Attendees: Maarten, Andrea, David, Hannah, Mischa, Romain, Daniele, Paul, Mine, Nicolas, Ioannis
Notes:
- DODAS
- Important to be able to use whichever type of computing resources that are on offer
- DODAS simplifies incorporating external resources, e.g. opportunistic public and private cloud providers
- Automate bootstrapping
- TOSCA templates (yaml) describes deployment configuration, volume, network connectivity, which services etc
- Generic and extensible since VMs are provisioned with docker
- For CMS, have to translate user token from x509
- See slides for diagrams
- HTCondor ongoing work for token authorisation will mean that DODAS token translation is no longer necessary
- Out of bands authentication through a browser to validate token requested through a CLI
- WATTS (Indigo TTS) adds credentials to the CMS global pool
- Tokens are used in two cases
- Bootstrap infrastructure
- Access CMS global pool
- Pre-GDB Agenda
- Document approval - put all the names on the document, pdf v 1.0
- Catalogue of Tokens
- Requirements Doc, everyone to read through and add their name and comments
- Schema, have one additional call
- Operational impact discussion
- We have touched on it a little, it will last years
- Pilot updates
- Fine for both sides, Ioannis and Nicolas possibly remote, Andrea in person
Qs
- What's the link with SciTokens? Currently no clear relationship. There are not big differences and there is a convergence path.
- Could multiple tokens be supported? Yes, this is easy. Many services are being developed in a generic way to allow this.
- S3 supports OAuth
Actions
- Hannah ask everyone to read through Requirements and add name
- Hannah to schedule one more Schema document call to go through comments
There are minutes attached to this event.
Show them.
