OSG provides very detailed documents
What Operating System should my GateKeeper run?
The installation described here is done as root even though services will not necessarily run as root
Once you are ready to upgrade your cluster, please let the
"GOC" (Grid Operations Center) know your resource
will be unavailable by using the "Maintenance Scheduling Tool"
There is a link at the bottom of the page.
We have to shutdown the exisiting OSG software stack:
vdt-control --off
NOTE - some of these will fail as they may not be started! Stop/Kill any
process which is running in $VDT_LOCATION (/opt/grid) or the install will
not work correctly.
cd /opt/ mv grid grid-03-07-2008 mkdir grid
Remove old Pacman, Get Pacman 3.21
rm -rf pacman-3.19* (or previous version of pacman) wget http://physics.bu.edu/pacman/sample_cache/tarballs/pacman-3.21.tar.gz tar --no-same-owner -xzvf pacman-3.21.tar.gz cd pacman-3.21 For sh and bash shells: > source setup.sh For csh and tcsh shells: > source setup.csh
Use pacman to install compute element
cd grid (you should be in /opt/grid now) pacman -trust-all-caches -get OSG:ce
Source the setup file
bash-3.1# source setup.sh
Install the job Manager
Select the one which applies: pacman -get OSG:Globus-Condor-Setup pacman -get OSG:Globus-PBS-Setup pacman -get OSG:Globus-LSF-Setup pacman -get OSG:Globus-SGE-Setup
Install Condor from the VDT - This assumes you are not already running condor locally
source setup.sh pacman -get OSG:ManagedFork
NOTE:
During the update you may be asked if you would like to run Condor.
You will need to answer y to this because ManagedFork uses Condor
to handle fork jobs on the CE.
Answer questions:
Would you like to enable the Condor batch system to run automatically?
Possible answers:
y: Yes, I want the service to run automatically (once enabled)
n: No, I do NOT want the service to run automatically
Note: Services are enabled with vdt-control; see 'post-install/README'.
y
Enable Manged Fork
source setup.sh $VDT_LOCATION/vdt/setup/configure_globus_gatekeeper --managed-fork y --server y
Start Services
source setup.sh vdt-control --on
You can check what is running with:
bash-3.1# vdt-control --list Service | Type | Desired State -------------------+--------+-------------- fetch-crl | cron | enable vdt-rotate-logs | cron | enable gris | init | do not enable globus-gatekeeper | inetd | enable gsiftp | inetd | enable mysql | init | enable globus-ws | init | enable edg-mkgridmap | cron | do not enable gums-host-cron | cron | do not enable MLD | init | do not enable vdt-update-certs | cron | do not enable condor-devel | init | enable apache | init | enable osg-rsv | init | do not enable tomcat-5 | init | enable syslog-ng | init | enable gratia-pbs | cron | enable condor | init | enable gratia-condor | cron | enable
Configure OSG
If the OLD_VDT_LOCATION environment variable is set and points to a previous installation of the OSG CE software stack, the configure-osg.sh script will attempt to get the settings from the osg-attributes.conf file from that installation.
PLEASE UPDATE ENTRIES TO MATCH YOUR SITE
bash-3.1# cd monitoring
bash-3.1# ./configure-osg.sh
***********************************************************************
################# Configuration for the OSG CE Node ###################
***********************************************************************
This script collects the necessary information required by the various
monitoring and discovery systems for operating for the OSG.
A definition of the attributes that you will have to enter below is in:
http://osg.ivdgl.org/twiki/bin/view/Integration/LocalStorageRequirements
Intructions on how to use this script are in:
http://osg.ivdgl.org/twiki/bin/view/Integration/LocalStorageConfiguration
Your CE may not provide some of the CE-Storages (DATA, SITE_READ, SITE_WRITE,
DEFAULT_SE). In those instances, the value to enter is UNAVAILABLE
At any time, you can <CNTL-C> out of the script and no updates will be applied.
Preset information you are not prompted for
--------------------------------------------
These variables are preset at installation and cannot be changed:
OSG location
Globus location
User-VO map file
gridftp.log location
Information about your site in general
--------------------------------------
Group: The monitoring group your site is participating in.
- for the integration testbed, use OSG-ITB.
- for production, use OSG.
Hostname: The hostname by which you want this node to be identified.
It is used in setting the jobmanager contact identification as in
u2-grid.ccr.buffalo.edu/jobmanager-blah.
Site name: The name by which the monitoring infrastructure
will refer to this resource.
Sponsors: The VO sponsors for your site.
For example: usatlas, ivdgl, ligo, uscms, sdss...
You must express the percentage of sponsorship using
the following notation.
myvo:50 yourvo:10 anothervo:20 local:20
Policy URL: This is the URL for the document describing the usage policy /
agreement for this resource
Specify your OSG GROUP [OSG]:
Specify your OSG HOSTNAME [u2-grid.ccr.buffalo.edu]:
Specify your OSG SITE NAME [UNAVAILABLE]: NYSGRID-CCR-U2
Specify your VO sponsors [UNAVAILABLE]: NYSGRID
Specify your policy url [UNAVAILABLE]: http://osg.ccr.buffalo.edu
Information about your site admininistrator
-------------------------------------------
Contact name: The site administrator's full name.
Contact email: The site adminstrator's email address.
Specify a contact for your server (full name) [UNAVAILABLE]: Jon Bednasz
Specify the contact's email address [UNAVAILABLE]: jbednasz@ccr.buffalo.edu
Information about your servers location
----------------------------------------
City: The city your server is located in or near.
Country: The country your server is located in.
Logitude/Latitude: For your city. This will determine your placement on any
world maps used for monitoring. You can find some approximate values
for your geographic location from:
http://geotags.com/
or you can search your location on Google
For USA: LAT is about 29 (South) ... 48 (North)
LONG is about -123 (West coast) ... -71 (East coast)
Specify your server's city [UNAVAILABLE]: Buffalo
Specify your server's country [UNAVAILABLE]: USA
Specify your server's longitude [UNAVAILABLE]: 42.89
Specify your server's latitude [UNAVAILABLE]: -78.87
Information about the available storage on your server
------------------------------------------------------
GRID: Location where the OSG WN Client (wn-client.pacman) has
been installed.
APP: Typically used to store the applications which will run on
this gatekeeper. As a rule of thumb, the OSG APP should be on
- dedicated partition
- size: at least 10 GB.
DATA: Typically used to hold output from jobs while it is staged out to a
Storage Element.
- dedicated partition
- size: at least 2 GB times the maximum number of simultaneously
running jobs that your cluster's batch system can support.
WN_TMP: Used to hold input and output from jobs on a worker node where the
application is executing.
- local partition
- size: at least 2 GB
SITE_READ: Used to stage-in input for jobs using a Storage Element or for
persistent storage between jobs. It may be the mount point of a
dCache SE accessed read-only using dcap.
SITE_WRITE: Used to store to a Storage Element output from jobs or for
persistent storage between jobs. It may be the mount point of a
dCache SE accessed write-only using dcap.
Specify your OSG GRID path [UNAVAILABLE]: /san/projects1/grid/opt/grid/
Specify your OSG APP path [UNAVAILABLE]: /san/scratch/grid/grid-tmp/grid-apps
Specify your OSG DATA path [UNAVAILABLE]: /san/scratch/grid/grid-tmp/grid-data
Specify your OSG WN_TMP path [UNAVAILABLE]: /san/scratch/grid/grid-tmp/grid-data
Specify your OSG SITE_READ path [UNAVAILABLE]: /san/scratch/grid/grid-tmp
Specify your OSG SITE_WRITE path [UNAVAILABLE]: /san/scratch/grid/grid-tmp
Information about the Storage Element available from your server
----------------------------------------------------------------
A storage element does NOT exist for this node.
This is the Storage Element (SE) that is visible from all the nodes of this
server (CE). It may be a SE local or close to the CE that is preferred as
destination SE if the job does not have other preferences.
Is a storage element (SE) available [n] (y/n): n
Information needed for the MonALISA monitoring.
-----------------------------------------------
MonALISA services are NOT being used.
If you do not intend to run MonALISA for monitoring purposes, you can
skip this section.
Ganglia host: The host machine ganglia is running on.
Ganglia port: The host machine's port ganglia is using.
VO Modules: (y or n) If 'y', this will activate the VO Modules module
in the MonALISA configuration file.
Would you like to start the MonALISA monitoring services [n] (y/n): y
Are you using Ganglia [y] (y/n): n
Do you want to run the OSG VO Modules [y] (y/n):
Information needed for the squid caching.
-----------------------------------------------
squid services are being used.
If you do not intend to run squid for web caching purposes, you can
skip this section.
Would you like to use the squid caching service [y] (y/n): n
Information about the batch queue manager used on your server
-------------------------------------------------------------
The supported batch queue managers are:
condor pbs fbs lsf sge
For condor: The CONDOR_CONFIG variable value is needed.
For sge: The SGE_ROOT variable value is needed
If the Managed Fork is being used and Condor is not your primary
batch queue manager, you will have to specify:
CONDOR_LOCATION
CONDOR_CONFIG
Specify your batch queue manager OSG_JOB_MANAGER [UNAVAILABLE]: PBS
...Invalid entry. Try again.
...Valid values are: condor pbs fbs lsf sge
Specify your batch queue manager OSG_JOB_MANAGER [PBS]: pbs
Specify installation directory for pbs [UNAVAILABLE]: /usr
Are you using the ManagedFork service [n] (y/n): y
Specify the Condor location []: /san/projects1/grid/opt/grid/
Specify the Condor config location []: /san/projects1/grid/opt/grid/condor/local.u2-grid
Information needed for the WS-GRAM services.
-----------------------------------------------
WS-GRAM services are NOT being used.
Would you like to use the WS-GRAM service [n] (y/n):
Information needed for the Syslog-NG services.
-----------------------------------------------
Syslog-NG services are NOT being used.
Would you like to use the Syslog-NG service [n] (y/n):
Information needed for the CA certificate updater services.
-----------------------------------------------
CA certificate updater services are NOT being used.
The CA certificate updater service will automatically update your CA
certificates when new releases are made by the VDT team. If you
prefer to use manually update your CA certificates manually using
pacman -update or if you prefer to use the yum based rpm updates
answer no to the following question and refer to the release
documentation for instructions on doing so.
Would you like to use the CA certificate updater service [n] (y/n): y
Information needed for the GLExec setup.
-----------------------------------------------
GLExec is available.
Are you using GLExec [n] (y/n): y
Enter the location of the GLExec binary [UNAVAILABLE]: /san/projects1/grid/opt/grid/glite
##### ##### ##### ##### ##### ##### ##### #####
Please review the information below:
***********************************************************************
################# Configuration for the OSG CE Node ###################
***********************************************************************
Preset information you are not prompted for
--------------------------------------------
OSG location: /san/projects1/grid/osg-0.8.0
Globus location: /san/projects1/grid/osg-0.8.0/globus
User-VO map file: /san/projects1/grid/osg-0.8.0/monitoring/grid3-user-vo-map.txt
gridftp.log file: /san/projects1/grid/osg-0.8.0/globus/var/gridftp.log
Information about your site in general
--------------------------------------
Group: OSG
Hostname: u2-grid.ccr.buffalo.edu
Site name: NYSGRID-CCR-U2
Sponsors: NYSGRID
Policy URL: http://osg.ccr.buffalo.edu
Information about your site admininistrator
-------------------------------------------
Contact name: Jon Bednasz
Contact email: jbednasz@ccr.buffalo.edu
Information about your servers location
----------------------------------------
City: Buffalo
Country: USA
Longitude: 42.89
Latitude: -78.87
Information about the available storage on your server
------------------------------------------------------
WN client: /san/projects1/grid/opt/grid/
Directories:
Application: /san/scratch/grid/grid-tmp/grid-apps
Data: /san/scratch/grid/grid-tmp/grid-data
WN tmp: /san/scratch/grid/grid-tmp/grid-data
Site read: /san/scratch/grid/grid-tmp
Site write: /san/scratch/grid/grid-tmp
Information about the Storage Element available from your server
----------------------------------------------------------------
A storage element does NOT exist for this node.
Storage Element: UNAVAILABLE
Information needed for the MonALISA monitoring.
-----------------------------------------------
MonALISA services are being used.
Ganglia host: UNAVAILABLE
Ganglia port: UNAVAILABLE
VO Modules: y
Information needed for the squid caching.
-----------------------------------------------
squid services are NOT being used.
Squid host: UNAVAILABLE
Squid caching policy:
Squid disk cache size:
Squid disk cache size:
Information about the batch queue manager used on your server
-------------------------------------------------------------
Batch queue: pbs
Job queue: u2-grid.ccr.buffalo.edu/jobmanager-pbs
Utility queue: u2-grid.ccr.buffalo.edu/jobmanager
Condor location: /san/projects1/grid/opt/grid/
Condor config: /san/projects1/grid/opt/grid/condor/local.u2-grid
PBS location: /usr
FBS location:
SGE location:
SGE_ROOT:
LSF location:
Is ManagedFork being used? y
Condor location: /san/projects1/grid/opt/grid/
Condor config: /san/projects1/grid/opt/grid/condor/local.u2-grid
Information needed for the WS-GRAM services.
-----------------------------------------------
WS-GRAM services are NOT being used.
Information needed for the Syslog-NG services.
-----------------------------------------------
Syslog-NG services are NOT being used.
Information needed for the CA certificate updater services.
-----------------------------------------------
CA certificate updater services are being used.
Information needed for the GLExec setup.
-----------------------------------------------
GLExec is available.
##################################################
##################################################
Is the above information correct (y/n)?: y
##-----------------------------------------##
Updating /san/projects1/grid/osg-0.8.0/monitoring/osg-attributes.conf file now.
... creating new /san/projects1/grid/osg-0.8.0/monitoring/osg-attributes.conf
##-----------------------------------------##
Creating /san/projects1/grid/osg-0.8.0/monitoring/osg-job-environment.conf file now.
... creating new /san/projects1/grid/osg-0.8.0/monitoring/osg-job-environment.conf
DONE
##-----------------------------------------##
Checking for grid3-locations.txt file now.
... already exists
-rw-rw-rw- 1 root root 463 Dec 25 2006 /san/scratch/grid/grid-tmp/grid-apps/etc/grid3-locations.txt
... no need to copy it again
DONE
##-----------------------------------------##
Configuring MonALISA now.
... MonALISA service are being used.
... executing configure_monalisa script as
/san/projects1/grid/osg-0.8.0/vdt/setup/configure_monalisa --server y --ganglia-used n --vdt-install /san/projects1/grid/osg-0.8.0 --user daemon --farm "NYSGRID-CCR-U2" --monitor-group "OSG" --contact-name "Jon Bednasz" --contact-email "jbednasz@ccr.buffalo.edu" --city "Buffalo" --country "USA" --latitude "-78.87" --longitude "42.89" --vo-modules "y" --globus-location "/san/projects1/grid/osg-0.8.0/globus" --condor-location "/san/projects1/grid/opt/grid/" --condor-config "/san/projects1/grid/opt/grid/condor/local.u2-grid" --pbs-location "/usr" --lsf-location "" --fbs-location "" --sge-location "" --auto-update n
DONE
##-----------------------------------------##
Configuring GIP now.
...executing configure-osg-gip.sh
Information about your SubClusters
----------------------------------
A subcluster represents a homogeneous collection of nodes within a cluster.
A typical cluster contains only 1 subcluster (i.e. all the nodes are identical)
however some clusters contain more than 1 type of node. These clusters
have multiple subclusters.
How many SubClusters are available for this cluster? (i.e. 1-20) [1] 1
Reading information from your localhost ...
Configuring SubCluster #1
What is a unique name for this Subcluster? [u2-grid.ccr.buffalo.edu]
What is the Vendor of the processor? (i.e. Intel, AMD) [GenuineIntel]
What is the Model of the processor? [ Intel(R) Xeon(R) CPU E5410 @ 2.33GHz]
What is the Clockspeed of the processor? [2327]
How many physical CPUs in each node? [8] 2
How many logical CPUs in each node? [8] 2
How much RAM is in each node (in MB)? [16432] 2000
Is there Inbound connectivity to these nodes? (i.e. TRUE, FALSE) [FALSE]
Is there Outbound connectivity to these nodes? (i.e. TRUE, FALSE) [TRUE]
How many nodes in this subcluster? [1] 1100
Information status of GUMS Service
----------------------------------
Information about the status of the GUMS Server is configured to be published
by the GIP. If you would like to turn off this option, please set the
OSG_GIP_GUMS="0" in the /san/projects1/grid/osg-0.8.0/monitoring/gip-attributes.conf.
Information about a possible SRM storage element
------------------------------------------------
If an SRM (Storage Resource Management) Storage Element exists that you would
like to associate with this Compute Element, please answer 'Y'
Do you want to publish your SRM information through GIP (Y/n): [n] n
Information about your gsiftp server
------------------------------------
gsiftp Storage Element: A server providing an access point to data
Access Path: The directory available on the gsiftp Storage Element
Note: If you do not have a seperate Storage Element and your Compute Element
has a gsiftp server, enter your Compute Element hostname for gsiftp SE and the
access path on your CE.
Please enter SE where gsiftp is running: [UNDEFINED] u2-grid.ccr.buffalo.edu
Please enter the Access Path on u2-grid.ccr.buffalo.edu: [UNDEFINED] /
writing configuration files...
Configuring GIP...
WARNING: VO list file
/san/projects1/grid/osg-0.8.0/monitoring/osg-user-vo-map.txt not found.
... executing configure_gip script as
/san/projects1/grid/osg-0.8.0/vdt/setup/configure_gip
WARNING: VO list file
/san/projects1/grid/osg-0.8.0/monitoring/osg-user-vo-map.txt not found.
DONE
... squid service NOT being used.
##-----------------------------------------##
Configuring squid now.
Squid not being used, skipping vdt configure invocation.
##-----------------------------------------##
Configuring CEMon now.
Configuring CEMon to subscribe to production data consumers
Executing configure_cemon as: /san/projects1/grid/osg-0.8.0/vdt/setup/configure_cemon --server y --consumer=https://osg-ress-1.fnal.gov:8443/ig/services/CEInfoCollector --topic=OSG_CE --dialect=OLD_CLASSAD
The following consumer subscription has been installed:
HOST: https://osg-ress-1.fnal.gov:8443/ig/services/CEInfoCollector
TOPIC: OSG_CE
DIALECT: OLD_CLASSAD
Executing configure_cemon as: /san/projects1/grid/osg-0.8.0/vdt/setup/configure_cemon --server y --consumer=http://is.grid.iu.edu:14001 --topic=OSG_CE --dialect=RAW
The following consumer subscription has been installed:
HOST: http://is.grid.iu.edu:14001
TOPIC: OSG_CE
DIALECT: RAW
DONE
##-----------------------------------------##
Configuring GT4 WS-GRAM services now.
... WS-GRAM service NOT being used.
##-----------------------------------------##
Configuring Gratia now.
Configuring Gratia to report to production server
Executing configure_gratia as: /san/projects1/grid/osg-0.8.0/vdt/setup/configure_gratia --probe-cron --site-name NYSGRID-CCR-U2 --report-to gratia.opensciencegrid.org:8880 --probe condor
Configuring Gratia to report to production server
Executing configure_gratia as: /san/projects1/grid/osg-0.8.0/vdt/setup/configure_gratia --probe-cron --site-name NYSGRID-CCR-U2 --report-to gratia.opensciencegrid.org:8880 --report-to rsv.grid.iu.edu:8880 --probe metric
Configuring Gratia to report to production server
Executing configure_gratia as: /san/projects1/grid/osg-0.8.0/vdt/setup/configure_gratia --probe-cron --site-name NYSGRID-CCR-U2 --report-to gratia.opensciencegrid.org:8880 --report-to rsv.grid.iu.edu:8880 --report-to gratia.opensciencegrid.org:8880 --probe pbs
DONE
##-----------------------------------------##
Configuring CA certificate updater services now.
... CA certificate updater service is being used.
... executing configure_ca_cert_updater script as
/san/projects1/grid/osg-0.8.0/vdt/setup/configure_ca_cert_updater --server y
DONE
... syslog-ng service NOT being used.
##-----------------------------------------##
Configuring syslog now.
... executing configure_syslog_ng script as
/san/projects1/grid/osg-0.8.0/vdt/setup/configure_syslog_ng --server n --central-host syslog.grid.iu.edu
adding log source: /san/projects1/grid/osg-0.8.0/globus/var/container-real.log
... executing configure_syslog_ng script as
/san/projects1/grid/osg-0.8.0/vdt/setup/configure_syslog_ng --add-source /san/projects1/grid/osg-0.8.0/globus/var/container-real.log
adding log source: /san/projects1/grid/osg-0.8.0/globus/var/container.log
... executing configure_syslog_ng script as
/san/projects1/grid/osg-0.8.0/vdt/setup/configure_syslog_ng --add-source /san/projects1/grid/osg-0.8.0/globus/var/container.log
adding log source: /san/projects1/grid/osg-0.8.0/globus/var/globus-gatekeeper.log
... executing configure_syslog_ng script as
/san/projects1/grid/osg-0.8.0/vdt/setup/configure_syslog_ng --add-source /san/projects1/grid/osg-0.8.0/globus/var/globus-gatekeeper.log
adding log source: /san/projects1/grid/osg-0.8.0/globus/var/log/gridftp.log
... executing configure_syslog_ng script as
/san/projects1/grid/osg-0.8.0/vdt/setup/configure_syslog_ng --add-source /san/projects1/grid/osg-0.8.0/globus/var/log/gridftp.log
adding log source: /san/projects1/grid/osg-0.8.0/globus/var/log/gridftp-auth.log
... executing configure_syslog_ng script as
/san/projects1/grid/osg-0.8.0/vdt/setup/configure_syslog_ng --add-source /san/projects1/grid/osg-0.8.0/globus/var/log/gridftp-auth.log
adding log source: /san/projects1/grid/osg-0.8.0/edg/log/edg-mkgridmap.log
... executing configure_syslog_ng script as
/san/projects1/grid/osg-0.8.0/vdt/setup/configure_syslog_ng --add-source /san/projects1/grid/osg-0.8.0/edg/log/edg-mkgridmap.log
adding log source: /san/projects1/grid/osg-0.8.0/apache/logs/access_log
... executing configure_syslog_ng script as
/san/projects1/grid/osg-0.8.0/vdt/setup/configure_syslog_ng --add-source /san/projects1/grid/osg-0.8.0/apache/logs/access_log
adding log source: /san/projects1/grid/osg-0.8.0/apache/logs/error_log
... executing configure_syslog_ng script as
/san/projects1/grid/osg-0.8.0/vdt/setup/configure_syslog_ng --add-source /san/projects1/grid/osg-0.8.0/apache/logs/error_log
adding log source: /san/projects1/grid/osg-0.8.0/globus/var/accounting.log
... executing configure_syslog_ng script as
/san/projects1/grid/osg-0.8.0/vdt/setup/configure_syslog_ng --add-source /san/projects1/grid/osg-0.8.0/globus/var/accounting.log
DONE
*** configure-osg.sh completed ***
Host Cert Stuff (Not needed if this is an upgrade)
sudo bash
cd /opt/grid
source setup.sh
cert-retrieve -dir . -certnum XXXXXX (serial number from DOEGrids-CA-1 email)
mv ./usercert.pem /etc/grid-security/hostcert.pem
mv ./userkey.pem /etc/grid-security/hostkey.pem
chmod 444 /etc/grid-security/hostcert.pem
chmod 400 /etc/grid-security/hostkey.pem
Check the Cert
openssl x509 -text -noout -in /etc/grid-security/hostcert.pem
Add port ranges for globus:
vi /opt/grid/globus/etc/globus-job-manager.conf
ADD -globus-tcp-port-range "15500,19999"
Add the following to /opt/grid/vdt/etc/vdt-local-setup.csh
setenv GLOBUS_TCP_PORT_RANGE "15500,19999"
setenv GLOBUS_TCP_SOURCE_RANGE "15500,19999"
Add the following to /opt/grid/vdt/etc/vdt-local-setup.sh
export GLOBUS_TCP_PORT_RANGE="15500,19999"
export GLOBUS_TCP_SOURCE_RANGE="15500,19999"
Setup Firewall:
FIREWALL:
#
# Globus Gatekeeper
#
-A INPUT -m tcp -p tcp --dport 2119 -s 0/0 -j ACCEPT
#
# GSI FTP
#
-A INPUT -m tcp -p tcp --dport 2811 -s 0/0 -j ACCEPT
#
# Globus TCP Port Range
# Set the environment variable GLOBUS_TCP_PORT_RANGE=,
# so that the various Globus components will know that connections are allowed
# on that port range
#
-A INPUT -m state --state NEW -m tcp -p tcp --dport 15500:19999 -s 0/0 -j ACCEPT
#
# Globus Monitoring and Discovery Service (MDS)
#
-A INPUT -m tcp -p tcp --dport 2135 -s 0/0 -j ACCEPT
#
Finish up:
Add users to cluster
"mis" (monitoring user)
"nysgrid" (nysgrid user)
"engage" (additional VO NYSgrid is supporting)
Setup the GridMap config to only grab NYSGRID users:
sudo vi /opt/grid/edg/etc/edg-mkgridmap.conf
(comment out all but nysgrid/mis/engage)
Site bit for monitoring
sudo vi /opt/grid/MIS-CI/etc/grid-site-state-info
Change:
export grid_site_state_bit=1
Let's setup the file to map users:
Run $VDT_LOCATION/edg/sbin/edg-mkgridmap
GSIFTP and GLOBUS-GATEKEEPER
Turn on the services:
vdt-control --on
Add port range to xinetd.d files: /etc/xinetd.d/gsiftp /etc/xinetd.d/globus-gatekeeper
env = GLOBUS_TCP_PORT_RANGE=15500,19999
env = GLOBUS_TCP_SOURCE_RANGE=15500,19999
Turn on edg-mkgridmap:
vdt-register-service --enable --name edg-mkgridmap
vdt-control --on edg-mkgridmap
By default, the Managed Fork jobmanager will behave just like the fork jobmanager.
If you wish to restrict it, you need to modify your local Condor configuration.
If you're using Condor from the VDT this can be done by editing
$VDT_LOCATION/condor/local.<hostname>/condor_config.local Set a hard limit on most jobs, but always let grid monitor jobs run (strongly recommended): Add this to $VDT_LOCATION/condor/local.<hostname>/condor_config.local START_LOCAL_UNIVERSE = TotalLocalJobsRunning < 10 || GridMonitorJob =?= TRUE
Verify Site: (need a personal cert for this step)
If you want me to test, please ask jbednasz@ccr.buffalo.edu
cd /opt/grid
source setup.sh
grid-proxy-init
cd verify
./site_verify.pl
