Speaker
Mr
Adrian Casajus Ramo
(Departamento d' Estructura i Constituents de la Materia)
Description
DIRAC is the LHCb Workload and Data Management System and is based on a
service-oriented architecture. It enables generic distributed computing with
lightweight Agents and Clients for job execution and data transfers. DIRAC code base
is 99% python with all remote requests handled using the XML-RPC protocol. DIRAC is
used for the submission of production and analysis jobs by the LHCb collaboration.
The current experience has shown peaks over five thousand concurrent jobs. Originally
there was no security layer within DIRAC itself. In order to better conform with the
requirements of distributed analysis a DIRAC security infrastructure has been
designed for generic XML-RPC transport over a SSL tunnel. This new security layer is
able to handle standard X509 certificates as well as grid-proxies to authenticate
both sides of the connection. Server and client authentication relies on OpenSSL and
pyOpenSSL, but to be able to handle grid-proxies it was necessary to introduce some
modifications to those libraries. The DIRAC security infrastructure handles all
authorization internally hence the programmer only has to define the authorization
level required for accessing each method exposed by the server.
Primary authors
Mr
Adrian Casajus Ramo
(Departamento d' Estructura i Constituents de la Materia)
Dr
Ricardo Graciani Díaz
(Departamento d' Estructura i Constituents de la Materia)