Utilizzo di portali per interfacciamento tra Grid e

Utilizzo di portali per interfacciamento tra Grid e Cloud Workshop della Commissione Calcolo e Reti dell’INFN, 27 -30 May 2014 - Laboratori Nazionali del Sud dell’INFN Giuseppe LA ROCCA (giuseppe. larocca@ct. infn. it) INFN - Catania

Outline � Some introductory concepts and driving considerations � Catania Science Gateway Framework’s overview � � Auth. N & Auth. Z schema � The Cloud & Grid Engine � The architecture of the JSAGA adaptor for OCCI � The My. Cloud portlet for clouds orchestration � The CSGF as Saa. S, examples � My. Cloud as Iaa. S, example Conclusions and Outlook

Some barriers limit (*) the e-Infrastructure adoption The e. Research 2020 report http: //www. eresearch 2020. eu/ 3

The “non-global” middleware s ue s s i re Genesis II a s s ce c a f so s e n i s a e d an y t i l i ab r e p o r e t n I

A very «cloudy» sky…

Interoperability & Interoperation (source: Wikipedia) � According to ISO/IEC 2382 -01 (Information Technology Vocabulary, Fundamental Terms), interoperability is "The capability to communicate, execute programs, or transfer data among various functional units in a manner that requires the user to have little or no knowledge of the unique characteristics of those units“ � In engineering, interoperation is “The setup of ad hoc components and methods to make two or more systems work together as a combined system” � The adoption of standards => are the key for a long-term sustainability!

Two Scenarios … � A scientist can sign in on a Catania Science Gateway using his/her federated credentials, select an application from a menu and seamlessly execute it on HPC machines, Grids and Clouds � � The fractions of executions on the three different platforms can be adjusted to simulate the need to “boost” the resources in case of temporary peaks of activity The cloud tenant of a real or virtual organisation can sign in on a Catania Science Gateway using his/her federated credentials, select virtual machine(s) from a geographically shared repository and deploy/move/copy it/them across his/her personal cloud � The graphic user interface will be very intuitive including point & click and drag & drop functionalities � The virtual machine(s) will belong to the same domain name (chain-project. eu in the particular case) independently of the site where it/they will be instantiated and of the underlying Cloud middleware stack

The Catania Science Gateway Framework’s high-level architecture Grid/Cloud Engine (based on SAGA) Science Gateway / My. Cloud Administrator Scientist Cloud tenant Orchestrator (based on OCCI) Cloud #1 HPC Clusters Cloud #2 Single domain Cloud #n Users belonging to Identity Federations

The Auth. N/Auth. Z Schema s n ck atio e s Ch ri 4. tho au Federation s le 3. I den tity att rib ute o rr nc Sy s e us 2. Forwarded to the Id. P Retrieve e-Infrastructure credentials Science Gateway y Tr 1. in og l o t GRID Local Cluster 9 VAMP Workshop 2013 – Helsinki, 30/9 -1/10/2013

The Catania Grid & Cloud Engine e. Token Server Science GW Interface Data Engine Job Engine Users Track & Monit. Users Tracking User Tracking DB DB SAGA/JSAGA API Grid/Cloud/Local MWs 10

Use case implementation: JSAGA Adaptor for OCCI Science Gateway Catania Grid/Cloud Engine Security context Job management SG Stage-in/out VM robot certificate start VM SG VM 1) stage-out SG stage-in & run app 12 2) kill VM VM

CHAIN-REDS Science Gateway -CHAIN-REDS RI-306819

CHAIN-REDS Science Gateway -CHAIN-REDS RI-306819 Select the VM profile Select the VM template Enable e-mail notification Job description Specify the advanced settings for the application Enable advanced settings Start VM 14

Running WRF on various distributed computing Infrastructures through the CHAIN-REDS SG � The Weather Research and Forecasting (WRF) Model is a next-generation mesoscale numerical weather prediction system designed to serve both atmospheric research and operational forecasting needs. CHAIN-REDS Science Gateway -CHAIN-REDS RI-306819

CHAIN-REDS Science Gateway -CHAIN-REDS RI-306819

The scenario of user case #2 Cloud 3 M/W 3’ Cloud 4 M/W 4’ Cloud 5 M/W 5’ My Cl ou d Cloud 1 M/W 1’ Cloud 2 M/W 2’ Cloud 6 M/W 6’ Cloud 7 M/W 7’ 17 Cloud 8 M/W 8’ Cloud 9 M/W 9’ Cloud 10 M/W 10’

The scenario of user case #2 10 clouds 6 countries 3 m/w stacks 1 SME IT ZA IT ES My Cl ou d EG GR ES IT Fed. Cloud 18 IT CZ

Managing VMs across different cloud providers: My. Cloud @ work! Current functionalities: • Federated authentication • Fine-grained authorisation • Single/multideployment of VMs on a cloud and across clouds, including the EGI Fed. Cloud • Single/multi-move of VMs across clouds • Single/multi-deletion of VMs on a cloud and across clouds • SSH connection to VMs • Direct web access to VMs hosting web services 19

Summary of Adopted Standards § Authentication and Authorisation § SAML, LDAP § Application e-Infrastructure independent § SAGA, OCCI § Grid Transactions § Robot Certificate, PKCS#11 § Standard Java Technology § Portlet 2. 0 § Portal Framework § Liferay portlet container JSR 168/286 20

Summary and outlook � The Catania Science Gateway Framework successfully bridges e. Infrastructures built on different architectures (Grid, HPC, Cloud, local clusters, desktops, etc. ) and make them interoperable at user application level thanks to standard adoption (SAGA, SAML, OCCI, etc. ) � The My. Cloud service allows seamless multi-cloud service operation across different OCCI-compliant middleware stacks � Next steps are: � Creation of the shared storage infrastructure to support stateful VMs � Allow deployed VMs to «find themselves» in My. Cloud 21

Contacts Email: sg-licence@ct. infn. it Social Networks: