Grid Engineering Experience & Biological Applications Dr Richard Sinnott
E-Science Education Workshop, 1-2 Nov 2004 Teaching Grid Computing Dr Richard Sinnott Technical...
-
Upload
whitney-mcgee -
Category
Documents
-
view
214 -
download
0
Transcript of E-Science Education Workshop, 1-2 Nov 2004 Teaching Grid Computing Dr Richard Sinnott Technical...
E-Science Education Workshop, 1-2 Nov 2004
Teaching Grid Computing
Dr Richard SinnottTechnical Director National e-Science Centre
||| Deputy Director Technical Bioinformatics
Research Centre University of Glasgow
E-Science Education Workshop, 1-2 Nov 2004
Overview
Grid Computing module Student backgroundsSyllabusReview of DyVOSE project
Brief summary of technical approach
Plans for the future
E-Science Education Workshop, 1-2 Nov 2004
Grid Computing modulePart of advanced MSc at Glasgow
Started teaching on 30th SeptemberDue to complete on 2nd December
Involves 20 lectures, 10 tutorials, 3 problem sets, 1 large programming assignment
Taught by Richard Sinnott (NeSC, Course Director), Colin Perkins (DCS), John Watt (NeSC, DyVOSE researcher)1 lecture by Seamus Ross (DCC)1 lecture by David Fergusson (EGEE training team)
E-Science Education Workshop, 1-2 Nov 2004
Student Backgrounds
StudentsUG4MSci (UG5)Advanced MSc
First lecture had 50 students, now have 16 signed up for module
Various pre-requisites in taking moduleBased on Glasgow course structures
DAS, DBIT, AC4, …
Additional materials developed for students without necessary background
XML, XML Schema, WSDL, … Not planned for originally…
E-Science Education Workshop, 1-2 Nov 2004
Module OutlineWeek 1 Lecture 1 Introduction to Grid Computing Colin Perkins
Lecture 2 Scalability and Heterogeneity Colin Perkins
Week 2 Tutorial 1 Discussion of Seminal Grid Papers Colin Perkins
Lecture 3 Open Standards and Architectures Richard Sinnott
Lecture 4 Implementations of the Grid Architecture John Watt
Week 3 Lecture 5 Resource Discovery/Information Services John Watt
Lecture 6 Web Services Richard Sinnott
Lecture 7 Technologies for Building Grids David Fergusson
Week 4 Tutorial 2 Exploring Web Services Technologies with GT3 John Watt
Lecture 8 Grid Security Concepts Richard Sinnott
Lecture 9 Virtual Organizations Richard Sinnott
Week 5 Tutorial 3 Exploring Web Services Technologies with GT3 John Watt
Lecture 10 Security in Practice John Watt
Tutorial 4 Lab work and Discussion of Grid Security Richard Sinnott
Week 6 Lecture 11 Job Scheduling and Management - Practice Colin Perkins
Tutorial 5 Discussion of Job Scheduling Papers Colin Perkins
Lecture 12 Workflow Management John Watt
Taught today
E-Science Education Workshop, 1-2 Nov 2004
*National Digital Curation Centre
Module OutlineWeek 7 Lecture 13 Data Access, Integration and Management John Watt
Lecture 14 Data Provenance and Curation Seamus Ross*
Tutorial 6 Discussion of Data Management/Provenance Richard Sinnott
Week 8 Lecture 15 Data Transfer Colin Perkins
Lecture 16 Peer-to-Peer Communication Colin Perkins
Tutorial 7 Discussion of Networking Papers Colin Perkins
Week 9 Lecture 17 Tools for Collaboration Colin Perkins
Tutorial 8 Discussion on the Future of Grid Computing Richard Sinnott
Lecture 18 The Future of Grid Computing Richard Sinnott
Week 10 Lecture 19 Sample Applications Richard Sinnott
Lecture 20 Review of Major Concepts All
Tutorial 9 Q & A All
E-Science Education Workshop, 1-2 Nov 2004
TimetableWeek beginning… Monday 12:00-13:00 Thursday 14:00-15:00 Friday 09:00-10:00
27 September Lecture 1 Lecture 2
4 October Tutorial 1 Lecture 3 Lecture 4
11 October Lecture 5 Lecture 6 Lecture 7
18 October Tutorial 2 Lecture 8 Lecture 9
25 October Tutorial 3 Lecture 10 Tutorial 4
1 November Lecture 11 Tutorial 5 Lecture 12
8 November Lecture 13 Lecture 14 Tutorial 6
15 November Lecture 15 Lecture 16 Tutorial 7
22 November Lecture 17 Tutorial 8 Lecture 18
29 November Lecture 19 Lecture 20 Tutorial 9
E-Science Education Workshop, 1-2 Nov 2004
DyVOSE Project Participants
Dynamic Virtual Organisations in e-Science Education (DyVOSE) team
Principal Investigators Dr Richard Sinnott (NeSC Glasgow) Prof David Chadwick (Salford)
Developers Dr John Watt (NeSC Glasgow) Dr Sassa Otenko (Salford) Mr Tuan Anh Nguyen (Salford)
Other Key People Involved Dr David Berry (NeSC Edinburgh) Dr Sandy Shaw (EDINA)
E-Science Education Workshop, 1-2 Nov 2004
Dynamic Virtual Organisations for e-Science Education (DyVOSE) project
Two year project started 1st May 2004 funded by JISCExploring advanced authorisation infrastructures for security in context of education
University of Salford provide authorisation software (PERMIS) and security expertise
Applied in Grid Computing module part of advanced MSc at the University of Glasgow
– Will provide insight into rolling out authorisation infrastructures/Grid to the masses
– Exploration of current state of the art in authorisation infrastructures
– Second phase of work will involve NeSC Edinburgh/EDINA– Extensions to the existing PERMIS infrastructure to provide
dynamic delegation of authority and recognition of authority
DyVOSE Overview
E-Science Education Workshop, 1-2 Nov 2004
Phase 1Looking at applying existing PERMIS technology to establish static Privilege Management Infrastructure at GU
DyVOSE Workplan
ScotGrid
Authorisation decisions
Authorisation checks
PERMIS based authorisation
Education
VO policies
GU Condor pool
Other (known!) Grid resources
E-Science Education Workshop, 1-2 Nov 2004
Phase 1 DeliverablesD1.1 Design of Educational Case StudiesD1.2 Installation of Software Infrastructure for Static Delegation Based PMID1.3 Detailed Design for Dynamic Delegation and Recognition of Authority
Development of course material Major effort for first time…
DyVOSE Phase 1
E-Science Education Workshop, 1-2 Nov 2004
Current PERMIS based PMI approach
PERMIS allows toDefine roles for who can do what on what
Policy = { Role x Target x Action }– Can user X invoke service Y and access or change data Z?
» Policies created with PERMIS PolicyEditor (output is XML file)
E-Science Education Workshop, 1-2 Nov 2004
PERMIS based Authorisation
E-Science Education Workshop, 1-2 Nov 2004
PERMIS based Authorisation ...ctd
PERMIS Privilege Allocator then used to associate roles with specific users
Signed policies are stored as attribute certificates in LDAP server
Exploiting the GGF AuthZ specification Generic way to authorise access to Grid services using SAML
callouts– Based on GT3.3 – PERMIS
» Grid service (WSDD) has policy information associated with it» DN of clients, target and actions checked when attempts made
to invoke services BRIDGES and DyVOSE only projects exploiting this API right now
(Von Welch at AHM 2004)
E-Science Education Workshop, 1-2 Nov 2004
Explorations in Course
Students applying Policy Editor to develop security policy for use in their assignment
Sorting/searching “works of Shakespeare” … run on single PC, … using training lab Condor pool, … * as GT3.3/Condor service, … as GT3.3 service using GSI,
To see how authorisation at service level achieved – Service should be accessible by themselves and lecturing staff only
… using * for GT3.3-PERMIS authorised service To see how authorisation at method level achieved
– Students split into groups (Gp1, Gp2)» Sort method available to their group and lecturers only» Search method available to all
Performance aspects investigated throughout…
E-Science Education Workshop, 1-2 Nov 2004
Phase 2 D2.1 Report on Practical Experiences and Best Practices in Static
Delegation Based PMI D2.2 Software implementing Dynamic Delegation and Authority
Recognition in PERMIS
Phase 3 D3.1 User Manuals and Administrator Guides on Using and Setting
up and Managing Dynamic Delegation Infrastructures D3.2 Report on Practical Experiences in Using Dynamic Delegation
Infrastructures as Part of e-Science Education D 3.3 NMI release of PERMIS that supports dynamic Delegation and
Recognition of Authority
DyVOSE Phase 2 and 3
E-Science Education Workshop, 1-2 Nov 2004
DyVOSE Phase 2/3
ScotGrid
PERMIS based Authorisation
checks/decisions
Glasgow Education
VO policies
Condor pool
Edinburgh Education VO policies
Shibboleth
Blue Dwarf
Glasgow Edinburgh
Dynamically established VO resources/users
Delegated VO policies
E-Science Education Workshop, 1-2 Nov 2004
Majority of lecture materials completed
Infrastructure established in NeSC Glasgow training laboratory
Initial design of dynamic PMI complete
Input to wider UK security requirements document(Being drafted by Howard Chivers)
Work Progress
E-Science Education Workshop, 1-2 Nov 2004
Long time wrestling with GT3.3-PERMIS integrationSome delays due to version issues with GT3.3
Also required some debugging of GT3.3 (commenting out code)
Continued feedback on PERMIS tools Policy editor refinements
– Numerous discussions/meetings with Salford team on sorting out PERMIS-GT3.3 issues
Certificate dependencies in using PERMIS Expects certificates created using openSSL
Work Progress …ctd
E-Science Education Workshop, 1-2 Nov 2004
Work Progress …ctd
Web site establishedhttp://www.nesc.ac.uk/hub/projects/dyvose
DisseminationPoster at JISC meeting in BrightonPoster at AHM 2004 in NottinghamPaper in preparation to European Grid Conference, Amsterdam
Course materials to be made available to those interested
Some already provided to EGEE training team
E-Science Education Workshop, 1-2 Nov 2004
Future plans
Feed experiences into wider Grid community (ETF AAA work)Continued input to wider security requirements/scenario documents (and to STF?)
Applying experiences in other projects (VOTES, BRIDGES)
Conduit for information from JISC Core Middleware projects and wider UK e-Science activities
It would be nice to think that the majority of the lecture materials had a life of over 1 year
Tried to achieve in course design not focused on Grid technologies explicitly, more on underlying
principles/challenges
Inevitable that refinements needed though… Community needs to address this
E-Science Education Workshop, 1-2 Nov 2004
Questions?