1 / 18

HTASC - Report to HEP-CCC

HTASC - Report to HEP-CCC. David Kelsey, RAL d.p.kelsey@ rl.ac.uk 8 July 2000, SLAC ( http://home.cern.ch/~eauge/htasc/public/). HTASC #15 8th/9th June 2000, CERN. Agenda included: HTASC sub-groups Security group Windows 2000 Coordination Group LDAP coordination (not a group!)

kcreek
Download Presentation

HTASC - Report to HEP-CCC

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HTASC - Report to HEP-CCC David Kelsey, RALd.p.kelsey@ rl.ac.uk8 July 2000, SLAC (http://home.cern.ch/~eauge/htasc/public/) D.P.Kelsey, HTASC report

  2. HTASC #15 8th/9th June 2000, CERN Agenda included: • HTASC sub-groups • Security group • Windows 2000 Coordination Group • LDAP coordination (not a group!) • Roundtable reports • Regional Centres • X.509 Certificates • Future meetings/topics n.b. was to have been at Bologna - perhaps in October? D.P.Kelsey, HTASC report

  3. Membership of HTASC • New members • E. Auge (France) replaced by Francois Etienne • C. Declercq (Belgium) replaced by Rosette Vandenbroucke • Jorge Gomes (Portugal) - new member • Good attendance this time • We still need to appoint a new Secretary • Nicanor Colino (Spain) has volunteered to maintain the web pages D.P.Kelsey, HTASC report

  4. HTASC sub-groups • Security group (Tobias Haas, DESY) • action on HTASC to collect list of HEP security contacts • this continues - Tobias Haas will coordinate, with help from HTASC members • Tobias will leave HTASC now but stay as Security group Chair - next HTASC review in March 2001. • Windows 2000 Coordination group • this was created at Nov 99 HEP-CCC meeting • Christian Trachimow (DESY) reported to HTASC • Two meetings: DESY (30/31 March) and CERN (29/30 June) • June agenda: Active Dir, Kerberos/UNIX, App. support • W2000 workshop at HEPiX/HEPNT in October (USA) D.P.Kelsey, HTASC report

  5. Directories/LDAP • At last HEP-CCC (March 2000) • Directories/LDAP are becoming very important - Windows 2000, GRIDs, common access rights (e-groups), etc. • Strong support from HEP-CCC - CERN/IN2P3 group should organise an LDAP workshop for White Pages service • LDAP workshop has not yet happened • staff changes at CERN! • But various discussions about Globus Info Service • Proposal… • Ask Michel Jouvin to organise an LDAP workshop at next HEPiX? (October 2000) (Advantage: USA+Europe) D.P.Kelsey, HTASC report

  6. Roundtable reports • Germany • Univ of Mainz copied 100 GB from CERN (NA48) in 10 days (1 MB/s overnight) but had to stop as CERN complained it was clogging the network • he believed he was using the network for good purpose • good example of need for DiffServ. • GRID will require large bulk transfers. • Many reported congested networking to USA • There is a need for dissemination of info about GRID activities D.P.Kelsey, HTASC report

  7. Regional Centres • Aimed at coordination issues *between* the big data producers • particularly current experiments. • No wish to repeat/duplicate discussions in other places (MONARC, LHC Computing Review, DataGrid, FOCUS...) • Presentations • Woj Wojcik (IN2P3) • Luciano Barone (INFN) • John Gordon (RAL) • Kors Bos (NIKHEF) D.P.Kelsey, HTASC report

  8. Regional Centres (2) HTASC summary • IN2P3 and RAL - coordination issues • INFN and NIKHEF - plans for GRID facilities. • But, if the LHC GRID prototypes/testbeds are open to other experiments - will hit similar problems • Problems reported included • conflict between different experiments' choices of • hardware platform • operating systems (flavours and version numbers) • versions of compilers and libraries. • conflicts often make it very difficult to run a shared facility! D.P.Kelsey, HTASC report

  9. Regional Centres (3) • Data exchange formats (physical and logical) also cause problems • The exchange formats should be based on standards, not internal formats, and the number of interfaces to the data should be minimised (e.g. use RFIO?). • There are too many experiment-specific versions of general applications • BaBar has its own modified version of Objectivity • LHC++ has flags for LHCb. D.P.Kelsey, HTASC report

  10. Regional Centres (4) • AFS has been a success • a useful tool for remote use of s/w • but concerns about stability and scaling • GRID will require greater standardisation • HTASC encourages HEP-CCC to consider how to coordinate with HEP outside of Europe. • Worldwide coordination is highly desirable. D.P.Kelsey, HTASC report

  11. Regional Centres (5) • HTASC recommends • coordination between labs and experiments (how?) • early involvement of Regional centres in planning of new experiments • Continue standardisation on reduced h/w platforms. • Linux coordination would be very useful • working together on certification of new versions(as suggested at last HEPiX) • better tools for keeping s/w in step (between centres) D.P.Kelsey, HTASC report

  12. X.509 Certificates • Presentations to HTASC • Per Hagen (CERN) • Denise Heagerty (CERN) • also input from Roberto Cecchini (INFN) D.P.Kelsey, HTASC report

  13. X.509 Certificates (2) HTASC summary • Driving reason for X.509 Certificate Authorities (CA’s) in HEP is GRID/Globus software. • HTASC recommends that any infrastructure for Globus should also support other uses (if desirable?) • We need sufficient CA’s for the PP GRID • Who will operate them? • Which users will they support? • One model: Accelerator Lab issues certificates to all GRID users on an experiment • Alternatively: home institutes or national authorities. D.P.Kelsey, HTASC report

  14. X.509 Certificates (3) • Whatever, the advice of the GLOBUS team is to minimise the number of CA’s. • these need to be coordinated across HEP • all Globus clients/servers have a list of "trusted" CA’s. • easy way to distribute/maintain this list - should be static • Does a CA hierarchy add value? • hierarchy of real CA’s - a root HEP CA certifies the hierarchy of CA’s below it. • Or a few CA’s issuing the actual certificates for all HEP • but supported by a hierarchy of user registration authorities checking user credentials. D.P.Kelsey, HTASC report

  15. X.509 Certificates (4) • Must agree procedures for CA’s • to check user identities • to protect their servers and CA keys • so we can trust each other's certificates. • Many institutes are considering issuing certificates • for certifying exchange of official documents • Use same certificates for GRID? (Maybe - long term) D.P.Kelsey, HTASC report

  16. X.509 Certificates (5) • In the short term • we need an infrastructure for GRID testbeds • The DataGrid testbeds meeting in Lyon (30 Jun) • create a Task Force - coordinate national CA’s • must compare benefits of official institute-based scheme with the scaling problem of lists of "trusted" CA’s. • Security is a vital part of the GRID • need testing of certificates and CA’s (e.g. interworking) • And no mention of Smartcards! D.P.Kelsey, HTASC report

  17. Future HTASC meetings/Topics(provisional dates/plans) • 19/20 October 2000 (Provisional - Bologna?) • Markup Languages • Networking (evolution of WAN costs)/Diffserv/QoS • revisit LDAP? (if after the HEPiX meeting) • March 2001 (CERN) • review network security • Windows 2000 review • Other topics: • ideas always welcome! D.P.Kelsey, HTASC report

  18. Summary • HTASC invites HEP-CCC to consider/give advice on • LDAP coordination - White pages (and GRID?) • Workshop at next HEPiX? • Regional Centres • how to standardise s/w? how to coordinate? • HEP-CCC and/or HEPiX? • Other approaches? (HTASC group?) • X.509 certificates • leave it to DataGrid? • HTASC sub-group? • How to collaborate with USA? • future topics for HTASC consideration? D.P.Kelsey, HTASC report

More Related