Title: Introduction to Grid Computing:
1Introduction to Grid Computing
SSE USTC
2Overview
- 1. Background
- 2. Globus Toolkit
- 3. Future directions
- 4. Related tools
31. Background
- Introduction
- Towards global (Grid) computing
- Grid Challenges and Technologies
- Grid Architectures
- Grid Applications
4Introduction
5Computing and Communication Technologies Evolution
HTC
P2P
PDAs
Minicomputers
PCs
Workstations
Mainframes
Grids
COMPUTING
PC Clusters
Computing Utility
Crays
MPPs
WS Clusters
XEROX PARC worm
e-Science
e-Business
IETF
W3C
TCP/IP
Ethernet
Communication
Mosaic
HTML
Web Services
Email
Sputnik
SocialNet
Internet Era
WWW Era
XML
ARPANET
1960
1970
1975
1980
1985
1990
1995
2000
2010
6Scalable Computing
PERFORMANCE Q o S
Administrative Barriers
- Individual
- Group
- Department
- Campus
- State
- National
- Globe
- Inter Planet
- Universe
Personal Device
SMPs or SuperComputers
Local Cluster
Global Grid
Inter Planet Grid
Enterprise Cluster/Grid
7Cluster of Clusters
8Towards global (Grid) computing
Grid An Internet Computing model for coordinated
resource sharing
- Grid enables
- Resource Sharing
- Selection
- Aggreation
Metaphor Applications draw computing power from
a Computational Gridin the same way electrical
devices draw power from an electrical grid.
9A Typical Grid Computing Environment
Grid Information Service
Grid Resource Broker
Application
R2
R3
R4
R5
RN
Grid Resource Broker
R6
R1
Resource Broker
Grid Information Service
10What is Grid ?(there are several definitions)
- A type of parallel and distributed system that
enables the sharing, selection, aggregationof
geographically distributed autonomous
resources - Computers PCs, workstations, clusters,
supercomputers, laptops, notebooks, mobile
devices, PDA, etc - Software e.g., ASPs renting expensive special
purpose applications on demand - Catalogued data and databases e.g. transparent
access to human genome database - Special devices/instruments e.g., radio
telescope SETI_at_Home searching for life in
galaxy. - People/collaborators.
- depending on their availability, capability,
cost, and user QoS requirements.
Widearea
11Various Types of Grid Services
- Computational Services CPU cycles
- SETI_at_Home, NASA IPG, TeraGrid, I-Grid,
- Data Services
- Data replication, management, secure access--LHC
Grid/Napster - Application Services
- Access to remote software/libraries and license
managementNetSolve - Interaction Services
- eLearning, Virtual Tables, Group Communication
(Access Grid), Gaming - Knowledge Services
- The way knowledge is acquired and manageddata
mining. - Utility Computing Services
- Towards a market-based Grid computing Leasing
and delivering Grid services as ICT utilities.
Utility Grid
Knowledge Grid
Interaction Grid
ASP Grid
Data Grid
Computational Grid
12Prominent Grid Drivers Emerging e-Science and
e-Business Apps
- Next generation experiments, simulations,
sensors, satellites, even people and businesses
are creating a flood of data. They all involve
numerous experts/resources from multiple
organization in synthesis, modeling, simulation,
analysis, and interpretation.
PBytes/sec
High Energy Physics
Brain Activity Analysis
Newswire data mining Natural language
engineering
Digital Biology
Life Sciences
Astronomy
Quantum Chemistry
Finance Portfolio analysis
Internet Ecommerce
13E-Science Elements
Peers sharing ideas and collaborative
interpretation of data/results
E-Scientist
Distributed computation
Remote Visualization
Data Compute Service
14Molecular Docking for Drug Design
Chemical Databases (legacy, in .MOL2 format)
- It involves screening millions of chemical
compounds (molecules) in the Chemical Databases
to identify those having potential to serve as
drug candidates.
Collaboration with WEHI for Medical Science,
Melbourne
15LHC High Energy Physics Collaboration(fundament
al investigation on the origin of mass)
16LHC Grid Computing Model
PBytes/sec
100 MBytes/sec
Offline Processor Farm 20 TIPS
There is a bunch crossing every 25 nsecs. There
are 100 triggers per second Each triggered
event is 1 MByte in size
100 MBytes/sec
Tier 0
CERN Computer Centre
622 Mbits/sec
Asia Pacific Centre 4 TIPS
France Regional Centre
US Regional Centre
Italy Regional Centre
Tier 1
622 Mbits/sec
Tier 2
622 Mbits/sec
Melbourne0.25TIPS
Tier 3
Institute
Institute
Institute
Physics data cache
10 to 100 Mbits/sec
Tier 4
Physicist desktop computers
17Enterprise Computing Applications
Service Virtualization Layer Load Balancing
Email server
Web server
Database server
Apps server
Upgrade to a new server to handle more users
Horizontal integration of Email, Web, Data, and
Apps servers
18Oracle 10g Towards Enterprise Grid Model
- Traditional (e.g., Oracle 9i)
- Tight/Vertical Integration of Storage, Database,
Application Hosting Server, and Application
Elements - They reside on a single computing resource.
- Enhancing capability means a new investment
- Replace a machine by new one or upgrade it.
- Cant leverage existing resources.
- Expensive approach.
- Grid Based (e.g., Oracle 10g)
- Disintegration of Storage, Database, Application
Hosting Server, and Application Elements - They reside on a different resources in a Grid
environment. - Enhancing capability means
- Leveraging existing resources
- Dynamic provisioning
- Cost-effective approach
19Grid Challenges and Technologies
20Realizing the Grid
21Virtual Organizations
- Distributed resources and people
- Linked by networks, crossing admin domains
- Sharing resources, common goals
- Dynamic
R
R
R
R
R
R
R
R
R
R
R
R
R
R
VO-A
VO-B
22Virtual Organizations
- Distributed resources and people
- Linked by networks, crossing admin domains
- Sharing resources, common goals
- Dynamic
- Fault tolerant
R
R
R
R
R
R
R
R
R
R
R
R
VO-A
VO-B
23Grid Realization Steps
- The integration of individual s/w h/w
components into a combined networked resource
(single system image cluster). - Low-level middleware to provide a secure and
uniform access to services provided by different
resources. - User-level middleware to support application
development and aggregation of distributed
resources. - The construction of distributed applications.
24(No Transcript)
25Layered Grid Architecture
26Major Grid Projects and Initiatives
27Some Grid Projects Initiatives
- Australia
- Nimrod-G
- Gridbus
- GridSim
- Virtual Lab
- DISCWorld
- GrangeNet.
- ..etc
- Europe
- UK eScience
- EU Data Grid
- Cactus
- XtremeWeb
- ..etc.
- India
- I-Grid
- Japan
- Ninf
- DataFarm
- USA
- AppLeS
- Globus
- Legion
- Sun Grid Engine
- NASA IPG
- Condor-G
- Jxta
- NetSolve
- AccessGrid
- and many more...
- Cycle Stealing .com Initiatives
- Distributed.net
- SETI_at_Home, .
- Entropia, UD, SCS,.
- Public Forums
- Global Grid Forum
- Australian Grid Forum
- IEEE TFCC
http//www.gridcomputing.com
28mix-and-match
Object-oriented
Internet/partial-P2P
Grid Computing Approaches
Network enabled Solvers
Economic-based Utility / Service-Oriented
Computing
Nimrod-G
29Overview
- 1. Background
- 2. Globus Toolkit
- 3. Future directions
- 4. Related tools
30The Role of the Globus Toolkit
- A collection of solutions to problems that come
up frequently when building collaborative
distributed applications - Heterogeneity
- A focus, in particular, on overcoming
heterogeneity for application developers - Standards
- We capitalize on and encourage use of existing
standards (IETF, W3C, OASIS, GGF) - GT also includes reference implementations of
new/proposed standards in these organizations
31Layers in the Grid
32A Typical eScience Use of GlobusNetwork for
Earthquake Eng. Simulation
Links instruments, data, computers, people
33Without the Globus Toolkit
ComputeServer
A
SimulationTool
ComputeServer
B
WebBrowser
WebPortal
RegistrationService
Camera
TelepresenceMonitor
DataViewerTool
Camera
Application Developer 10
Off the Shelf 12
Globus Toolkit 0
Grid Community 0
Database service
C
ChatTool
DataCatalog
Database service
D
CredentialRepository
Database service
E
Certificate authority
Resources implement standard access management
interfaces
Collective services aggregate /or virtualize
resources
Users work with client applications
Application services organize VOs enable access
to other services
34With the Globus Toolkit
ComputeServer
GlobusGRAM
SimulationTool
ComputeServer
GlobusGRAM
WebBrowser
CHEF
Globus IndexService
Camera
TelepresenceMonitor
DataViewerTool
Camera
Application Developer 2
Off the Shelf 9
Globus Toolkit 4
Grid Community 4
Database service
GlobusDAI
CHEF ChatTeamlet
GlobusMCS/RLS
Database service
GlobusDAI
MyProxy
Database service
GlobusDAI
CertificateAuthority
Resources implement standard access management
interfaces
Collective services aggregate /or virtualize
resources
Users work with client applications
Application services organize VOs enable access
to other services
35The Globus ToolkitStandard Plumbing for the
Grid
- Not turnkey solutions, but building blocks
tools for application developers system
integrators - Some components (e.g., file transfer) go farther
than others (e.g., remote job submission) toward
end-user relevance - Easier to reuse than to reinvent
- Compatibility with other Grid systems comes for
free - Today the majority of the GT public interfaces
are usable by application developers and system
integrators - Relatively few end-user interfaces
- In general, not intended for direct use by end
users (scientists, engineers, marketing
specialists)
36The Application-Infrastructure Gap
- Dynamicand/orDistributedApplications
37Bridging the GapGrid Infrastructure
Users
- Service-oriented applications
- Wrap applications as services
- Compose applicationsinto workflows
Composition
Workflows
Invocation
ApplnService
ApplnService
- Service-oriented Gridinfrastructure
- Provision physicalresources to support
application workloads
38Grid Infrastructure
- Distributed management
- Of physical resources
- Of software services
- Of communities and their policies
- Unified treatment
- Build on Web services framework
- Use WS-RF, WS-Notification (or WS-Transfer/Man)
to represent/access state - Common management abstractions interfaces
39Globus is Open Source Grid Infrastructure
- Implement key Web services standards
- State, notification, security,
- Software for Grid infrastructure
- Service-enable new existing resources
- E.g., GRAM on computer, GridFTP on storage
system, custom application services - Uniform abstractions mechanisms
- Tools to build applications that exploit Grid
infrastructure - Registries, security, data management,
- Enabler of a rich tool service ecosystem
40An eBusiness Use of GlobusSAP Demonstration _at_
GlobusWorld
- 3 Globus-enabled applns
- CRM Internet Pricing Configurator (IPC)
- CRM Workforce Management (WFM)
- SCM Advanced Planner Optimizer (APO)
- Applications modified to
- Adjust to varying demand resources
- Use Globus to discover provision resources
SAP AG R/3 Internet Pricing Configurator (IPC)
41Overview
- Background and Globus approach
- Globus Toolkit
- Future directions
- Related tools
42The Globus Toolkit is a Collection of Components
- A set of loosely-coupled components, with
- Services and clients
- Libraries
- Development tools
- GT components are used to build Grid-based
applications and services - GT can be viewed as a Grid SDK
- GT components can be categorized across two
different dimensions - By broad domain area
- By protocol support
43GT Domain Areas
- Core runtime
- Infrastructure for building new services
- Security
- Apply uniform policy across distinct systems
- Execution management
- Provision, deploy, manage services
- Data management
- Discover, transfer, access large data
- Monitoring
- Discover monitor dynamic services
44GT Protocols
- Web service protocols
- WSDL, SOAP
- WS Addressing, WSRF, WSN
- WS Security, SAML, XACML
- WS-Interoperability profile
- Non Web service protocols
- Standards-based, such as GridFTP
- Custom
45Stateless vs. Stateful Services
FileTransferService
Client
move (A to B)
move
- Without state, how does client
- Determine what happened (success/failure)?
- Find out how many files completed?
- Receive updates when interesting events arise?
- Terminate a request?
- Few useful services are truly stateless, but WS
interfaces alone do not provide built-in support
for state
46FileTransferService (without WSRF)
FileTransferService
Client
move (A to B) transferID
move
whatHappen
state
tellMeWhen
cancel
- Developer reinvents wheel for each new service
- Custom management and identification of state
transferID - Custom operations to inspect state synchronously
(whatHappen) and asynchronously (tellMeWhen) - Custom lifetime operation (cancel)
47WSRF in a Nutshell
- Service
- State representation
- Resource
- Resource Property
- State identification
- Endpoint Reference
- State Interfaces
- GetRP, QueryRPs, GetMultipleRPs, SetRP
- Lifetime Interfaces
- SetTerminationTime
- ImmediateDestruction
- Notification Interfaces
- Subscribe
- Notify
- ServiceGroups
Service
GetRP
GetMultRPs
EPR
EPR
EPR
SetRP
QueryRPs
Subscribe
SetTermTime
Destroy
48FileTransferService (w/ WSRF)
FileTransferService
Client
createResource (A to B) EPR
createResource
getRP
queryRPs
destroy
- Developer specifies custom method to
createResource and leaves the rest to WSRF
standards - State exposed as Resource Resource Properties
and identified by Endpoint Reference (EPR) - State inspected by standard interfaces (GetRP,
QueryRPs) - Lifetime management by standard interfaces
(Destroy)
49Core
Globus Toolkit version 4 (GT4)
Contrib/Preview
Grid Telecontrol Protocol
Depre-cated
Community Scheduling Framework
Delegation
Data Replication
Python WS Core
WebMDS
Data Access Integration
CommunityAuthorization
Trigger
C WS Core
Workspace Management
Web ServicesComponents
Authentication Authorization
Reliable File Transfer
Grid Resource Allocation Management
Index
Java WS Core
Pre-WS Authentication Authorization
GridFTP
Pre-WS Grid Resource Alloc. Mgmt
Pre-WSMonitoring Discovery
C Common Libraries
Non-WS Components
Replica Location
eXtensible IO (XIO)
Credential Mgmt
www.globus.org
Data Mgmt
Security
CommonRuntime
Execution Mgmt
Info Services
50Globus Toolkit Open Source Grid Infrastructure
Globus Toolkit v4 www.globus.org
Data Replication
Replica Location
Grid Telecontrol Protocol
CredentialMgmt
Data Access Integration
Community Scheduling Framework
Delegation
Python Runtime
WebMDS
Reliable File Transfer
CommunityAuthorization
Trigger
C Runtime
Workspace Management
GridFTP
Authentication Authorization
Grid Resource Allocation Management
Index
Java Runtime
Data Mgmt
Security
CommonRuntime
Execution Mgmt
Info Services
51GT4 Components
Your C Client
Your Python Client
Your Java Client
Your Python Client
Your Python Client
Your C Client
Your C Client
CLIENT
Your Java Client
Your Java Client
Your Python Client
Your C Client
Your Java Client
Interoperable WS-I-compliant SOAP messaging
X.509 credentials common authentication
RFT
GRAM
Delegation
Index
Trigger
Archiver
Your C Service
CAS
OGSA-DAI
Your Python Service
GTCP
Your Java Service
Your Java Service
RLS
Pre-WS MDS
SimpleCA
MyProxy
GridFTP
Pre-WS GRAM
C WS Core
pyGlobus WS Core
Java Services in Apache Axis Plus GT Libraries
and Handlers
C Services using GT Libraries and Handlers
Python hosting, GT Libraries
SERVER
52Goals for GT4
- Usability, reliability, scalability,
- Web service components have quality equal or
superior to pre-WS components - Documentation at acceptable quality level
- Consistency with latest standards (WS-, WSRF,
WS-N, etc.) and Apache platform - WS-I Basic Profile compliant
- WS-I Basic Security Profile compliant
- New components, platforms, languages
- And links to larger Globus ecosystem
53Globus Toolkit Open Source Grid Infrastructure
Globus Toolkit v4 www.globus.org
Data Replication
Replica Location
Grid Telecontrol Protocol
CredentialMgmt
Data Access Integration
Community Scheduling Framework
Delegation
Python Runtime
WebMDS
Reliable File Transfer
CommunityAuthorization
Trigger
C Runtime
Workspace Management
GridFTP
Authentication Authorization
Grid Resource Allocation Management
Index
Java Runtime
Data Mgmt
Security
CommonRuntime
Execution Mgmt
Info Services
54GT4 Web Services Runtime
- Supports both GT (GRAM, RFT, Delegation, etc.)
user-developed services - Redesign to enhance scalability, modularity,
performance, usability - Leverages existing WS standards
- WS-I Basic Profile WSDL, SOAP, etc.
- WS-Security, WS-Addressing
- Adds support for emerging WS standards
- WS-Resource Framework, WS-Notification
- Java, Python, C hosting environments
- Java is standard Apache
55GT4 WS Core in a Nutshell
Implementation of WSRF Resources,
EndpointReferences, ResourceProperties
Service
Operation Providers pre-build implementations of
WSRF operations
GetRP
GetMultRPs
EPR
EPR
SetRP
EPR
Notification implementation Topics, TopicSet,
Embedded Notification Consumer service
QueryRPs
Subscribe
SetTermTime
Implementations of Resources (ReflectionResource,
PersistentReflectionResource) and
ResourceProperties (SimpleResourceProperty,
ReflectionResourceProperty)
Destroy
56GT4 WS Core in a Nutshell
ResourceHome The home owns the Resource
instances in the service
Service
GetRP
GetMultRPs
SingletonResourceHome manages single instance of
Resource
EPR
EPR
SetRP
EPR
QueryRPs
ServiceResourceHome for services that support a
single Resource instance
Subscribe
SetTermTime
ResourceHome
ResourceHomeImpl manages multiple Resource
instances. Supports resources with in-memory
state and resources with persistent (on disk)
state
Destroy
57GT4 WS Core in a Nutshell
Service Container host multiple services in
container one JVM process
more details based on AXIS service container,
processes SOAP messages, ResourceContext
extension.
58GT4 WS Core in a Nutshell
Secure Communication Transport, Message,
Conversation (Transport demonstrates best
performance)
PIP
PDP
Configurable Security Policies Policy
Information Points (PIPs), Policy Decision Points
(PDP) -- chained
Example authorization PDPs GridMap, SAML
implementations,XACML policies
59GT4 WS Core in a Nutshell
WorkManager thread pool, site independent
work manager
PIP
PDP
Apache Database Connection Pool library (JDBC
DataSource implementation)
JNDI Directory manages internal, shared objects
(ResourceHomes, WorkManager, Configuration
objects,)
WorkManager
DB Conn Pool
JNDI Directory
60GT4 WS Core in a Nutshell
Deploy Service Container standalone or within
Apache Tomcat
PIP
PDP
WorkManager
DB Conn Pool
JNDI Directory
61GT4 Web Services Runtime
62Modeling State in Web Services
Authentication Authorization are applied to all
requests
Factoryservice
Service requestor (e.g., user application)
Registry
Interactions standardized using WSDL and SOAP
63WSRF WS-Notification
- Naming and bindings (basis for virtualization)
- Every resource can be uniquely referenced, and
has one or more associated services for
interacting with it - Lifecycle (basis for fault resilient state mgmt)
- Resources created by services following factory
pattern - Resources destroyed immediately or scheduled
- Information model (basis for monitoring,
discovery) - Resource properties associated with resources
- Operations for querying and setting this info
- Asynchronous notification of changes to
properties - Service groups (basis for registries, collective
svcs) - Group membership rules membership management
- Base Fault type
64Globus Toolkit Open Source Grid Infrastructure
Globus Toolkit v4 www.globus.org
Data Replication
Replica Location
Grid Telecontrol Protocol
CredentialMgmt
Data Access Integration
Community Scheduling Framework
Delegation
Python Runtime
WebMDS
Reliable File Transfer
CommunityAuthorization
Trigger
C Runtime
Workspace Management
GridFTP
Authentication Authorization
Grid Resource Allocation Management
Index
Java Runtime
Data Mgmt
Security
CommonRuntime
Execution Mgmt
Info Services
65Globus Security
- Control access to shared services
- Address autonomous management, e.g., different
policy in different work-groups - Support multi-user collaborations
- Federate through mutually trusted services
- Local policy authorities rule
- Allow users and application communities to set up
dynamic trust domains - Personal/VO collection of resources working
together based on trust of user/VO
66Virtual Organization (VO) Concept
- VO for each application or workload
- Carve out and configure resources for a
particular use and set of users
67GT4 Security
Users
68GT4 Security
- Public-key-based authentication
- Extensible authorization framework based on Web
services standards - SAML-based authorization callout
- As specified in GGF OGSA-Authz WG
- Integrated policy decision engine
- XACML policy language, per-operation policies,
pluggable - Credential management service
- MyProxy (One time password support)
- Community Authorization Service
- Standalone delegation service
69GT4s Use of Security Standards
Supported, Supported, Fastest,
but slow but insecure so default
70GT-XACML Integration
- eXtensible Access Control Markup Language
- OASIS standard, open source implementations
- XACML sophisticated policy language
- Globus Toolkit ships with XACML runtime
- Included in every client and server built on GT
- Turned-on through configuration
- that can be called transparently from runtime
and/or explicitly from application - and we use the XACML-model for our Authz
Processing Framework
71GT Authorization Framework
72Other Security Services Include
- MyProxy
- Simplified credential management
- Web portal integration
- Single-sign-on support
- KCA kx.509
- Bridging into/out-of Kerberos domains
- SimpleCA
- Online credential generation
- PERMIS
- Authorization service callout
73Example Globus Security Architecture
- Diagram of Globus security architecture.
74Globus Toolkit Open Source Grid Infrastructure
Globus Toolkit v4 www.globus.org
Data Replication
Replica Location
Grid Telecontrol Protocol
CredentialMgmt
Data Access Integration
Community Scheduling Framework
Delegation
Python Runtime
WebMDS
Reliable File Transfer
CommunityAuthorization
Trigger
C Runtime
Workspace Management
GridFTP
Authentication Authorization
Grid Resource Allocation Management
Index
Java Runtime
Data Mgmt
Security
CommonRuntime
Execution Mgmt
Info Services
75GT4 Data Management
- Stage/move large data to/from nodes
- GridFTP, Reliable File Transfer (RFT)
- Alone, and integrated with GRAM
- Locate data of interest
- Replica Location Service (RLS)
- Replicate data for performance/reliability
- Distributed Replication Service (DRS)
- Provide access to diverse data sources
- File systems, parallel file systems, hierarchical
storage GridFTP - Databases OGSA DAI
76GridFTP in GT4
Disk-to-disk onTeraGrid
- 100 Globus code
- No licensing issues
- Stable, extensible
- IPv6 Support
- XIO for different transports
- Striping ? multi-Gb/sec wide area transport
- 27 Gbit/s on 30 Gbit/s link
- Pluggable
- Front-end e.g., future WS control channel
- Back-end e.g., HPSS, cluster file systems
- Transfer e.g., UDP, NetBLT transport
77Reliable File TransferThird Party Transfer
- Fire-and-forget transfer
- Web services interface
- Many files directories
- Integrated failure recovery
- Has transferred 900K files
RFT Client
SOAP Messages
Notifications(Optional)
RFT Service
GridFTP Server
GridFTP Server
78Replica Location Service
- Identify location of files via logical to
physical name map - Distributed indexing of names, fault tolerant
update protocols - GT4 version scalable stable
- Managing 40 million files across 10 sites
Index
Index
Local DB Update send (secs) Bloom filter (secs) Bloom filter (bits)
10K lt1 2 1 M
1 M 2 24 10 M
5 M 7 175 50 M
79Reliable Wide Area Data Replication
LIGO Gravitational Wave Observatory
Birmingham
Replicating gt1 Terabyte/day to 8 sites gt30
million replicas so far MTBF 1 month
www.globus.org/solutions
80OGSA-DAI
- Provide service-based access to structured data
resources as part of Globus - Specify a selection of interfaces tailored to
various styles of data accessstarting with
relational and XML
81The OGSA-DAI Framework
Application
Client Toolkit
OGSA-DAI service
Engine
SQLQuery
Activities
GZip
GridFTP
XPath
readFile
XSLT
JDBC
Data Resources
XMLDB
File
MySQL
DB2
XIndice
SWISS PROT
SQL Server
Data- bases
82Extensibility Example
OGSA-DAI service
Engine
SQLQuery
SQLQuery
Multiple SQL GDS
JDBC
MySQL
83OGSA-DAI A Framework for Building Applications
- Supports data access, insert and update
- Relational MySQL, Oracle, DB2, SQL Server,
Postgres - XML Xindice, eXist
- Files CSV, BinX, EMBL, OMIM, SWISSPROT,
- Supports data delivery
- SOAP over HTTP
- FTP GridFTP
- E-mail
- Inter-service
- Supports data transformation
- XSLT
- ZIP GZIP
- Supports security
- X.509 certificate based security
84OGSA-DAI Other Features
- A framework for building data clients
- Client toolkit library for application developers
- A framework for developing functionality
- Extend existing activities, or implement your own
- Mix and match activities to provide functionality
you need - Highly extensible
- Customise our out-of-the-box product
- Provide your own services, client-side support,
and data-related functionality
85Globus Toolkit Open Source Grid Infrastructure
Globus Toolkit v4 www.globus.org
Data Replication
Replica Location
Grid Telecontrol Protocol
CredentialMgmt
Data Access Integration
Community Scheduling Framework
Delegation
Python Runtime
WebMDS
Reliable File Transfer
CommunityAuthorization
Trigger
C Runtime
Workspace Management
GridFTP
Authentication Authorization
Grid Resource Allocation Management
Index
Java Runtime
Data Mgmt
Security
CommonRuntime
Execution Mgmt
Info Services
86Execution Management (GRAM)
- Common WS interface to schedulers
- Unix, Condor, LSF, PBS, SGE,
- More generally interface for process execution
management - Lay down execution environment
- Stage data
- Monitor manage lifecycle
- Kill it, clean up
- A basis for application-driven provisioning
87GT4 WS GRAM
- 2nd-generation WS implementation optimized for
performance, flexibility, stability, scalability - Streamlined critical path
- Use only what you need
- Flexible credential management
- Credential cache delegation service
- GridFTP RFT used for data operations
- Data staging streaming output
- Eliminates redundant GASS code
88GT4 WS GRAM Architecture
Service host(s) and compute element(s)
SEG
Job events
GT4 Java Container
Compute element
GRAM services
Local job control
GRAM services
Local scheduler
Job functions
sudo
GRAM adapter
Delegate
Transfer request
Client
Delegation
Delegate
GridFTP
User job
RFT File Transfer
FTP control
FTP data
Remote storage element(s)
GridFTP
89GT4 WS GRAM Architecture
Service host(s) and compute element(s)
SEG
Job events
GT4 Java Container
Compute element
GRAM services
Local job control
GRAM services
Local scheduler
Job functions
sudo
GRAM adapter
Delegate
Transfer request
Client
Delegation
Delegate
GridFTP
User job
RFT File Transfer
FTP control
FTP data
Remote storage element(s)
GridFTP
Delegated credential can be Made available to
the application
90GT4 WS GRAM Architecture
Service host(s) and compute element(s)
SEG
Job events
GT4 Java Container
Compute element
GRAM services
Local job control
GRAM services
Local scheduler
Job functions
sudo
GRAM adapter
Delegate
Transfer request
Client
Delegation
Delegate
GridFTP
User job
RFT File Transfer
FTP control
FTP data
Remote storage element(s)
GridFTP
Delegated credential can be Used to authenticate
with RFT
91GT4 WS GRAM Architecture
Service host(s) and compute element(s)
SEG
Job events
GT4 Java Container
Compute element
GRAM services
Local job control
GRAM services
Local scheduler
Job functions
sudo
GRAM adapter
Delegate
Transfer request
Client
Delegation
Delegate
GridFTP
User job
RFT File Transfer
FTP control
FTP data
Remote storage element(s)
GridFTP
Delegated credential can be Used to authenticate
with GridFTP
92WS GRAM Performance
- Time to submit a basic GRAM job
- Pre-WS GRAM lt 1 second
- WS GRAM 2 seconds
- Concurrent jobs
- Pre-WS GRAM 300 jobs
- WS GRAM 32,000 jobs
- Various studies are underway to test latest
software
93GT4 WS GRAM Performance
Number of Client Threads (M) Number of Client Threads (M) Number of Client Threads (M) Number of Client Threads (M) Number of Client Threads (M) Number of Client Threads (M) Number of Client Threads (M) Number of Client Threads (M)
1 2 4 8 16 32 64 128
1 7 15 29 57 80 69 69 70
2 15 29 58 79 74 70 70 64
4 29 58 78 77 68 69 52 69
8 59 77 77 72 65 27 Â 69
16 77 77 75 64 27 Â Â 50
32 76 75 68 64 67 Â Â
64 75 73 70 66 65 Â
128 80 72 64 63 71
Sustained Job Load Per Client Thread (N)
All numbers are simple jobs/minute, no delegation
or staging
94Workspace ServiceThe Hosted Activity
Policy
Allocate/provision Configure Initiate
activity Monitor activity Control activity
Activity
Client
Environment
Resource provider
Interface
95Activities Can Be Nested
Client
Policy
Client
Client
Environment
Resource provider
Interface
96For Example
Provisioning, management, and monitoring at all
levels
97Dynamic Service Deployment
Community A
Community Z
- Requirements
- Community control
- Persistence
- Resource guarantees
- Non- interference
- Community scheduling logic
- Data distribution
- Community management
- Science services
- ...
98Virtual Machine Costs
Job in booted VM
GRAM job in paused VM
GRAM job
99Virtual OSG Clusters
OSG
100Globus Toolkit Open Source Grid Infrastructure
Globus Toolkit v4 www.globus.org
Data Replication
Replica Location
Grid Telecontrol Protocol
CredentialMgmt
Data Access Integration
Community Scheduling Framework
Delegation
Python Runtime
WebMDS
Reliable File Transfer
CommunityAuthorization
Trigger
C Runtime
Workspace Management
GridFTP
Authentication Authorization
Grid Resource Allocation Management
Index
Java Runtime
Data Mgmt
Security
CommonRuntime
Execution Mgmt
Info Services
101Monitoring and Discovery
- Every service should be monitorable and
discoverable using common mechanisms - WSRF/WSN provides those mechanisms
- A common aggregator framework for collecting
information from services, thus - MDS-Index Xpath queries, with caching
- MDS-Trigger perform action on condition
- (MDS-Archiver Xpath on historical data)
- Deep integration with Globus containers
services every GT4 service is discoverable - GRAM, RFT, GridFTP, CAS,
102GT4 Monitoring Discovery
Clients (e.g., WebMDS)
GT4 Container
WS-ServiceGroup
MDS-Index
Registration WSRF/WSN Access
adapter
GT4 Cont.
GT4 Container
MDS-Index
MDS-Index
Custom protocols for non-WSRF entities
Automated registration in container
GridFTP
RFT
GRAM
User
103Index Server Performance
- As the MDS4 Index grows, query rate and response
time both slow, although sublinearly - Response time slows due to increasing data
transfer size - Full Index is being returned
- Response is re-built for every query
- Real question how much over simple WS-N
performance?
104Information Providers
- GT4 information providers collect information
from some system and make it accessible as WSRF
resource properties - Growing number of information providers
- Ganglia, CluMon, Nagios
- SGE, LSF, OpenPBS, PBSPro, Torque
- Many opportunities to build additional ones
- E.g., network monitoring, storage systems,
various sensors
105GT4 Summary
Your C Client
Your Python Client
Your Java Client
Your Python Client
Your Python Client
Your C Client
Your C Client
CLIENT
Your Java Client
Your Java Client
Your Python Client
Your C Client
Your Java Client
Interoperable WS-I-compliant SOAP messaging
X.509 credentials common authentication
RFT
GRAM
Delegation
Index
Trigger
Archiver
Your C Service
CAS
OGSA-DAI
Your Python Service
GTCP
Your Java Service
Your Java Service
RLS
Pre-WS MDS
SimpleCA
MyProxy
GridFTP
Pre-WS GRAM
C WS Core
pyGlobus WS Core
Java Services in Apache Axis Plus GT Libraries
and Handlers
C Services using GT Libraries and Handlers
Python hosting, GT Libraries
SERVER
106GT4 Documentationis Much Improved!
107Overview
- 1. Background
- 2. Globus Toolkit
- 3. Future directions
- 4. Related tools
108The FutureContent
- We now have a solid and extremely powerful Web
services base - Next, we will build an expanded open source Grid
infrastructure - Virtualization
- New services for provisioning, data management,
security, VO management - End-user tools for application development
- Etc., etc.
- And of course responding to user requests for
other short-term needs
109The Future
- We now have a solid and extremely powerful Web
services base - Next, we will build an expanded open source Grid
infrastructure - Virtualization
- New services for provisioning, data management,
security, VO management - End-user tools for application development
- Etc., etc.
- And of course responding to user requests for
other short-term needs
110Short-Term Priorities Security
- Improve GSI error reporting diagnostics
- Secure password, one-time password, Kerberos
support for initial log on - Trust roots, use of GridLogon
- Identity/attribute assertions in GT auth.
callouts (e.g., Shib, PERMIS, VOMS, SAML) - Extend CAS admin policy support
- Security logging with management control for
audit purposes
111Short-Term Priorities Data Management
- Space bandwidth management in GridFTP
- Concurrency in globus-url-copy
- Priorities in RFT
- Data replication service
- Enhance policy support in data services
- Physical file name creation service
- Scalable distributed metadata manager
112Short-Term Priorities Execution Management
- Implement GGF JSDL once finalized
- Advance reservation support
- Policy-driven restart of persistent jobs
- Improved information collection for jobs
- Improved management of job collections
- Credential refresh
- Development of workspace service
- Integration of virtual machines (Xen, VMware) and
associated services - Windows port of WS GRAM
113Short-Term Priorities Information Services
- Many more information sources, including gateways
to other systems - Automated configuration of monitoring
- Specialized monitoring displays
- Performance optimization of registry
- Archiver service
- Helper tools to streamline integration of new
information sources
114Short-Term Priorities WS Core
- Streamlined container configuration
- Remote management interface
- Dynamic service deployment
- Service isolation multiple service instances
- WS-Notification, subscription performance
- Full functionality in C WS Core
- Optimized WS-ServiceGroup support
- WS-SecureConversation support
115Overview
- Background
- Globus Toolkit
- Future directions
- Related tools
116The Globus Ecosystem
- Globus components address core issues relating to
resource access, monitoring, discovery, security,
data movement, etc. - GT4 being the latest version
- A larger Globus ecosystem of open source and
proprietary components provide complementary
components - A growing list of components
- These components can be combined to produce
solutions to Grid problems - Were building a list of such solutions
117Many Tools Build on, or Can Contribute to,
GT4-Based Grids
- Condor-G, DAGman
- MPICH-G2
- GRMS
- Nimrod-G
- Ninf-G
- Open Grid Computing Env.
- Commodity Grid Toolkit
- GriPhyN Virtual Data System
- Virtual Data Toolkit
- GridXpert Synergy
- Platform Globus Toolkit
- VOMS
- PERMIS
- GT4IDE
- Sun Grid Engine
- PBS scheduler
- LSF scheduler
- GridBus
- TeraGrid CTSS
- NEES
- IBM Grid Toolbox
-
118DocumentingThe Grid Ecosystem
The Grid Ecosystem Software Components for Grid
Systems And Applications
www.grids-center.org
119Example Solutions
- Portal-based User Reg. System (PURSE)
- VO Management Registration Service
- Service Monitoring Service
- TeraGrid TGCP Tool
- Lightweight Data Replicator
- GriPhyN Virtual Data System
120Condor-G
- The Condor Project _at_ U Wisconsin Madison develops
software for high-throughput computing on
collections of distributed compute resources - Condor-G is an interface to GRAM created by the
Condor team that allows users to submit jobs to
GRAM servers
121GridShib
- Allows the use of Shibboleth-transported
attributes for authorization in GT4 deployments - And, more generally, SAML support
- 2 year project started December 1, 2004
- Participants
- Von Welch, UIUC/NCSA (PI)
- Kate Keahey, UChicago/Argonne (PI)
- Frank Siebenlist, Argonne
- Tom Barton, UChicago
- Beta software released September 16, 2005
122Handle System
- The Handle System from CNRI (http//www.handle.net
) is a general-purpose global name service
enabling secure name resolution over the internet - The Handle System-GT Integration Project
leverages the Handle System for identifier and
resolution services through tight integration
with GT4s Web services protocols
123MPICH-G2
- MPICH-G2, developed at Northern Illinois
University and Argonne National Lab, is a
grid-enabled implementation of the MPI v1.1
standard - MPICH-G2 is implemented using the pre-WS GRAM
component in GT4 integration with GT4 WS GRAM is
expected in the near future
124Nimrod/G
- Nimrod is a specialized parametric modeling
system from Monash University - Nimrod/G uses a simple declarative parametric
modeling language to express parameter sweep
experiments. Based on GT4 WS services, Nimrod/G
enables the formulation, execution and monitoring
of multiple individual parametric experiments
125Ninf-G4
- Ninf-G4, from AIST, is a reference implementation
of the GGF standard GridRPC API - Ninf-G4 is provides higher-level programming APIs
for the development and execution of parallel
applications on the Grid
126PERMIS
- PERMIS is an EU-funded Privilege Management
service that implements Role-Based Access Control - Thanks to the work of the UK Grid Engineering
Task Force, services running in a Java WS Core
container can use PERMIS via GT4s SAML
authorization callouts
127SRB
- SRB is a package from SDSC providing a uniform
interface for connecting to network-based
heterogeneous data resources - GT4s GridFTP includes an interface to SRB data
sources, and vice versa
128Sun Grid Engine
- Sun Grid Engine is an open source distributed
resource management system from Sun Microsystems - In a collaboration between the London e-Science
Centre, Gridwise and MCNC, the Sun Grid Engine
has been integrated with GT4
129Thank you?