Bouchra RAHIM([email protected]) Joint EPIKH/EUMEDGRID-Support Event in Rabat Morocco, 30.05.2011
description
Transcript of Bouchra RAHIM([email protected]) Joint EPIKH/EUMEDGRID-Support Event in Rabat Morocco, 30.05.2011
www.epikh.eu
The EPIKH Project(Exchange Programme to advance e-Infrastructure Know-How)
Bouchra RAHIM([email protected])
Joint EPIKH/EUMEDGRID-Support Event in Rabat
Morocco, 30.05.2011
gLite UI Installation
gLite UI
• The access point to the glite Grid is the User Interface– This can be any machine where users have an account and
where their user certificate is installed• From a UI, a user can be authenticated and authorized to use the glite
Grid resources• It provides CLI tools to perform some basic Grid operations:
– list all the resources suitable to execute a given job;– submit jobs for execution;– cancel jobs;– retrieve the output of finished jobs;– show the status of submitted jobs;– retrieve the logging and bookkeeping information of jobs;– copy, replicate and delete files from the Grid;– retrieve the status of different resources from the Inforamtion
System
2
• The instructions provided in this presentation assume that you are going to use a machine with Scientific Linux 5.4 installed.
– Virtual Machine image (GILDA VM Base_SLC5.4_x86_64) available at:https://gilda.ct.infn.it/VirtualServices.html
3
Preliminaries
5
System requirements
• Check if exists the ntp service otherwise install that:yum install ntp
• Check that public machine name is NOT an alias for “localhost”, but appears on a line by its own, like in the following:
• Please check:– If you have a valid hostname
– To verify, type: hostname -f– To edit the hostname:
• Disable Selinux: make sure /etc/selinux/config contains line:
• REBOOT your server, for changes to take effect
vim /etc/hostname vim /etc/sysconfig/network hostname <pc_name> service network restart
vim /etc/hostname vim /etc/sysconfig/network hostname <pc_name> service network restart
root# cat /etc/hosts
213.92.16.191 servername.some.domain.org servername
127.0.0.1 localhost.localdomain localhost
root# cat /etc/hosts
213.92.16.191 servername.some.domain.org servername
127.0.0.1 localhost.localdomain localhost
SELINUX=disabled SELINUX=disabled
• Disable automatic yum update:
– chkconfig yum off ; service yum stop
• Similarly disable other useless services (sendmail, pcmcia, isdn,...): see for example http://wiki.eumedgrid.eu/twiki/bin/view/InfrastructureStatus/SiteSecurityAndPerformance
• Cleanup yum cache:
– yum clean all
• Download list of important packages from CIC portal, https://cic.gridops.org/index.php?section=vo&vo=eumed see section “Other requirements” and save to a file, then issue command:
– cat <file.txt> | xargs -i yum -y install {}
6
System requirements (2/2)
7
Repository settings
• Specify the mrepo host:export MREPO=http://repo.magrid.ma/yumrepo/glite32
• Configure the repository as follows:REPOS="dag glite-GENERIC lcg-CA glite-UI"
• Get repositories with:for name in $REPOS;do wget $MREPO/$name.repo -O /etc/yum.repos.d/$name.repo; done
• Install CAs (this need to be done for ANY profile):
yum install lcg-CA ca-policy-egi-core ca-policy-lcg
• Glite UI Metapackage installation:
yum groupinstall glite-UI– we use groupinstall command to install all the packages for
the glite-UI group of packages, read from the comps.xml file on the repo server.
– glite-UI: all the software needed to install and run a gLite User Interface, yaim-utilities for the configuration of the UI, libraries, and all the CLI tools to interact with the gLite Grid services.
8
YUM install
9
site-info.def
• All the configuration samples files are located in /opt/glite/yaim/examples/siteinfo directory
• it’s better to make a copy of the original files
• Open your own site-info.def and customize it:
vi /opt/glite/yaim/etc/siteinfo/site-info.defvi /opt/glite/yaim/etc/siteinfo/site-info.def
mkdir /opt/glite/yaim/etc/siteinfo/
cp /opt/glite/yaim/examples/siteinfo/site-info.def /opt/glite/yaim/etc/siteinfo/site-info.def
mkdir /opt/glite/yaim/etc/siteinfo/
cp /opt/glite/yaim/examples/siteinfo/site-info.def /opt/glite/yaim/etc/siteinfo/site-info.def
https://twiki.cern.ch/twiki/bin/view/LCG/Site-info_configuration_variables#UI
BDII_HOST=bdii.eumedgrid.eu (or your own if you have one)WMS_HOST=wms-01.eumedgrid.eu (or your own if you have one)LB_HOST=wms-01.eumedgrid.eu (or your own if you have one)PX_HOST=myproxy.ct.infn.itLFC_HOST=lfc.ulakbim.gov.tr (or your own if you have one)DPM_HOST=torik1.ulakbim.gov.tr (or your own if you have one)
10
EUMED Settings - Setup site-info.def
Add EUMED Settings
VOS="eumed" Add eumed hereVO_EUMED_SW_DIR=$VO_SW_DIR/eumed
VO_EUMED_DEFAULT_SE=$SE_HOST
VO_EUMED_STORAGE_DIR=$CLASSIC_STORAGE_DIR/eumed
VO_EUMED_VOMS_SERVERS="'vomss://voms2.cnaf.infn.it:8443/voms/eumed?/eumed' 'vomss://voms-02.pd.infn.it:8443/voms/eumed?/eumed'"
VO_EUMED_VOMSES="'eumed voms2.cnaf.infn.it 15016 /C=IT/O=INFN/OU=Host/L=CNAF/CN=voms2.cnaf.infn.it eumed' 'eumed voms-02.pd.infn.it 15016 /C=IT/O=INFN/OU=Host/L=Padova/CN=voms-02.pd.infn.it eumed'"
VO_EUMED_VOMS_CA_DN="'/C=IT/O=INFN/CN=INFN CA' '/C=IT/O=INFN/CN=INFN CA'"
VO_EUMED_WMS_HOSTS="wms-4.dir.garr.it wms.ulakbim.gov.tr wms-01.eumedgrid.eu wms.grid.arn.dz rb-eugrid.eri.sci.eg“
!Make sure to comment VO_<vo_name>...
11
Add EUMED Settings-users
• Add following lines to users.conf file pointed to by variable USERS_CONF in your siteinfo.def file– 3101:eumed001:2418:eumed:eumed::– 3102:eumed002:2418:eumed:eumed::– 3103:eumed003:2418:eumed:eumed::– 3104:eumed004:2418:eumed:eumed::– 3105:eumed005:2418:eumed:eumed::– …..– 3201:sgmeumed001:2419,2418:sgmeumed,eumed:eumed:sg
m:– 3202:sgmeumed002:2419,2418:sgmeumed,eumed:eumed:sg
m:– 3203:sgmeumed003:2419,2418:sgmeumed,eumed:eumed:sg
m:
See ftp://repo.magrid.ma/pub/GridSchoolConfFiles/Location, Meeting title, dd.mm.yyyy 12
Add EUMED Settings-groups
• Add following lines to groups file pointed to by variable GROUPS_CONF in your site-info.def
– "/eumed/ROLE=SoftwareManager":::sgm:– “/eumed"::::
– See ftp://repo.magrid.ma/pub/GridSchoolConfFiles/
Location, Meeting title, dd.mm.yyyy 13
14
Configuring UI• Update the date (ftp://repo.magrid.ma/pub/GridSchoolConfFiles/)
configure ntp : /etc/ntp.conf , /etc/ntp/step-tickers
/etc/init.d/ntpd stop
ntpdate ntp.marwan.ma
/etc/init.d/ntpd start
• Disable iptables
• service iptables stop
• Chkconfig iptables off
• Configure the UI with YAIM (To check the syntax : source <path_to_siteinfo>/site-info.def )
/opt/glite/yaim/bin/yaim -c -s <path_to_siteinfo>/site-info.def -n glite-UI
• If everything is ok, the UI is now READY for testing
YAIM does not configure the LFC_HOST variable; please edit the file
/opt/glite/etc/profile.d/grid-env.sh and add the following for eumed:
gridenv_set "LFC_HOST" "lfc.ulakbim.gov.tr"gridenv_set "LFC_HOST" "lfc.ulakbim.gov.tr"
15
[root@pc01 ~]# adduser grid01
[root@pc01 ~]# mkdir /home/grid01/.globus
[root@pc01 ~]# cp /root/user_cert/usercert.pem /home/grid01/.globus/usercert.pem
[root@pc01 ~]# cp /root/user_cert/userkey.pem /home/grid01/.globus/userkey.pem
[root@pc01 ~]# chown grid01 /home/grid01/.globus/usercert.pem
[root@pc01 ~]# chown grid01 /home/grid01/.globus/userkey.pem
[root@pc01 ~]# chmod 400 /home/grid01/.globus/userkey.pem
[root@pc01 ~]# su – grid01
[grid01@pc01 ~]$ voms-proxy-init --voms eumed
Enter GRID pass phrase: [grid2011]
Your identity: /C=MA/O=MaGrid/OU=CNRST/CN=Grid School
Creating temporary proxy .................................................................
....................................... Done
Contacting voms2.cnaf.infn.it:15016 [/C=IT/O=INFN/OU=Host/L=CNAF/CN=voms2.cnaf.infn.it] "eumed" Done
Creating proxy ........................................................................................ Done
Your proxy is valid until Sun May 29 04:25:35 2011
[root@pc01 ~]# adduser grid01
[root@pc01 ~]# mkdir /home/grid01/.globus
[root@pc01 ~]# cp /root/user_cert/usercert.pem /home/grid01/.globus/usercert.pem
[root@pc01 ~]# cp /root/user_cert/userkey.pem /home/grid01/.globus/userkey.pem
[root@pc01 ~]# chown grid01 /home/grid01/.globus/usercert.pem
[root@pc01 ~]# chown grid01 /home/grid01/.globus/userkey.pem
[root@pc01 ~]# chmod 400 /home/grid01/.globus/userkey.pem
[root@pc01 ~]# su – grid01
[grid01@pc01 ~]$ voms-proxy-init --voms eumed
Enter GRID pass phrase: [grid2011]
Your identity: /C=MA/O=MaGrid/OU=CNRST/CN=Grid School
Creating temporary proxy .................................................................
....................................... Done
Contacting voms2.cnaf.infn.it:15016 [/C=IT/O=INFN/OU=Host/L=CNAF/CN=voms2.cnaf.infn.it] "eumed" Done
Creating proxy ........................................................................................ Done
Your proxy is valid until Sun May 29 04:25:35 2011
Testing UI
Testing UI for GILDA
• OtherTests:
Copy a jdl file:
Password [grid01]
Submit a job:
16
scp [email protected]:/home/grid01/hostname.jdl .scp [email protected]:/home/grid01/hostname.jdl .
lfc-ls /gridlfc-ls /grid
glite-wms-job-submit -a –o jobid hostname.jdl glite-wms-job-submit -a –o jobid hostname.jdl
• For the real installation you have to export you personal certificate from web browser to the UI and than have a look at the following: ATTENTION USE eumed INSTEAD gilda
• Certificate management:
https://grid.ct.infn.it/twiki/bin/view/GILDA/HowToConvertPkcs12ToPem
• Voms creation with extentions
https://grid.ct.infn.it/twiki/bin/view/GILDA/AuthenticationAuthorization#Creation_of_a_proxy_with_voms_ex
• Job Submission
https://grid.ct.infn.it/twiki/bin/view/GILDA/SimpleJobSubmission
• Data Management
https://grid.ct.infn.it/twiki/bin/view/GILDA/DataManagement
17
Testing UI for EUMED Installation
18
References
INFNGrid installation http://igrelease.forge.cnaf.infn.it/doku.php?id=doc:guides:install-3_2
EUMED wiki for system administrators: http://wiki.eumedgrid.eu/twiki/bin/view/InfrastructureStatus/EumedSiteInstallation