Devel14 Work Log
2007-10-04 (Ale)
- Set jobdir ad input method for workload-manager instead of filelist
- Set these variables in the glite_wms.conf file (WorkloadManager section)
- DispatcherType = "jobdir";
- Input = "${GLITE_LOCATION_VAR}/workload_manager/jobdir";
- Create these directories and then give the ownership to glite.glite
- /var/glite/workload_manager/jobdir/new/
- /var/glite/workload_manager/jobdir/old/
- /var/glite/workload_manager/jobdir/tmp/
- Restart the services
2007-10-03 (Ale)
Install yaim
- rpm -ihv glite-yaim-core-4.0.0-14.noarch.rpm
- rpm -ihv glite-yaim-wms-4.0.0-1.noarch.rpm
Configure yaim
- Create site-info.def
- Create users.conf
- Create groups.conf
Resolve dependencies
- bdii needs:
- yum install openldap-clients openldap-servers
- yum install perl-libwww-perl
- perl-HTML-Parser
- perl-HTML-Tagset
- perl-URI
- edg-mkgridmap needs:
- yum install perl-Crypt-SSLeay perl-DateManip perl-IO-Socket-SSL perl-LDAP perl-Net-SSLeay perl-Term-ReadKey perl-XML-DOM perl-XML-RegExp
- perl-Convert-ASN1
- perl-XML-NamespaceSupport
- perl-XML-SAX
- mysql needs:
- yum install perl-DBI perl-PlRPC perl-Net-Daemon
- glite-wms-manager needs:
- rpm -ihv vdt_globus_info_essentials-VDT1.6.0x86_rhas_4-1.i386.rpm
- condor needs:
- yum install compat-libstdc++-33
- gridsite-apache (not present in the repository, why?) needs:
Install
- /opt/glite/yaim/bin/yaim -i -s site-info.def -m glite-WMS
Post Install
- Copy hostcert.pem hostkey.pem under /etc/grid-security/
Resolve dependencies (these are not required by rpm but are necessary )
- Needs to configure edg-mkgridmap.pl (Patch #1403)
- yum install perl-XML-Parser
- Needs to configure globus
- rpm -ihv gpt-VDT1.6.0x86_rhas_4-1.i386.rpm
- Needs by wmproxy
- yum install httpd
- apr
- apr-util
- httpd-suexec
- yum install mod_ssl
- rpm -ihv glite-security-lcmaps-plugins-voms-1.3.7-3.slc4.i386.rpm
- needs by condor (gahp)
- rpm -ihv condor-lcg-1.1.0-1.i386.rpm
- Needs by configuration script
- rpm -ihv glite-lb-logger (Why do you not install it?)
Bugs Fixes
- Remove from file /opt/glite/yaim/node-info.d/glite-wms the line:
- config_gip_service (why do you configure a GIP on a WMS?)
- Fix line 41 of /opt/glite/yaim/functions/config_glite_lbproxy
- To start correctly workload-manager add to file /opt/glite/yaim/functions/config_glite_wms (it needs liblog4cxx.so.9.0.0)
- yaimgridpath_append LD_LIBRARY_PATH /usr/local/lib
- To run correctly wmproxy add to file /opt/glite/yaim/functions/config_glite_wms (for libfcgi* and libtar)
- yaimgridpath_append LD_LIBRARY_PATH /opt/fcgi/lib
- yaimgridpath_append LD_LIBRARY_PATH /opt/libtar/lib
Configure
- /opt/glite/yaim/bin/yaim -c -s site-info.def -n WMS
Post Configure
- Install voms certificate:
- rpm -ihv lcg-vomscerts-4.6.0-1.noarch.rpm
NOTE:
- /opt/glite/bin/glite-lb-interlogd doesn't exit with a "/opt/glite/etc/init.d/glite-lb-locallogger stop" you need "Kill -9"
- you need to configure LBServer = {":9000"}; on glite_wms.conf
- /opt/glite/bin/glite_wms_wmproxy_dirmanager is bugged due to libtar link (Bug under investigation by Maraska)
- chmod 4555 /opt/glite/bin/glite_wms_wmproxy_dirmanager (Bug under investigation by Maraska)
- use the correct glite-wms-purger.cron script
- set the right value HostProxyFile = "${GLITE_LOCATION_VAR}/wms.proxy"; on glite_wms.conf
- install rpm -ihv lcg-expiregridmapdir-2.0.0-1.noarch.rpm and fix lcg-expiregridmapdir cron job (with the correct path)
- install glite-wms-wmproxy-logrotate.cron and set its conf file
- add MaxOutputSandboxSize = -1; to glite_wms.conf
Installing the new gridftp server (vdt1.6)
- Install these rpms:
- vdt_globus_data_server-VDT1.6.0x86_rhas_4-3.i386.rpm
- glite-security-lcas-lcmaps-gt4-interface-0.0.13-2.slc4.i386.rpm
- glite-security-lcas-1.3.7-1.slc4.i386.rpm
- glite-security-lcas-plugins-voms-1.3.4-3.slc4.i386.rpm
- glite-security-lcas-interface-1.3.6-2.slc4.i386.rpm
- glite-security-lcas-plugins-basic-1.3.2-2.slc4.i386.rpm
- Remove edg-mkgridmap from the cron.d dir
- Add the proper VO entry in the /etc/grid-security/grid-mapfile, e.g.:
"/dteam/Role=lcgadmin/Capability=NULL" .dteamsgm
"/dteam/Role=lcgadmin" .dteamsgm
"/dteam/Role=production/Capability=NULL" .dteamprd
"/dteam/Role=production" .dteamprd
"/dteam/Role=NULL/Capability=NULL" .dteam
"/dteam" .dteam
"/dteam/*" .dteam
- Add the proper VO entry in the /etc/grid-security/groupmapfile, e.g.:
"/dteam/Role=lcgadmin/Capability=NULL" dteamsgm
"/dteam/Role=lcgadmin" dteamsgm
"/dteam/Role=production/Capability=NULL" dteamprd
"/dteam/Role=production" dteamprd
"/dteam/Role=NULL/Capability=NULL" dteam
"/dteam" dteam
/dteam dteam
/dteam/* dteam
- Configure the gridftp server:
- Run /opt/glite/sbin/gt4-interface-install.sh install (it creates /etc/grid-security/gsi-authz.conf)
- Touch the file /opt/glite/etc/lcas/ban_users.db
- Create the file /opt/glite/etc/lcas/lcas.db e.g.:
pluginname=lcas_userban.mod,pluginargs=/opt/glite/etc/lcas/ban_users.db
pluginname=lcas_voms.mod,pluginargs="-vomsdir /etc/grid-security/vomsdir -certdir /etc/grid-security/certificates -authfile /etc/grid-security/grid-mapfile -authformat simple -use_user_dn"
-
- Create the file /opt/glite/etc/lcmaps/lcmaps.db.gridftp e.g.:
path = /opt/glite/lib/modules
posix_enf = "lcmaps_posix_enf.mod"
" -maxuid 1"
" -maxpgid 1"
" -maxsgid 32"
good = "lcmaps_dummy_good.mod"
localaccount = "lcmaps_localaccount.mod"
" -gridmapfile /etc/grid-security/grid-mapfile"
poolaccount = "lcmaps_poolaccount.mod"
" -override_inconsistency"
" -gridmapfile /etc/grid-security/grid-mapfile"
" -gridmapdir /etc/grid-security/gridmapdir"
vomslocalgroup = "lcmaps_voms_localgroup.mod"
" -groupmapfile /etc/grid-security/groupmapfile"
" -mapmin 1"
vomspoolaccount = "lcmaps_voms_poolaccount.mod"
" -gridmapfile /etc/grid-security/grid-mapfile"
" -gridmapdir /etc/grid-security/gridmapdir"
" -override_inconsistency"
verify_proxy = "lcmaps_verify_proxy.mod"
" -certdir /etc/grid-security/certificates"
" --only-post-verify-checks"
# policies
voms:
vomslocalgroup -> vomspoolaccovomspoolaccount -> posix_enf
standard:
localaccount -> posix_enf | poolaccount
poolaccount -> posix_enf
- To start the service:
- export LCMAPS_DB_FILE=/opt/glite/etc/lcmaps/lcmaps.db.gridftp
- /opt/globus/sbin/globus-gridftp-server -p 2811 -l /var/log/gridftp.log -S
Remove old gridftp service
- rpm -e --nodeps glite-wms-thirdparty-globus_gridftp_server
- rpm -e --nodeps edg-mkgridmap
- rpm -e perl-Crypt-SSLeay perl-DateManip perl-IO-Socket-SSL perl-LDAP perl-Net-SSLeay perl-Term-ReadKey perl-XML-DOM perl-XML-RegExp
- rpm -e perl-Convert-ASN1 perl-XML-NamespaceSupport perl-XML-SAX
--
AlessioGianelle - 03 Oct 2007