Globus 2 Installation and Setup Dr. David Wallom Grid Support Centre
advertisement
Globus 2 Installation
and Setup
Dr. David Wallom
Grid Support Centre
Aims
•
•
•
•
Describe the components of the Globus Toolkit Version 2 and its
release mechanism.
Install from the source distribution the 2.4.2 Globus release;
– Showing dependant software such as compilers/interpreters.
Setup and start all services;
– Show common housekeeping tasks such as user addition, log
file interpretation etc.
Configuration of more in depth tasks;
– Hierarchal MDS setup.
– Alternative job manager setup.
– Recognition of multiple certification authorities.
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
2
Grid Support Centre
What is a GRID
• A GRID may be defined as a network of disparate and
geographically physically separated machines engaged
using some form of ‘middleware’ to produce a common
functionality.
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
3
Grid Support Centre
The Globus Toolkit, an Overview
Three component structure (pillars) of the toolkit
• Resource management
• Allocation of available resources
• Information services
• Provides information about grid resources
• Data management
• Accessing and managing data in a grid
environment
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
4
Grid Support Centre
Resource Management
• Resource Management involves the allocation and
management of Grid resources. It includes components
GRAM, DUROC and GASS.
– GRAM: Globus Resource Allocation Manager
– DUROC: Dynamically-Updated Request Online
Coallocator
– GASS: Global Access to Secondary Storage
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
5
Grid Support Centre
Job Submission Architecture
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
6
Grid Support Centre
Resource Specification Language
• Common notation for exchange of information between
components
– Syntax similar to MDS/LDAP filters
• RSL provides two types of information:
– Resource requirements: Machine type, number of
nodes, memory, etc.
– Job configuration: Directory, executable, args,
environment
• Globus Toolkit provides an API/SDK for manipulating
RSL
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
7
Grid Support Centre
RSL Syntax
•
•
•
•
Elementary form: parenthesis clauses
– (attribute op value [ value … ] )
Operators Supported:
– <, <=, =, >=, > , !=
Some supported attributes:
– executable, arguments, environment, stdin, stdout, stderr,
resourceManagerContact,
resourceManagerName
Unknown attributes are passed through
– May be handled by subsequent tools
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
8
Grid Support Centre
Constraints: “&”
• For example:
& (count>=5) (count<=10)
(max_time=240) (memory>=64)
(executable=myprog)
• “Create 5-10 instances of myprog, each on a machine
with at least 64 MB memory that is available to me for
4 hours”
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
9
Grid Support Centre
Disjunction: “|”
• For example:
& (executable=myprog)
( | (&(count=5)(memory>=64))
(&(count=10)(memory>=32)))
• Create 5 instances of myprog on a machine that has
at least 64MB of memory, or 10 instances on a
machine with at least 32MB of memory
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
10
Grid Support Centre
Example RSL file
(* this is a comment *)
& (executable = /bin/date (* <-- that is an unquoted literal *))
(directory =/home/globus )
(arguments = arg1 "arg 2")
(count = 1)
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
11
Grid Support Centre
Information Services
• Information Services provide information about Grid
resources. This includes MDS, GIIS and GRIS.
– MDS: Monitoring and Discovery Service
• GIIS: Grid Index Information Service
– One per Virtual Organisation (VO)
• GRIS: Grid Resource Information Service
– One per machine registered within the VO
(Both of these run as the same executable with
differing configurations)
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
12
Grid Support Centre
Data Management
• Controls the ability to access and manage data in a grid
environment. This includes components:
– GridFTP - This is used to move files between gridenabled storage systems.
– Replica Catalogue Mechanism
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
13
Grid Support Centre
GridFTP
• Why FTP?
– Ubiquity enables interoperation with many
commodity tools
– Already supports many desired features, easily
extended to support others
– Well understood and supported
• We use the term GridFTP to refer to
– Transfer protocol which meets requirements
– Family of tools which implement the protocol
• Note GridFTP > FTP
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
14
Grid Support Centre
Replica Management
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
15
Grid Support Centre
A Word on GASS
• The Globus Toolkit provides services for file and
executable staging and I/O redirection that work well with
GRAM. This is known as Globus Access to Secondary
Storage (GASS).
• GASS uses GSI-enabled HTTP as the protocol for data
transfer, and a caching algorithm for copying data when
necessary.
• The globus_gass, globus_gass_transfer, and
globus_gass_cache APIs provide programmer access to
these capabilities, which are already integrated with the
GRAM job submission tools.
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
16
Grid Support Centre
What are we installing?
• Reference implementation of Grid Protocols
• GRAM
– globus_gatekeeper (runs as part of xinetd)
• MDS
– gris (Started as SXXgris)
• GridFTP
– in.ftpd
• GSISSH
– gsisshd
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
17
Grid Support Centre
Package Management and Installation
• Generally recommended to use the Grid Packaging
Toolkit
– Comes with various user tools for:
• Installation of binary bundles
• Building of source bundles
• Updating already installed bundles
• Querying installation tree
– For the developer this also has tools for constructing
source and binary bundles for further distribution
• A similar idea to RPM
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
18
Grid Support Centre
GPT and What Is It?
• A set of PERL libraries/modules
• Requires Perl 5.005 or better to be installed
• Can install independently of Globus
– $GPT_LOCATION
• Ability to manage post installation setup of
packages
• Ensures that no package will be reinstalled
unnecessarily
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
19
Grid Support Centre
Method of Toolkit Distribution
• Source and binary bundles
– E.g. globus-information-services-client-2.4.2-src_bundle.tar.gz
– Contains all the information for package
• Dependancies
• Post-install setup
• Uninstall information
• Each pillar has one bundle for each of:
– Server
– Client
– Software development kit
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
20
Grid Support Centre
Source Distribution
• Advantages:
– If you build the code on your own machine then
dependencies during build will be found then.
– Stops strange unknown errors occurring due to other
installed applications and their dependant library
versions.
– Easier to ultimately debug problems within the toolkit
should any occur.
• Disadvantages:
– Slow due to compilation etc.
– Can lead to space problems due to object files etc.
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
21
Grid Support Centre
Flavours of Building
•
•
•
•
Flavours are used to encapsulate compile-time choices
– Compiler choice, gcc or vendor specific cc
– 32 or 64bit memory model
– Debugging information inclusion?
– Type of threading, pthreads, other?
Currently two flavours
– gcc32dbg, gcc32dbgpthr
Allow multiple build types for a single installation
– Libraries are tagged with the flavour name
• libXXX_gcc32dbg.so
Headers
– Moved into labelled directories
• include/gcc32dbg
• Include/gcc32dbgpthr
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
22
Grid Support Centre
Additional Packages Available
•
Job Manager Scheduler Support: This is to include support for
different job managers beyond the default installed Fork. The
currently support other job managers from Globus are:
– Condor
– LSF
– PBS
•
Reporter Scheduler Support: This allows job manager information to
be passed into the GRIS system, this is not done by default for any
job manager including fork. All of the above are supported
•
GSI-SSH: There is a GSI compatible version of SSH and SCP
available. This comes from NCSA though and so can have moments
of incompatibility with the main Globus release.
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
23
Grid Support Centre
Overview of Process of Building and
Installing
•
•
•
•
•
•
Copy GPT and Globus bundles to your machine
Define locations for GPT and Globus
Create Globus destination directory
Install GPT
Install bundles
Do post installation tasks
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
24
Grid Support Centre
GPT Installation
• Make sure GPT_LOCATION and GLOBUS_LOCATION
ENV variables are correctly set.
• Make sure you have successfully built and installed GPT
before continuing.
• Commands needed for GPT build;
– cp gpt-*.tar.gz /usr/.
– cd /usr/.
– gzip -dc gpt-*.tar.gz | tar xf – cd $GPT_LOCATION
– ./build_gpt
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
25
Grid Support Centre
Practical 1
• Start with blank Red Hat 7.3 machine with all updates
installed.
• You have the ‘root’ password running bash.
• Set the following environment variables:
– GPT_LOCATION = /usr/gpt-2.2.10
– GLOBUS_LOCATION = /usr/globus
• To do:
– Download GPT source bundle into correct directories
ready for install
– Build and install GPT
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
26
Grid Support Centre
Current Status of Your Machines
• GPT installed in /usr/gpt-2.2.10
• /usr/globus directory created though not yet
containing the source bundles
• Ready to start the build of the individual bundles
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
27
Grid Support Centre
Lunch
• Questions so far?
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
28
Grid Support Centre
Building Globus Toolkit 2.X
•
•
Initially download the bundles from the Globus Alliance website:
– http://www-unix.globus.org/ftppub/gt2/2.4/2.4.2
From within the /usr/globus directory run the following command;
$GPT_LOCATION/sbin/gpt-build <bundle_name> <flavour>
•
•
•
Repeat this for all bundles;
Nominally in the order:
– SDK
– Server
– Client
NOTE:
– Some of the bundles use threading and some do not
– Important to get this correct
– These are the flavours as previously discussed
• See next table
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
29
Grid Support Centre
Bundle Build Flavours
Bundle
Flavour
Data Management bundles
gcc32dbg
Information Services bundles
gcc32dbgpthr
Resource Management bundles
gcc32dbg
GRAM Job Manager Scheduler
gcc32dbg
GRAM Reporter
gcc32dbg
GSI-SSH
gcc32dbg
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
30
Grid Support Centre
GSI-SSH
•
•
•
•
•
•
Issued by NCSA
Separate to Globus though dependant on GSI security
Enables secure login based on digital certificates
Defined within the L2G as operating on port 2222
Downloaded as GPT source bundle.
Installed in the same way as Globus bundles though only
needs unthreaded flavour building.
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
31
Grid Support Centre
Post Installation Operations
•
•
•
•
Source the general user environment setup script:
– $GLOBUS_LOCATION/etc/globus-user-env.sh
Each package that makes up the Globus Toolkit requires some
form of post installation setup:
– $GPT_LOCATION/sbin/gpt-postinstall
– This performs creation of some of the services setup scripts as
well as full description of configuration setting dependant on
$GLOBUS_LOCATION
Now Globus Security Infrastructure (GSI) needs initialisation, thus
creating /etc/grid-security directory and contents
– $GLOBUS_LOCATION/setup/globus/setup-gsi
Finally verify the installation coherance
– $GPT_LOCATION/sbin/gpt-verify
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
32
Grid Support Centre
Manual Installation Steps Needed
• The addition of globus-gatekeeper and gridftp
configuration files for xinetd.d/inetd
• Adding port definitions to /etc/services file
• Setup soft links for MDS server.
• Removing trust for Globus certificates and adding UK EScience CA trust
• Installation of host and LDAP certificates
• Add users Distinguishing Name definitions to
/etc/grid-security/grid-mapfile
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
33
Grid Support Centre
Adding /etc/xinetd.d Files
•
•
globus-gatekeeper
service gsigatekeeper {
socket_type = stream
protocol = tcp
wait = no
user = root
env = LD_LIBRARY_PATH=GLOBUS_LOCATION/lib
server = GLOBUS_LOCATION/sbin/globus-gatekeeper
server_args = -conf GLOBUS_LOCATION/etc/globus-gatekeeper.conf
disable = no
}
grid-ftp
service gsiftp
{
instances
socket_type
wait
user
env
server
server_args
log_on_success
log_on_failure
nice
disable
}
27/10/2003
27/10/2003
=
=
=
=
=
=
=
+=
+=
=
=
1000
stream
no
root
LD_LIBRARY_PATH=GLOBUS_LOCATION/lib
GLOBUS_LOCATION/sbin/in.ftpd
-l -a -G GLOBUS_LOCATION
DURATION USERID
USERID
10
no
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
34
Grid Support Centre
Adding to /etc/inetd.conf File
•
Add the following statements one per line to the file /etc/inetd.conf
• globus-gatekeeper
gsigatekeeper stream tcp nowait root
/usr/bin/env env LD_LIBRARY_PATH=GLOBUS_LOCATION/lib
GLOBUS_LOCATION/sbin/globus-gatekeeper
-conf GLOBUS_LOCATION/etc/globus-gatekeeper.conf
• grid-ftp
gsiftp stream tcp nowait root /usr/bin/env env
LD_LIBRARY_PATH=GLOBUS_LOCATION/lib
GLOBUS_LOCATION/sbin/in.ftpd -l -a -G GLOBUS_LOCATION
•
To restart service:
killall -HUP inetd
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
35
Grid Support Centre
Other Tasks
• Adding port definitions to /etc/services file:
echo "gsigatekeeper 2119/tcp #Globus Gatekeeper" >> /etc/services
echo "gsiftp
2811/tcp #GSIFTP"
>> /etc/services
• Setup soft links for MDS server.
ln -s $GLOBUS_LOCATION/sbin/SXXgris /etc/rc.d/init.d/gris
ln -s /etc/rc.d/init.d/gris /etc/rc.d/rc3.d/SXXgris
ln -s /etc/rc.d/init.d/gris /etc/rc.d/rc5.d/SXXgris
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
36
Grid Support Centre
Configuring GSI-SSH
•
Alter configuration as follows:
– Within $GLOBUS_LOCATION/bin
• Remove currently installed gsissh, gsiscp & slogin
• Move ssh and scp to gsissh and gsiscp
• Link gsissh to slogin
– Set port numbers for “gsissh” to be 2222 within
/etc/services as well as;
• $GLOBUS_LOCATION/etc/ssh/ssh_config
• $GLOBUS_LOCATION/etc/ssh/sshd_config
– Link though to the /etc/init.d directories to create gsisshd
and links in rc.3 and rc.5 directories for SXXgsisshd
ln –s $GLOBUS_LOCATION/sbin/SXXsshd /etc/init.d/gsisshd
ln -s /etc/rc.d/init.d/gsisshd /etc/rc.d/rc3.d/SXXgsisshd
ln -s /etc/rc.d/init.d/gsisshd /etc/rc.d/rc5.d/SXXgsisshd
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
37
Grid Support Centre
Certificates – Why and Wherefore
• Three uses for certificates within Globus
– Gatekeeper certificates – used by daemons
– LDAP certificate (MDS)
– User certificates
• These are acquired through the UK E-Science Grid
Support Centre or another of the trusted CAs defined
through EDG.
• They may need format conversion depending on where
they have come from
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
38
Grid Support Centre
Installation of Certificates
• Gatekeeper certificates are located in
/etc/grid-security
– host{key/cert}.pem
• LDAP certificates are located in
/etc/grid-security/ldap
– ldap{key/cert}.pem
• key files must be only owner readable whilst cert
should be world readable
• Gatekeeper and user commands will not work if incorrect
permissions are present on key files
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
39
Grid Support Centre
Certificating Authority Trust
• Certificates are located in
/etc/grid-security/certificates
• Three files associated with each Certificate Authority
(CA):
– xxxxxxxx.0 – PEM formatted CA certificate
– xxxxxxxx.r0 – Certificate Revocation List
– xxxxxxxx.signing_policy – defines which user
certificates this CA will authorise
• Remove these files to remove CA trust and add copies
of them to add trust
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
40
Grid Support Centre
Break
• Questions so far?
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
41
Grid Support Centre
Host and LDAP Certificates
•
On floppy disk with each of your machines are preregistered
certificates named:
–
–
•
You will need to use openSSL to change the format to PEM:
–
–
•
openssl pkcs12 -in <type>.p12 -clcerts -nokeys –out <type>cert.pem
openssl pkcs12 -in <type>.p12 -nodes -nocerts -out <type>key.pem
Permissions must now be change for the generated files:
–
–
•
host.p12
ldap.p12
chmod 400 <type>key.pem
chmod 444 <type>cert.pem
Move the files to their final locations (after making ldap directory)
–
–
mv host*.pem /etc/grid-security/.
mv ldap*.pem /etc/grid-security/ldap/.
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
42
Grid Support Centre
Using the grid-mapfile
• User certificates converted using:
– openssl pkcs12 -in mykey.p12 -clcerts -nokeys -out usercert.pem
– openssl pkcs12 -in mykey.p12 -nocerts -out userkey.pem
• User access is controlled through the mapping of
authenticated grid users to local users with the gridmapfile.
• Located in /etc/grid-security
• Specific format as shown below:
“/o=grid/L=London/u=Joe Bloggs” JBloggs13
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
43
Grid Support Centre
Review of Progress
•
•
•
•
•
Installed Globus Toolkit version 2.4.2
Installed GSI-SSH 2.5
Configured services for Globus gatekeeper and gridFTP
Removed ‘Globus CA’ trust and add UK E-Science
Started xinetd, gsisshd and gris services
– (Check output of log files in /usr/globus/var/)
• Still need to add yourself to /etc/grid-security/grid-mapfile
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
44
Grid Support Centre
Testing the Gatekeeper
• Log in as a user which has an entry in the gridmapfile
• Run
#>grid-proxy-init
• Run
#>globus-job-run <machine_name> /bin/date
• Successful output will be the same as running /bin/date
from a shell
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
45
Grid Support Centre
Command line options
•
For the globus-job-run command the following options are allowed:
globus-job-run {[-:] <contact string> [-np N] <executable> [<arg>...]}..
Where the options are:
<contact string> the specific location where the job will run including
possible service name if not default
-np The number of different processing elements the job will run on.
<executable> & <args> the job and its arguments that you wish to run on the
grid.
The file modifiers -l and -s specify different filespaces:
-l[ocal] file is relative to working directory of job
(DEFAULT)
-s[tage] file relative to job request is staged to job host
Full descriptions available from globus-job-run -help
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
46
Grid Support Centre
Contact Strings
•
•
Used to specify the names of machines and available services and
their locations:
Valid forms of the contact string are:
– hostname
– hostname:port
– hostname:port/service
– hostname/service
– hostname:/service
– hostname::subject
– hostname:port:subject
– hostname/service:subject
– hostname:/service:subject
– hostname:port/service:subject
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
47
Grid Support Centre
MDS Verification
• Make sure MDS is running: (as root)
service gris start
• Run as a registered user
#>grid-proxy-init
• Submit a test query
#>grid-info-search
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
48
Grid Support Centre
Command line options
• For the grid-info-search command the following options
are allowed:
grid-info-search [ options ] <search filter> [attributes]
Where the options are:
-mdshost host (-h) The host name on which the MDS server is
running the default is hostname
-mdsport port (-p) The port number on which the MDS server is
running. The default is port 2135
-mdsbasedn branch-point (-b) Location in DIT from which to start
the search. The default is "Mds-Vo-name=local, o=Grid"
-anonymous (-x) Use anonymous binding instead of GSSAPI.
An example is to query the national information server:
grid-info-search –h ginfo.grid-support.ac.uk –p 2135 -b "Mds-Voname=UK e-Science, o=Grid“ -x
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
49
Grid Support Centre
GridFTP testing
• Run as a normal user
#>grid-proxy-init
• Now echo notional contents into a file /tmp/file1
• Run
#> globus-url-copy gsiftp://<hostname>/tmp/file1
gsiftp://<hostname>/tmp/file2
• Good output will be if file1 and file2 are equal.
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
50
Grid Support Centre
Current Status of Your Machines
• Each machine is now able to run jobs for its own users.
• MDS will use authenticated queries to show local
machine information
• All services are now running and have been successfully
tested
(tomorrow we will see how the L2G group has created a
set of automated tests to automate those procedures)
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
51
Grid Support Centre
Further Routine Tasks
• Advisories from Globus
• Addition of further users
• Logfile checking
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
52
Grid Support Centre
Installation of Globus Advisories 1
• Security and bug fix advisories are released by Globus
as soon as they become essential
• These are located on the web at:
http://www-unix.globus.org/toolkit/advisories.html
• Classified to be either a bug-fix, security patch or an
enhancement.
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
53
Grid Support Centre
Installation of Globus Advisories 2
• Before installation of an updated package use gptquery to ascertain which flavours it is installed with
(gcc32dbg – threaded or nonthreaded).
• To install update packages use:
– gpt-build –update <package_name> flavour
• Additional specification for ‘noflavour’ is not needed
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
54
Grid Support Centre
Installation of Globus Advisories 3
•
EXAMPLE
– globus_openssl_module
[prompt]# $GPT_LOCATION/sbin/gpt-query globus_openssl_module
4 packages were found in /usr/globus that matched your query:
packages found that matched your query
globus_openssl_module-gcc32dbg-dev ver: 0.2 cmp id: 0.2.0
globus_openssl_module-gcc32dbg-rtl ver: 0.2 cmp id: 0.2.0
globus_openssl_module-gcc32dbgpthr-dev ver: 0.2 cmp id: 0.2.0
globus_openssl_module-gcc32dbgpthr-rtl ver: 0.2 cmp id: 0.2.0
– Therefore to update this module you would run
$GPT_LOCATION/sbin/gpt-build -update globus_openssl_module-0.2.tar.gz
gcc32dbg gcc32dbgpthr
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
55
Grid Support Centre
Practical 3
• Add the advisories from the Globus website onto your
install
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
56
Grid Support Centre
MDS Reporting
• The Monitoring and Discovery Service uses the LDAP
protocol for passing machine and service information
around such as:
– Processing load
– Physical Resources (ie disks etc)
– Software installations
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
57
Grid Support Centre
Creating a Hierarchical MDS System
• It is necessary within a unified Grid to have all systems
reporting to a single server
• To do this you should therefore predefine within your
Virtual Organisation its location
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
58
Grid Support Centre
GRIS – GIIS Configuration
•
Both ends of the GIIS-GRIS chain need to be aware of the other
Server GIIS
Machine 1 GRIS
27/10/2003
27/10/2003
Machine 2 GRIS
Machine 3 GRIS
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
59
Grid Support Centre
What Happens Now?
• User wishes to use your machine
– Creates a proxy certifictate derived from a trusted CA
• Connects to the gatekeeper on you machine (port 2119)
• Authenticated as a local user through the grid-mapfile
• Client tool sends a request as a Resource Specification
Language (RSL) request
• RSL is passed to jobmanager
• Job manager controls passing job to local scheduler as
well as passing results back to the user.
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
60
Grid Support Centre
Conclusions
• So far you have:
– Installed Globus 2.4.2 on a bare system
– Installed all relevant Advisories from Globus
– Configured Globus services and run simple jobs
across our ‘Grid in a room’
– Installed and used GSI-SSH for certificate based
system login
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
61
Grid Support Centre
Next
• Show further tasks for integration of the system into the
L2G
• Configuration changes to operate in a secure
environment
• Only used simple fork jobmanager – need to know about
more complicated job managers
27/10/2003
27/10/2003
Globus
2 Installation
Setup
Globus
2 Installation
andand
Setup
Dr. David Wallom
62
Grid Support Centre
