www.eu-eela.org
E-infrastructure shared between Europe and Latin America
Introduction to the tutorial for site managers
Vanessa Hamar
Universidad de Los Andes – Mérida, VenezuelaNine EELA Tutorial for Managers and Users Bogotá, 05 - 09 March 2007
2
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
Outline
• Layout of the site managers tutorial
• Available servers
• Shared pre-requisite for gLite 3.0 services
3
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
Layout
• The installation, the configuration and the eventual troubleshooting of the gLite 3.0 services will be shown in real time by the tutors.
• After each demo service installation you will have time to re-install it by yourself– each participant on his own assigned VM
• We are going to install gLite services onto VMware Virtual Machines– easy to resume the initial status of the VM for the
following service re-installation– useful if you need to re-try the installation due to
errors/mistakes/tests
4
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
Deployment
• Each machine has VMWare Player/Workstation and a
GILDA Base VM image
• There is also another server which will be used as
gLite 3.0 repository to speed up the download of RPMs– mnto04.uniandes.edu.co local gLite 3.0 repository
5
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
Access to the VMs
• IP address: 157.253.42.xxx
• Hostname : eventogridxx.uniandes.edu.co
• Username : root
• Password : GildaVM.06
(xxx = 121…170)
5
6
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
gLite 3.0 software pre-requisites
7
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
• Start from a fresh install of SLC 3.0.x• Java SDK is required to install almost any
LCG/gLite grid service. Due to license issues, it is not found in the LCG repositories.
– chmod +x j2sdk-1_4_2_13-linux-i586-rpm.bin
– ./j2sdk-1_4_2_13-linux-i586-rpm.bin
– rpm -ivh j2sdk-1_4_2_13-linux-i586.rpm
– Preparing... ################################## [100%]
– 1:j2sdk ################################## [100%]
Installation Pre-requisites
8
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
• Request a X509 host certificate for the gLite service you are going to install from a Certification Autority (CA). For example, to get host certificates from the GILDA CA, go to:– https://gilda.ct.infn.it/CA/mgt/restricted/srvreq.php
Security pre-requisites
9
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
• We requested the certificates for you, you can copy them from:– http://mnto04.uniandes.edu.co/certs
• Install host certificates (hostcert.pem and hostkey.pem) in /etc/grid-security.– chmod 644 hostcert.pem– chmod 400 hostkey.pem
10
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
• If you plan to use certificates released by unsupported EGEE CA’s, be sure that their public key, signing policy and CRLs (usually distributed with an rpm) are installed in /etc/grid-security/certificates.
• For the VO GILDA, the RPM is available from: – https://gilda.ct.infn.it/RPMS/ca_GILDA-1.0-6.i386.rpm
Security pre-requisites (II)
11
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
• Syncronization among all gLite nodes is mandatory. It can be achieved by the NTP protocol with a time server.
• Install ntp if not already available for your system:– apt-get install ntp
• Add your time server in /etc/ntp.conf– restrict <time_server_IP_address> mask 255.255.255.255
nomodify notrap noquery
– server <time_server_name> – (you can use ntp-1.infn.it – IP 193.206.144.10)
• Edit /etc/ntp/step-tickers adding your(s) time server(s) hostname
• Activate the ntpd service with the following commands: ntpdate <your ntp server name> service ntpd start chkconfig ntpd on
• You can check ntpd’s status with: ntpq -p
Node Synchronization with NTP
12
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
• YAIM is a set of bash scripts used to install and easily configure the gLite middleware on the target machine
• Ensure you FQDN is properly set– hostname –f
• Find the latest YAIM and gilda_ig-yaim version at http://www.cern.ch/grid-deployment/gis/yaim/
• Download it using wget from– http://grid-deployment.web.cern.ch/grid-deployment/gis/yaim/glit
e-yaim-3.0.0-34.rpm– http://grid018.ct.infn.it/apt/gilda_app-i386/utils/gilda_ig-yaim-3.0.
0-27.noarch.rpm
• Install using– rpm -ivh glite-yaim-3.0.0-34.rpm – rpm -ivh gilda_ig-yaim-3.0.0-27.noarch.rpm
YAIM Installation
13
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
• All the configuration values to sites have to be configured in a site configuration file using key-value pairs.
• This file is shared among all the different gLite node types. So edit once and keep it in a safe place
• Create a copy of /opt/glite/yaim/examples/gilda_ig-site-info.def template (coming from the glite-yaim RPM) to your reference directory for the installation (e.g. /root):– cp /opt/glite/yaim/examples/gilda_ig-site-info.def /root/gilda_ig-site-info.def
• The general syntax of the file is a sequence of bash-like assignments of variables (<variable>=<value>, no spaces are allowed around =).
• A good syntax test for your site configuration file is to try to source it manually running the command:– source gilda_ig-site-info.def
Site Configuration File
14
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
Local repository
• We have installed a local repository at UNAM, so you have to specify its correct path in my-site-info.def:
OS_REPOSITORY="rpm http://gaia.eela.ufrj.br/yam sl3-i386 os contrib updates"
LCG_REPOSITORY="rpm http://mnto04.uniandes.edu.co/yam glite_sl3-i386 3_0 3_0_externals 3_0_updat
es condor"
IG_REPOSITORY="rpm http://grid018.ct.infn.it/yam ig_sl3-i386 3_0_0 utils"
GILDA_REPOSITORY="rpm http://mnto04.uniandes.edu.co/yam gilda_sl3-i386 app 3_0_0"
CA_REPOSITORY=" rpm http://grid018.ct.infn.it/yam glite_sl3-i386 security"
15
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
Middleware installation with YAIM
• We are ready to install the services:
• /opt/glite/bin/gilda_ig_install_node /root/gilda_ig-site-info.def GILDA_ig_myServiceName
• This command will download and install all the needed packages.
• Now we can configure the node:
• /opt/glite/bin/gilda_ig_configure_node /root/gilda_ig-site-info.def GILDA_ig_myServiceName
16
E-infrastructure shared between Europe and Latin America
9th EELA Tutorial, Bogotá, 05-09 March 2007
Questions?
Thanks for the attention
Top Related