INFN-GRID Globus evaluation
Massimo Sgaravatto
INFN Padova
for the INFN Globus group
globus@infn.it
http://www.infn.it/globus
Globus activities within INFN


WP “Installation and Evaluation of the Globus Toolkit” of the
INFN-GRID Project
Goal: evaluate the Globus toolkit as a GRID framework
providing basic services

Proposed work plan








Globus deployment and installation tools
Evaluation of Globus security services
Evaluation of Grid Information Service
Evaluation of Globus services for resource management
Evaluation of Globus tools for data management
Evaluation of Globus HBM for fault monitoring
Evaluation of Globus GEM for execution environment management
The activities of this WP are over

A report on this evaluation will be soon available
Globus installation tools



INFN-GRID installation tool to shorten the installation
time of the Globus toolkit, avoid common mistakes,
support for specific customisations
Possibility (option) to install optional software, to
proceed with INFN specific customizations (INFN CA,
configuration of a hierarchical GIS architecture), to
install and use specific INFN tools
Proven to be successful within INFN (used to setup a
INFN GRID testbed) and also outside (CERN, FNAL,
…)
Globus installation tools

INFN-GRID 1.2


INFN-GRID 1.3 (just released)


Other patches, in particular for job manager memory leaks (already
available for INFN-GRID 1.2 installations), support for Solaris 7, full support
for GDMP 1.2, distribution of various Globus flavored compilations, support
for unattended installations
Future


Binary distribution (binary relocability), support for RH 6.x and Solaris 2.6,
support for Condor, LSF and PBS, auxiliary packages (gsincftp, wu-gsiftpd,
GDMP), upgrade procedure, various patches
RPMs, support for developers, ...
Other info



http://www.pi.infn.it/grid/dist
http://www.infn.it/grid/dist.html (to download the INFN-GRID installation
kit)
infngrid-toolkits@infn.it (mailing list used to inform users about news,
problems, etc… . related to the toolkit)
Security

Evaluation of Globus GSI




Some shortcomings, but the GSI security model
seems to satisfy our requirements
INFN-CA used to sign certificates
Script for CRL (issued by INFN CA)
distribution
AFS tests

Analysis of what can be done now with the
existing tools (quite unfit for any real need) and
possible ways to address the existing
shortcomings
Security

Centralized management of the grid-mapfile


Goal: Ease the sharing of the same access policies
(represented by the grid-mapfiles) for groups of hosts with
common purposes
Proposed system

Central repository (LDAP server) to store user certificates
(subjects) and to define groups of users



Certificates published by CA manager
Group manager responsible for editing group memberships (using
a LDAP client)
Resource owners (Globus administrators) periodically (i.e. cron
job) “connect” to this repository, “download” the subject of the
certificates that meet a specified criterion (i.e. all users of
group X), and produce grid-mapfile entries
Information Service






Evaluation of Globus GIS
Definition and implementation of a hierarchical architecture of
GIS 1.1.3
Performance and scalability tests
MRTG tools to monitor LDAP (GRIS and GIIS) servers
Web interface for browsing
Various shortcomings must be addressed (to use the GIS in a
production environment)




Mixed push/pull model more suitable than a pull model
Performance
Lack of security
…
INFN GIS Topology
Top Level INFN GIIS
Dc=infn,dc=it,
o=grid
Exp=cms, o=grid
Dc=bo, Dc=infn,
dc=it,o=grid
Dc=pd,Dc=infn,
GIIS dc=it,o=grid
GIIS
Bologna
Padova
INFN CMS GIIS
GRIS
Resource Management


Most of these activities as collaboration with Datagrid WP 1
(Grid Workload Management)
Evaluation of Globus GRAM


Tests with Condor, LSF and PBS as underlying resource
management systems
Lack of “robustness” (needed for real production environments)





Memory leaks in the Globus job manager (fixed)
Scalability (one job manager for each job)
Reliability (the job manager is not persistent)
…
GRAM client API evaluation
Resource Management

Evaluation of GRAM Reporter (“cooperation” between GRAM and GIS)
in particular for farms





Evaluation of RSL as uniform language to specify resources
Submission of Condor jobs to Globus resources



Condor-G (useful as a reliable crash-proof job submission service)
GlideIn
Preliminary evaluation of GARA


Many useless attributes (at least for our needs), attributes not calculated
(always defined as 0), some attributes not properly calculated by Globus
shell scripts (i.e. totalnodes and freenodes for LSF)
Some important information describing the farms and the submitted jobs
(necessary for example for a resource broker) missing
Draft proposal for a possible modification of the default schema
Network reservation
Evaluation of MPICH-G2 vs. MPICH

Some shortcomings found (lack of support for shared memory, worse
latency performance wrt. MPICH)
Data management

Tests with GASS



Tests with command line tools and APIs
Problems (huge decrease in transfer rate)
transferring big files
Tests with Globusftp alpha release 2


Collaboration with WP network INFN-GRID
Tests of new features



Support for GSI mechanisms
Capability of resuming interrupted file transfers
Throughput tests using parallel data transfers
Other services

Fault Monitoring (HBM)



Evaluation of HBM for fault detection (for “system”
and “user” processes)
… but the HBM package is not seeing active
development
Execution Environment Management (GEM)


Evaluation of GEM as service for code migration
… but the GEM service now provides only limited
capabilities (executable staging)
Conclusions



The Globus toolkit can provide basic services
useful to create and deploy usable Grids, but
many shortcomings and issues must be
addressed
… more details in the report (very soon
available)
Other info: http://www.infn.it/globus