – Scalability 40,000 jobs submitted in parallel ! Time to submit 10,000 jobs (h) Job submission time (h)  Submission time scales linearly with number of jobs  >10,000 jobs a hour 20

21 Both sequential and MPI-enabled jobs successfully executed Tests with Globus planned 21 Job Engine – Middleware interoperability

22 Job Engine – Accounting & Auditing  A powerful accounting & auditing system is included in the Job Engine  It is fully compliant with EGI VO Portal Policy and EGI Grid Security Traceability and Logging Policy  The following values are stored in the DB for each job submitted:  User ID  Job Submission timestamp  Job Done timestamp  Application name  Job ID  Robot certificate ID  VO name  Execution site (name, latitude, longitude) 22

23 Catania Science Gateways in numbers Overall usage (arb. units) 23

24 Data Engine – Requirements  A file browser shows Grid files in a tree  File system exposed by the Science Gateway is virtual  Easy transfers from/to Grid (through the SG at the moment) are done in a few clicks  Users do not need to care about how and where their files are really located 24

25 Data Engine – Usage Workflow 25 1. Sign in eTokenServer User Track. DB DOGS DB 5. File Upload 3. Proxy request 4. Proxy transfer 6. Update DB 7. Upload on Grid 7. Tracking 2. Upload request 25

26 DOGS: Data On Grid Services – Back-end implementation 26  JSAGA API used to transfer data from/to storage elements  Hibernate to manage the VFS collecting information on files stored on Grid; any changes/actions in the user view affect the VFS  MySQL as underlying RDBMS  An additional component has been developed in order to keep track of each transaction in the users tracking DB

27 DOGS: Data On Grid Services – Front-end implementation  A portlet has been created wit access provided only to federated users with given roles and privileges  The portlet view component includes elFinder, a web-based file manager developed in Javascript using jQuery UI for a dynamic and user friendly interface  http://elrte.org/elfinder http://elrte.org/elfinder 27

28 Data Engine in action (1/2) 28

29 Data Engine in action (2/2) «Share» to be added soon 29

30 Summary of standards adopted  The framework for Science Gateways developed at Catania is fully web-based and adopts official worldwide standards and protocols, through their most common implementations  These are:  The JSR 168 and JSR 286 standards (also known as "portlet 1.0" and "portlet 2.0" standards)JSR 168JSR 286  The OASIS Security Assertion Markup Language (SAML) standard and its Shibboleth and SimpleSAMLphp implementationsOASISSecurity Assertion Markup Language ShibbolethSimpleSAMLphp  The Lightweight Direct Access Protocol, and its OpenLDAP implementationOpenLDAP  The Cryptographic Token Interface Standard (PKCS#11) standard and its Cryptoki implementationCryptographic Token Interface Standard  The Open Grid Forum (OGF) Simple API for Grid Applications (SAGA) standard and its JSAGA implementationOpen Grid ForumSimple API for Grid ApplicationsJSAGA 30

31 INDICATE Review Roberto Barbera Lyon, 20/09/2011 http://www.indicate-project.eu http://indicate-gw.consorzio-cometa.it Science Gateways in action: e-Culture Science Gateway @ INDICATE

32 Use the HTTPS interface of Storage Elements Important for large-size files Science Gateways in action: e-Culture Science Gateway @ INDICATE 32

33 Science Gateways in action: e-Culture Science Gateway @ INDICATE

34 Thanks to the collaboration with Science Gateways in action: e-Culture Science Gateway @ INDICATE

35 Science Gateways in action: GATE @ EUMEDGRID

36 Science Gateways in action: MrBayes @ GISELA 36

37 Science Gateways in action: GridEEG @ DECIDE 37

38 The CHAIN Application Database (www.chain-project.eu/applications) Project-specific Science Gateways can be accessed from the CHAIN AppDB 38

39 Cloud Engine Users Tracking DB OCCI API Users Track & Monit. Cloud App 1 Cloud App 2 Cloud App N Cloud MW Cloud Gateway The forthcoming Cloud Engine AWS

40 Host Management Layer: Host Manager Performs physical resources monitoring and VEs allocation Cluster Management Layer: Cluster Manager Monitoring the overall state of the cluster, “coordinates” HMs External components: XMPP Server and Distributed Database XMPP advantages: host presence, open standard Central failure point does not exist: fault tolerance mechanism with multiple CM instances Virtual execution environment: CLEVER

41 Summary and conclusions  e-Infrastructures can be very beneficial platforms (especially for cultural heritage), provided they are really «easy to use»  Science Gateways with support for Identity Federations and Social Networks can revolutionize the way Grid infrastructures are used, hugely widening their potential user base, especially non-IT experts and the “citizen scientist”  The adoption of standards (JSR 286, SAGA, SAML, etc.) represents a concrete investment towards sustainability  By design, the components (the “portlets” – our “Lego bricks”) of our Science Gateways have maximum re-usability and, indeed, they have been already adopted in/by several projects (CHAIN, DECIDE, EarthServer, EUMEDGRID-Support, GISELA, INDICATE, etc.)  If you want to integrate your applications in our Science Gateways, or simply enable your websites with our authentication tools, please contact me at sg-licence@ct.infn.itsg-licence@ct.infn.it 41

42 Thank you 42

Download ppt "Widening the number of e-Infrastructure users with Science Gateways and Identity Federations Giuseppe Andronico INFN -"

Similar presentations

CHEP 2000, 10.02.2000Roberto Barbera Roberto Barbera (*) GENIUS: a Web Portal for the GRID Meeting Grid.it, Bologna, 14.02.2003 (*) work in collaboration.

CHEP 2000, Roberto Barbera Roberto Barbera (*) GENIUS: a Web Portal for the GRID Meeting Grid.it, Bologna, (*) work in collaboration.
Building Portals to access Grid Middleware National Technical University of Athens Konstantinos Dolkas, On behalf of Andreas Menychtas.

Building Portals to access Grid Middleware National Technical University of Athens Konstantinos Dolkas, On behalf of Andreas Menychtas.
Www.gisela-grid.eu Grid Initiatives for e-Science virtual communities in Europe and Latin America The VRC-driven GISELA Science Gateway Diego Scardaci.

Grid Initiatives for e-Science virtual communities in Europe and Latin America The VRC-driven GISELA Science Gateway Diego Scardaci.
Current status of grids: the need for standards Mike Mineter TOE-NeSC, Edinburgh.

Current status of grids: the need for standards Mike Mineter TOE-NeSC, Edinburgh.
EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Federated access to e-Infrastructures worldwide

Federated access to e-Infrastructures worldwide
Introduction on Science Gateway Understanding access and functionalities Catania, 09/06/2014Riccardo Rotondo

Introduction on Science Gateway Understanding access and functionalities Catania, 09/06/2014Riccardo Rotondo
Catania Grid & Cloud Engine Mario Torrisi Istituto Nazionale di Fisica Nucleare – Sezione di

Catania Grid & Cloud Engine Mario Torrisi Istituto Nazionale di Fisica Nucleare – Sezione di
Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Research Infrastructures – Proposal n. 306819 ABINIT,

Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Research Infrastructures – Proposal n ABINIT,
Catania Science Gateway Framework Motivations, architecture, features Catania, 09/06/2014Riccardo Rotondo

Catania Science Gateway Framework Motivations, architecture, features Catania, 09/06/2014Riccardo Rotondo
Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.

Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.
Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Research Infrastructures – Proposal n. 306819 A Standard-based.

Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Research Infrastructures – Proposal n A Standard-based.
Riccardo Bruno INFN.CT Sevilla, 10-14 Sep 2007 The GENIUS Grid portal.

Riccardo Bruno INFN.CT Sevilla, Sep 2007 The GENIUS Grid portal.
The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) Grid Engine Riccardo Rotondo

The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) Grid Engine Riccardo Rotondo
11/16/2012ISC329 Isabelle Bichindaritz1 Web Database Application Development.

11/16/2012ISC329 Isabelle Bichindaritz1 Web Database Application Development.
1.The portal sends, under the user approval, user’s attribute retrieved from IDP to CA bridge 2.CA bridge module requests to a CA-online a certificate.

1.The portal sends, under the user approval, user’s attribute retrieved from IDP to CA bridge 2.CA bridge module requests to a CA-online a certificate.
FP6−2004−Infrastructures−6-SSA-026409 www.eu-eela.org E-infrastructure shared between Europe and Latin America GENIUS server installation and configuration.

FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America GENIUS server installation and configuration.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org The GENIUS Grid portal Tony Calanducci INFN Catania - Italy First Latin American Workshop.

INFSO-RI Enabling Grids for E-sciencE The GENIUS Grid portal Tony Calanducci INFN Catania - Italy First Latin American Workshop.
European Grid Initiative Federated Cloud update Peter solagna Pre-GDB Workshop 10/11/2015....1.

European Grid Initiative Federated Cloud update Peter solagna Pre-GDB Workshop 10/11/
GILDA testbed GILDA Certification Authority GILDA Certification Authority User Support and Training Services in IGI IGI Site Administrators IGI Users IGI.

GILDA testbed GILDA Certification Authority GILDA Certification Authority User Support and Training Services in IGI IGI Site Administrators IGI Users IGI.

Similar presentations

Ads by Google