the next generation of virtual organisations in unicore
play

The next generation of Virtual Organisations in UNICORE Krzysztof - PowerPoint PPT Presentation

Sep 01, 2022 •292 likes •689 views

The next generation of Virtual Organisations in UNICORE Krzysztof Benedyczak, Piotr Baa ICM University of Warsow Outline Outline Virtual Organisations revisited classification Current state of 'art' VOMS/gLite UNICORE

  1. The next generation of Virtual Organisations in UNICORE Krzysztof Benedyczak, Piotr Bała ICM University of Warsow

  2. Outline Outline  Virtual Organisations revisited ● classification  Current state of 'art' ● VOMS/gLite ● UNICORE  Problems and goals  Roadmap towards a real state of art 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  3. Virtual Organizations revisited Virtual Organizations revisited  An old (and boring?) concept...  Many different meanings but mostly: Grouping of users and resources from multiple real organizations, cooperating.  The biggest competitor: federations.  VOs: ● members maintained in a separate DB, centrally, – administration might be partially distributed, ● member organizations assign resources to the VO, ● the VO decides who gets what. 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  4. What about federations? What about federations?  Federations: ● members maintained in many DBs, by each (home) organization individually. ● created as an agreement on common authorization language (e.g. used attributes and their meaning). ● each home organization decides on rights of its users ● resources access is defined using the common federation language.  In VOs world there is a strict control over who is the member, but there is identity duplication. Federations are opposite. 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  5. Obtaining VO information: Obtaining VO information: the PULL PULL mode mode the 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  6. Obtaining VO information: Obtaining VO information: the PULL PULL mode mode the (a) Easy for end-users, can be transparent. (b) Optionally users can select VO (and VO-options) via simple preferences. 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  7. Obtaining VO information: Obtaining VO information: the PULL PULL mode mode the (a) Easy for end-users, can be transparent. (b) Optionally users can select VO (and VO-options) via simple preferences. (a) No privacy - the whole VO contents exposed. (b) Not suitable when number of VO servers is large. (c) Even with few VOs it is difficult to provide sensible defaults. (d) Hard to configure permissions for all grid servers to access every VO service. Using delegation? 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  8. Obtaining VO information: Obtaining VO information: the PUSH PUSH mode mode the 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  9. Obtaining VO information: Obtaining VO information: the PUSH PUSH mode mode the (a) End-users have full control over VO information exposed to the grid. (b) Easily scalable in terms of VOs number and VO servers number. 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  10. Obtaining VO information: Obtaining VO information: the PUSH PUSH mode mode the (a) End-users have full control over VO information exposed to the grid. (b) Easily scalable in terms of VOs number and VO servers number. (a) Users are must handle the initial VO contact - select the VO and VO attributes that shall be exposed. This is hard - very friendly UI needed. 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  11. VO use cases in the Grid VO use cases in the Grid  VO software can provide an advanced user management system: ● from user enrolment to removal.  VO membership can be used for authorization ● also other VO-defined attributes/roles/...  Supporting a VO can automate users acceptance ● no need for manual accounts set up etc.  Jobs might be assigned to VOs ● VO might be later charged (ranked, ...) for its users (accounting). ● VO environment might be loaded (e.g. a special gid).  VO members may collaborate ● For instance can have access to a shared file space. 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  12. Advanced VO use-cases Advanced VO use-cases  VOs may be used to automatically set up specialized user's environment: ● instantiate per-VO VMs images, ● create reservations, ● enable software licenses, ...  VOs may coordinate inter-site collaboration ● e.g. manage VO-wide clusters reservations with automatically negotiated reservation shares between the resource providers.  VOs can be used to manage legal agreements that users have to sign. 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  13. Classification of VOs Classification of VOs 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  14. Classification of VOs Classification of VOs dynamic static 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  15. Classification of VOs Classification of VOs VO is created ad hoc, between cooperating users. Typically medium or short term with few users. E.g. several colleges working on an experiment, who want to share their jobs' results and input. dynamic static 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  16. Classification of VOs Classification of VOs VO is created ad hoc, between cooperating users. Typically medium or short term with few users. E.g. several colleges working on an experiment, who want to share their jobs' results and input. dynamic static VO is rather big, created in effect of formal agreement between organizations, provides access to large resources. Set up and maintained by dedicated administrators. E.g. WLCG VOs. 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  17. Classification of VOs Classification of VOs complex relationships dynamic static minimal relationships 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  18. Classification of VOs Classification of VOs complex relationships VO defines complex SLA between members and resources. E.g.: each VO member gets 10k cpuh/month or all members can run up to 10 copies of licensed dynamic software simultaneously. static minimal relationships 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  19. Classification of VOs Classification of VOs complex relationships VO defines complex SLA between members and resources. E.g.: each VO member gets 10k cpuh/month or all members can run up to 10 copies of licensed dynamic software simultaneously. static VO does not offer sophisticated SLAs, etc. VO membership is used mostly to grant access to some resources (which are subject to change). minimal relationships 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  20. Classification of VOs Classification of VOs complex complex Distributed management relationships relationships very hard or impossible. VO defines complex SLA VO defines complex SLA between members and resources. between members and resources. E.g.: each VO member gets E.g.: each VO member gets 10k cpuh/month or all members 10k cpuh/month or all members can run up to 10 copies of licensed can run up to 10 copies of licensed dynamic software simultaneously. software simultaneously. static VO does not offer sophisticated SLAs, etc. VO membership is used mostly to grant access to some resources (which are subject to change). Distributed management minimal possible. relationships 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  21. gLite and VOMS gLite and VOMS  Virtual Organizations Membership Service. ● INFN, used in EGI and WLCG.  One VOMS instance maintains only a single VO. ● Difficult to set up new VOs.  VOMS exposes information on: ● VO members, organized in hierarchical groups, ● their roles, group scoped, ● generic attributes, not scoped. in proxies with AC extension ( VOMS proxy ) or in SAML assertions.  Only user can query for her attributes. ● Push mode supported only. 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  22. gLite and VOMS gLite and VOMS  gLite LCMAPS allows for mapping of VOMS attributes to local uids and/or gids (fixed or pool).  The client identity is VO-bound and therefore the VO information is tightly coupled with each request. ● used for accounting  Some statistics: ● EGI maintains over 200 VOs, with over 21k members. ● The biggest VO: atlas - nearly 3k members. ● http://operations-portal.egi.eu/vo/usersSummary 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  23. VOs in UNICORE up to 6.4.x VOs in UNICORE up to 6.4.x UVOS UVOS  UNICORE Virtual Organizations Service ● Everybody mix this up with VOMS. New name in future?  Server can handle arbitrary amount of VOs.  Members can have multiple identities.  Organized in hierarchical groups.  With attributes - each can be group scoped. ● Possibility to store an arbitrary site-specific data as xlogins.  Only SAML supported as the assertion format.  Both self and 3rd party queries possible. ● Push and pull modes possible. 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

  24. VOs in UNICORE up to 6.4.x VOs in UNICORE up to 6.4.x What do we have? What do we have?  Convenient user management UI provided by UVOS.  UVOS can be used to store site-local xlogins ● distributed management also possible .  VO attributes are mapped to UNICORE standard ones (role, xlogin, ...) and in effect VO membership is used in authorization only ● Implicitly - in fact only a role attribute from supported VOs. 30-05-2012, UNICORE Summit, Dresden K. Benedyczak

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Outline The UNICORE Grid System 1. Introduction UNICORE UNICORE Plus Project Tutorial

Outline The UNICORE Grid System 1. Introduction UNICORE UNICORE Plus Project Tutorial

Outline The UNICORE Grid System 1. Introduction UNICORE UNICORE Plus Project Tutorial The UNICORE Grid System Software Status Architecture [- Acronyms] Klaus-Dieter Oertel, Pallas GmbH 2. Client kdoertel@pallas.com

887 views • 41 slides
UNICORE for the end users Presenters: Krzysztof Benedyczak, Marcelina Borcz University of

UNICORE for the end users Presenters: Krzysztof Benedyczak, Marcelina Borcz University of

UNICORE for the end users Presenters: Krzysztof Benedyczak, Marcelina Borcz University of Warsaw EGI USER Forum 2011 UNiform Interface to COmputing Resources Some projects related to Unicore: UNICORE UNICORE Plus EUROGRID

406 views • 7 slides
WIVE workshop WIVE workshop Managing distributed innovation processes in Virtual Organisations

WIVE workshop WIVE workshop Managing distributed innovation processes in Virtual Organisations

WIVE workshop WIVE workshop Managing distributed innovation processes in Virtual Organisations by applying the Virtual Organisations by applying the Collaborative Network Relationship Analysis Dr. rer. pol. Jens Eschenbcher Dipl. Inf. Heiko

751 views • 21 slides
A European Grid Technology A European Grid Technology http://www.unicore.eu

A European Grid Technology A European Grid Technology http://www.unicore.eu

A European Grid Technology A European Grid Technology http://www.unicore.eu http://www.unicore.eu Achim Streit Jlich Supercomputing Centre (JSC) History Lesson History Lesson UN iform I nterface to CO mputing Re sources seamless,

454 views • 23 slides
User Defined Runtime Environments in UNICORE EGI Technical Forum 2011, Lyon, FR 2011-09-21 Bj

User Defined Runtime Environments in UNICORE EGI Technical Forum 2011, Lyon, FR 2011-09-21 Bj

Mitglied der Helmholtz-Gemeinschaft User Defined Runtime Environments in UNICORE EGI Technical Forum 2011, Lyon, FR 2011-09-21 Bj orn Hagemeier and Kiran Javaid Agenda Introduction Design Fitting the Model VMM Abstraction VM Images

548 views • 31 slides
ABOUT US ICRSE: EUROPEAN NETWORK OF ORGANISATIONS AND INDIVIDUALS 99 ORGANISATIONS IN 33

ABOUT US ICRSE: EUROPEAN NETWORK OF ORGANISATIONS AND INDIVIDUALS 99 ORGANISATIONS IN 33

ABOUT US ICRSE: EUROPEAN NETWORK OF ORGANISATIONS AND INDIVIDUALS 99 ORGANISATIONS IN 33 COUNTRIES IN EUROPE AND CENTRAL ASIA SEX WORKER LED (MAJORITY OF SEX WORKERS ON BOARD AND AS STAFF/CONSULTANTS) COMMUNICATION: LIST-SERVS,

515 views • 12 slides
The IRISGrid Infrastructure Seamless Support for VOs JRES2005, Marseille Virtual Organisations

The IRISGrid Infrastructure Seamless Support for VOs JRES2005, Marseille Virtual Organisations

The IRISGrid Infrastructure Seamless Support for VOs JRES2005, Marseille Virtual Organisations Why a support infrastructure Users own and require resources Shared Collective User User Resource User Resource Resource User

657 views • 28 slides
Interacting with Research Organisations HEALTH AND BIOSECURITY Research Organisations and your

Interacting with Research Organisations HEALTH AND BIOSECURITY Research Organisations and your

Interacting with Research Organisations HEALTH AND BIOSECURITY Research Organisations and your data team Research organisations love to collaborate Discover Real world problems and contribute real world solutions Advantages for the

110 views • 8 slides
Automated Scenario Generation Toward Tailored and Optimized Military Training in Virtual

Automated Scenario Generation Toward Tailored and Optimized Military Training in Virtual

Entertainment Intelligence Lab Automated Scenario Generation Toward Tailored and Optimized Military Training in Virtual Environments Alex Zook Stephen Lee-Urban, Mark Riedl, Heather Holden, Robert Sottilare, Keith Brawner Scenario-based

399 views • 23 slides
The Chemomentum Chemomentum Data Services Data Services The A flexible solution for data

The Chemomentum Chemomentum Data Services Data Services The A flexible solution for data

IST-5-033437 The Chemomentum Chemomentum Data Services Data Services The A flexible solution for data handling in UNICORE A flexible solution for data handling in UNICORE Katharina Rasch, Robert Schne, Hartmut Mix - Technische Universitt

354 views • 24 slides
Challenges of renewable power generation Virtual energy storage from flexible loads Workshop EDF

Challenges of renewable power generation Virtual energy storage from flexible loads Workshop EDF

Challenges of renewable power generation Virtual energy storage from flexible loads Workshop EDF Lab gestion centralis ee/d ecentralis ee des syst` emes electriques September 16, 2016 Ana Bu si c Dyogene team, Inria

1.01k views • 30 slides
Virtual Machines Uses for Virtual Machines There are several uses for virtual machines:

Virtual Machines Uses for Virtual Machines There are several uses for virtual machines:

Virtual Machines Uses for Virtual Machines There are several uses for virtual machines: Virtual machine technology, often just called virtualization , makes one computer behave as several Running several operating systems simultaneously on

254 views • 10 slides
Commissioning Possible Our experience with commissioning Supporting organisations to bid for

Commissioning Possible Our experience with commissioning Supporting organisations to bid for

Commissioning Possible Our experience with commissioning Supporting organisations to bid for contracts Supporting public sector bodies to engage with VCSE organisations Developing consortiums Procuring providers to work with

898 views • 34 slides
Conformation: what does it add to nowadays breeding? In relation with breed organisations Gerben

Conformation: what does it add to nowadays breeding? In relation with breed organisations Gerben

Conformation: what does it add to nowadays breeding? In relation with breed organisations Gerben de Jong conformation - what does it add The start breed organisations (1) Breed organisations started 100-150 years ago Focus on

443 views • 33 slides
Generation Z Libraries and the Post-Millennial Generation

Generation Z Libraries and the Post-Millennial Generation

Generation Z Libraries and the Post-Millennial Generation http://procatdigital.co.uk/images/procat/blog/generation%20z%20words.jpg What is a generation? Generations in America

574 views • 22 slides
www.seai.ie M&R briefing for Section 38 and 39 organisations Maria Galavan, 7 April 2020 2

www.seai.ie M&R briefing for Section 38 and 39 organisations Maria Galavan, 7 April 2020 2

www.seai.ie M&R briefing for Section 38 and 39 organisations Maria Galavan, 7 April 2020 2 Overview Introductions M&R Reminders What to report / Scope of reporting Transformed organisations and activity metrics Other data issues

673 views • 31 slides
remote control interface for robots The Universal Robot Controller Master Thesis Presentation by

remote control interface for robots The Universal Robot Controller Master Thesis Presentation by

Design of an intuitive and responsive remote control interface for robots The Universal Robot Controller Master Thesis Presentation by La Spada Luca The 03 February 2016 ------------------------------------------------------------- Ijspeert

411 views • 28 slides
How implementation science helped to advance respectful maternity care at global, regional and

How implementation science helped to advance respectful maternity care at global, regional and

How implementation science helped to advance respectful maternity care at global, regional and national levels Dr. Wangui Muthigani, Dr. Walter Odoch, Dr. Emily Peca Photo credit: WRA The Aim Disrespect and abuse during childbirth was

368 views • 15 slides
THE MISSING Baby y Bo omers s I Age in 2 01 8 9 8 -7 8 Born 1 9 4 3 -1 9 6 0 Coming of Age 1

THE MISSING Baby y Bo omers s I Age in 2 01 8 9 8 -7 8 Born 1 9 4 3 -1 9 6 0 Coming of Age 1

19/07/2019 Definitions Si Sile lent G t Ge n e n Born 1 9 2 0 -4 0 s Coming of Age 1 9 4 0 -6 0 s THE MISSING Baby y Bo omers s I Age in 2 01 8 9 8 -7 8 Born 1 9 4 3 -1 9 6 0 Coming of Age 1 9 61 -7 8 Age in 2 01 8 7 5 -57

310 views • 3 slides
Q3 2019 RESULTS PRESENTATION 4 NOVEMBER 2019 Q3 2019 RESULTS PRESENTATION DISCLAIMER This

Q3 2019 RESULTS PRESENTATION 4 NOVEMBER 2019 Q3 2019 RESULTS PRESENTATION DISCLAIMER This

Q3 2019 RESULTS PRESENTATION 4 NOVEMBER 2019 Q3 2019 RESULTS PRESENTATION DISCLAIMER This document may contain forward-looking information and statements about ACERINOX, S.A., its subsidiaries and/or its management. These forward-looking

1.31k views • 27 slides
Building an Implementation Science Collaboration on Urban Health in East Africa ECSA-HC Best

Building an Implementation Science Collaboration on Urban Health in East Africa ECSA-HC Best

Building an Implementation Science Collaboration on Urban Health in East Africa ECSA-HC Best Practices Forum 2018 Ester Elisaria, Ifakara Health Institute Jane Wanyama, Infectious Diseases Institute Francis Obare, Population Council Kenya

141 views • 10 slides
Keith Coote (CMIOSH) (Proverbs 3:23 N.I.V.) What is a health and safety policy? This is a

Keith Coote (CMIOSH) (Proverbs 3:23 N.I.V.) What is a health and safety policy? This is a

Keith Coote (CMIOSH) (Proverbs 3:23 N.I.V.) What is a health and safety policy? This is a document that describes how you will manage health and safety in your organisation. Why do we need a health and safety policy? It will let

247 views • 24 slides
2013-15 Biennium Budget 2013-15 Operating & Capital Budget Board of Trustees Meeting - July

2013-15 Biennium Budget 2013-15 Operating & Capital Budget Board of Trustees Meeting - July

2013-15 Biennium Budget 2013-15 Operating & Capital Budget Board of Trustees Meeting - July 9, 2013 1 State Budget Biennial Overview Senate House Conference Easterns State Funding Proposal Proposal Budget Current State Funding,

483 views • 37 slides
20 th April 2011 Presentation On GREATER KARACHI SEWERAGE PLAN (S-III) KW&SB v Karachi

20 th April 2011 Presentation On GREATER KARACHI SEWERAGE PLAN (S-III) KW&SB v Karachi

20 th April 2011 Presentation On GREATER KARACHI SEWERAGE PLAN (S-III) KW&SB v Karachi with an estimated population of around 22 million is presently facing a severe environmental crisis due to discharge of untreated sewage through

371 views • 26 slides

More recommend