terena nren-grids workshop 1/41/4 virtual organisations building a support infraestructure

TERENA NREN-Grids workshop 1/4

Virtual OrganisationsBuilding a support infraestructure


Virtual OrganisationsWhy a support infrastructure

• Users own and require resources• Shared• Collective

Resource

Resource

User

User

Resource

User

Resource

Resource

User

User

User

Resource

UserUser

User

User

User

Resource

Resource

A infrastructure to support this activities


Virtual Organisations

• A set of users• Working in a certain common area• Sharing similar needs

• Data processing• Access to data sources• Interaction among them

• Pursuing similar goals

• A set of resources• Computational• Storage• Data sources• Remote device operation• Knowledge bases• . . .

Resource

User

Resource

Resource

User

User

User

User

Resource

User

Resource


A support infraestructureThe IRISGrid case

• pkIRISGrid• Distributed RAs per organisation/VO• Based on the IRISGrid directory

• The IRISGrid AAI• Grid portal toolkits• Collaborative tools

• From mailing lists to real-time systems

• Resource location• Based on a federated approach

• The IRISGrid Directory• VO management: Users, centres, resources, research areas

• Web interfaces wherever possible• As integrated as we can


Collaborative toolsThe good old mailing lists

• Essential for basic interactions• General coordination lists

• Participants, support staff, middleware staff,...• General areas: HEP, biotech, astro-sciences,...• Owned by the IRISGrid admins

• A specific list per VO• Connected to the general areas the VO is classified in• Owned by the VO managers

• Based on listserv• The current mailing list software at RedIRIS

• Plans to migrate to Sympa• Better integration with the supporting infrastructure


Collaborative toolsPresence and instant messaging

• Informal and direct interaction• Both P2P and collective

• Automatic roster initialisation• People in the VO(s) a user is included

• Loose control• Direct management of contacts• Free creation and management of chat rooms

• Based on Jabber• Hosted at the RedIRIS server• Experiments with a server mesh• Experimenting with the integration of real-time

• Wiki in the queue


Collaborative toolsReal-time interactions

• Few Access Grid rooms• ROI perception by institutional responsibles

• Well-established network of H.323 conference rooms• Public directory available for users• GDS in operation and expanding

• Specific RedIRIS community in VRVS• Four reflectors in Spain (2 at the RedIRIS premises)• ~1500 registered users, ~800 reserved hours per month• Training activities• Good contact with the VRVS developers

• Exploring incorporation of AAI technologies

• Evaluating SIP.edu


The RedIRIS VRVS community


Resource location

• In the broad sense we have been using so far• From a cluster to a set of related papers

• Common directories are the usual answer to this• But they face data partition

• Formats, protocols, security (and privacy) considerations

• The result is the continuous re-building of central repositories of data• Almost automatically outdated with respect to their once local

sources

• The federated model comes into play once again• Accessing or collecting data from them using a trusted link• Maintaining total autonomy for the federated repository

• Policies, methods, interfaces• Offering a common (possibly particular) view of information


The Searchy architecture

• Each source incorporates an agent, available through a SOAP interface• Uses RDF as internal representation

• Agents for LDAP, SQL, Harvest, the Google API, and Searchy itself


A sample Searchy installation


The IRISGrid Directory

Centre

Centre

Centre

User

User

User

User

User

User

User

User

User

UserVO

VO

MDS

MDS

MDS

The IRISGrid Directory

Areaclassification

IRISGrid Globus Directory


The IRISGrid DirectorySchemas

• Support for VOs: irisgridVo• Support for Centres and/or departments: irisgridOu• Support for users: irisgridUser• Support for the PKI objects: pkirisgridCertObject, pkirisgridRA, pkirisgridUser

• Other iris-* schemas• irisPerson, irisInetEntity, copaObject, papiUser,...

• Extensions to the eduPerson schema

• Standardization in process through SCHAC• At least in the inter-institutional aspects

• Heavy use of the COPA coding schema to support navigation and searching


The IRISGrid DirectoryCOPA coding schema

• A coding schema to support (virtual) hierarchical access• Based in creating strings identifiers (URNs, for example) that

resemble the hierarchy of a given classification (or ontology)• Identifiers are added to data available for a certain element• Mappings between COPA identifiers and their semantics are kept

in a separate repository (directory branch, for example)

• Simplifies searches and navigation• Decouples representation from the view offered at each moment• Several views can be offered in parallel

• And hot-swap them

• More on this athttp://www.rediris.es/ldap/copa/copa-intro.en.pdf


The IRISGrid DirectoryA sample VO entry

COPA coding of the VO areas of research


The IRISGrid DirectoryA sample centre entry

VOs this centre is participating in


The IRISGrid DirectoryA sample user entry

VOs the user is member of Centre the user belongs to


Web interfaces

• Navigation and management of the IRISGrid Directory• Navigation and searching by research areas

• UNESCO Thesaurus, CATRE, e-Ciencia• VOs related to a certain area• Users participating in an VO• Collaborative resources available to a VO• mapfile generation• Centres related to VOs

• Navigation through the computational resources (MDS)• pkIRISGrid

• Users• RA operators

• Many tasks ahead


Web interfacesNavigating through an VO


Web interfacesNavigating through a centre


Web interfacesData for a certain user


Web interfacesGenerating a mapfile for an VO


Web interfacesNavigating MDS


Web interfacespkIRISGrid CSR

IRISGrid identifiername@scope

[email protected]

PIN (passphrase) usedfor revocations


Web interfacesCSR management at an RA

[email protected]

New CSR


Web interfacesInstalling a certificate

Issuer: CN=CA, OU=pki, DC=irisgrid, DC=esSubject: [email protected], DC=irisgrid, DC=es

terena nren-grids workshop 1/41/4 virtual organisations building a support infraestructure

Documents