Cloud Computing with NimbusOSG All Hands Meeting
March 2009
Kate Keahey
University of Chicago
Argonne National Laboratory
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
Cloud Computingfor Science
Environments:complexity andconsistency
Resource control
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
Nimbus
Nimbus goals Allow providers to build clouds
Private clouds (privacy, expense considerations) E.g., Workspace Service: open source EC2 implementation
Allow users to use cloud computing Do whatever it takes to enable scientists to use IaaS E.g.,Context Broker: creates turnkey virtual clusters
Allow developers to experiment with Nimbus For research or usability/performance improvements Community extensions and contributions, e.g Ian Gable
and his team (UVIC) contributed a monitoring component
First released in September 2005
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
VWSService
The Workspace Service
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
The Workspace Service
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
Poolnode
The workspace service publishesinformation about each workspace
Users can find outinformation about theirworkspace (e.g. what IP
the workspace wasbound to)
Users can interactdirectly with their
workspaces the sameway the would with a
physical machine.
VWSService
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
Workspace Service:Interfaces and Clients
Two kinds of interfaces: Web Service Resource Framework (WSRF)
Web Services + state management (WS-Notification) Cloud client (similar commads to the EC2 client)
Elastic Computing Cloud (EC2) Supported: ec2-describe-images, ec2-run-instances, ec2-describe-
instances, ec2-terminate-instances, ec2-reboot-instances, ec2-add-keypair, ec2-delete-keypair
Unsupported: availability zones, security groups, elastic IP assignment,REST
Works with EC2 clients
You can use one, or the other, or both
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
Workspace Service: Security
Authenticating and authorizing requests WSRF interfaces: GSI
Support for proxies, VOMS, Shibboleth (via GridShib), custom PDPs
EC2 interfaces Vanilla PKI X509 support
Secure access to VMs EC2 key generation or accessed from .ssh
Towards protecting data from the provider Extensions from Vienna University of Technology:
Paper: Descher et al., Retaining Data Control inInfrastructure Clouds, ARES (the InternationalDependability Conference), 2009.
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
Workspace Service: Networking
Network configuration External: public IPs or private IPs (via VPN)
Internal: private network via a local clusternetwork
Each VM can specify multiple NICs mixingprivate and public networks (WSRF only) E.g., cluster worker nodes on a private
network, headnode on both public andprivate network
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
Workspace Components
workspacecontrol
workspaceresourcemanager
workspacepilot
workspaceclient
workspaceservice
EC2
WSRF
OpenNebulaProject
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
MPIMPI
Turnkey Virtual Clusters
Turnkey, tightly-coupled cluster Shared trust/security context Shared configuration/context information
Context Broker goals Every appliance Every cloud provider Multiple distributed cloud providers
Used to contextualize 100s of virtual nodes for EC2 HEP STARruns, Hadoop nodes, HEP Alice nodes…
Working with rPath on developing appliances, standardization
IP1IP1 HK1HK1 IP2IP2 HK2HK2 IP3IP3 HK3HK3
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
Science Clouds
Goals:
Enable scientific projects to experiment with IaaS clouds
Evolve software in response to the needs of scientific projects
A laboratory for exploration of cloud interoperability issues
Participants University of Chicago (since 03/08, 16 nodes), University of
Florida (05/08, 16-32 nodes, access via VPN), Masaryk University,Brno, Czech Republic (08/08), Wispy @ Purdue (09/08)
In progress: IU, Grid5K, Vrije, others Using EC2 for large runs
http://workspace.globus.org/clouds
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
Who Runs on Nimbus?
Project diversity: Science, CS, education, build&test…
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
STAR STAR: a high-energy physics experiment Need resources with the right configuration
Complex environments Consistent environments
A virtual OSG STAR cluster OSG cluster: OSG CE (headnode), gridmapfiles, host
certificates, NSF, Torque, worker nodes: SL4 + STAR
Requirements One-click virtual cluster deployment Moving virtual clusters: Science Clouds -> EC2
From proof-of-concept to productions runs Work by Jerome Lauret, Doug Olson, Leve Hajdu, Lidia
Didenko at BNL Significant productions runs in progress now: results to be
published at Quark Matter conference and CHEP
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
Infrastructure Testing
Motivation Test middleware scalability, use of different platforms, etc.
Workspaces Globus 101 and several different environments
Requirements very short-term but flexible access to diverse platforms
Work by various members of the Globus community (TomHowe and John Bresnahan), short-lived “communities of one”
Resulted in provisioning a private cloud for Globus
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
Alice HEP Experiment at CERN
Collaboration with CERNVM project
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
Making a Hadoop Cloud
Papers: “Sky Computing”, by K. Keahey, A. Matsunaga, M. Tsugawa, J.
Fortes. Submitted to IEEE Internet Computing. “CloudBLAST: Combining MapReduce and Virtualization on
Distributed Resources for Bioinformatics Applications” by A.Matsunaga, M. Tsugawa and J. Fortes. eScience 2008.
U of FloridaU of Chicago
Purdue
Hadoop cloud
3/4/09 The Nimbus Toolkit: http//workspace.globus.org
Thoughts…
Science-driven cloud computing OSG as user vs OSG as provider
OSG virtual cluster available for use Providing hardware resources as cloud
How does IaaS fit into our world? Combine with what we have (grid computing) Explore new potential
Interoperability Academic vs commercial resources Standards: “rough consensus & working code”
Importance of open source Drive requirements into the infrastructure, customize Drive the development of standards