1 / 22

Towards Deployment of EMIR in Federated Grid Infrastructures

Towards Deployment of EMIR in Federated Grid Infrastructures. Shiraz Memon Jülich Supercomputing Center. EGI Technical Forum Prague, 18.09.2012. Outline. Motivation Introduction to EMIR Deployment in a Federation Adding a DSR Node in the Hierarchy Setting up the GSR Node

gaylord
Download Presentation

Towards Deployment of EMIR in Federated Grid Infrastructures

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Towards Deployment of EMIR in Federated Grid Infrastructures Shiraz Memon Jülich Supercomputing Center EGI Technical Forum Prague, 18.09.2012

  2. Outline • Motivation • Introduction to EMIR • Deployment in a Federation • Adding a DSR Node in the Hierarchy • Setting up the GSR Node • Detailed Configurations • Leaf and Intermediate DSR Nodes • GSR • Information Model EMI TF 2012, Prague

  3. Motivation • Federation: Internet based network of administratively distributed computing and data resources/services • Service Discovery in a Federation • Robust • Fault Tolerant • Avoid bottle-necks • Self contained/reionalisedadministration • Consistent at the Federation Level • Filtering EMI TF 2012, Prague

  4. Centralised Service Discovery <-- Central Operational Database NGI DE NGI FR NGI NL NGI UK EMI TF 2012, Prague

  5. EMIR Introduction EMI TF 2012, Prague

  6. EMIR: A distributed Registry • Designed from scratch to support federations • Aim to unify service discovery of all the EMI services’ endpoints • Self contained/decentralized registry • REST-ful API • Hierarchical Network • Organise EMIR nodes (called DSR) in a rooted tree • Event based synchronisation: propagating events from leaf to the root node (called GSR) • Handles failures occurred within the hierarchy • P2P Network • Variation of Pastry DHT • Always form at root (GSR) the level • Bootstraps from a globally published List containing addresses of all the root nodes • Eventual consistent replication of GSRs EMI TF 2012, Prague

  7. EMIR: Security • Decentralised Security at every EMIR node • Authentication • Fully integrated with EMI’s cAnL (JAVA) • SSL/TLS • Credential types: EEC, Proxy • (DER, PEM, P12, JKS) • Trust Anchors: CA directories (IGTF), JKS • Access Control • Coarse Grained • Single Access Control List (ACL) file containing subject’s DN and associated pre-defined roles (very similar to GridMap file) • Highly Simplified with restrictions • Fine Grained: comprised of • User attributes file: Mapping of User DN’s with multi-valued attributes • A directory of XACML policies: XML file containing • Customisable but complex EMI TF 2012, Prague

  8. Clients • EMIR Service Endpoint Publisher (EMIR-SERP) • Registers When Started • Updates Periodically • Supports X.509 certificates • gInfo • Fetch and Translates endpoint information from BDII into EMIR data format (JSON) EMI TF 2012, Prague

  9. Federated Deployment and Configurations EMI TF 2012, Prague

  10. Two NGIs Amsterdam https://gsr.ngi.de https://gsr.ngi.hu Publish Global List https://egi.eu/gsr.txt EGI.eu https://gsr.ngi.de https://gsr.ngi.hu GSR GSR NGI-DE P2P replication NGI-HU DSR DSR Berlin Budapest Jülich LRZ KIT SZTAKI NIIF BME DSR DSR DSR DSR DSR DSR EMIR-SERP EMIR-SERP EMIR-SERP EMIR-SERP EMIR-SERP EMIR-SERP EMI TF 2012, Prague

  11. Handling Failovers Amsterdam https://gsr.ngi.de https://gsr.ngi.hu Publish Global List https://egi.eu/gsr.txt EGI.eu https://gsr.ngi.de https://gsr.ngi.hu GSR GSR NGI-DE P2P replication NGI-HU DSR DSR Berlin Budapest Jülich LRZ KIT SZTAKI NIIF BME DSR DSR DSR DSR DSR DSR EMIR-SERP EMIR-SERP EMIR-SERP EMIR-SERP EMIR-SERP EMIR-SERP EMI TF 2012, Prague

  12. Adding a DSR Node HPC DSR NGI DSR Child Of 1. Send Request including DN or PK of the DSR 2. Feedback 3. Start the DSR Server EMI TF 2012, Prague

  13. Configuring Leaf & Intermediate Nodes: HPC Center / NGI Level • EMIR Node’s and Parent’s HTTP(s) Address • Path to the Trust store and Credentials • Add allowed Service Provider’s (SP) DNs into the ACL file: In an EMIR hierarchy, SPs are Nodes • Define database properties (URL, DB, Collection) • Define Filters (list of Endpoint IDs) • Outgoing: to block the specific records from propagation • Incoming: to block the records from registrations EMI TF 2012, Prague

  14. Setting up a GSR (P2P) Node NGI GSR EGI 1. Send GSR URL to the Federation Operator 2. Feedback 3. (Re-)Publish Global List with Requested URL EMI TF 2012, Prague

  15. Configuration • Similar to the DSR node • URL of the global list containing addresses of other GSRs <<Global>> GSR Global List <<Global>> GSR <<Global>> GSR <<Global>> GSR EMI TF 2012, Prague

  16. Information Model EMI TF 2012, Prague

  17. Information Model • GLUE 2.0 Vocabulary to represent Services and Service Endpoints • JSON for registration only • XML based registrations will be supported in the future versions • Querying: JSON and XML documents • Schema Free EMI TF 2012, Prague

  18. List of GLUE 2.0 Attributes EMI TF 2012, Prague

  19. Conclusion • EMIR: Distributed Service Endpoint Registry • Support for multiple type of topologies • Hierarchical • P2P • Schema Free Information Model • Robust, Simple to use, and Scalable • Ideal for Grid Federations EMI TF 2012, Prague

  20. Thank you! EMI TF 2012, Prague

  21. EMIR at EGI TF • Training (Tomorrow) • Information Systems Workshop (on Thursday) • Latency Results of EMIR in multi-tier deployment EMI TF 2012, Prague

  22. Links • Documentation • Wiki • Code • Packages • Contacts => EMI Forum EMI TF 2012, Prague

More Related