Installation and Configuration - Istituto Nazionale di...
Transcript of Installation and Configuration - Istituto Nazionale di...
www.epikh.eu
The EPIKH Project(Exchange Programme to advance e-Infrastructure Know-How)
User Interfacefor Middleware
Installation and Configuration
Fabrizio Pistagna ([email protected])Beijing, ChinaAsia-3 2011 - Joint CHAIN / EPIKHSchool for System Administrator
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
Outline
• Brief introduction to User Interface role• Before installation
• Preliminaries steps : Preparing the Linux machine• Installing the Middleware 3.2
– Step 0 : Repository settings – Step 1 : User Interface packages installation– Step 2 : Yaim Configuration of installed services
• Testing of installed services
2
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
gLite User Interface: The Access Point
• The access point to the Grid is the User Interface– This can be any machine where users have an account and where their
user certificate is installed• From a UI, a user can be authenticated and authorized to
use the Grid resources• It provides CLI tools to perform some basic Grid
operations:– list all the resources suitable to execute a given job;– submit jobs for execution;– cancel jobs;– retrieve the output of finished jobs;– show the status of submitted jobs;– retrieve the logging and bookkeeping information of jobs;– copy, replicate and delete files from the Grid;– retrieve the status of different resources from the Inforamtion System
3
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
gLite User Interface: The Access Point
4
From the UI a user can• query all the available resources in the Grid site• submit own jobs
All these steps are done through a communication between the UI host and the WMProxy service
UserInterface
• The instructions provided in this tutorial presentation assume that you are going to use a machine with – CERN 5.5 x86_64 64bit
Is also possible to install a 32bit UI, however as the CEs are all 64bit, is more convenient to have a 64bit UI
• We will install a 3.2 Middleware version 64 bit– The package manager is considered the default installation tool
– The is a tool to configure the middleware Grid services
• Only for this TEST installation: we are going to configure a GILDA Virtual Organization (VO)– It is a “just for” tutorial, training Virtual Organization– If your “production” site doesn’t support this VO,
you MUST NOT follow the GILDA instructions in this tutorial• EUCHINA VO
– for a really Production siteFabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
Before installation
5
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
Preparing the Linux machine
• Check that you have a valid hostname– public IP address with forward and reverse DNS resolution
– to edit the hostname (must be root)
• Network Time Protocol settings
– and configure the service to start at boot
6
bash# hostname -f
bash# vim /etc/hostsbash# hostname <hostname>bash# domainname <domainname>
bash# datebash# yum install ntp -y
bash# chkconfig ntpd on
-y option says “yes” to all boring questions
..if dag.repo is present, make a backup..
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
Step 0: Repository Settings
• Add the needed repositories
• Get the GILDA repo – NOTE: only for this tutorial, install a GILDA VO capable UI
7
bash# cd /etc/yum.repos.dbash# mv dag.repo dag.repo.old
bash# wget http://grid-deployment.web.cern.ch/grid-deployment/glite/repos/3.2/dag.repo
bash# wget http://grid-deployment.web.cern.ch/grid-deployment/glite/repos/3.2/glite-UI.repo
bash# wget http://repository.egi.eu/sw/production/cas/1/current/repo-files/egi-trustanchors.repo
bash# wget http://grid018.ct.infn.it/mrepo/repos/gilda.repo
Common repositories Profile specific repositories
egi-trustanchors.repo glite-UI.repo
dag.repo
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
Step 0: Repository Settings
• Repository description file sample
8
bash# cat glite-UI.repo[glite-UI]name=gLite 3.2 User Interfacebaseurl=http://glitesoft.cern.ch/EGEE/gLite/R3.2/glite-UI/sl5/x86_64/RPMS.release/gpgkey=http://glite.web.cern.ch/glite/glite_key_gd.ascgpgcheck=1enabled=1
[glite-UI_updates]name=gLite 3.2 User Interfacebaseurl=http://glitesoft.cern.ch/EGEE/gLite/R3.2/glite-UI/sl5/x86_64/RPMS.updates/gpgkey=http://glite.web.cern.ch/glite/glite_key_gd.ascgpgcheck=1enabled=1
[glite-UI_ext]name=gLite 3.2 User Interfacebaseurl=http://glitesoft.cern.ch/EGEE/gLite/R3.2/glite-UI/sl5/x86_64/RPMS.externals/gpgcheck=0enabled=1
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
Step 0: Repository Settings
• Install via YUM, the common repositories packages
– ca-policy-egi-core: the most up-to-date version of the list of trusted CA
– gilda_utils: utilities and certificate needed ONLY for interacting with GILDA VO
– Other repositories enabled in SL5 dag: is a mantained repository which provides a number of packages not
available through Scientific Linux• NOTE: in a limited number of cases, DAG provides rpms of a higher version
already installed. Normally the OS is protected from having its rpms upgraded (protect=1). You could unprotect or install by hand (yum localinstall <rpm>)
9
bash# yum clean allbash# yum install ca-policy-egi-core -ybash# yum install gilda_utils
..in order to keep the CA list up-to-date on your node..do a periodic update of the CAs(cron)
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
Step 1: gLite UI Installation
• Install via YUM, the gLite UI metapackage • we use groupinstall command to install all the packages for the glite-UI
group of packages, readed from the comps.xml file on the repo server • this will list all the available groups software
• Install the GILDA certs and CA packges •NOTE: Don’t install the above packages for your site
it’s just for the TEST GILDA VO installation
– glite-UI: all the software needed to install and run a gLite User Interface, yaim-utilities for the configuration of the UI, libraries, and all the CLI tools to interact with the gLite Grid services.
10
bash# yum groupinstall glite-UI
bash# yum install ct-vomscert ca_GILDA
bash# yum grouplist
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
Step 2: Yaim configuration
• All the configuration samples files are located in– /opt/glite/yaim/examples/siteinfo directory– it’s better to make a copy of the original files
• Files to edit are:– site-info.def: contains all the site-configurations variables needed by
YAIM to set-up the UserInterface
• We start editing the site-info.def file
11
bash# cd /opt/glite/yaim/examples ; mkdir my-siteinfobash# cp -r users.conf groups.conf siteinfo/services/ siteinfo/site-info.def my-siteinfo/
bash# cd /opt/glite/yaim/examples/my-siteinfobash# vim site-info.def
ONLY
for GILDA
VO..
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
Step 2: Yaim configuration
• YAIM generic configuration variables
• The VOS variable specify all the supported VO by the grid-node we are going to install• NOTE: Only for tutorial aims put the GILDA vo!
• NOTE: the VOS listed in this variable must be in alphabetical order
• And add the GILDA specific block-variables configuration
12
INSTALL_ROOT=/opt
bash# vim ig-site-info.defVOS=”euchina gilda”
VO_GILDA_VOMS_CA_DN="'/C=IT/O=INFN/CN=INFN CA' '/C=IT/O=INFN/CN=INFN CA'"VO_GILDA_DEFAULT_SE=$DPM_HOSTVO_GILDA_STORAGE_DIR=$CLASSIC_STORAGE_DIR/gildaVO_GILDA_SW_DIR=$VO_SW_DIR/gilda VO_GILDA_VOMS_SERVERS="vomss://voms.ct.infn.it:8443/voms/gilda?/gilda" VO_GILDA_VOMSES="gilda voms.ct.infn.it 15001 /C=IT/O=INFN/OU=Host/L=Catania/CN=voms.ct.infn.it gilda"
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
Step 4: gLite UI Yaim configuration
• gLite UI specific configuration variables ONLY for GILDA
13
bash# vim site-info.defBDII_HOST=gilda-bdii.ct.infn.itRB_HOST=gilda-wms-01.ct.infn.itWMS_HOST=gilda-wms-01.ct.infn.itLB_HOST=”gilda-lb-01.ct.infn.it:9000”PX_HOST=myproxy.ct.infn.itLFC_HOST=lfc-gilda.ct.infn.itDPM_HOST=iceage-se-01.ct.infn.itJAVA_LOCATION=/usr/java/latest
VOS=”euchina gilda”VO_GILDA_VOMS_CA_DN="'/C=IT/O=INFN/CN=INFN CA' '/C=IT/O=INFN/CN=INFN CA'"VO_GILDA_DEFAULT_SE=$DPM_HOSTVO_GILDA_STORAGE_DIR=$CLASSIC_STORAGE_DIR/gildaVO_GILDA_SW_DIR=$VO_SW_DIR/gilda VO_GILDA_VOMS_SERVERS="vomss://voms.ct.infn.it:8443/voms/gilda?/gilda" VO_GILDA_VOMSES="gilda voms.ct.infn.it 15001 /C=IT/O=INFN/OU=Host/L=Catania/CN=voms.ct.infn.it gilda"
...check that your JAVA_LOCATION is correct...
standard values for a GILDA VO
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
Step 4: gLite UI Yaim configuration
• Configure UI via YAIM
• ...if everything is ok...• Congratulations!!
• You now have a ready-to-go User Interface Machine, boosting a fresh 3.2 Middleware, ready to test it ??
• One more thing• Yaim does not configure the LFC_HOST variable, please edit
the file /opt/glite/etc/profile.d/grid-env.sh and add the following for GILDA
14
bash# /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/examples/my-site-conf/site-info.def -n glite-UI
bash# vim /opt/glite/etc/profile.d/grid-env.shgridenv_set “LFC_HOST” “lfc.gilda.ct.infn.it”
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
Testing the UI
• Create a user and copy his certificates into .globus dir
• Create a proxy
• Get a list of matching resources for your job
• Submit your job
• Check the status of the job and retrieve the output
• List the LFC File Catalogue root directory
• Create a dir and copy a file to the SE
15
bash# cp usercert.pem userkey.pem $HOME/.globus
bash# voms-proxy-init -voms gilda
bash# glite-wms-job-list-match -a job_description.jdl
bash# glite-wms-job-submit -a job_description.jdl
bash# glite-wms-job-status job_idbash# glite-wms-job-output -i job_id
bash# lfc-ls /grid
bash# lfc-mkdir /grid/gilda/tutorials/$USER ; lcg-cr -l lfn:/grid/gilda/tutorials/$USER/my_file file:/local/file
Fabrizio Pistagna, INFN, Catania Beijing, Joint CHAIN / EPIKH, ASIA-3 GRID School, 09 May 2011
References
• documentation, and Generic Installation Guides– http://glite.web.cern.ch/glite/documentation/– https://twiki.cern.ch/twiki/bin/view/LCG/GenericInstallGuide320– https://twiki.cern.ch/twiki/bin/view/LCG/GenericInstallGuide310– http://igrelease.forge.cnaf.infn.it/doku.php?id=doc:guides:install-3_2– http://igrelease.forge.cnaf.infn.it/doku.php?id=doc:guides:install-3_1
• GILDA testbed VO– https://gilda.ct.infn.it/
• YUM package manager and YAIM tool– http://yum.baseurl.org/– https://twiki.cern.ch/twiki/bin/view/LCG/YaimGuide400#Basics
• Mrepo and Createrepo– http://dag.wieers.com/home-made/mrepo/– http://svn.rpmforge.net/svn/trunk/tools/mrepo/docs/quickstart.txt– http://createrepo.baseurl.org/
16