a sustainable e-infrastructure for europe athens, greece 19 april 2006 bob jones
TRANSCRIPT
A sustainablee-Infrastructurefor Europe
Athens, Greece
19 April 2006
Bob Jones
Athens, 19 April 2006 2
Contents
• The vision of an e-Infrastructure for Europe
• The international perspective
• Proposing a possible model
– Mission
– Structure
– Key services
– Funding & Governance
• Discussion• Additional material – details of key services
Athens, 19 April 2006 3
e-Infrastructure for Europe
• The Vision (1)
– “An environment where research resources (H/W, S/W & content) can be readily shared and accessed wherever this is necessary to promote better and more effective research”
(1) “A European vision for a Universal e-Infrastructure for Research” by Malcolm Read http://www.e-irg.org/meetings/2005-UK/A_European_vision_for_a_Universal_e-Infrastructure_for_Research.pdf
Athens, 19 April 2006 4
International Perspective
Recommendations(1) of the Global Science Forum(2) of the Organisation for Economic Co-operation and Development
1: “Grids deserve to be treated as research infrastructures in their own right…..Governments should also consider taking steps to strengthen the international mechanisms for co-operation and co-ordination at the scientific, commercial and intergovernmental levels”
2: “A number of important Grid-related issues need to be addressed in a strategic, systematic, organised, international manner, with the participation of all the stakeholders: funding agency officials, Grid architects, implementers, and users from the scientific, academic and industrial communities”
3: “Consideration should be given to the creation of new mechanisms (or the strengthening of existing ones) to facilitate access to Grids for researchers and research organisations in developing countries, plus other appropriate measures to broaden international participation in grid projects”
(1) Report on Grids and Basic research Programmes, Sydney September 25-27 2005, http://www.oecd.org/dataoecd/30/36/36213997.pdf(2) Australia, Austria, Belgium, Denmark, France, Germany, Italy, Japan, Netherlands, New Zealand, Sweden, United Kingdom, United States
Athens, 19 April 2006 5
The view of the e-IRG
e-IRG Recommendation:
“The e-IRG recognises that the current project-based financing model of grids (e.g., EGEE, DEISA) presents continuity and interoperability problems, and that new financing and governance models need to be explored – taking into account the role of national grid initiatives as recommended in the Luxembourg e-IRG meeting.”
White Paper: http://www.e-irg.org/publ/2005-Luxembourg-eIRG-whitepaper.pdf
Athens, 19 April 2006 6
Proposed model of a e-Infrastructure for Europe
• This model builds on the experience gained with the EGEE project, infrastructure and applications to define a European Grid Infrastructure (EGI)
• Takes into account the OECD & eIRG recommendations
• Input from EGO paper (1) and the workshops– Thoiry (France) 30-31st January – EGEE federations– Kassel (Germany) 10th March – Germany– Barcelona (Spain) 28th March – France, Portugal, Spain
Further planned events– Athens (Greece) 19th April – Bulgaria, Cyprus, Greece, Israel, Romania,
Serbia, Turkey– Vilnius (Lithuania) 26th April – Estonia, Finland, Latvia, Lithuania, Poland, Sweden– Paris (France) 28th April – Terena/NRENS grid workshop
(1) Establishing an European Grid Organisation (EGO),http://www.e-irg.org/meetings/2005-UK/050617-EGO-position-paper.pdf
Athens, 19 April 2006 7
Mission
• Infrastructure– Manage and operate production Grid for European Research Area– Interoperate with e-Infrastructure projects around the globe– Contribute to Grid standardisation and policy efforts
• Support applications from diverse communities– Astrophysics– Computational Chemistry– Earth Sciences – Finance– Fusion– Geophysics– High Energy Physics– Life Sciences– Multimedia– …
• Business– Forge links with the full spectrum of interested business partners
• Disseminate knowledge about the Grid through training
Athens, 19 April 2006 8
Structure
Federated model bringing together National Grid Initiatives (NGIs) to build a European organisation
EGEE-II federations wouldevolve into NGIs
Each NGI is a national body• Recognised at the national level• Mobilises national funding and resources• Contributes and adheres to international standards and
policies• Operates the national e-Infrastructure• Application independent, open to new user communities
and resource providers
Athens, 19 April 2006 9
European National Grid Projects
• Austria – AustrianGrid• Belgium – BEGrid• Bulgaria – BgGrid• Croatia – CRO-GRID• Cyprus – CyGrid• Czech Republic- METACentre• Slovakia• Denmark• Finland• France – planned (ICAR)• Germany – D-GRID• Greece - HellasGrid• Hungary• Ireland - Grid-Ireland
• Israel – Israel Academic Grid• Italy - planned• Netherlands – DutchGrid• Norway – NorGird• Poland• Portugal - planned• Romania – RoGrid• Serbia – AEGIS• Slovenia SiGNET• Spain – planned (IBERgrid)• Sweden – SweGrid• Switzerland• Turkey – TR-Grid• United Kingdom - eScience
Athens, 19 April 2006 10
A global, federated e-Infrastructure
EGEE infrastructure~ 200 sites in 39 countries~ 20 000 CPUs> 5 PB storage> 10 000 concurrent jobs
per day> 60 Virtual Organisations
EUIndiaGrid
EUMedGrid
SEE-GRID
EELA
BalticGrid
EUChinaGridOSGNAREGI
Athens, 19 April 2006 11
EGI Key Services
• Based on experience gathered during EGEE, the following key services have been found necessary for a central organisation in coordination with the NGIs– The information on the following slides are taken from existing
EGEE structures and procedures as a means of explaining the concepts
• Operation of Infrastructure Runs Operational Coordination Centre linking a Regional
Operations Centre (Point of Presence) in each NGI Coordinates the grid security and resource accounting Negotiates resources for user communities General management of the User Support process Interaction point with GEANT for grid issues Provides documentation for end users and resource providers
Athens, 19 April 2006 12
EGI Key Services (cont)
• Middleware testing and certification Integrates middleware from other sources to produce distributions Provides first-level middleware support team Operates beta-test services for upcoming distributions
• Application support No direct support but rather coordination of NGI support groups and
management of overall application lifecycle (virtuous cycle)
• Dissemination and outreach Branding, media relations, production of promotional material, websites etc Event organisation Public outreach & surveys - Ensuring higher level of media coverage as
technology matures and becomes available to more end users
Representation of NGIs in international bodies and standards groups at a policy level
• Training Aid in the formation of NGIs and their management/operations Training material repository
Athens, 19 April 2006 13
Capability and Capacity Facilities
• The users want to see a unified e-Infrastructure providing access to both capability (super-computer centres) and capacity (PC cluster-based centres)– Several communities (Fusion, Life sciences etc.) have a need for
both types of facilities and want to be able to move applications and data between them
• EGI will work with super-computer centres and these user communities to ensure they are accessible– EGI will not be responsible for the operations, funding or
management of super-computer centres
Athens, 19 April 2006 14
Support for digital repositories
GÉANT .
INFRASTRUCTURE
GRID .
INFRASTRUCTURE
KNOWLEDGE .
INFRASTRUCTUREEGI will work with the digital library community to support access to heterogeneousinformation and connect resources throughcommon shared services
Athens, 19 April 2006 15
EGI/NGIs and industry• Business model for how industry can commercially exploit the
research infrastructure managed by EGI/NGIs is unclear
– Should not use tax payers money to compete with commercial service providers
• Likely to see transfer of technology from research to industry by adoption/internalisation of EGI/NGI backed products and services (e.g. middleware, operations procedures/techniques)
– For multi-site corporate usage or to offer a service to a set of SMEs
– Several examples already exist for EGEE
• EGI/NGIs could subcontract infrastructure support to industry and make use of commercial software as standards evolve
Athens, 19 April 2006 16
EGI Managed Resource Centres
• Given the existence of such an e-Infrastructure, EGI managed resources centres can be established:
– Create shared pool of resources (CPU, disk and data curation) independent of funding for specific user communities
– Joint capital funding from NGIs and EU as part of new resource infrastructure
– Selection based on bids against a defined service level agreement
– Business models with pay-per-usage to cover operational and depreciation costs
– Would create/test example business models for potential future commercial supply and/or exploitation
Athens, 19 April 2006 17
EGI Governance and Funding
• Governance– Organisation with its own legal identity
– NGIs are the stakeholders NGIs would form the governing council
Annual reviews by independent experts nominated by the EU
• What to Fund– Basic infrastructure and its operation including national Points-of-
Presence, regional resource centres and central organisation
• How to Fund– Basic funding by NGIs (50%) and EU (50%) ?
– EU could fund preparatory project to set-up EGI through the New Research Infrastructures scheme (~12 months?)
– Full EU co-funding (FP7) could start in 2008/9
Athens, 19 April 2006 18
The role of CERN in EGI
• CERN has a long-term interest in ensuring e-Infrastructures continue to develop to be able to support its LHC programme over the next 15 years
• CERN is heavily involved in the e-Infrastuctures development but hopes that it can become a client of such services in the future, as has been the case for networks
• The CERN Director General has offered to host the EGI organisation temporarily during its incubation
Athens, 19 April 2006 19
Links between infrastructure and R&D
1. Sustainable e-Infrastructure– Long-term cycle (up to 7 years)– Production/operations focus– Application independent– Open and inclusive
2. On-going developments– Further developments of middleware, applications, security etc.– Separate projects coordinated with the infrastructure– Limited duration (2 to 3 years)
Complementary streams where successful developments (2) should become part of the sustainable infrastructure (1)
Increase (2) →(1) by making the infrastructures stakeholders in R&D projects
Possible combination of use of EU instruments for on-going and new infrastructures
Athens, 19 April 2006 20
Summary
• The need for a European e-Infrastructure has been identified
• The current structures are reaching their limits
• A model committing the National Grid Initiatives and building a central organisation is proposed – your input and feedback is actively sought
• Proposed key services– Operation of Infrastructure– Middleware testing and certification– Application support– Dissemination and outreach– Training
• Such a scheme will ensure a sustainable e-Infrastructure for research and help maintain Europe’s leading position
Athens, 19 April 2006 21
Details on EGI key services
• The following slides provide greater detail of the key services proposed for the central organisation in coordination with the NGIs
• These details are based on the experience gathered through EGEE and related projects
Athens, 19 April 2006 22
JSPG: Joint Security Policy GroupOSCT: Operational Security Coordination Team
Operations Coordination
Regional Operations
Centre
Regional Operations
Centre
Regional Operations
Centre
… …
Resource Centre
Resource Centre
… Resource Centre
Resource Centre
…
OperationsCoordination
Centre OSCT
Coordination,Middleware deployment
Operational security coordination
JSPG
Coordination,Middleware deployment
Coordination,Middleware deployment
EG
IN
GI
loca
l
Athens, 19 April 2006 23
Regional Operations Centre (ROC)Distributed responsibility for operations:• One ROC in each NGI
– A grid “Point of presence”– Manage daily grid operations – oversight,
troubleshooting “Operator on Duty” with weekly rota
between NGIs– Run infrastructure services (not applications
themselves)– Support for user and operations issues– Provide regional knowledge and adaptations
• Operations coordination– Regular operations & managers meetings– Series of Operations Workshops
• Procedures described in Operations Manual
– Introducing new sites– Site downtime scheduling– Suspending a site– Escalation procedures– Etc.
Athens, 19 April 2006 24
ROC and Site work to resolve the problem
Regional Operations
Centre
… …Regional
Operations Centre
Resource Centre
Resource Centre
…
OSCTGrid Operator on-duty
Monitoring shows a problem
Operator submits a GGUS ticket against the ROC and cc’s the site. The ticket is followed until it is solved
Operations support workflows
Regional Operations
Centre
Resource Centre
Resource Centre
…
EG
IN
GI
Lo
cal
sup
por
t
Athens, 19 April 2006 25
Coordination of Grid Security
Joint Security Policy Group– Across many Grid
infrastructures– Policy Set:
Policy Revisions
• Grid Acceptable Use Policy (AUP)– for all VO members using many Grid
infrastructures EGEE, OSG, SEE-GRID, DEISA, national Grids…
• VO Security– responsibilities for VO managers and
members
– VO AUP to tie members to Grid AUP accepted at registration
• Incident Handling and Response – defines basic communications paths
– defines requirements reporting response protection of data analysis
– not to replace or interfere with local response plans
Security & Availability Policy
UsageRules
Certification Authorities
AuditRequirements
Incident Response
User Registration & VO Management
Application Development& Network Admin Guide
VOSecurity
Athens, 19 April 2006 26
Operational Security Coordination Team (OSCT)
• What it is not:– Not focused on middleware security
architecture
– Not focused on vulnerabilities (see Vulnerabilities Group)
• Focus on Incident Response Coordination– Assume it’s broken, how do we respond?
– Planning and Tracking
• Focus on ‘Best Practice’– Advice
– Monitoring
– Analysis
• Coordinators for each ROC
SSC1 - Job Trace
SSC2 - Storage Audit
Infrastructure
HA
ND
BO
OK
IncidentResponse
Policy
Procedures
Resources
Reference
Playbook
SecurityService
Challenge
Infrastructure
Agents
Deployment
MonitoringTools
3 strategies
OSCT membership ROC security contacts
Athens, 19 April 2006 27
Vulnerability Group
• Purpose: inform developers, operations, site managers of vulnerabilities as they are identified and encourage them to produce fixes or to reduce their impact
• Set up (private!) database of vulnerabilities
– To inform sites and developers
• Urgent action OSCT to manage
• After reaction time (45 days)
– Vulnerability and risk analysis given to OSCT to define action – publication?
– Will not publish vulnerabilities with no solution
• Report progress and statistics on vulnerabilities
• Balance between open responsible public disclosure and creating security issues with precipitous publication
Athens, 19 April 2006 28
General management of the User Support process
• A portal with a well structured information and updated
documentation
• Knowledgeable experts
• Correct, complete and responsive support
• Tools to help resolve problems
– search engines
– monitoring applications
– resources status
• Examples, templates, specific distributions for software of interest
• Interface with other Grid support systems
• Connection with developers, deployment, operation teams
• Assistance during production use of the grid infrastructure
Athens, 19 April 2006 29
Central Application
(GGUS)
DeploymentSupport
MiddlewareSupport
NetworkSupport
Operations Support
TPM
ROC 1 ROC 10ROC…
VOSupport
Interface
Webportal
The Support Model
““Regional Support with Central Coordination"Regional Support with Central Coordination"
The ROCs, VOs are connected via a central integration
platform provided
Regional Support units
User Support unitsTechnical Support units
Athens, 19 April 2006 30
Negotiates resources for user communities
• Brings together VOs and NGIs
• Negotiate for services and resources Run services on behalf of the VO Provide compute and/or storage resources
NOTE: Computational and storage resources are not funded by EGI
Athens, 19 April 2006 31
Interaction point with GEANT for grid issues
• Technical Network Liaison Committee to address grid issues with GEANT/NRENs
• Definition and establishment of Service Level Agreements for end-to-end services
• Joint operation of ENOC (e-Infrastructure Network Operations Centre)
• Deployment of network performance mgmt tools
• Coordination of input to GGF Network Measurements Working Group
Athens, 19 April 2006 32
Foundation Grid MiddlewareSecurity model and infrastructure
Computing (CE) & Storage Elements (SE)
Accounting
Information providers and monitoring
Applications
Higher-Level Grid ServicesWorkload Management
Replica Management
Visualization
Workflows
Grid economies
etc.
Middleware
• Provide specific solutions for supported applications
• Host services from many sources• More rapid changes than
Foundation Grid Middleware • Deployed as application software
using procedure provided by grid operations
• Application independent• Evaluate/adhere to new stds• Emphasis on robustness/stability
over new functionality• Deployed as a software
distribution by grid operations
Athens, 19 April 2006 33
Inte
grat
ion
Inte
grat
ion
VDT/OSG
OMII-Europe
EGEE
Etc.
…
Tes
ting
& C
ertif
icat
ion
Support, analysis, debuggingSupport, analysis, debugging
Pro
duct
ion
serv
ice
Pro
duct
ion
serv
ice
deploymentP
re-p
rodu
ctio
n se
rvic
e
Mid
dlew
are
prov
ider
s
Integration/testing
Certification activities
Middleware testing and certification
feedback
Athens, 19 April 2006 34
Software deployment paths• Foundation grid middleware and selected high-level
services are supported directly within EGI• Application and high-level services from other sw
providers will be incorporated
Production Pre-production Testing/ Integration
Support/ Development
Other sw providers
componentsreleases
components
high-level services
com
po
nen
ts