cloud-access author: riccardo bruno. cloud-access flow web portal a user accesses through any device...
TRANSCRIPT
cloud-access
Author: Riccardo Bruno <[email protected]>
cloud-access flow
web portal
A user accesses through any device to a portal requesting access to an interactive application hosted by a Grid/Cloud node.
Then a long polling request waits until the resource will be available
cloud-access flow
App/Protocol
ca_server
web portal
The web portal informs the ca_server about the requested resource
The ca_server maintains a registry containing information about the any requested resource as well as how to access the remote resource once available
Registry
The long-polling(*) request waits until remote access credentials to VNC, SSH and RDP protocols will be available, quering the ca_server
(*) The long-polling consists of an ajax query to the ca_server
cloud-access flow
nth resource pool
App/Protocol
1st resource pool
ca_server
ca_clientca_client
The pool is made by different interactive applications accessible via: SSH,VNC ,RDP
web portal
Under ca_server, one or more ca_clients are always polling for incoming requests
cloud-access flow
ith resource pool
App/Protocol: IP, Port,Usr/Pwd/WkG
ca_server
ca_client
web portal
The ca_client recognizes it can satisfy the request, then it will allocate the resource and update the registry with the necessary access credentialsOther information will be saved such as resource expiration date-time, etc.The instantiating procedure may foresees an I/O sandboxing between user files on the portal and the pool account
Host: xxx.xxx.xxx.xxxPort: yyyyUser: zzzzzPass: xYef6….
cloud-access flow
ith resource pool
proto://user:pass@host
Global Registry
ca_server
ca_client
web portal
The long polling(*) procedure detects the resource availability and configures the Guacamole to access the given credentials. Guacamole will provide an access URL that points to the resource
Guacamole’ noauth-XML
Access URL
(*) The long-polling consists of an ajax query to the ca_server
ith resource pool
cloud-access flow
Expires at: <YYYYMMDDHHmmss>
Global Registry
ca_server
ca_client
web portal
Web portal and Pool’ policies regulates the resource availability.
Access URL
ith resource pool
cloud-access flow
Expires at: <YYYYMMDDHHmmss>
Global Registry
ca_server
ca_client
web portal
ca_server checks for resource validity and updates the registry accordingly
ca_client releases expired resources
Access URL
Tech. Details
• ca_server:• Daemon procedure that provides a RESTful API to maintain remote access
resource requests. This daemon is targeted by both the cloud access portlet and the caclient which manages the resource pool
• It is python code requiring: tornado and MySQLdb• ca_client
• Daemon procedure executing on a remote server providing:• Dynamic allocation of VNC/RDP/SSG connection pools• The script periodically does:
• check for new access requests• applies the site resource policies deallocating expired resource
• It is a python code which does not require special libraries to run• Guacamole
• Clientless remote desktop gateway; supports standards such as VNC,RDP and SSH. The software is installable as a java web application (WAR)
• cloud_access-portlet• To be installed on the portal will manages the user requests and provides the
access URL when available. Portlet 2.0 Java code.
ith resource pool
Use cases/examples (1/3) – WRF
Global Registry
ca_server
ca_client
web portal
WRF community needs a command line interface to manage their simulationsca_client installed on top of a WRF server manages different user accounts.Cloud instantiated WRF servers may be created on-demand or escalated to new cloud nodes when the pool accounts are saturated
Access URL
The Weather Research and Forecasting (WRF) modeling system is a widely used meso-scale numerical weather prediction system designed to serve both atmospheric
research and operational forecasting needs. WRF has a large worldwide community counting more than 20,000 users in 130 countries and it has been specifically designed
to be the state-of-the-art atmospheric simulation system being portable and running efficiently on available parallel computing platforms.
ith resource pool
Use cases/examples (2/3) – MitoTool
Global Registry
ca_server
ca_client
web portal
MitoTool stand-alone application is accessibile through an X-window user interface.
Access URL
MitoTool, provides both a web-based and a stand-alone bioinformatics platform, providing a convenient, user-friendly interface for handling human mtDNA sequence data. It contains multiple modules which cover a wide array of functions.
ith resource pool
Use cases/examples (3/3) – Console UIs
Global Registry
ca_server
ca_client
web portal
Console based UIs are still useful for development environments, to manage PaaS services, Grid user interfaces, etc.
Access URL