EES

From PDP/Grid Wiki
Revision as of 19:44, 17 September 2009 by Msalle@nikhef.nl (talk | contribs) (Updated link to design document, now it's in edms)
Jump to navigationJump to search

The EES, the Execution Environment Service, is the site-local mapping componet of the gLite Authorization Framework. It converts grid-wide or logical obligations into site-specific mappings, for example for Unix accounts, batch system scheduling shares, virtual environments. Through the planned site-customizable scripts in perl, site managers can easily extend the functionality.

The role of the Execution Environment Service (EES) is to ensure that an appropriate site-specific execution environment is procured that allows an already-authorized task to be executed on a site-local resource. This environment must honour any obligations and characteristics specified by the effective Policy on which the positive Decision to authorize was based. The EES will convert obligations into site-specific execution environments, supported by any attribute the job carries from the user or the VO. Examples may be the assignment of a site-local Unix uid out of a pool based on FQAN attributes given by the VO; or setting the primary Unix group based on the obligation to run a job in a particular logical share, or configuring a machine image to be executed in a virtual machine hosting environment on a worker node.