Abstract
Fermilab developed the Frontier Experiments RegistRY (FERRY) service that provides a centralized repository for access control and job management attributes such as batch and storage access policies, quotas, batch priorities and NIS attributes for cluster configuration. This paper describes the FERRY architecture, deployment and integration with services that consume the stored information. The Grid community has developed several access control management services over the last decade. Over time, services for Fermilab experiments have required the collection and management of more access control and quota attributes. At the same time, various services used for this purpose, namely VOMS-Admin, GUMS and VULCAN, are being abandoned by the community. FERRY has multiple goals: maintaining a central repository for currently scattered information related to users' attributes, providing a Restful API that allows uniform data retrieval by services, and providing a replacement service for all the abandoned grid services. FERRY is integrated with the ServiceNow (SNOW) ticketing service and uses it as its user interface. In addition to the standard workflows for request approval and task creation, SNOW invokes orchestration that automates access to FERRY API. Our expectation is that FERRY will drastically improve user experience as well as decrease effort required by service administrators.
Highlights
The Scientific Computing (SC) Division within the Fermilab Computing Sector provides comprehensive data processing and distributed computing framework for Fermilab’s scientific stakeholders
The Frontier Experiments RegistRY (FERRY) service, developed by SC, allows numerous services, including NIS [1], EOS [2], HTCondor [3], dCache [4] and others, to have access to a single source of accurate information related to user identity mapping, authorization attributes and various quotas
VULCAN was an in-house developed service that was used by the Compact Muon Solenoid (CMS) collaboration at the LHC Physics Center (LPC) at Fermilab that
Summary
The Scientific Computing (SC) Division within the Fermilab Computing Sector provides comprehensive data processing and distributed computing framework for Fermilab’s scientific stakeholders. The Frontier Experiments RegistRY (FERRY) service, developed by SC, allows numerous services, including NIS [1], EOS [2], HTCondor [3], dCache [4] and others, to have access to a single source of accurate information related to user identity mapping, authorization attributes and various quotas. It is not a core objective of the project, a side benefit is eliminating several obsolete services such as GUMS [5] and VULCAN [6]. A subset of these users are people who need to run jobs on the Grid and transfer data to and from Fermilab storage services. FERRY created a single source of truth for this data
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
