Teaching Grid Computing
Dr Richard Sinnott
Technical Director National e-Science Centre
|||
Deputy Director Technical Bioinformatics
Research Centre
University of Glasgow
ros@dcs.gla.ac.uk
E-Science Education
Workshop, 1-2 Nov 2004
Overview
Grid Computing module
Student backgrounds
Syllabus
Review of DyVOSE project
Brief summary of technical
approach
Plans for the future
E-Science Education
Workshop, 1-2 Nov 2004
Grid Computing module
Part of advanced MSc at Glasgow
Started teaching on 30th September
Due to complete on 2nd December
Involves
20 lectures,
10 tutorials,
3 problem sets,
1 large programming assignment
Taught by
Richard Sinnott (NeSC, Course Director),
Colin Perkins (DCS),
John Watt (NeSC, DyVOSE researcher)
1 lecture by Seamus Ross (DCC)
1 lecture by David Fergusson (EGEE training team)
E-Science Education
Workshop, 1-2 Nov 2004
Student Backgrounds
Students
UG4
MSci (UG5)
Advanced MSc
X
First lecture had 50 students, now have 16 signed up for
module
Various pre-requisites in taking module
Based on Glasgow course structures
X
DAS, DBIT, AC4, …
Additional materials developed for students
without necessary background
XML, XML Schema, WSDL, …
X
Not planned for originally…
E-Science Education
Workshop, 1-2 Nov 2004
Module Outline
Week 1
Week 2
Week 3
Week 4
Week 5
Week 6
Lecture 1
Introduction to Grid Computing
Colin Perkins
Lecture 2
Scalability and Heterogeneity
Colin Perkins
Tutorial 1
Discussion of Seminal Grid Papers
Colin Perkins
Lecture 3
Open Standards and Architectures
Richard Sinnott
Lecture 4
Implementations of the Grid Architecture
John Watt
Lecture 5
Resource Discovery/Information Services
John Watt
Lecture 6
Web Services
Richard Sinnott
Lecture 7
Technologies for Building Grids
David Fergusson
Tutorial 2
Exploring Web Services Technologies with GT3
John Watt
Lecture 8
Grid Security Concepts
Richard Sinnott
Lecture 9
Virtual Organizations
Richard Sinnott
Tutorial 3
Exploring Web Services Technologies with GT3
John Watt
Lecture 10
Security in Practice
John Watt
Tutorial 4
Lab work and Discussion of Grid Security
Richard Sinnott
Lecture 11
Job Scheduling and Management - Practice
Colin Perkins
Tutorial 5
Discussion of Job Scheduling Papers
Colin Perkins
Lecture 12
Workflow Management
John Watt
E-Science Education
Workshop, 1-2 Nov 2004
Taught
today
Module Outline
Week 7
Week 8
Week 9
Week 10
Lecture 13
Data Access, Integration and Management
John Watt
Lecture 14
Data Provenance and Curation
Seamus Ross*
Tutorial 6
Discussion of Data Management/Provenance
Richard Sinnott
Lecture 15
Data Transfer
Colin Perkins
Lecture 16
Peer-to-Peer Communication
Colin Perkins
Tutorial 7
Discussion of Networking Papers
Colin Perkins
Lecture 17
Tools for Collaboration
Colin Perkins
Tutorial 8
Discussion on the Future of Grid Computing
Richard Sinnott
Lecture 18
The Future of Grid Computing
Richard Sinnott
Lecture 19
Sample Applications
Richard Sinnott
Lecture 20
Review of Major Concepts
All
Tutorial 9
Q&A
All
*National Digital Curation Centre
E-Science Education
Workshop, 1-2 Nov 2004
Timetable
Week beginning…
Monday 12:00-13:00
27 September
Thursday 14:00-15:00
Friday 09:00-10:00
Lecture 1
Lecture 2
4 October
Tutorial 1
Lecture 3
Lecture 4
11 October
Lecture 5
Lecture 6
Lecture 7
18 October
Tutorial 2
Lecture 8
Lecture 9
25 October
Tutorial 3
Lecture 10
Tutorial 4
1 November
Lecture 11
Tutorial 5
Lecture 12
8 November
Lecture 13
Lecture 14
Tutorial 6
15 November
Lecture 15
Lecture 16
Tutorial 7
22 November
Lecture 17
Tutorial 8
Lecture 18
29 November
Lecture 19
Lecture 20
Tutorial 9
E-Science Education
Workshop, 1-2 Nov 2004
DyVOSE Project Participants
Dynamic Virtual Organisations in e-Science
Education (DyVOSE) team
Principal Investigators
X
X
Dr Richard Sinnott (NeSC Glasgow)
Prof David Chadwick (Salford)
Developers
X
X
X
Dr John Watt (NeSC Glasgow)
Dr Sassa Otenko (Salford)
Mr Tuan Anh Nguyen (Salford)
Other Key People Involved
X
X
Dr David Berry (NeSC Edinburgh)
Dr Sandy Shaw (EDINA)
E-Science Education
Workshop, 1-2 Nov 2004
DyVOSE Overview
Dynamic Virtual Organisations for e-Science
Education (DyVOSE) project
Two year project started 1st May 2004 funded by JISC
Exploring advanced authorisation infrastructures for
security in context of education
X
X
University of Salford provide authorisation software (PERMIS) and
security expertise
Applied in Grid Computing module part of advanced MSc at the
University of Glasgow
– Will provide insight into rolling out authorisation
infrastructures/Grid to the masses
– Exploration of current state of the art in authorisation
infrastructures
– Second phase of work will involve NeSC Edinburgh/EDINA
– Extensions to the existing PERMIS infrastructure to provide
dynamic delegation of authority and recognition of authority
E-Science Education
Workshop, 1-2 Nov 2004
DyVOSE Workplan
Phase 1
Looking at applying existing PERMIS technology to
establish static Privilege Management Infrastructure at GU
ScotGrid
GU Condor pool
Other (known!)
Grid resources
Education
VOpolicies
PERMIS based
authorisation
Authorisation checks
Authorisation decisions
E-Science Education
Workshop, 1-2 Nov 2004
DyVOSE Phase 1
Phase 1 Deliverables
D1.1 Design of Educational Case Studies
D1.2 Installation of Software Infrastructure for Static
Delegation Based PMI
D1.3 Detailed Design for Dynamic Delegation and
Recognition of Authority
Development of course material
X
Major effort for first time…
E-Science Education
Workshop, 1-2 Nov 2004
Current PERMIS based PMI approach
PERMIS allows to
Define roles for who can do what on what
X
Policy = { Role x Target x Action }
– Can user X invoke service Y and access or change data Z?
» Policies created with PERMIS PolicyEditor (output is XML file)
E-Science Education
Workshop, 1-2 Nov 2004
PERMIS based Authorisation
E-Science Education
Workshop, 1-2 Nov 2004
PERMIS based Authorisation ...ctd
PERMIS Privilege Allocator then used to
associate roles with specific users
X
Signed policies are stored as attribute certificates in LDAP server
Exploiting the GGF AuthZ specification
X
Generic way to authorise access to Grid services using SAML
callouts
– Based on GT3.3 – PERMIS
» Grid service (WSDD) has policy information associated with it
» DN of clients, target and actions checked when attempts made
to invoke services
X
BRIDGES and DyVOSE only projects exploiting this API right
now (Von Welch at AHM 2004)
E-Science Education
Workshop, 1-2 Nov 2004
Explorations in Course
Students applying Policy Editor to develop
security policy for use in their assignment
Sorting/searching “works of Shakespeare”
… run on single PC,
… using training lab Condor pool,
… * as GT3.3/Condor service,
… as GT3.3 service using GSI,
X
To see how authorisation at service level achieved
– Service should be accessible by themselves and lecturing staff only
… using * for GT3.3-PERMIS authorised service
X
To see how authorisation at method level achieved
– Students split into groups (Gp1, Gp2)
» Sort method available to their group and lecturers only
» Search method available to all
Performance aspects investigated throughout…
E-Science Education
Workshop, 1-2 Nov 2004
DyVOSE Phase 2 and 3
Phase 2
X
X
D2.1 Report on Practical Experiences and Best Practices in Static
Delegation Based PMI
D2.2 Software implementing Dynamic Delegation and Authority
Recognition in PERMIS
Phase 3
X
X
X
D3.1 User Manuals and Administrator Guides on Using and Setting
up and Managing Dynamic Delegation Infrastructures
D3.2 Report on Practical Experiences in Using Dynamic Delegation
Infrastructures as Part of e-Science Education
D 3.3 NMI release of PERMIS that supports dynamic Delegation
and Recognition of Authority
E-Science Education
Workshop, 1-2 Nov 2004
DyVOSE Phase 2/3
Glasgow
ScotGrid
Edinburgh
Condor pool
Blue Dwarf
Dynamically
established VO
resources/users
Delegated
VO policies
Glasgow
Education
VO policies
Shibboleth
PERMIS based
Authorisation
checks/decisions
E-Science Education
Workshop, 1-2 Nov 2004
Edinburgh
Education
VO policies
Work Progress
Majority of lecture materials completed
Infrastructure established in NeSC Glasgow
training laboratory
Initial design of dynamic PMI complete
Input to wider UK security requirements document
(Being drafted by Howard Chivers)
E-Science Education
Workshop, 1-2 Nov 2004
Work Progress …ctd
Long time wrestling with GT3.3-PERMIS integration
Some delays due to version issues with GT3.3
X
Also required some debugging of GT3.3 (commenting out code)
Continued feedback on PERMIS tools
X
Policy editor refinements
– Numerous discussions/meetings with Salford team on sorting out
PERMIS-GT3.3 issues
Certificate dependencies in using PERMIS
X
Expects certificates created using openSSL
E-Science Education
Workshop, 1-2 Nov 2004
Work Progress …ctd
Web site established
http://www.nesc.ac.uk/hub/projects/dyvose
Dissemination
Poster at JISC meeting in Brighton
Poster at AHM 2004 in Nottingham
Paper in preparation to European Grid
Conference, Amsterdam
Course materials to be made available to
those interested
Some already provided to EGEE training team
E-Science Education
Workshop, 1-2 Nov 2004
Future plans
Feed experiences into wider Grid community (ETF AAA work)
Continued input to wider security requirements/scenario
documents (and to STF?)
Applying experiences in other projects (VOTES, BRIDGES)
Conduit for information from JISC Core Middleware projects
and wider UK e-Science activities
It would be nice to think that the majority of the lecture
materials had a life of over 1 year
Tried to achieve in course design
X
not focused on Grid technologies explicitly, more on underlying
principles/challenges
Inevitable that refinements needed though…
X
Community needs to address this
E-Science Education
Workshop, 1-2 Nov 2004
Questions?
E-Science Education
Workshop, 1-2 Nov 2004