Title: Teaching Grid Computing Dr Richard Sinnott Technical Director National e-Science Centre ||| Deputy Director Technical Bioinformatics Research Centre University of Glasgow ros@dcs.gla.ac.uk
1Teaching Grid ComputingDr Richard
SinnottTechnical Director National e-Science
Centre Deputy Director Technical
Bioinformatics Research Centre University of
Glasgowros_at_dcs.gla.ac.uk
2Overview
- Grid Computing module
- Student backgrounds
- Syllabus
- Review of DyVOSE project
- Brief summary of technical approach
- Plans for the future
3Grid Computing module
- Part of advanced MSc at Glasgow
- Started teaching on 30th September
- Due to complete on 2nd December
- Involves
- 20 lectures,
- 10 tutorials,
- 3 problem sets,
- 1 large programming assignment
- Taught by
- Richard Sinnott (NeSC, Course Director),
- Colin Perkins (DCS),
- John Watt (NeSC, DyVOSE researcher)
- 1 lecture by Seamus Ross (DCC)
- 1 lecture by David Fergusson (EGEE training team)
4Student Backgrounds
- Students
- UG4
- MSci (UG5)
- Advanced MSc
- First lecture had 50 students, now have 16 signed
up for module - Various pre-requisites in taking module
- Based on Glasgow course structures
- DAS, DBIT, AC4,
- Additional materials developed for students
without necessary background - XML, XML Schema, WSDL,
- Not planned for originally
5Module Outline
Week 1 Lecture 1 Introduction to Grid Computing Colin Perkins
Lecture 2 Scalability and Heterogeneity Colin Perkins
Week 2 Tutorial 1 Discussion of Seminal Grid Papers Colin Perkins
Lecture 3 Open Standards and Architectures Richard Sinnott
Lecture 4 Implementations of the Grid Architecture John Watt
Week 3 Lecture 5 Resource Discovery/Information Services John Watt
Lecture 6 Web Services Richard Sinnott
Lecture 7 Technologies for Building Grids David Fergusson
Week 4 Tutorial 2 Exploring Web Services Technologies with GT3 John Watt
Lecture 8 Grid Security Concepts Richard Sinnott
Lecture 9 Virtual Organizations Richard Sinnott
Week 5 Tutorial 3 Exploring Web Services Technologies with GT3 John Watt
Lecture 10 Security in Practice John Watt
Tutorial 4 Lab work and Discussion of Grid Security Richard Sinnott
Week 6 Lecture 11 Job Scheduling and Management - Practice Colin Perkins
Tutorial 5 Discussion of Job Scheduling Papers Colin Perkins
Lecture 12 Workflow Management John Watt
6Module Outline
Week 7 Lecture 13 Data Access, Integration and Management John Watt
Lecture 14 Data Provenance and Curation Seamus Ross
Tutorial 6 Discussion of Data Management/Provenance Richard Sinnott
Week 8 Lecture 15 Data Transfer Colin Perkins
Lecture 16 Peer-to-Peer Communication Colin Perkins
Tutorial 7 Discussion of Networking Papers Colin Perkins
Week 9 Lecture 17 Tools for Collaboration Colin Perkins
Tutorial 8 Discussion on the Future of Grid Computing Richard Sinnott
Lecture 18 The Future of Grid Computing Richard Sinnott
Week 10 Lecture 19 Sample Applications Richard Sinnott
Lecture 20 Review of Major Concepts All
Tutorial 9 Q A All
National Digital Curation Centre
7Timetable
Week beginning Monday 1200-1300 Thursday 1400-1500 Friday 0900-1000
27 September Lecture 1 Lecture 2
4 October Tutorial 1 Lecture 3 Lecture 4
11 October Lecture 5 Lecture 6 Lecture 7
18 October Tutorial 2 Lecture 8 Lecture 9
25 October Tutorial 3 Lecture 10 Tutorial 4
1 November Lecture 11 Tutorial 5 Lecture 12
8 November Lecture 13 Lecture 14 Tutorial 6
15 November Lecture 15 Lecture 16 Tutorial 7
22 November Lecture 17 Tutorial 8 Lecture 18
29 November Lecture 19 Lecture 20 Tutorial 9
8DyVOSE Project Participants
- Dynamic Virtual Organisations in e-Science
Education (DyVOSE) team - Principal Investigators
- Dr Richard Sinnott (NeSC Glasgow)
- Prof David Chadwick (Salford)
- Developers
- Dr John Watt (NeSC Glasgow)
- Dr Sassa Otenko (Salford)
- Mr Tuan Anh Nguyen (Salford)
- Other Key People Involved
- Dr David Berry (NeSC Edinburgh)
- Dr Sandy Shaw (EDINA)
9DyVOSE Overview
- Dynamic Virtual Organisations for e-Science
Education (DyVOSE) project - Two year project started 1st May 2004 funded by
JISC - Exploring advanced authorisation infrastructures
for security in context of education - University of Salford provide authorisation
software (PERMIS) and security expertise - Applied in Grid Computing module part of advanced
MSc at the University of Glasgow - Will provide insight into rolling out
authorisation infrastructures/Grid to the masses - Exploration of current state of the art in
authorisation infrastructures - Second phase of work will involve NeSC
Edinburgh/EDINA - Extensions to the existing PERMIS infrastructure
to provide dynamic delegation of authority and
recognition of authority
10DyVOSE Workplan
- Phase 1
- Looking at applying existing PERMIS technology to
establish static Privilege Management
Infrastructure at GU
ScotGrid
GU Condor pool
Other (known!)
Grid resources
PERMIS based
Education
authorisation
VO
policies
Authorisation checks
Authorisation decisions
11DyVOSE Phase 1
- Phase 1 Deliverables
- D1.1 Design of Educational Case Studies
- D1.2 Installation of Software Infrastructure for
Static Delegation Based PMI - D1.3 Detailed Design for Dynamic Delegation and
Recognition of Authority - Development of course material
- Major effort for first time
12Current PERMIS based PMI approach
- PERMIS allows to
- Define roles for who can do what on what
- Policy Role x Target x Action
- Can user X invoke service Y and access or change
data Z? - Policies created with PERMIS PolicyEditor (output
is XML file)
13PERMIS based Authorisation
14PERMIS based Authorisation ...ctd
- PERMIS Privilege Allocator then used to associate
roles with specific users - Signed policies are stored as attribute
certificates in LDAP server - Exploiting the GGF AuthZ specification
- Generic way to authorise access to Grid services
using SAML callouts - Based on GT3.3 PERMIS
- Grid service (WSDD) has policy information
associated with it - DN of clients, target and actions checked when
attempts made to invoke services - BRIDGES and DyVOSE only projects exploiting this
API right now (Von Welch at AHM 2004)
15Explorations in Course
- Students applying Policy Editor to develop
security policy for use in their assignment - Sorting/searching works of Shakespeare
- run on single PC,
- using training lab Condor pool,
- as GT3.3/Condor service,
- as GT3.3 service using GSI,
- To see how authorisation at service level
achieved - Service should be accessible by themselves and
lecturing staff only - using for GT3.3-PERMIS authorised service
- To see how authorisation at method level achieved
- Students split into groups (Gp1, Gp2)
- Sort method available to their group and
lecturers only - Search method available to all
- Performance aspects investigated throughout
16DyVOSE Phase 2 and 3
- Phase 2
- D2.1 Report on Practical Experiences and Best
Practices in Static Delegation Based PMI - D2.2 Software implementing Dynamic Delegation and
Authority Recognition in PERMIS - Phase 3
- D3.1 User Manuals and Administrator Guides on
Using and Setting up and Managing Dynamic
Delegation Infrastructures - D3.2 Report on Practical Experiences in Using
Dynamic Delegation Infrastructures as Part of
e-Science Education - D 3.3 NMI release of PERMIS that supports dynamic
Delegation and Recognition of Authority
17DyVOSE Phase 2/3
Glasgow
Edinburgh
ScotGrid
Condor pool
Blue Dwarf
Dynamically established VO resources/users
Delegated VO policies
Edinburgh Education VO policies
Glasgow Education VO policies
Shibboleth
PERMIS based Authorisation checks/decisions
18Work Progress
- Majority of lecture materials completed
- Infrastructure established in NeSC Glasgow
training laboratory - Initial design of dynamic PMI complete
- Input to wider UK security requirements document
- (Being drafted by Howard Chivers)
19Work Progress ctd
- Long time wrestling with GT3.3-PERMIS integration
- Some delays due to version issues with GT3.3
- Also required some debugging of GT3.3 (commenting
out code) - Continued feedback on PERMIS tools
- Policy editor refinements
- Numerous discussions/meetings with Salford team
on sorting out PERMIS-GT3.3 issues - Certificate dependencies in using PERMIS
- Expects certificates created using openSSL
20Work Progress ctd
- Web site established
- http//www.nesc.ac.uk/hub/projects/dyvose
- Dissemination
- Poster at JISC meeting in Brighton
- Poster at AHM 2004 in Nottingham
- Paper in preparation to European Grid Conference,
Amsterdam - Course materials to be made available to those
interested - Some already provided to EGEE training team
21Future plans
- Feed experiences into wider Grid community (ETF
AAA work) - Continued input to wider security
requirements/scenario documents (and to STF?) - Applying experiences in other projects (VOTES,
BRIDGES) - Conduit for information from JISC Core Middleware
projects and wider UK e-Science activities - It would be nice to think that the majority of
the lecture materials had a life of over 1 year - Tried to achieve in course design
- not focused on Grid technologies explicitly, more
on underlying principles/challenges - Inevitable that refinements needed though
- Community needs to address this
22