12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS FP6−2004−Infrastructures−6-SSA E-infrastructure shared between Europe and Latin America Introduction to the tutorial for site managers Vanessa Hamar Universidad de Los Andes – Mérida, Venezuela 12 th EELA Tutorial Lima, September,2007

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, Outline Layout of the site managers tutorial Available servers Shared pre-requisite for gLite 3.1 services

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, Layout The installation, the configuration and the eventual troubleshooting of the gLite 3.1 services will be shown in real time by the tutors. After each demo service installation you will have time to re-install it by yourself –each participant on his own assigned VM We are going to install gLite services onto VMware Virtual Machines –easy to resume the initial status of the VM for the following service re-installation –useful if you need to re-try the installation due to errors/mistakes/tests

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, Deployment Each machine has VMWare Player/Workstation and a GILDA Base VM image The tutors will use a Virtual Machine with IP (lima03.ring.pucp.edu.pe) There is also another server which will be used as gLite 3.1 repository to speed up the download of RPMs –lima01.ring.pucp.edu.pe local gLite 3.1 repository

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, Access to the VMs IP address: XXX Hostname : limaXX.ring.pucp.edu.pe Username : root Password : linux142 (xxx = 11…60) 5

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, gLite 3.1 software pre-requisites

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, Start from a fresh install of SLC Update your repository list Copy the file lists.tgz from Run cd /etc/apt/sources.list.d/ wget –np tar –xvzf lists.tgz apt-get update Java SDK is required to install almost any LCG/gLite grid service. apt-get install j2sdk Installation Pre-requisites

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, Request a X509 host certificate for the gLite service you are going to install from a Certification Autority (CA). In this case if you want to join EELA Grid request the certificate in the Latin America Catch All We requested the certificates for you, you can copy them from: Install host certificates (hostcert.pem and hostkey.pem) in /etc/grid-security. –chmod 644 hostcert.pem –chmod 400 hostkey.pem Security pre-requisites

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, If you plan to use certificates released by unsupported EGEE CA’s, be sure that their public key, signing policy and CRLs (usually distributed with an rpm) are installed in /etc/grid-security/certificates. For the VO GILDA, the RPM is available from: – 3.i386.rpmhttp://lima01.ring.pucp.edu.pe/eela12/ca_GILDA i386.rpm apt-get install ca_GILDA i386.rpmca_GILDA i386.rpm Security pre-requisites (II)

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, Install the VOMS public certificate for the supported VOs: –For the VO GILDA, the RPM is available from 0.noarch.rpm –For the VO EELA, the RPM is available from 0_noarch.rpm Security pre-requisites (III)

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, Syncronization among all gLite nodes is mandatory. It can be achieved by the NTP protocol with a time server. Install ntp if not already available for your system: – apt-get install ntp Add your time server in /etc/ntp.conf –restrict mask nomodify notrap noquery –server –(you can use ntp-1.infn.it – IP ) Edit /etc/ntp/step-tickers adding your(s) time server(s) hostname Activate the ntpd service with the following commands:  ntpdate  service ntpd start  chkconfig ntpd on You can check ntpd’s status with:  ntpq -p Node Synchronization with NTP

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, YAIM is a set of bash scripts used to install and easily configure the gLite middleware on the target machine Ensure you FQDN is properly set hostname –f Install the latest YAIM using apt-get install glite-yaim-core apt-get install glite-yaim-clients YAIM Installation

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, Installing All the configuration values to sites have to be configured in a site configuration file using key-value pairs. This file is shared among all the different gLite node types. So edit once and keep it in a safe place Create a copy of /opt/glite/yaim/examples/site-info.def template (coming from the glite-yaim-core package) to your reference directory for the installation (e.g. /root/siteinfo): –cp /opt/glite/yaim/examples/site-info.def /root/siteinfo/site- info.def A good syntax test for your site configuration file is to try to source it manually running the command: –source site-info.def

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, Installing CE+Torque Server via apt The configuration is stored in a directory structure which will be extended in the near future. Currently the following files are used: site-info.def and the vo.d directory.

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, Local repository We have installed a local repository at PUCP, so you have to specify its correct path in site-info.def: OS_REPOSITORY="rpm lima01.ring.pucp.edu.pe /rep slc306-i386 os updates extras" LCG_REPOSITORY="rpm lima01.ring.pucp.edu.pe /rep glite_sl3- i386 3_0 3_0_externals 3_0_updates" IG_REPOSITORY="rpm lima01.ring.pucp.edu.pe /rep ig_sl3-i386 3_0_0 utils" GILDA_REPOSITORY="rpm lima01.ring.pucp.edu.pe /rep gilda_app-i386 app 3_0_0" CA_REPOSITORY="rpm lima01.ring.pucp.edu.pe /rep glite_sl3-i386 security"

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, Middleware installation with YAIM We are ready to install the services: /opt/glite/yaim/bin/yaim -i -s - m By example: /opt/glite/yaim/bin/yaim -i -s /root/siteinfo/site-info.def -m glite- SE_dpm_mysql -m glite-BDII This command will download and install all the needed packages. Now we can configure the node: /opt/glite/yaim/bin/yaim -c -s -n -n By example: /opt/glite/yaim/bin/yaim -r -s /root/siteinfo/site-info.def -n SE_dpm_mysql

E-infrastructure shared between Europe and Latin America 12th EELA TUTORIAL - USERS AND SYSTEM ADMINISTRATORS – Lima, September, Questions?