Line: 1 to 1 | ||||||||
---|---|---|---|---|---|---|---|---|
Introduction to v2.1 Installation and ConfigurationThis installation guide is divided as follows:
It is advisable, even if not required that the sensors are installed before the collector. In case of problems during installation please contact wms-support<at>cnaf.infn.it NOTE: In release 2.0 the database schema has changed! if you are running an update from a version older that 2.0 it will be automatically ported to the new schema by the configuration script. If you run a version earlier to 2.0 and want to port the old data to the new VO statistics page please contact wms-support<at>cnaf.infn.it after the installation/configuration completes. If you are upgrading from 2.0 VO statistics will be automatically ported. WMSMON Sensors installation on WMS/LB/WMSLB nodes(do all the following as root on all your WMS, LB, WMSLB nodes - the procedure is independent on the node type)
- SNMPPASSWD = 'The password you choose for snmp communication between data collector and wms instance !! NOTE: it must be the same on every wmsmon_site-info.def - SERVER_MYSQL_PASSWORD = 'your_pass' (This is FUNDAMENTAL ON LB NODES) - LB_PARA_HOST = Host publishing the LB_PARAMETER FILE that initializes lb queries. It is the procol://host:port of the http service running on the collector instances. !!!(THIS IS FUNDAMENTAL ON EVERY HOST PLEASE READ CAREFULLY WHAT FOLLOWS)!!! If you follow the instruction below for the server installation without modifying the httpd configuration it is http://<WMSMMON_HOST> # Other examples in case of modified httpd conf #Examples: # http://host.domain # https://host.domain # https://host.domain:8443 In the post installation steps you'll find some basic instruction on how to configure httpd - if you change the httpd configuration (in particular http to https or the port number) remember to change the LB_PARA_HOST on all instances) If the parameters mentioned above are not set an error will be raised a t configuration time (only a warning for the mail address) When setting a password please read the comments in the wmsmon_site-info.def file to know if the password must be enclosed between ' ' You can ignore the LOAD BALANCING PARAMETERS section if you are not installing a load balancing arbiter.
If the node is an LB the script will add grants to for wmsmon user on DB lbserver20. It's important that the MYSQL root passwd is set corrrectly in wmsmon_site-info.def file. The script will not remove old WMSMonitor path /root/wmsmon in order not to destroy user manual changes. That directory can be removed manually without creating problems to the sensors. If at the end of the script you see the string: "WMSMONITOR SENSORS SUCCESSFULLY CONFIGURED!" it means that everything went fine . In case of problems running the script please contact wms-support<at>cnaf.infn.it . WMSMON Data Collector installation(do all the following as root)
- LEMONFLAG = 1 'If you do not have a lemon tool on the wms/lb instance set to 0' - LEMONURL = 'Set to the machine lemon url if any' - SNMPPASSWD = 'The password you choose for snmp communication between data collector and wms instance !! NOTE: it must be the same on every wmsmon_site-info.def - WMSMON_SEVER_CONTACT_EMAIL = MAIL CONTACT that will appear in web pages error messages. Users will be invited to send email to this address. If the parameters mentioned above are not set an error will be raised a t configuration time (only a warning for the mail address) When setting a password please read the comments in the wmsmon_site-info.def file to know if the password must be enclosed between ' ' You can ignore the LOAD BALANCING PARAMETERS section if you are not installing a load balancing arbiter.
It must be edited as shown in the template file in the following way: wms1.your_domain lb1.your_domain vo1 .... wmsn.your_domain lbn.your_domain von You should insert the wms/lb pairs monitored and a vo served by the pair. The vo indication will be used only to group the wms in the wmsmon web pages, and not for the job counting per vo. If a pair serve more than one VO you can choose a word like multi or multiVO. You can also use this tag to group the wms by their role: PROD, DEVEL etc... IMPORTANT: THE FILE CANNOT BE COMMENTED!
Post installation STEPSIn order to increase php performance it is advisable that you increase the php allocable memory.Modify the /etc/php.ini to have the folloving line: memory_limit = 56M The WMSMON web configuration does not modify the default port (80) used by httpd. To modify the port number edit /etc/httpd/conf/httpd.conf and edit the line: Listen <port_number>Then restart httpd ( service httpd restart) The WMSMON server needs a valid host certificate stored in a HOST_CERTIFICATE_DIR (i.e. /etc/grid-security) Install mod_ssl package: -Run: yum install mod_ssl Install the accepted ca packages, i.e. you can execute the following: - Create the /etc/yum.repos.d/lcg-ca.repo file containing: [CA] name=CAs baseurl=http://linuxsoft.cern.ch/LCG-CAs/current protect=1- Run : yum install lcg_CA Edit the /etc/httpd/conf/httpd.con f and add the following inside the <Directory /var/www/html> section the following lines : SSLRequireSSL SSLVerifyClient require SSLVerifyDepth 10Edit the /etc/httpd/conf.d/ssl.conf and: - set the SSLCertificateFile variable to HOST_CERTIFICATE_DIR/hostcert.pem and comment any other line that set this variable. - set the SSLCertificateKeyFile variable to HOST_CERTIFICATE_DIR/hostkey.pem and comment any other line that set this variable. _ _ - set the SSLCACertificatePath variable to the name of the directory containing the CA file (i.e. /etc/grid-security/certificates if you installed the lcg_CA metapackage) and comment any other line that set this variable. If you want to change the default https port (443) you should change in the /etc/httpd/conf.d/ssl.conf file the line: Listen <port_number> (i.e. Listen 8443) _Oprtional redirect - If you want to automatically redirect http requests to https pages you should add to the /etc/httpd/conf/httpd.conf file the following section (using the proper values for the variables_ SERVER_HOST_IP,SERVER_HOST_NAME and YOUR_DOMAIN): <VirtualHost SERVER_HOST_IP:80> DocumentRoot /var/www/html ServerName SERVER_HOST_NAME.YOUR_DOMAIN RedirectMatch (/.*)$ https://SERVER_HOST_NAME.YOUR_DOMAIN/$1 </VirtualHost>Restart httpd WMSMONitor reports a section with users activity on each WMS. Name and surname of each user is reported on some pages and these pages for privacy reasons are not exposed to all certificates If you want to unlock those pages to some certificate DN you should enable https protocol as descrbed in the previous paragraph(Optional secure http enabled) and do the following: - Edit the /var/www/html/wmsmon/common/config.php file and modify the last line adding the list of DNs in the line $config->dnEnabledList=array('DN1','DN2'....'DNn');If you want to unlock the pages with sensible data to everyone (using either http or https) you have to change the value of the $config->protectedPage variable in /var/www/html/WEBDIR/common/config.php file (WEBDIR is defined in the site-info.def file) and set it to 0: $config->protectedPages=0;WMSMON uses the snmp standard port (in general the 183) for sensor-collector communications. If a firewall blocks the snmp port it is possible to enable the communication on a not-standard port. This can be useful when the data collector and the WMS cluster are not in the same computing centre. If you are not in this case you can skip this section. NOTE: this feature is not well tested, please report any problem and bug found to wms-support<at>cnaf.infn.it To enable high port support you should modify the wmslist.conf file adding a fourth column indicating which is the port number to be used on that particular wms/lb pair: wms1.your_domain lb1.your_domain vo1 port1 NOTE: it is not possible to specify 2 different port numbers for WMS and LB. On WMS/LB sensor side you should set snmp in order to listen for request on the port you choose. This is accomplished by adding in the /etc/snmp/snmpd.conf file the following line: agentaddress <port_number>and restarting snmp (service snmpd restart) To configure the Arbiter parameters in the site_info.def file refer to: https://twiki.cnaf.infn.it/cgi-bin/twiki/view/WMSMonitor/WMSLoadBalancingArbiter The WMS instances load balancing arbiter is a python script wms_balancing_arbiter.py which must be executed periodically in a cron. It should be executed in cascade to the data_collector script in order to take advantage of latest available metric collected by the WMSMonitor from each WMS instance. Note that also an utility is provided, external_wmsmon_metrics_collector.py, to allow the inclusion of WMS instances monitored by other WMSMonitor servers in the list of defined aliases. This is useful for ROC level definition of some WMS aliases pointing to WMS instances geographycally distributed and momitored by different WMSMonitor instances. To make this work you must edit the external_wmsmon_metrics_collector.py script directly adding the WMSMonitor urls of instances to monitor as in the example below: urllist=['https://wmsmon.ct.infn.it:8443/wmsmon/details/details.php?wms=prod-wms-01.ct.infn.it', 'https://wmsmon.ct.infn.it:8443/wmsmon/details/details.php?wms=prod-wms-02.ct.infn.it'] and add its execution in the load balancing cron, which is something like: 5,20,35,50 * * * * root /PATH/external_wmsmon_metrics_collector.py; /PATH/wms_balancing_arbiter.py >> /var/www/html/loadbalancing_test.log 2>&1 Note that /var/www/html/loadbalancing_test.log file readable through the web displays the WMS IP list in the alias for all defined aliases. It is advisable that you configure a logrotate for the arbiter log file. This is possiblle ading the following lines to the /etc/wmsmon_logrotate.conf file: /var/www/html/loadbalancing_test.log { copytruncate rotate 100 size = 1M missingok nomail } |