Core Services

From TeraGrid Wiki

Jump to: navigation, search

This page summarizes the processes and procedures through which users are brought into the TeraGrid, from allocations to user creation, and are authorized to use TeraGrid resources. The services span allocations, authorization and authentication, accounting and accountability.

For information and plans about the next generation of Core Services, see the Core Services 2.0 page.

 The info in the Wiki pages referenced here needs to be
 re-organized and consolidated.

Contents

Allocations

Users begin or continue their access to and use of TeraGrid resources via the Allocations process. In brief, there are three tiers of allocations--Development, Medium and Large, each with their own review process. The xRAC process encompasses the medium and large allocations. The DAC process is a lighter-weight process (documentation needed).

An overview of making allocation requests is now provided within the TG User Portal. The current official allocation policy document is on the CIP web site; it is slated for transfer to the TeraGrid site soon.

Allocation requests are submitted, reviewed and awarded electronically via the Partnership Online Proposal System (POPS). POPS encompasses three sets of applications, one each for proposal submission, proposal review, and process administration.

Science Gateways are eligible for Development, Medium or Large allocations, via the same procedures as other requests.

Some misc allocations stuff is included on this poorly named Wiki page.

Mailing Lists

  • allocations-wg at teragrid.org is a place for discussions of allocations related topics by TG staff.
  • allocations at teragrid.org is where users can have their allocations questions answered, request transfers, and so on.
  • pops-alloc at teragrid.org is the list for help requests from POPS users. It is also used for day-to-day allocations business, autogenerated POPS email and the like. (It may make sense to merge the allocations and pops-alloc mail lists.)
  • pops-devel at teragrid.org reaches the POPS developers. Send bug reports and the like to this list.
  • pops-admin at teragrid.org reaches those persons with admin privileges in POPS. Not commonly used.

Authorization

The current procedures by which projects and users are authorized to use TeraGrid resources are documented here.

Per procedure discussed by TeraGrid, all New User Packets are sent to the project PI for distribution to individuals.

Community User Accounts for Science Gateways are initiated in the same way, through the Add User form of the TG User Portal. Current policy creates such users with the string "Community User" as the last name.

Mailing Lists

  • allocations at teragrid.org is the primary mailing list for users and TG RPs to contact regarding day-to-day activities related to this area.

TeraGrid Roaming

The current policies and implementation of TeraGrid Roaming have implications both for Allocations and Authorization.

Authentication

Once a user is authorized to use TeraGrid, the individual has two primary options for authenticating. NCSA, PSC, SDSC and TACC permit authentication via passwords. The other RPs require management of an SSH key pair. Login instructions are provided on the Individual Resource Login page of the TeraGrid web site.

Users also have the option of authenticating via Single Sign-on. Instructions are available at the Access to the TeraGrid web page. More details are available at the MyProxy pages.

TeraGrid Single Sign-on relies on integrated distribution of Distinguished Names (DNs) via TGCDB/AMIE and local RP implementation of these policies via gx-map or other tools. Two Wiki pages discuss Distinguished Names and DN Propagation and Management; it is not clear which one is current or definitive.

Beyond these mechanisms, other TeraGrid staff are experimenting with a grid-based Authentication and Authorization prototype using Shibboleth and other technologies.

Accounting

The business rules of the TeraGrid accounting system are embedded in the TeraGrid Central Database (TGCDB). The TGCDB creates projects and users and associates them with allocations on resources and then prepares to accept usage charges against those allocations from the RPs.

Usage charges are send by RPs via AMIE packets, generally one job per packet. High-throughput systems can send aggregate usage packets, as does Purdue for its Condor system. RPs can also send AMIE packets for debits and credits against allocations. Credits include job refunds; debits include reservation charges.

The TGCDB also sends AMIE packets to RPs to notify them about projects that have expired or exhausted their allocations. The TGCDB also has the capability to notify allocation PIs that their allocations are nearly and/or completely exhausted; RPs can choose to use this service to notify PIs with allocations on their resources.

The Accounting Working Group is responsible for the smooth functioning of the accounting system and the uninterrupted flow of AMIE packets between the TGCDB and the local RP accounting systems.

The AMIE software and documentation is available online, and RPs are responsible for implementing the interfaces between their local systems and AMIE to comply with the AMIE packet protocols. For convenience, the AMIE software and documentation may be downloaded directly from:

Mailing lists:

  • accounting-wg at teragrid.org is the mailing list for the TG Accounting Working Group and discussions among its members.

Accountability

For users, the primary tool for managing their allocations and monitoring their progress is the TeraGrid User Portal's My TeraGrid tab. This section of the portal shows users their login names on the various TG resources, their active projects, allocations and usage. The portal queries the TGCDB for this information.

Users and PIs also use the portal to register DNs and add additional users to their profiles or projects.

PIs and users can also monitor their allocation usage with the tgusage command-line tool. By default, tgusage will show an individual only his or her own usage, while PIs can see usage by all users on their projects. TeraGrid staff can be made tgusage "superusers" for the purpose of monitoring any user's usage.

TeraGrid staff can monitor the profiles and allocations of all TeraGrid projects known to TGCDB via the TeraGrid Allocations and Usage page. This site includes search capabilities, basic live allocation reports, tools to audit accounting data, and queries associated with metrics for quarterly status reports.

Mailing lists:

  • accounting-wg at teragrid.org is generally the best list for questions or comments regarding accountability matters, the web page mentioned above and tgusage.
Personal tools