1 / 11

VO Services Project Stakeholders’ Meeting

VO Services Project Stakeholders’ Meeting. Overview Goals and Stakeholders The VO Service project: Status, Effort WBS Focus of Phase III (Nov 07 - Now) Requests on the table. Apr 30, 2008. Gabriele Garzoglio Computing Division, Fermilab. Goals.

clem
Download Presentation

VO Services Project Stakeholders’ Meeting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. VO Services Project Stakeholders’ Meeting • Overview • Goals and Stakeholders • The VO Service project: Status, Effort • WBS • Focus of Phase III (Nov 07 - Now) • Requests on the table Apr 30, 2008 Gabriele Garzoglio Computing Division, Fermilab Gabriele Garzoglio

  2. Goals • Get input from stakeholders on priorities and tasks • Present project status and current WBS Stakeholders CD, USCMS, USATLAS, OSG VOMRS: CERN, LHC VOs Gabriele Garzoglio

  3. Project Definition From Project Database: “The VO Services project provides user registration services and fine-graned access management to computing and storage resources on the Grid.” Gabriele Garzoglio

  4. Scope: Software Components • Policy Enforcement Points (PEP) • PRIMA, PRIMA-WS • gLExec (collaboration w/ EGEE) • Policy Decision Point (PDP) • GUMS • GUMS Operational / Monitoring framework • Registration Services • VOMRS • Related Projects, external to VO Services • SAZ (FermiGrid) • gPLazma (dCache) Gabriele Garzoglio

  5. Nominal Effort Other experts: J. Hover (BNL) J. Weigand (FNAL) Nominal Effort Table 2008 2007 Gabriele Garzoglio

  6. WBS Phase III • Support and deployment (High Priority) • Support the PRIMA and GUMS code.Few %, Ongoing • Support “stable” VOMRS release 15% Tanya, Ongoing. • Deployment at sites. (Few %, Ongoing) • VOMRS maintenance (High Prio) • Fix critical bugs • Implementation of “vital” features • Convergence of VOMS-admin 2.5 with VOMRS. • gLExec maintenance (High Prio) Ongoing Maintenance/Support Activities Gabriele Garzoglio

  7. WBS Phase III • Improve robustness of GUMS (Medium-Low Prio) • Improve GUMS configuration management (3 FTE weeks) • implement stand-alone configuration validator • improve debugging capabilities (date fields in database?). • add query interface for “last changed date”. • Redundant servers configuration (Done: FermiGrid HA) • Refuse authorization if cannot synch with VOMS several times (1 FTE Week) • Improve GUMS usability (Medium Prio) • Implement history log querying interface (2 FTE week) • Map pool accounts to DN AND FQAN, rather than DN only. • Pool accounts should NOT be mapped to users during VOMS synchronization simply to create vo name maps • Recycle pool accounts (4 FTE weeks) • Validation Tool to Check the Site Authorization Infrastructure configuration (1st Release Done) Feature improvements for GUMS Gabriele Garzoglio - New Proposal in Phase III - Expired or Addressed in another project

  8. WBS Phase III • Support Storage Groups in Defining Next Generation Storage Authorization Models (Medium Prio) • Investigate Mechanisms to Define and Enforce VO and Site AuthZ Policies (SBIR w/ TechX) • Authorization Interoperability (Medium-High Prio) • Manage transition of development team [Done Jan 08] • Project Oversight [Ongoing] • Define Interoperability XACML Profile (Feb 08) • Develop XACML/SAML library (Chad / Hakon) • Test XACML / SAML library with different infrastructures • Integrate XACML/SAML library with existing infrastructures • Packaging , deployment, and user documentation • Test interoperability Investigative and Refurbishing work Gabriele Garzoglio

  9. WBS Phase III • Enable VOMS-signed Attribute Certificate Validation (stop VOMS/GUMS synch.) • Site Validation Service • Integrate Shibboleth with Registration and Authorization infrastructure • Broaden and standardize authorization call-out interfaces • Improve software validation (8 FTE weeks) (Low Prio) • Improve validation of basic functionalities • Implement validation of software dependencies. • Outreach (Medium Prio) (Ongoing) • Understand Requirements from new VOs and groups • Keep contacts with other groups, such as EGEE and GT. Requests bound by limited effort and other work Not enough effort available Gabriele Garzoglio

  10. Focus of Phase III (Nov 07 – Now) • Ongoing Maintenance and Support • Authorization Interoperability (Due Aug 08) • Successful collaboration w/ EGEE, Globus, and Condor via MWSG and regular meetings • Investigate Mechanisms to Define and Enforce VO and Site AuthZ Policies (SBIR Phase I Done; Phase II pending) • Validation tool to check consistency of site AuthZ configuration (1st release Done) Gabriele Garzoglio

  11. OSG Requests • Document usage of AuthZ configuration variables at a site • Extends: “3.5 Validation Tool to Check the Site Authorization Infrastructure configuration” • Document differences in the usage of FQAN between EGEE and OSG • Check VOMS identity before GUMS synch. • Enable VOMS-signed Attribute Certificate Validation (stop VOMS/GUMS synch.) Gabriele Garzoglio

More Related