1 / 15

UNICORE – The Seamless GRID Solution

Explore UNICORE's approach, architecture, projects, and outlook for providing a uniform work environment for end-users in a secure manner. Learn about usage modes, security mechanisms, system integration, and extensibility. See the implementation technique emphasizing portability and Java components. Discover the UNICORE client, job model, architecture, and security model ensuring secure job processing and data integrity. Witness the application front-end with GUIs supporting important applications. Visit the UNICORE booth for a live demonstration.

ldrum
Download Presentation

UNICORE – The Seamless GRID Solution

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. A Member of the ExperTeam Group UNICORE – The Seamless GRID Solution Hans–Christian Hoppe Pallas GmbHHermülheimer Straße 10D–50321 Brühl, Germanyinfo@pallas.comhttp://www.pallas.com TERENA Networking Conference 2002, Limerick

  2. Outline • UNICORE approach • UNICORE architecture and implementation • UNICORE projects • Availability and outlook

  3. Approach • Provide a uniform work environment for end–users • access and authentication mechanisms (client, certificates, …) • platform details (commands, data archives, batch systems, …) • user–level resource and job model (task graph, …) • job monitoring and controlling • Intended UNICORE users • end–users in a specific domain • general HPC end–users • NOT application developers • Intended usage modes • batch execution • interactive steering • NOT general purpose interactive

  4. Approach • Degree of “seamlessness” • access and authentication • job model • resource model • job control and monitoring • Security mechanisms • user authentication by X.509 certificates • authorization handled by the sites • data integrity and confidentiality by reliance on SSL/https • Implementation technique • emphasize portability, rely on standards • use Java for client and server components • build protocols on top of SSL/https • use of XML for storing jobs

  5. Approach • System integration and deployment • fit into common firewall configurations • integrate into existing system administration procedures • preserve site autonomy (authorization, quotas, billing, …) • Extensibility • provide GUIs for particular applications (plugin mechanism) • extend set of supported resources, incarnation rules • configure third–party file transfers

  6. T3E–1200 Zampano T3E–600 T90 SR8000 VPP 700 Resource Model UNICORE Client • UNICORE site(s) • Virtual site(s) • User submits jobs to a Vsite • soon: automatic resource identification • Resources • capacity • capability • Resources are advertised to the client • pseudo–dynamic mode FZ Jülich LRZ Munich

  7. Job Model • Directed acyclic graph of • tasks (computational or data transfer) • sub–jobs (to be executed at another Vsite) • temporal dependencies • Attach resourcerequests to tasks • capacity (CPU time, disk, …) • capability (MPI–2, profiling, …) • can do static tests of jobs • can do resource brokering … LM–JobT3E–1200 Import Model Data Execute LM Model If Success Transfer Data Notify user Process–LMZampano Postprocess Export Data

  8. Client(s) Cray NQE PBSPro Architecture • Client can run anywhere • Gateway as single point of entry • NJS incarnates and schedules jobs • UDB (User Database) contains user login information • IDB (Incarnation Database) contains resource information and job incarnation rules • TSI (Target System Interface) interfaces to local batch system Insecure Internet Gateway FZ Jülich UDB Network Job Supervisor UNICORE Network Job Supervisor IDB IDB TSI TSI

  9. Security Model • Authentication • Gateway requires user certificate to initiate SSL communication • pass (permanent) user certificate along with job description • Authorization • Vsite maps certificate to local userid • authorization based on local userid • accommodate site–specific procedures • Job and request integrity • each DAG is signed with the user’s private key • the Vsite executing a sub–job can verify authenticity • Required trust • the user protects his/her private key • the CA is not compromised • NO transitive trust between Usites

  10. Technology • Client and server components implemented in Java–2 • Authentication using X.509 certificates • UNICORE Plus project uses own public key infrastructure (PKI) • software can work with any other PKI • Coexistence with firewalls • gateway as single point of entry • can run outside firewall, in DMZ or inside firewall • user authentication at that point: rogue users can’t go further • Secure data transmission using SSL • additional data encryption considered in EUROGRID • Modeling of computational jobs and resources as Java objects (AJO)

  11. Look&Feel • See the demonstration at the UNICORE booth(exhibition area)

  12. Application Front–end • Create GUIs that support important applications • UNICORE client has a plugin interface • GUI simplifies data entry for application • GUI can support application–specific resources • GUI constructs (complicated) job chains automatically • GUI will use UNICORE client to • submit the application job • monitor and control the application job • Helpful features • end–users concentrate on applications • extended consistency checks • Existing front–ends • CPMD molecular dynamics code • Fluent, Gaussian, …

  13. UNICORE Projects UNICORE = GRID system for seamless access to(High Performance) computing systems • Application and deployment of UNICORE in new FP 5 projects • Interest in participating in FP 6 IP and NoE • applications and deployment • extensions • integration into OGSA framework

  14. Availability and Outlook • Current version: UNICORE 3.6 • available for project partners and on request • starting June 2002: access to full sources via UNICORE Forum web pages • Upcoming production version: UNICORE 4.0 • supports control tasks (If, Repeat, …) • many improvements to the user interface • release in July/August timeframe • partners and source repository will be updated • Results from EUROGRID and GRIP to be made available in a similar manner …

  15. Further Information • Leaflets (see exhibition booth) • WWW pages http://www.fz–juelich.de/unicore UNICORE Plus project http://www.unicore.org UNICORE Forum http://www.eurogrid.org EUROGRID project http://www.grid–interoperability.org GRIP project • UNICORE test GRID http://www.fz-juelich.de/unicore-test

More Related