NIKHEF Info
Download
Scheduling
IPtables Gen
Wiki
User-oriented info
... back
Old Info
Adding Users (ikonet)
Deploy guide (ikonet)
EDG release bundles
EDG test bed info
Automatic Jobs (ikonet)
Local Guide
Local Guide (PDF)
Logbook
Browse the 1.1.3 install
Some Logfile analysis
Network statistics
|
Adding a Globus node to the NIKHEF setup
Most of the deployment steps should be initiated from the central
maintenance host (currently: gandalf), since only from this host
remote root access can be obtained. Most of the interesting information
can be found in /global/globussrc/local, but first change
the following files in the relevant install directory (depends on
the version you want to deploy) in /global/globus:
- globus-services.conf: add a line for the job manager(s),
e.g.:
polyeder.nikhef.nl jobmanager stderr_log,local_cred -
${libexecdir}/globus-jobmanager globus-jobmanager
-conf ${sysconfdir}/globus-jobmanager.conf -type fork
-rdn jobmanager -machine-type unknown
or
monochroom.nikhef.nl jobmanager-pbs stderr_log,local_cred -
${libexecdir}/globus-jobmanager globus-jobmanager
-conf ${sysconfdir}/globus-jobmanager.conf -type pbs
-rdn jobmanager -machine-type unknown
But be sure all the information is on one line.
- grid-info-hosts.conf: add a line corresponding to the
host's architecture, e.g.:
triode.nikhef.nl
/global/globus/globus-1.1.3b14-20010312/services/i686-pc-linux-gnu/bin
triode.nikhef.nl -
- globus-gatekeepers.conf: add a line if you do not want the
default (daemon or inetd).
- if the host is the central GIIS host: be sure to temporarily
reset the GIIShost name in the grid-info.conf file
from the generic CNAME to the actual host name, such as to
ghet the giis daemons deployed there.
Go (still on gandalf) to /global/globussrc/local and run
the rsync.globus script (sorry for the name)
in the specified order. The script's source
is here.
Run it without arguments to get some help.
- prepare - create directories /etc/grid-security and /opt/globus
and set the proper ownership and permissions
- deploy - after setting the proper values in
the configuration files (see above), ru globus-local-deploy
on the host. By default, it will NOT preserve the
gatekeeper cert and key, since they're symlinks.
- postdeploy - move any created gatekeeper cert files to
the GSI directory and create the symlinks if needed. Also,
change owener ship and permissions on all suggested files.
Link to the certificates directory on /global/globus/share.
- if needed, add a host cert to the GSI directory -
As root on the specified machine, run:
cd /etc/grid-security
setenv GLOBUS_INSTALL_PATH /global/globus/globus
$GLOBUS_INSTALL_PATH/tools/i686-pc-linux-gnu/bin/grid-cert-request -host triangel.nikhef.nl -dir /etc/grid-security
$GLOBUS_INSTALL_PATH/tools/sparc-sun-solaris2.6/bin/grid-cert-request -host triangel.nikhef.nl -dir /etc/grid-security
ln -s usercert.pem hostcert.pem
ln -s userkey.pem hostkey.pem
- getcerts - make a backup tar file of the /etc/grid-security
GSI directory to gandalf, and make sure the permissions
are very restrictive (also on the directory itself).
Run this step only after you have installed both the proper
gatekeeper and the host certs (after signing).
Temporary problems
Since the source device is now stored on ajax and gandalf
will suffer root-squash, you may prefer running this last
step from ajax and replace "rsh" with "ssh" (and supply
the root password explicitly).
Now, create the proper grid-mapfile, possibly using a hard link, in
the directory /global/globussrc/local/installroot/etc/grid-security,
and add the host, flavour, deploy directory and version to the
globushosts file (this should be done on "ajax").
Then, run the script from the /global/globussrc/local
directory on gandalf: sh Dist.sh hostspecific.
Possibly add the startup to the system init scripts with the command
add_to_init-flavour /deploydir.
Disabling HBM services
The beta version of the HBM punts a huge load on a DNS server if the
hbm collector host does not exist. Disable the hbm (check it!) by
moving the globus-hbm-daemon.conf in $DEPLOY/etc out of the way.
Starting services
To start the GridFTP service in the background, as root run:
/global/globus/gsi-wuftpd-0.5/gsiftpd start
On some systems (schuur, triode, triangel and polyeder), this is symlinked in
/etc/rc.d/rc3.d/ and thus should start automatically. If not,
restart it by hand.
Globus should also be started automatically on all hosts mentioned in
/global/globussrc/local/globushosts, since on those hosts
the SXXglobus script is symlinked in the SysV rc*
directories for runlevels 3 and 5. Refer to the appropriate rc directory
for starting manually or run on these systems:
/opt/globus/sbin/SXXglobus start
On monochroom, also a PBS service is started in runlevel 3 and 5. If
it fails, run:
/opt/OpenPBS_2_3_12/sbin/openpbs start
Preserving on reinstall
On a globus node, the following files are installed as part of the Globus
deployment:
/opt/globus/
/etc/grid-security/
and the SysV-init style run scripts. These can be installed
using the scripts add_to_init-* in /global/globussrc/local.
For PBS, the files are in
/opt/OpenPBS*/
/var/spool/PBS/
And a symlink to the "/opt/OpenPBS*/sbin/openpbs" script in the SysV
init rc directory for runlevels 3 and 5.
Relevant Globus releases (verified) | 1.1.3, 1.1.3b14 |
Creation date | April 18, 2001 |
| May 30, 2001 |
| July 6, 2001 |
Author(s) | David Groep |
Comments to David Groep
|