Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "How To Join As A Resource Provider"

From EGIWiki
Jump to navigation Jump to search
 
(5 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[[Category:Operations]]
= Overview =
= Overview =


As of August 2016, the European Grid Infrastructure (EGI) connects more than X resource centres to X users across Europe and beyond. EGI is always looking to expand the number of providers and invites unaffiliated resource centres to join in.
As of June 2017, the European Grid Infrastructure (EGI) connects more than X resource centres to X users across Europe and beyond. EGI is always looking to expand the number of providers and invites unaffiliated resource centres to join in.
If you are the representative of a resource centre or a cluster interested in joining the infrastructure, we invite you to go through the following steps:
If you are the representative of a resource centre or a cluster interested in joining the infrastructure, we invite you to go through the following steps:


Line 11: Line 13:
**If you are a representative from a National Grid Initiative or other Resource Infrastructure Provider, please send an e-mail to the EGI.eu Operations team (operations AT egi.eu) which will assist you during the integration process. Please note that new resource infrastructure providers must first be accredited by the EGI Council. To do so non-European resource infrastructure providers can start a formal collaboration with EGI.eu through a Memorandum of Understanding.
**If you are a representative from a National Grid Initiative or other Resource Infrastructure Provider, please send an e-mail to the EGI.eu Operations team (operations AT egi.eu) which will assist you during the integration process. Please note that new resource infrastructure providers must first be accredited by the EGI Council. To do so non-European resource infrastructure providers can start a formal collaboration with EGI.eu through a Memorandum of Understanding.


Either your country is already part of EGI or not, the integration process is described step by step in the [https://wiki.egi.eu/wiki/PROC09 Resource Centre Registration and Certification procedure]: the registration makes the EGI infrastructure aware of the new resources you offer, while the certification takes care of validating the registration itself and testing the services work correctly. In the context of the registration, you will become part of a Resource Infrastructure such as a National Grid Initiative (NGI), an EIRO, or a multi-country Resource Infrastructure.  
Either your country is already part of EGI or not, the integration process is described step by step in the [https://wiki.egi.eu/wiki/PROC09 Resource Centre Registration and Certification procedure]: the registration makes the EGI infrastructure aware of the new resources you offer, while the certification takes care of validating the registration itself and testing the services work correctly. In the context of the registration, you will become part of a Resource Infrastructure such as a National Grid Initiative (NGI), an EIRO, or a multi-country Resource Infrastructure.


= General requirements =
= General requirements =
Line 17: Line 19:
* agreements and policies
* agreements and policies
For being part of the EGI infrastructure, a resource centre will have to comply with a series of operational and security requirements by signing an [https://documents.egi.eu/public/ShowDocument?docid=31 Operational Level Agreement] (OLA), a document that defines the minimum set of operational services and the respective quality parameters that a Resource Centre is required to provide in EGI, and accepting the [https://documents.egi.eu/document/86 Grid Security Policy], the [https://documents.egi.eu/document/75 Grid Resource Centre Operations Policy], the [https://documents.egi.eu/document/76 Resource Centre Registration Security Policy] and in general all the [https://wiki.egi.eu/wiki/SPG:Documents EGI security policies].
For being part of the EGI infrastructure, a resource centre will have to comply with a series of operational and security requirements by signing an [https://documents.egi.eu/public/ShowDocument?docid=31 Operational Level Agreement] (OLA), a document that defines the minimum set of operational services and the respective quality parameters that a Resource Centre is required to provide in EGI, and accepting the [https://documents.egi.eu/document/86 Grid Security Policy], the [https://documents.egi.eu/document/75 Grid Resource Centre Operations Policy], the [https://documents.egi.eu/document/76 Resource Centre Registration Security Policy] and in general all the [https://wiki.egi.eu/wiki/SPG:Documents EGI security policies].
* support the X509 certificates
* support the X509 certificates and/or federated AAI
The resource centres belonging to the EGI infrastructure have to properly configure the provided services with the EGI AAI: this means that the IGTF trust anchors CAs distribution to enable the X509 authentication have to be updated in a timely manner. Usually a new CAs release is available every month.
The resource centres belonging to the EGI infrastructure have to properly configure the provided services with the EGI AAI: this means that the IGTF trust anchors CAs distribution to enable the X509 authentication have to be updated in a timely manner. Usually a new CAs release is available every month.
EGI is also implementing user authentication through the CheckIn AAI platform. CheckIn is able to provide authentication information in SAML and OIDC, as an alternative to X.509.
* monitoring and accounting
* monitoring and accounting
The services provided by a resource centre have to run interfaces that allow their monitoring, in order to constantly check their functioning and periodically produce reports on the quality of service offered; at the same time the measurement of resources usage have to be allowed, through the properly tools provided by EGI.
The services provided by a resource centre have to run interfaces that allow their monitoring, in order to constantly check their functioning and periodically produce reports on the quality of service offered; at the same time the measurement of resources usage have to be allowed, through the properly tools provided by EGI.
Line 45: Line 48:


A typical resource centre comprises components for HTC Compute, Storage Management, and Information discovery capabilities; but depending on the needs of the user communities that are mainly using your resources, the type of services exposed may vary.
A typical resource centre comprises components for HTC Compute, Storage Management, and Information discovery capabilities; but depending on the needs of the user communities that are mainly using your resources, the type of services exposed may vary.
[edit] Which components of my private cloud will interact with the federated cloud components?
For OpenStack they are:
Keystone
Nova
Ceilometer (optional)
Glance


== '''How my daily operational activities will change?''' ==
== '''How my daily operational activities will change?''' ==
For the most part daily operations will not change.
For the most part daily operations will not change.


An administrator of a resource centre part of the EGI infrastructure, hence supporting international communities, has to act proactively for maintaining its services working and up-to-dated, and for providing support through the EGI official channels. This means following up GGUS tickets submitted through helpdesk.egi.eu, including either requests from user communities or tickets triggered by failures detected by the monitoring infrastructure: a team of operators checks daily the monitoring system, promptly notifying the resource centres about the occurrence of failures and providing at the same time help for solving the problems.
An administrator of a resource centre part of the EGI infrastructure, hence supporting international communities, has to act proactively for maintaining its services working and up-to-dated, and for providing support through the EGI official channels. This means following up GGUS tickets submitted through helpdesk.egi.eu, including either requests from user communities or tickets triggered by failures detected by the monitoring infrastructure: a team of operators checks daily the monitoring system, promptly notifying the resource centres about the occurrence of failures and providing at the same time help for solving the problems. As previously written, other requests can regard the upgrade or decommission of unsupported software, and the fixing of security vulnerabilities when discovered.
 
The resource centre will have to comply with the operational and security requirements. All the EGI campaigns aim at implementing service provisioning best practices and common requirments. Mitigate security vulnerabilities, and update unsupported operating system and software are part of the activities of a resource centre anyways (also for the non-federated ones), EGI and the Operations Centres coordinate these activities in order to have them implemented in a timely manner.


In summary, most of the site activities that are coordinated by EGI and the NGIs are already part of the work plan of a well-maintained resource centre, the additional task for a site manager is to acknowledge to EGI that the task has been performed.
In conclusion, most of the site activities that are coordinated by EGI and the NGIs are already part of the work plan of a well-maintained resource centre: the additional task for a site manager is to acknowledge to EGI that the requested action has been performed.

Latest revision as of 16:03, 23 November 2017


Overview

As of June 2017, the European Grid Infrastructure (EGI) connects more than X resource centres to X users across Europe and beyond. EGI is always looking to expand the number of providers and invites unaffiliated resource centres to join in. If you are the representative of a resource centre or a cluster interested in joining the infrastructure, we invite you to go through the following steps:

  • CASE 1: your country is already part of EGI
    • Please contact the resource provider in your country and they will assist you in the process (see the general requirements at the bottom of the page).
  • CASE 2: your country is not on the list of EGI resource providers https://www.egi.eu/federation/data-centres/
    • If you are a representative from a resource centre / site / cluster, being part of EGI is still possible. Please send an e-mail to the EGI.eu Operations team (operations AT egi.eu) which can help you to become part of the infrastructure, and will assist you through the different steps, from resource centre registration to certification (see the requirements at the bottom of the page)
    • If you are a representative from a National Grid Initiative or other Resource Infrastructure Provider, please send an e-mail to the EGI.eu Operations team (operations AT egi.eu) which will assist you during the integration process. Please note that new resource infrastructure providers must first be accredited by the EGI Council. To do so non-European resource infrastructure providers can start a formal collaboration with EGI.eu through a Memorandum of Understanding.

Either your country is already part of EGI or not, the integration process is described step by step in the Resource Centre Registration and Certification procedure: the registration makes the EGI infrastructure aware of the new resources you offer, while the certification takes care of validating the registration itself and testing the services work correctly. In the context of the registration, you will become part of a Resource Infrastructure such as a National Grid Initiative (NGI), an EIRO, or a multi-country Resource Infrastructure.

General requirements

  • agreements and policies

For being part of the EGI infrastructure, a resource centre will have to comply with a series of operational and security requirements by signing an Operational Level Agreement (OLA), a document that defines the minimum set of operational services and the respective quality parameters that a Resource Centre is required to provide in EGI, and accepting the Grid Security Policy, the Grid Resource Centre Operations Policy, the Resource Centre Registration Security Policy and in general all the EGI security policies.

  • support the X509 certificates and/or federated AAI

The resource centres belonging to the EGI infrastructure have to properly configure the provided services with the EGI AAI: this means that the IGTF trust anchors CAs distribution to enable the X509 authentication have to be updated in a timely manner. Usually a new CAs release is available every month. EGI is also implementing user authentication through the CheckIn AAI platform. CheckIn is able to provide authentication information in SAML and OIDC, as an alternative to X.509.

  • monitoring and accounting

The services provided by a resource centre have to run interfaces that allow their monitoring, in order to constantly check their functioning and periodically produce reports on the quality of service offered; at the same time the measurement of resources usage have to be allowed, through the properly tools provided by EGI.

  • daily operations

All the EGI middleware campaigns aim at implementing service provisioning best practices and common requirments. Mitigate security vulnerabilities and update unsupported operating systems and softwares are part of the activities of a resource centre: EGI and the Operations Centres coordinate these activities in order to have them implemented in a timely manner.

Questions and answers

Do I lose control on who can access my resources if I join the EGI infrastructure?

No

EGI uses the concept of Virtual Organisation (VO) to group users. The resource provider has complete control on the VOs accessing to the resources and on the quotas or restrictions to assign to each VO. Although not recommended, you can even restrict the automatic access of users within a VO and manually enable individual members.

How many components do I have to install?

The minimum required set of functional capabilities to provide is described in the RC OLA.

In general, there are components for:

  • Cloud Computing
  • File Transfer
  • Storage Management
  • Data Access
  • Metadata Catalogue
  • HTC Compute
  • additional Information Discovery capability

A typical resource centre comprises components for HTC Compute, Storage Management, and Information discovery capabilities; but depending on the needs of the user communities that are mainly using your resources, the type of services exposed may vary.

How my daily operational activities will change?

For the most part daily operations will not change.

An administrator of a resource centre part of the EGI infrastructure, hence supporting international communities, has to act proactively for maintaining its services working and up-to-dated, and for providing support through the EGI official channels. This means following up GGUS tickets submitted through helpdesk.egi.eu, including either requests from user communities or tickets triggered by failures detected by the monitoring infrastructure: a team of operators checks daily the monitoring system, promptly notifying the resource centres about the occurrence of failures and providing at the same time help for solving the problems. As previously written, other requests can regard the upgrade or decommission of unsupported software, and the fixing of security vulnerabilities when discovered.

In conclusion, most of the site activities that are coordinated by EGI and the NGIs are already part of the work plan of a well-maintained resource centre: the additional task for a site manager is to acknowledge to EGI that the requested action has been performed.