Hi Aaron,
You are completely right that there is no need to install all Globus-
related services on a single machine, and it makes sense to distribute
the functionality you need according to the type of work being done.
With respect to MyProxy, in particular, MyProxy should only be run in
a very secure manner on a machine that preferably has no logon access
for regular users and a minimum of administrative accounts. Th need
to run MyProxy servers as securely as possible only makes sense, and
has been well documented elsewhere.
While not yet converted to GT5, the Open Science Grid implementation
of services based on the virtual Data Toolkit provides one set of
practical examples of division of specialized GT-based grid services.
In that set of examples, packages have been assembled that provide
implementation of GRAM-based job submission services via gatekeeper
nodes (optionally but not necessarily the head nodes of clusters)
along with other services comprising a "Compute Element," along with
others for file transfer etc. comprising those of a "Storage Element,"
etc. Other services you might have a site would handle site-wide
authorization, and so forth. Most other grids that grow into
production status develop similar specialization among the types of
node used in providing services.
In any case, you should, generally speaking, not run MyProxy on a
service node of your grid implementation that runs any other services.
Others on the list with additional experience running MyProxy servers
may also want to comment.
Hope this helps,
Alan
On Feb 1, 2010, at 9:10 PM, Aaron Hicks wrote:
Sorry everyone, posted this to the wrong list.
...perhaps the announce list shouldn't be postable by anyone.
-----Original Message-----
From: [email protected] [mailto:[email protected]
] On Behalf Of Aaron Hicks
Sent: Tuesday, 2 February 2010 1:29 p.m.
To: [email protected]
Subject: [Globus] Breaking up the Globus modules
Hi all,
The Globus toolkit documentation states that Globus Toolkit 5.0.0 is
modular, and it gives some explanation about each component
(MyProxy, GridFTP, RLS, GRAM5, etc). What's not stated is which
modules must be installed on First Node ('elephant' in the
Quickstart guide), and which modules could be installed on other
servers.
It looks like MyProxy and GridFTP could be set up on separate
machines, but I'm unsure about the other components.
We'd like to _not_ have a single monolithic installation on the head
node of our cluster, and instead distribute out various services
(like MyProxy) to virtual machines, or GridFTP/RLS onto a server/VM
backed by our SAN. This would allow us to tweak these components of
Globus without interfering with the others.
...it's going to be complex enough setting up GRAM5 so that it pipes
jobs into SGE. It looks like it should just work.
Regards,
Aaron Hicks
Please consider the environment before printing this email
Warning: This electronic message together with any attachments is
confidential. If you receive it in error: (i) you must not read,
use, disclose, copy or retain it; (ii) please contact the sender
immediately by reply email and then delete the emails.
The views expressed in this email may not be those of Landcare
Research New Zealand Limited. http://www.landcareresearch.co.nz
Please consider the environment before printing this email
Warning: This electronic message together with any attachments is
confidential. If you receive it in error: (i) you must not read,
use, disclose, copy or retain it; (ii) please contact the sender
immediately by reply email and then delete the emails.
The views expressed in this email may not be those of Landcare
Research New Zealand Limited. http://www.landcareresearch.co.nz
Alan Sill, Ph.D
Senior Scientist, High Performance Computing Center
Adjunct Professor of Physics
TTU
====================================================================
: Alan Sill, Texas Tech University Office: Admin 233, MS 4-1167 :
: e-mail: [email protected] ph. 806-742-4350 fax 806-742-4358 :
====================================================================