100 likes | 254 Views
Virtual Organisation Management in the Level 2 Grid. Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College. Virtual Organisation Management Portal (VOM). Tackle the VO Authorisation problem Use role based authorisation model
E N D
Virtual Organisation Managementin the Level 2 Grid Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College
Virtual Organisation Management Portal (VOM) • Tackle the VO Authorisation problem • Use role based authorisation model • Management of distributed ‘gridmap’ files • Web based for distributed management • Part of Centre’s OSCAR-G project
Current Status • Early release demonstrated at Sheffield 2002 • Use GSC X.509 certificate to authenticate to VOM • VO Manager approves request and assigns role • Role is mapped to resources • Resource managers informed of new users • Resource manager provides local UNIX account • GSI Web service generates gridmap file from multiple VO sources • Email notification when status changes • Event logging for audit and problem solving
Architecture Users VO Managers Resource Adm BROWSER VOM Portal VOM Portal GT3 Client/Server Upload & download GT2 Resource GT2 Resource
GridMap Client • Resource Manager defines configuration file • Identity for GSI operations • VOM portals to retrieve data • Local gridmap entries • Gridmap Client invoked from cron job • Iff all lookups successful write out new gridmap file • Iff new non-zero length file replace existing gridmap file
Accounting • Intercept calls from GT2 into lower level infrastructure • Fork: Build XML UR document around Globus JM • SGE: Convert accounting data to XML UR document • At a minimum: • Extract DN from environment • Log start & end events • Upload XML UR document through GT3 service • Attempt immediate update to database • If update fails dump to local file for later action
UR XML document <?xml version="1.0" encoding="UTF-8"?> <UsageRecords> <UsageRecord> <username>asif</username> <jobid>1112</jobid> <queue>collosus</queue> <gridid>CN=asif saleem, L=LeSC, … C=UK</gridid> <fromhost>saturn</fromhost> <exechost>saturn</exechost> <starttime>2002-10-14 12:43:16.49</starttime> <endtime>2002-10-14 18:43:16.49</endtime> <processors>4</processors> <numnodes>5</numnodes> <cputime>18:43:16</cputime> <memory>1 GB</memory> <disk>5 GB</disk> </UsageRecord> </UsageRecords>
Issues • Need to map: • username to DN • DN to VO & VOM portal • NB: A DN and a user may be in several VO’s! • Expand current interface • Upload & download record • Track UR XML record document • GridID, execution host, queued/start/end time,…
Acknowledgements • Staff: • Asif Saleem (Portal) • Marko Kraznaric (GT Integration & Client testing) • Funding: • UK e-Science Programme • Department of Trade and Industry (OSCAR-G Project) • Compusys • Intel