FERRY: access control and quota management service
Fermilab developed the Frontier Experiments RegistRY (FERRY) service that provides a centralized repository for access control and job management attributes such as batch and storage access policies, quotas, batch priorities and NIS attributes for cluster configuration. This paper describes the FERR...
Saved in:
Published in | EPJ Web of Conferences Vol. 214; p. 3026 |
---|---|
Main Authors | , , , , , , , , , , , , , |
Format | Journal Article Conference Proceeding |
Language | English |
Published |
Les Ulis
EDP Sciences
2019
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Fermilab developed the Frontier Experiments RegistRY (FERRY) service that provides a centralized repository for access control and job management attributes such as batch and storage access policies, quotas, batch priorities and NIS attributes for cluster configuration. This paper describes the FERRY architecture, deployment and integration with services that consume the stored information. The Grid community has developed several access control management services over the last decade. Over time, services for Fermilab experiments have required the collection and management of more access control and quota attributes. At the same time, various services used for this purpose, namely VOMS-Admin, GUMS and VULCAN, are being abandoned by the community. FERRY has multiple goals: maintaining a central repository for currently scattered information related to users' attributes, providing a Restful API that allows uniform data retrieval by services, and providing a replacement service for all the abandoned grid services. FERRY is integrated with the ServiceNow (SNOW) ticketing service and uses it as its user interface. In addition to the standard workflows for request approval and task creation, SNOW invokes orchestration that automates access to FERRY API. Our expectation is that FERRY will drastically improve user experience as well as decrease effort required by service administrators. |
---|---|
ISSN: | 2100-014X 2101-6275 2100-014X |
DOI: | 10.1051/epjconf/201921403026 |