SDSC Thread Graphic Issue 6, June 2006

RSS RSS Feed (What is this?)

User Services Director:
Anke Kamrath

Subhashini Sivagnanam

Graphics Designer:
Diana Diehl

Application Designer:
Fariba Fana

Special Interest Area: Data

SDSC Improves TeraGrid Cyberinfrastructure

—Roman Olschanowsky

A fundamental aspect of cyberinfrastructure is the Virtual Organization (VO) management. The biggest challenge is to manage access control for thousands of users across different administrative domains. In order for a user to be granted access via Globus GSI authentication to a TeraGrid resource, the user's Distinguished Name (DN) must be present in that system's grid-mapfile. Management of GSI credentials, grid-mapfiles, Certificate Authorities (CA), and DN strings is a complex job. It's even harder to make the complicated process user friendly.

SDSC's Keith Thompson has developed a solution with "gx-map" toolkit for managing and maintaining Globus grid-mapfiles. The system is designed to automate the maintenance of grid-mapfiles, CA certificates, signing_policy files, and CRLs. It gives end users the ability to easily and securely add themselves to systems they are interested in using. Soon to be released, gx-map version 0.5.2 will interact directly with the TeraGrid Central Database (TGCDB), providing users with the ability to propagate their DNs across the TeraGrid by running a single command on any single system. Also, DNs for certificates issued by the SDSC CA are automatically propagated, with no manual intervention by either the user or an administrator.

Another important part of TeraGrid cyberinfrastructure is SDSC's Storage Resource Broker (SRB) software. SRB is a data grid application that allows users to easily and remotely manage distributed data collections. By default, a TeraGrid SRB account is created for all TeraGrid users. But until now, there has been no automated means for users to activate their accounts. SDSC's Roman Olschanowsky has developed an updater tool to do just that for SRB. Now, end users can easily manage their DN strings within SRB's grid map table by simply adding their DN string to SDSC's grid-mapfile (run gx-map on When the SRB-account-DN-updater checks the grid-mapfile every hour for changes, it passes those changes to SRB's grid map table, activating the SRB account.

Once gx-map 0.5.2 is deployed across the TeraGrid, end users will be able to add their DNs to the SRB's grid map table by running the gx-request command on any TeraGrid system that supports it.

Roman Olschanowsky is reachable via e-mail at

Did you know ..?

Always use MP_INFOLEVEL environment variable or the -infolevel option when you invoke POE to help trouble shooting abnormal job termination problems, for example:
cp: cannot stat `/dsgpfs/username/dir1/program': A file or directory in the path name does not exist.
ERROR: 0031-250 task 160: Terminated
Setting either of these to 6 gives you the maximum number of diagnostic messages when you run your program. - Eva Hocks.