GLOBUS Toolkit Grid Deployment Boro Jakimovski Marjan Gusev

GLOBUS Toolkit Grid Deployment Boro Jakimovski Marjan Gusev Institute of Informatics Faculty of Natural Sciences and Mathematics University of Sts. Cyril and Metodius Skopje, Macedonia

Grid technology n n Flexible, secure, coordinated resource sharing among dynamic collections of individuals, institutions, and resource Grid architecture q q Defined using services and protocols Using the “sand hourglass” model similar to the TCP/IP protocol stack From “The Anatomy of the Grid: Enabling Scalable Virtual Organizations”

Grid architecture n n Fabric – resource specific operations Connectivity – main communication and authentication proto. Resource – usage, monitoring, control of single resource Collective – global interactions between collections of resources

Globus Toolkit™ n n n No “official” Grid standards exist but Globus Toolkit™ has emerged as the de facto standard for several important Connectivity, Resource, and Collective protocols

Fabric n Contains q q q Computational resources Storage resources Network resources Code resources Catalogs n Globus toolkit q q defined by vendorsupplied interfaces not physical characteristics enquiry software for detection of capabilities and delivers this information to higher lever services

Connectivity n Contains services allowing q Communicaion n q Transport Routing Naming n Globus toolkit q Communication n q Authentication n n n n Single sign on Delegaion Integration with local security solutions User-based trust relationships TCP/IP GSI – Grid Security Infrastructure q q q n TLS – Transport Layer Security protocols X. 509 certificates User-based trusts GAA – Generic Authorization and Access interface q Helps integration with local policies

Resource n Contains services for q q Information – structure and state of the resource Management – negotiate access, perform operations, accounting n Globus toolkit q GRIP(S) – Grid Resource Information Protocol (Service) n n q q Based on LDAP GRRP – Grid Resouce Registration Protocol GRAM – Grid Resource Access and Management protocol Grid. FTP n Uses sercurity protocols

Collective n Contains global Grid services q q q q q Directory services Co-allocation, scheduling Monitoring Data replication Grid-enabled programming systems Workload management Software discovery Community authorization Accounting n Globus toolkit q GIIS – Grid Information Index Server DUROC co-allocator q MPICH-G 2 q

Globus Toolkit™ components n Security q n GSI – Grid Security Infrastructure Resource Management q GRAM – Grid Resource Allocation Manager n n n Information Services q MDS – Monitoring and Discovery Service n n globusrun RSL gatekeeper job manager DUROC – Dynamically-Updated Request Online Coallocator GRIS – Grid Resource Information Service GIIS – Grid Index Information Service MDS Client Data Management q Grid. FTP n GASS

GSI example User Single sign-on via “grid-id” & generation of proxy cred. User Proxy credential Or: retrieval of proxy cred. from online repository Remote process creation requests* GSI-enabled Authorize Site A GRAM server Map to local id (Kerberos) Create process Generate credentials Computer Process Kerberos ticket Communication* Local id Restricted proxy Ditto Remote file access request* * With mutual authentication Site C (Kerberos) Storage system GSI-enabled GRAM server Site B (Unix) Computer Process Local id Restricted proxy GSI-enabled FTP server Authorize Map to local id Access file

Globus Toolkit™ installation n Choose packages (Client/Server/SDK) q q n n Source packages Binary packages Extra packages GPT – Globus Packaging Tool q q Used for install/build disrtibution packages gpt-install <options> <package-name> <flavor[s]> gpt-build <options> <package-name> <flavor[s]> gpt-postinstall

Globus Toolkit™ packages Package Flavor Data Management Client gcc 32 dbg Data Management SDK gcc 32 dbg Data Management Server gcc 32 dbg Information Services Client gcc 32 dbgpthr Information Services Server gcc 32 dbgpthr Information Services SDK gcc 32 dbgpthr Resource Management Client gcc 32 dbg Resource Management SDK gcc 32 dbg Resource Management Server gcc 32 dbg Replica gcc 32 dbgpthr GSI gcc 32 dbg

Globus Toolkit™ installation n After deploying the selected packages and running gpt-postinstall we execute q n setup-gsi – configures grid serurity In order to use the installation we need to acquire certificates q user certificate n q host certificate n q grid-cert-request – creates usercert-request. pem grid-cert-request –host <hostname> – creates host. req LDAP certificate n grid-cert-request –cn “ldap/hostname” – creates server. req

Globus Toolkit™ installation n Globus services installation q In /etc/services insert n n q Gsigatekeeper 2119/tcp #Globus Gatekeeper gsiftp 2811/tcp #Grid. FTP xinetd/globus-gatekeeper n n service gsigatekeeper { socket_type = stream protocol = tcp wait = no user = root server = GLOBUS_LOCATION/sbin/globus-gatekeeper server_args = -conf GLOBUS_LOCATION/etc/globusgatekeeper. conf disable = no } Similar for grid-ftp

Globus Toolkit™ verification n To test the functionality of the gatekeeper execute q q grid-proxy-init -debug -verify globus-personal-gatekeeper –start n n n Starts personal proxy and returns our contact string hostname: 4589: /O=Grid/O=Globus/CN=Your Name To execute a command we use q globus-job-run <contact> /bin/date

Globus Toolkit™ verification n MDS test q q n SXXgris start – starts the GRIS/GIIS server grid-info-search -anonymous -L – starts a test query to the local GRIS Grid. FTP test q q q grid-proxy-init – start the proxy in. ftpd -s -p 5678 – start the ftp server globus-url-copy -s "`grid-cert-info subject`“ gsiftp: //localhost: 5678/tmp/file 1 file: ///tmp/file 2

Globus Toolkit™ clients n GRAM Clients q globus-job-run – online interface for job submition n q globus-job-submit – batch job submition n q n globus-job-submit 'contact string' command globusrun – executes a RSL script MDS Clients q grid-info-host-search - client to a GRIS server n q grid-info-host-search -p port hostname "LDAP filter" grid-info-search - client to a GIIS server n n globus-job-run 'contact string' command grid-info-search [-x] Grid. FTP Clients q globus-url-copy n globus-url-copy source. URL dest. URL

RSL Example +( & (resource. Manager. Contact= “flash. isi. edu: 754: /C=US/…/CN=flash. isi. edu-fork”) (count=1) (label="subjob A") Different resource (executable= my_app 1) managers ) Different ( & (resource. Manager. Contact= counts “sp 139. sdsc. edu: 8711: /C=US/…/CN=sp 097. sdsc. edu-lsf") (count=2) (label="subjob B") Different executables (executable=my_app 2) )

Co. G – Community Grid n Co. G is a Java based Globus Toolkit interface. It can be used by normal users for easy access to the Grid.