A lot of developments with the workspace service and science clouds recently!
The cluster technology lets you bootstrap generic images into new network and security contexts on the fly. We built a sample cluster on top of the technology that lets you create the cluster and be immediately ready to submit jobs to a Torque cluster fronted by GRAM and GridFTP that use a newly created self-signed certificate:
-
cloud-client.sh –run –hours 12 –cluster base-cluster.xml
- Wait a few minutes, once launched note the head-node hostname
-
scp -r root@HOSTNAME:certs/* lib/certs/
(SSH was bootstrapped end to end already)
- Make sure your grid tools trust this certificate and then submit work
This can be done with nearly anything that can run on a non-virtual cluster. Check out these links for more information:
2 Responses to “One-click clusters, VWS TP1.3.3”
August 5th, 2008 at 6:47 pm
How does the scp to “HOSTNAME” know you’re authorized and how do you know the server is the right one you want to talk to?
August 8th, 2008 at 7:00 am
The VM is seeded with an authorized_keys policy based on a public key included in the launch request
As for knowing the server’s public key before you contact it, this is accomplished by the secure contextualization mechanisms. The VM reports its generated key to a place where you can read it.
See this section of the cloud docs for more information: http://workspace.globus.org/clouds/clusters.html#secgap