CDA SC510 User's Guide download pdf (Page 3)

D2.1.4 IST-033576

Executive Summary

This document presents a prototype of the basic version of Linux-XOS, the Xtreem-

OS ﬂavor for a single PC. This prototype is a ﬁrst implementation of system

services described in deliverables D2.1.2 [1] and D2.1.3 [2]. Procedures to get,

install, conﬁgure, and experiment with each component of the prototype are de-

scribed. Links to documentation for users and developers are also provided.

The current prototype consists of two separate parts: kernel checkpointing/restart-

ing mechanisms and node-level VO support mechanisms.

Checkpoint/restart

In the context of XtreemOS, applications are composed of application units run-

ning on different grid nodes. An application unit is then deﬁned as a collection

of processes under the control of one operating system instance (i.e. a grid node),

either Linux-SSI or Linux-XOS. These processes could be multithreaded.

Due to the dynamic nature of virtual organizations, an application unit running

on a grid node may need to be moved to another node during its execution. In

the same way, an application may need to restart one of its application units that

has experienced the failure of the node it was running on. Therefore Linux-XOS

should implement methods and interfaces to checkpoint and restart applications.

Current prototype of checkpoint/restart presents low level functionalities of

checkpoint/restart for a single node; this prototype is based on BLCR [3]. The next

implementation will implement the interface described in [2], and will present a

ﬁrst implementation of upper layers of checkpoint/restart, i.e. grid checkpoint

layer and system checkpointer layer as described in [2].

Node-level VO support

The node-level VO support part includes a Pluggable Authentication Module (PAM)

extension, a Name Switch Service (NSS) extension, and auxiliary services/utili-

ties. With these components, VO users are dynamically mapped into local user

accounts provided that their credentials (i.e. XOS-cert) are validated. The map-

ping procedure is done in standard PAM conversations with the help of an Account

Mapping Service (AMS), which is in charge of the management of runtime map-

ping rules. The mapping information could then be fetched via standard naming

lookup APIs (e.g. getpw

,getgr

) that are hooked by the NSS extension.

Based on these PAM/NSS extensions, the most widely used shell tool, OpenSSH,

is extended to authenticate VO users with their XOS-cert credentials.

The current prototype of node-level VO support is a proof-of-concept of ex-

tending standard Linux to treat VO users as transparently as dealing with local ac-

1/49 XtreemOS–Integrated Project

1 2 3 4 5 6 7 8 ... 50 51

No comments

CDA SC510 User's Guide Page 3