middleware:Gat/20

From Dgiref

Introduction

The Grid Application Toolkit (GAT) is the kernel technology, which has been developed during the Gridlab project. It's mainly developed at the Albert-Einstein-Institute / Max-Plank-Institute for Gravitational Physics and at the Center for Computation and Technology at the Louisana State University, and provides a simple API to several grid applications, which enables to decouple simple applications from the dynamic structure of the grid.

GAT can be used either as a part for new class of grid application, or it allows to extend already existing grid applications, and is not about replacing already developed infrastructure, but to provide a simple, clear interface which can be used with many different infrastructures as different versions of Globus, gLite or Unicore etc.

Simplified gat/saga architecture

The main philosphy behind the GAT could be briefly described as follows:

The GAT engine loads adaptors which are valid in the environment extant when the application starts
The GAT adaptors try to do Grid operations on request, on failure another adaptor provided function may be called.
The client application
- makes GAT API calls for operations which may be Grid-related.
- links against the GAT Engine
- runs irrespective of actual underlying infrastructure deployment
- be compiled, linked and tested without any Grid services, the same application executable can run in a full Grid environment

GAT provides adaptors for Globus (GRAM as WSGRAM), gLite, Unicore 6, PBS, SGE, and also so-called local adaptors. The availability of the local adaptors is quite helpful during the development phase, because they enable testing the program logic without having access to the Grid.

Package: JavaGat 2.0
os: Scientific Linux version 5.3 64 bit

manuals: install JavaGAT 2.0 / Grid adaptors

Information links

Download links

Please open a NGI-DE ticket if you experience any Installation or Configuration problem.

JavaGAT v.2.0

Prepare

Java >= 1.6 (with Java 1.5 not all sensors are working)
ant = 1.7

JAVA_HOME environment variable should point into the current Java 1.6 instance.

administrator's script: prepare.sh

```
 
```
```
#!/bin/sh
```
```
# prepare for JavaGAT 
```
```
yum -y install java
```

#------------------------------------------------------ install SUN java

wget -O ${path_workdir}/jdk-6u16-linux-x64.bin ${BASE_URL}/misc/jdk-6u16-linux-x64.bin

chmod +x ${path_workdir}/jdk-6u16-linux-x64.bin

```
cd ${path_workdir}
```
```
./jdk-6u16-linux-x64.bin
```

rm ${path_workdir}/jdk-6u16-linux-x64.bin

```
 
```
```
# link to the /opt/java
```
```
rm /usr/java/latest
```
```
ln -s ${path_java} /usr/java/latest 
```
```
rm -f /etc/alternatives/java
```

ln -s ${path_java}/bin/java /etc/alternatives/java

ln -s ${path_java}/ /etc/alternatives/jdk

```
 
```
```
# test after restart bash session
```
```
java -version
```

#------------------------------------------------------ install ant

wget -O ${path_workdir}/apache-ant-1.7.1-bin.tar.gz ${BASE_URL}/globus/2009.2/apache-ant-1.7.1-bin.tar.gz

tar -C ${path_workdir} -xvzf ${path_workdir}/apache-ant-1.7.1-bin.tar.gz

```
 
```
```
# Symlinks for the ant executable
```

ln -s ${path_ant}/bin/ant /etc/alternatives/ant

ln -s ${path_ant}/ /etc/alternatives/anthome

ln -s /etc/alternatives/ant /usr/bin/ant

```
 
```
```
# test after restart bash session
```
```
ant -version
```

#------------------------------------------------------ install ant

Install

Download the source package
Unzip into the /opt directory
Setup GAT_LOCATION environment variable

To install only the GAT engine or the adaptors, build them separately.

before starting the build, please ensure that the environment variable $GAT LOCATION points to the parent directory of GAT.
to build the engine, change to the directory $GAT LOCATION/engine, and enter ant

to build the adaptors, change to the $GAT LOCATION/adaptors, and enter ant.

administrator's script: install.sh

```
 
```
```
#!/bin/sh
```
```
# install JavaGAT 
```
```
# Set BASE_URL link
```

BASE_URL="http://mirror.scc.kit.edu/downloads/src/gat/2010.1"

```
PACKAGE_VERSION="gat-astro" 
```
```
PACKAGE_NAME=${PACKAGE_VERSION}".tgz"
```
```
DIR_WORK="/opt/gat"
```
```
DIR_TMP="/tmp"
```

GAT_ENV="/usr/local/bin/gat-env-setup.sh"

```
 
```
```
# Download packages: 
```

wget -O ${DIR_TMP}/${PACKAGE_NAME} ${BASE_URL}/${PACKAGE_NAME}

```
 
```
```
# Install
```
```
mkdir ${DIR_WORK}
```

tar -zxvf ${DIR_TMP}/${PACKAGE_NAME} -C ${DIR_WORK}

```
rm -rf ${DIR_TMP}/${PACKAGE_NAME}
```
```
 
```
```
cd ${DIR_WORK}
```
```
 
```
```
# Setup GAT_LOCATION
```
```
if [ ! -f ${GAT_ENV} ];
```
```
then
```

    echo "export GAT_LOCATION=${DIR_WORK}" > ${GAT_ENV}

```
fi
```

# The file should be marked as executable:

```
chmod +x ${GAT_ENV}
```

#In order to execute this script for every user automatically, link in the directory /etc/profile.d as follows:

```
ln -s ${GAT_ENV} /etc/profile.d
```

Configure

Run ant command into the $GAT_LOCATION directory
to build the Command Line Interfaces (CLI) GATJobRun and GATFileOps, additional steps are required:
- download the GATJobRun and GATFileOps packages
- run ant -f build-standalone.xml into the appropriate directory

administrator's script: configure.sh

```
 
```
```
#!/bin/sh
```
```
# configure JavaGAT 
```
```
export GAT_LOCATION=$DIR_WORK
```
```
cd $DIR_WORK
```
```
# call ant
```
```
ant
```
```
 
```
```
# configure GATJobRun
```

cd $DIR_WORK/astrogrid-packages/GATJobRun/

```
ant -f build-2.0.xml
```
```
 
```
```
# configure GATFileOps
```

cd $DIR_WORK/astrogrid-packages/GATFileOps/

```
ant -f build-standalone.xml
```

Proceed

the entry point to GATJobRun is the script gat-job-run which is located in the directory $GAT_LOCATION/astrogrid-packages/GATJobRun/scripts.
the entry point to GATFileOps is the script gat-file-operation which is located in the directory $GAT_LOCATION/astrogrid-packages/GATFileOps/scripts.

It is recommended to add this directory to the PATH environment variable, to enable an easy usage from everywhere directory in your system.

administrator's script: proceed.sh

```
 
```
```
#!/bin/sh
```

# operating with GATJobRun and GATFileOps

# add GATJobRun/scripts GATFileOps/scripts into the PATH environment variable

PATH=$PATH:$GAT_LOCATION/astrogrid-packages/GATJobRun/scripts

```
# run gat-job-run
```
```
gat-job-run
```
```
 
```

PATH=$PATH:$GAT_LOCATION/astrogrid-packages/GATFileOps/scripts

```
# run gat-file-operation
```
```
gat-file-operation
```

JavaGAT adaptors

Globus Toolkit

To use the GAT Globus Tookit adaptors, do the following:

locate the personnel certificates files userkey.pem and usercert.pem in the directory $HOME/.globus
locate the host certificates of the Grid hosts you like to access in the directory $HOME/.globus/certificates.
create a proxy certificate with $GAT LOCATION/bin/grid-proxy-init.
The dataset $HOME/.globus/cog.properties should exists and to be like:

cat $HOME/.globus/cog.properties
 
#Java CoG Kit Configuration File
#usercert: The path to the file containing your dgrid certificate.
usercert=/home/dgdt0000/.globus/usercert.pem
# userkey: The path to the file containing your Grid key.
userkey=/home/dgdt0000/.globus/userkey.pem
# proxy: The name under which your proxy certificate which you create with grid-proxy-init is stored.
proxy=/tmp/x509up_u1000
#cacert: The path of the directory, which contains the host certificates.
#cacert=/etc/grid-security/certificates
cacert=/home/dgdt0000/.globus/cog-certificates

gLite

Regarding security, the gLite adaptor behaves mostly like Globus. The difference between Globus Tookit and gLite, is that instead of an entirely self-signed proxy, gLite uses so-called VOMS proxies for authentication and authorization.

locate the personnel certificates files userkey.pem and usercert.pem in the directory $HOME/.globus
locate the host certificates of the Grid hosts you like to access in the directory $HOME/.globus/certificates.
The dataset $HOME/.globus/cog.properties should exists and to be like:

cat $HOME/.globus/cog.properties
 
#Java CoG Kit Configuration File
#usercert: The path to the file containing your dgrid certificate.
usercert=/home/dgdt0000/.globus/usercert.pem
# userkey: The path to the file containing your Grid key.
userkey=/home/dgdt0000/.globus/userkey.pem
# proxy: The name under which your proxy certificate which you create with grid-proxy-init is stored.
proxy=/tmp/x509up_u1000
#cacert: The path of the directory, which contains the host certificates.
#cacert=/etc/grid-security/certificates
cacert=/home/dgdt0000/.globus/cog-certificates

To be able to make the VOMS-proxy request on behalf of the user, the gLite adaptor needs to know a few additional pieces of data:

The name of the VO for which the user wants to obtain a credential (e.g. dgtest)
The endpoint of the VOMS server webservice (this address is usually different to the URL at which the VOMS admin can be accessed with a browser)
The port at which the VOMS server is listening to requests
The distinguished name (DN) of the VOMS Host. If you are unsure about this, you can usually find the information on the "Configuration" page in the VOMS admin server application.

An example configuration of all the necessary parameters for the gLite adaptor could look as follows:

GATContext context = new GATContext();
CertificateSecurityContext secContext =
        new CertificateSecurityContext(
                   new URI("/home/dgdt0000/.globus/userkey.pem"),
                   new URI("/home/dgdt0000/.globus/usercert.pem"),
                   "mysupersecretpwd");
Preferences globalPrefs = new Preferences();
globalPrefs.put("vomsServerURL", "skurut19.cesnet.cz");
globalPrefs.put("vomsServerPort", "7001");
globalPrefs.put("vomsHostDN", "/DC=cz/DC=cesnet-ca/O=CESNET/CN=skurut19.cesnet.cz");
globalPrefs.put("VirtualOrganisation", "voce");
context.addPreferences(globalPrefs);
context.addSecurityContext(secContext);

Unicore

The JavaGAT Unicore adaptor is based on HilA Therefore some HiLA specific configuration is necessary.

The path to this configuration file must be added as a definition while calling the Java VM with the -D flag, e.g.:

java -D/home/dgdt0000/unicore6.xml

Some notes to unicore6.xml:

The outcomeDirectory defines the directory where all the results are stored. The default is $HOME/.hila
The hila:registryconfig ag defines the security to be used (here d-grid.security), and the default registryURL: https://zam461.zam.kfa-juelich.de:9117/AWARE-GROW/services/Registry?res=default_registry
Under the bean name d-grid.security the security issues are defined. The constructor-arg value tag describes where security configuration can be found. This configuration file might look as follows:

unicore.wsrflite.ssl.keystore = /home/dgdt0000/certdir/alicert.jks
unicore.wsrflite.ssl.keypass = ******
unicore.wsrflite.ssl.keyalias = alip12cert

Example of the unicore6.xml configuration:

<?xml version="1.0" encoding="UTF-8"?>
<!-- This is the default unicore6.xml. HiLAFactory will
look for it on the classpath, if all else fails. -->
<!-- Use this file as an example unicore6.xml. -->
<beans xmlns:hila="http://www.unicore.eu/hila-unicore6">
<hila:unicore6grid id="grid" outcomeDirectory="file:${user.home}/.hila/data" config="#config" />
<hila-common:compositeconfig id="config" xmlns:hila-common="http://www.unicore.eu/hila-common">
<constructor-arg>
<list>
<hila:registryconfig
registryURL="https://zam461.zam.kfa-juelich.de:9117/AWARE-GROW/services/Registry?res=default_registry" grid="#grid"
securityProperties="#d-grid.security" />
</list>
</constructor-arg>
</hila-common:compositeconfig>
<bean name="d-grid.security" class="de.fzj.hila.implementation.unicore6.Unicore6SecurityProperties">
<constructor-arg value="/home/dgdt0000/.hila/d-grid.security" />
</bean>
</beans>

middleware:Gat/20

Contents

Introduction

JavaGAT v.2.0

Prepare

Install

Configure

Proceed

JavaGAT adaptors

Globus Toolkit

gLite

Unicore

Views

Personal tools

general

guidelines

reference installation

Search

internal

Toolbox