bouchra rahim([email protected]) joint epikh/eumedgrid-support event in rabat morocco, 30.05.2011
DESCRIPTION
gLite UI Installation. Bouchra RAHIM([email protected]) Joint EPIKH/EUMEDGRID-Support Event in Rabat Morocco, 30.05.2011. gLite UI. The access point to the glite Grid is the User Interface This can be any machine where users have an account and where their user certificate is installed - PowerPoint PPT PresentationTRANSCRIPT
www.epikh.eu
The EPIKH Project(Exchange Programme to advance e-Infrastructure Know-How)
Bouchra RAHIM([email protected])
Joint EPIKH/EUMEDGRID-Support Event in Rabat
Morocco, 30.05.2011
gLite UI Installation
gLite UI
• The access point to the glite Grid is the User Interface– This can be any machine where users have an account and
where their user certificate is installed• From a UI, a user can be authenticated and authorized to use the glite
Grid resources• It provides CLI tools to perform some basic Grid operations:
– list all the resources suitable to execute a given job;– submit jobs for execution;– cancel jobs;– retrieve the output of finished jobs;– show the status of submitted jobs;– retrieve the logging and bookkeeping information of jobs;– copy, replicate and delete files from the Grid;– retrieve the status of different resources from the Inforamtion
System
2
• The instructions provided in this presentation assume that you are going to use a machine with Scientific Linux 5.4 installed.
– Virtual Machine image (GILDA VM Base_SLC5.4_x86_64) available at:https://gilda.ct.infn.it/VirtualServices.html
3
Preliminaries
5
System requirements
• Check if exists the ntp service otherwise install that:yum install ntp
• Check that public machine name is NOT an alias for “localhost”, but appears on a line by its own, like in the following:
• Please check:– If you have a valid hostname
– To verify, type: hostname -f– To edit the hostname:
• Disable Selinux: make sure /etc/selinux/config contains line:
• REBOOT your server, for changes to take effect
vim /etc/hostname vim /etc/sysconfig/network hostname <pc_name> service network restart
vim /etc/hostname vim /etc/sysconfig/network hostname <pc_name> service network restart
root# cat /etc/hosts
213.92.16.191 servername.some.domain.org servername
127.0.0.1 localhost.localdomain localhost
root# cat /etc/hosts
213.92.16.191 servername.some.domain.org servername
127.0.0.1 localhost.localdomain localhost
SELINUX=disabled SELINUX=disabled
• Disable automatic yum update:
– chkconfig yum off ; service yum stop
• Similarly disable other useless services (sendmail, pcmcia, isdn,...): see for example http://wiki.eumedgrid.eu/twiki/bin/view/InfrastructureStatus/SiteSecurityAndPerformance
• Cleanup yum cache:
– yum clean all
• Download list of important packages from CIC portal, https://cic.gridops.org/index.php?section=vo&vo=eumed see section “Other requirements” and save to a file, then issue command:
– cat <file.txt> | xargs -i yum -y install {}
6
System requirements (2/2)
7
Repository settings
• Specify the mrepo host:export MREPO=http://repo.magrid.ma/yumrepo/glite32
• Configure the repository as follows:REPOS="dag glite-GENERIC lcg-CA glite-UI"
• Get repositories with:for name in $REPOS;do wget $MREPO/$name.repo -O /etc/yum.repos.d/$name.repo; done
• Install CAs (this need to be done for ANY profile):
yum install lcg-CA ca-policy-egi-core ca-policy-lcg
• Glite UI Metapackage installation:
yum groupinstall glite-UI– we use groupinstall command to install all the packages for
the glite-UI group of packages, read from the comps.xml file on the repo server.
– glite-UI: all the software needed to install and run a gLite User Interface, yaim-utilities for the configuration of the UI, libraries, and all the CLI tools to interact with the gLite Grid services.
8
YUM install
9
site-info.def
• All the configuration samples files are located in /opt/glite/yaim/examples/siteinfo directory
• it’s better to make a copy of the original files
• Open your own site-info.def and customize it:
vi /opt/glite/yaim/etc/siteinfo/site-info.defvi /opt/glite/yaim/etc/siteinfo/site-info.def
mkdir /opt/glite/yaim/etc/siteinfo/
cp /opt/glite/yaim/examples/siteinfo/site-info.def /opt/glite/yaim/etc/siteinfo/site-info.def
mkdir /opt/glite/yaim/etc/siteinfo/
cp /opt/glite/yaim/examples/siteinfo/site-info.def /opt/glite/yaim/etc/siteinfo/site-info.def
https://twiki.cern.ch/twiki/bin/view/LCG/Site-info_configuration_variables#UI
BDII_HOST=bdii.eumedgrid.eu (or your own if you have one)WMS_HOST=wms-01.eumedgrid.eu (or your own if you have one)LB_HOST=wms-01.eumedgrid.eu (or your own if you have one)PX_HOST=myproxy.ct.infn.itLFC_HOST=lfc.ulakbim.gov.tr (or your own if you have one)DPM_HOST=torik1.ulakbim.gov.tr (or your own if you have one)
10
EUMED Settings - Setup site-info.def
Add EUMED Settings
VOS="eumed" Add eumed hereVO_EUMED_SW_DIR=$VO_SW_DIR/eumed
VO_EUMED_DEFAULT_SE=$SE_HOST
VO_EUMED_STORAGE_DIR=$CLASSIC_STORAGE_DIR/eumed
VO_EUMED_VOMS_SERVERS="'vomss://voms2.cnaf.infn.it:8443/voms/eumed?/eumed' 'vomss://voms-02.pd.infn.it:8443/voms/eumed?/eumed'"
VO_EUMED_VOMSES="'eumed voms2.cnaf.infn.it 15016 /C=IT/O=INFN/OU=Host/L=CNAF/CN=voms2.cnaf.infn.it eumed' 'eumed voms-02.pd.infn.it 15016 /C=IT/O=INFN/OU=Host/L=Padova/CN=voms-02.pd.infn.it eumed'"
VO_EUMED_VOMS_CA_DN="'/C=IT/O=INFN/CN=INFN CA' '/C=IT/O=INFN/CN=INFN CA'"
VO_EUMED_WMS_HOSTS="wms-4.dir.garr.it wms.ulakbim.gov.tr wms-01.eumedgrid.eu wms.grid.arn.dz rb-eugrid.eri.sci.eg“
!Make sure to comment VO_<vo_name>...
11
Add EUMED Settings-users
• Add following lines to users.conf file pointed to by variable USERS_CONF in your siteinfo.def file– 3101:eumed001:2418:eumed:eumed::– 3102:eumed002:2418:eumed:eumed::– 3103:eumed003:2418:eumed:eumed::– 3104:eumed004:2418:eumed:eumed::– 3105:eumed005:2418:eumed:eumed::– …..– 3201:sgmeumed001:2419,2418:sgmeumed,eumed:eumed:sg
m:– 3202:sgmeumed002:2419,2418:sgmeumed,eumed:eumed:sg
m:– 3203:sgmeumed003:2419,2418:sgmeumed,eumed:eumed:sg
m:
See ftp://repo.magrid.ma/pub/GridSchoolConfFiles/Location, Meeting title, dd.mm.yyyy 12
Add EUMED Settings-groups
• Add following lines to groups file pointed to by variable GROUPS_CONF in your site-info.def
– "/eumed/ROLE=SoftwareManager":::sgm:– “/eumed"::::
– See ftp://repo.magrid.ma/pub/GridSchoolConfFiles/
Location, Meeting title, dd.mm.yyyy 13
14
Configuring UI• Update the date (ftp://repo.magrid.ma/pub/GridSchoolConfFiles/)
configure ntp : /etc/ntp.conf , /etc/ntp/step-tickers
/etc/init.d/ntpd stop
ntpdate ntp.marwan.ma
/etc/init.d/ntpd start
• Disable iptables
• service iptables stop
• Chkconfig iptables off
• Configure the UI with YAIM (To check the syntax : source <path_to_siteinfo>/site-info.def )
/opt/glite/yaim/bin/yaim -c -s <path_to_siteinfo>/site-info.def -n glite-UI
• If everything is ok, the UI is now READY for testing
YAIM does not configure the LFC_HOST variable; please edit the file
/opt/glite/etc/profile.d/grid-env.sh and add the following for eumed:
gridenv_set "LFC_HOST" "lfc.ulakbim.gov.tr"gridenv_set "LFC_HOST" "lfc.ulakbim.gov.tr"
15
[root@pc01 ~]# adduser grid01
[root@pc01 ~]# mkdir /home/grid01/.globus
[root@pc01 ~]# cp /root/user_cert/usercert.pem /home/grid01/.globus/usercert.pem
[root@pc01 ~]# cp /root/user_cert/userkey.pem /home/grid01/.globus/userkey.pem
[root@pc01 ~]# chown grid01 /home/grid01/.globus/usercert.pem
[root@pc01 ~]# chown grid01 /home/grid01/.globus/userkey.pem
[root@pc01 ~]# chmod 400 /home/grid01/.globus/userkey.pem
[root@pc01 ~]# su – grid01
[grid01@pc01 ~]$ voms-proxy-init --voms eumed
Enter GRID pass phrase: [grid2011]
Your identity: /C=MA/O=MaGrid/OU=CNRST/CN=Grid School
Creating temporary proxy .................................................................
....................................... Done
Contacting voms2.cnaf.infn.it:15016 [/C=IT/O=INFN/OU=Host/L=CNAF/CN=voms2.cnaf.infn.it] "eumed" Done
Creating proxy ........................................................................................ Done
Your proxy is valid until Sun May 29 04:25:35 2011
[root@pc01 ~]# adduser grid01
[root@pc01 ~]# mkdir /home/grid01/.globus
[root@pc01 ~]# cp /root/user_cert/usercert.pem /home/grid01/.globus/usercert.pem
[root@pc01 ~]# cp /root/user_cert/userkey.pem /home/grid01/.globus/userkey.pem
[root@pc01 ~]# chown grid01 /home/grid01/.globus/usercert.pem
[root@pc01 ~]# chown grid01 /home/grid01/.globus/userkey.pem
[root@pc01 ~]# chmod 400 /home/grid01/.globus/userkey.pem
[root@pc01 ~]# su – grid01
[grid01@pc01 ~]$ voms-proxy-init --voms eumed
Enter GRID pass phrase: [grid2011]
Your identity: /C=MA/O=MaGrid/OU=CNRST/CN=Grid School
Creating temporary proxy .................................................................
....................................... Done
Contacting voms2.cnaf.infn.it:15016 [/C=IT/O=INFN/OU=Host/L=CNAF/CN=voms2.cnaf.infn.it] "eumed" Done
Creating proxy ........................................................................................ Done
Your proxy is valid until Sun May 29 04:25:35 2011
Testing UI
Testing UI for GILDA
• OtherTests:
Copy a jdl file:
Password [grid01]
Submit a job:
16
scp [email protected]:/home/grid01/hostname.jdl .scp [email protected]:/home/grid01/hostname.jdl .
lfc-ls /gridlfc-ls /grid
glite-wms-job-submit -a –o jobid hostname.jdl glite-wms-job-submit -a –o jobid hostname.jdl
• For the real installation you have to export you personal certificate from web browser to the UI and than have a look at the following: ATTENTION USE eumed INSTEAD gilda
• Certificate management:
https://grid.ct.infn.it/twiki/bin/view/GILDA/HowToConvertPkcs12ToPem
• Voms creation with extentions
https://grid.ct.infn.it/twiki/bin/view/GILDA/AuthenticationAuthorization#Creation_of_a_proxy_with_voms_ex
• Job Submission
https://grid.ct.infn.it/twiki/bin/view/GILDA/SimpleJobSubmission
• Data Management
https://grid.ct.infn.it/twiki/bin/view/GILDA/DataManagement
17
Testing UI for EUMED Installation
18
References
INFNGrid installation http://igrelease.forge.cnaf.infn.it/doku.php?id=doc:guides:install-3_2
EUMED wiki for system administrators: http://wiki.eumedgrid.eu/twiki/bin/view/InfrastructureStatus/EumedSiteInstallation