Grid Standards, Interoperability and Applications UNICORE Tutorial 25.-26.07.200726.07.2007 Morris Riedel m.riedel@fz-juelich.de Forschungszentrum Jülich in der Helmholtz-Gesellschaft
Outline Grid Standards Motivation Grid Islands, Cross-Grid Use Case Scenario, Interoperability Highway Overview of UNICORE 6 related and adopted Standards OASIS, W3C, OGF, IETF, DMTF Interoperability Grid Interoperation Now Community Group (GIN-CG) Open Middleware Infrastructure Institute (OMII) for Europe Lessons Learned from Interoperability Applications Applications of end-users Applications for administrators and developers Summary & References 2 Forschungszentrum Jülich
Grid Standards 3 Forschungszentrum Jülich
Motivation Grid Islands: Sending a job from one Grid to another is difficult Example: D-Grid Infrastructure, Job Submission Technologies Globus Toolkit 2, (3), 4 Specification of Jobs via Resource Description Language (RSL) Submission to Globus Resource Allocation Manager (GRAM) glite (aka lcg) 3.x Specification of Jobs via Job Definition Language (JDL) Submission to Workload Management Service (WMS) UNICORE 5 Specification of Jobs via Abstract Job Objects (AJOs) Submission to Network Job Supervisor (NJS) Example: DEISA and EGEE European e-infrastructures DEISA, massively parallel jobs: Access via UNICORE EGEE, embarrassingly parallel jobs: Access via glite Foster [1] Laure et al. [3] Streit et al. [2] DEISA [4] EGEE [5] 4 Forschungszentrum Jülich
Cross-Grid Use Case Scenario WISDOM (Wide In Silicio Docking on Malaria) WISDOM aims at developing new drugs for Malaria WISDOM uses EGEE for large scale in silicio docking A computational method for prediction of whether one molecule will bind to another using (using AutoDock and FlexX software) AutoDock and FlexX as software provided via glite in EGEE Output is a list of chemical compounds (potential drugs) Refine best compound list via molecular dynamics (MD) Fast MD computations use highly scalable AMBER in DEISA AMBER (Assisted Model Building with Energy Refinement) WISDOM [6] Goal: Accelerate drug discovery using EGEE and DEISA together Raises a demand for Interoperabilityof Grid Middleware Technologies 5 Forschungszentrum Jülich
Vision: Interoperability Highway End-users via clients & portals GOAL: Transparency of Grids for end-users Emerging Open Standards others Interoperability highway based on open standards Grid Middlewares others Grid Resources Open Standards areemergingfromvariousstandardizationbodies 6 Forschungszentrum Jülich
Overview of Important Standards Internet Engineering TaskForce (IETF) Transport Level Security (TLS) X.509 Public Key Infrastructure (PKI) Org. for the Advancement of Structured Inf. Standards (OASIS) Web Services Resource Framework (WS-RF) Used as WS-* infrastructure resource model in UNICORE 6 and GT4 Security Assertion Markup Language (SAML) Extensible Access Control Markup Language (XACML) Distributed Management TaskForce (DMTF) Common Information Model (CIM) Used in conjunction with UNICORE 6 Common Information Service (CIS) World Wide Web Consortium (W3C) Web Services Addressing (WS-A) 7 Forschungszentrum Jülich
Open Grid Forum (OGF) Overview of Important Standards Job Submission and Description Language (JSDL) Standardized Job definition for UNICORE 6, glite (soon) and GT4 (soon) OGSA Basic Execution Services (OGSA-BES) Standardized job submission interface to glite, GT4 & UNICORE 6 (soon) High Performance Computing Profile (HPC-P) Profile for joint usage of HPC-based JSDL extensions and OGSA-BES OGSA Resource Usage Service (OGSA-RUS) Emerging standard exposing OGF usage record formats (URFs) OGSA Byte Input/Output (OGSA-ByteIO) Streamable and Random byte transfers for file and data transfers Grid Laboratory Uniform Environment (GLUE) Used as information model in glite & GT and UNICORE 6 CIS (soon) 8 Forschungszentrum Jülich
Adoption ofjsdl, ByteIO, WS-A JSDL-based job submission via UNICORE Atomic Services File Transfer Service is using SbyteIO and/or RByteIO Available in UNICORE 6.0 (August 2007) UNICORE [7] 9 Forschungszentrum Jülich
Adoption of OGSA-BES & HPC-P HPC-P Compliant UNICORE 6 JSDL with extensions for HPC OGSA-BES interface (v.33, soon 1.0) Alternative standardized job submission interface to UNICORE 6 OGSA-BES covers functionality from Target System Factory (TSF) Target System Service (TSS) Job Management Service (JMS) UNICORE Atomic Services will remain GPE plans to adopt OGSA-BES very soon OGSA-BES support available in UNICORE 6.1 (end of this year) OMII - Europe [8] 10 Forschungszentrum Jülich
Adoption ofsaml & XACML Next generation VOMS server releases signed SAML assertions Role possession Group/Project Membership Venturi et al. [9] SAML assertions are checked using Extensible Access Control Markup Language (XACML)-based policies SAML is used as delegation mechanism in UNICORE 6 Proxies are not needed for this delegation mechanism SAML VOMS support available in UNICORE 6.1 (end of this year) 11 Forschungszentrum Jülich
Adoption ofcim & GLUE WS-based UNICORE Common Information Service Based on CIM, plans to adopt upcoming GLUE 2.x specification Extensions to CIM: UNICORE resource model JSDL& OGSA -BES according to OGSA Resource Management design XPATH/XQuery as query language, exist DB (native XML DB) Access right control using XACML Who is allowed to see what infos? Available at the end of this year 12 Forschungszentrum Jülich
Interoperability 13 Forschungszentrum Jülich
Vision: Interoperability Highway End-users via clients & portals GOAL: Transparency of Grids for end-users Emerging Open Standards others Interoperability highway based on open standards Grid Middlewares others Grid Resources Non-trivial : emerging standards are not directly interoperable Different adoptionplansandcompliancestatus, different securitypolicies, etc. 14 Forschungszentrum Jülich
Interoperation in Context Interoperation What needs to be done to get different Grids talking together Short-term achievements, using what is available today One specific technology works with one other specific technology Realized via hacks, adapters, workarounds, etc. E.g. work conducted in OGF Grid Interoperation Now (GIN) group Example: EGEE-II: glite and UNICORE 5 interoperation development Interoperation scenario for scientific job submissions glite UNICORE: using CONDOR-U + Trusted Agent Sustainability of these interoperations via future interoperability Interoperability: native ability to communicate via open standards 15 Forschungszentrum Jülich
Standard Compliance in Context Standard Compliance and interoperability are not the same Both are differenttargets, but towards same direction Standard Compliance is a prerequisite for interoperability Standard Compliance does not implies interoperability Interoperability is much more than standard compliance with one specification Grid Interoperability: use components together scenario e.g. job submission via information service based on information model Some Examples for Basic (job) Execution Services (BES) In real deployments is not the vanilla OGSA-BESinterface available Same exact client works not directly with glite & UNICORE UNICORE Gateway has another WS-Addressing EPR part Different security models: X.509 Proxies vs. full certificates Different infrastructures (WS-I & WS-RF) etc. 16 Forschungszentrum Jülich
Driving Grid Interoperability OMII-Europe Evaluation Repository Infrastructure OMII-Europe Components Developments: VOMS, OGSA-BES, OGSA-DAI, OGSA-RUS, GridSphere Quality Assurance & Compliance Testing of Grid middleware Interoperability Tests: Integrate and use OMII- Europe components with each other: e.g. VOMS & OGSA-BES & GridSphere building the interoperability highway e.g. Compliance with one specific specification: e.g. OGSA-BES USERS OMII - Europe [8] 17 Forschungszentrum Jülich
Multi-Platform Infrastructure JRA3-T2: Integration of all components of OMII Europe OGSA-BES, OGSA-RUS, OGSA-DAI, VOMS, GridSphere Middleware: UNICORE, glite, Globus Toolkits, and CROWN Goal: Test and establish interoperability of components OMII - Europe [8] 18 Forschungszentrum Jülich
Lessons Learned from Interop. (1) Missing components/functionality in Grid platforms UNICORE not relies on Info-Service, but is a requiment for glite Different standard specification versions are implemented in the Grid middleware platforms e.g. OGSA-BESv.26 (Supercomputing 2006) and v.33 public comment Different technologies for WS-* infrastructures adopted WS-RF, WS-I, WS-ResourceTransfer, what s next? UNICORE & Globus Toolkit are WS-RFcompliant, glite no plans E.g. GetResourceProperty operation of WS-I compliant fails Even if both maybe OGSA-BEScompliant (aka WS-RF rendering) Different versions of the WS-* infrastructures UNICORE is WS-RF 1.2 compliant, Globus uses WS-RF 1.0 (1.2 soon) 19 Forschungszentrum Jülich
Lessons Learned from Interop. (2) Challenges in security are major show stoppers Standards specification compliance is only a precondition Absence of a widely accepted common security profile OMII-Europe (JRA3T1: Common Security Profile) works on that Several specifications of OGF (Secure Channel etc.) used Only several specifications of OASIS (SAML etc.) are used Only several specifications of IETF (X.509 etc.) are used Different strategies and adoption status in Grid Middleware E.g. glite, Globus: Attribute Certificate VOMS, UNICORE SAML VOMS E.g. Delegation mechanisms are extremely different Proxies: Globus, glite Only optional support by UNICORE Explicit Trust Delegation and SAML Assertion Delegation: UNICORE Not by glite & Globus 20 Forschungszentrum Jülich
OMII-Europe Success Story (1) One Interoperability scenario within OMII Europe Attribute Authority (AA) VOMS (SAML-based) get central role VOMS becomes middleware independent VO service OMII - Europe [8] 21 Forschungszentrum Jülich
Applications 22 Forschungszentrum Jülich
Applications (end-users) Collaborative Online Visualization and Steering (COVS) Service One higher-level service within UNICORE 6 Riedel et al. [10] Goal: User does not have to deal with hostnames, usernames or passwords (single sign-on) 23 Forschungszentrum Jülich
Applications (end-users) COVS uses Intel s Grid Programming Environment (GPE) GridBeans COVS GridBean Plugin accessing COVS services in UNICORE 6 COVS Session Management: Create/Join COVS Sessions Add/Remove Participants Works together with scientific visualizations (e.g. Xnbody) Link to talk: Überblick und Programmierung von GridBeans 24 Forschungszentrum Jülich
Applications (end-users) COVS Use Case Scenarios (Grid driving HPC: massively parallel jobs) Xnbody: Light-weight 3D visualization application based on VTK Used in astro-physics (nbody6++), plasma-physics (PEPC), Spurzem et al. [16] Gibbon [17] 25 Forschungszentrum Jülich
Applications (end-users) European Chemomentum Project Workflows and job management based on UNICORE 6 Application: Quantitative Structure-Activity Relationship (QSAR) 2D-Structures experiment values 2D 3D Optimization Computed Values y=f(d1, d2,..., dn ) Properties Descriptors Chemomentum [12] 26 Forschungszentrum Jülich
Applications (end-users) Resource Reservation (Network+CPUs) for UNICORE 5 (move to 6) Site A UNICORE Client Site B MetaScheduling Request (WS-Agreement) Job submit to UNICORE UNICORE Gateway UNICORE Gateway NJS NJS Primary NJS MetaScheduler MetaScheduler Response (WS-Agreement) TSI TSI TSI Negotiations and Reservations Job Queue Job Queue Job Queue Link Usage Local Scheduler Local Scheduler Local Scheduler Network RMS ARGON Adapter Adapter Adapter Adapter All components will be started at the same pre-defined time, including cpu time and network reservations Cluster Cluster Cluster Eickermann et al. [13] 27 Forschungszentrum Jülich
Applications (administrators) OGSA-RUS services is one higher-level service within UNICORE 6 RUS exposes URFs compliant XML URFs are provided via RMS-specific generators Use case: LLview: User-level Resource Monitoring Frings et al. [11] 28 Forschungszentrum Jülich
Applications (administrators) Frings et al. [11] 29 Forschungszentrum Jülich
Applications (developers) A-WARE Service Bus (ASB) Goal: Normalised Runtime Environment A-WARE [14] Mediating over the UNICORE 6 Fabric layer (UNICORE Atomic Services) Hosting workflow services, bridge between the Client and the Grid Client currently based on EnginFrame Portals from NICE GridSphere Portals usable for UNICORE 6 (soon) GridSphere Application Portlets on top of UNICORE 6 OMII - Europe [8] Last but not least: GridSphere [15] You can easily develop a higher level service for UNICORE! Create new application services on top of the core of UNICORE 6 30 Forschungszentrum Jülich
Summary and References 31 Forschungszentrum Jülich
Summary UNICORE 6 integrates the most common Grid related standards WS-RF, JSDL, OGSA-ByteIO, OGSA-BES, OGSA-RUS, SAML, XACML, UNICORE 6 is used by numerous different application domains Chemical workflows in Chemomentum, COVS, Meta-Scheduling, Interoperation (work performed within the GIN-CG group) What needs to be done to get production Grids talking together Hacks, workarounds, short-term achievements Commonly found in production Grid interoperations Interoperability (work performed in OMII Europe) Many components work together to achieve a goal Native standard support from middlewares without hacks in future Continue work in the open standards working groups Interoperability highway to realize the true global Grid vision 32 Forschungszentrum Jülich
References (1) [1] Ian Foster: Globus Toolkit version 4: Software for Service-Oriented Science. In Proceedings of IFIP International Conference on Network and Parallel Computing, LNCS 3779, pages 213 223. Springer- Verlag, 2005. [2] Streit et al.: UNICORE -From Project Results to Production Grids., L. Grandinetti (Edt.),Grid Computing: The New Frontiers of High Performance Processing, Advances in Parallel Computing 14, Elsevier, 2005, pages 357-376 [3]Laure et al.: Programming the Grid with glite, Computational Methods In Science and Technology, Volume 12 (1), 2006, pages 33-46 [4]Distributed European Infrastructure for Supercomputing Applications (DEISA): http://www.deisa.org [5]Enabling Grids for EscienE (EGEE): www.eu-egee.org [6]WISDOM Project: http://wisdom.eu-egee.fr/ [7]UNICORE Website: http://www.unicore.eu [8] Open Middleware Infrastructure Institute (OMII) for Europe: http://www.omii-europe.org [9]Venturi et al.: Using SAML-based VOMS for Authorization within Web Services-based UNICORE Grids, In Proc. of UNICORE Summit 2007, to appear [10]Riedel et al.: Design and Evaluation of a Collaborative Online Visualization and Steering Framework Implementation for Computational Grids, In Proc. of the 8th IEEE/ACM International Conference on Grid Computing (Grid 2007), Austin, Texas, to appear 33 Forschungszentrum Jülich
References (2) [11] Frings et al.: LLview: User-Level Monitoring in Computational Grids and e-science Infrastructures, In Proc. of German e-science Conference 2007, Baden-Baden, Germany, Online-Publication [12]Chemomentum project: http://www.chemomentum.org [13]Th. Eickermann et al.: Co-allocation of MPI Jobs with the VIOLA Grid MetaScheduling Framework, In Proc. ofgerman e-science Conference 2007, Baden-Baden, Germany, Online-Publication [14]A-WARE Project: http://www.a-ware-project.eu/ [15]GridSphere: http://www.gridsphere.org/ [16]Spurzem et al.: Direct N-body Simulations, The Journal of Computational and Applied Mathematics Vol. 109, pp. 407-432 (1999) [17]Gibbon et al.:.short Pulse Laser Interactions with Matter: An Introduction,Imperial College Press/World Scientific, London/Singapore, 2005. ISBN 1-86094-135-4. 34 Forschungszentrum Jülich
IGIIW @ e-science 2007 International Grid Interoperability & Interoperation Workshop in conjunction with e-science 2007, Bangalore, India December 10-13, 2007 Call for Paper deadline: 29th of July (next Sunday) http://omii-europe.org/omii-europe/igiiw2007.html 35 Forschungszentrum Jülich