A Web Portal for the National Grid Service Rob Allan

advertisement
A Web Portal for the National Grid
Service
Xiaobo Yang, Dharmesh Chohan, Xiao Dong Wang
and Rob Allan
CCLRC e-Science Centre, CCLRC Daresbury
Laboratory
Warrington WA4 4AD, UK
Rob Allan
Daresbury Laboratory
The Grid “Client Problem”
Many clients want to access a few Gridenabled resources
Grid Core
Workplace:
desktop
clients
Grid Core
Middleware
e.g. Globus
Portable clients:
phones, laptop,
pda, data entry…
Consumer
clients: PC,
TV, video,
AG
Options
• Provide heavyweight functionality (Globus?), but only on Gridenabled hosts;
• Implied need for client-server software architecture, e.g.:
– Web-based portal with familiar browser
– Client programming library, API in C, C++ Java, Perl,
Python, R etc.
– Ability to link to existing applications/ GUIs
– Command-based shell interface
Our chosen solution
– Drag and Drop interface (a la Mac)
• Need a published set of services on Grid hosts – OGSA model,
registry, semantics;
• Need easy development and deployment framework for
applications and client tools, e.g. using Web services encourage community contribution via an open process.
Why a Portal
Right functionality:
• Encapsulates Grid functionality
• Separation of “front-end” session management and presentation
layers
• Model code layer at “back-end” using Globus C/ Java API or other
middleware, e.g. SRB
Right technology:
• Good support for portal developments – standards and tooling in Java
• Web services (Java, Perl, C, Python, PHP, etc.)
Knowledge:
• Previous experience, we have been using Web portals to develop and
test Grid functionality since 2000
• HPCPortal, InfoPortal, DataPortal
• Based on work in the Global Grid Forum – Grid Computing
Environments research group (GCE-RG)
Building on the Infrastructure
NGS Portal
Integrated e-Science
Environment
User layer (application, GUI, script, Portal, etc.)
We are here
Web service, CGI, etc.
Front end services (session management etc.)
Web service or close coupling
Back end services (Globus wrappers etc.)
Globus protocols
Infrastructure (Globus etc.)
NGSPortal v1.0
• NGSPortal 1.0 was based on OGCE v1.0: the Open Grid Computing
Environment portal
– Adopted in USA by NMI: the National Middleware Initiative
– http://www.collab-ogce.org/nmi/portal
• Used the CHEF framework (Comprehensive Collaborative Framework)
from U. Michigan
• Some additional ideas taken from HPCPortal and InfoPortal
• NGSPortal tools available November 2004:
– MyProxy management
– GRAM job submission
– FileTransfer based on GridFTP
– MDS resource discovery
• Feedback at NeSC training event, December 2004
NGSPortal v1.0 file-transfer tool
Why change?
• Was always planned to migrate to Sakai along with OGCE v2.0
– http://www.sakaiproject.org
– had letters of support from Brad Wheeler and Chuck Severance
– JISC Sakai VRE Demonstrator funded
• But, OGCE is no longer using Sakai. Decided to deploy JSR-168 Java
standard portlets to replace the CHEF teamlets
• GridSphere and uPortal frameworks now supported
• Many European projects have tried GridSphere
• We also therefore decided to use JSR-168 in NGSPortal v2.0 for
complete portability and sharing with other projects such as
Integrative Biology and e-HTPX
• GridSphere, uPortal, LifeRay, eXo Platform and StringBeans
evaluated
– workshop with Jason Novotny, NeSC, March 2005
– See separate paper
• StringBeans chosen because of its good level of support and
flexibility of customisation
Single Sign-On
Most feedback has been about SSO
•
•
•
–
PKI infrastructure adopted as standard for middleware on UK Grid
with a policy statement issued by CA to enable international
collaborations – took a lot of effort!
v1.0 was therefore intended to work with Globus using a MyProxy
certificate repository for pervasive access
Same as HPCPortal and an established Grid security procedure
1. Log into portal with username/ passwd
2. Retrieve proxy credential from MyProxy using possibly a
different username/ passwd
MyProxy is maintained by the Grid Operations and Support Centre
for all Grid users myproxy.grid-support.ac.uk
But
• Widespread lack of awareness of Grid security issues
• Users not willing to make the effort to manage their own certificate
• Need more training?
2-step login method
Simplified by using MyProxy as
primary authentication via a CHEF
service
NGSPortal v2.0
• Using JSR-168
• Chose StringBeans r2.4
– http://www.nabh.com/projects/sbportal
• Portlets will also work in other environments, e.g. GridSphere
– As demonstrated at NeSC workshop, March 2005
• Single Web application for all portals enables shared session
information, e.g. proxy credential
• Using JAAS architecture for MyProxy Login Module (SSO)
– Map to local portal accounts
– Still has a portal login for those who don’t want to use Grid
services
NGSPortal v2.0 “Welcome!”
Authentication in NGSPortal v2.0
Inter-portlet Communication using JMS
• Need more integration of portal services
– an “integration API”
• But, having all portlets in one Web application is not satisfactory
– Configuration and management problems
– Hard to distribute via a portlet repository
• Inter-portlet communication is provided in commercial portal
frameworks, e.g. WebSphere
– Extensions to JSR-168
• JMS is used for the BatchJobMonitor portlet.
– A finishing job sends a JMS message to a server
– BatchJobMonitor can consume this message to get the job status
– Can also provide notification
BatchJobMonitor portlet
Other Features of J2EE Architecture
• Current development is being doing using J2EE architectural
features hosted in JBOSS
• JAAS and JMS are already part of J2EE and being used as
described
• EJB: Enterprise Java Beans enables further factoring of a multi-tier
server-centric application such as a portal.
– EJBs can be automatically exposed as Web services
• This will enable NGSPortal services to be accessible from other
client environments
– e.g. GROWL and Sakai – see separate papers
• WSRP is being investigated to enable projects to use NGS portlets
directly in their own portal frameworks
– But GridSphere does not have a WSRP consumer
• ongoing discussion with Jason Novotny
– Sakai?
• similar discussion with Chuck Severance
Re-factoring using J2EE Architecture
Business Logic
Enterprise
JavaBeans
JSR 168
Portlets
Proxy
Manager
Job
Submission
File Transfer
GridFTP/SRB
LDAP
Browser
Portal
JSR 168
Compliant
Sakai
Framework
Web
Service
Interfaces
UDDI
Registry
EJB Internal Comm
Accessing Web Services
Accessing EJBs
Web Service Registry
Future Work
• The current architecture is being re-factored as above
• Other portlets are being developed by popular demand, e.g. an SRB
portlet
• Further integration of the portlets is taking place, e.g. using SRB
together with GridFTP or closely coupled with the JobManager
portlet
• Application-specific portlets such as DL_POLY
• Cloning of portlets for other projects such as Integrative Biology
• Portlet registry - jUDDI
Talk to us!
• Workflow – WOSE project
• Chargeable services – GridMarkets project
• WSRP for aggregation of remote services and provision of NGS
portlets to projects’ own portals
• WSRP export of portlets for Sakai VRE Demonstrator project
* See other papers at this conference *
Thanks!
Download