Download ppt - Introduction to Globus Toolkit 4 at LA Grid

Introduction to Globus Toolkit 4

at LA Grid

CIS 6612 – Autonomic Grid Computing

Summer 2006

Presenters Fernando Farfán Mayelin Felipe

Agnostics Diego López Ramakrishna Varadarajan

OUTLINE

WEB SERVICES FUNDAMENTALS GRID FUNDAMENTALS OGSA, WSRF & GT4 LAGRID @ CIS.FIU.EDU DEVELOPING WS IN LAGRID

Unsecured Examples Secure Examples

GETTING READY FOR LAGRID

Get a Globus Identity certificate signed by the Certificate Authority.http://www.cs.fiu.edu/~esj/globus.html

Enroll as a Secure Globus User with Eric Johnson.

Set these environment variables:1. Set $GLOBUS_LOCATION to /depot/globus-4

2. Set $ANT_HOME to /depot/ant-1.x

SETTING UP LAGRID ENVIRONMENT

Download the examples 1. go to http://www.gt4book.com/

2. go to Downloads

3. select to download the source code for the MathService examples and the FileBuy application

Untar/unzip the file1. tar -xvzf gt4book-examples.tar.gz

GT4 JAVA WS CORE

Building web services using GT4. Stateful web services! Following WSRF specifications.

WRITE A STATEFUL WEB SERVICE IN 5 SIMPLE STEPS!!

1. Define the WS interface with WSDL.

2. Implement the service with Java.

3. Define the deployment parameters with WSDD.

4. Compile everything and generate a GAR file with Ant.

5. Deploy the service with GT4 tool.

OUR FIRST EXAMPLE: MathService

A simple Math web service. Operations:

Addition Subtraction Get Value.

Resources: Value (integer) Last operation performed (String).

MathService: THE 5 STEPS. Step 1: The WSDL

The Definition

<?xml version="1.0" encoding="UTF-8"?><definitions name="MathService" targetNamespace="http://www.globus.org/namespaces/

examples/MathService_instance“ …>…</definition>

The Definition

<?xml version="1.0" encoding="UTF-8"?><definitions name="MathService" targetNamespace="http://www.globus.org/namespaces/

examples/MathService_instance“ …>…</definition>

The Port Type

<?xml version="1.0" encoding="UTF-8"?><definitions …><portType name="MathPortType" wsrp:ResourceProperties="tns:MathResourceProperties"> <operation name="add"> <input message="tns:AddInputMessage"/> <output message="tns:AddOutputMessage"/> </operation> …</portType></definitions>

The Port Type

<?xml version="1.0" encoding="UTF-8"?><definitions …><portType name="MathPortType" wsrp:ResourceProperties="tns:MathResourceProperties"> <operation name="add"> <input message="tns:AddInputMessage"/> <output message="tns:AddOutputMessage"/> </operation> …</portType></definitions>

The Messages

<?xml version="1.0" encoding="UTF-8"?><definitions …><message name="AddInputMessage"> <part name="parameters" element="tns:add"/></message><message name="AddOutputMessage"> <part name="parameters" element="tns:addResponse"/></message></definitions>

The Messages

<?xml version="1.0" encoding="UTF-8"?><definitions …><message name="AddInputMessage"> <part name="parameters" element="tns:add"/></message><message name="AddOutputMessage"> <part name="parameters" element="tns:addResponse"/></message></definitions>

The Response and Request Types

<?xml version="1.0" encoding="UTF-8"?><definitions …> <xsd:element name="add" type="xsd:int"/> <xsd:element name="addResponse"> <xsd:complexType/> </xsd:element></definitions>

The Response and Request Types

<?xml version="1.0" encoding="UTF-8"?><definitions …> <xsd:element name="add" type="xsd:int"/> <xsd:element name="addResponse"> <xsd:complexType/> </xsd:element></definitions>

The Resource Properties

<xsd:element name=“Value” type=“xsd:int” /><xsd:element name=“LastOp” type=“xsd:string” />

<xsd:element name=“MathResourceProperties”>…</xsd:element>


<xsd:element name=“Value” type=“xsd:int” /><xsd:element name=“LastOp” type=“xsd:string” />

<xsd:element name=“MathResourceProperties”>…</xsd:element>

MathService: THE 5 STEPS. Step 1: The WSDL

Steps to write a WSDL document:

Write the root element <definitions> Write the <portType> Write an input and output <message> for each

operation in the PortType Write the <types>, which includes declaring the

request and response elements, along with the resource properties.

MathService:THE 5 STEPS Step 2: Implementation in Java

The Bare Bones

package org.globus.examples.services.core.first.impl;

import java.rmi.RemoteException;import org.globus.examples.stubs.MathService_instance.*;import org.globus.wsrf.*;import org.globus.wsrf.impl.*;

public class MathService implements Resource, ResourceProperties { …}

The Bare Bones

package org.globus.examples.services.core.first.impl;

import java.rmi.RemoteException;import org.globus.examples.stubs.MathService_instance.*;import org.globus.wsrf.*;import org.globus.wsrf.impl.*;

public class MathService implements Resource, ResourceProperties { …}


/* Resource properties */private int value;private String lastOp;

/* Get/Setters for the RPs */public int getValue() { return value;}

public synchronized void setValue(int value) { this.value = value;}


/* Resource properties */private int value;private String lastOp;

/* Get/Setters for the RPs */public int getValue() { return value;}

public synchronized void setValue(int value) { this.value = value;}

MathService: THE 5 STEPSStep 2: Implementation in Java

The Web Service Java class includes:

Declaration for the ResourcePropertySet Declaration for the Resource Properties Constructor – resource properties are initialized Get/Setters for the Resource Properties Methods for the remotely accessible operations

MathService: THE 5 STEPS.Step 3: Configuring the Deployment - WSDD

<?xml version="1.0" encoding="UTF-8"?><deployment name="defaultServerConfig" xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java" xmlns:xsd="http://www.w3.org/2001/XMLSchema">

<service name="examples/core/first/MathService" provider="Handler" use="literal" style="document"><parameter name="className"

value="org.globus.examples.services.core.first.impl.MathService"/> <wsdlFile>share/schema/examples/MathService_instance/Math_service.wsdl

</wsdlFile> <parameter name="allowedMethods" value="*"/> <parameter name="handlerClass“

value="org.globus.axis.providers.RPCProvider"/> <parameter name="scope" value="Application"/> <parameter name="providers" value="GetRPProvider"/> <parameter name="loadOnStartup" value="true"/>

</service> </deployment>

<?xml version="1.0" encoding="UTF-8"?><deployment name="defaultServerConfig" xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java" xmlns:xsd="http://www.w3.org/2001/XMLSchema">

<service name="examples/core/first/MathService" provider="Handler" use="literal" style="document"><parameter name="className"

value="org.globus.examples.services.core.first.impl.MathService"/> <wsdlFile>share/schema/examples/MathService_instance/Math_service.wsdl

</wsdlFile> <parameter name="allowedMethods" value="*"/> <parameter name="handlerClass“

value="org.globus.axis.providers.RPCProvider"/> <parameter name="scope" value="Application"/> <parameter name="providers" value="GetRPProvider"/> <parameter name="loadOnStartup" value="true"/>

</service> </deployment>

WEB SERVICES IN GT4Agnostic Question

What purpose does JNDI play within the GT4 environment?

The Java Naming and Directory Interface allow us to build directory-enabled applications. This will make our Web service available to client connections through a Web services container.A service (identified by its path) will want to locate its resource home.It can also interact with a variety of directories such as LDAP.

MathService: THE 5 STEPS.Step 4: Create a GAR file with Ant

Process the WSDL to add missing pieces. Create stub classes from the WSDL. Compile stub classes. Compile service implementation. Organize all files into its specific directory structure.

./globus-build-service.sh –d <service base directory> -s <service’s WSDL file>

$ ./globus-build-service.sh \ -d org/globus/examples/services/core/first \ -s schema/examples/MathService_instance/Math.wsdl

$ ./globus-build-service.sh \ -d org/globus/examples/services/core/first \ -s schema/examples/MathService_instance/Math.wsdl

MathService:THE 5 STEPS. Step 5: Deploy the Service into a Web Service Container

Uses Ant. Unpacks the GAR. Copies the WSDL, compiled stubs, compiled

implementation & WSDD into the GT4 directory tree.

$ sudo –u globus globus-deploy-gar \ org_globus_examples_services_core_first.gar

$ sudo –u globus globus-undeploy-gar \ org_globus_examples_services_core_first

$ sudo –u globus globus-deploy-gar \ org_globus_examples_services_core_first.gar

$ sudo –u globus globus-undeploy-gar \ org_globus_examples_services_core_first

MathService:THE CLIENT

Tests the service invoking both the add and subtract operations.

$ java -cp ./build/stubs/classes/:$CLASSPATH \ org.globus.examples.clients.MathService_instance.Client \ https://la-blade-01.cs.fiu.edu:8443/wsrf/services/core/first/MathService


AxisFault faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException faultSubcode: faultString: java.io.IOException: No socket factory for 'https' protocol faultActor: faultNode: faultDetail: ...

HOW TO MAKE THE SERVICE SECURE??

Create the security-config.xml file.<securityConfig xmlns="http://www.globus.org"> <authz value="none"/></securityConfig>

Modify the deploy-server.wsdd file.<parameter name="securityDescriptor" value="etc/org_globus_examples_services_core_first/security-config.xml"/>

Add the following to the client.static { Util.registerTransport();}…((Stub)mathFactory)._setProperty( Constants.GSI_SEC_CONV, Constants.ENCRYPTION);((Stub)mathFactory)._setProperty( Constants.AUTHORIZATION, NoAuthorization.getInstance());

Our acknowledge to Our acknowledge to Ramakrishna!Ramakrishna!

HOW TO MAKE THE SERVICE SECURE??

Is it secure now?Not really… We just fooled it to make it secure.


Current value: 15Current value: 10


Current value: 15Current value: 10

Let’s run it again…

WEB SERVICES IN GT4Agnostic Question

How do I create a Grid infrastructure? Can we use any machine which has the Globus Toolkit's Grid Services installed on it?

To build a Grid, we recommend that you download the Globus Toolkit and follow the instructions in the Globus Toolkit System Administrator's Guide. Both of these are available at the Globus website, http://www.globus.org/toolkit/. The documentation will take you through the process of building the Globus Toolkit software, setting up a Grid information service, setting up a certificate authority or using someone else's, installing the Globus resource management tools on your servers, and installing Globus client tools and libraries for your users.

GRID SECURITY INFRASTRUCTURE

Basis for GT4 Security layer. Covers the three pillars of secure

communication: Privacy. Integrity. Authentication.

Family of components (low/high level) to offer security features to programmers.

GRID SECURITY INFRASTRUCTURE

Level security: Transport-level Message-level

Authentication X.509 Digital certificates. Username/Password

Authorization schemes: Server-Side Client-Side Custom

Credential delegation and single sign-on Proxy Certificates

Different levels of security: Container Service Resource.

SECURE EXAMPLES: WRITING A SECURE MathServer

Add security to the MathService example. Now, four operations:

add subtract multiply divide

We will be able to configure each operation with a different security configuration.

DEMO:SECURE MathServer

1

Modify the security-config-auth.xml

No server-side authorization must be performed.

2 The add method can only be invoked using GSI Secure Conversation.

3 The subtract method can only be invoked using GSI Secure Message.

4 The multiply method can be invoked using GSI Secure Conversation or GSI Secure Message.

5 The divide method can only be invoked using GSI Transport (transport-level security).

6 The rest of the methods can be invoked with any of the authentication methods.

<securityConfig xmlns="http://www.globus.org"> <authz value="none"/> <method name="add"> <auth-method> <GSISecureConversation/> </auth-method> </method> <method name="subtract"> <auth-method> <GSISecureMessage/> </auth-method> </method> <method name="multiply"> <auth-method> <GSISecureConversation/> <GSISecureMessage/> </auth-method> </method> <method name="divide"> <auth-method> <GSITransport/> </auth-method> </method>  <auth-method> <GSISecureConversation/> <GSISecureMessage/> <GSITransport/> </auth-method></securityConfig>

• The service


The Client Programatically:((Stub)math)._setProperty(Constants.

GSI_SEC_CONV,Constants.ENCRYPTION); Security descriptor:String secDecFile =

“path/to/security-descriptor.xml”;((Stub)math)._setProperty(Constants.

CLIENT_DESCRIPTOR_FILE, secDescFile);


Client call 1: GSI Transport Client

Client call 2: GSI Secure Conversation Client

[add] ERROR: GSI Secure Conversation authentication required for "{MathService_instance_4op}add" operation.[subtract] ERROR: GSI Secure Message authentication required for

"{MathService_instance_4op}subtract" operation.[multiply] ERROR: GSI Secure Conversation or GSI Secure Message authentication required for "{MathService_instance_4op}multiply" operation.Division was successfulCurrent value: 30

[add] ERROR: GSI Secure Conversation authentication required for "{MathService_instance_4op}add" operation.[subtract] ERROR: GSI Secure Message authentication required for

"{MathService_instance_4op}subtract" operation.[multiply] ERROR: GSI Secure Conversation or GSI Secure Message authentication required for "{MathService_instance_4op}multiply" operation.Division was successfulCurrent value: 30

Addition was successful[subtract] ERROR: GSI Secure Message authentication required for "{http://www.globus.org/namespaces/examples/ MathService_instance_4op}subtract" operation.Multiplication was successfulDivision was successfulCurrent value: 180

Addition was successful[subtract] ERROR: GSI Secure Message authentication required for "{http://www.globus.org/namespaces/examples/ MathService_instance_4op}subtract" operation.Multiplication was successfulDivision was successfulCurrent value: 180

GLOBUS TOOLKIT 4Agnostic Question

Once I've installed the Globus Toolkit, how do others find out that my machine is available on the Grid, and how can I find out what other machines are on the Grid?

Grid exists as a number of groups who are building experimental and production grid infrastructures for their own purposes.

Virtual organizations using the same Grid technology to build their infrastructures.


If I submit a job using Globus Toolkit 4, is the execution management module capable of executing the job parallel on different machines on the grid?

No, this is one of the current limitations of GT4.


What are the research challenges that the Globus Alliance is currently addressing? What do you think are the limitations of the current Globus toolkit implementations?

End-to-end resource management and adaptation techniques.

Automated techniques for negotiation of resource usage, policy, and accounting in large-scale grid environments.

High-performance communication methods and protocols.


One of the main challenges with today's Internet, is the amount of useless information out there, how does GT4 currently ensure that the services being offered or registered provide both quality and are in demand?

Globus Toolkit provides mechanisms to address resource discovery and security issues.

GARA: General-purpose Architecture for Reservation and Allocation


How effective is the GT4 book in expanding the practical uses of Grid Computing? Does the author focus on both scientific and non-scientific applications running on the Grid?

Part IV: The FileBuy Application:

Multiple services deployed across several machines.

Highlights some design patterns commonly found in GT4- based systems.


Are there any current GT4 IDE software tools?

Globus Service Build Tools http://gsbt.sourceforge.net/ GT4IDE: Eclipse 3 plug-in that will allow GT4

programmers to develop WSRF Java Web Services easily.

globus-build-service: The same Ant buildfile + script included in the tutorial.


How do you envision the Grid in the future? In your opinion, how much will GT4 make Grid adoption easier in the future?

The needs for Grids have been identified.

How many grid-enabled applications we’ll see?

To grid-enable an application is a challenge.

New challenges in security.

USEFUL LINKS

Our site! [COMING SOON]http://www.cis.fiu.edu/~mfelip01/CIS-6612/GT4_project.html

Globus toolkit 4 Programmer’s Tutorialhttp://gdp.globus.org/gt4-tutorial/

Globus toolkit 4: Programming Java Serviceshttp://www.gt4book.com/

OASIS.http://www.oasis-open.org/

The Globus Alliance;http://www.globus.org/