1 / 21

Grid Tech Team Certificates, Monitoring, & Firewall

Grid Tech Team Certificates, Monitoring, & Firewall. September 15, 2003 Chiang Mai, Thailand Allan Doyle, NASA With the help of the entire Grid Tech Team. Certificates. Virtual Organization Definition. Grid Virtual Organization (VO) Set of resources (computers, storage systems)

reidar
Download Presentation

Grid Tech Team Certificates, Monitoring, & Firewall

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Grid Tech TeamCertificates, Monitoring, & Firewall September 15, 2003 Chiang Mai, Thailand Allan Doyle, NASA With the help of the entire Grid Tech Team

  2. Certificates Grid Tech Team

  3. Virtual Organization Definition • Grid Virtual Organization (VO) • Set of resources (computers, storage systems) • Distributed among participating organizations • Available for use by a group of users • Is defined by the grouping of resources plus the grouping of individuals, brought together for a common purpose under mutually acceptable governing rules. Grid Tech Team

  4. C U1 U2 C C C C C C S C S S S S S Organizations, Resources, Users, and Virtual Organizations OrgA OrgB OrgC C C C S S S S VOX Storage Resource S VOY Compute Resource C Grid Tech Team

  5. C U1 U2 C C C C C C S C S S S S S OA OB OC C C C S S S S VOX S VOY Storage Resource C Compute Resource Creating a VO • Hosts and users must obtain certificates • Users are then granted access to hosts (by the owners of the hosts). • The set of users coupled with the set of hosts they are allowed onto is what “defines” the VO Grid Tech Team

  6. CEOS Grid NASA ADG Test-II USGS EDC Test-SGT CNES ESA ESRIN GMU NOAA NOMADS UAH Colors Blue - CEOS Certificates Green - DataGrid Certificates Black - TBD Grid Tech Team

  7. CEOS Grid - CAs • CEOS Grid Users will not all have the same CA • We want to limit the number of CAs to the smallest possible set. • Makes management easier • Makes policy decisions easier • European users already have a high-quality operational CA • US Users are encouraged to obtain certificates from NASA IPG Grid Tech Team

  8. CEOS Certificates from NASA IPG • NASA Information Power Grid (IPG) already runs a high-quality CA that is accepted by most VOs. • NASA IPG is providing CA resources for the CEOS Grid. • Current status • Certificate request software has been delivered & tested. • Operating well at 2 test sites (II, SGT) and at GMU. • Others are encouraged to try it out. • Availability http://grid-tech.ceos.org/gridwiki/CeosGridVirtualOrganization Username ceos-grid, password grid-tech • Small tar file & quick installation instructions Grid Tech Team

  9. Monitoring Grid Tech Team

  10. Network Monitoring Grid Tech Team

  11. Grid Tools Monitoring Grid Tech Team

  12. Firewall Grid Tech Team

  13. General Firewall Issues • Using the Grid means that you have to make new services accessible to the internet • System administrators and security people will be uncomfortable with this • Some sites have different policies, some are set up to allow experimentation outside the firewall • What you can do • Familiarity - install & test on a machine outside the firewall, learn about the Grid • Provide information about security issues to people who need it • Develop a relationship with the people you depend on for access Grid Tech Team

  14. Firewall • Tech Team has put together a firewall document http://grid-tech.ceos.org/gridwiki/FirewallBestCommonPractices • Contents • Introductory material • CEOS Grid overview; Quick primer on Grids; Globus port numbers • Site specific sections • Meant to be filled in by each site with anything you learned that might help someone else • Product specific info • Currently only one - Cisco instructions • Miscellaneous • Open Questions; References; To Do Grid Tech Team

  15. CEOS Grid Toolkit Grid Tech Team

  16. CEOS Grid Components • Baseline (Core) • Globus 2.4.2 with latest bug-fix packages - see advisories page at: • http://www-unix.globus.org/toolkit/advisories.html?version=2.4 • Grid Packaging Toolkit (GPT) 2.2.9 • IPG Certificate Authority Package 0.0.3 • EU Data Grid 2.0 (being used by ESA) • Globus 2.4 • Other Dependent Packages • Java Community Grid Kit (Java CoG) 1.1 • Other COG’s (Perl/Python) Grid Tech Team

  17. Globus 2.4.2 Advisories* • GridFTP Server 1.9 • Gram Job Manager 3.13 • Gram Client Tools 3.6 • GSI Sysconfig 0.10 • Globus Common 3.14 • LDAP Modules 0.12 • GSI Credential 0.9 • GSI Cert. Utils 0.12 • GSI Proxy Core 0.8 • GSI Proxy Utils 0.9 • FTP Control 1.9 *As of 8/11/2003 Grid Tech Team

  18. Grid Components we’re Tracking • Globus 3.0 • Metadata Catalog Service (MCS) (Current version as of 8/11/03) • Open Grid Services Architecture – Data Access & Integration • (OGSA DAI 2.5 - http://www.ogsadai.org.uk/) • Community Authorization Service (CAS) Alpha R2 Release • OGSA DAI 3.0 • Ported version of MCS – planned • MCS with Spatial Query capabilities – planned • Storage Resource Broker/Metadata Catalog (SRB/MCAT) V. 2.1.2 • Globus Grid Security Infrastructure (GSI) Grid Tech Team

  19. CEOS Grid Toolkit • WGISS participants are developing higher-level tools & components • GMU • OGC WCS with GridFTP back end • OGC WCS with Grid front end • OGC Catalog wrapper on Grid MCS • Reprojection service, 13 NASA EOS projections • ESA • Grid Engine - multi-Grid job management • Web Notification - Grid-to-Web events • Grid Portal - Web control of Grid applications • Reprojection Service Grid Tech Team

  20. CEOS Grid Toolkit Catalog • We need to put some thought into how we want to describe the components. • Possible metadata elements (thanks to Stu Doescher): • short name • long name • summary description • pointer to additional discussion • latest version and date • maturity - new, obsolete • other parts needed • recommendations • Contact points • supported and by who • used by • Technical parts • Language • how to install • problems Grid Tech Team

  21. Grid Tech Team

More Related