Site BDII and CE Installation Muhammad Farhan Sjaugi

Site BDII and CE Installation Muhammad Farhan Sjaugi, UPM farhansj@biruni. upm. my. KLACGRID 2009 November 2 -14 2009, UM Malaysia 1

Short Introduction 2

Login to Virtual Machine • Start SSH to ui. thinkgrid. org • Use the username and password specified in your tutorial worksheet to ssh to your VM 3

Time Syncronization • A general requirement for the g. Lite nodes is that they are synchronized. • Configure the file /etc/ntp. conf by adding the lines dealing with your time server configuration such as, for instance: # Prohibit general access to this service. restrict default ignore restrict 193. 206. 144. 10 mask 255 nomodify notrap noquery server 127. 1. 0 # local clock fudge 127. 1. 0 stratum 10 server ntp-1. infn. it 4

Time Syncronization • Edit the file /etc/ntp/step-tickers adding a list of your time server(s) hostname(s) cat /etc/ntp/step-tickers 193. 206. 144. 10 • If you are running a kernel firewall, you will have to allow inbound communication on the NTP port. • If you are using iptables, you can add the following to /etc/sysconfig/iptables -A INPUT -s <NTP-server. IP-1> -p udp --dport 123 -j ACCEPT • You can then reload the firewall : service iptables restart 5

Time Synchronization • Activate the ntpd service with the following commands: # ntpdate <your ntp server name> # service ntpd start # chkconfig ntpd on • You can check ntpd's status by running the following command : # ntpq -p 6

The Installation • Startup VM for Site BDII, CE installation • Configure yum repositories yourself, Under /etc/yum. repos. d • The middleware repos: – – – – wget ftp: //mirror. biruni. upm. my/repos/3. 1/lcg-CE. repo wget ftp: //mirror. biruni. upm. my/repos/3. 1/lcg-CA. repo wget ftp: //mirror. biruni. upm. my/repos/3. 1/glite-BDII. repo wget ftp: //mirror. biruni. upm. my/repos/3. 1/glite-TORQUE_server. repo wget ftp: //mirror. biruni. upm. my/repos/3. 1/glite-TORQUE_utils. repo wget ftp: //mirror. biruni. upm. my/repos/3. 1/jpackage. repo wget ftp: //mirror. biruni. upm. my/klacgrid/gilda. repo • Install metapackages for site BDII, CE, torque server: – yum install lcg-CA lcg-CE glite-BDII glite-TORQUE_server glite. TORQUE_utils gilda_utils java-1. 6. 0 -sun-compat 7

Obtain configuration files • Copy configuration files to your VM – cd /opt/glite/yaim/etc/ – wget ftp: //mirror. biruni. upm. my/klacgrid/site-info. def – wget ftp: //mirror. biruni. upm. my/klacgrid/users. conf – wget ftp: //mirror. biruni. upm. my/klacgrid/groups. conf • Protect your configuration file – chmod 600 site-info. def • Create a new file called wn-list. conf – <put your secondary virtual machine> 8

Obtain Host Certificates • Copy host certificates: cd /etc/grid-security/ wget ftp: //mirror. biruni. upm. my/klacgrid/hostcert/vm. XXX. thinkgrid. org/ vm. XXX. thinkgrid. org-cert. pem wget ftp: //mirror. biruni. upm. my/klacgrid/hostcert/vm. XXX. thinkgrid. org/ vm. XXX. thinkgrid. org-key. pem • Rename and change permission of host certificates: mv vm. XXX. thinkgrid. org-cert. pem hostcert. pem mv vm. XXX. thinkgrid. org-key. pem hostkey. pem chmod 400 hostkey. pm chmod 644 hostcert. pem 9

General YAIM Parameters -BDII • For Site_BDII, the mandatory variables in siteinfo. def – SITE_BDII_HOST – BDII_REGIONS – BDII_<node-type>_URL – SITE_LOC, SITE_LAT, SITE_LONG – CE_HOST – SE_LIST – SITE_NAME – SITE_EMAIL – SITE_SECURITY_EMAIL, SITE_SUPPORT_EMAIL 10

General YAIM Parameters -CE • For CE, the mandatory variables in site-info. def : – CE_HOST – Sub. Cluster configuration : 11

General YAIM Parameters -CE • VOs related variables: VOS, <queue-name>_GROUP_ENABLE VO_<vo-name>_SW_DIR, VO_<vo-name>_VOMS_SERVERS, VO_<vo-name>_VOMSES, VO_<vo-name>_VOMS_CA_DN. • Torque server configuration variables: BATCH_SERVER, JOB_MANAGER, CE_HOST CE_BATCH_SYS, BATCH_VERSION, BATCH_LOG_DIR GROUPS_CONF, MON_HOST QUEUES, SE_LIST USERS_CONF WN_LIST 12

Configure CE Settings for the site-info. def MY_DOMAIN="thinkgrid. org“ # Human-readable name of your site SITE_NAME=ACGRID-CE-<PARTICIPANT_ID> Customize here! # The contact e-mail of your site SITE_EMAIL=“” Add your email here # Hostname of the CE CE_HOST=<Your_CE_Server> Customize here! TORQUE_SERVER=$CE_HOST BATCH_VERSION=2. 3. 0 # Jobmanager specific settings. Please, define: # lcgpbs, lcglfs, lcgsge or lcgcondor JOB_MANAGER=lcgpbs # Number of Logical CPUs (cores) of the WN in the Sub. Cluster CE_SMPSIZE=1

Configure CE # torque, lsf, sge or condor CE_BATCH_SYS=torque BATCH_LOG_DIR=/var/spool/pbs_server/logs/ # Space separated list of SEs hostnames SE_LIST=se. $MY_DOMAIN # Hostname of the RGMA server MON_HOST=ui. $MY_DOMAIN # Space separated list of VOs supported by your site VOS="gilda euasia" # Prefix of the experiment software directory in your CE VO_SW_DIR=/opt/exp_soft # Space separated list of queues configured in your CE QUEUES="gilda euasia" GILDA_GROUP_ENABLE="gilda" EUASIA_GROUP_ENABLE="euasia"

Configure CE ##### # EUASIA # ##### VO_EUASIA_SW_DIR=$VO_SW_DIR/euag VO_EUASIA_DEFAULT_SE=$DPM_HOST VO_EUASIA_STORAGE_DIR=$CLASSIC_STORAGE_DIR/euasia VO_EUASIA_VOMS_SERVERS="vomss: //voms. grid. sinica. edu. tw: 8443/v oms/euasia? /euasia" VO_EUASIA_VOMSES="'euasia voms. grid. sinica. edu. tw 15015 /C=TW/O=AS/OU=GRID/CN=voms. grid. sinica. edu. tw euasia'" VO_EUASIA_VOMS_CA_DN="'/C=TW/O=AS/OU=GRID/CN=voms. grid. sinica. edu. tw'" VO_EUASIA_CA_DN="'/C=TW/O=AS/CN=Academia Sinica Grid Computing Certification Authority Mercury'"

Configure (cont. ) ##### # GILDA # ##### VO_GILDA_SW_DIR=$VO_SW_DIR/gilda VO_GILDA_DEFAULT_SE=$DPM_HOST VO_GILDA_STORAGE_DIR=$CLASSIC_STORAGE_DIR//gilda VO_GILDA_QUEUES= "gilda" VO_GILDA_VOMS_SERVERS="vomss: //voms. ct. infn. it: 8443/voms/gilda ? /gilda" VO_GILDA_VOMSES="'gilda voms. ct. infn. it 15001 /C=IT/O=INFN/OU=Host/L=Catania/CN=voms. ct. infn. it gilda'" VO_GILDA_VOMS_CA_DN="'/C=IT/O=INFN/CN=INFN CA'"

Install VOMS CE • Download under /etc/grid-security/vomsdir/ the EUASIA voms host certificate wget http: //ca. grid. sinica. edu. tw/publication/new. CRT/newcerts/0341. crt and rename this file to voms. grid. sinica. edu. tw. pem

Use YAIM to Configure • Check syntax of site-info. def – cd /opt/glite/yaim/etc/ – source site-info. def • Verify parameter for metapackages – /opt/glite/yaim/bin/yaim –v -s site-info. def –n BDII_site -n lcg-CE –n TORQUE_server -n TORQUE_utils • Start configuring for metapackages – /opt/glite/yaim/bin/yaim –c -s site-info. def –n BDII_site -n lcg-CE –n TORQUE_server -n TORQUE_utils 18

Port checks • Complete list: http: //glite. cvs. cern. ch/cgi-bin/glite. cgi/org. glite. siteinfo. ports/doc/middlewareports. txt? revision=1. 15&view=markupthe 19

Site BDII Test • To check the information published in site BDII, $ ldapsearch -x –h <CE hostname>: 2170 -b o=grid # extended LDIF # # LDAPv 3 # base <o=grid> with scope sub # filter: (objectclass=*) # requesting: ALL # # grid dn: o=grid object. Class: Glue. Top # MY-TOTOR, grid dn: Mds-Vo-name=MY-TOTOR, o=grid object. Class: Glue. Top # ce. euag. org: 2119/jobmanager-lcgpbs-gilda, resource, grid dn: Glue. CESEBind. Group. CEUnique. ID=ce. euag. org: 2119/jobmanager-lcgpbs-gilda, Mds-V o-name=resource, o=grid object. Class: Glue. General. Top object. Class: Glue. CESEBind. Group object. Class: Glue. Schema. Version Glue. CESEBind. Group. CEUnique. ID: ce. euag. org: 2119/jobmanager-lcgpbs-gilda Glue. CESEBind. Group. SEUnique. ID: dpm. euag. org Glue. Schema. Version. Major: 1 Glue. Schema. Version. Minor: 3 20

References • Generic Installation and Configuration Guide g. Lite 3. 1 https: //twiki. cern. ch/twiki/bin/view/LCG/Generic. Install. Guid e 310 • YAIM 4 Guide https: //twiki. cern. ch/twiki/bin/view/LCG/Yaim. Guide 400 • Site-info. def Parameters https: //twiki. cern. ch/twiki/bin/view/LCG/Siteinfo_configurati on_variables • More resource http: //www. euasiagrid. org/wiki/index. php/Training_material s_and_other_resources 21

• Question? ? ? 22