Difference between OSG and Engage VOs?
Engage VO is a template for new communities who we are supporting as they learn to use the OSG and adapt their applications and systems for production use of the infrastructure.
OSG VO is for individuals, small groups, OSG Staff and is managed by the OSG itself. Policies and agreements for this VO are used to determine who can join, the length of time they are enabled to use the OSG.
- Make it easier and more dynamic to instantiate VOs
- Have a clearer understanding of the roles of VO-groups - our intent is that they may be treated equivalently to VOs in a recursive fashion (see the Blueprint). VO-groups can inherit the properties of their parent VO. Where do we define whether to support a new user/user group as a VO-Group or a VO.
How does a VO know it can run at a site?
- VO in GUMS template
- Users names mapped to actually exist
- GUMS pulls from the relevant VO Namespace in its entirety and implements a map
- Some sort of home directory exists for each mapped username on each GRAM and GridFTP? host
- site advertises support for the VO (via GIP-CEMON-VORS?)
- the CA's the VO uses are trusted on the site.
Tests a VO a User can do to check a site accepts them?
- globus-run -a -r
- global-job-run osgtest? $OSG_GRID/?
- globus-url-copy myfile <-> $OSG_APP/mydir/
- Get list of sites from VORS
- for each site run TestSite?
run on WN
PPT -- how OSG works today.
Goal: Deliver document what the state of the art is for PPT on OSG today. Goal to identify holes and inconsistencies. The document should be precise and end-to-end. Discussion and details should be in Appendices. This document will be presented and discussed at the Trash/Blueprint meeting on 7th June. Following the review and acceptance of this deliverable we will start discussing future needs and roadmap.
- Review of global VO namespace. VOs, groups, roles - John Hover
- Review of access enforcement and control by the VO as a user organization and by the resources providers - John Weigand
- Review of Security auditing and accounting of VOs, groups, roles and their use - Steve Timm
- Review of policy definition and policy enforcement capabilities, including VO and site level, and in the OSG "just in time" WMS systems.
- Priority of CPU access - Gabriele
- "priority" of storage access - Ted
- priority of data transfer - Ted
Supporting and reviewing this document are: Abhishek, Frank, Don, Alain, Torre
- 22 Apr 2007