glideinWMS experience with glexec
- UC, San Diego
- Wisconsin U., Madison
- Fermilab
- Nebraska U.
- INFN, Bologna
Multi-user pilot infrastructures provide significant advantages for the communities using them, but also create new security challenges. With Grid authorization and mapping happening with the pilot credential only, final user identity is not properly addressed in the classic Grid paradigm. In order to solve this problem, OSG and EGI have deployed glexec, a privileged executable on the worker nodes that allows for final user authorization and mapping from inside the pilot itself. The glideinWMS instances deployed on OSG have been now using glexec on OSG sites for several years, and have started using it on EGI resources in the past year. The user experience of using glexec has been mostly positive, although there are still some edge cases where things could be improved. This paper provides both the usage statistics as well as a description of the still remaining problems and the expected solutions.
- Research Organization:
- Fermi National Accelerator Lab. (FNAL), Batavia, IL (United States)
- Sponsoring Organization:
- USDOE Office of Science (SC), High Energy Physics (HEP)
- DOE Contract Number:
- AC02-07CH11359
- OSTI ID:
- 1405154
- Report Number(s):
- FERMILAB-CONF-12-833-CD; 1211266
- Journal Information:
- J.Phys.Conf.Ser., Vol. 396; Conference: 19th International Conference on Computing in High Energy and Nuclear Physics, New York, USA, 05/21-05/25/2012
- Country of Publication:
- United States
- Language:
- English
Similar Records
CDF GlideinWMS usage in grid computing of high energy physics
Langston University - High Energy Physics (LU-HEP)