Line: 1 to 1 | ||||||||
---|---|---|---|---|---|---|---|---|
Changed: | ||||||||
< < | WMS 3.5.2 EMI3 Update7 pre-certification report | |||||||
> > | WMS 3.6.0 EMI3 Update7 pre-certification report | |||||||
I installed WMS EMI3 and upgraded with the new RPMs, which are all the affected packages:
glite-wms-configuration-3.6.0-1 glite-wms-common-3.6.0-1 glite-wms-interface-3.6.0-1The above RPMs in addition to the bugfixes, also contain a new feature (handling of WMS_PEPC_RESOURCEID configuration variable, https://ggus.eu/ws/ticket_info.php?ticket=93831) which affected all 3 above RPMs. This is the reason for minor version increase (3.5.x -> 3.6.0). BUG VERIFICATIONBUG: check the policies that keep ISBfiles in the WMS after sandbox creation (08/07/2013)I've installed the update of glite-wms-interface (3.5.0-9), submitted a job and verified that the zipped ISB is not in the job's ISB dir anymore after job start:dorigoa@cream-08 14:45:06 ~>cat wms_ISB.jdl [ Executable = "/bin/sleep" ; Arguments = "1"; InputSandbox = {"/home/dorigoa/sandboxes/mysandbox_01", "/home/dorigoa/sandboxes/mysandbox_02", "/home/dorigoa/sandboxes/mysandbox_03", "/home/dorigoa/sandboxes/mysandbox_04"}; AllowZippedISB = true; requirements = RegExp("cream.*", other.GlueCEUniqueID); RetryCount = 0; ShallowRetryCount = 1; MyProxyServer=""; rank = - other.GlueCEStateEstimatedResponseTime; ] dorigoa@cream-08 14:58:43 ~>glite-wms-job-submit -a -e https://cream-01.pd.infn.it:7443/glite_wms_wmproxy_server -r cream-27.pd.infn.it:8443/cream-lsf-creamtest1 wms_ISB.jdl Connecting to the service https://cream-01.pd.infn.it:7443/glite_wms_wmproxy_server ====================== glite-wms-job-submit Success ====================== The job has been successfully submitted to the WMProxy Your job identifier is: https://prod-wms-01.pd.infn.it:9000/dEO1-e1yP9zJgtiA32VGWg ========================================================================== dorigoa@cream-08 14:58:52 ~>ssh cream-01.pd.infn.it -l root root@cream-01.pd.infn.it's password: Last login: Fri Jul 5 16:09:48 2013 from cream-08.pd.infn.it [root@cream-01 ~]# cd /var/SandboxDir/dE/https_3a_2f_2fprod-wms-01.pd.infn.it_3a9000_2fdEO1-e1yP9zJgtiA32VGWg/ [root@cream-01 https_3a_2f_2fprod-wms-01.pd.infn.it_3a9000_2fdEO1-e1yP9zJgtiA32VGWg]# ls -l input/ total 8844 -rw-r--r-- 1 infngrid002 infngrid 15929 Jul 8 14:58 mysandbox_01 -rwxr-xr-x 1 infngrid002 infngrid 19080 Jul 8 14:58 mysandbox_02 -rwxr-xr-x 1 infngrid002 infngrid 4494144 Jul 8 14:58 mysandbox_03 -rwxr-xr-x 1 infngrid002 infngrid 4494144 Jul 8 14:58 mysandbox_04 BUG: glite-wms-check-daemon wrongly checks ICE status (08/07/2013)After the upgrade of the component glite-wms-configuration (3.5.0-5) I just executed the following commands on the WMS node (as root):[root@cream-01 ~]# ps -ef|grep ice glite 22260 1 0 15:13 ? 00:00:00 /usr/bin/glite-wms-ice-safe --conf glite_wms.conf --daemon /var/run/glite-wms-ice-safe.pid glite 22264 22260 0 15:13 ? 00:00:00 sh -c /usr/bin/glite-wms-ice --conf glite_wms.conf /var/log/wms/ice_console.log 2>&1 glite 22266 22264 5 15:13 ? 00:00:00 /usr/bin/glite-wms-ice --conf glite_wms.conf /var/log/wms/ice_console.log root 22304 31124 0 15:13 pts/0 00:00:00 grep ice [root@cream-01 ~]# /etc/init.d/glite-wms-ice stop stopping ICE... ok [root@cream-01 ~]# ps -ef|grep ice root 22338 31124 0 15:13 pts/0 00:00:00 grep ice [root@cream-01 ~]# /usr/libexec/glite-wms-check-daemons.sh [root@cream-01 ~]# ps -ef|grep ice root 22432 31124 0 15:14 pts/0 00:00:00 grep iceICE has to remain OFF after the execution of glite-wms-check-daemons.sh (because the previous commad /etc/init.d/glite-wms-ice stop is a clean shutdown of it).
BUG: glite_wms_wmproxy_load_monitor needlessly installed with setuid privileges (08/07/2013)I checked this:[root@cream-01 ~]# ll /usr/sbin/glite_wms_wmproxy_load_monitor -rwxr-xr-x 1 root root 22916 Jul 8 14:31 /usr/sbin/glite_wms_wmproxy_load_monitorNo bit "s" (or setuid) anymore. BUG: UMD Verification: EMI-3 WMS 3.5.0 Problem with Argus and WMS integration (15/07/2013)I installed on SL5 (cream-01.pd.infn.it) and SL6 (cream-25.pd.infn.it) the official EMI3 WMS. I upgraded the glite-wms-interface rpm to version 3.5.0-9; then I reconfigured both WMSes after had activated argus in the siteinfo:USE_ARGUS=yes ARGUS_PEPD_ENDPOINTS="https://cream-46.pd.infn.it:8154/authz"I restarted both WMSes and submitted succesfully jobs to both WMS services (checking the relevant argus related messages in the WMS server's wmproxy.log logfiles): dorigoa@cream-08 9:09:13 ~>glite-wms-job-submit -a -e https://cream-25.pd.infn.it:7443/glite_wms_wmproxy_server -r cream-47.pd.infn.it:8443/cream-lsf-creamtest1 wms_basic.jdl Connecting to the service https://cream-25.pd.infn.it:7443/glite_wms_wmproxy_server ====================== glite-wms-job-submit Success ====================== The job has been successfully submitted to the WMProxy Your job identifier is: https://prod-wms-01.pd.infn.it:9000/wGz09dIKLkES6NTqR41HyQ ========================================================================== dorigoa@cream-08 9:09:15 ~>glite-wms-job-submit -a -e https://cream-01.pd.infn.it:7443/glite_wms_wmproxy_server -r cream-47.pd.infn.it:8443/cream-lsf-creamtest1 wms_basic.jdl Connecting to the service https://cream-01.pd.infn.it:7443/glite_wms_wmproxy_server ====================== glite-wms-job-submit Success ====================== The job has been successfully submitted to the WMProxy Your job identifier is: https://prod-wms-01.pd.infn.it:9000/I-Hsf5f-fPIp7O12WUri6w ========================================================================== dorigoa@cream-08 9:10:08 ~>ssh root@cream-01.pd.infn.it "grep -B3 -A5 -i argus /var/log/wms/wmproxy.log" root@cream-01.pd.infn.it's password: 18 Jul, 09:09:20 -I- PID: 31933 - "wmpcommon::initWMProxyOperation": Remote GRST CRED: VOMS 1374131257 1374174457 0 /dteam/Role=NULL/Capability=NULL 18 Jul, 09:09:20 -I- PID: 31933 - "wmpcommon::initWMProxyOperation": Service GRST PROXY LIMIT: 6 18 Jul, 09:09:20 -I- PID: 31933 - "wmpcommon::initWMProxyOperation": WMProxy instance serving core request N.: 5 18 Jul, 09:09:20 -I- PID: 31933 - "argus_authZ": creating XACML request for argus 18 Jul, 09:09:20 -I- PID: 31933 - "WMPAuthorizer::authorize": Argus returned PERMIT with mapping uid: 18178, gid: 2688 18 Jul, 09:09:20 -I- PID: 31933 - "argus_authZ": creating XACML request for argus 18 Jul, 09:09:21 -I- PID: 31933 - "WMPAuthorizer::authorize": Argus returned PERMIT with mapping uid: 18178, gid: 2688 18 Jul, 09:09:21 -I- PID: 31933 - "wmpcommon::getType": JDL Type: job 18 Jul, 09:09:21 -I- PID: 31933 - "wmpcoreoperations::regist JOB": Registered job id: https://prod-wms-01.pd.infn.it:9000/I-Hsf5f-fPIp7O12WUri6w 18 Jul, 09:09:21 -I- PID: 31933 - "wmpcommon::getType": JDL Type: job dorigoa@cream-08 9:10:51 ~>ssh root@cream-25.pd.infn.it "grep -B3 -A5 -i argus /var/log/wms/wmproxy.log" root@cream-25.pd.infn.it's password: 18 Jul, 09:09:14 -I- PID: 6790 - "wmpcommon::initWMProxyOperation": Remote GRST CRED: VOMS 140734902907978 1374174457 0 /dteam/Role=NULL/Capability=NULL 18 Jul, 09:09:14 -I- PID: 6790 - "wmpcommon::initWMProxyOperation": Service GRST PROXY LIMIT: 6 18 Jul, 09:09:14 -I- PID: 6790 - "wmpcommon::initWMProxyOperation": WMProxy instance serving core request N.: 5 18 Jul, 09:09:14 -I- PID: 6790 - "argus_authZ": creating XACML request for argus 18 Jul, 09:09:14 -I- PID: 6790 - "WMPAuthorizer::authorize": Argus returned PERMIT with mapping uid: 18178, gid: 2688 18 Jul, 09:09:14 -I- PID: 6790 - "argus_authZ": creating XACML request for argus 18 Jul, 09:09:15 -I- PID: 6790 - "WMPAuthorizer::authorize": Argus returned PERMIT with mapping uid: 18178, gid: 2688 18 Jul, 09:09:15 -I- PID: 6790 - "wmpcommon::getType": JDL Type: job 18 Jul, 09:09:15 -I- PID: 6790 - "wmpcoreoperations::regist JOB": Registered job id: https://prod-wms-01.pd.infn.it:9000/wGz09dIKLkES6NTqR41HyQ 18 Jul, 09:09:15 -I- PID: 6790 - "wmpcommon::getType": JDL Type: job BUG: Three major bugs in EMI2 glite-wms-wmproxy 3.4.1-0.sl6 (15/07/2013)The fix was made some time ago by M. Cecchi, but I do not know why the issue was still open. The EMI3 "out of the box" WMS already has the fix. Just in case I checked the owner of the files:[root@cream-25 ~]# ll /usr/libexec/glite_wms_wmproxy_dirmanager /usr/sbin/glite_wms_wmproxy_load_monitor -rwsr-xr-x 1 root root 15128 May 3 14:20 /usr/libexec/glite_wms_wmproxy_dirmanager -rwxr-xr-x 1 root root 22916 May 3 14:20 /usr/sbin/glite_wms_wmproxy_load_monitorroot is the right owner. BUG: WMProxy and Argus: setting the Argus resource IDFor this fix 3 components have been updated (glite-wms-configuration, glite-wms-common, glite-wms-interface) and after the WMS update a yaim reconfiguration is needed after put of WMS_PEPC_RESOURCEID="..." in the siteinfo.def file. This is my siteinfo:[root@cream-01 ~]# head siteinfo/site-info.def USE_ARGUS=yes WMS_PEPC_RESOURCEID="pippopluto" ARGUS_PEPD_ENDPOINTS="https://cream-46.pd.infn.it:8154/authz"After yaim reconfiguration I got this: [root@cream-01 ~]# grep -r pippopluto /etc/ /etc/glite-wms/glite_wms.conf: Wms_Pepc_ResourceId = "pippopluto"; /etc/grid-security/gsi-pep-callout.conf:xacml_resourceid pippoplutoI added the "pippopluto" resource ID into the cream-46's Argus server. Then I tried a submission to cream-01 and I checked that it went well; also I checked that the right "pippopluto" string is used by the wmproxy: 18 Jul, 09:26:30 -D- PID: 2701 - "WMPAuthorizer::authorize": Argus authZ using resourceID pippoplutoEverytime the resourceID is changed in the files glite_wms.conf and gsi-pep-callout.conf , all gLite services must be restarted otherwise a random behavior can take place.
BUG: Directory /var/condor/spool needs to be created when configuring WMS nodeTo test this bug just check the after a removal of the directory/var/condor , a yaim reconfiguration will re-create correctly /var/condor/spool directory:
[root@cream-25 ~]# service gLite stop >& /dev/null [root@cream-25 ~]# \rm -rf /var/condor [root@cream-25 ~]# /opt/glite/yaim/bin/yaim -c -s siteinfo/site-info.def -n WMS >& /dev/null [root@cream-25 ~]# ls -l /var/condor/ total 28 -rw-r--r-- 1 root root 3765 Jul 18 09:32 condor_config.local drwxr-xr-x 2 glite glite 4096 Jul 18 09:31 config drwxr-xr-x 3 glite glite 4096 Jul 18 09:32 lib drwxr-xr-x 3 glite glite 4096 Jul 18 09:32 lock drwxr-xr-x 3 glite glite 4096 Jul 18 09:32 log drwxr-xr-x 3 glite glite 4096 Jul 18 09:32 run drwxr-xr-x 3 glite glite 4096 Jul 18 09:32 spool-- AlviseDorigo - 2013-07-08 |