论文信息 - glideinWMS experience with glexec

glideinWMS experience with glexec

Multi-user pilot infrastructures provide significant advantages for the communities using them, but also create new security challenges. With Grid authorization and mapping happening with the pilot credential only, final user identity is not properly addressed in the classic Grid paradigm. In order to solve this problem, OSG and EGI have deployed glexec, a privileged executable on the worker nodes that allows for final user authorization and mapping from inside the pilot itself. The glideinWMS instances deployed on OSG have been now using glexec on OSG sites for several years, and have started using it on EGI resources in the past year. The user experience of using glexec has been mostly positive, although there are still some edge cases where things could be improved. This paper provides both the usage statistics as well as a description of the still remaining problems and the expected solutions.

[1] Igor Sfiligoi,et al. The Pilot Way to Grid Resources Using glideinWMS , 2009, 2009 WRI World Congress on Computer Science and Information Engineering.

[2] D. Kranzlmüller,et al. The European Grid Initiative (EGI) , 2010 .

[3] Warren Andrews,et al. Operating a production pilot factory serving several scientific domains , 2011 .

[4] Paul Avery,et al. The Open Science Grid , 2007 .

[5] Douglas Thain,et al. Distributed computing in practice: the Condor experience , 2005, Concurr. Pract. Exp..

[6] Ian Macneill,et al. Reducing the Human Cost of Grid Computing With glideinWMS , 2011, CLOUD 2011.

[7] David Groep,et al. gLExec: gluing grid computing to the Unix world , 2008 .