350 likes | 367 Views
UI PnP and gLite UI installation. Giuseppe LA ROCCA INFN Catania giuseppe.larocca@ct.infn.it ACGRID-II School 2-14 November 2009 Kuala Lumpur - Malaysia. User Interface: overview GILDA User Interface Plug and Play ver.3.1 Installation of a gLite 3.1 UI on SL4.7. Outline. 2.
E N D
UI PnP and gLite UI installation Giuseppe LA ROCCA INFN Catania giuseppe.larocca@ct.infn.it ACGRID-II School 2-14 November 2009 Kuala Lumpur - Malaysia
User Interface: overview GILDA User Interface Plug and Play ver.3.1 Installation of a gLite 3.1 UI on SL4.7 Outline 2
User Interface : overview The UI is a suite of clients and APIs that users and applications can use to access the gLite services The gLite UI includes the following components: – VOMScommand-line tools – WMSclients and APIs – Logging and Bookkeepingclients and APIs – Data Transfercommand-line clients and APIs – Data Catalogcommand-line clients and APIs – gLite I/Oclient and APIs – R-GMA/BDIIclient and APIs
..before to start This version of the GILDA UI PnP have been tested forScientific Linux 4.5/6/7,Fedora Core 8,10 and Ubuntu 8.04 It may need additional effort to make it works on other distributions. It differs from the official release because everything is pre-configured for the GILDA testbed. To install and use it does not need root privileges at all Disclaimer !!
Preliminary You have to check that the clock of your machine is properly synchronized with an ntp server you have Java properly installed on your machine; cd /etc/yum.repos.d/ wget ftp://mirror.biruni.upm.my/repos/3.1/jpackage.repo yum clean all yum install –y jdk
Syncronizing… • A general requirement for the gLite nodes is that they are synchronized. • Configure the file /etc/ntp.conf by adding the lines dealing with your time server configuration such as, for instance: # Prohibit general access to this service. restrict default ignore restrict 193.206.144.10 mask 255.255.255.255 nomodify notrap noquery server 127.127.1.0 # local clock fudge 127.127.1.0 stratum 10 server ntp-1.infn.it
Syncronizing… • Edit the file /etc/ntp/step-tickers adding a list of your time server(s) hostname(s) cat /etc/ntp/step-tickers 193.206.144.10 • If you are running a kernel firewall, you will have to allow inbound communication on the NTP port. • If you are using iptables, you can add the following to /etc/sysconfig/iptables -A INPUT -s <NTP-serverIP-1> -p udp --dport 123 -j ACCEPT • You can then reload the firewall : service iptables restart
Syncronizing… • Activate the ntpd service with the following commands: # ntpdate <your ntp server name> # service ntpd start # chkconfig ntpd on • You can check ntpd's status by running the following command : # ntpq -p
Installation As normal user, download the tarball from this location: wget https://gilda.ct.infn.it/UIPnP/GILDA-UIPnP-3.1.tar.gz wget ftp://mirror.biruni.upm.my/other/GILDA-UIPnP-3.1.tar.gz and uncompress it in your $HOME $ tar xzf GILDA-UIPnP-3.1.tar.gz # ls UIPnP-3.1 drwxr-xr-x 5 1000 1000 4096 Apr 7 2008 classads drwxr-xr-x 4 1000 1000 4096 Apr 7 2008 d-cache drwxr-xr-x 8 1000 1000 4096 May 19 2008 edg -rw-r--r-- 1 1000 1000 4059 May 6 15:46 eela2uiconf.tar.gz drwxr-xr-x 3 1000 1000 4096 Apr 7 2008 etc drwxr-xr-x 10 1000 1000 4096 May 19 2008 external drwxr-xr-x 14 1000 1000 4096 Apr 7 2008 glite drwxr-xr-x 14 1000 1000 4096 Apr 7 2008 globus drwxr-xr-x 9 1000 1000 4096 Apr 7 2008 gpt drwxr-xr-x 8 1000 1000 4096 Apr 7 2008 lcg -rw-r--r-- 1 1000 1000 21185 Mar 31 17:27 PnP-conf.def -rw-r--r-- 1 1000 1000 925 May 21 2008 README
Configuration Enter the UIPnP-3.1 directory and edit the configuration filePnP-conf.def # Check this is the correct value ! JAVA_LOCATION="/usr/java/latest/“ Customize here BDII_HOST=“gilda-bdii.ct.infn.it” Run the configuration command : $HOME/UIPnP-3.1/glite/yaim/bin/yaim -c \ -s PnP-conf.def -n UI_TAR
Post-configuration For your convenience, it may be useful to put these inside your~/.bashrc, instead of running them every time you log in. source $HOME/UIPnP-3.1/external/etc/profile.d/grid-env.sh export LFC_HOST=lfc-gilda.ct.infn.it Run source .bashrcand, after you have copied under .globus/your personal certificates you can enjoy GILDA UI Plug and play !
Testing the UI Create an account and password adduser kualalumpur<Your ID> passwd kualalumpur<Your ID> Log into the account and create the .globus/ directory su – kualalumpur<Your ID> mkdir .globus cd .globus/ For this tutorial, user certificates can be downloaded from here : ftp://mirror.biruni.upm.my/klacgrid/usercert/KUALALUMPURXX-cert.pem ftp://mirror.biruni.upm.my/klacgrid/usercert/KUALALUMPURXX-key.pem
Rename the certificate mv KUALALUMPURXX-cert.pem usercert.pem mv KUALALUMPURXX-key.pem userkey.pem chmod 644 usercert.pem chmod 400 userkey.pem Test job submission glite-wms-job-delegation-proxy –d ${USER} glite-wms-job-submit –d ${USER} hostname.jdl Test data management lcg-cr -v -d <se host> \ -l lfn:/grid/gilda/tutorials/<your_file_alias> \ file:$PWD/<your_file> Test information systemlcg-infosites --vo gilda ce Testing the UI
Pre-requisites /1 Start from a base SL4.7 machine with the following rpm groups : X Window System Editors X Software Development Text-based Internet Server Configuration Tools Development Tools Administration Tools System Tools Legacy Software Development Please refer to Site_Pre-Installation to prepare and setup your machine for gLite middleware installation
Log in to the VM as root with the password specified in your tutorial sheet. Check hostname of the server and make sure no one login your VM before to start the installation. $ hostname –f vm__.thinkgrid.org $ who root pts/1 Nov 10 10:46 (vm__.thinkgrid.org) Pre-requisites /2
Syncronizing… • gLite nodes have to be synchronized. • Configure the file /etc/ntp.conf by adding the lines dealing with your time server configuration such as, for instance: # Prohibit general access to this service. restrict default ignore restrict 193.206.144.10 mask 255.255.255.255 nomodify notrap noquery server 127.127.1.0 # local clock fudge 127.127.1.0 stratum 10 server ntp-1.infn.it
Syncronizing… • Edit the file /etc/ntp/step-tickers adding a list of your time server(s) hostname(s) cat /etc/ntp/step-tickers 193.206.144.10 • If you are running a kernel firewall, you will have to allow inbound communication on the NTP port. • If you are using iptables, you can add the following to /etc/sysconfig/iptables -A INPUT -s <NTP-serverIP-1> -p udp --dport 123 -j ACCEPT • You can then reload the firewall : service iptables restart
Syncronizing… • Activate the ntpd service with the following commands: # ntpdate <your ntp server name> # service ntpd start # chkconfig ntpd on • You can check ntpd's status by running the following command : # ntpq -p
Repository settings Configure the repositories as follow: cd /etc/yum.repos.d/ wget ftp://mirror.biruni.upm.my/repos/3.1/glite-UI.repo \ ftp://mirror.biruni.upm.my/repos/3.1/lcg-CA.repo \ ftp://mirror.biruni.upm.my/repos/3.1/jpackage.repo \ http://grid018.ct.infn.it/mrepo/repos/gilda.repo yum clean all Loading "kernel-module" plugin Cleaning up Everything 72 headers removed 0 packages removed 12 metadata files removed 0 cache files removed 6 cache files removed
Install meta-packages Install Java and the meta-package for the UIyum install glite-UI java-1.6.0-sun-compat Install the CAs and the utils to support the GILDA VO: yum install lcg-CA gilda_utils
Configure Download the “corrected” site-info.def for your server cd /opt/glite/yaim/etc/ wget ftp://mirror.biruni.upm.my/klacgrid/site-info.def Protect your configuration file chmod 600 site-info.def Customize the site-info.def for your server in order to access the “local” GILDA t-Infrastructure # Hostname of the top level BDII BDII_HOST=wms.thinkgrid.org # Hostname of the WMS WMS_HOST=wms.thinkgrid.org # Hostname of the PX PX_HOST=myproxy.ct.infn.it
Configure (cont.) # Hostname of the MON BOX MON_HOST=rgmasrv.ct.infn.it # Space separated list of VOs supported by your site VOS="gilda euasia"
Configure (cont.) ########## # EUASIA # ########## VO_EUASIA_SW_DIR=$VO_SW_DIR/euag VO_EUASIA_DEFAULT_SE=$DPM_HOST VO_EUASIA_STORAGE_DIR=$CLASSIC_STORAGE_DIR/euasia VO_EUASIA_VOMS_SERVERS="vomss://voms.grid.sinica.edu.tw:8443/voms/euasia?/euasia" VO_EUASIA_VOMSES="'euasia voms.grid.sinica.edu.tw 15015 /C=TW/O=AS/OU=GRID/CN=voms.grid.sinica.edu.tw euasia'" VO_EUASIA_VOMS_CA_DN="'/C=TW/O=AS/OU=GRID/CN=voms.grid.sinica.edu.tw'" VO_EUASIA_CA_DN="'/C=TW/O=AS/CN=Academia Sinica Grid Computing Certification Authority Mercury' '/C=TW/O=AS/CN=Academia Sinica Grid Computing Certification Authority Mercury'"
Configure (cont.) ######### # GILDA # ######### VO_GILDA_SW_DIR=$VO_SW_DIR/gilda VO_GILDA_DEFAULT_SE=$DPM_HOST VO_GILDA_STORAGE_DIR=$CLASSIC_STORAGE_DIR//gilda VO_GILDA_QUEUES="gilda" VO_GILDA_VOMS_SERVERS="vomss://voms.ct.infn.it:8443/voms/gilda?/gilda" VO_GILDA_VOMSES="'gilda voms.ct.infn.it 15001 /C=IT/O=INFN/OU=Host/L=Catania/CN=voms.ct.infn.it gilda'" VO_GILDA_VOMS_CA_DN="'/C=IT/O=INFN/CN=INFN CA' '/C=IT/O=INFN/CN=INFN CA'"
Official EUASIA Grid Settings If you want to configure your gLite UI to access the EUASIAGrid Infrastructure use the following settings: # Hostname of the top level BDII BDII_HOST=bdii.grid.sinica.edu.tw # Hostname of the PX PX_HOST=lcg00127.grid.sinica.edu.tw # Hostname of the RB RB_HOST=lcg00124.grid.sinica.edu.tw # Hostname of the WMS WMS_HOST=wms.grid.sinica.edu.tw
Official GILDA Grid Settings If you want to configure your gLite UI to access the GILDA Infrastructure use the following settings: # Hostname of the top level BDII BDII_HOST=gilda-bdii.ct.infn.it # Hostname of the PX PX_HOST=myproxy.ct.infn.it # Hostname of the RB RB_HOST=glite-rb.ct.infn.it # Hostname of the WMS WMS_HOST=wms-gilda-01.ct.infn.it
Configure server with YAIM Check syntax of your site-info.def source site-info.def Verify that all the required yaim parameter are present in your site-info.def /opt/glite/yaim/bin/yaim -v -s site-info.def \ -n glite-UI Run YAIM /opt/glite/yaim/bin/yaim -c -s site-info.def \ -n glite-UI Open /opt/glite/etc/profile.d/grid-env.sh and add gridenv_set “LFC_HOST” “lfc-gilda.ct.infn.it”
Post installation Go in /etc/grid-security/vomsdir Download voms host cert. For EUASIA CA http://ca.grid.sinica.edu.tw/publication/newCRT/newcerts/0341.crt Rename this file to voms.grid.sinica.edu.tw.pem Check the content of the following filescat /etc/grid-security/vomsdir/gilda/voms.ct.infn.it.lsc /C=IT/O=INFN/OU=Host/L=Catania/CN=voms.ct.infn.it /C=IT/O=INFN/CN=INFN CA cat /etc/grid-security/vomsdir/euasia/voms.grid.sinica.edu.tw.lsc /C=TW/O=AS/OU=GRID/CN=voms.grid.sinica.edu.tw /C=TW/O=AS/CN=Academia Sinica Grid Computing Certification Authority Mercury
Post installation Create an account and password adduser kualalumpur<Your ID> passwd kualalumpur<Your ID> Log into the account and create the .globus/ directory su – kualalumpur<Your ID> mkdir .globus cd .globus/ For this tutorial, user certificates can be downloaded from here : ftp://mirror.biruni.upm.my/klacgrid/usercert/KUALALUMPURXX-cert.pem ftp://mirror.biruni.upm.my/klacgrid/usercert/KUALALUMPURXX-key.pem
Rename the certificate mv KUALALUMPURXX-cert.pem usercert.pem mv KUALALUMPURXX-key.pem userkey.pem chmod 644 usercert.pem chmod 400 userkey.pem Post Installation
Testing the UI Create a proxy voms-proxy-init --voms gilda Cannot find file or dir: /home/larocca/.glite/vomses Enter GRID pass phrase: Your identity: /C=IT/O=GILDA/OU=Personal Certificate/L=INFN Catania/CN=Giuseppe La Rocca Creating temporary proxy .............................................. Done Contacting voms.ct.infn.it:15001[/C=IT/O=INFN/OU=Host/L=Catania/CN=voms.ct.infn.it] "gilda" Done Creating proxy .......................................... Done Your proxy is valid until Sat Jul 11 06:39:03 2009
Testing the UI Test job submission glite-wms-job-delegation-proxy –d ${USER} glite-wms-job-submit –d ${USER} hostname.jdl Test data management lcg-cr -v -d <se host> \ -l lfn:/grid/gilda/<your_file_alias> \ file:$PWD/<your_file> Test information systemlcg-infosites --vo gilda ce
References gLite User’s guide https://edms.cern.ch/file/722398/1.2/gLite-3-UserGuide.pdf Refer to the following references for more details about required variables of the gLite UI: https://twiki.cern.ch/twiki/bin/view/LCG/UI_configuration_variables https://twiki.cern.ch/twiki/bin/view/LCG/Site-info_configuration_variables http://www.euasiagrid.org/wiki/index.php/UI_PnP_Installation http://www.euasiagrid.org/wiki/index.php/UI_Installation