Open Science Grid Findings of the OSG Task Force on Clemson/STAR VM Work Members of task force: Brian Bockelman, Igor Sfiligoi October 2010 Clemson participant: Sebastien Goasguen Charge of Task Force To understand and have documented the OSG related VM infrastructure, services and work of the CI Team at Clemson and with STAR. Summary of Findings The CI Team at Clemson collaborated with the STAR experiment to run STAR jobs on virtual machines. This collaboration culminated in the largest PYTHIA simulation samples ever generated in a month in the STAR community. CI Team sees this as an R&D scaling effort. The tool utilized (Kestrel) is a "pilot" framework based on the XMPP protocol, that can nicely traverse NAT and gets rid of networking worries due to virtualization. It is designed to be a cloud middleware-agnostic tool to help VOs schedule jobs in Clouds. This work has been presented at ACAT10, SciDAC 2010 and CHEP 2010. We have investigated the security of the system used. Security is based on shared-secret, which is sufficient for a technology demonstration. Security can be enhanced by the use of certificates but this has not been used so far. Benefits of this work to the OSG: Innovative approach to running jobs on the cloud. This technology proved to scale well and run with a high efficiency. Demonstrates one way the OSG could provide cloud interfaces (like the OSG CE provides a grid interface). Met the stakeholder needs based on the stakeholder’s technological interest. Observe needs and assisting OSG stakeholders is a significant aspect of the OSG. Made progress in an active area of CS research and received positive recognition. Cloud/Virtualization issues not addressed: Image deployment techniques. This was out of scope of the work, and we refer to the HEPiX working group on virtualization for image distribution between sites. Accounting: The work accomplished is not recorded in the OSG accounting systems, so it’s difficult to keep track of STAR work with the rest of the OSG. Though this is easily fixed by starting the VMs through a regular OSG CE. Roll-out and integration of technology: There is no clear path for how this technology would become a part of the VDT or whether it’s intended to grow beyond STAR. Kestrel is meant as a VO specific tool (like Panda) and will be distributed within the virtual machine images and not via VDT. Security issues: For this demo, STAR and CI Team worked together on the VM. There were active discussions on security policies for the security of VM images in the Joint Security Policy Group. Conclusions and Future Directions It is not clear how this work integrates with the campus grid effort, other than it utilizes the cloud resources at a campus grid (Clemson). It should probably be reclassified as a general purpose technology demo – in OSG, it would be called an “extension” or “VO task force” References OSG Campus Grid: https://twiki.grid.iu.edu/bin/view/CampusGrids/WebHome CI Team approach: http://osg-docdb.opensciencegrid.org/0009/000990/001/OSGCloudsThoughtsfromEngage.doc JSPG policy on Trusted Virtual Machines: http://www.jspg.org/wiki/Policy_Trusted_Virtual_Machines From Grid to cloud, the STAR experience, http://drupal.star.bnl.gov/STAR/files/STAR-CloudSciDAC-2010-final.pdf