210 likes | 423 Views
Recent activities on building a production Grid in the Asia Pacific Region - PRAGMA routine-basis experiments – - APGrid PMA and the IGTF -. Yoshio Tanaka (yoshio.tanaka@aist.go.jp) APGrid PMA, Chair PRAGMA Grid Technology Research Center, AIST, Japan.
E N D
Recent activities on building a production Grid in the Asia Pacific Region- PRAGMA routine-basis experiments –- APGrid PMA and the IGTF - Yoshio Tanaka (yoshio.tanaka@aist.go.jp) APGrid PMA, Chair PRAGMA Grid Technology Research Center, AIST, Japan
PRAGMA routine-basis experimentsAll slides in this part are by courtesy ofMason Katz and Cindy Zheng (SDSC/PRAGMA)
PRAGMA Grid Testbed UZurich, Switzerland NCSA, USA KISTI, Korea CNIC, China UMC, USA AIST, Japan GUCAS, China SDSC, USA TITECH, Japan UoHyd, India NCHC, Taiwan CICESE, Mexico KU, Thailand ASCC, Taiwan UNAM, Mexico USM, Malaysia BII, Singapore MU, Australia UChile, Chile http://pragma-goc.rocksclusters.org
PRAGMA Grid resourceshttp://pragma-goc.rocksclusters.org/pragma-doc/resources.html
Why Routine-basis Experiments? • Resources group Missions and goals • Improve interoperability of Grid middleware • Improve usability and productivity of global grid • PRAGMA from March, 2002 to May, 2004 • Computation resources 10 countries/regions, 26 institutions, 27 clusters, 889 CPUs • Technologies (Ninf-G, Nimrod, SCE, Gfarm, etc.) • Collaboration projects (Gamess, EOL, etc.) • Grid is still hard to use, especially global grid • How to make a global grid easy to use? • More organized testbed operation • Full-scale and integrated testing/research • Long daily application runs • Find problems, develop/research/test solutions Cindy Zheng, GGF13, 3/14/05
Routine-basis Experiments • Initiated in May 2004 PRAGMA6 workshop • Testbed • Voluntary contribution (8 -> 17) • Computational resources first • Production grid is the goal • Applications • QM/MD, TDDFT, mpiBlast-g2, Savannah, • iGAP over Gfarm • Ocean science, Geoscience (proposed) • Learn requirements/issues • Research/implement solutions • Improve application/middleware/infrastructure integrations • Collaboration, coordination, consensus Cindy Zheng, GGF13, 3/14/05
QMMDhttp://pragma-goc.rocksclusters.org/applications/qmmd/qmmd_requirement.htmlQMMDhttp://pragma-goc.rocksclusters.org/applications/qmmd/qmmd_requirement.html • Quantum mechanics application • Ninf-G based • Driver: Hiroshi Takemiya (AIST) • Ready on 12 sites: • AIST: Yoshio Tanaka, Yusuke Tanimura • ASCC: Hurng-Chun Lee, Mike Chiang • CNIC: Kai Nan, Kevin Dong • KISTI: Jysoo Lee, Jae-Hyuck Kwak • KU: Somsak Sriprayoonsakul, Sugree Phatanapherom • NCHC: Weicheng Huang, Chien-Lin Huang • NCSA: Radha Nandkumar, Tom Roney • SDSC: Mason Katz, Cindy Zheng • TITECH: Satoshi Matsuoka, Hitoshi Aoki • UNAM: Jose Luis Gordillo Ruiz, Eduardo Murrieta Leon • UoHyd: Arun Agarwal, Rajeev Wankar, Neelakanta Reddy • USM(hawk): Habibah Wahab, Suhaini Ahmad
Lessons Learnedhttp://pragma-goc.rocksclusters.org/tddft/Lessons.htm • Information sharing • Trust and access (Naregi-CA, Gridsphere) • Grid software installation (Rocks) • Resource requirements (NCSA script, INCA) • User/application environment (Gfarm) • Job submission (Portal/service/middleware) • System/job monitoring (SCMSWeb) • Network monitoring (APAN, NLANR) • Resource/job accounting (NTU) • Fault tolerance (Ninf-G, Nimrod) • Collaborations
Introduction of APGrid PMAandInternational Grid Trust Federation
Background • Many Asia-Pacific countries are going to have strong motivation for international collaboration with the outside of Asia Pacific. • LCG, OSC, TeraGrid, etc… • PRAGMA & TeraGrid, UK-eScience, EGEE, etc. • Key issue for the collaboration is CA operation • Most Certificate Authorities in Asia-Pacific countries were experimental-level • No CP/CPS • Not strictly operated
Background (cont’d) • Problems of authentication federations • All CAs should keep the same level of operation. • How the CA is securely operated? • Use HSM? Dedicated CA room? • … • All CAs should have no conflict in policy • How the CA identifies end entities? • Use face-to-face meeting? Telephone? etc. • … • Policy Management Authority (PMA) is a coordination body of CA policies and operations.
Policy Management Authority (PMA) • Currently, there are three regional PMAs • EUGrid PMA (established May 2004) • Former: EUDG WP6 CA Coordination Group (started in 2002) • TAG PMA (going to be established) • One of the founding members: DOEGrid PMA (started in 2002) • APGrid PMA (established June 2004) • Unofficially started in 2003 • Each regional PMA is responsible for • coordination of CA policy within the region • coordination of CA policy with the other regional PMAs
History of PMAs • GGF7@Tokyo, March 2003 • First meeting with EU, DOE, and AP members • Agreed with working on forming the Grid PMA. • develop minimum requirements • develop GridPMA charter • Continuous discussions between AP, EU, and TAG PMA for International Grid Trust Federation. • GGF12 and EUGrid PMA meeting@Brussels, September 2004 • GGF13@Seoul, March 2005 • EUGridPMA meeting@Tallinn, May 2005 • GGF14@Chicago • GGF15@Boston • We (AP, EU, TAG PMAs) have agreed with trust with each other for the federation.
APGrid PMA: Asia Pacific Grid PMA • General Policy Management Authority in Asia Pacific • Not specific for ApGrid, Not specific for PRAGMA… • Launched on June 1st, 2004 • Defines minimum CA requirements • APGrid PMA approved that we accept two levels of CA: • Experimental-level CA • Alternative of the Globus CA • Can be trusted within A-P communities • Production-level CA • Strict management is necessary • Expected to be trusted by international communities
APGridPMA: Activities (cont’d) • Defines and approves documents such as charter and the minimum CA requirements • Accreditation of CAs • 6 accredited CAs • AIST, IHEP, KISTI, NAREGI, ASGCC • in operation • APAC, KEK • going to be in operation • Audit • Audit checklist was drafted based on WebTrust criteria and the minimum CA requirement • AIST, ASGCC, IHEP, CNIC have been audited by the other CAs.
APGridPMA: Activities • Regular (monthly) VTC. • Brief status reports of each CA • In-depth report of a CA • Decisions • Examination for accreditation of a CA • Approval of charter, minimum CA requirements, etc. • Open discussions • (physical) face-to-face meeting once per year. • 1st face-to-face meeting was in Dec. 2005, Beijing. • Discussions by emails • Discussions with the other PMAs
Status and challenges • International Grid Trust Federation (IGTF) has been officially approved at the GGF15, Boston, October 2005. • Three PMAs are the founders of the IGTF • Three PMAs agreed with trust with each other. • e.g. CAs accredited by APGrid PMA can be trusted by EUGrid PMA and TAGPMA. • Information (CA certificate, policy file, etc.) of Asia Pacific CAs accredited by APGrid PMA has been included a CA distribution package released by EUGrid PMA.
Distribution of CA information • Periodic, monthly, distribution of all trust anchors • Common for the entire IGTF • Includes all trust anchors for all profilesclassic, SLCS, experimental*, … • Does not distinguished between accrediting PMAs • Wide variety of formats • RedHat Package Management (RPM) systemincluding a ‘meta’ package with dependencies per profile • ‘tar’ archives per CA, ordered per profile • Installation bundle suitable for ‘./configure && make install’ • New formats (like JKS) on request • Chairs can update the common back-end repository
CA CA CA CA CA CA CA CA CA CA CA EUGrid PMA TAG PMA Three PMAs compose IGTF CA APGrid PMA CA CA Regional PMA is responsible for coordination of security policies within the region Summary of the APGrid PMA and the IGTF