Embed Size (px)
Citation preview
1
OMII Release 1 Steven Newhouse, Peter Henderson
Stephen Crouch & Karen Ng
Presented by Mike Mineter for the NGS Induction Course
http://www.omii.ac.uk
2
The slides in this presentation were selected and (in a few cases) modified by Mike Mineter (NeSC) from those presented in January 2005 at an OMII training day
Goal of this presentation: to raise awareness of the OMII and its OMII_1 release
MM
3
Outline OMII The OMII_1 release: is available for
download TRY IT !!!
It is easy to use, although its grid middleware… The ETF is currently assessing OMII_1 for
deployment on the NGS…. So watch for news!
MM
4
Open MiddlewareInfrastructure Institute
OMII goal: to be the source of open source grid software
Institute of the University of Southampton Utilise existing software and standards Production focused software development Integrate, test & document ‘a product’ Focus on the user experience
Easy to install & use Utilise existing software and standards
Provide a solid web service base for others to build on
5
Where does our software come from? Open Source Community
Tomcat, Axis, etc., Software Repository
Accept software contributions Software deployed, tested & graded to provide
feedback Managed Programme
Fill gaps to build a solid enabling infrastructure Projects to bring research software to production
quality
6
Managed Programme GridSAM (Job Submission & Monitoring service) BPEL (Workflow service) Grimoires (Registry service based on UDDI) FIRMS (Reliable messaging) FINS (Notification) GeodiseLab (Matlab toolbox) WSRF::Lite integration OGSA-DAI (Database service) WSeSS (Using SSH to tunnel requests to resources)
7
OMII_1 release
8
OMII_1:A basic File-Compute Grid Enables a generic computational task Move input data from the client to the service
provider Process the data using an application on the
service provider Retrieve the output data from the service
provider
9
OMII_1 as a Service Provider Goal: I want others to access my resources &
applications I want to provide secure controlled access to:
My applications: Specify who can access which applications
My computational resources: I can limit external usage of my resources
Provides an interface that allows remote users to access my resources
Enable collaboration with other partners
10
OMII_1 as a User (or Client) Goal: I want to use other resources & applications Through a network of service providers I can…:
Gain access to applications that I do not have installed locally Use remote machines with more CPU, memory or storage
Process larger problems sizes Transparently switch between different service providers
No exposure to underlying OS, queuing policy, disk layout etc.
11
Grid Architecture Today The best way of designing Grids…
Loosely coupled services Message based exchange
The best way of running Grids… Interoperability between versions & grids Standards for infrastructure & services
The best way of building Grids… Leverage existing infrastructure & standards Use Web Services…
12
Some Web Service Definitions A service is the logical manifestation of some
physical or logical resources (databases, programs, devices, humans, etc) and/or some application logic that is exposed to the network
Service interaction is facilitated by message exchanges
A service is an abstract resource that represents a capability of performing tasks that represents a coherent functionality from the point of view of provider entities and requester entities. To be used, a service must be realised by a concrete provider agent
13
Web Services (WS) XML: Platform neutral mechanism to describe
data SOAP: Mechanism to describe message
exchange Simple Object Access Protocol
Not simple and nothing to do with Objects! Service Oriented Access Protocol
Re-engineering of acronym to fit current use!
WSDL: Defines the service interface
14
More WS concepts… Services have to reside in a supporting environment:
Called: hosting environment or container Marshals requests into and response out of the service Service can discover local configuration parameters Provides a standard infrastructure for service developers
Processing incoming requests & outgoing responses Called: Message handlers Manipulates elements of the message header
Primarily the SOAP header Handlers can be applied to message traffic into or out of the
whole container or a specific service
15
Putting it all together… Architecturally web services provide…
Process of independent loosely coupling services Defining service interfaces (or contract) Defining the format of the messages interchange Platform neutral Flexible granularity Clearly defined boundaries
Need an implementation…
16
OS Hosting Environment Tomcat: Servlet hosting environment Axis: A servlet that understands WS
Tomcat
17
Axis Handlers Tomcat manages transport: http & https
OMII can use https to secure message transport Axis handlers on client & server:
Serial / deserialisation from XML to Java Processing of message headers
OMII distribution includes handlers for: WS-Security: sign message & verify signature PBAC: Process Based Access Control
18
Process Based Access Control:A model for implementing AAA Authentication: CA issued X.509 certificates Authorisation: Interaction dependent authorisation
process Access control lists tied to process context and state
i.e. impose server side workflow requirements Supports “delegation” and “subordination” actions
Accounting: Activity matched against allocated quota Clients control who can access “their” allocated quota Collaboration with minimal overhead for service providers
19
OMII 1:Basic File-Compute Grid Consists of:
Base (Tomcat 5.0.25 & Axis 1.2b) Extensions (Axis Handlers)
WS-Security Process Based Access Control
Basic Services Sample application
Plus installers, README’s & documentation
20
OMII-1 Architecture
databaseof
accountsresources
applications
resources
computationdata storageapplications
Web Services
Accounting
Resource Mgmt
Data Staging
Job Submission
Client Application
Admin Application
Application
Application
Management(Browser)
Application
WS SecurityPBAC
Tomcat & Axis
21
OMII 1:Basic Services Based on a group of four services Functional: Data & Application execution
Running jobs using pre-installed applications Movement of input and output data files
Management: Account and Resources Must have an account with a service provider Or delegated access to someone else’s account
22
OMII Server Infrastructure
WS-Security
PBAC
AXIS
HappyAxis
TOMCAT
Static Webpage
AcctMgmt
Servlet
ResourceMgmt
Servlet
Account
Allocation
Data
Job
TestS
ervice
Exam
pleService
23
Condor or PBS Job service supports execution on different platforms:
Local resources (default & fully tested) Condor (demonstrated but not fully tested or supported) PBS (demonstrated but not fully tested or supported)
PBS uses POSIX batch scheduling interface Porting to other POSIX systems (e.g. SGE) should be
straightforward!
Demonstration only as the test servers do not have Condor or PBS
24
Try out the OMII_1 client !
25
OMII_1 Download Contents:
Server side installer (Application) Client side installer Cauchy Horizons
Simple Java application Transforms a surface (list of 3D points)
Install the client and use the OMII demo server to run the Cauchy application
[Then set up your own server]
MM
26
Where to get the client Register at www.omii.ac.uk & login Goto the downloads page Download the client distribution
SuSE 9.0 Client may work on other Linuxs but no exhaustive testing
Windows XP (SP 1 & 2)
Distribution requires JDK 1.4.2_04 Does not work with ‘just’ a JRE Will not work with JDK 1.4.2_05/06 & JDK 1.5.0 No testing with earlier JDKs.
27
Some notes on the certificate A certificate is needed on the client (WS-Sec) Details passed to the OMII CA Provides a certificate of low value
No authentication checks Expires after a month
Values are not verified Any non-null input will be OK
28
Testing the installation Three tests at the end of the installation All will fail if the container is not up & running
OR If you have no connection to the test servers
29
Checking the client install
WS-Security
PBAC
AXIS
HappyAxis
TOMCAT
Static Webpage
AcctMgmt
Servlet
ResourceMgmt
Servlet
Account
Allocation
Data
Job
TestS
ervice
Exam
pleService
testservicesConnection
non_PBACPBAC
CLIENT
30
Summary WS provide an effective mechanism to build
loosely coupled message based systems WS exchange XML messages over http/https
OMII_1 uses WS to provide a basic File & Compute Grid
