Tags:
, view all tags

Devel14 Work Log

2007-10-04 (Ale)

  • Set jobdir ad input method for workload-manager instead of filelist
    • Set these variables in the glite_wms.conf file (WorkloadManager section)
      • DispatcherType = "jobdir";
      • Input = "${GLITE_LOCATION_VAR}/workload_manager/jobdir";
    • Create these directories and then give the ownership to glite.glite
      • /var/glite/workload_manager/jobdir/new/
      • /var/glite/workload_manager/jobdir/old/
      • /var/glite/workload_manager/jobdir/tmp/
    • Restart the services

2007-10-03 (Ale)

Start to install a WMS 3.1 using this repository: http://goldrake.cnaf.infn.it:8080/ibrido/etics-rpms_3_1_0_slc4/RPMS.wms/

Install yaim

  • rpm -ihv glite-yaim-core-4.0.0-14.noarch.rpm
  • rpm -ihv glite-yaim-wms-4.0.0-1.noarch.rpm

Configure yaim
  • Create site-info.def
  • Create users.conf
  • Create groups.conf

Resolve dependencies
  • bdii needs:
    • yum install openldap-clients openldap-servers
    • yum install perl-libwww-perl
      • perl-HTML-Parser
      • perl-HTML-Tagset
      • perl-URI

  • edg-mkgridmap needs:
    • yum install perl-Crypt-SSLeay perl-DateManip perl-IO-Socket-SSL perl-LDAP perl-Net-SSLeay perl-Term-ReadKey perl-XML-DOM perl-XML-RegExp
      • perl-Convert-ASN1
      • perl-XML-NamespaceSupport
      • perl-XML-SAX

  • mysql needs:
    • yum install perl-DBI perl-PlRPC perl-Net-Daemon

  • glite-wms-manager needs:
    • rpm -ihv vdt_globus_info_essentials-VDT1.6.0x86_rhas_4-1.i386.rpm

  • condor needs:
    • yum install compat-libstdc++-33

  • gridsite-apache (not present in the repository, why?) needs:
    • yum install curl libidn

Install
  • /opt/glite/yaim/bin/yaim -i -s site-info.def -m glite-WMS

Post Install
  • Copy hostcert.pem hostkey.pem under /etc/grid-security/

Resolve dependencies (these are not required by rpm but are necessary )

  • Needs to configure edg-mkgridmap.pl
    • yum install perl-XML-Parser

  • Needs to configure globus
    • rpm -ihv gpt-VDT1.6.0x86_rhas_4-1.i386.rpm

  • Needs by lbproxy
    • yum install mysql-server
      • perl-DBD-MySQL

  • Needs by wmproxy
    • yum install httpd
      • apr
      • apr-util
      • httpd-suexec
    • yum install mod_ssl
      • distcache
    • rpm -ihv glite-security-lcmaps-plugins-voms-1.3.7-3.slc4.i386.rpm

  • needs by condor (gahp)
    • rpm -ihv condor-lcg-1.1.0-1.i386.rpm

  • Needs by configuration script
    • rpm -ihv glite-lb-logger (Why do you not install it?)

Bugs Fixes

  • Remove from file /opt/glite/yaim/node-info.d/glite-wms the line:
    • config_gip_service (why do you configure a GIP on a WMS?)

  • Fix line 41 of /opt/glite/yaim/functions/config_glite_lbproxy
    • /etc/init.d/mysqld start

  • To start correctly workload-manager add to file /opt/glite/yaim/functions/config_glite_wms (it needs liblog4cxx.so.9.0.0)
    • yaimgridpath_append LD_LIBRARY_PATH /usr/local/lib

  • To run correctly wmproxy add to file /opt/glite/yaim/functions/config_glite_wms (for libfcgi* and libtar)
    • yaimgridpath_append LD_LIBRARY_PATH /opt/fcgi/lib
    • yaimgridpath_append LD_LIBRARY_PATH /opt/libtar/lib

Configure

  • /opt/glite/yaim/bin/yaim -c -s site-info.def -n WMS

Post Configure
  • Install voms certificate:
    • rpm -ihv lcg-vomscerts-4.6.0-1.noarch.rpm

NOTE:
  • /opt/glite/bin/glite-lb-interlogd doesn't exit with a "/opt/glite/etc/init.d/glite-lb-locallogger stop" you need "Kill -9"
  • you need to configure LBServer = {":9000"}; on glite_wms.conf
  • /opt/glite/bin/glite_wms_wmproxy_dirmanager is bugged due to libtar link (Bug under investigation by Maraska)
  • chmod 4555 /opt/glite/bin/glite_wms_wmproxy_dirmanager (Bug under investigation by Maraska)
  • use the correct glite-wms-purger.cron script
  • set the right value HostProxyFile = "${GLITE_LOCATION_VAR}/wms.proxy"; on glite_wms.conf
  • install rpm -ihv lcg-expiregridmapdir-2.0.0-1.noarch.rpm and fix lcg-expiregridmapdir cron job (with the correct path)
  • install glite-wms-wmproxy-logrotate.cron and set its conf file
  • add MaxOutputSandboxSize = -1; to glite_wms.conf

Installing the new gridftp server (vdt1.6)

  • Install these rpms:
    • vdt_globus_data_server-VDT1.6.0x86_rhas_4-3.i386.rpm
    • glite-security-lcas-lcmaps-gt4-interface-0.0.13-2.slc4.i386.rpm
    • glite-security-lcas-1.3.7-1.slc4.i386.rpm
    • glite-security-lcas-plugins-voms-1.3.4-3.slc4.i386.rpm
    • glite-security-lcas-interface-1.3.6-2.slc4.i386.rpm
    • glite-security-lcas-plugins-basic-1.3.2-2.slc4.i386.rpm

  • Remove edg-mkgridmap from the cron.d dir

  • Add the proper VO entry in the /etc/grid-security/grid-mapfile, e.g.:
"/dteam/Role=lcgadmin/Capability=NULL" .dteamsgm
"/dteam/Role=lcgadmin" .dteamsgm
"/dteam/Role=production/Capability=NULL" .dteamprd
"/dteam/Role=production" .dteamprd
"/dteam/Role=NULL/Capability=NULL" .dteam
"/dteam" .dteam
"/dteam/*" .dteam
  • Add the proper VO entry in the /etc/grid-security/groupmapfile, e.g.:
"/dteam/Role=lcgadmin/Capability=NULL" dteamsgm
"/dteam/Role=lcgadmin" dteamsgm
"/dteam/Role=production/Capability=NULL" dteamprd
"/dteam/Role=production" dteamprd
"/dteam/Role=NULL/Capability=NULL" dteam
"/dteam" dteam
/dteam dteam
/dteam/* dteam
  • Configure the gridftp server:
    • Run /opt/glite/sbin/gt4-interface-install.sh install (it creates /etc/grid-security/gsi-authz.conf)
    • Touch the file /opt/glite/etc/lcas/ban_users.db
    • Create the file /opt/glite/etc/lcas/lcas.db e.g.:
pluginname=lcas_userban.mod,pluginargs=/opt/glite/etc/lcas/ban_users.db
pluginname=lcas_voms.mod,pluginargs="-vomsdir /etc/grid-security/vomsdir -certdir /etc/grid-security/certificates -authfile /etc/grid-security/grid-mapfile -authformat simple -use_user_dn"
    • Create the file /opt/glite/etc/lcmaps/lcmaps.db.gridftp e.g.:
path = /opt/glite/lib/modules
posix_enf = "lcmaps_posix_enf.mod"
" -maxuid 1"
" -maxpgid 1"
" -maxsgid 32"

good = "lcmaps_dummy_good.mod"

localaccount = "lcmaps_localaccount.mod"
" -gridmapfile /etc/grid-security/grid-mapfile"

poolaccount = "lcmaps_poolaccount.mod"
" -override_inconsistency"
" -gridmapfile /etc/grid-security/grid-mapfile"
" -gridmapdir /etc/grid-security/gridmapdir"

vomslocalgroup = "lcmaps_voms_localgroup.mod"
" -groupmapfile /etc/grid-security/groupmapfile"
" -mapmin 1"

vomspoolaccount = "lcmaps_voms_poolaccount.mod"
" -gridmapfile /etc/grid-security/grid-mapfile"
" -gridmapdir /etc/grid-security/gridmapdir"
" -override_inconsistency"

verify_proxy = "lcmaps_verify_proxy.mod"
" -certdir /etc/grid-security/certificates"
" --only-post-verify-checks"

# policies
voms:
vomslocalgroup -> vomspoolaccovomspoolaccount -> posix_enf

standard:
localaccount -> posix_enf | poolaccount
poolaccount -> posix_enf
  • To start the service:
    • export LCMAPS_DB_FILE=/opt/glite/etc/lcmaps/lcmaps.db.gridftp
    • /opt/globus/sbin/globus-gridftp-server -p 2811 -l /var/log/gridftp.log -S

Remove old gridftp service

  • rpm -e --nodeps glite-wms-thirdparty-globus_gridftp_server
  • rpm -e --nodeps edg-mkgridmap

  • rpm -e perl-Crypt-SSLeay perl-DateManip perl-IO-Socket-SSL perl-LDAP perl-Net-SSLeay perl-Term-ReadKey perl-XML-DOM perl-XML-RegExp
  • rpm -e perl-Convert-ASN1 perl-XML-NamespaceSupport perl-XML-SAX

-- AlessioGianelle - 03 Oct 2007

Edit | Attach | PDF | History: r57 | r5 < r4 < r3 < r2 | Backlinks | Raw View | More topic actions...
Topic revision: r3 - 2007-10-04 - AlessioGianelle
 
  • Edit
  • Attach
This site is powered by the TWiki collaboration platformCopyright © 2008-2022 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback