Difference between revisions of "New VO deployment"

From GridPP Wiki
Jump to: navigation, search
Line 1: Line 1:
 
== Creating a New VO ==
 
== Creating a New VO ==
  
A ''Virtual Organisation'' or VO is a group or collaboration with a common purpose. It may be a particular project with funding, it may be a general purpose
+
A ''Virtual Organisation'' or VO is a group or collaboration with a common purpose. It may be a particular project with funding, it may be a common purpose, or it may be a specific group of people collaborating on a particular task. Typically, a VO will be able to share data with every member in the VO, and they will have resources allocated to them as a VO.
  
 
It is also possible to join an existing VO, of course, if there is one with similar goals: see the [http://operations-portal.egi.eu/vo/search EGI VO registration portal].
 
It is also possible to join an existing VO, of course, if there is one with similar goals: see the [http://operations-portal.egi.eu/vo/search EGI VO registration portal].

Revision as of 15:19, 25 June 2015

Creating a New VO

A Virtual Organisation or VO is a group or collaboration with a common purpose. It may be a particular project with funding, it may be a common purpose, or it may be a specific group of people collaborating on a particular task. Typically, a VO will be able to share data with every member in the VO, and they will have resources allocated to them as a VO.

It is also possible to join an existing VO, of course, if there is one with similar goals: see the EGI VO registration portal.

What follows below is general information that you should be aware of if you want to start a VO. There are sort of two different flavours of VOs, a national (or local) one where

Information needed

The VO will need to provide some information, partly for security reasons and partly to let system administrators judge what resources the VO will be likely to need.

  • Name of the VO. This should be reasonably short, distinctive, and must not clash with any existing VO. A VO will typically have two names, a short name (usually lower case), say "poohsticks" (an experiment running poohsticks simulations), and a DNS style name, such as vo.poohsticks.org (assuming they own the DNS name poohsticks.org.)
  • VO management: a VO manager (who can decide membership of VO, roles and responsibilities), plus ideally at least one deputy or co-manager. You will need a mailing list (e.g. poohsticks-management@example.com)
  • VO support contacts (optional) - you can choose to register
  • Security contacts - ideally at least two people who can respond quickly in the event of a security incident relating to a member of the VO, or to the VO as a whole.
  • VO/VOMS server, file catalogue etc. end-points (see below).
  • Hardware requirements - memory size, disk space etc.
  • Software requirements - any software beyond the basic Linux tools/libraries, including things which are part of standard distributions as they may not be installed by default.
  • Typical usage pattern - expected job frequency and variation over time, job length, data read and written per job etc.
  • General procedures - for example if the site has to request the installation of VO software.
  • Size of the VO (i.e how many users), to give a guide to how many pool accounts to create.

See the Phenogrid web site for an example of the sort of thing required. You can also have a look at a questionnaire which EGEE has used to start discussions with new VOs.

Security considerations

The VO will need to provide administrators who take responsibility for adding users into the VO, checking that they understand their responsibilities, and if necessary removing them from the VO if they abuse the system. VOs should define what constitutes acceptable use for their members (in addition to the general acceptable use policies applicable to all grid users).

Some of the security policy documents are relevant to VO creation and operation, and the VO administrators need to ensure that they comply with the relevant policies.

VO services

Each VO will need some VO-specific services. At a minimum you need a VO/VOMS server to store the list of VO users, but file catalogues, resource brokers and perhaps other services may also be needed. These may be run by the VO itself or, by negotiation, as part of the general GridPP infrastructure. In particular a GridPP VOMS server is run by Manchester for the use of the GridPP community; contact the VOMS manager for more information.

Getting the VO enabled at sites

Enabling a VO is a relatively easy process, and sites which are directly associated with the VO (including sites in other countries) should be able to do it given the information described above. To get further resources from other GridPP sites, contact the Deployment Team.

VO software installation

There are various models for dealing with the installation of VO-specific software. If only a few dedicated sites are involved the software can be directly installed by the administrators. If the software is relatively compact it can be shipped with the job in the sandbox, or downloaded from a Storage Element or a web site.

There is also a more general method to install software in VO-specific disk space visible from the Worker Nodes.

Support procedures

  • VOs should be prepared to support their users at least in the use of VO-specific software.
  • More general Grid support will be provided by GridPP as a whole, including community support by users themselves.
  • VO support liaison should sign up for a mailing list (details to be added)

The standard support route for all Grid users is the GGUS portal, as described here. For regional (e.g. GridPP-specific) VOs the tickets will generally be directed back to the UK Grid helpdesk. There is also a GridPP Users mailing list (see the JISCmail web site for subscription information).

The EGI VO Registration Form can be found here. It also provides a list of documents you should consult before creating a new VO.

The general procedure is sketched out in the section Instruction for VO administrators. The process is still under development, and anyone wishing to create a new VO should contact the Deployment Team for further help and information (in particular the Production Manager, Security Officer and VOMS Manager).

This page is a Key Document, and is the responsibility of Jens Jensen. It was last reviewed on 2015-05-05 when it was considered to be 80% complete. It was last judged to be accurate on 2015-05-05.