'' if it exists (now this approach is used only for new //dns-like// VO).
For example for ''enmr.eu'' VO (note that variable names don't contain the VO name):
$ cat <confdir>/vo.d/enmr.eu
SW_DIR=$VO_SW_DIR/enmr
DEFAULT_SE=$CLASSIC_HOST
STORAGE_DIR=$CLASSIC_STORAGE_DIR/enmr
VOMS_SERVERS="'vomss://voms2.cnaf.infn.it:8443/voms/enmr.eu?/enmr.eu' 'vomss://voms-02.pd.infn.it:8443/voms/enmr.eu?/enmr.eu'"
VOMSES="'enmr.eu voms2.cnaf.infn.it 15014 /C=IT/O=INFN/OU=Host/L=CNAF/CN=voms2.cnaf.infn.it enmr.eu' 'enmr.eu voms-02.pd.infn.it 15014 /C=IT/O=INFN/OU=Host/L=Padova/CN=voms-02.pd.infn.it enmr.eu'"
VOMS_CA_DN="'/C=IT/O=INFN/CN=INFN CA' '/C=IT/O=INFN/CN=INFN CA'"
your-users.conf
* Add to "your-users.conf" the users for the "<voname>'' VO fitting your site's policy in users management (range of uid and gid). You may find an example of the needed rows in ''/opt/glite/yaim/examples/ig-users.conf''.
Some useful informations are available in ''/opt/glite/yaim/examples/users.conf.README''.
You may also use the information you find at Whole site: How to create local users.conf and configure users.
For example for ''enmr.eu'' VO you could use:
46001:enmr001:46000:enmr:enmr.eu::
46002:enmr002:46000:enmr:enmr.eu::
46003:enmr003:46000:enmr:enmr.eu::
...
46901:sgmenmr001:46090,46000:sgmenmr,enmr:enmr.eu:sgm:
46902:sgmenmr002:46090,46000:sgmenmr,enmr:enmr.eu:sgm:
46903:sgmenmr003:46090,46000:sgmenmr,enmr:enmr.eu:sgm:
...
46921:sgmenmrbcbr001:46091,46000:sgmenmrbcbr,enmr:enmr.eu:sgmbcbr:
46922:sgmenmrbcbr002:46091,46000:sgmenmrbcbr,enmr:enmr.eu:sgmbcbr:
46923:sgmenmrbcbr003:46091,46000:sgmenmrbcbr,enmr:enmr.eu:sgmbcbr:
...
46941:sgmenmrbmrz001:46092,46000:sgmenmrbmrz,enmr:enmr.eu:sgmbmrz:
46942:sgmenmrbmrz002:46092,46000:sgmenmrbmrz,enmr:enmr.eu:sgmbmrz:
46943:sgmenmrbmrz003:46092,46000:sgmenmrbmrz,enmr:enmr.eu:sgmbmrz:
...
46961:sgmenmrcirmmp001:46093,46000:sgmenmrcirmmp,enmr:enmr.eu:sgmcirmmp:
46962:sgmenmrcirmmp002:46093,46000:sgmenmrcirmmp,enmr:enmr.eu:sgmcirmmp:
46963:sgmenmrcirmmp003:46093,46000:sgmenmrcirmmp,enmr:enmr.eu:sgmcirmmp:
...
your-groups.conf
* Add to "your-groups.conf" the VOMS FQANs for the "<voname>'' VO copying them from ''/opt/glite/yaim/examples/ig-groups.conf''.
Some useful informations are available in ''/opt/glite/yaim/examples/groups.conf.README''.
For example for ''enmr.eu'' VO:
"/enmr.eu/ROLE=SoftwareManager":::sgm:
"/enmr.eu"::::
"/enmr.eu/bcbr/ROLE=SoftwareManager":::sgmbcbr:
"/enmr.eu/bcbr"::::
"/enmr.eu/bmrz/ROLE=SoftwareManager":::sgmbmrz:
"/enmr.eu/bmrz"::::
"/enmr.eu/cirmmp/ROLE=SoftwareManager":::sgmcirmmp:
"/enmr.eu/cirmmp"::::
Extra configuration
The "enmr.eu" a particular structure is needed for sgm pool accounts, as you can see in ''ig-groups.conf'' and ''ig-users.conf'' template files.
To fit these requirements some manual steps have to be performed in the software area exported to WNs. Assuming that the directory ''$VO_ENMR_EU_SW_DIR'' is already present with ''sgmenmr001.sgmenmr'' ownership:
mkdir $VO_ENMR_EU_SW_DIR/BCBR $VO_ENMR_EU_SW_DIR/BMRZ $VO_ENMR_EU_SW_DIR/CIRMMP
chown sgmenmrbcbr001.sgmenmrbcbr $VO_ENMR_EU_SW_DIR/BCBR
chown sgmenmrbmrz001.sgmenmrbmrz $VO_ENMR_EU_SW_DIR/BMRZ
chown sgmenmrcirmmp001.sgmenmrcirmmp $VO_ENMR_EU_SW_DIR/CIRMMP
Verify your installation
In order to enable the "<voname>'' VO on your site you have to verify that:
* the voms server host certificate of the newly added "<voname>'' VO is installed in "/etc/grid-security/vomsdir"
* the Certification Authority that released the voms server host certificate is installed on your hosts
Configure your nodetypes
In order to enable the newly added "<voname>'' VO on your site you have to run for each nodetype the function you find in the table below. Naturally you can also complete reconfigure your nodetypes but this is a more expensive procedure.
For each nodetype you have to use the following command, properly replacing the profile and function's names:
/opt/glite/yaim/bin/yaim -r -s <confdir>/<your-site-info.def> -n <profile> -f <function>
Profiles<-- --> |
Function |
BDII Site |
''config_newvo_bdii_site'' |
BDII Top |
''config_newvo_bdii_top'' |
CREAM |
''config_newvo_cream'' ''config_newvo_cream_lsf'' ''config_newvo_cream_torque'' |
GRIDFTP |
''config_newvo_gridftp'' |
HLR |
''config_newvo_hlr'' |
LB |
''config_newvo_lb'' |
SE StoRM |
''config_newvo_se_storm_backend'' ''config_newvo_se_storm_frontend'' |
SE_DPM |
''config_newvo_se_dpm_disk'' ''config_newvo_se_dpm_mysql'' ''config_newvo_se_dpm_oracle'' |
UI |
''config_newvo_ui'' |
WMS |
''config_newvo_wms'' |
WN |
''config_newvo_wn'' ''config_newvo_wn_lsf'' ''config_newvo_wn_torque'' |
-- SergioTraldi - 2012-01-11