Info Resources

UABgrid wiki

• VomsInstallation: This page provides VOMS installation instructions from scratch. It does not provide any complex configuration options or explain terminology, however it is a good place
• VomsExploration: The exploration work done to gain better understanding of VOMS will be documented on this page. It may not contain all the successful tests, but I would like to keep this as a log of my exploration work.

Mailing lists

• OSG mailing list info

Manuals / Instructions

• VDT/VOMS man pages: The online man pages provide more information than command line help.

Papers/Presentations/Talks

• From gridmap-file to VOMS: Managing authorization in a Grid environment: Useful in explaining some concepts related to VO - need, structure (groups, roles, attributes etc...). PDF file link.
• XACML Profile and Implementation for Authorization Interoperability between OSG and EGEE

Notes gathered from OSG/VDT related reading

Grid - Set of VOs VDT/OSG - software stack for distributed computing applications

VDT and OSG use pacman for installing packages in its stack.

Pacman needs descriptior of what software packages are to be installed. Software caches = descriptor + actual software Two software caches

• VDT - grid-agnostic
• OSG - OSG specific VDT

OSG terminology / installation types

• Compute Element (CE)
  • gatekeeper role where s/w stack is installed
  • user submits job to batched system. CE submits job to Worker Nodes (WN).
  • frontend of cluster, CE to batch-system or batch-system to CE - doc seems contradicting?

• Worker Node (WN)
  • Single computer node on which work will be done

• Storage Element (SE):
  • Some entities will require/generate significant i/p o/p data -> need for SE.

• VOMS-
  • VOMS controls who is member of VO.
  • Installed separatly from CE
  • Other grid software such as EDG mkgridmap and GUMS (mentioned below) can consult VOMS to decide if a user is part of a virtual organization., this info comes from VDT site.

• VOMRS
  • Provides easy admin interface for VOMS (?)

• User mapping service
  • Users can specify their VO membership info while submitting job using voms-proxy.
  • VOMS-proxy = grid proxy + attr cert identifies user's VO and role in it.

• Other installation types
  • web-proxy (some users download job/data thru web sites)
  • shared file system

Types of user mapping services

• edg-gridmapfile
  • Can't interpret voms-proxy, useless in case user is member of multiple VOs.
  • Not possible/useful if several computers do authorization.

• GUMS: Complex and time consuming, but worth using.
  • contacts VOMS servers for the VOs you support and generates gridmap file which is used by globus.

Software stacks for VOMS

• OSG
• VDT
• gLite