Globus
Presented by:
Yayati Kasralikar for CPA 5937
Motivational ExampleCancer imageData Mining
Software
Very largeDatabase of
cancer images
cancer images
cancer images
R
Rcancer images
Data Pre-processing Software
High-performance
machine
What is Grid?
1. Coordinates resources that are not subject to centralized control.
2. Uses standard, open, general-purpose protocols and interfaces.
3. Delivers nontrivial qualities of service.• Let’s Examine some technologies:
– Clusters– P2P Systems (e.g. Gnutella)
– Web
-Centralized Control
Do not use Open and Standard protocolsNot coordinated use resources
Why use Grid?• A biochemist exploits 10,000 computers to
screen 100,000 compounds in an hour.
• 1,000 physicists worldwide pool resources for peta-op analyses of petabytes of data.
• An insurance company mines data from partner hospitals for fraud detection.
• An application service provider offloads excess load to a compute cycle provider
Virtual Organization (VO)
?RR
R
RR
R
R
RR
R
R
R
R
RR
RR
VO A
VO B
VO C
A dynamic set of individuals or institutions sharing resources for problem solving
Grid Characteristics• Scale and Resource Selection
– Particular applications selecting resources from a very large collection according to criteria such as connectivity,cost,security and reliability
• Heterogeneity at multiple levels– heterogeneity ranging from physical devices, system
software to scheduling and usage
• Dynamic and unpredictable behavior– Behavior and performance of shared resources vary
over time
• Multiple administrative domain.– Challenging security problem
Globus Initiative• Provide basic infrastructure, Protocols, Services,
APIs and SDKs for Grid Computing.– Protocols: Focus on externals(interactions) rather than
internals(resource characteristics) (e,g. GRIP, IP)– Service: Protocol+Behavior (e.g. Information).– APIs and SDKs: Facilitate application developers to
develop complex applications(e.g. GSS API,JDBC API,JNDI SDK). Application robustness, correctness, development and maintenance cost.
• Globus Toolkit: A community-based,open-architecture,open-source set of services and software libraries that supports Grids and Grid Applications.
Layered Grid Architecture
Application
ApplicationCollective
Resource
Connectivity
Fabric
Internet
Link
Transport
Grid
Pro
toco
l Arc
hite
ctur
e
Inte
rnet
Pro
toco
l Arc
hite
ctur
e
Connectivity Layer
Application
Collective
Resource
Connectivity
Fabric
Grid
Pro
toco
l Arc
hite
ctur
e
NexsusInterface
Grid Security Infrastructure
GSI
Resource Layer
Application
Collective
Resource
Connectivity
Fabric
Grid Resource Information
Protocol(GRIP)
GridFTP
Grid Resource Access
Management(GRAM)
Grid
Pro
toco
l Arc
hite
ctur
e
Grid Resource Registration
Protocol(GRRP)
Data Transfer Gri
d Info
rmati
on S
erv
ices
Reso
urc
e M
anagem
ent
Collective Layer
Application
Collective
Resource
Connectivity
Fabric
Data Replication Services
Directory Services
Grid
Pro
toco
l Arc
hite
ctur
e
Monitoring Services
Scheduling and Brokering Services
Application Layer
Application
Collective
Resource
Connectivity
Fabric
Grid
Pro
toco
l Arc
hite
ctur
e
Languages & Frameworks
Collective APIs and SDKs
Resource APIs and SDKs
Connectivity APIs
Fabric
Collective Service Protocols
Resource Service Protocols
Connectivity Protocols
Communication Services
EP
SP
SP
SPEP
0 1 2
Nexus communication mechanism
Communicationlink
• Diverse Communication needs.• IP does not meet these needs on the other hand MPI do
not provide rich range of communication abstractions.• Communication link and remote service request (RSR).
– One-sided asynchronous RPC transfer data from SP to EP(s) and integrate it into the process containing the EP(s)
Resource ManagementChallenging resource management problems:• site autonomy
– resources are typically owned and operated by different organizations, in different administrative domains
• heterogeneous substrate– different sites may use different local resource management
systems
• policy extensibility– A resource management solution must support the frequent
development of new domain-specific management structures
• co-allocation– using resources simultaneously at several sites
• online control.– substantial negotiation can be required to adapt application
requirements to resource availability
Resource Management Architecture
GRAM GRAM GRAM
LSF Condor NQE
Application
RSL
Simple ground RSL
Information Service
Localresourcemanagers
RSLspecialization
Broker
Ground RSL
Co-allocator
Queries& Info
Resource Specification Language• Based on the syntax for filter specifications in the
LDAP.• An RSL is constructed by combining simple
parameter specifications and conditions with following operators:
• &: Specify conjunction• | : Specify disjunction• + : Combine two or more requests• Resource brokers,co-allocators and resource
managers can each define a set of parameters.• Example: I want “5 nodes with at least 256MB
memory, or 10 nodes with 64MB for myprog”• RSL:&(executable=myprog)(|(&(count=5) (memory>=256)) (|(&(count=10) (memory>=64)))
Local Resource Management• Globus Resource Allocation Manager (GRAM)
provide local component for resource management.
• GRAM is responsible for:1. Processing RSL specifications2. Enabling remote monitoring and management of
jobs3. Periodically updates the information service.
• Two major software components of GRAM:1. GateKeeper: create Grid service2. Job Manager Instance(JMI): resource management
and Job control
The Hour-Glass principle
• Simple well-defined interface form the neck.• Uniform access to diverse local implementations
and higher-level global services.
Grid Security Characteristics• Single Sign on
– Users must be able to authenticate just once to access to multiple grid resources.
• Delegation– Users must be able to endow a program with the
ability to run on his/her behalf.
• Integration with local security Solutions– Interoperate with various local solutions.
• User-based trust relationships– Each of the resource providers must not interact
with each other to configure security environment.
Security Policies:• Grid Environment consists of multiple trust domains.• Operations confined to a single trust domain are subject to
local security policy only.• Both local and global participants exists. For each trust
domain, there exists a partial mapping from global to local.• Operations between entities located in different trust domains
require mutual authentication.• An authenticated global subject mapped into a local subject is
assumed to be equivalent to being locally authenticated as that local subject.
• All access control decisions are made locally on the basis of the local subject.
• A program or process is allowed to act on behalf of a user and be delegated a subset of the user's rights.
• Processes running on behalf of the same subject within the same trust domain may share a single set of credentials.
Globus Security Infrastructure
Credentials
User Proxy
Globus Credentials
CertificateCertificate
User
KerberosPublic Key
GSI
GRAM
User Process
User Process
User Process User Process
User Process
User Process
GSI
GRAM
Globus Security Scenario
Site A(Kerberos)
Site B (Unix)
Site C(Kerberos)
Computer
User
Computer
Storagesystem
Communication
GSI-enabledFTP server
AuthorizeMap to local idAccess file
Remote fileaccess request
GSI-enabledGRAM server
GSI-enabledGRAM server
Remote processcreation requests
Process
Kerberosticket
Restrictedproxy
Process
Restrictedproxy
Local id Local id
AuthorizeMap to local idCreate processGenerate credentials
Same
Single sign-on via “grid-id”& generation of proxy cred.
Or: retrieval of proxy cred.from online repository
User ProxyProxy
credential
Information Services
• Initial Discovery and ongoing monitoring of Resources• Existing services such as LDAP and UDDI do not address the dynamic addition and deletion of resources.• Two Fundamental entities in Grid Information Service:
• Highly distributed information providers.• Specialized aggregate directory services.
• Both these entities speak two fundamental protocols.
Information Servicesdiscovery (GRIP)
lookup (GRIP) registration (GRRP)
P P P P
D D
VO-specific Aggregate Directories
• Initial Discovery and ongoing monitoring of Resources• Existing services such as LDAP and UDDI do not address the dynamic addition and deletion of resources.• Two Fundamental entities in Grid Information Service:
• Highly distributed information providers.• Specialized aggregate directory services.
• Both these entities speak two fundamental protocols.
Information Provider Services
Information Services - ProtocolsGrid Information Protocol (GRIP)
– Used to access information about entities– GRIP supports both discovery and enquiry– GRIP is adopted from Lightweight Directory Access
Protocol (LDAP)– LDAP defines data model,query language and wire
protocol.
Grid Registration Protocol (GRRP)– Define a notification mechanism to push simple
information from one ‘element’ to another ‘element’.– It is a soft-state protocol which is resilient to failures.– GRRP message contains name of the service,type
of notification service and timestamp.
Hierarchical Discovery
Host:hn=R1,O=O1Host:hn=R2,O=O1Host:hn=R3,O=O1Host:hn=R1,O=O2Host:hn=R2,O=O2Host:hn=R1
Host:hn=R1Host:hn=R2Host:hn=R3
Host:hn=R1Host:hn=R2
Host
HostHostHostHost Host
R1 R2 R3 R1 R3
R1O1 O2
VO Directory
Information Provider
Center 1Directory
Center 2Directory
Network of aggregate directories
Each directory usesGRIP and act as a
Information Provider
Data Transfer - GridFTP• High-speed transport protocol which extends
the popular FTP protocol.• GridFTP Functionality:
– GridFTP must support GSI – Third-party control of data transfer– Parallel data transfer– Stripped data transfer– Partial file transfer– Support for reliable and restartable data transfer.
• The implementation consists of two principal libraries: globus_ftp_control_library and globus_ftp_client_library
Replica Management Service
Application
Metadata Service
Replica Management
Service
Replica Selection Service
Information Services
Attributes of desired data
(1) Logical File Names
(2)
Sources and destination
(6)
Performance Measurements and Predictions(7)
Location of Selected Replicas
(8)
Location of 1 or more replicas(4)(3)
(5)
Replica Management Service• Creating new copies of a complete or partial
collection of files• Registering them in a Replica Catalog• Allow Applications to query the catalog• Data are organized into files.
– Logical File name Vs Physical File name.
• Key Architecture Decisions:– Separation of Replication and Metadata Information– Does not enforce Replication Semantics– Provide Rollback to keep the state consistent in case
of failures– No distributed locking mechanism
Relationships to other technologies
• World Wide Web– Web technologies mainly support client-server
architecture. Lack features (at least for now) for rich interaction and single-sign on security.
• ASP and SSP.– Provide outsource solutions which depend on
specific customer. Lack dynamic configuration.
• Enterprise Computing– Static arrangements of sharing resources.
• P2P computing– Getting closer to Grid technology, but provide
specific solutions rather than common protocols.
Other Grid Perspective
• Grid as a next-generation Internet
• Grid is a source of free cycles
• Grid requires new programming models
• Grid makes high-performance computers superfluous
References• What Is The Grid? A Three Point Checklist. I. Foster,
GRIDToday, July 22, 2002: Vol. 1 No. 6.
• Grid Computing on the Web Using the Globus Toolkit, G. Aloisio, M. Cafaro, P. Falabella, C. Kesselman, R. Williams HPCN Europe.
• Computational Grids. I. Foster, C. Kesselman. Chapter 11 of "The Grid: Blueprint for a New Computing Infrastructure", Morgan-Kaufman, 1999.
• The Globus Project: A Status Report. I. Foster, C. Kesselman. Proc. IPPS/SPDP '98 Heterogeneous Computing Workshop, pp. 4-18, 1998.
• Globus: A Metacomputing Infrastructure Toolkit. I. Foster, C. Kesselman. Intl J. Supercomputer Applications, 11(2):115-128, 1997.
References• Data Management and Transfer in High Performance Computa
tional Grid Environments. B. Allcock, J. Bester, J. Bresnahan, A. L. Chervenak, I. Foster, C. Kesselman, S. Meder, V. Nefedova, D. Quesnal, S. Tuecke. Parallel Computing Journal, Vol. 28 (5), May 2002, pp. 749-771.
• Computational Grids. I. Foster, C. Kesselman. Chapter 2 of "The Grid: Blueprint for a New Computing Infrastructure", Morgan-Kaufman, 1999.
• A Directory Service for Configuring High-Performance Distributed Computations. S. Fitzgerald, I. Foster, C. Kesselman, G. von Laszewski, W. Smith, S. Tuecke. Proc. 6th IEEE Symposium on High-Performance Distributed Computing, pp. 365-375, 1997.
References• Grid Information Services for Distributed Resource Sharing. K.
Czajkowski, S. Fitzgerald, I. Foster, C. Kesselman. Proceedings of the Tenth IEEE International Symposium on High-Performance Distributed Computing (HPDC-10), IEEE Press, August 2001.
• A Security Architecture for Computational Grids. I. Foster, C. Kesselman, G. Tsudik, S. Tuecke. Proc. 5th ACM Conference on Computer and Communications Security Conference, pp. 83-92, 1998.
• A Resource Management Architecture for Metacomputing Systems. K. Czajkowski, I. Foster, N. Karonis, C. Kesselman, S. Martin, W. Smith, S. Tuecke. Proc. IPPS/SPDP '98 Workshop on Job Scheduling Strategies for Parallel Processing, pg. 62-82, 1998.
Closing RemarksWe will probably see the spread of 'computer utilities', which, like present electric and telephone utilities, will service individual homes and offices across the country." - 1969, Len Kleinrock
We are a little late, but we are ready now!
Extra-1: A Model Architecture for Data GridsMetadata Catalog
Replica Catalog
Tape Library
Disk Cache
Attribute Specification
Logical Collection and Logical File Name
Disk Array Disk Cache
Application
Replica Selection
Multiple Locations
NWS
SelectedReplica
GridFTP Control ChannelPerformanceInformation &Predictions
Replica Location 1 Replica Location 2 Replica Location 3
MDS
GridFTPDataChannel
Extra-2: Replica Catalog Structure:
Logical File Parent
Logical File Jan 1998
Logical CollectionC02 measurements 1998
Replica Catalog
Locationjupiter.isi.edu
Locationsprite.llnl.gov
Logical File Feb 1998
Size: 1468762
Filename: Jan 1998Filename: Feb 1998…
Filename: Mar 1998Filename: Jun 1998Filename: Oct 1998Protocol: gsiftpUrlConstructor: gsiftp://jupiter.isi.edu/ nfs/v6/climate
Filename: Jan 1998…Filename: Dec 1998Protocol: ftpUrlConstructor: ftp://sprite.llnl.gov/ pub/pcmdi
Logical CollectionC02 measurements 1999