120 likes | 290 Views
gLite WMS Installation and configuration. Riccardo Bruno – INFN.CT 30/06/2008 – 04/07/2008. Prepare the Virtual Machine. WMS Actually installs only on SLC3.0.8 GILDA Virtual Services https://gilda.ct.infn.it/GILDAVM30/GILDAVM_Base.tar.bz2
E N D
gLite WMS Installation and configuration Riccardo Bruno – INFN.CT 30/06/2008 – 04/07/2008
Prepare the Virtual Machine • WMS Actually installs only on SLC3.0.8 • GILDA Virtual Services • https://gilda.ct.infn.it/GILDAVM30/GILDAVM_Base.tar.bz2 • On this tutorial you can find this image installed on: • HostXX.trigrid.it where XX=36...56 • Machine must have: • Public IP address (normally use the setup utility) • On this tutorial machines are already configured • Turn on the machine … • User: root • Password: eelatutorial
NTP and Repository settings … • Check for NTP installation (GILDAVM_Base has it) • apt-get install ntp • Repository settings • (ig repository@CNAF: grid-it.cnaf.infn.it) • (ig repository@CT: grid018.ct.infn.it) • REPOSITE=<your repository> • cd /etc/apt/sources.list.d/ • wget $REPOSITE/mrepo/lists/sl3.list • wget $REPOSITE/mrepo/lists/lcg-ca.list • wget $REPOSITE/mrepo/lists/glite.list • wget $REPOSITE/mrepo/lists/glite-wms.list • wget $REPOSITE/mrepo/lists/ig.list • echo "rpm http://grid018.ct.infn.it/rep gilda_app-i386 app 3_0_0" > /etc/apt/sources.list.d/gilda.list • Change repository chache size (avoid errors) • echo "APT::Cache-Limit \"50000000\";" > /etc/apt/apt.conf.d/mmap.conf Update repository changes with: apt-get clean apt-get update apt-get dist-upgrade
Java and other mandatory PKGs • Known package versioning troubles: • Check for c-ares package version • rpm -q c-ares • If it exists and not equal to: ’c-ares-1.3.0-1.slc3’ • Do the followings: • apt-get remove c-ares • rpm -ivh http://lxb2042.cern.ch/gLite/APT/R3.1-RB-pretest/RPMS/externals/c-ares-1.3.0-1.slc3.i686.rpm • apt-get install curl • rpm -ivh http://lxb2042.cern.ch/gLite/APT/R3.1-RB-pretest/RPMS/Release3.1/gridsite-shared-1.1.18.1-1.i386.rpm • rpm -ivh http://lxb2042.cern.ch/gLite/APT/R3.1-RB-pretest/RPMS/Release3.1/gridsite-apache-1.1.18.1-1.i386.rpm • Install Java with • apt-get install jdk • Get lcg_CA information (all supported CA) • apt-get install lcg-CA • Cet GILDA CA information and other information • apt-get install gilda_utils
Install metapackages ig_WMSLB apt-get install ig_WMSLB
Host certificates • Copy host certificates on the right place • cp <HOSTCERT> /etc/grid-security/hostcert.pem • cp <HOSTKEY> /etc/grid-security/hostkey.pem • Set the right permissions to host certificates • chmod 600 /etc/grid-security/hostcert.pem • chmod 400 /etc/grid-security/hostkey.pem • For this tutorial host certificates are already available in: • http://jessica.trigrid.it/eela/Tutorial4Tutors/certs/hostcerts
Configure WMS: ig-site-info.def • ig Metapackages already provide customized settings for the configuration file: site-info.def (ig-site-info.def) • Copy ig-site-info.def template to your configuration directory • cp /opt/glite/yaim/examples/siteinfo/ig-site-info.def /opt/glite/yaim/etc/gilda/my-site-info.def • cd /opt/glite/yaim/etc/gilda • Moving the configuration file to /opt/glite/yaim/etc/gilda directory, the GILDA groups and users configutation files will be automatically included by the gilda_utils package.
Edit: my-site-info.def # GROUP and USERS conf USERS_CONF=/opt/glite/yaim/examples/ig-users.conf (leave it unchanged) GROUPS_CONF=/opt/glite/yaim/examples/ig-groups.conf (leave it unchanged) # # JAVA # JAVA_LOCATION="/usr/java/jdk1.5.0_14" # # SITE # SITE_EMAIL=root@localhost SITE_CRON_EMAIL=$SITE_EMAIL SITE_SUPPORT_EMAIL=$SITE_EMAIL SITE_NAME=my-site-name SITE_LOC="City, Country" SITE_LAT=0.0 # -90 to 90 degrees SITE_LONG=0.0 # -180 to 180 degrees SITE_WEB="http://www.my-site.org" SITE_TIER="TIER #" SITE_SUPPORT_SITE="CNAF-T1" # # WMS configuration variables # WMS_HOST=<your host name>.$MY_DOMAIN LB_HOST="<your host name>.$MY_DOMAIN:9000" # # BDII # BDII_HOST=glite-rb.ct.infn.it # # VO # #VOS="eela gilda" # # VOMS # ALL_VOMS_VOS="eela gilda" # # MYSQL # MYSQL_PASSWORD=apassword
Configure WMS and LB • To configure your WMS use: • Configure WMS • /opt/glite/yaim/bin/ig_yaim -c -s my-site-info.def -n ig_WMS • Configure LB • /opt/glite/yaim/bin/ig_yaim -c -s my-site-info.def -n ig_LB Check if GILDA pool accounts have been created: grep -i gilda /etc/passwd
glite_wms_wmproxy.gacl <gacl version="0.0.1"> <entry> <voms> <fqan>gilda/ROLE=NULL</fqan> </voms> <allow> <exec/> </allow> </entry> <entry> <voms> <fqan>gilda/grelc/das/*</fqan> </voms> <allow> <exec/> </allow> </entry> <entry> <voms> <fqan>gilda</fqan> </voms> <allow> <exec/> </allow> </entry> <entry> <voms> <fqan>geclipsetutor/ROLE=SoftwareManager</fqan> </voms> <allow> <exec/> </allow> </entry> <entry> <voms> <fqan>geclipsetutor</fqan> </voms> <allow> <exec/> </allow> </entry> </gacl> File: /opt/glite/etc/glite_wms_wmproxy.gacl This file contains information about User’ roles and priviledges It must be manually configured; Beside suggested values The file is built by a set of entries like: <entry> <voms> <fqan>gilda/ROLE=NULL</fqan> </voms> <allow> <exec/> </allow> </entry>
Testing your WMS • Access to your own UI account (glite-tutor.ct.infn.it) • glite-wms-job-list-match -e https://<your host>:7443/glite_wms_wmproxy_server -a hostname.jdl • glite-wms-job-submit -e https://<your host>:7443/glite_wms_wmproxy_server -a hostname.jdl • glite-wms-job-status <jobID> • glite-wms-job-output <jobID>