Tags:
create new tag
,
view all tags
-- Main.MarcoVerlato - 2011-12-16 ---+ Quick gLite Middleware Deployment HOW-TO for CYCLOPS ---++ Grid Elements deployment CYCLOPS sites willing to deploy gLite services (CE, SE, UI, WN) might consider to follow the installation/configuration instructions of the INFNGRID release [[http://igrelease.forge.cnaf.infn.it/doku.php?id=doc:guides:install-3_1][ gLite 3.1/SL4 guide]]. Commodity PCs are typically enough powerful to run the majority of the grid services. A minimal hardware configuration can be the following: a biprocessor machine with 1GB/core of RAM and 80GB SATA of HD. Most recent machines with 2-CPU quad-core and 2GB/core RAM can even be virtualized to host 4 different grid services with minimal loss of performances. The most relevant grid elements you may want to deploy at your site have recently migrated (18/1/2008) to gLite 3.1 version on [[https://www.scientificlinux.org/distributions/4x/][Scientific Linux 4]] (x86_32 version). Some grid elements needed at your grid site (e.g. the MON box) are still gLite 3.0 on [[http://linux.web.cern.ch/linux/scientific3/][ Scientific Linux CERN 3]], and have to be deployed according to the following [[http://igrelease.forge.cnaf.infn.it/doku.php?id=doc:guides:install-3_0][ glite 3.0/SL3 guide]]; The plan for migrating all of the other grid elements to SL4 (32 and 64 bits versions) is available [[https://twiki.cern.ch/twiki/bin/view/EGEE/Glite31NodeTracker][here]]. Most of grid services needs a X509 certificate issued by a [[http://www.gridpma.org/ | IGTF]] recognized Certification Authority (e.g. LIP CA, GRID-FR CA, INFN CA, LCG catch-all,...). European sites should identify [[http://eugridpma.org/members/worldmap/][here]] their national CA and verify if their Institute is already a Registration Authority (RA) of that CA. If not, they should ask the CA to become a qualified RA, in order to be able to issue both host and personal certificates needed for grid operations. *Be sure* that the administrative network domain hosting the gLite services to be deployed is configured in order to allow communications with external hosts and ports as described in the document available [[https://twiki.cern.ch/twiki/bin/view/LCG/LCGPortTable#The_middleware_port_list][here]]. In particular: * most of the grid services has to be run on hosts with '''public IP address''', and only the WNs can run under NAT with an appropriate configuration; * you need '''DNS Reverse Name Resolution''' to make Grid Security Infrastructure (GSI) to work properly; * time syncronisation (within minutes) among interacting grid elements is also required by GSI. The use of Network Time Protocol (NTP) is reccomended; As an example, for the UI you should make sure that the following ports are open for communication with the cyclops VO services: ||from ||port ||to ||port ||service || || localhost || >1023 || prod-wms-01.pd.infn.it || 7443 || WMProxy || || localhost || >1023 || prod-wms-01.pd.infn.it || 2811 || gridFTP Server || || localhost || >1023 || prod-lb-01.pd.infn.it || 9000 || LB || || localhost || >1023 || prod-lb-01.pd.infn.it || 9003 || LB || || localhost || >1023 || voms2.cnaf.infn.it || 15011 || VOMS Server || This INFNGRID Release is 100% compatible with gLite 3.x release, but has some additional advanced accounting and monitoring features (see [[http://grid-it.cnaf.infn.it/fileadmin/sysadm/releasenotes/releasenotes-3_0_0.html][here]] for more details). Furthermore it allows you to automatically enable the '''cyclops VO''' at your site. The [[http://igrelease.forge.cnaf.infn.it/doku.php?id=doc:updates:start][updates]] of INFNGRID Release are very frequent and important, please pay attention to them checking periodically the link. The release is of course fully supported by the Italian ROC (Regional Operation Centre in EGEE terminology) with a ticketing system, a knowledge base, and 4 people a day weekly rotating on duty covering 11 hours during the working days (11x5). More infos are available at http://grid-it.cnaf.infn.it/ ---++ cyclops VO service configuration At the link https://voms2.cnaf.infn.it:8443/voms/cyclops/Configuration.do you'll find the data needed to configure the Grid services you might want to deploy at your site. If you are using the INFNGRID Release, you can automatically enable the cyclops VO in your gLite services using ig-yaim. In particulary, the file /opt/glite/yaim/examples/ig-site-info.def already contains the needed lines: VO_CYCLOPS_SW_DIR=$VO_SW_DIR/cyclops <br/> VO_CYCLOPS_DEFAULT_SE=$CLASSIC_HOST <br/> VO_CYCLOPS_STORAGE_DIR=$CLASSIC_STORAGE_DIR/cyclops <br/> VO_CYCLOPS_VOMS_SERVERS="'vomss://voms2.cnaf.infn.it:8443/voms/cyclops?/cyclops' 'vomss://voms-02.pd.infn.it:8443/voms/cyclops?/cyclops'" <br/> VO_CYCLOPS_VOMSES="'cyclops voms2.cnaf.infn.it 15011 /C=IT/O=INFN/OU=Host/L=CNAF/CN=voms2.cnaf.infn.it cyclops' 'cyclops voms-02.pd.infn.it 15011 /C=IT/O=INFN/OU=Host/L=Padova/CN=voms-02.pd.infn.it cyclops'" <br/> while 20 pool accounts + 3 sgmcyclop00* are included in the relevant files /opt/glite/yaim/etc/ig-users.conf and /opt/glite/yaim/etc/ig-groups.conf When installing e.g. a Computing Element with ig-yaim then automatically you get the VOMS mapping like: [root@prod-ce-01 root]# cat /opt/edg/etc/lcmaps/gridmapfile <br/> ...<br/> "/VO=cyclops/GROUP=/cyclops/ROLE=SoftwareManager/Capability=NULL" .sgmcyclops <br/> "/VO=cyclops/GROUP=/cyclops/ROLE=SoftwareManager" .sgmcyclops <br/> "/VO=cyclops/GROUP=/cyclops/Role=NULL/Capability=NULL" .cyclops <br/> "/VO=cyclops/GROUP=/cyclops" .cyclops If you are not using INFNGRID, e.g. you are just re-configuring a previous existing pure LCG/gLite site, you'll need to install the cyclops VOMS server certificate, which is not included in the gLite official rpms. You can download it from http://grid-it.cnaf.infn.it/mrepo/ig_sl4-i386/RPMS.3_1_0/ig-vomscerts-all-1.0-7.noarch.rpm ---++ cyclops VO enabled gLite services Some high-level gLite services of the production INFN-GRID infrastructure have been enabled with the cyclops VO, these are: * a glite-WMS hosted by prod-wms-01.pd.infn.it * a glite-LB hosted by prod-lb-01.pd.infn.it * a glite-BDII hosted by prod-bdii-01.pd.infn.it * a glite-VOMS server (https://voms2.cnaf.infn.it:8443/voms/cyclops/) * a gLite-LFC catalogue hosted by lfcserver.cnaf.infn.it Users members of cyclops VO can exploit the glite-WMS to submit jobs to Computing Elements of the test-bed (see [[QuickGLiteUserGuide][here]] how to become an cyclops VO member). Up to now 16 CEs have been enabled cyclops VO, as you can see running from your UI the following command using a simple JDL file: $ glite-wms-job-list-match -a [[http://grid-it.cnaf.infn.it/cyclops/wiki/pub/echo.jdl][echo.jdl]] Connecting to the service https://prod-wms-01.pd.infn.it:7443/glite_wms_wmproxy_server ========================================================================== COMPUTING ELEMENT IDs LIST The following CE(s) matching your job requirements have been found: CEId - ce.cp.di.uminho.pt:2119/jobmanager-lcgpbs-cyclops <br/> - ce.egee.di.uminho.pt:2119/jobmanager-lcgpbs-cyclops <br/> - egee-ce.datagrid.jussieu.fr:2119/jobmanager-lcgpbs-esr <br/> - grid001.ts.infn.it:2119/jobmanager-lcglsf-grid<br/> - grid003.roma2.infn.it:2119/jobmanager-lcgpbs-grid<br/> - gridce.ilc.cnr.it:2119/jobmanager-lcgpbs-grid<br/> - gridce.pi.infn.it:2119/jobmanager-lcglsf-grid4<br/> - gridce.sns.it:2119/jobmanager-lcgpbs-grid<br/> - prod-ce-01.pd.infn.it:2119/jobmanager-lcglsf-cyclops<br/> - prod-ce-02.pd.infn.it:2119/jobmanager-lcglsf-cyclops<br/> - gridba2.ba.infn.it:2119/jobmanager-lcgpbs-infinite<br/> - gridba2.ba.infn.it:2119/jobmanager-lcgpbs-long<br/> - gridba2.ba.infn.it:2119/jobmanager-lcgpbs-short<br/> - ce02.lip.pt:2119/jobmanager-lcgsge-cyclopsgrid<br/> - gridce2.pi.infn.it:2119/jobmanager-lcglsf-grid4<br/> - grid002.ca.infn.it:2119/jobmanager-lcglsf-grid<br/> ========================================================================== When other '''EGEE Production Grid''' sites will enable the cyclops VO, these will be match-ables by the above WMS. For those sites not yet part of EGEE willing to join the infrastructure, a dedicated WMS, LB and TOP BDII will be set up at one of the CYCLOPS Project partner's sites. These dedicated grid services will made accessible both the EGEE Production and the new resources. The latter will be included as soon as the LDAP address of their site-BDII will be provided. This is a string like: ldap://prod-ce-01.pd.infn.it:2170/mds-vo-name=INFN-PADOVA,o=grid and it allows us to include your site to our dedicated TOP BDII.
E
dit
|
A
ttach
|
PDF
|
H
istory
: r1
|
B
acklinks
|
V
iew topic
|
M
ore topic actions
Topic revision: r1 - 2011-12-16
-
MarcoVerlato
Home
Site map
CEMon web
CREAM web
Cloud web
Cyclops web
DGAS web
EgeeJra1It web
Gows web
GridOversight web
IGIPortal web
IGIRelease web
MPI web
Main web
MarcheCloud web
MarcheCloudPilotaCNAF web
Middleware web
Operations web
Sandbox web
Security web
SiteAdminCorner web
TWiki web
Training web
UserSupport web
VOMS web
WMS web
WMSMonitor web
WeNMR web
Cyclops Web
Create New Topic
Index
Search
Changes
Notifications
RSS Feed
Statistics
Preferences
View
Raw View
Print version
Find backlinks
History
More topic actions
Edit
Raw edit
Attach file or image
Edit topic preference settings
Set new parent
More topic actions
Account
Log In
E
dit
A
ttach
Copyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki?
Send feedback