middleware:Glite/31/server
See also troubleshooting for this page.
Contents |
gLite server v.3.1
Prepare
- Software
- Scientific Linux version 4.8 32 bit
- Java JDK >= 1.6.0
- perl
- Torque Client
Optimizing the configuration:
Use minimal operating system installation without firewall. To verify installed packages use the command
-
rpm -qa | grep package_name
Install the following additional packages:
-
yum -y install wget yum rpm make gcc gcc-c++ tar sed zlib openssl
After the installation is complete, turn off any unnecessary services (like gpm, sendmail, cups, haldaemon, messagebus, pcmcia, anacron, atd) with the following command:
-
chkconfig <SERVICE> off
Configure the following settings for the server:
- Server Certificates for gLite CE
The supported installation method for SL4 is the yum tool, and you have to configure yum repositories yourself and install the meta packages using your preferred way.
 Please note that YAIM IS NOT SUPPORTING INSTALLATION |
- Download the following repo files into the /etc/yum.repo.d:
- jpackage.repo
- lcg-CA.repo
- lcg-CE.repo
- glite-TORQUE_utils.repo
- Firewall configuration
The LCG/gLite frontend runs the LCG CE and Site-BDII services. To enable the communication, check the following ports (how to open port in firewall):
| Service | Incoming ports (TCP) | Differs from default configuration |
| GRAM Gatekeeper + Jobmanager | 2119 | No |
| Globus port-range (Jobmanager, GridFTP) | 20000-25000 | No |
| BDII | 2170 | No |
| GridFTP | 2811 | No |
administrator's script: prepare.sh
#!/bin/bash# prepare gLite to installREPO_URL="http://mirror.scc.kit.edu/downloads/yum.repo"
# Configure repositories# Add yum repositorieswget -O /etc/yum.repos.d/sl-dgiref.repo ${REPO_URL}/sl-dgiref.repo
wget -O /etc/yum.repos.d/jpackage17.repo ${REPO_URL}/jpackage17.repo
wget -O /etc/yum.repos.d/dag.repo ${REPO_URL}/dag.repo
wget -O /etc/yum.repos.d/lcg-CA.repo ${REPO_URL}/glite/lcg-CA.repo
yum clean all# Missing packages installationyum -y install perl java
# create directory for the grid host certificatesmkdir /etc/grid-security/
# after copy the host certificate and host key into /etc/grid-security/
Install
The D-Grid reference installation uses the LCG CE variant for the gLite computing resources. Hence the following three main gLite components must be installed on the CE (Computing Element):
- Computing Element: lcg-CE package
- Information system: glite-BDII package
- Batch system components: glite-TORQUE_utils package
administrator's script: install.sh
#!/bin/bash# install gliteyum -y install lcg-CE lcg-CA glite-BDII
yum -y install glite-TORQUE_utils
Configure
| To install the gLite Monitoring services (BDII and RGMA), please refer to gLite services page. |
Generally speaking the gLite configuration done by the YAIM packages (for the YAIM description check YAIM guide). There are three important site-specific configuration files:
- site-info.def has site-specific configuration, (check also: /opt/glite/etc/gip/ldif/glite-info-site.ldif)
- users.conf to set up users,
- groups.conf for access rules.
The files structure description can be found: into the /opt/glite/yaim/examples/ (for example users.conf.README). The file users.conf must be created or adapted for all VOs users. During the configuration, the YAIM configuration tool creates these users if they are not exist yet. If the user accounts already exist YAIM do not change the UIDs/GIDs. The entries are controlled in the directory /etc/grid-security/gridmapdir.
- Certificates
The certificate installation procedure can be done by the two ways:
- Use the apt savannah.fzk.de repository. Examples:
- install the fzk-vomscert package from the apt repository:
rpm savannah.fzk.de repository/fzk security
cat << EOF > /etc/apt/sources.list.d/fzk.list
###
### FZK apt repository containing some packages needed for DGrid
### Currently these are the VOMS server certificate, and the GridKa-CA
### configuration rpms. Do not remove this repository.
###
rpm http://savannah.fzk.de repository/fzk security
EOF
apt-get update
apt-get install fzk-vomscert- GSI configuration. Install the ca_FZK-local package from the following apt repository:
rpm savannah.fzk.de repository/fzk security
- GSI configuration. Install the ca_FZK-local package from the following apt repository:
- Use the d-grid download area (see the following script)
administrator's script: configure.sh
#!/bin/bash# configure gLite# load parameters from prepare sectionBASE_URL=http://mirror.scc.kit.edu/downloads/src/glite/2009.1
# Host certificates# The host certificate and the associated key are copied in the directory /etc/grid-security:cp hostcert.pem hostkey.pem /etc/grid-security
chmod 400 /etc/grid-security/hostkey.pem
chmod 644 /etc/grid-security/hostcert.pem
# VOMS server certificate# Copy the d-grid VOMS server certificate into /etc/grid-security/vomsdirwget -O /etc/grid-security/vomsdir/dgrid-voms.fzk.de ${BASE_URL}/dgrid-voms.fzk.de
# GSI configuration for the GridKA CA (needed for grid-cert-request, etc.):# either download and install the GSI configuration rpmrpm -ihv ${BASE_URL}/ca_FZK-local-1.0-1.noarch.rpm
# Yaim Configurationcp /opt/glite/yaim/examples/siteinfo/site-info.def /opt/glite/yaim/site-info.def
### Since the site-info.def file contains passwords, it should NOT be readable for users!##chmod 600 /opt/glite/yaim/site-info.def
# and/orchmod 700 /opt/glite/yaim
### The following warnings may occur during the configuration, although this can be ignored:### /sbin/ldconfig: <LIBRARY> is not a symbolic link# rfiod: unrecognized service# users_getprduser: could not find prd user for <VO> in users.conf## /opt/glite/yaim/site-info.def configuration## lcg CE# Required variables in the site-info.def for the configuration of the lcg-CE are:BATCH_SERVER
BDII_HOST
CE_BATCH_SYS
CE_CPU_MODEL
CE_CPU_SPEED
CE_CPU_VENDOR
CE_INBOUNDIP
CE_LOGCPU
CE_MINPHYSMEM
CE_MINVIRTMEM
CE_OS
CE_SMPSIZE
CE_OS_RELEASE
CE_OS_VERSION
CE_OS_ARCH
CE_OUTBOUNDIP
CE_PHYSCPU
CE_RUNTIMEENV
CE_SF00
CE_SI00
GROUPS_CONF
<queue-name>_GROUP_ENABLE
JOB_MANAGER
QUEUES
SE_LIST
USERS_CONF
VOS
VO_<vo-name>_VOMS_SERVERS
VO_<vo-name>_SW_DIR
VO_<vo-name>_VOMS_CA_DN
VO_<vo-name>_VOMSES
# Torque utils# For the configuration of the torque utilities following variables have to be set in the site-info.def:BATCH_SERVER
CE_HOST
QUEUES
SITE_NAME
WN_LIST
# The configuration is done by/opt/glite/yaim/bin/yaim -c -s "/opt/glite/yaim/site-info.def" -n TORQUE_utils -n lcg-CE
Proceed
The gLite instance is started automatically.
| To make available stagein/stageout options for PBS Jobs, the /etc/ssh/shosts.equiv and /etc/ssh/ssh_known_hosts should be distributed from gLite into all worker nodes. The reference installation use the cfengine to implement such a procedure (use link).
|
administrator's script: proceed.sh
#!/bin/bash# proceed
Initial test
Examine the newly installed system by the following commands:
administrator's script: test.sh
#!/bin/bash# initial tests for gLite installation### Create a voms proxy[grid user] $ voms-proxy-init --voms dgtest
### Show proxy info[grid user] $ voms-proxy-info --al
#subject : /C=DE/O=GermanGrid/OU=FZK/CN=Grid User/CN=proxy#issuer : /C=DE/O=GermanGrid/OU=FZK/CN=Grid User#identity : /C=DE/O=GermanGrid/OU=FZK/CN=Grid User#type : proxy#strength : 512 bits#path : /tmp/x509up_u7632#timeleft : 7:46:28#=== VO dgtest extension information ===#VO : dgtest#subject : /C=DE/O=GermanGrid/OU=FZK/CN=Grid Jrad#issuer : /O=GermanGrid/OU=FZK/CN=host/dgrid-voms.fzk.de#attribute : /dgtest/Role=NULL/Capability=NULL### Create a sample job[user]$ vi hostname.jdl
Executable = "hostname.sh";stdOutput = "stdout";stdError = "stderr";InputSandbox = {"hostname.sh"};
OutputSandbox = {"stdout", "stderr"}
### Create input file for the job[user]$ vi hostname.sh
hostname/usr/bin/id sleep 10
### Submit a sample job.[grid user]$ glite-wms-job-submit -a hostname.jdl
#Connecting to the service https://iwrrb.fzk.de:7443/glite_wms_wmproxy_server#====================== glite-wms-job-submit Success ======================##The job has been successfully submitted to the WMProxy Your job identifier is:##https://iwrrb.fzk.de:9000/TsAUEzstiFMmbupVY37KWg##==========================================================================### Show job status[user] $ glite-wms-job-status https://iwrrb.fzk.de:9000/TsAUEzstiFMmbupVY37KWg
### If status is '''done''' get the job output and store it locally[user] $ glite-wms-job-output --dir . https://iwrrb.fzk.de:9000/TsAUEzstiFMmbupVY37KWg
Update
Updates to gLite 3.1 are released regularly. It is enough to execute yum update to update the instance.
WARNING: Several sites use auto update mechanism. Sometimes middleware updates require non-trivial configuration changes or a reconfiguration of the service. This could involve database schema changes, restart service, new configuration files, etc, which makes it difficult to ensure that automatic updates will not break up a service. Thus NOT TO USE AUTOMATIC UPDATE PROCEDURE OF ANY KIND!
administrator's script: update.sh
#!/bin/bash# update for glite#If reconfiguration of any kind is necessary, just run the following command# (don't forget to list all node types installed in your host):node="-n lcg-CE -n TORQUE_utils"
/opt/glite/yaim/bin/yaim -c -s site-info.def $node
