140 likes | 290 Views
Introduction to the tutorial for site managers. Tony Calanducci INFN – Catania Third EELA Tutorial for Managers and Users Rio de Janeiro, 26-30 June 2006. Outline. Layout of the site managers tutorial Available servers Shared pre-requisite for gLite 3.0 services. Layout.
E N D
Introduction to the tutorial for site managers • Tony Calanducci • INFN – Catania • Third EELA Tutorial for Managers and Users • Rio de Janeiro, 26-30 June 2006
Outline • Layout of the site managers tutorial • Available servers • Shared pre-requisite for gLite 3.0 services
Layout • The installation, the configuration and the eventual troubleshooting of the gLite 3.0 services will be showed in real time by the tutors. • After each service installation demonstration you will be able to re-install it by yourself • each couple of participants on its own assigned VM • Due to the number of participants we are going to install gLite services onto VMware Virtual Machines • this will allow to have a bigger number of servers for testing • easy to resume the initial status of the VM for the following service re-installation (using the Snapshot manager feature of VMWare workstation) • useful if you need to re-try the installation due to errors/mistakes/tests
Available servers • 8 powerful servers have been installed locally to host 4 VMs each one (total 32 VMs) • First 8 VMs (eelatut09-16.eela.if.ufrj.br) will be used by the tutors during their demonstrations • eelatut17-40.eela.if.ufrj.br are available for the re-installation of the showed service. • Machine Number assignment to each couple of student • After the end of one re-installation session, tutors will resume VM status to the initial configuration • One more server is available as gLite 3.0 repository to speed up the download of RPMs • gaia.if.ufrj.br local gLite 3.0 repository
Access to the VMs • Hostname : eelatutXX.eela.if.ufjr.br • where XX in [17-40] • Username : root • Passwd: eelatut • VMachines installed by the tutors: • eelatut09: User Interface • eelatut10: VOMS Server, MyProxy Server • eelatut11: BDII Server • eelatut12: WMS+LB Server • eelatut13: CE+WN Server • eelatut14: SE DPM Server • eelatut15: FTS Server • eelatut16: R-GMA, AMGA Server 5
Installation Pre-requisites • Start from a fresh install of SLC 3.0.x • Verify that apt is installed and properly configured: • rpm -qa | grep apt • Install apt if necessary: • rpm -ivhhttp://linuxsoft.cern.ch/cern/slc30X/i386/SL/RPMS/apt-0.5.15cnc6-8.SL.cern.i386.rpm • Java SDK is required to install almost any LCG/gLite grid service. Due to license issues, it is not found in the LCG repositories. So please download and install a release of Sun Java SDK >= 1.4.2_08 from http://java.sun.com/j2se/1.4.2/download.html • chmod +x j2sdk-1_4_2_10-linux-i586-rpm.bin • ./j2sdk-1_4_2_10-linux-i586-rpm.bin • rpm -ivh j2sdk-1_4_2_10-linux-i586.rpm • Preparing... ########################################### [100%] • 1:j2sdk ########################################### [100%]
Security pre-requisites • Request a X509 host certificate for the gLite service you are going to install from a Certification Autority (CA). For example, to get host certificates from the GILDA CA, go to: • https://gilda.ct.infn.it/CA/mgt/restricted/srvreq.php • Install host certificates (hostcert.pem and hostkey.pem) in /etc/grid-security. • chmod 644 hostcert.pem • chmod 400 hostkey.pem • NB: you should find there already for you in the provided VMs
Security pre-requisites (II) • If you plan to use certificates released by unsupported EGEE CA’s, be sure that their public key, signing policy and CRLs (usually distributed with an rpm) are installed in /etc/grid-security/certificates. • For the VO GILDA, the RPM is available from • https://gilda.ct.infn.it/RPMS/ca_GILDA-1.0-2.i386.rpm • N.B.: The GILDA gLite customized version that we are going to install include already both GILDA and EELA RPMs • Install the VOMS public certificate for the supported VOs • For the VO GILDA, the RPM is available from • https://gilda.ct.infn.it/RPMS/edg-voms-vo-gilda-1.0-0.noarch.rpm • For the VO EELA, the RPM is available from • https://gilda.ct.infn.it/RPMS/lcg-voms-vo-eela_1.0-0_noarch.rpm
Node Syncronization with NTP • Syncronization among all gLite nodes is mandatory. It can be achieved by the NTP protocol with a time server • Install ntp if not already available for your system: • apt-get install ntp • Add your time server in /etc/ntp.conf • restrict <time_server_IP_address> mask 255.255.255.255 nomodify notrap noquery • server <time_server_name> • (you can use ntp-1.infn.it – IP 193.206.144.10) • Edit /etc/ntp/step-tickers adding your(s) time server(s) hostname • If you are running a firewall, you will have to allow inbound comminication on the NTP port: • -A INPUT -s <NTP-serverIP-1> -p udp --dport 123 -j ACCEPT • Activate the ntpd service with the following commands: • ntpdate <your ntp server name> • service ntpd start • chkconfig ntpd on • You can check ntpd’s status with: • ntpq -p
YAIM Installation • YAIM is a set of bash scripts used to install and easily configure the gLite middleware on the target machine • Ensure you FQDN is properly set • hostname –f • Find the latest YAIM and gilda_ig-yaim version at http://www.cern.ch/grid-deployment/gis/yaim/ • Download it using wget from • http://www.cern.ch/grid-deployment/gis/yaim/ • http://grid018.ct.infn.it/apt/gilda_app-i386/utils/ • Install using • rpm -ivh glite-yaim-latest.rpm • rpm -ivh gilda_ig-yaim-3.0.0-xx.noarch.rpm
Site Configuration File • All the configuration values to sites have to be configured in a site configuration file using key-value pairs. • This file is shared among all the different gLite node types. So edit once and keep it in a safe place • Create a copy of /opt/glite/yaim/examples/site-info.def template (coming from the lcg-yaim RPM) to your reference directory for the installation (e.g. /root): • cp /opt/glite/yaim/examples/gilda_ig-site-info.def /root/my-site-info.def • The general syntax of the file is a sequence of bash-like assignments of variables (<variable>=<value>, no spaces are allowed around =). • A good syntax test for your site configuration file is to try to source it manually running the command: • source my-site-info.def
Middleware installation with YAIM • We are ready to install the services: • /opt/glite/bin/gilda_ig_install_node /root/my-site-info.def GILDA_ig_myServiceName • This command will download and install all the needed packages. • Now we can configure the node: • /opt/glite/bin/gilda_ig_configure_node /root/my-site-info.def GILDA_ig_myServiceName
Any questions? Thanks for the attention