Usage of LDAP in Globus

Similar documents
A Survey Paper on Grid Information Systems

An Evaluation of Alternative Designs for a Grid Information Service

MDSML: An XML Binding to the Grid Object Specification

Grid Computing Fall 2005 Lecture 5: Grid Architecture and Globus. Gabrielle Allen

LDAP Directory Services

THE GLOBUS PROJECT. White Paper. GridFTP. Universal Data Transfer for the Grid

Grid Computing Middleware. Definitions & functions Middleware components Globus glite

A CORBA Commodity Grid Kit

UNICORE Globus: Interoperability of Grid Infrastructures

GridMonitor: Integration of Large Scale Facility Fabric Monitoring with Meta Data Service in Grid Environment

AN INTRODUCTION TO THE GLOBUS TOOLKIT

Grid Architectural Models

A Distributed Media Service System Based on Globus Data-Management Technologies1

Layered Architecture

Replica Selection in the Globus Data Grid

Day 1 : August (Thursday) An overview of Globus Toolkit 2.4

OGCE User Guide for OGCE Release 1

GRAIL Grid Access and Instrumentation Tool

Gregor von Laszewski, Ian Foster, Jarek Gawor, Warren Smith, Steven Tuecke. 1 Introduction 1. 2 Grids and Grid Technologies 2

NUSGRID a computational grid at NUS

Introduction to GT3. Introduction to GT3. What is a Grid? A Story of Evolution. The Globus Project

A Compact Computing Environment For A Windows PC Cluster Towards Seamless Molecular Dynamics Simulations

Scheduling Large Parametric Modelling Experiments on a Distributed Meta-computer

Research and Design Application Platform of Service Grid Based on WSRF

A Directory Service for Configuring High-Performance Distributed Computations

A JAVA META-REGISTRY FOR REMOTE SERVICE OBJECTS

Enterprise Directories and Security Management: Merging Technologies for More Control

The University of Oxford campus grid, expansion and integrating new partners. Dr. David Wallom Technical Manager

Scientific Computing with UNICORE

Grid Computing Initiative at UI: A Preliminary Result

Grid Middleware and Globus Toolkit Architecture

Designing Grid-based Problem Solving Environments and Portals

Agent Teamwork Research Assistant. Progress Report. Prepared by Solomon Lane

Grid Computing. MCSN - N. Tonellotto - Distributed Enabling Platforms

A Gentle Introduction to Globus Otto Sievert May 26, 1999 Parallel Computation, CSE160/CSE260, Spring 1999 Abstract As computers become better connect

Design of Distributed Data Mining Applications on the KNOWLEDGE GRID

UNIT IV PROGRAMMING MODEL. Open source grid middleware packages - Globus Toolkit (GT4) Architecture, Configuration - Usage of Globus

Technical Brief. Network Port & Routing Requirements Active Circle 4.5 May Page 1 sur 15

Knowledge Discovery Services and Tools on Grids

PARALLEL PROGRAM EXECUTION SUPPORT IN THE JGRID SYSTEM

Grid services. Enabling Grids for E-sciencE. Dusan Vudragovic Scientific Computing Laboratory Institute of Physics Belgrade, Serbia

Integration of VIGO into Directory Services

Distributed Computing Environment (DCE)

Web-based access to the grid using. the Grid Resource Broker Portal

WebFlow - High-Level Programming Environment and Visual Authoring Toolkit for High Performance Distributed Computing

PBSWEB: A WEB-BASED INTERFACE TO THE PORTABLE BATCH SYSTEM

I/O in the Gardens Non-Dedicated Cluster Computing Environment

First evaluation of the Globus GRAM Service. Massimo Sgaravatto INFN Padova

A Simple Case Study of a Grid Performance System

Continuous Integration and Deployment (CI/CD)

CSinParallel Workshop. OnRamp: An Interactive Learning Portal for Parallel Computing Environments

High Performance Computing Course Notes Grid Computing I

Web Application Performance Testing with MERCURY LOADRUNNER

Grid Programming: Concepts and Challenges. Michael Rokitka CSE510B 10/2007

IBM Tivoli Directory Server

Expires in six months 24 October 2004 Obsoletes: RFC , , 3377, 3771

AN INFORMATION ARCHIVING AND DISTRIBUTION SYSTEM FOR COLLABORATIVE DESIGN USING FAX AND WEB TECHNOLOGIES

Screen Saver Science: Realizing Distributed Parallel Computing with Jini and JavaSpaces

Contents. A Java Commodity Grid Kit. Title: Gregor von Laszewski, Ian Foster, Jarek Gawor, Peter Lane

ACS 5.x: LDAP Server Configuration Example

Management Intranet: Integrating Web-based Network Management Applications

The Problem of Grid Scheduling

JAVA-Based XML Utility for the NIST Machine Tool Data Repository

By Ian Foster. Zhifeng Yun

IBM DB2 Query Patroller. Administration Guide. Version 7 SC

Technical Overview. Version March 2018 Author: Vittorio Bertola

Grid Scheduling Architectures with Globus

IBM. Planning and Installation. IBM Workload Scheduler. Version 9 Release 4

Alliance Key Manager A Solution Brief for Partners & Integrators

ARC-XWCH bridge: Running ARC jobs on the XtremWeb-CH volunteer

Lecture 1: January 23

Lecture 1: January 22

Inventions on Extending LDAP functionality- A TRIZ based Analysis

Globus Toolkit Firewall Requirements. Abstract

Importance of User Deprovisioning from Services

Lotus Learning Management System R1

A Job Brokering Shell for Interactive Single System Image Support

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

USING SAML TO LINK THE GLOBUS TOOLKIT TO THE PERMIS AUTHORISATION INFRASTRUCTURE

Advanced Lectures on knowledge Engineering

Introduction to Grid Technology

THE VEGA PERSONAL GRID: A LIGHTWEIGHT GRID ARCHITECTURE

Community Software Development with the Astrophysics Simulation Collaboratory

BusinessObjects Enterprise XI

Application Servers G Session 5 - Sub-Topic 1 Java Naming and Directory Interface (JNDI) Dr. Jean-Claude Franchitti

University of Alberta

Web as a Distributed System

Services: Monitoring and Logging. 9/16/2018 IST346: Info Tech Management & Administration 1

visperf: Monitoring Tool for Grid Computing

Design and Implementation of a Service Discovery Architecture in Pervasive Systems

Security Tips in Oracle Reports Services Release 6i with Oracle Portal Release 3.0. An Oracle Technical White Paper October 2000

Cluster Abstraction: towards Uniform Resource Description and Access in Multicluster Grid

CA SiteMinder. Federation Manager Guide: Partnership Federation. r12.5

CMPE 151: Network Administration. Servers

draft-ietf-idn-idna-02.txt Internationalizing Host Names In Applications (IDNA) Status of this Memo

Using the MyProxy Online Credential Repository

A Brief Overview of CIPRES Job Management

IBM. Planning and Installation. IBM Tivoli Workload Scheduler. Version 9 Release 1 SC

Active Directory 2000 Plugin Installation for Cisco CallManager

A Guide to Transparency in Five Research Metasystems

Transcription:

Usage of LDAP in Globus Gregor von Laszewski and Ian Foster Mathematics and Computer Science Division Argonne National Laboratory, Argonne, IL 60439 gregor@mcs.anl.gov Abstract: This short note describes the use of LDAP in the Globus metacomputing toolkit. It answers three questions: What is LDAP? Where is it used? and Why is it used in the Globus metacomputing toolkit? Contents Contents 1. Short Introduction to Directory Services and LDAP 2. Directory Service for a Metacomputing Infrastructure 2.1 Initialization 2.2 Population 2.3 Querying 2.4 Application Interfaces 3. Globus Components That Use LDAP/MDS 4. Conclusion 1. Short Introduction to Directory Services and LDAP To describe the role of LDAP in the Globus metacomputing toolkit, we must first define

the necessary terminology. It is important to understand what a directory, a directory service, and LDAP are. Directory: Directories are used to store and retrieve information. Thus, directories are similar to databases. Special characteristics of directories include following: Directories are designed for reading more than for writing. Directories offer a static view of the data. Updates in directories are simple without transactions. Directory Service: A Directory Service provides a directory that can be accessed via a network protocol. Often, directory services include mechanisms for replication and data distribution. An example of a directory service is Domain Name System (DNS), which resolves the names of computers to appropriate addresses. Programs using this service are countless: for example, finger and mail. LDAP: The abbreviation LDAP stands for lightweight directory access protocol. LDAP defines a standard directory protocol that includes the following features: A network protocol for accessing information in the directory. An information model defining the form and character of the information. A namespace defining how information is referenced and organized. An emerging distributed operation model defining how data may be distributed and referenced (LDAP version 3). An extensible protocol. An extensible information model. The information model and namespace are based on entries. An entry is used to store attributes. An attribute has an associated type and can have one or more values. Each entry in the namespace has a distinguished name that allows easy identification. The access of the data in an LDAP-based directory is accomplished by using the following: base DN: which indicates where in the hierarchy to begin the search.

filter: scope: which specifies attribute types, assertion values, and matching criteria. which indicates how many levels of the directory tree are searched, relative to the base DN. LDAP is a vendor- and platform-independent, open, network protocol standard. Hence, it can be ported transparently across a highly heterogeneous network, as required in metacomputing systems. Moreover, it is possible to write gateways between LDAP and other protocols or systems, which result in a highly accessible directory service. Current gateways include LDAP to X.500 and X.500 to LDAP, HTTP to LDAP, WHOIS++ to LDAP, FINGER to LDAP, Email to LDAP, ODBC to LDAP (in progress), and MDS to LDAP (see Section 2). Beneficial for widespread use is the fact that LDAP-based directory supports any type of data. Furthermore, the LDAP protocol supports various forms of strong security (authentication, privacy, and integrity) technology. 2. Directory Service for a Metacomputing Infrastructure For the implementation of a networked supercomputing environment or a metacomputer, information about the hardware, software, and status of the system has to be stored. This information can be used to implement a resource-aware infrastructure or metasystem. The information service associated with a metacomputing environment must have the functionality of a white pages directory and yellow pages directory. Their functionality is best described with a simple example: White Pages: look up the IP number, amount of memory, and so forth, associated with a particular

machine. Yellow Pages: List all the computers of a particular class or with a particular property. LDAP is used in the Globus metacomputing toolkit for tasks where yellow- and whitepages services are needed. These services are enabled through the directory service associated with the Globus metacomputing. The directory service is named Metacomputing Directory Service, or MDS. Currently, MDS answers questions related to compute resources and network resources. The use of LDAP in MDS is divided into three categories: 1. 2. 3. Initialization: using an information schema that describes the attributes associated with the different entry classes. Population: a framework to populate the directory with information. Querying: a framework to request information from the directory service. Next, we describe the usage of LDAP for each of these categories. 2.1 Initialization Part of the MDS is a specialized set of object definitions. The objects contain attributes that are specifically useful for network computing environments. We have designed a naming scheme that allows one to specify the properties not only of computers (compute resources), but also of the networks and the connections between compute resources. Tools are provided that make defining and modifying the information description scheme possible. The current object model is available through the World Wide Web at http://www.gllobus.org. The naming scheme is described in http://www.globus.org/mds/ocbrowser/globus_object_defs.html. 2.2 Population The population of the MDS is based on a set of simple UNIX shell scripts. These shell scripts are modular and are executed with the familiar pipeline concept. For each object that is defined by the object model, a UNIX script is available to populate the object with information. This modular approach is important to grant easy portability between platforms. After gathering the information with these scripts, the information associated with two objects is stored as entries in MDS. Updates to the MDS should be generally done via the mds-update script.

2.3 Querying Obtaining information from the MDS is defined via the LDAP protocol standard. Since the MDS is based on LDAP, it is possible to use a variety of application interfaces to communicate with the actual LDAP server. This software independence is one of the important features that make LDAP an ideal candidate for a very diverse compute environment as used in Globus. Thus, querying and updating information are easy while choosing the desired API for interfacing with the LDAP server. Obtaining information from the MDS is defined via the LDAP protocol standard. Since the MDS is based on LDAP, it is possible to use a variety of application interfaces to communicate with the actual LDAP server. This software independence is one of the important features that make LDAP an ideal candidate for a very diverse compute environment as used in Globus. Thus, querying and updating information are easy while choosing the desired API for interfacing with the LDAP server. 2.4 Application Interfaces The categories of LDAP enable one to use the application interface most appropriate to interface with the MDS and its LDAP server. Interfacing can be done via LDAP calls directly or via some tools as provided in the MDS. The application interfaces available to access the MDS directly are available in sh: Perl: shell scripts from the University of Michigan and Netscape. perldap: p erldap-0.02.tar.gz LDAP Perl: is a LDAP PERL package from netscape. Net::LDAPapi: Java: Net::LDAPapi is a perl5 module a description and a readme file, as well as the source (Net-LDAPap i-1_21_tar.gz)can be found in Perl Oasis

Java APIs are available from Netscape and Sun. Sun provides the JNDI class that will be part of the next Java release. C: A C API can be found at University of Michigan and Netscape. Because of the high availability of the API in diverse computer languages, one can choose the API and language most appropriate for the problem to be solved. More information about APIs can be found in FAQ.0 3. Globus Components That Use LDAP/MDS We list the components of Globus that use LDAP currently. MDS: From the preceding section it is clear that the MDS is based on LDAP. Nevertheless, the design of MDS makes it possible to use other databases or directory services to provide the same functionality as currently provided via LDAP. MDS has support routines for initializing, updating, and querying the LDAP server, making it a specialized directory server. The initialization and update functions are woven into some Globus toolkit components in order to simplify maintenance and usage of the heterogeneous Globus testbed. An example of the use of the MDS can be found at http://www.globus.org/gustotestbed. Information Browsers: To monitor the status of the testbed (GUSTO), several tools have been developed. These tools are available at http://www.globus.org/gustotestbed. The tools include the following: Current versions of the software deployed on the GUSTO testbed Object classes being used by the MDS MDS contents browser for the (alpha) and (beta) testbed. The current status of Globus resource managers installed on the testbed An interactive graphical display of GUSTO status Current status of GUSTO regression tests Configuring Globus:

During the configuration of Globus the site has to register with Globus. This process includes the population of the MDS with the compute and network resources at the site. The information is gathered automatically by the MDS. GRAM: GRAM relies heavily on the information stored in the MDS. Special attributes are included in the MDS that describe the contact points of the gatekeeper. GRAM allows the uniform specification of a job request and the submission of the job to the underlying scheduler (LSF,...). GRUB: GRS: GRUB assumes that the information about hosts, contact strings, and other information in the MDS are properly available upon initialization. The GRS is an example on how to do this. GRUB will soon be replaced by a new API called DUROC. The General Resource Selector is a graphical tool to design a resource description query for a particular application. Based on the information stored in the MDS, a high-level representation of the application and its requirements for the metacomputing infrastructure are formulated and submitted via GRUB requests. topologyd: Topologyd is a tool that monitors and predicts the status of the network connecting the compute resources in a metacomputing infrastructure. The information is forwarded to the MDS. The status of the topologyd can be access via a WWW page. Nexus: MPI: C++: At present, Nexus uses a database based on information from the MDS. In the future, Nexus will directly communicate with the MDS. The MPI version of Nexus has the same requirements as CC++. Hostnames are looked up from the MDS. The port of C++ based on Nexus needs to know the so-called contact point to communicate between hostnames. C++ uses the hostname in order to look up the contact point that is stored in the MDS. In this way each C++ program automatically configures itself, and some of the details of using Globus are hidden from the application user. C++ uses the Nexus communication library for interprocess communication. More information about C++ can be found at http://globus.isis.edu/ccpp.

HBM: The HeartBeat Monitor is used to monitor the status of the compute resources in the testbed. We point out, that the HBM does not use the MDS. The intention is to minimize the dependency on other Globus toolkit components: we believe that the HBM should be independent. The status of the HBM can be accessed via a WWW page. 4. Conclusion Many components of the Globus metacomputing toolkit make use of MDS, and we anticipate that this use of MDS will increase. Experiments are under way to explore different distributed LDAP servers. While it is possible to implement the functionality of MDS by using technologies other than LDAP, we feel that LDAP is a good fit and, with increasing acceptance of the Internet community, a state-of-the art choice. The high availability of application interfaces in different languages makes it possible to integrate LDAP queries into the toolkit components and application programs. References MDS / Globus References to MDS and Globus can be found at http://www.globus.org. LDAP For more information on LDAP and Directories, refer to the following: http://www-leland.stanford.edu/ hodges/talks/ LDAP and X.500 Roadmap, Jeff Hodges, periodically updated. This page provides a roadmap for learning about LDAP and X.500, along with links to many and varied documents and resources, including the standards document themselves. Stanford University Network Identifier Project (SUNet ID) SUNet ID Requirements, RL "Bob" Morgan, 3/1/96 SUNet ID Design Proposal, RL "Bob" Morgan, 3/1/96 SUNet Directory Services: Statement of Direction, Jeff Hodges, 11/24/96 LDAP-based Routing of SMTP Messages: Approach at Stanford University, Jeff Hodges and Booker Bense, INTERNET-DRAFT, 3/26/97 LDAP-based Routing of SMTP Messages: Approach Used by Netscape, Hans

Lachman, INTERNET-DRAFT, March 97 DirConnect1, vendor-independent directory interoperability testing, sponsored by the Internet Mail Consortium, 1997. Vendor-specific directory information resources: These papers have salient information about directory services, though they are quite vendor specific. An Internet Approach to Directories, Netscape, 1997. Novell Directory Service (NDS) White Paper, Novell, 1997. Exchange Directory Service (LDAP), Microsoft, 1997. LDAP: Programming Directory-Enabled Applications with Lightweight Directory Access Protocol, T. Howes and M. Smith, Macmillan Technical Publishing, 1997, ISBN 1-57870-000-0. Appendix The following Table lists a small set of example programs contact hostname manager cpuload-all Returns the contact string of the host Returns the list of all available managers Returns the cpuload of all compute resources sh sh sh cpuload Returns the cpu load of tuva sh freenodes Returns a list of managers. Managers with more than two free nodes get an asterix. perl Gregor von Laszewski 1998-04-21

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback