Technology Update

June 9-12, 2020

iRODS User Group Meeting 2020

Virtual Event

Terrell Russell, Ph.D.

@terrellrussell

Chief Technologist, iRODS Consortium

Technology Update

In The Last Year

iRODS Release Issues Closed
4.2.7 58
4.2.8 122
~/irods $ $ git shortlog --summary --numbered 4.2.6..4.2.8
    82  Kory Draughn
    36  Alan King
    13  Terrell Russell
    13  d-w-moore
    12  Jaspreet Gill
    10  Jason Coposky
     4  Justin James
     1  Ben Keller
     1  John Thiltges
     1  Matt Watson

In The Last Year

Plugins

  • Python Rule Engine Plugin
  • Storage Tiering Rule Engine Plugin
  • Auditing (AMQP) Rule Engine Plugin
  • Update Collection Mtime Rule Engine Plugin
  • S3 Resource Plugin
  • Kerberos Authentication Plugin
  • Curl Microservice Plugin
  • Hard Links Rule Engine Plugin
  • Indexing Rule Engine Plugin
  • Logical Quotas Rule Engine Plugin
  • Metadata Guard Rule Engine Plugin

Clients

  • Python iRODS Client
  • Metalnx
  • NFSRODS
  • Automated Ingest Framework
  • AWS Lambda for S3

Active Development Work

  • iRODS 4.2.9
  • iRODS 4.3.0
  • Metadata Templates Working Group
  • Authentication Working Group
  • Parallel Transfer Engine
  • Logical Locking
  • Policy Composition
  • Publishing Capability
  • NetCDF microservices
  • C++-based REST API
  • Metalnx and Indexing
  • NFSRODS
  • Testing Infrastructure

Working Groups

Technology Working Group

  • Goal: To keep everyone up to date, provide a forum for roadmap discussion and collaboration opportunities

 

Metadata Templates Working Group

  • Goal: To define a standardized process for the application and management of metadata templates by the iRODS Server
    • NIEHS / Data Commons
    • Utrecht / Yoda
    • Maastricht / DataHub+
    • Arizona / CyVerse

 

Authentication Working Group

  • Goal: To provide a more flexible authentication mechanism to the iRODS Server.
    • SURF
    • NIEHS
    • Sanger
    • CyVerse
    • Utrecht

Philosophical Drivers

  • Plugin Architecture

    • core is generic - protocol, api, bookkeeping

    • plugins are specific

    • policy composition

​​

  • Modern core libraries

    • standardized interfaces

    • refactor iRODS internals

      • ease of (re)use

      • fewer bugs

 

  • Replicas as first class entities

    • logical locking

 

  • Consolidation of data movement

    • dstreams all on 1247

Last Year and Next Year

  • Core Libraries
    • Kory Draughn

 

  • Logical Locking
    • Alan King

 

  • Python Query Facilities
    • Daniel Moore

 

  • Build and Test
    • Jaspreet Gill

Last Year's C++ Libraries

  • filesystem
    • server, plugins, icommands
  • iostreams
    • server, indexing, S3 resource, icommands
  • thread_pool
    • delay execution server, S3 resource
  • connection_pool
    • delay execution server
  • query
    • server, indexing, publishing, storage tiering
  • query_processor
    • delay execution server, storage tiering

Goal: Provide standardized interfaces that simplify common iRODS tasks

This Year's C++ Libraries: It's getting easier!

Nine new libraries:

  • key_value_proxy
    • Provides a map-like interface over an existing keyValuePair_t.
  • lifetime_manager
    • Guarantees that heap-allocated iRODS C structs are free'd at scope exit.
  • user group administration
    • Simplifies management of iRODS users and groups.
  • shared_memory_object
    • Simplifies access and management of shared memory.
  • with_durability
    • A convenient retry mechanism for functions and function-like objects.
  • query_builder
    • Enables query objects to be constructed lazily.
  • client_api_whitelist (server-side only)
    • An interface for managing and querying the client API whitelist.
  • scoped_privileged_client (server-side only)
    • Elevates the client's privileges for the duration of a scoped block.
  • scoped_client_identity (server-side only)
    • Changes the client's identity for the duration of a scoped block.

New API Plugin

Atomic Metadata Operations API Plugin

     Executes a list of metadata operations on a single object atomically.

Features:

  • Supports data objects, collections, users, and resources
  • Provides a future proof interface by accepting JSON as input
  • Supported by the iRODS Filesystem library
    • add_metadata(comm, path, container_holding_avus)
    • remove_metadata(comm, path, container_holding_avus)

Example JSON Input:

{
    "entity_name": "/tempZone/home/rods",
    "entity_type": "collection",
    "operations": [
        {
            "operation": "add",
            "attribute": "iRODS",
            "value": "is",
            "units": "awesome!"
        }, {
            "operation": "remove",
            "attribute": "ugm",
            "value": "2019"
        },
        // ... More Operations ...
    ]
}

Library / API Examples

Examples on using these libraries can be found at the following repository:

 

Help us make them better!

Replicas vs. Data Objects: Why It Matters

Data Object: a logical representation of data that maps to one or more physical instances (Replicas) of the data at rest in Storage Resources

Replica: an identical, physical copy of a Data Object

from training: https://github.com/irods/irods_training/blob/master/beginner/irods_beginner_training_2019.pdf

 

Operations which deal directly with replicas have completely separate implementations for moving data. Operations dealing with data objects still need access to replica information.

 

All of this has consistency and performance implications for moving data. In reality, all of these operations should be and are identical:

Open replica, move data to replica, close replica

 

Solution: Make replicas a proper entity within iRODS

Data Movement and Replica Status

But replicas have their own problems...

- A replica's status is wrong the moment it is created

- Replicas are either good or stale, even if it is not at rest

 

Solution: Intermediate replica status for data not at rest

 

Replica status should always reflect what's in the catalog, there's only one way to move data, and can be surfaced with a standardized interface - great! And it's even mostly implemented!

 

...but what about concurrent operations on different replicas represented by a single data object?

 

Solution: Logical locking

Logical Locking (irods/irods#3848)

Value

 ils

Status

Description

    0

  X

stale

- data at rest may not match catalog

    1

  &

good

- data at rest matches catalog

    2

  ?

intermediate

- data is not at rest

    3

  X

read lock

- allows open for read
- locks out open for write
- original status was stale

    4

  &

read lock

- allows open for read
- locks out open for write
- original status was good

    5

  ?

write lock

- locks out all opens for this replica
- when sibling replica marked intermediate

0(X): stale
1(&): good
2(?): intermediate
3(X): read lock (stale)
4(&): read lock (good)
5(?): write lock

Pathological Concurrent Operation Scenario

logical path: /tempZone/home/alice/foo

t0: 4 replicas; 3 good, 1 stale

t1: r3 opened for read; r3->3(X)

t2: r0 opened for read; r0->4(&)

t3: r1 opened for write; r1->2(?), r2->5(?)

t4: r3 closed/finalized; r3->5(?)

t5: r1 closed/finalized; r1->1(&), r2->0(X), r3->0(X)

t6: r0 closed/finalized; r0->0(X)

Python Rule Engine Plugin - Improved General Query

from genquery import Query
def data_name_like (rule_args, callback, rei):
    q = Query(callback,["COLL_NAME","DATA_NAME"],
               "DATA_NAME like '{}'".format(rule_args[1]))
    rule_args[:2] = q.first()
from genquery import row_iterator, AS_LIST
def data_name_like (rule_args, callback, rei):
    q = row_iterator(["COLL_NAME","DATA_NAME"],
                     "DATA_NAME like '{}'".format(rule_args[1]),
                     AS_LIST,
                     callback )
    rule_args[:2] = [row for row in q] [0]

Original, more verbose syntax in 4.2.5:

With improvements from Chris Smeele (Utrecht) in 4.2.8:

General Query facility provided by /etc/irods/genquery.py

The example below has:

  • two return columns, "COLL_NAME" and "DATA_NAME"

  • where clause matching DATA_NAME "like" a passed string variable

Python iRODS Client - General Improvements

import irods.keywords as kw
from irods.models import DataObject
from datetime import timedelta, datetime
with iRODSSession(...) as session:
    q = session.query(DataObject.id) \
        .add_keyword(kw.ZONE_KW,'otherZone') \
        .filter(DataObject.modify_time > datetime.utcnow()-timedelta(seconds=3600))
    for row in q:  print( row[DataObject.id] )
from irods.column import In
from irods.models import User, Collection
query_results = [ u[User.name] for u in session.query(User) \
                               .filter(User.zone == 'myZone') 
]
for coll in session.query(Collection.name) \
                    .filter(In(Collection.owner_name,query_results)): 
    print (coll)

"IN" operator

Queries can target federated zones

These new features are available in v0.8.3

Python iRODS Client - General Improvements

with iRODSSession(...) as session:
  x = [ i for i in session.query(DataObject.id,Collection.name,DataObject.name)\
     .filter( Like(DataObjectMeta.name, 'criterionX\_%'), DataObjectMeta.value < '4')\
     .filter( Like(DataObjectMeta.name, 'criterionY\_%'), DataObjectMeta.value > '6')\
  ]
  print(x)

This query involves a single column multiple times:

  $ iquest "select DATA_ID, COLL_NAME, DATA_NAME where \
    META_DATA_ATTR_NAME like 'criterionX\_%' and META_DATA_ATTR_VALUE < '4' and \
    META_DATA_ATTR_NAME like 'criterionY\_%' and META_DATA_ATTR_VALUE > '6' "

 

The equivalent iquest can be seen here:

  $ imeta qu -d 'criterionX_a' '<' 4 and 'criterionY_b' '>' 6

 

imeta provides a simpler usage if the attribute names are known:

iRODS Build and Test - History

July 2011

  • Python → Node.js → RabbitMQ → Celery → Eucalyptus

October 2012

  • Python → Node.js → ssh → OpenStack

January 2013

  • Hudson → Python → OpenStack

October 2013

  • Hudson → Python → vSphere long-running VMs

Spring 2015

  • Jenkins → Python → Ansible → zone_bundles → vSphere dynamic VMs

Spring 2017

  • Moved iRODS build/test logic from Ansible to python modules (per-repository)

  • Consolidated to two parameterized Jenkins jobs

Fall 2019

  • Jenkins  → Python → Docker

iRODS Build and Test - 2019 Architecture

  • Dockerized Jenkins

  • All configuration and setup in git

  • Launches sibling Docker containers

    • Build OS Images

    • Build iRODS Packages

    • Deploy and Test

      • core, plugins, topology, federation

  • Development is same as production

iRODS Build and Test - Progress

   
   
   
   
   
   
   
   

iRODS Build and Test - 4.2.8 release cycle

  • iCAT database runs in its own container for every test

  • Serialized Workflow

    • Docker by default creates max 31 networks

    • GitHub rate limit exceeded exception

    • We are still learning about Docker

  • Operating Systems supported → Ubuntu 16, Ubuntu 18, and CentOS 7

  • Databases supported → PostgreSQL, MySQL/MariaDB, and Oracle

  • Number of Core Test Suites per OS per Database → 65

  • Number of Plugins Tested per OS per Database → 12

  • Topology → 4 combinations (Provider/Consumer, with/without SSL)

  • Upgrade Topology Test → 2 combinations (Provider/Consumer)

  • Federation → 1 combination (current vs. current)

iRODS Build and Test - Future

  • Make iRODS Jenkins publicly accessible
  • Investigate scaling out
  • Increase coverage
    • more tests
    • more plugins
    • more operating systems (SLES 15)
  • Conformance testing
  • Approachable for community developers
    • Confidence
    • Acceptance Criteria

Philosophy to Policy

With the new libraries and first class replicas, we can rewrite 90% of the internals, and then fix the things that depend on them later, with little expectation of regression, because the interfaces remain the same.

 

Internally

  • We will have a new API... but not really

  • Instead, we stepped back and built good tools

    • Allows us to refactor and go faster without breaking the 4.x API

    • This has turned out to be more powerful than originally expected

 

Externally

  • It's a good story, the ability to compose policy into capabilities

  • Can build smaller pieces of functionality which can be composed to help solve larger problems

  • We don't have to worry about side effects

 

Continuation within the Rule Engine Plugin Framework allows administrators to break apart monolithic policy implementations into reusable components.

iRODS Data Management Model

Big Picture

Core

  • 4.3.0 - Harden and Polish

 

Clients

  • GUIs (Metalnx, et al.)

  • Onboarding and Syncing (Automated Ingest)

  • File System Integration (NFSRODS / SMBRODS)

  • iRODS Console (alongside existing iCommands)

 

Continue building out policy components (Capabilities)

 

We want installation and management of iRODS to become about policy design, composition, and configuration.

 

Please share your:

  • use cases

  • pain points

  • hopes and dreams

Open Source Community Engagement

Get Involved

  • Working Groups

  • GitHub Issues

  • Pull Requests

  • Chat List

  • Consortium Membership

 

Tell Others

  • Publish, Cite, Advocate, Refer

UGM 2020 - Technology Update

By iRODS Consortium

UGM 2020 - Technology Update

iRODS User Group Meeting 2020 - Technology Update

  • 1,522