data:Ogsadai/2.2/server

From Dgiref

See also troubleshooting for this page.

Please open a NGI-DE ticket if you experience any Installation or Configuration problem.

OGSA-DAI

Prepare

Operating system: Scientific Linux v.5.4 64 bit

Optimizing the configuration: 

Use minimal operating system installation without firewall.
To verify installed packages use the command 
rpm -qa | grep package_name
Install the following additional packages:
yum -y install wget yum rpm make gcc gcc-c++ tar sed zlib openssl
After the installation is complete, turn off any unnecessary services (like gpm, sendmail, cups, haldaemon, messagebus, pcmcia, anacron, atd) with the following command: 
chkconfig <SERVICE> off

Configure the following settings for the server:

Additional Software

the Globus_toolkit prerequisites:
- without Torque client
- java-1_6_0-sun (not fully compatible with java-1_6_0-ibm)
- DBMS (MySQL 5, PostgreSQL or Oracle)
- There is specially prepared Globus binary version for OGSA-DAI which was designed to run on 64 bit SL 4 platforms.
JDBC driver
- MySQL versions 3.1.6 and 5.0.6
- PostgreSQL version 8.1-407 (JDBC2)
- Oracle version 1.4

WARNING: 
Oracle is not fully supported at the moment. If you use Oracle, you need to setup the user accounts and databases for VOs manually. 
The user accounts and databases have to match the settings as they are defined withing the 'SiteConfigure.properties' file.

To make all libraries from ant available do the following as root:
su - cd /usr/share/ant/lib ln -s /usr/share/java/ant.jar ant.jar ln -s /usr/share/java/ant-launcher.jar ant-launcher.jar

Firewall configuration

The GT4 frontend runs GRAM + MDS + GridFTP + RFT services (how to open port in firewall).

Service	Incoming ports (TCP)	Change to default default
GRAM (GT2)	2119	No
GRAM (GT2)	20000-25000	Yes
WS-GRAM	8443	No
WS-GRAM	20000-25000	Yes
WS-MDS	8443	No
GridFTP	2811	No
GridFTP	20000-25000	Yes
RFT	8443	No

administrator's script: prepare.sh

```
 
```
```
#!/bin/bash
```

# prepare ogsadai server for installation

# All commands in this script execute as ROOT user

```
 
```

# SECTION 1. Declare the variables ------------

```
# Database specific configurations
```

BASE_URL="http://mirror.scc.kit.edu/downloads/src"

yum_mysql_packages="mysql-server mysql-client mysql-jdbc"

yum_postgres_packages="postgresql postgresql-jdbc2 postgresql-libs postgresql-server"

yum_oracle_packages="oracle	oracle-jdbc"

# PACKAGE_JDBC= Dependent from $database_name. Possible choice:

# ["mysql-connector-java-5.0.8-bin.jar", "postgresql-8.0-314.jdbc2.jar"]

PACKAGE_JDBC="mysql-connector-java-5.0.8-bin.jar"

```
 
```

# SECTION 2. Install Globus Tookit ------------

```
# instead of:
```
```
# - java-1.6 use jdk-1.5.0_16 
```

# - $GLOBUS_PACKAGE use "Lrz_SL45-Java5-noWSGRAM-gt4.0.8_binary-x86_64-unknown-linux-gnu-bin.tar.gz"

# Please refer to the Globus Toolkit 4.0.8 server installation manual

```
# execute prepare and install parts
```
```
 
```
```
# SECTION 3. Install DBMS ------------
```

# Database Management system: (choose one of them)

# yum_db_package; Dependent from $database_name. Possible choice:

# [$yum_mysql_packages, $yum_postgres_packages, $yum_oracle_packages]

```
yum_db_package=$yum_mysql_packages
```

# install mysql 5 packages if available

```
yum -y install ${yum_db_package}
```
```
# or use dgiref repository:
```

# wget http://mirror.scc.kit.edu/downloads/repositories/mysql/MySQL-server-community-5.0.83-0.rhel4.x86_64.rpm

# wget http://mirror.scc.kit.edu/downloads/repositories/mysql/MySQL-client-community-5.0.83-0.rhel4.x86_64.rpm

# wget http://mirror.scc.kit.edu/downloads/repositories/mysql/MySQL-shared-community-5.0.83-0.rhel4.x86_64.rpm

```
# rpm -ihv MySQL*.rpm
```
```
 
```

# SECTION 4. Download a JDBC database driver ------------

```
###
```

# Finally you have to download a JDBC database driver, according to the database management system,

```
# installed at your site. 
```

# A list of download URLs for the supported database systems can be

# http://www.ogsadai.org.uk/documentation/ogsadai3.0/ogsadai3.0-gt/DataResourceProducts.html.

# For MySQL and PostgreSQL we provide a direct download of tested drivers.

# Place the JDBC driver jar file, which fits your installed database system, under $GLOBUS_LOCATION/lib.

```
cd $GLOBUS_LOCATION/lib/
```

wget ${BASE_URL}/ogsadai/${PACKAGE_JDBC}

```
# start mysql server
```
```
chkconfig mysql on
```
```
service mysql restart
```
```
# test mysql connection: 
```
```
# mysql -u root -p
```

Install

To provide OGSA-DAI, you need to install the Globus Toolkit middleware. The Globus toolkit installation instructions are available here.

The uniqueness of this special Globus version is that the GRAM service has been removed. Therefore, in the Globus installation instructions you can ignore all PBS/Torque, Gatekeeper and GRAM related contents. All other steps must be performed without changes.

administrator's script: install.sh

```
 
```
```
#!/bin/bash
```
```
# install ogsadai server 
```

# All commands in this script execute as Globus user

```
su $user_globus
```

# SECTION 1. Declare the variables ------------

# Please insert your actual configuration

# BASE_URL="URL where the install packages are stored"

# PACKAGE_VERSION="version of the package"

```
# PACKAGE_OGSADAI="ogsadai-wsrf-2.2" 
```
```
# user_globus=globus
```
```
# WORK_DIR="working directory"
```
```
# load parameters from prepare section
```

BASE_URL="http://mirror.scc.kit.edu/downloads/src"

```
PACKAGE_VERSION="wsrf-2.2"
```

PACKAGE_OGSADAI="ogsadai-${PACKAGE_VERSION}"

# from here ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

```
user_globus=globus
```

WORK_DIR="/localhome/$user_globus"

# till here ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

```
 
```

# SECTION 2. Install the OGSA-DAI Web service ------------

# NOTE: The Globus Container may NOT run during the installation.

## 1. download Globus Web Service Container

```
cd $WORK_DIR
```

wget ${BASE_URL}/ogsadai/${PACKAGE_OGSADAI}-bin.tar.gz

```
 
```

## 2. Unpack to a directory of your choice, for example the home directory of the globus user,

```
# using the following command:
```
```
 
```
```
tar xfvz ${PACKAGE_OGSADAI}-bin.tar.gz
```
```
 
```
```
## 3. Install
```

# Now change into the subdirectory 'ogsadai-${PACKAGE_VERSION}' and execute the following command:

```
 
```
```
cd ${PACKAGE_OGSADAI}
```

ant install -Ddai.container=$GLOBUS_LOCATION

# Now all OGSA-DAI libraries are copied to '$GLOBUS_LOCATION/lib'.

```
 
```

# SECTION 3. deployed at the Globus container ------------

# Subsequently, the OGSA-DAI Web service will be deployed at the Globus container.

# To do so execute the following command:

```
 
```

ant deployService -Ddai.container=$GLOBUS_LOCATION -Ddai.service.name=ogsadai/DataService

# Now the OGSA-DAI Web service is available at the URL

#<protocol>://<host:port>/wsrf/services/ogsadai/DataService

Configure

The following database setup assumes that the database is located on the same machine as the Globus container by default. If this is not the case, the admin user mentioned in the properties file below must be allowed to access the database server from the OGSA-DAI host. Standard database admin users e.g. root, are only allowed to access the database from 'localhost'. For detailed explanation on changing user privileges for your database system please consult the database documentation.

To see how to update the user mappings please refer to the section 'Grid-mapfile update' and the cfengine setup.

To configure the OGSA-DAI service do the following:

Download SecurityExtensions.jar
Download SiteConfigure.properties to the OGSA-DAI Server.
1. Adjust the settings inside the file depending on the conditions of your site.
2. Pay attention to the comments within the file. The VO related settings should, where possible, remain unchanged.
Download setupSite.sh
1. When all settings are taken download setupSite.sh to your OGSA-DAI Server, too.
2. Then change the umask
3. start the setupSite.sh script with the following parameters:
  - Select one of the database types (MySQL, PGSQL or Oracle), using the '--type' command line switch. The value of this option depends on the database system installed at your site. Other data resource types are currently not supported by this tool. Please keep in mind the 'Oracle is not fully supported' by the tool, so the user setup is not carried out automatically!
  - The '--sp' command line switch must point to the 'SiteConfigure.properties' file adapted before.
Finally edit the file $GLOBUS_LOCATION/etc/ogsadai_wsrf/server-config.wsdd

Tool setupSite.sh performs the following steps:
Creating one database user per VO (not for Oracle)
Creating one database per VO (not for Oracle)
Deployment and publication of one data resource per VO
MDS 4 registry activation for each data resource
Setting up the global Rolemap for access authorization depending on VO membership

It is assumed that all VOs use the same database system. For individual settings modifications to the available data resources are necessary. By default OGSA-DAI only uses Transport Level Security (TLS). For running on D-Grid OGSA-DAI needs to be configured with full security support (Message Level Security (MLS))

administrator's script: configure.sh

```
 
```
```
#!/bin/bash
```
```
# configure ogsadai server
```

# All commands in this script execute as Globus user

```
su $user_globus
```

# SECTION 1. Declare the variables ------------

# Please insert your actual configuration

# BASE_URL="URL where the install packages are stored"

```
 
```

# PACKAGE_SecurityExtensions="SecurityExtensions.jar"

# PACKAGE_SiteConfigure="SiteConfigure.properties"

```
# PACKAGE_setupSite="setupSite.sh" 
```
```
# PACKAGE_sec_desc="sec_desc.xml"
```
```
 
```
```
# user_globus=globus
```

# database_name; Possible choice: [MySQL | PGSQL | Oracle]

# GLOBUS_LOCATION= path to globus instance

# OGSADAI_LOCATION=/localhost/globus/ogsadai-wsrf-2.2

# DBPORT=port for DBMS [MySQL:3306, PGSQL:5432, Oracle:1521]

# config_file=$GLOBUS_LOCATION/etc/ogsadai_wsrf/server-config.wsdd

# from here ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

```
GLOBUS_LOCATION=/usr/local/globus
```

OGSADAI_LOCATION=/localhome/globus/ogsadai-wsrf-2.2/

```
OGSADAI_HOST=localhost
```
```
 
```
```
user_globus=globus
```
```
database_name="MySQL" 
```
```
database_version="5.0.83" 
```
```
 
```
```
DBPORT=3306
```

# till here ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BASE_URL="http://mirror.scc.kit.edu/downloads/src"

```
 
```

PACKAGE_SecurityExtensions="SecurityExtensions.jar"

PACKAGE_SiteConfigure="SiteConfigure.properties"

```
PACKAGE_setupSite="setupSite.sh" 
```
```
PACKAGE_sec_desc="sec_desc.xml"  
```
```
 
```

config_file=$GLOBUS_LOCATION/etc/ogsadai_wsrf/server-config.wsdd

```
#-> start routine
```

chmod 777 /usr/local/globus/etc/ogsadai_wsrf

```
 
```
```
cd $GLOBUS_LOCATION/lib/
```
```
# Download SecurityExtensions.jar
```

wget ${BASE_URL}/ogsadai/${PACKAGE_SecurityExtensions}

```
# Download setupSite.sh
```

wget ${BASE_URL}/ogsadai/${PACKAGE_setupSite}

```
# Download SiteConfigure.properties
```

wget ${BASE_URL}/ogsadai/${PACKAGE_SiteConfigure}

```
# Configure SiteConfigure.properties
```
```
sed -i "/globus.location=/ c\
```

globus.location=${GLOBUS_LOCATION}" ${PACKAGE_SiteConfigure}

```
sed -i "/ogsadai.binary.directory=/ c\
```

ogsadai.binary.directory=${OGSADAI_LOCATION}" ${PACKAGE_SiteConfigure}

```
sed -i "/ogsadai.host=/ c\
```

ogsadai.host=${OGSADAI_HOST}" ${PACKAGE_SiteConfigure}

```
sed -i "/db.port=/ c\
```

db.port=${DBPORT}" ${PACKAGE_SiteConfigure}

```
sed -i "/db.host=/ c\
```

db.host=${OGSADAI_HOST}" ${PACKAGE_SiteConfigure}

```
sed -i "/db.admin=/ c\
```
```
db.admin=root" ${PACKAGE_SiteConfigure}
```
```
sed -i "/dai.product.name=/ c\
```

dai.product.name=${database_name}" ${PACKAGE_SiteConfigure}

```
sed -i "/dai.product.vendor=/ c\
```

dai.product.vendor=${database_name}" ${PACKAGE_SiteConfigure}

```
sed -i "/dai.product.version=/ c\
```

dai.product.version=${database_version}" ${PACKAGE_SiteConfigure}

```
 
```

# Then change the umask and start the script

```
chmod 755 ${PACKAGE_setupSite}
```

./${PACKAGE_setupSite} --type ${database_name} --sp ${PACKAGE_SiteConfigure}

```
 
```
```
# Download sec_desc.xml
```
```
cd $GLOBUS_LOCATION/etc/ogsadai_wsrf/
```

wget ${BASE_URL}/ogsadai/${PACKAGE_sec_desc}

```
 
```

# Finally edit the file $GLOBUS_LOCATION/etc/ogsadai_wsrf/server-config.wsdd and insert the

# following line before the </service> entry:

config_string="\  <parameter name=\"securityDescriptor\" value=\"${GLOBUS_LOCATION}/etc/ogsadai_wsrf/sec_desc.xml\"/\>"

```
 
```

if grep -q "securityDescriptor" $config_file;

```
then
```

    echo "configuration is already in $config_file"

```
else
```
```
sed -i "/\/service/ i\
```
```
${config_string} \
```
```
"     $config_file
```
```
fi
```
```
#<-end routine
```

Initial test

Testing general connectivity

The following steps must be executed as user 'globus'. The expected result should look as follows:

administrator's script: test.sh

```
 
```
```
#!/bin/bash
```
```
# test ogsadai server
```
```
su - globus
```

# Declare the variables section ------------

# Please insert your actual configuration

```
# PACKAGE_OGSADAI=ogsadai-wsrf-2.2
```

# OGSADAI_HOST=ogsadai host with the valid certificate

```
# WORK_DIR="working directory"
```

# from here ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

```
PACKAGE_OGSADAI=ogsadai-wsrf-2.2
```
```
OGSADAI_HOST=dgiref-ogsadai.fzk.de
```
```
WORK_DIR="/localhome/$user_globus"
```

# till here ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

```
# Testing general connectivity
```
```
cd ${WORK_DIR}/${PACKAGE_OGSADAI}/
```
```
source setenv.sh
```

grid-proxy-init -cert /etc/grid-security/containercert.pem -key /etc/grid-security/containerkey.pem

```
# Expected result
```

#Your identity: /C=DE/O=GermanGrid/OU= /CN=

#Creating proxy ............................ Done

```
#Your proxy is valid until: 
```
```
 
```

ant listResourcesClient -Ddai.url=https://${OGSADAI_HOST}:8443/wsrf/services/ogsadai/DataService

```
 
```
```
# Expected result
```
```
#Buildfile: build.xml
```
```
 
```
```
#setupClientSecurity:
```
```
 
```
```
#listResourcesClient:
```

#     [java] Service version: OGSA-DAI WSRF 2.2

```
#     [java] Number of resources: 17
```
```
#     [java] Resource: WisentResource
```
```
#     [java] Resource: HepcgResource
```
```
#     [java] Resource: DgcmsResource
```
```
#     [java] Resource: IngridResource
```
```
#     [java] Resource: GdigridResource
```

#     [java] Resource: AstrogridResource

#     [java] Resource: KerndgridResource

#     [java] Resource: LifescienceResource

```
#     [java] Resource: MedigridResource
```
```
#     [java] Resource: TextgridResource
```
```
#     [java] Resource: ProgridResource
```
```
#     [java] Resource: C3gridResource
```

#     [java] Resource: EducationResource

```
#     [java] Resource: DgtestResource
```

#     [java] Resource: PartnergridResource

```
#     [java] Resource: FingridResource
```
```
#     [java] Resource: BwgridResource
```
```
 
```
```
#BUILD SUCCESSFUL
```

Update

to uninstall OGSA-DAI, stop the Globus container and remove the files in:
- $GLOBUS_LOCATION/etc/ogsadai_wsrf
- $GLOBUS_LOCATION/share/schema/ogsadai
- $GLOBUS_LOCATION/lib/ogsadai*
if you want to cleanup all OGSA-DAI related content remember to recursively remove the directories ~globus/ogsadai-wsrf-2.2/
to reinstall OGSA-DAI uninstall OGSA-DAI and execute all installation and configuration steps again

administrator's script: update.sh

```
 
```
```
#!/bin/bash
```
```
# update ogsadai server 
```
```
 
```
```
# stop Globus container
```

su - globus -c "/usr/local/globus/sbin/globus-stop-container-detached"

```
 
```
```
# uninstall OGSA-DAI
```
```
rm $GLOBUS_LOCATION/etc/ogsadai_wsrf -R
```

rm $GLOBUS_LOCATION/share/schema/ogsadai -R

```
rm $GLOBUS_LOCATION/lib/ogsadai*
```
```
 
```
```
# cleanup all OGSA-DAI related content
```
```
rm -rf ~globus/ogsadai-wsrf-2.2/
```

data:Ogsadai/2.2/server

Contents

OGSA-DAI

Prepare

Install

Configure

Initial test

Update

Views

Personal tools

general

guidelines

reference installation

Search

internal

Toolbox