Using Grid Computing at NIKHEF David Groep NIKHEF
- Slides: 21
Using Grid Computing at NIKHEF David Groep, NIKHEF 2001 -10 -01
The One-Liner • Resource sharing and coordinated problem solving in dynamic multi-institutional virtual organisations
What is Grid computing? • Dependable, consistent and pervasive access • Combining resources from various organizations • `Virtual Organizations’ – user-based view on Grid • Technical challenges: – – transparent decisions for the user uniformity in access methods secure & crack resistant authentication, authorization, accounting (AAA) "a
Grid Middleware • Globus Project started 1997 • de facto-standard • Reference implementation of Gridforum standards • Large community effort • Basis of several projects, including EU-Data. Grid • Toolkit `bag-of-services' approach • Successful test beds, with single sign-on, etc…
Grid Architecture Make all resources talk standard protocols Promote interoperability of application toolkit, similar to interoperability of networks by Internet standards Applications Condor-G Application Toolkits DUROC MDS Replica. Srv Grid Services MPICH-G 2 Grid. FTP VLAM-G GRAM Grid Security Infrastructure (GSI) Condor MPI PBS Grid Fabric SUN Internet Linux
Looking for Resources • Per Virtual Organization (or test bed) • Directory of Resources and their Characteristics • Used to find `best resource out there’ Data. Grid http: //marianne. in 2 p 3. fr/ Dutch. Grid ldap: //giishost. nikhef. nl: 30001/o=Grid
Submitting a Job
Sending your Data • Tape robots, disks, etc. share Grid. FTP interface • Optimize for high-speed >1 Gbit/s networks • In the future: automatic optimizations, bandwidth reservations, directory-enabled networking, …
Data. Grid Test Bed 1 • Data. Grid TB 1: – 14 countries – 21 major sites – “Work Package 6” • Submitting Jobs: – Login only once, run everywhere – Cross administrative boundaries in a secure and trusted way – Mutual authorization
Dutch. Grid Platform • Dutch. Grid: – Test bed coordination – PKI security • Participation by Leiden Delft Amsterdam Enschede KNMI Utrecht Nijmegen NIKHEF: FOM, VU, Uv. A, Utrecht, Nijmegen KNMI, SARA AMOLF DAS-II (ASCI): TUDelft, Leiden, VU, Uv. A, Utrecht Telematics Institute
Systems around WCW
Start using the grid • All the necessary “client tools” are on all Linux and Solaris systems • You just need: – Credentials/tokens for the Grid (see next slides) – Authorization to use resources (you get all NIKHEF resources by default) – Information on which resources to use effectively
Your Grid Credentials • You will use resources across several domains – You may not care about security and authorization – But the remote site admin will ! • All communications are authenticated using X. 509 “Public Key” Certificates • The technology used to secure credit card transactions on the web (https: //……) • Uniquely binds name/affiliation to a digital token
Certification Authorities • CA’s act as trusted third parties • Remote sites trust the CA for a proper binding • They will not do authentication again, so only authorization left. • CA’s are highly valuable: crack one to impersonate others on the Grid (and abuse resources) • Registration Authorities do in-person ID checks
CA’s in Data. Grid • 10 National CA’s (one per EU country) • Each one has a detailed policy and practice statement • NIKHEF operates the CA for Dutch. Grid See http: //certificate. nikhef. nl/ • Get a “certificate” from the Dutch. Grid CA before you can start using the Grid • It’s valuable, protect it with a pass phrase • One cert valid for all Data. Grid sites
The Proxy • A `proxy certificate’ is a limited-lifetime delegation without a pass phrase to protect it • Implements the single sign-on for Grid • Valid for 12 hours (by default) • Use it to: – Run your jobs – Get access to your data • Get it, by running grid-proxy-init
Now see for yourself
Getting a Certificate • Initialize your environment for the Grid • Use the Globus local guide from http: //www. dutchgrid. nl/Org/Nikhef/ • Run grid-cert-request • Send the result to ca@nikhef. nl you will be contacted by phone • Put the certificate (sent by mail) in your $HOME/. globus/usercert. pem • Or use the Web at http: //certificate. nikhef. nl/cgi-bin/reqconf
Using the Grid • Request authorization: gridadm@nikhef. nl • Look what is out there using grid-info-search or http: //marianne. in 2 p 3. fr/datagrid/giis-browse. html • Try some local hosts: – bilbo, kilogram, triangel kilogram: davidg: 1009$ globus-job-run dommel. wins. uva. nl /usr/ucb/quota -v Disk quotas for random (uid 12 xxx): Filesystem usage quota limit timeleft files quota limit timeleft /home/random 13067 1500000 2000000 0 kilogram: davidg: 1010$ • Start running your analysis/MC/other jobs
Grid. FTP • Universal high-performance file transfer • Extends the FTP protocol with: – Single sign-on (GSI, GSSAPI, RFC 2228) – Parallel streams for speed-up – Striped access (ftp from multiple sites to be faster) • Clients: gsincftp, globus-url-copy.
What’s Next? • Some of the nice user-features to come: – Finding data files by characteristics (give me all golden decay’s) – Moving your job to where the data is – Automatic partitioning of jobs – Support true-interactive work – Better network utilisation (faster access to data) – ……… • If you are in the Data. Grid project, ask your WP leader for authorization in TB 1
- Nikhef webmail
- Nikhef theory
- Nikhef
- Lga pin
- Resource broker in grid computing
- Open grid computing
- Grid computing tutorial
- Distributed computing disadvantages
- Worldwide lhc computing grid
- Sas grid computing
- Sas grid computing
- Lgfl history of computing
- Grid computing applications
- Derivatives of grid computing
- Grid and cloud computing lmu
- Grid computing ejemplos
- Challenges of grid computing
- Grid computing security
- Sas grid computing
- Grid computing introduction
- Overview of grid computing
- Cern grid computing