NPM Mediator - CERN Indico

Download Report

Transcript NPM Mediator - CERN Indico

Enabling Grids for E-sciencE
EGEE JRA4: Development of
Network Services
JRA1 All Hands, Brno, Czech Republic
Ratnadeep Abrol, EGEE JRA4 (EPCC, UK)
22nd June 2005
www.eu-egee.org
INFSO-RI-508833
Overview
Enabling Grids for E-sciencE
• Content
– EGEE JRA4
– Network Performance Monitoring
– Bandwidth Allocation and Reservation
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
EGEE JRA4 Purpose
Enabling Grids for E-sciencE
• Development of network services
– Network Performance Monitoring (NPM)
– Bandwidth Allocation and Reservation (BAR)
• The need for such services?
– the Grid depends on the network
 ensuring smooth running of network vital to smooth running grid
– network can provide additional services
 taking advantage of these enhances the reliability and usefulness
of a Grid
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Enabling Grids for E-sciencE
Network Performance Monitoring
(NPM)
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Network Performance Monitoring
Enabling Grids for E-sciencE
• Access to network performance data allows
– detection and analysis of network problems for
 Grid Operations Centres (GOCs); and
 Network Operations Centres (NOCs)
– middleware to intelligently schedule jobs based on network load
and reliability
• Network performance data is gathered by monitoring
frameworks
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Network Performance Monitoring
Enabling Grids for E-sciencE
• Network data gathered by frameworks
– between routers on the backbone
– between dedicated computers at end-sites
• These frameworks expose their functionality through
different incompatible interfaces
• EGEE JRA4 NPM
– specifies a single standard interface to monitoring frameworks
 based on work of GGF network measurements working group (NMWG)
– develops services to provide access to distributed network data
– two architectures
 one for NOCs and GOCs
 other for gLite
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
NOC/GOC Requirements
Enabling Grids for E-sciencE
• Need network performance data to detect and analyse
network problems
• Need access to both backbone and end site data
• Data accessed through Diagnostic Tools, operated by
NOC and GOC members
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
NOC/GOC Architecture
Enabling Grids for E-sciencE
Client
Application
End-Site
Network
Monitoring
Point
...
Backbone
Network
Monitoring
Point
NM-WG Based Web Service Interface
• Single interface allows access to data from
heterogeneous monitoring frameworks
• But means each client needs knowledge of all
monitoring points…
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
NOC/GOC Architecture: NPM Mediator
Enabling Grids for E-sciencE
Client
Application
• Added well known point of
contact for client applications
– NPM Mediator
• Mediator accepts request from
client
Request
• Monitoring points are located
Discoverer
Handler
using Discoverer
NPM Mediator
• Request Handler responsible
for forwarding on client
request and returning result
Backbone
End-Site
Network
Network
...
• But, occasionally there is no
Monitoring
Monitoring
Point
Point
direct measurement between
requested source to
NM-WG Based Web Service Interface
destination…
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
NOC/GOC Architecture: NPM Mediator
Enabling Grids for E-sciencE
• Possible to aggregate data
along route to produce single
value for route
Client
Application
– aggregation in space
– algorithms are experimental
Aggregator
Discoverer
NPM Mediator
• Aggregator replaces Request
Handler
– performs aggregation in space,
when necessary
End-Site
Network
Monitoring
Point
...
Backbone
Network
Monitoring
Point
• But, network data can be
sensitive…
NM-WG Based Web Service Interface
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
NOC/GOC Architecture: NPM Mediator
Enabling Grids for E-sciencE
Client
Application
MyProxy
VOMS
User:group,role
mappings
NMWG
NPM
Mediator
NMWG
NMP Backbone
Permitted roles
Host
Certificate
INFSO-RI-508833
NMWG
NMP End Site
Permitted roles
User
Certificate
• Using transport layer security
• User obtains proxy certificate
• Virtual Organisation
Membership Service (VOMS)
contains information on users’
roles
• VOMS adds role information
to proxy
• Authentication of user based
on user’s proxy
• Authorisation based on user’s
roles
http://egee-jra4.web.cern.ch/EGEE-JRA4
gLite Requirements
Enabling Grids for E-sciencE
• Need network performance data to schedule jobs
intelligently
• Only need access to end site data
• Access to data must be efficient
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
gLite Architecture: NPM Publisher
Enabling Grids for E-sciencE
gLite
Grid
Information
System
Data
Manager
NPM
Mediator
NPM Publisher
End-Site
Network
Monitoring
Point
...
Backbone
Network
Monitoring
Point
• gLite interacts with GIS
• GIS acts as tailored cache for
gLite
• GIS only holds data required
by middleware
• Data manager gathers endsite data from NPM Mediator
• Then publishes it to GIS
• Gives middleware efficient
access to network monitoring
data
NM-WG Based Web Service Interface
GIS Interface
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Deployment plans
Enabling Grids for E-sciencE
• In collaboration with SA1, planning a reference,
EDG::WP7 framework deployment
– End-user and SA1 liaison is James Casey
• This is planned initially as a “star” topology between
the Tier0 and Tier1 sites
• Currently working on setting up RPMs for improved
EDG::WP7
– Software already deployed on gLite prototype, thanks to
collaboration with JRA1-UK
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Status
Enabling Grids for E-sciencE
• Finished second prototype of NPM Mediator in March
• Currently working on
–
–
–
–
Diagnostic Tool for NOCs/GOCs
complete specification of web service interfaces
full implementation of NPM Mediator
due end of September
• Future work
– full implementation of NPM Publisher
– due end of 2005
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Enabling Grids for E-sciencE
Bandwidth Allocation and Reservation
(BAR)
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Bandwidth Allocation and Reservation
Enabling Grids for E-sciencE
• Need for Bandwidth Allocation and Reservation
– Guaranteed delivery of data
 allows jobs to run in a timely fashion
• required data is available at job before it runs
• data created must be available as quickly as possible
– Guaranteed bandwidth
 improves interactivity of Grid applications
• Bandwidth Allocation and Reservation
– provides services allowing reservation of bandwidth on the
network
– intended for use by gLite middleware components
– interaction with network in “application terms” rather than
“network terms”
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Interfaces
Enabling Grids for E-sciencE
• BAR functionality implemented as a web service
• BAR web service exposes one or more of four
interfaces
• Each interface is service specific, allowing for
reservation, cancellation and query
GuaranteedDelivery
FileTransfer
VirtualLeasedLine
HLM
BAR Web Service
Video
Visualisation
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Interfaces
Enabling Grids for E-sciencE
• Guaranteed Delivery File Transfer
– guarantees the transfer of a given volume of data within a given
period of time
– i.e. guaranteed average bandwidth
• Virtual Leased Line
– provides a dedicated amount of capacity in the network between
two servers or EGEE end sites over a period of time
– i.e. guaranteed actual bandwidth
• Video
– provides guarantees on network parameters required for video
conferencing protocols (currently not supported by network)
• Visualisation
– provides guarantees on network parameters required for
visualisation and steering applications (currently not supported
by network).
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Interface Use
Enabling Grids for E-sciencE
• BAR interface defined in application terms
• For example:
– Guaranteed Delivery File Transfer request
 middleware would ask for
•
•
•
•
file size (e.g. 1.0Tb)
time to transfer (2hrs)
service start date (05/Aug/2005 12:00:00)
service end date (06/Aug/2005 00:00:00)
 instead of
• asking for 150Mb/s
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Architecture
Enabling Grids for E-sciencE
Network 1
Network 2
Network 3
Site 1
Site 2
HLM
BAR
BAR
EGEE
Network
L-NSAP
L-Network
•
•
•
NSAP
NSAP
Core Network
NSAP
L-NSAP
L-Network
L-NSAP and NSAP are services that expose network functionality to BAR
L-NSAP and NSAP are developed and run by the network
BAR service translates “application request” from middleware into
“network request” understood by L-NSAP and NSAP
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Request Flow
Enabling Grids for E-sciencE
Network 1
Network 2
Network 3
Site 1
Site 2
HLM
BAR
BAR
EGEE
Network
L-NSAP
L-Network
NSAP
NSAP
Core Network
NSAP
L-NSAP
L-Network
• Middleware submit request to known BAR service
• Requests bandwidth between “Site 1” and “Site 2”
• BAR must reserve local and backbone networks between Site 1
and Site 2
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Request Flow
Enabling Grids for E-sciencE
Network 1
Network 2
Network 3
Site 1
Site 2
HLM
BAR
BAR
EGEE
Network
L-NSAP
L-Network
NSAP
NSAP
Core Network
NSAP
L-NSAP
L-Network
• BAR requests that the “Site 1 to backbone” network be configured
• L-NSAP is BAR’s contact at the Site 1 network
• L-NSAP exposes local network as web service with well defined
interface
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Request Flow
Enabling Grids for E-sciencE
Network 1
Network 2
Network 3
Site 1
Site 2
HLM
BAR
BAR
EGEE
Network
L-NSAP
L-Network
NSAP
NSAP
Core Network
NSAP
L-NSAP
L-Network
• BAR requests that backbone network be configured
• NSAP is BAR’s contact at the backbone network
• NSAP exposes backbone network as web service with well defined
interface
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Request Flow
Enabling Grids for E-sciencE
Network 1
Network 2
Network 3
Site 1
Site 2
HLM
BAR
BAR
EGEE
Network
L-NSAP
L-Network
NSAP
NSAP
Core Network
NSAP
L-NSAP
L-Network
• BAR requests that the “backbone to Site2” network be configured
• BAR at Site 2 is BAR’s contact at the Site 2 network
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Request Flow
Enabling Grids for E-sciencE
Network 1
Network 2
Network 3
Site 1
Site 2
HLM
BAR
BAR
EGEE
Network
L-NSAP
L-Network
NSAP
NSAP
Core Network
NSAP
L-NSAP
L-Network
• BAR requests that the “backbone to Site 2” network is configured
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Request Flow
Enabling Grids for E-sciencE
Network 1
Network 2
Network 3
Site 1
Site 2
HLM
BAR
BAR
EGEE
Network
L-NSAP
L-Network
NSAP
NSAP
Core Network
NSAP
L-NSAP
L-Network
• BAR tells middleware whether reservation was success or failure
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4
Security
Enabling Grids for E-sciencE
Virtual Organisation
VOMS
User:group,role
mappings
HLM / Client
HLM / Client
BAR
BAR
Permitted roles
Permitted roles
L-NSAP
L-NSAP
Permitted BAR IDs
Permitted BAR IDs
NSAP
Permitted BAR IDs
NSAP
NSAP
Permitted BAR IDs
Permitted BAR IDs
Key
Service
Certificate
(Client side)
End-Site
INFSO-RI-508833
Host
Certificate
(Server side)
NREN
Delegated
Proxy of
User
Certificate
Backbone
Router
Interface
Component
• Using transport layer
security
• Middleware uses user’s
delegated proxy
• Virtual Organisation
Membership Service
(VOMS) contains
information on user’s
roles
• BAR authorises
middleware and other BAR
services based on user’s
roles
• L-NSAPs and NSAPS
authorises BAR based on
service certificate
http://egee-jra4.web.cern.ch/EGEE-JRA4
Status
Enabling Grids for E-sciencE
• End of June
– update specification of BAR and NSAP interfaces
– BAR service supporting reservation and cancellation for
GuaranteedDeliveryFileTransfer
– development client to allow for testing
– deploy dummy NSAP at GARR
 NSAP developed by GN2, first implementation due Oct/Nov
• July-September
– extend BAR service to support VirtualLeasedLine
– development of L-NSAP
– investigate alignment with JRA1’s Agreement architecture
• Further work
– Integrating with GN2 NSAP for full end-to-end BAR
INFSO-RI-508833
http://egee-jra4.web.cern.ch/EGEE-JRA4