Скачать презентацию Introduction to Globus Toolkit 4 at LA Grid Скачать презентацию Introduction to Globus Toolkit 4 at LA Grid

08741d85973c7ff6d005b7180f57c127.ppt

  • Количество слайдов: 33

Introduction to Globus Toolkit 4 at LA Grid CIS 6612 – Autonomic Grid Computing Introduction to Globus Toolkit 4 at LA Grid CIS 6612 – Autonomic Grid Computing Summer 2006 Presenters Fernando Farfán Mayelin Felipe Agnostics Diego López Ramakrishna Varadarajan

OUTLINE ü ü l WEB SERVICES FUNDAMENTALS GRID FUNDAMENTALS OGSA, WSRF & GT 4 OUTLINE ü ü l WEB SERVICES FUNDAMENTALS GRID FUNDAMENTALS OGSA, WSRF & GT 4 LAGRID @ CIS. FIU. EDU DEVELOPING WS IN LAGRID l l Unsecured Examples Secure Examples

GETTING READY FOR LAGRID l l l Get a Globus Identity certificate signed by GETTING READY FOR LAGRID l l l Get a Globus Identity certificate signed by the Certificate Authority. http: //www. cs. fiu. edu/~esj/globus. html Enroll as a Secure Globus User with Eric Johnson. Set these environment variables: 1. 2. Set $GLOBUS_LOCATION to /depot/globus-4 Set $ANT_HOME to /depot/ant-1. x

SETTING UP LAGRID ENVIRONMENT l Download the examples 1. 2. 3. l go to SETTING UP LAGRID ENVIRONMENT l Download the examples 1. 2. 3. l go to http: //www. gt 4 book. com/ go to Downloads select to download the source code for the Math. Service examples and the File. Buy application Untar/unzip the file 1. tar -xvzf gt 4 book-examples. tar. gz

GT 4 JAVA WS CORE l l l Building web services using GT 4. GT 4 JAVA WS CORE l l l Building web services using GT 4. Stateful web services! Following WSRF specifications.

WRITE A STATEFUL WEB SERVICE IN 5 SIMPLE STEPS!! 1. 2. 3. 4. 5. WRITE A STATEFUL WEB SERVICE IN 5 SIMPLE STEPS!! 1. 2. 3. 4. 5. Define the WS interface with WSDL. Implement the service with Java. Define the deployment parameters with WSDD. Compile everything and generate a GAR file with Ant. Deploy the service with GT 4 tool.

OUR FIRST EXAMPLE: Math. Service l l A simple Math web service. Operations: l OUR FIRST EXAMPLE: Math. Service l l A simple Math web service. Operations: l l Addition Subtraction Get Value. Resources: l l Value (integer) Last operation performed (String).

Math. Service: THE 5 STEPS. Step 1: The WSDL The Definition The Port Type Math. Service: THE 5 STEPS. Step 1: The WSDL The Definition The Port Type Thetarget. Namespace="http: //www. globus. org/namespaces/ Messages examples/Math. Service_instance“ …> The Response and Request Types wsrp: Resource. Properties="tns: Math. Resource. Properties"> Propertiesencoding="UTF-8"? > The Resource name="add">

Math. Service: THE 5 STEPS. Step 1: The WSDL Steps to write a WSDL Math. Service: THE 5 STEPS. Step 1: The WSDL Steps to write a WSDL document: l l Write the root element Write the Write an input and output for each operation in the Port. Type Write the , which includes declaring the request and response elements, along with the resource properties.

Math. Service: THE 5 STEPS Step 2: Implementation in Java The Bare Bones The Math. Service: THE 5 STEPS Step 2: Implementation in Java The Bare Bones The Resource Properties package org. globus. examples. services. core. first. impl; /* Resource properties */ import java. rmi. Remote. Exception; private int value; import org. globus. examples. stubs. Math. Service_instance. *; private String last. Op; import org. globus. wsrf. *; import org. globus. wsrf. impl. *; /* Get/Setters for the RPs */ public int get. Value() { public class Math. Service return value; implements Resource, Resource. Properties { } … } public synchronized void set. Value(int value) { this. value = value; }

Math. Service: THE 5 STEPS Step 2: Implementation in Java The Web Service Java Math. Service: THE 5 STEPS Step 2: Implementation in Java The Web Service Java class includes: l l l Declaration for the Resource. Property. Set Declaration for the Resource Properties Constructor – resource properties are initialized Get/Setters for the Resource Properties Methods for the remotely accessible operations

Math. Service: THE 5 STEPS. Step 3: Configuring the Deployment - WSDD <? xml Math. Service: THE 5 STEPS. Step 3: Configuring the Deployment - WSDD share/schema/examples/Math. Service_instance/Math_service. wsdl

WEB SERVICES IN GT 4 Agnostic Question What purpose does JNDI play within the WEB SERVICES IN GT 4 Agnostic Question What purpose does JNDI play within the GT 4 environment? The Java Naming and Directory Interface allow us to build directory-enabled applications. This will make our Web service available to client connections through a Web services container. A service (identified by its path) will want to locate its resource home. It can also interact with a variety of directories such as LDAP.

Math. Service: THE 5 STEPS. Step 4: Create a GAR file with Ant l Math. Service: THE 5 STEPS. Step 4: Create a GAR file with Ant l l l Process the WSDL to add missing pieces. Create stub classes from the WSDL. Compile stub classes. Compile service implementation. Organize all files into its specific directory structure. . /globus-build-service. sh –d -s $. /globus-build-service. sh -d org/globus/examples/services/core/first -s schema/examples/Math. Service_instance/Math. wsdl

Math. Service: THE 5 STEPS. Step 5: Deploy the Service into a Web Service Math. Service: THE 5 STEPS. Step 5: Deploy the Service into a Web Service Container l l l Uses Ant. Unpacks the GAR. Copies the WSDL, compiled stubs, compiled implementation & WSDD into the GT 4 directory tree. $ sudo –u globus-deploy-gar org_globus_examples_services_core_first. gar $ sudo –u globus-undeploy-gar org_globus_examples_services_core_first

Math. Service: THE CLIENT l Tests the service invoking both the add and subtract Math. Service: THE CLIENT l Tests the service invoking both the add and subtract operations. $ java -cp. /build/stubs/classes/: $CLASSPATH org. globus. examples. clients. Math. Service_instance. Client https: //la-blade-01. cs. fiu. edu: 8443/wsrf/services/core/first/Math. Service Axis. Fault fault. Code: {http: //schemas. xmlsoap. org/soap/envelope/}Server. user. Exception fault. Subcode: fault. String: java. io. IOException: No socket factory for 'https' protocol fault. Actor: fault. Node: fault. Detail: . . .

HOW TO MAKE THE SERVICE SECURE? ? l Create the security-config. xml file. <security. HOW TO MAKE THE SERVICE SECURE? ? l Create the security-config. xml file. l Modify the deploy-server. wsdd file. l Add the following to the client. static { Util. register. Transport(); } … ((Stub)math. Factory). _set. Property( Constants. GSI_SEC_CONV, Constants. ENCRYPTION); ((Stub)math. Factory). _set. Property( Constants. AUTHORIZATION, No. Authorization. get. Instance()); Our acknowledge to Ramakrishna!

HOW TO MAKE THE SERVICE SECURE? ? l Let’s run it again… $ java HOW TO MAKE THE SERVICE SECURE? ? l Let’s run it again… $ java -cp. /build/stubs/classes/: $CLASSPATH org. globus. examples. clients. Math. Service_instance. Client https: //la-blade-01. cs. fiu. edu: 8443/wsrf/services/core/first/Math. Service Current value: 15 Current value: 10 l Is it secure now? Not really… We just fooled it to make it secure.

WEB SERVICES IN GT 4 Agnostic Question How do I create a Grid infrastructure? WEB SERVICES IN GT 4 Agnostic Question How do I create a Grid infrastructure? Can we use any machine which has the Globus Toolkit's Grid Services installed on it? To build a Grid, we recommend that you download the Globus Toolkit and follow the instructions in the Globus Toolkit System Administrator's Guide. Both of these are available at the Globus website, http: //www. globus. org/toolkit/. The documentation will take you through the process of building the Globus Toolkit software, setting up a Grid information service, setting up a certificate authority or using someone else's, installing the Globus resource management tools on your servers, and installing Globus client tools and libraries for your users.

GRID SECURITY INFRASTRUCTURE l l Basis for GT 4 Security layer. Covers the three GRID SECURITY INFRASTRUCTURE l l Basis for GT 4 Security layer. Covers the three pillars of secure communication: l l Privacy. Integrity. Authentication. Family of components (low/high level) to offer security features to programmers.

GRID SECURITY INFRASTRUCTURE l l l Level security: l Transport-level l Message-level Authentication l GRID SECURITY INFRASTRUCTURE l l l Level security: l Transport-level l Message-level Authentication l X. 509 Digital certificates. l Username/Password Authorization schemes: l Server-Side l Client-Side l Custom l l Credential delegation and single sign-on l Proxy Certificates Different levels of security: l Container l Service l Resource.

SECURE EXAMPLES: WRITING A SECURE Math. Server l l Add security to the Math. SECURE EXAMPLES: WRITING A SECURE Math. Server l l Add security to the Math. Service example. Now, four operations: l l l add subtract multiply divide We will be able to configure each operation with a different security configuration.

" src="http://present5.com/presentation/08741d85973c7ff6d005b7180f57c127/image-23.jpg" alt="DEMO: SECURE Math. Server " /> DEMO: SECURE Math. Server • The service Modify the security-config-auth. xml 6 5 4 2 1 3 The rest of the authorization be divide method only bemust multiply add method can onlyinvoked be subtract method can be be No server-side methods can only be using GSI any Conversation. performed. Secureof. Secure Message. with the authentication invoked using GSI Transport methods. (transport-level GSI Secure Message. Conversation orsecurity).

DEMO: SECURE Math. Server l The Client l Programatically: ((Stub)math). _set. Property(Constants. GSI_SEC_CONV, Constants. DEMO: SECURE Math. Server l The Client l Programatically: ((Stub)math). _set. Property(Constants. GSI_SEC_CONV, Constants. ENCRYPTION); l Security descriptor: String sec. Dec. File = “path/to/security-descriptor. xml”; ((Stub)math). _set. Property(Constants. CLIENT_DESCRIPTOR_FILE, sec. Desc. File);

DEMO: SECURE Math. Server l Client call 1: GSI Transport Client [add] ERROR: GSI DEMO: SECURE Math. Server l Client call 1: GSI Transport Client [add] ERROR: GSI Secure Conversation authentication required for "{Math. Service_instance_4 op}add" operation. [subtract] ERROR: GSI Secure Message authentication required for "{Math. Service_instance_4 op}subtract" operation. [multiply] ERROR: GSI Secure Conversation or GSI Secure Message authentication required for "{Math. Service_instance_4 op}multiply" operation. Division was successful Current value: 30 l Client call 2: GSI Secure Conversation Client Addition was successful [subtract] ERROR: GSI Secure Message authentication required for "{http: //www. globus. org/namespaces/examples/ Math. Service_instance_4 op}subtract" operation. Multiplication was successful Division was successful Current value: 180

GLOBUS TOOLKIT 4 Agnostic Question Once I've installed the Globus Toolkit, how do others GLOBUS TOOLKIT 4 Agnostic Question Once I've installed the Globus Toolkit, how do others find out that my machine is available on the Grid, and how can I find out what other machines are on the Grid? Grid exists as a number of groups who are building experimental and production grid infrastructures for their own purposes. Virtual organizations using the same Grid technology to build their infrastructures.

GLOBUS TOOLKIT 4 Agnostic Question If I submit a job using Globus Toolkit 4, GLOBUS TOOLKIT 4 Agnostic Question If I submit a job using Globus Toolkit 4, is the execution management module capable of executing the job parallel on different machines on the grid? No, this is one of the current limitations of GT 4.

GLOBUS TOOLKIT 4 Agnostic Question What are the research challenges that the Globus Alliance GLOBUS TOOLKIT 4 Agnostic Question What are the research challenges that the Globus Alliance is currently addressing? What do you think are the limitations of the current Globus toolkit implementations? l l l End-to-end resource management and adaptation techniques. Automated techniques for negotiation of resource usage, policy, and accounting in large-scale grid environments. High-performance communication methods and protocols.

GLOBUS TOOLKIT 4 Agnostic Question One of the main challenges with today's Internet, is GLOBUS TOOLKIT 4 Agnostic Question One of the main challenges with today's Internet, is the amount of useless information out there, how does GT 4 currently ensure that the services being offered or registered provide both quality and are in demand? Globus Toolkit provides mechanisms to address resource discovery and security issues. GARA: General-purpose Architecture for Reservation and Allocation

GLOBUS TOOLKIT 4 Agnostic Question How effective is the GT 4 book in expanding GLOBUS TOOLKIT 4 Agnostic Question How effective is the GT 4 book in expanding the practical uses of Grid Computing? Does the author focus on both scientific and non-scientific applications running on the Grid? Part IV: The File. Buy Application: Multiple services deployed across several machines. Highlights some design patterns commonly found in GT 4 based systems.

GLOBUS TOOLKIT 4 Agnostic Question Are there any current GT 4 IDE software tools? GLOBUS TOOLKIT 4 Agnostic Question Are there any current GT 4 IDE software tools? Globus Service Build Tools http: //gsbt. sourceforge. net/ l l GT 4 IDE: Eclipse 3 plug-in that will allow GT 4 programmers to develop WSRF Java Web Services easily. globus-build-service: The same Ant buildfile + script included in the tutorial.

GLOBUS TOOLKIT 4 Agnostic Question How do you envision the Grid in the future? GLOBUS TOOLKIT 4 Agnostic Question How do you envision the Grid in the future? In your opinion, how much will GT 4 make Grid adoption easier in the future? The needs for Grids have been identified. How many grid-enabled applications we’ll see? To grid-enable an application is a challenge. New challenges in security.

USEFUL LINKS l l l Our site! [COMING SOON] http: //www. cis. fiu. edu/~mfelip USEFUL LINKS l l l Our site! [COMING SOON] http: //www. cis. fiu. edu/~mfelip 01/CIS 6612/GT 4_project. html Globus toolkit 4 Programmer’s Tutorial http: //gdp. globus. org/gt 4 -tutorial/ Globus toolkit 4: Programming Java Services http: //www. gt 4 book. com/ OASIS. http: //www. oasis-open. org/ The Globus Alliance; http: //www. globus. org/