Embed Size (px)
Citation preview
Globus Toolkit® 4Workshop
2
On April 29, 2005 the On April 29, 2005 the Globus Alliance releasedGlobus Alliance releasedthe finest version of the the finest version of the Globus Toolkit to date!Globus Toolkit to date!
Don’t take our word for it!Read the UK eScience Evaluation of GT4
www.nesc.ac.uk/technical_papers/UKeS-2005-03.pdf(Reachable from www.globus.org, under “News”)
3
Overview
Part I GT4 introduction and status: Ian OGSA-DAI status: Neil Chue Hong Discussion
Part II NAREGI experiences: Satoshi Matsuoka China Grid experiences: Hai Jin Intel experiences: Ravi Subramaniam TeraGrid experiences: Dane Skow Globus Roadmap & GlobDev process: Ian Discussion
6
The Role of the Globus Toolkit
A collection of solutions to problems that come up frequently when building collaborative distributed applications
Heterogeneity A focus, in particular, on overcoming
heterogeneity for application developers Standards
We capitalize on and encourage use of existing standards (IETF, W3C, OASIS, GGF)
GT also includes reference implementations of new/proposed standards in these organizations
7
Grid Infrastructure
Distributed management Of physical resources Of software services Of communities and their policies
Unified treatment Build on Web Services framework Use WS-RF, WS-Notification (or WS-
Transfer/Man??) to represent/access state
Common management abstractions & interfaces
8
A Typical eScience Use of Globus:Network for Earthquake Eng. Simulation
Links instruments, data, computers, people
9
Without the Globus Toolkit
WebBrowser
ComputeServer
DataCatalog
DataViewer
Tool
Certificateauthority
ChatTool
CredentialRepository
WebPortal
ComputeServer
Resources implement standard access & management interfaces
Collective services aggregate &/or
virtualize resources
Users work with client applications
Application services organize VOs & enable
access to other services
Databaseservice
Databaseservice
Databaseservice
SimulationTool
Camera
Camera
TelepresenceMonitor
RegistrationService
A
B
C
D
E
Application Developer
10
Off the Shelf
12
Globus Toolkit
0
Grid Community
0
10
With the Globus Toolkit
WebBrowser
ComputeServer
GlobusMCS/RLS
DataViewer
Tool
CertificateAuthority
CHEF ChatTeamlet
MyProxy
CHEF
ComputeServer
Resources implement standard access & management interfaces
Collective services aggregate &/or
virtualize resources
Users work with client applications
Application services organize VOs & enable
access to other services
Databaseservice
Databaseservice
Databaseservice
SimulationTool
Camera
Camera
TelepresenceMonitor
Globus IndexService
GlobusGRAM
GlobusGRAM
GlobusDAI
GlobusDAI
GlobusDAI
Application Developer
2
Off the Shelf
9
Globus Toolkit
4
Grid Community
4
11
The Globus Toolkit:“Standard Plumbing” for the Grid
Not turnkey solutions, but building blocks & tools for application developers & system integrators Some components (e.g., file transfer) go farther than
others (e.g., remote job submission) toward end-user relevance
Easier to reuse than to reinvent Compatibility with other Grid systems comes for free
Today the majority of the GT public interfaces are usable by application developers and system integrators Relatively few end-user interfaces In general, not intended for direct use by end users
(scientists, engineers, marketing specialists)
12
Globus is Open Source Grid Infrastructure
Implement key Web services standards State, notification, security, …
Software for Grid infrastructure Service-enable new & existing resources E.g., GRAM on computer, GridFTP on storage system,
custom application services Uniform abstractions & mechanisms
Tools to build applications that exploit Grid infrastructure Registries, security, data management, …
Enabler of a rich tool & service ecosystem
13
The Globus Toolkit is a Collection of Components
A set of loosely-coupled components, with: Services and clients Libraries Development tools
GT components are used to build Grid-based applications and services GT can be viewed as a Grid SDK
GT components can be categorized across two different dimensions By broad domain area By protocol support
14
GT Domain Areas
Core runtime Infrastructure for building new services
Security Apply uniform policy across distinct systems
Execution management Provision, deploy, & manage services
Data management Discover, transfer, & access large data
Monitoring Discover & monitor dynamic services
15
GT Protocols
Web service protocols WSDL, SOAP WS Addressing, WSRF, WSN WS Security, SAML, XACML WS-Interoperability profile
Non Web service protocols Standards-based, such as GridFTP Custom
16
“Stateless” vs. “Stateful” Services
Without state, how does client: Determine what happened (success/failure)? Find out how many files completed? Receive updates when interesting events arise? Terminate a request?
Few useful services are truly “stateless”, but WS interfaces alone do not provide built-in support for state
Client
FileTransferService
move (A to B)move
17
FileTransferService (without WSRF)
Developer reinvents wheel for each new service Custom management and identification of state: transferID Custom operations to inspect state synchronously
(whatHappen) and asynchronously (tellMeWhen) Custom lifetime operation (cancel)
Client
FileTransferService
move (A to B) : transferIDmove
statewhatHappen
tellMeWhen
cancel
18
WSRF in a Nutshell Service State representation
Resource Resource Property
State identification Endpoint Reference
State Interfaces GetRP, QueryRPs,
GetMultipleRPs, SetRP Lifetime Interfaces
SetTerminationTime ImmediateDestruction
Notification Interfaces Subscribe Notify
ServiceGroups
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
19
FileTransferService (w/ WSRF)
Developer specifies custom method to createResource and leaves the rest to WSRF standards:
State exposed as Resource + Resource Properties and identified by Endpoint Reference (EPR)
State inspected by standard interfaces (GetRP, QueryRPs) Lifetime management by standard interfaces (Destroy)
ClientFileTransferService
createResource (A to B) : EPRcreateResource
RPs
Transfer getRP
queryRPs
destroy
Data MgmtSecurityCommonRuntime
Execution Mgmt
Info Services
Non-WS Components
Pre-WSAuthenticationAuthorization
GridFTPC CommonLibraries
Globus Toolkit version 2 (GT2)
Grid ResourceAlloc. Mgmt
(GRAM)
Monitoring& Discovery
(MDS)
Web Services
Components
Data MgmtSecurityCommonRuntime
Execution Mgmt
Info Services
Web Services
Components
Non-WS Components
Pre-WSAuthenticationAuthorization
GridFTPC CommonLibraries
WSAuthenticationAuthorization
ReliableFile
Transfer
Data Access& Integration
Grid ResourceAlloc. Mgmt(WS GRAM)
MDS3Java
WS Core
CommunityAuthorization
ReplicaLocation
eXtensibleIO (XIO)
Globus Toolkit version 3 (GT3)
Grid ResourceAlloc. Mgmt
(GRAM)
Monitoring& Discovery
(MDS)
Data MgmtSecurityCommonRuntime
Execution Mgmt
Info Services
Web Services
Components
Non-WS Components
Pre-WSAuthenticationAuthorization
GridFTPPre-WS
Grid ResourceAlloc. & Mgmt
Pre-WSMonitoring
& Discovery
C CommonLibraries
AuthenticationAuthorization
ReliableFile
Transfer
Data Access& Integration
Grid ResourceAllocation &
ManagementIndex
Java WS Core
CommunityAuthorization
ReplicaLocation
eXtensibleIO (XIO)
CredentialMgmt
CommunitySchedulingFramework
Delegation
Globus Toolkit version 4 (GT4)
DataReplication
TriggerC
WS Core
Python WS Core
WebMDS
WorkspaceManagement
Grid Telecontrol
Protocol
Contrib/Preview
Core
Depre-cated
www.globus.org
23
Data Mgmt
SecurityCommonRuntime
Execution Mgmt
Info Services
GridFTPAuthenticationAuthorization
ReliableFile
Transfer
Data Access& Integration
Grid ResourceAllocation &
ManagementIndex
CommunityAuthorization
DataReplication
CommunitySchedulingFramework
Delegation
ReplicaLocation
Trigger
Java Runtime
C Runtime
Python Runtime
WebMDS
WorkspaceManagement
Grid Telecontrol
Protocol
Globus Toolkit v4www.globus.org
CredentialMgmt
Globus Toolkit: Open Source Grid Infrastructure
I. Foster, Globus Toolkit Version 4: Software for Service-Oriented Systems, LNCS 3779, 2-13, 2005
24
4.0 was not a typical “.0” release,but the culmination of months of testing
3.0.0 3.2.0
3.9.5
4.0.03.9.4
3.9.3
3.9.2
3.9.1
3.9.0
3.3.0
3.2.13.0.1
3.0.2
CVS trunk
4.0.1
Stable release branch
Development release
Stable release
25
Our Goals for GT4
Usability, reliability, scalability, … Web service components have quality equal or
superior to pre-WS components Documentation at acceptable quality level
Consistency with latest standards (WS-*, WSRF, WS-N, etc.) and Apache platform WS-I Basic Profile compliant WS-I Basic Security Profile compliant
New components, platforms, languages And links to larger Globus ecosystem
26
Data Mgmt
SecurityCommonRuntime
Execution Mgmt
Info Services
GridFTPAuthenticationAuthorization
ReliableFile
Transfer
Data Access& Integration
Grid ResourceAllocation &
ManagementIndex
CommunityAuthorization
DataReplication
CommunitySchedulingFramework
Delegation
ReplicaLocation
Trigger
Java Runtime
C Runtime
Python Runtime
WebMDS
WorkspaceManagement
Grid Telecontrol
Protocol
Globus Toolkit v4www.globus.org
CredentialMgmt
Globus Toolkit: Open Source Grid Infrastructure
I. Foster, Globus Toolkit Version 4: Software for Service-Oriented Systems, LNCS 3779, 2-13, 2005
27
GT4 Web Services Runtime
Supports both GT (GRAM, RFT, Delegation, etc.) & user-developed services
Redesign to enhance scalability, modularity, performance, usability
Leverages existing WS standards WS-I Basic Profile: WSDL, SOAP, etc. WS-Security, WS-Addressing
Adds support for emerging WS standards WS-Resource Framework, WS-Notification
Java, Python, & C hosting environments Java is standard Apache
28
GT4 WS Core in a Nutshell
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
Implementation of WSRF: Resources,
EndpointReferences, ResourceProperties
Operation Providers: pre-build implementations of
WSRF operations
Notification implementation: Topics, TopicSet, Embedded
Notification Consumer service
Implementations of Resources (ReflectionResource,
PersistentReflectionResource) and ResourceProperties
(SimpleResourceProperty, ReflectionResourceProperty)
30
Service Container
GT4 WS Core in a Nutshell
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
ResourceHome
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
ResourceHome
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
ResourceHome
Service Container: host multiple services in container; one JVM
process
…more details: based on AXIS service
container, processes SOAP messages, ResourceContext
extension.
31
Service Container
GT4 WS Core in a Nutshell
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
ResourceHome
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
ResourceHome
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
ResourceHome
Secure Communication: Transport, Message,
Conversation (Transport demonstrates best
performance)
PIP
PDP
Configurable Security Policies: Policy Information
Points (PIPs), Policy Decision Points (PDP) -- chained
Example authorization PDPs: GridMap, SAML
implementations,XACML policies
32
Service Container
GT4 WS Core in a Nutshell
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
ResourceHome
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
ResourceHome
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
ResourceHome
PIP
PDP
WorkManager DB Conn Pool JNDI Directory
WorkManager: “thread pool”, site independent
“work” manager
Apache Database Connection Pool library
(JDBC “DataSource” implementation)
JNDI Directory: manages internal, shared objects
(ResourceHomes, WorkManager,
Configuration objects,…)
33
Apache Tomcat
Service Container
GT4 WS Core in a Nutshell
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
ResourceHome
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
ResourceHome
RPs
Resource
ServiceGetRP
GetMultRPs
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
EPREPR
EPR
ResourceHome
PIP
PDP
WorkManager DB Conn Pool JNDI Directory
Deploy Service Container “standalone”
or within Apache Tomcat
34
CustomWeb
ServicesWS-Addressing, WSRF,
WS-Notification
CustomWSRF Web
Services
GT4WSRF Web
Services
WSDL, SOAP, WS-Security
User Applications
Reg
istr
yA
dmin
istr
atio
n
GT
4 C
onta
iner
GT4 Web Services Runtime
36
WSRF & WS-Notification Naming and bindings (basis for virtualization)
Every resource can be uniquely referenced, and has one or more associated services for interacting with it
Lifecycle (basis for fault resilient state mgmt) Resources created by services following factory pattern Resources destroyed immediately or scheduled
Information model (basis for monitoring, discovery) Resource properties associated with resources Operations for querying and setting this info Asynchronous notification of changes to properties
Service groups (basis for registries, collective svcs) Group membership rules & membership management
Base Fault type
38
GetRP Test
Distributed client and service on same LAN(times in milliseconds)
GT4 - Java
GT4 - C
pyGridWare
WSRF::Lite
WSRF.NET
No Security
GT4 - Java
GT4 - C
pyGridWare
WSRF::Lite
WSRF.NET
GT4 - Java
GT4 - C
pyGridWare
WSRF::Lite
WSRF.NET
X509 Signing HTTPS
10.05
2.34
25.57
17.1
8.23
181.96
14.8
140.5
81.39
N/A11.46
2.8512.91
55.6
149.67
39GT4 WS Core Performance
GT4 Java GT4 C GT4 Python WSRF.NET
GetRP 181.96 14.77 140.50 81.39
SetRP 182.04 14.99 142.21 82.48
CreateR 188.46 14.98 132.26 96.22
DestroyR 182.03 15.76 136.12 86.89
Notify 219.51 N/A 244.93 101.57
GT4 Java GT4 C GT4 Python WSRF.NET
getRP 11.46 2.85 149.67 12.91
setRP 11.47 2.86 150.79 12.3
createR 18.00 2.82 132.60 20.84
destroyR 14.92 2.71 149.21 16.05
Notify 29.26 9.67 169.07 45.0
(1) Message-level security (times in milliseconds)
(2) Transport-level security (times in milliseconds)
“WSRF/WSNs Compared,” HPDC 2005.
40
Data Mgmt
SecurityCommonRuntime
Execution Mgmt
Info Services
GridFTPAuthenticationAuthorization
ReliableFile
Transfer
Data Access& Integration
Grid ResourceAllocation &
ManagementIndex
CommunityAuthorization
DataReplication
CommunitySchedulingFramework
Delegation
ReplicaLocation
Trigger
Java Runtime
C Runtime
Python Runtime
WebMDS
WorkspaceManagement
Grid Telecontrol
Protocol
Globus Toolkit v4www.globus.org
CredentialMgmt
Globus Toolkit: Open Source Grid Infrastructure
I. Foster, Globus Toolkit Version 4: Software for Service-Oriented Systems, LNCS 3779, 2-13, 2005
41
Globus Security
Control access to shared services Address autonomous management, e.g.,
different policy in different work-groups Support multi-user collaborations
Federate through mutually trusted services Local policy authorities rule
Allow users and application communities to set up dynamic trust domains Personal/VO collection of resources working
together based on trust of user/VO
42
Organization A Organization B
Compute Server C1Compute Server C2
Compute Server C3
File server F1 (disks A and B)
Person C(Student)
Person A(Faculty)
Person B(Staff) Person D
(Staff)Person F(Faculty)
Person E(Faculty)
Virtual Community C
Person A(Principal Investigator)
Compute Server C1'
Person B(Administrator)
File server F1 (disk A)
Person E(Researcher)
Person D(Researcher)
Virtual Organization (VO) Concept
VO for each application or workload Carve out and configure resources for a particular
use and set of users
43
GT4 Security
VO
RightsUsers
Rights’
ComputeCenter
Access
Services (runningon user’s behalf)
Rights
Local policyon VO identityor attributeauthority
CAS or VOMSissuing SAMLor X.509 ACs
SSL/WS-Securitywith ProxyCertificates
Authz Callout:SAML, XACML
KCA
MyProxy
44
GT4 Security Public-key-based authentication Extensible authorization framework based on Web
services standards SAML-based authorization callout
As specified in GGF OGSA-Authz WG
Integrated policy decision engine XACML policy language, per-operation policies, pluggable
Credential management service MyProxy (One time password support)
Community Authorization Service Standalone delegation service
45
GT4’s Use of Security Standards
Supported, Supported, Fastest, but slow but insecure so default
46
GT-XACML Integration
eXtensible Access Control Markup Language OASIS standard, open source implementations
XACML: sophisticated policy language Globus Toolkit ships with XACML runtime
Included in every client and server built on GT Turned-on through configuration
… that can be called transparently from runtime and/or explicitly from application …
… and we use the XACML-”model” for our Authz Processing Framework
47
GT Authorization Framework
48
Other Security Services Include …
MyProxy Simplified credential management Web portal integration Single-sign-on support
KCA & kx.509 Bridging into/out-of Kerberos domains
SimpleCA Online credential generation
PERMIS Authorization service callout
49
Data Mgmt
SecurityCommonRuntime
Execution Mgmt
Info Services
GridFTPAuthenticationAuthorization
ReliableFile
Transfer
Data Access& Integration
Grid ResourceAllocation &
ManagementIndex
CommunityAuthorization
DataReplication
CommunitySchedulingFramework
Delegation
ReplicaLocation
Trigger
Java Runtime
C Runtime
Python Runtime
WebMDS
WorkspaceManagement
Grid Telecontrol
Protocol
Globus Toolkit v4www.globus.org
CredentialMgmt
Globus Toolkit: Open Source Grid Infrastructure
I. Foster, Globus Toolkit Version 4: Software for Service-Oriented Systems, LNCS 3779, 2-13, 2005
50
GT4 Data Management Stage/move large data to/from nodes
GridFTP, Reliable File Transfer (RFT) Alone, and integrated with GRAM
Locate data of interest Replica Location Service (RLS)
Replicate data for performance/reliability Distributed Replication Service (DRS)
Provide access to diverse data sources File systems, parallel file systems, hierarchical
storage: GridFTP Databases: OGSA DAI
51
GridFTP in GT4 100% Globus code
No licensing issues Stable, extensible
IPv6 Support XIO for different transports Striping multi-Gb/sec wide area transport
27 Gbit/s on 30 Gbit/s link Pluggable
Front-end: e.g., future WS control channel Back-end: e.g., HPSS, cluster file systems Transfer: e.g., UDP, NetBLT transport
Bandwidth Vs Striping
0
2000
4000
6000
8000
10000
12000
14000
16000
18000
20000
0 10 20 30 40 50 60 70
Degree of Striping
Ba
nd
wid
th (
Mb
ps
)
# Stream = 1 # Stream = 2 # Stream = 4
# Stream = 8 # Stream = 16 # Stream = 32
Disk-to-disk onTeraGrid
52
Reliable File Transfer:Third Party Transfer
RFT Service
RFT Client
SOAP Messages
Notifications(Optional)
DataChannel
Protocol Interpreter
MasterDSI
DataChannel
SlaveDSI
IPCReceiver
IPC Link
MasterDSI
Protocol Interpreter
Data Channel
IPCReceiver
SlaveDSI
Data Channel
IPC Link
GridFTP Server GridFTP Server
Fire-and-forget transfer Web services interface Many files & directories Integrated failure recovery Has transferred 900K files
53
Replica Location Service
Identify location of files via logical to physical name map
Distributed indexing of names, fault tolerant update protocols
GT4 version scalable & stable
Managing ~40 million files across ~10 sites
IndexIndex
Local DB
Update send (secs)
Bloom filter
(secs)
Bloom filter (bits)
10K <1 2 1 M
1 M 2 24 10 M
5 M 7 175 50 M
54
Cardiff
AEI/Golm
Birmingham•
Reliable Wide Area Data Replication
Replicating >1 Terabyte/day to 8 sites>30 million replicas so farMTBF = 1 month
LIGO Gravitational Wave Observatory
www.globus.org/solutions
55
OGSA-DAI
Provide service-based access to structured data resources as part of Globus
Specify a selection of interfaces tailored to various styles of data access—starting with relational and XML
60
Data Mgmt
SecurityCommonRuntime
Execution Mgmt
Info Services
GridFTPAuthenticationAuthorization
ReliableFile
Transfer
Data Access& Integration
Grid ResourceAllocation &
ManagementIndex
CommunityAuthorization
DataReplication
CommunitySchedulingFramework
Delegation
ReplicaLocation
Trigger
Java Runtime
C Runtime
Python Runtime
WebMDS
WorkspaceManagement
Grid Telecontrol
Protocol
Globus Toolkit v4www.globus.org
CredentialMgmt
Globus Toolkit: Open Source Grid Infrastructure
I. Foster, Globus Toolkit Version 4: Software for Service-Oriented Systems, LNCS 3779, 2-13, 2005
61
Execution Management (GRAM)
Common WS interface to schedulers Unix, Condor, LSF, PBS, SGE, …
More generally: interface for process execution management Lay down execution environment Stage data Monitor & manage lifecycle Kill it, clean up
A basis for application-driven provisioning
62
GT4 WS GRAM
2nd-generation WS implementation optimized for performance, flexibility, stability, scalability
Streamlined critical path Use only what you need
Flexible credential management Credential cache & delegation service
GridFTP & RFT used for data operations Data staging & streaming output Eliminates redundant GASS code
63
GRAMservices
GT4 Java Container
GRAMservices
Delegation
RFT FileTransfer
Transferrequest
GridFTPRemote storage element(s)
Localscheduler
Userjob
Compute element
GridFTP
sudo
GRAMadapter
FTPcontrol
Local job control
Delegate
FTP data
Cli
ent Job
functions
Delegate
Service host(s) and compute element(s)
GT4 WS GRAM Architecture
SEGJob events
64
GRAMservices
GT4 Java Container
GRAMservices
Delegation
RFT FileTransfer
Transferrequest
GridFTPRemote storage element(s)
Localscheduler
Userjob
Compute element
GridFTP
sudo
GRAMadapter
FTPcontrol
Local job control
Delegate
FTP data
Cli
ent Job
functions
Delegate
Service host(s) and compute element(s)
GT4 WS GRAM Architecture
SEGJob events
Delegated credential can be:Made available to the application
65
GRAMservices
GT4 Java Container
GRAMservices
Delegation
RFT FileTransfer
Transferrequest
GridFTPRemote storage element(s)
Localscheduler
Userjob
Compute element
GridFTP
sudo
GRAMadapter
FTPcontrol
Local job control
Delegate
FTP data
Cli
ent Job
functions
Delegate
Service host(s) and compute element(s)
GT4 WS GRAM Architecture
SEGJob events
Delegated credential can be:Used to authenticate with RFT
66
GRAMservices
GT4 Java Container
GRAMservices
Delegation
RFT FileTransfer
Transferrequest
GridFTPRemote storage element(s)
Localscheduler
Userjob
Compute element
GridFTP
sudo
GRAMadapter
FTPcontrol
Local job control
Delegate
FTP data
Cli
ent Job
functions
Delegate
Service host(s) and compute element(s)
GT4 WS GRAM Architecture
SEGJob events
Delegated credential can be:Used to authenticate with GridFTP
67
WS GRAM Performance
Time to submit a basic GRAM job Pre-WS GRAM: < 1 second WS GRAM: 2 seconds
Concurrent jobs Pre-WS GRAM: 300 jobs WS GRAM: 32,000 jobs
Various studies are underway to test latest software
68
Workspace Service:The Hosted Activity
Policy
Client
Environment
Activity
Allocate/provisionConfigure
Initiate activityMonitor activityControl activity
Interface Resource provider
69
Virtual OSG Clusters
OSG cluster
Xen hypervisors
TeraGrid cluster
OSG
70
Data Mgmt
SecurityCommonRuntime
Execution Mgmt
Info Services
GridFTPAuthenticationAuthorization
ReliableFile
Transfer
Data Access& Integration
Grid ResourceAllocation &
ManagementIndex
CommunityAuthorization
DataReplication
CommunitySchedulingFramework
Delegation
ReplicaLocation
Trigger
Java Runtime
C Runtime
Python Runtime
WebMDS
WorkspaceManagement
Grid Telecontrol
Protocol
Globus Toolkit v4www.globus.org
CredentialMgmt
Globus Toolkit: Open Source Grid Infrastructure
I. Foster, Globus Toolkit Version 4: Software for Service-Oriented Systems, LNCS 3779, 2-13, 2005
71
Monitoring and Discovery
“Every service should be monitorable and discoverable using common mechanisms” WSRF/WSN provides those mechanisms
A common aggregator framework for collecting information from services, thus: MDS-Index: Xpath queries, with caching MDS-Trigger: perform action on condition (MDS-Archiver: Xpath on historical data)
Deep integration with Globus containers & services: every GT4 service is discoverable GRAM, RFT, GridFTP, CAS, …
72
GT4 Container
GT4 Monitoring & Discovery
GRAM User
MDS-Index
GT4 Cont.
RFT
MDS-Index
GT4 Container
MDS-Index
GridFTP
adapter
Registration &WSRF/WSN Access
Custom protocolsfor non-WSRF entities
Clients(e.g., WebMDS)
Automatedregistrationin container
WS-ServiceGroup
73
Information Providers
GT4 information providers collect information from some system and make it accessible as WSRF resource properties
Growing number of information providers Ganglia, CluMon, Nagios SGE, LSF, OpenPBS, PBSPro, Torque
Many opportunities to build additional ones E.g., network monitoring, storage systems,
various sensors
74
Java Services in Apache AxisPlus GT Libraries and Handlers
YourJava
Service
YourPythonService
YourJava
Service RF
T
GR
AM
Del
egat
ion
Inde
x
Trig
ger
Arc
hive
r
pyGlobusWS Core
YourC
Service
C WS Core
RLS
Pre
-WS
MD
S
CA
S
Pre
-WS
GR
AM
Sim
pleC
A
MyP
roxy
OG
SA
-DA
I
GT
CP
Grid
FT
P
C Services using GT Libraries and Handlers
SERVER
CLIENT
InteroperableWS-I-compliant
SOAP messaging
YourJavaClient
YourC
Client
YourPythonClient
YourJavaClient
YourC
Client
YourPythonClient
YourJavaClient
YourC
Client
YourPythonClient
YourJavaClient
YourC
Client
YourPythonClient
X.509 credentials =common authentication
Python hosting, GT Libraries
GT4 Summary
GT4 Documentation
is Much Improved!
76
The Globus Commitment to Open Source
Globus was first established as an open source project in 1996
The Globus Toolkit is open source to: allow for inspection
for consideration in standardization processes
encourage adoption in pursuit of ubiquity and interoperability
encourage contributions harness the expertise of the community
The Globus Toolkit is distributed under the (BSD-style) Apache License version 2
77
The Future:Structure
NSF Community Driven Improvement of Globus Software (CDIGS) project 5 years of funding for GT enhancement Regular Globus roadmaps outlining plans
GlobDev http://dev.globus.org Apache-like community development site Community governance of components “Globus Toolkit” & other related software Open for business early 2006 “Globus Alliance” = “GlobDev committers”
78
GlobDev The current set of Globus components will be
organized into several “Globus Projects” Projects release products
Each project will have its own group of “Committers” committers are responsible for governance on
matters relating to their products The “Globus Management Committee” will
provide overall guidance and conflict resolution approve the creation of new Globus Projects
http://dev.globus.org
Guidelines(Apache)
Infrastructure(CVS, email,
bugzilla, Wiki)
ProjectsInclude
…
GlobDev
80
The Future:Content
We now have a solid and extremely powerful Web services base
Next, we will build an expanded open source Grid infrastructure Virtualization New services for provisioning, data management,
security, VO management End-user tools for application development Etc., etc.
And of course responding to user requests for other short-term needs
81
Short-Term Priorities: Security
Improve GSI error reporting & diagnostics Secure password, one-time password,
Kerberos support for initial log on Trust roots, use of GridLogon Identity/attribute assertions in GT auth.
callouts (e.g., Shib, PERMIS, VOMS, SAML) Extend CAS admin & policy support Security logging with management control
for audit purposes
82
Short-Term Priorities: Data Management
Space & bandwidth management in GridFTP
Concurrency in globus-url-copy Priorities in RFT Data replication service Enhance policy support in data services Physical file name creation service Scalable & distributed metadata manager
83
Short-Term Priorities: Execution Management
Implement GGF JSDL once finalized Advance reservation support Policy-driven restart of “persistent” jobs Improved information collection for jobs Improved management of job collections Credential refresh Development of workspace service Integration of virtual machines (Xen, VMware) and
associated services Windows port of WS GRAM
84
Short-Term Priorities: Information Services
Many more information sources, including gateways to other systems
Automated configuration of monitoring Specialized monitoring displays Performance optimization of registry Archiver service Helper tools to streamline integration of
new information sources
85
Short-Term Priorities: WS Core
Streamlined container configuration Remote management interface Dynamic service deployment Service isolation: multiple service instances WS-Notification, subscription performance Full functionality in C WS Core Optimized WS-ServiceGroup support WS-SecureConversation support
86
What to Expect from theGlobus Alliance in the Coming Months
Support for users of GT4 Working to make sure the toolkit meets user
needs Answering questions on the mailing lists Further improving documentation
Normal evolution of performance, scalability and feature enhancements
Further development of tools and services in support of VOs
Expanding contributions to Globus
87
Overview
Background and Globus approach Globus Toolkit: current capabilities Future directions Related tools
88
The Globus Ecosystem
Globus components address core issues relating to resource access, monitoring, discovery, security, data movement, etc. GT4 being the latest version
A larger Globus ecosystem of open source and proprietary components provide complementary components A growing list of components
These components can be combined to produce solutions to Grid problems We’re building a list of such solutions
89
Many Tools Build on, or Can Contribute to, GT4-Based Grids
Condor-G, DAGman MPICH-G2 GRMS Nimrod-G Ninf-G Open Grid Computing Env. Commodity Grid Toolkit GriPhyN Virtual Data System Virtual Data Toolkit GridXpert Synergy
Platform Globus Toolkit VOMS PERMIS GT4IDE Sun Grid Engine PBS scheduler LSF scheduler GridBus TeraGrid CTSS NEES IBM Grid Toolbox …
90
DocumentingThe Grid
Ecosystem
The Grid Ecosystem: Software Components for Grid SystemsAnd Applications
www.grids-center.org
91
Example Solutions
Portal-based User Reg. System (PURSE) VO Management Registration Service Service Monitoring Service TeraGrid TGCP Tool Lightweight Data Replicator GriPhyN Virtual Data System
92
Tells Us About YourGrid Tools & Solutions
We list links to related projects on the “Related Software” of the Globus Toolkit web www.globus.org/toolkit/tools/
“Solutions” are documented on the Globus web www.globus.org/solutions/
If we’ve got details wrong or you have a GT4-related tool to list on our website, please send mail to [email protected]
93
Globus Toolkit v4 Components
Data Mgmt
SecurityCommonRuntime
Execution Mgmt
Info Services
GridFTPAuthenticationAuthorization
ReliableFile
Transfer
Data Access& Integration
Grid ResourceAllocation &
ManagementIndex
CommunityAuthorization
DataReplication
CommunitySchedulingFramework
Delegation
ReplicaLocation
Trigger
Java Runtime
C Runtime
Python Runtime
WebMDS
WorkspaceManagement
Grid Telecontrol
Protocol
Globus Toolkit v4www.globus.org
CredentialMgmt
I. Foster, Globus Toolkit Version 4: Software for Service-Oriented Systems, LNCS 3779, 2-13, 2005
