Introduction to the tutorial for site managers

FP6−2004−Infrastructures−6-SSA-026409

www.eu-eela.org

E-infrastructure shared between Europe and Latin America

Introduction to the tutorial for site managersTony CalanducciINFN – CataniaThird EELA Tutorial for Managers and UsersRio de Janeiro, 26-30 June 2006

Third EELA Tutorial, Rio de Janeiro, 26-30 June 2006FP6−2004−Infrastructures−6-SSA-026409


Outline

• Layout of the site managers tutorial

• Available servers

• Shared pre-requisite for gLite 3.0 services



Layout

• The installation, the configuration and the eventual troubleshooting of the gLite 3.0 services will be showed in real time by the tutors.

• After each service installation demonstration you will be able to re-install it by yourself– each couple of participants on its own assigned VM

• Due to the number of participants we are going to install gLite services onto VMware Virtual Machines– this will allow to have a bigger number of servers

for testing– easy to resume the initial status of the VM for the

following service re-installation (using the Snapshot manager feature of VMWare workstation)

– useful if you need to re-try the installation due to errors/mistakes/tests



Available servers

• 8 powerful servers have been installed locally to host 4

VMs each one (total 32 VMs)

• First 8 VMs (eelatut09-16.eela.if.ufrj.br) will be used by

the tutors during their demonstrations

• eelatut17-40.eela.if.ufrj.br are available for the re-installation of the showed service.– Machine Number assignment to each couple of student– After the end of one re-installation session, tutors will

resume VM status to the initial configuration

• One more server is available as gLite 3.0 repository to speed up the download of RPMs– gaia.if.ufrj.br local gLite 3.0 repository

Third EELA Tutorial, Rio de Janeiro, 26-30 June 2006 5FP6−2004−Infrastructures−6-SSA-026409


Access to the VMs

• Hostname : eelatutXX.eela.if.ufjr.browhere XX in [17-40]

• Username : root• Passwd: eelatut

• VMachines installed by the tutors:– eelatut09: User Interface

– eelatut10: VOMS Server, MyProxy Server

– eelatut11: BDII Server

– eelatut12: WMS+LB Server

– eelatut13: CE+WN Server

– eelatut14: SE DPM Server

– eelatut15: FTS Server

– eelatut16: R-GMA, AMGA Server5



gLite 3.0 software pre-requisites

Madrid, EELA Kick-off Meeting, 30.01.2006FP6−2004−Infrastructures−6-SSA-026409


Installation Pre-requisites

• Start from a fresh install of SLC 3.0.x• Verify that apt is installed and properly configured:

• rpm -qa | grep apt• Install apt if necessary:

• rpm -ivh http://linuxsoft.cern.ch/cern/slc30X/i386/SL/RPMS/apt-0.5.15cnc6-8.SL.cern.i386.rpm

• Java SDK is required to install almost any LCG/gLite grid service. Due to license issues, it is not found in the LCG repositories. So please download and install a release of Sun Java SDK >= 1.4.2_08 from http://java.sun.com/j2se/1.4.2/download.html– chmod +x j2sdk-1_4_2_10-linux-i586-rpm.bin

– ./j2sdk-1_4_2_10-linux-i586-rpm.bin

– rpm -ivh j2sdk-1_4_2_10-linux-i586.rpm

– Preparing... ########################################### [100%]

– 1:j2sdk ########################################### [100%]



Security pre-requisites

• Request a X509 host certificate for the gLite service you are going to install from a Certification Autority (CA). For example, to get host certificates from the GILDA CA, go to:– https://gilda.ct.infn.it/CA/mgt/restricted/srvreq.php

• Install host certificates (hostcert.pem and hostkey.pem) in /etc/grid-security.– chmod 644 hostcert.pem– chmod 400 hostkey.pem

• NB: you should find there already for you in the provided VMs

Madrid, EELA Kick-off Meeting, 30.01.2006 9FP6−2004−Infrastructures−6-SSA-026409


• If you plan to use certificates released by unsupported EGEE CA’s, be sure that their public key, signing policy and CRLs (usually distributed with an rpm) are installed in /etc/grid-security/certificates.– For the VO GILDA, the RPM is available from

https://gilda.ct.infn.it/RPMS/ca_GILDA-1.0-2.i386.rpm

• N.B.: The GILDA gLite customized version that we are going to install include already both GILDA and EELA RPMs

• Install the VOMS public certificate for the supported VOs– For the VO GILDA, the RPM is available from

https://gilda.ct.infn.it/RPMS/edg-voms-vo-gilda-1.0-0.noarch.rpm– For the VO EELA, the RPM is available from

https://gilda.ct.infn.it/RPMS/lcg-voms-vo-eela_1.0-0_noarch.rpm

Security pre-requisites (II)



Node Syncronization with NTP

• Syncronization among all gLite nodes is mandatory. It can be achieved by the NTP protocol with a time server

• Install ntp if not already available for your system:

– apt-get install ntp

• Add your time server in /etc/ntp.conf– restrict <time_server_IP_address> mask 255.255.255.255 nomodify notrap

noquery

– server <time_server_name> – (you can use ntp-1.infn.it – IP 193.206.144.10)

• Edit /etc/ntp/step-tickers adding your(s) time server(s) hostname

• If you are running a firewall, you will have to allow inbound comminication on the NTP port:

– -A INPUT -s <NTP-serverIP-1> -p udp --dport 123 -j ACCEPT

• Activate the ntpd service with the following commands: ntpdate <your ntp server name> service ntpd start chkconfig ntpd on

– You can check ntpd’s status with:

ntpq -p



YAIM Installation

• YAIM is a set of bash scripts used to install and easily configure the gLite middleware on the target machine

• Ensure you FQDN is properly set– hostname –f

• Find the latest YAIM and gilda_ig-yaim version at http://www.cern.ch/grid-deployment/gis/yaim/

• Download it using wget from– http://www.cern.ch/grid-deployment/gis/yaim/ – http://grid018.ct.infn.it/apt/gilda_app-i386/utils/

• Install using– rpm -ivh glite-yaim-latest.rpm – rpm -ivh gilda_ig-yaim-3.0.0-xx.noarch.rpm



Site Configuration File

• All the configuration values to sites have to be configured in a site configuration file using key-value pairs.

• This file is shared among all the different gLite node types. So edit once and keep it in a safe place

• Create a copy of /opt/glite/yaim/examples/site-info.def template (coming from the lcg-yaim RPM) to your reference directory for the installation (e.g. /root):– cp /opt/glite/yaim/examples/gilda_ig-site-info.def /root/my-site-info.def

• The general syntax of the file is a sequence of bash-like assignments of variables (<variable>=<value>, no spaces are allowed around =).

• A good syntax test for your site configuration file is to try to source it manually running the command:– source my-site-info.def



Middleware installation with YAIM

• We are ready to install the services:

• /opt/glite/bin/gilda_ig_install_node /root/my-site-info.def GILDA_ig_myServiceName

• This command will download and install all the needed packages.

• Now we can configure the node:

• /opt/glite/bin/gilda_ig_configure_node /root/my-site-info.def GILDA_ig_myServiceName

Third EELA Tutorial, Rio de Janeiro, 26-30 June 2006 14

FP6−2004−Infrastructures−6-SSA-026409


Any questions?

Thanks for the attention

Introduction to the tutorial for site managers

Documents

Transcript of Introduction to the tutorial for site managers