Upload
emery-houston
View
235
Download
0
Embed Size (px)
Citation preview
9th Lecture
COP 4991 COP 4991 Component-Based Software DevelopmentComponent-Based Software Development
Instructor: Masoud Sadjadihttp://www.cs.fiu.edu/~sadjadi/Teaching/
Developing Grid Services Developing Grid Services on LA Gridon LA Grid
9th Lecture 2COP-4991: Component-Based Software Development
AcknowledgementAcknowledgement
Fernando Ferfan Mayelin Felipe Borja Sotomayor Lisa Childers
9th Lecture 3COP-4991: Component-Based Software Development
OUTLINEOUTLINE
WEB SERVICES FUNDAMENTALS GRID FUNDAMENTALS OGSA, WSRF & GT4 DEVELOPING WS IN LAGRID
– Unsecured Examples– Secure Examples
9th Lecture 4COP-4991: Component-Based Software Development
Web ServicesWeb Services Designed to support interoperable machine-to-machine interaction
over a network. Uses a previously described interface (WSDL). Communicates using messages via HTTP enclosed in a SOAP
envelope. Allows intercommunication amongst different platform and/or
programming languages. OASIS and the W3C responsible for the standardization of web
services. WS-I established to improve interoperability.
9th Lecture 5COP-4991: Component-Based Software Development
WEB SERVICES AdvantagesWEB SERVICES Advantages
Web Services are platform and language independent.
Most Web Services use HTTP for transmitting messages.
Web services can be combined to provide an integrated service.
9th Lecture 6COP-4991: Component-Based Software Development
WEB SERVICES DisadvantagesWEB SERVICES Disadvantages
Overhead – transmitting messages in XML
Lack of versatility - not as many features as other distributed computing technologies
9th Lecture 7COP-4991: Component-Based Software Development
Typical Web Service Typical Web Service InvocationInvocation
The Globus Toolkit 4 Tutorial.http://gdp.globus.org/gt4-tutorial/
9th Lecture 8COP-4991: Component-Based Software Development
Detailed Web Service Detailed Web Service InvocationInvocation
The Globus Toolkit 4 Tutorial.http://gdp.globus.org/gt4-tutorial/
9th Lecture 9COP-4991: Component-Based Software Development
Server SideServer Side
handles HTTP messages
provides a 'living space' for applications that must be accessed by different clients
handles SOAP requests and responses
The Globus Toolkit 4 Tutorial.http://gdp.globus.org/gt4-tutorial/
9th Lecture 10COP-4991: Component-Based Software Development
stateless vs. stateful web stateless vs. stateful web serviceservice
Stateless web services don’t “remember” information from one invocation to another whereas stateful Web Services do.
When Web Services are used just to create Internet-based applications with loosely coupled clients and servers, they can be stateless. The service can be restarted without concern of previous interactions.
When Web Services are used to create Grid Applications, they are generally required to be stateful.
9th Lecture 11COP-4991: Component-Based Software Development
Stateful web services exampleStateful web services example
Buyer Amazon.com
login
login ok, your shopping cart id is 0x800
logout
login and my id is 0x800
Your shopping cart has …
9th Lecture 12COP-4991: Component-Based Software Development
ProblemsProblems
No standard on how to do this Client needs to have special code Some protocol specific features like cookies can be used
9th Lecture 13COP-4991: Component-Based Software Development
OUTLINEOUTLINE
WEB SERVICES FUNDAMENTALS GRID FUNDAMENTALS OGSA, WSRF & GT4 DEVELOPING WS IN LAGRID
– Unsecured Examples– Secure Examples
9th Lecture 14COP-4991: Component-Based Software Development
WHAT’S A GRID ANYWAYS?WHAT’S A GRID ANYWAYS?
GRID SYSTEM: A system that …– Coordinates resources that are not subject to centralized control.– Using standard, open, general-purpose protocols and interfaces.– To deliver nontrivial qualities of service.
GRID COMPUTING: The field of computing science which concerns with Grid Systems.
A GRID: an actual, working Grid system (i.e. LAGrid).
THE GRID: Accessible to the general public, in the same sense that The Internet is publicly accessed.
9th Lecture 15COP-4991: Component-Based Software Development
Grid ServicesGrid Services
So, what are these grid services? Grid services are web services that are customized to grid
environment Similar to web services they provide the glue to interact
with heterogeneous systems Why do we need them? What do they provide?
9th Lecture 16COP-4991: Component-Based Software Development
Achieving StatefulnessAchieving Statefulness
The state is kept in a separate entity called a resource. Each resource has a unique key.
The Globus Toolkit 4 Tutorial.http://gdp.globus.org/gt4-tutorial/
9th Lecture 17COP-4991: Component-Based Software Development
What do you think are the tradeoffs of providing the state explicitly within the request message or maintaining the state implicitly within system components with which the web service can interact?
Web service could maintain the resource identity as static service state, thus obviating the need to pass that identity in the WS-Addressing endpoint reference.
This design choice implies a one-to-one mapping from Web service endpoints to stateful resources and thus a need for a unique Web service endpoint for each stateful resource.
Achieving StatefulnessAchieving Statefulness
9th Lecture 18COP-4991: Component-Based Software Development
Web Services vs. Grid Web Services vs. Grid ServicesServices
Though web services are great, some key things that are required on the grid are missing– State management– Global Service Naming– Reference resolution– more …
9th Lecture 19COP-4991: Component-Based Software Development
Web Services vs. Grid Web Services vs. Grid ServicesServices
Wait a minute ! I can do all those things with web services, can’t I?
YES ! You can But,
– The standards don’t provide (yet) the required mechanisms. Work is being done to figure out the best way to do these things
9th Lecture 20COP-4991: Component-Based Software Development
OUTLINEOUTLINE
WEB SERVICES FUNDAMENTALS GRID FUNDAMENTALS OGSA, WSRF & GT4 DEVELOPING WS IN LAGRID
– Unsecured Examples– Secure Examples
9th Lecture 21COP-4991: Component-Based Software Development
OGSA IntroductionOGSA Introduction Grid systems and applications aim to integrate, virtualize and manage
resources and services within distributed, heterogeneous, dynamic “virtual organizations”
Items needed– Computers, application services, data, and other resources need to be
accessed within different organizations– Standardization
Open Grid Services Architecture (OGSA) Is a service-oriented architecture (SOA), that addresses the
need for standardization by defining a set of core capabilities and behaviors that address key concerns in Grid systems
SOA: A perspective of software architecture that defines the use of services to support the requirements of software users. Enables the creation of applications that are built by combining loosely coupled and interoperable services
wikipedia.com
9th Lecture 22COP-4991: Component-Based Software Development
OGSAOGSA
OPEN GRID SERVICES ARCHITECTURE (OGSA)– VO Management Service.– Resource Discovery and Management Service.– Job Management Service.– … security, data management, etc.
9th Lecture 23COP-4991: Component-Based Software Development
– OGSA is the architecture, OGSI is the infrastructure.
– Grid service interface standard Methods allow access to Grid
service As well as Grid service state
(SDE)– Optional factory interface– Naming and referencing of Grid
services– Extends WSDL 1.1 (GWSDL)– Handle resolver– Notifications
Grid Service Handle (GSH) Publish GSR
Bind
Service Consumer
Client
Service Provider
Grid Service
OGSI Registry
Grid Service Reference(GSR)
Legendrequest flow
reply flow
program boundary
module boundary
Reply
Grid Service Reference
OGSI Grid service locator:•Multiple GHSs + GSRs + interface description
Open Grid Service Infrastructure (OGSI) Open Grid Service Infrastructure (OGSI) - 2001- 2001
9th Lecture 24COP-4991: Component-Based Software Development
Grid Services as seen by OGSIGrid Services as seen by OGSI
Connect to the grid service Ask the server to create an instance for you Get a unique global pointer to it Interact with the service
9th Lecture 25COP-4991: Component-Based Software Development
OGSI IssuesOGSI Issues
Confusion and Criticism from web services folks Modeling stateful resource with Web services Web service Resource Framework (WS-RF) 2004
9th Lecture 26COP-4991: Component-Based Software Development
WSRFWSRF
Stands for Web Services Resource Framework Improves on the concept of Web Services by creating a
separate view for the resource state. Simplifies WSDL and reduces message size and
complexity (XML gets heavy and complicated fast) Modular (users decide which specification to use)
9th Lecture 27COP-4991: Component-Based Software Development
WS-ResourceWS-Resource
Provides a means of expressing the relationship between stateful resources and web services
The WS-Resource has an XML resource property document defined using XML schema.
The requestor can determine the WS-Resource type by retrieving the portType
Web service programming paradigm is used to interact with the resource
9th Lecture 28COP-4991: Component-Based Software Development
* www.globus.org/wsrf
OGSI WSRF
Grid Service Reference WS-Addressing Endpoint Reference
Grid Service Handle WS-Addressing Endpoint Reference
HandleResolver portType WS-RenewableReferences
Service data defn & access WS-ResourceProperties
GridService lifetime mgmt WS-ResourceLifeCycle
Notification portTypes WS-Notification
Factory portType Treated as a pattern
ServiceGroup portTypes WS-ServiceGroup
Base fault type WS-BaseFaults
OGSI to WSRF*OGSI to WSRF*
9th Lecture 29COP-4991: Component-Based Software Development
WSRF SpecificationWSRF Specification
WSRF Resource Properties. WSRF Resource Lifetime. WSRF Base Faults. WSRF Service Group.
9th Lecture 30COP-4991: Component-Based Software Development
Web Services and Grids - Web Services and Grids - OGSAOGSA
OGSI problems solved by WSRF
Grid
Web
WSRF
Started far apart in apps & tech
OGSI
GT2
GT1
HTTPWSDL,
WS-*
WSDL 2,
WSDM
Have beenconverging
9th Lecture 31COP-4991: Component-Based Software Development
Programming Grid Services Programming Grid Services (GT4)(GT4)
Basic steps involved in creating a grid service– Create the interface using WSDL
Specify the portTypes, messages and data encoding
– Generate Stubs– Add functionality– Compile and Build the code using Globus libraries– Create a GAR (Grid Archive)– Deploy it
9th Lecture 32COP-4991: Component-Based Software Development
OGSA, WSRF & GT4OGSA, WSRF & GT4
B. Sotomayor and L. Childers. Globus Toolkit 4, Programming Java Services. 2006. The Morgan Kaufmann Series in Networking.
9th Lecture 33COP-4991: Component-Based Software Development
OUTLINEOUTLINE
WEB SERVICES FUNDAMENTALS GRID FUNDAMENTALS OGSA, WSRF & GT4 DEVELOPING WS IN LAGRID
– Unsecured Examples– Secure Examples
9th Lecture 34COP-4991: Component-Based Software Development
GT4 Java WS CoreGT4 Java WS Core
Java WS Core provides APIs and tools for developing Grid services.
Includes a container based on Apache Axis to host various GT4 services implemented in Java, such as GRAM, RFT, MDS-Index, and our own custom Web Services.
Following WSRF specifications.
9th Lecture 35COP-4991: Component-Based Software Development
GT4 ServicesGT4 Services
What feature/service is most useful to you as you work with GT4 Toolkit?
The globus-build-service.sh and globus-deploy-gar scripts use Ant to create and deploy the GAR file so we don’t need to worry about:
Processing the WSDL file Creating the stub classes from the WSDL Compiling the stub classes Compiling the service implementation Organizing all the files into a very specific directory
structure
9th Lecture 36COP-4991: Component-Based Software Development
Creating a Grid Service (GT4)Creating a Grid Service (GT4)
1. Define the WS interface with WSDL.
2. Implement the service.
3. Define the deployment parameters.
4. Compile everything and generate a GAR file.
5. Deploy the service.
9th Lecture 37COP-4991: Component-Based Software Development
OUR EXAMPLE: MathServiceOUR EXAMPLE: MathService
A simple Math web service. Operations: Addition & Subtraction & Get Value. Resources: Value (integer) & Last operation performed
(String).
9th Lecture 38COP-4991: Component-Based Software Development
MathService: THE 5 STEPS.MathService: THE 5 STEPS.
Step 1: The WSDL.
The Definition
<?xml version="1.0" encoding="UTF-8"?><definitions name="MathService" targetNamespace="http://www.globus.org/namespaces/
examples/MathService_instance“ …>…</definition>
The Definition
<?xml version="1.0" encoding="UTF-8"?><definitions name="MathService" targetNamespace="http://www.globus.org/namespaces/
examples/MathService_instance“ …>…</definition>
The Port Type
<?xml version="1.0" encoding="UTF-8"?><definitions …><portType name="MathPortType" wsrp:ResourceProperties="tns:MathResourceProperties"> <operation name="add"> <input message="tns:AddInputMessage"/> <output message="tns:AddOutputMessage"/> </operation> …</portType></definitions>
The Port Type
<?xml version="1.0" encoding="UTF-8"?><definitions …><portType name="MathPortType" wsrp:ResourceProperties="tns:MathResourceProperties"> <operation name="add"> <input message="tns:AddInputMessage"/> <output message="tns:AddOutputMessage"/> </operation> …</portType></definitions>
The Messages
<?xml version="1.0" encoding="UTF-8"?><definitions …><message name="AddInputMessage"> <part name="parameters" element="tns:add"/></message><message name="AddOutputMessage"> <part name="parameters" element="tns:addResponse"/></message></definitions>
The Messages
<?xml version="1.0" encoding="UTF-8"?><definitions …><message name="AddInputMessage"> <part name="parameters" element="tns:add"/></message><message name="AddOutputMessage"> <part name="parameters" element="tns:addResponse"/></message></definitions>
The Response and Request Types
<?xml version="1.0" encoding="UTF-8"?><definitions …> <xsd:element name="add" type="xsd:int"/> <xsd:element name="addResponse"> <xsd:complexType/> </xsd:element></definitions>
The Response and Request Types
<?xml version="1.0" encoding="UTF-8"?><definitions …> <xsd:element name="add" type="xsd:int"/> <xsd:element name="addResponse"> <xsd:complexType/> </xsd:element></definitions>
The Resource Properties
<portType name="MathPortType" wsrp:ResourceProperties="tns:MathResourceProperties">
<!-- operations -->
</portType>
The Resource Properties
<portType name="MathPortType" wsrp:ResourceProperties="tns:MathResourceProperties">
<!-- operations -->
</portType>
9th Lecture 39COP-4991: Component-Based Software Development
MathService: THE 5 STEPS.MathService: THE 5 STEPS.
Step 2: Implementing the Service in Java
The Bare Bones
package org.globus.examples.services.core.first.impl;
import java.rmi.RemoteException;import org.globus.examples.stubs.MathService_instance.*;import org.globus.wsrf.*;import org.globus.wsrf.impl.*;
public class MathService implements Resource, ResourceProperties { …}
The Bare Bones
package org.globus.examples.services.core.first.impl;
import java.rmi.RemoteException;import org.globus.examples.stubs.MathService_instance.*;import org.globus.wsrf.*;import org.globus.wsrf.impl.*;
public class MathService implements Resource, ResourceProperties { …}
The Resource Properties
/* Resource properties */private int value;private String lastOp;
/* Get/Setters for the RPs */public int getValue() { return value;}
public synchronized void setValue(int value) { this.value = value;}
The Resource Properties
/* Resource properties */private int value;private String lastOp;
/* Get/Setters for the RPs */public int getValue() { return value;}
public synchronized void setValue(int value) { this.value = value;}
9th Lecture 40COP-4991: Component-Based Software Development
MathService: THE 5 STEPS.MathService: THE 5 STEPS.
Step 3: Configuring the Deployment (WSDD)
The Service Name<service name=“examples/core/first/MathService” provider=“Handler" use="literal" style="document”>
The WSDL File<wsdlFile>share/schema/examples/MathService_instance/Math_service.wsdl</wsdlFile>
Load on Startup<parameter name="loadOnStartup" value="true"/>
The Common Parameters<parameter name="allowedMethods" value="*"/><parameter name="handlerClass" value="org.globus.axis.providers.RPCProvider"/><parameter name="scope" value="Application"/>
The Service Name<service name=“examples/core/first/MathService” provider=“Handler" use="literal" style="document”>
The WSDL File<wsdlFile>share/schema/examples/MathService_instance/Math_service.wsdl</wsdlFile>
Load on Startup<parameter name="loadOnStartup" value="true"/>
The Common Parameters<parameter name="allowedMethods" value="*"/><parameter name="handlerClass" value="org.globus.axis.providers.RPCProvider"/><parameter name="scope" value="Application"/>
9th Lecture 41COP-4991: Component-Based Software Development
MathService: THE 5 STEPS.MathService: THE 5 STEPS.
Step 4: Create a GAR file with Ant– Process the WSDL to add missing pieces.– Create stub classes from the WSDL.– Compile stub classes.– Compile service implementation.– Organize all files into its specific directory structure.
./globus-build-service.sh –d <service base directory> -s <service’s WSDL file>
$ ./globus-build-service.sh \ -d org/globus/examples/services/core/first \ -s schema/examples/MathService_instance/Math.wsdl
$ ./globus-build-service.sh \ -d org/globus/examples/services/core/first \ -s schema/examples/MathService_instance/Math.wsdl
$ ./globus-build-service.sh first$ ./globus-build-service.sh first
or
9th Lecture 42COP-4991: Component-Based Software Development
MathService: THE 5 STEPS.MathService: THE 5 STEPS.
Step 5: Deploy the Service into a Web Service Container– Uses Ant.– Unpacks the GAR.– Copies the WSDL, compiled stubs, compiled implementation &
WSDD into the GT4 directory tree.
$ sudo –u globus globus-deploy-gar \ org_globus_examples_services_core_first.gar
$ sudo –u globus globus-undeploy-gar \ org_globus_examples_services_core_first
$ sudo –u globus globus-deploy-gar \ org_globus_examples_services_core_first.gar
$ sudo –u globus globus-undeploy-gar \ org_globus_examples_services_core_first
9th Lecture 43COP-4991: Component-Based Software Development
MathService: THE CLIENTMathService: THE CLIENT
Tests the service invoking both the add and substract operations.
$ java -cp ./build/stubs/classes/:$CLASSPATH \ org.globus.examples.clients.MathService_instance.Client \ https://la-blade-01.cs.fiu.edu:8443/wsrf/services/core/first/MathService
$ java -cp ./build/stubs/classes/:$CLASSPATH \ org.globus.examples.clients.MathService_instance.Client \ https://la-blade-01.cs.fiu.edu:8443/wsrf/services/core/first/MathService
AxisFault faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException faultSubcode: faultString: java.io.IOException: No socket factory for 'https' protocol faultActor: faultNode: faultDetail: ...
9th Lecture 44COP-4991: Component-Based Software Development
MAKE THE SERVICE SECURE!MAKE THE SERVICE SECURE!
Create the security-config.xml file.<securityConfig xmlns="http://www.globus.org"> <authz value="none"/></securityConfig>
Modify the deploy-server.wsdd file.<parameter name="securityDescriptor" value="etc/org_globus_examples_services_core_first/security-config.xml"/>
Add the following to the client.static { Util.registerTransport();}…((Stub)mathFactory)._setProperty( Constants.GSI_SEC_CONV, Constants.ENCRYPTION);((Stub)mathFactory)._setProperty( Constants.AUTHORIZATION, NoAuthorization.getInstance());
Our acknowledge to Our acknowledge to Ramakrishna!Ramakrishna!
9th Lecture 45COP-4991: Component-Based Software Development
MAKE THE SERVICE SECURE!MAKE THE SERVICE SECURE!
Is it secure now?Not really… We just added the skeleton to make it secure.
$ java -cp ./build/stubs/classes/:$CLASSPATH \ org.globus.examples.clients.MathService_instance.Client \ https://la-blade-01.cs.fiu.edu:8443/wsrf/services/core/first/MathService
Current value: 15Current value: 10
$ java -cp ./build/stubs/classes/:$CLASSPATH \ org.globus.examples.clients.MathService_instance.Client \ https://la-blade-01.cs.fiu.edu:8443/wsrf/services/core/first/MathService
Current value: 15Current value: 10
Let’s run it again…
9th Lecture 46COP-4991: Component-Based Software Development
GRID SECURITY GRID SECURITY INFRASTRUCTUREINFRASTRUCTURE
Basis for GT4 Security layer. Covers the three pillars of secure communication:
– Privacy.– Integrity.– Authentication.
Family of components (low/high level) to offer security features to programmers.
9th Lecture 47COP-4991: Component-Based Software Development
GRID SECURITY GRID SECURITY INFRASTRUCTUREINFRASTRUCTURE
Level security:
– Transport-level
– Message-level Authentication
– X.509 Digital certificates.
– Username/Password Authorization schemes:
– Server-Side
– Client-Side
– Custom
Credential delegation and single sign-on
– Proxy Certificates Different levels of security:
– Container
– Service
– Resource.
9th Lecture 48COP-4991: Component-Based Software Development
WRITING A SECURE MathServerWRITING A SECURE MathServer
Add security to the MathService example. Now, four operations:
– add– subtract– multiply– divide
We will be able to configure each operation with a different security configuration.
9th Lecture 49COP-4991: Component-Based Software Development
SECURE MathServerSECURE MathServer
1
Modify the security-config-auth.xml
No server-side authorization must be performed.
2 The add method can only be invoked using GSI Secure Conversation.
3 The subtract method can only be invoked using GSI Secure Message.
4 The multiply method can be invoked using GSI Secure Conversation or GSI Secure Message.
5 The divide method can only be invoked using GSI Transport (transport-level security).
6 The rest of the methods can be invoked with any of the authentication methods.
<securityConfig xmlns="http://www.globus.org"> <authz value="none"/> <method name="add"> <auth-method> <GSISecureConversation/> </auth-method> </method> <method name="subtract"> <auth-method> <GSISecureMessage/> </auth-method> </method> <method name="multiply"> <auth-method> <GSISecureConversation/> <GSISecureMessage/> </auth-method> </method> <method name="divide"> <auth-method> <GSITransport/> </auth-method> </method> <!-- Default for other methods --> <auth-method> <GSISecureConversation/> <GSISecureMessage/> <GSITransport/> </auth-method></securityConfig>
• The service
9th Lecture 50COP-4991: Component-Based Software Development
SECURE MathServerSECURE MathServer
The Client– Programatically:((Stub)math)._setProperty(Constants.
GSI_SEC_CONV,Constants.ENCRYPTION);– Security descriptor:String secDecFile =
“path/to/security-descriptor.xml”;((Stub)math)._setProperty(Constants.
CLIENT_DESCRIPTOR_FILE, secDescFile);
9th Lecture 51COP-4991: Component-Based Software Development
SECURE MathServerSECURE MathServer
Client call 1: GSI Transport Client
Client call 2: GSI Secure Conversation Client
[add] ERROR: GSI Secure Conversation authentication required for "{MathService_instance_4op}add" operation.[subtract] ERROR: GSI Secure Message authentication required for
"{MathService_instance_4op}subtract" operation.[multiply] ERROR: GSI Secure Conversation or GSI Secure Message authentication required for "{MathService_instance_4op}multiply" operation.Division was successfulCurrent value: 30
[add] ERROR: GSI Secure Conversation authentication required for "{MathService_instance_4op}add" operation.[subtract] ERROR: GSI Secure Message authentication required for
"{MathService_instance_4op}subtract" operation.[multiply] ERROR: GSI Secure Conversation or GSI Secure Message authentication required for "{MathService_instance_4op}multiply" operation.Division was successfulCurrent value: 30
Addition was successful[subtract] ERROR: GSI Secure Message authentication required for "{http://www.globus.org/namespaces/examples/ MathService_instance_4op}subtract" operation.Multiplication was successfulDivision was successfulCurrent value: 180
Addition was successful[subtract] ERROR: GSI Secure Message authentication required for "{http://www.globus.org/namespaces/examples/ MathService_instance_4op}subtract" operation.Multiplication was successfulDivision was successfulCurrent value: 180
9th Lecture 52COP-4991: Component-Based Software Development
GT4 IDE software toolsGT4 IDE software tools
Are there any current GT4 IDE software tools?
– Globus Service Build Tools http://gsbt.sourceforge.net/ GT4IDE: Eclipse 3 plug-in that will allow GT4 programmers to develop
WSRF Java Web Services easily. globus-build-service: The same Ant buildfile + script included in the
tutorial.
9th Lecture 53COP-4991: Component-Based Software Development
USEFUL LINKSUSEFUL LINKS
http://www.cs.fiu.edu/~sadjadi/Teaching/gt4website/
Globus toolkit 4 Programmer’s Tutorialhttp://gdp.globus.org/gt4-tutorial/
Globus toolkit 4: Programming Java Serviceshttp://www.gt4book.com/
OASIS.http://www.oasis-open.org/
The Globus Alliance;http://www.globus.org/