We report on first experiences with building and operating an Edge Services
Framework (ESF) based on Xen virtual machines instantiated via the Workspace Service
available in Globus Toolkit, and developed as a joint project between EGEE, LCG, and
OSG. Many computing facilities are architected with their compute and storage
clusters behind firewalls. Edge Services are instantiated on a small set of gateways
to provide access to these clusters via standard grid interfaces. Experience on EGEE,
LCG, and OSG has shown that at least two issues are of critical importance when
designing an infrastructure in support of Edge Services. The first concerns Edge
Service configuration. It is impractical to assume that each virtual organization
(VO) using a facility will employ the same Edge Service configuration, or that
different configurations will coexist easily. Even within a VO, it should be possible
to run different versions of the same Edge Service simultaneously. The second issue
concerns resource usage: since Edge Services may become a bottleneck to a site, it is
essential that an ESF be able to effectively arbitrate resource usage (e.g., memory,
CPU, and networking) among different VOs. By providing virtualization on the level of
instruction set architecture, virtual machines allow configuration of independent
software stacks for each VM executing on a resource. Modern implementations of this
abstraction are extremely efficient and have outstanding fine-grained enforcement
capabilities. To securely deploy virtual machines, we use the Workspace Service from
the Globus Toolkit, which allows a VO administrator to dynamically launch
appropriately-configured system images. In addition, we are developing a library of
such images, reflecting the needs of presently participating communities ATLAS, CMS,
and CDF. We will report on first experiences building and operating this Edge
Services Framework.
Associated with Events:
CHEP2006 held from 13 Feb 2006 to 17 Feb 2006 in Mumbai, India
