<<O>>  Difference Topic GLite31 (r1.17 - 11 Aug 2010 - MarcosASeco)

META TOPICPARENT ConfigurationSteps
-- MarcosASeco - 22 Jun 2007
Line: 68 to 68

  • /opt/glite/var/rgma/.certs
  • /etc/tomcat5
and restart the necessary services.
Deleted:
<
<
  • The SE also needs some services to be restarted after a certificate renewal

Changed:
<
<
  • globus-gatekeeper needs to be restarted in the lcg-CE
>
>
  • The SE needs a copy of the certificates in:
    • /etc/grid-security/dpmmgr
    and the restart of the following services:
    • dpnsdaemon, dpm, dpmcopyd, dpm-gsiftp
    • srmv1, srmv2, srmv2.2

  • globus-gatekeeper and globus-gridftp need to be restarted in the lcg-CE.

  • tomcat5 and globus-gridftp had to be restarted in cream-CE.

Migration of components between nodes

  • Do not forget to check that the necessary ports are open in the firewall of the node were we are moving the component to.
Line: 95 to 102

Cream CE

Changed:
<
<
  • The BLParser should be started when the system have been restarted.
>
>
  • The BLParser should be started manually after a system shutdown.

 <<O>>  Difference Topic GLite31 (r1.16 - 11 Aug 2010 - VictorManuelFernandezAlbor)

META TOPICPARENT ConfigurationSteps
-- MarcosASeco - 22 Jun 2007
Line: 94 to 94

Added:
>
>

Cream CE

  • The BLParser should be started when the system have been restarted.
 <<O>>  Difference Topic GLite31 (r1.15 - 16 Jul 2010 - MarcosASeco)

META TOPICPARENT ConfigurationSteps
-- MarcosASeco - 22 Jun 2007
Line: 50 to 50

    • yum install glite-SE_dpm_mysql
  • Run Yaim to configure the node:
    • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n SE_dpm_mysql
Added:
>
>
  • Due to the format change in groups.conf file YAIM is not able to configure properly the access to the SE for normal users. It is neccessary to edit the file /opt/glite/yaim/functions/config_mkgrid and substitute the line:
    • ord_users=`more ${GROUPS_CONF} | awk -F: '$1 == "\"/$VO_lower'\"" { print $1 }'`
    by the following one:
    • ord_users=`more ${GROUPS_CONF} | awk -F: '$1 == "\"/VO='$VO_lower'/GROUP=/'$VO_lower'\"" { print $1 }'`

Worker Nodes

  • After an installation from scratch of a worker node we should, in the CE's, remove the corresponding entries in /etc/ssh/ssh_known_hosts and then /opt/edg/sbin/edg-pbs-knowhost must be run
 <<O>>  Difference Topic GLite31 (r1.14 - 01 Jul 2010 - MarcosASeco)

META TOPICPARENT ConfigurationSteps
-- MarcosASeco - 22 Jun 2007
Line: 7 to 7

Cream Element

  • install the necessary elements:
Changed:
<
<
    • =yum install glite-CREAM
>
>
    • yum install glite-CREAM

    • yum install glite-TORQUE_utils glite-TORQUE_server
  • Run Yaim to configure the node:
Changed:
<
<
  • =/opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n creamCE -n TORQUE_server -n TORQUE_utils
>
>
  • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n creamCE -n TORQUE_server -n TORQUE_utils

  • After having configured CREAM, it is necessary to also configure the BLAH Blparser
Changed:
<
<
  • /opt/glite/yaim/bin/yaim -r -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n creamCE -f config_cream_blparser
  • >
    >
  • /opt/glite/yaim/bin/yaim -r -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n creamCE -f config_cream_blparser

  • Then restart tomcat:
    • Set up the correct number of processors for machines with 4 cores (lhcb43-lhcb63; Physical or hyperthreaded) or with 8 cores (lhcb64-lhcb88; Physical)
     <<O>>  Difference Topic GLite31 (r1.13 - 09 Jun 2010 - VictorManuelFernandezAlbor)

    META TOPICPARENT ConfigurationSteps
    -- MarcosASeco - 22 Jun 2007
    Line: 75 to 75

    IP changes on control nodes

    • All control nodes keep in the /etc/hosts file their IP number so should the case of a IP change arises we have to change the entry in that file too.
    Added:
    >
    >

    Configuration steps on Cream-ce

    General configuraciton CREAM-CE -> http://grid.pd.infn.it/cream/field.php?n=Main.Security

    [DEVEL] GLITE Cream CE 3.1 SL4 Installation Guide -> http://igrelease.forge.cnaf.infn.it/doku.php?id=doc:guides:devel:install-cream31-devel

    CREAM And Blparser Configuration -> http://grid.pd.infn.it/cream/field.php?n=Main.CREAMAndBlparserConfiguration

     <<O>>  Difference Topic GLite31 (r1.12 - 28 May 2010 - VictorManuelFernandezAlbor)

    META TOPICPARENT ConfigurationSteps
    -- MarcosASeco - 22 Jun 2007

    Yaim (General)

    • Yaimtool is a web utility to generate the VO configuration part of yaim
    Added:
    >
    >

    Cream Element

    • install the necessary elements:
      • =yum install glite-CREAM
      • yum install glite-TORQUE_utils glite-TORQUE_server
    • Run Yaim to configure the node:
      • =/opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n creamCE -n TORQUE_server -n TORQUE_utils
    • After having configured CREAM, it is necessary to also configure the BLAH Blparser
      • /opt/glite/yaim/bin/yaim -r -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n creamCE -f config_cream_blparser
      • Then restart tomcat:
    • Set up the correct number of processors for machines with 4 cores (lhcb43-lhcb63; Physical or hyperthreaded) or with 8 cores (lhcb64-lhcb88; Physical)
    • Restart the following services in the given order:
      • pbs_server (In order to reconfigure the number of avaliable processors for the nodes in pbs queue.)
      • maui (It should be always run after pbs_server.)
    -

    Computing Element

    • install the necessary elements:
      • yum install lcg-CE glite-TORQUE_utils glite-TORQUE_server
     <<O>>  Difference Topic GLite31 (r1.11 - 27 Nov 2009 - MarcosASeco)

    META TOPICPARENT ConfigurationSteps
    -- MarcosASeco - 22 Jun 2007
    Line: 46 to 46

    and restart the necessary services.
    • The SE also needs some services to be restarted after a certificate renewal
    Added:
    >
    >
    • globus-gatekeeper needs to be restarted in the lcg-CE

    Migration of components between nodes

    • Do not forget to check that the necessary ports are open in the firewall of the node were we are moving the component to.
     <<O>>  Difference Topic GLite31 (r1.10 - 18 Aug 2009 - MarcosASeco)

    META TOPICPARENT ConfigurationSteps
    -- MarcosASeco - 22 Jun 2007
    Line: 33 to 33

      • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n SE_dpm_mysql

    Worker Nodes

    Changed:
    <
    <
    • After an installation from scratch of a worker node we should remove the corresponding entries in /etc/ssh/ssh_known_hosts and then run /opt/edg/sbin/edg-pbs-knowhost must be run
    >
    >
    • After an installation from scratch of a worker node we should, in the CE's, remove the corresponding entries in /etc/ssh/ssh_known_hosts and then /opt/edg/sbin/edg-pbs-knowhost must be run

    Host certificate update

    • Do not forget to remove the password in the hostkey.pem file:
    Line: 44 to 44

    • /opt/glite/var/rgma/.certs
    • /etc/tomcat5
    and restart the necessary services.
    Added:
    >
    >
    • The SE also needs some services to be restarted after a certificate renewal

    Migration of components between nodes

    • Do not forget to check that the necessary ports are open in the firewall of the node were we are moving the component to.
     <<O>>  Difference Topic GLite31 (r1.9 - 15 Jul 2009 - MarcosASeco)

    META TOPICPARENT ConfigurationSteps
    -- MarcosASeco - 22 Jun 2007
    Line: 24 to 24

      • yum install glite-BDII glite-MON
    • Run Yaim to configure the node:
      • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n MON -n BDII_site
    Changed:
    <
    <
    • If we have serveral CE's it is neccessary to add access rights to the secondary CE's in accounting DB, the rights are the same as those for the main CE
    >
    >
    • If we have several CE's it is neccessary to add access rights to the secondary CE's in accounting DB, the rights are the same as those for the main CE

    Storage Element

    • install the necessary elements:
    Line: 42 to 42

    • Do not forget to copy the certs in the MON box to:
      • /opt/glite/var/rgma/.certs
    Added:
    >
    >
    • /etc/tomcat5

    and restart the necessary services.

    Migration of components between nodes

     <<O>>  Difference Topic GLite31 (r1.8 - 28 May 2009 - MarcosASeco)

    META TOPICPARENT ConfigurationSteps
    -- MarcosASeco - 22 Jun 2007
    Line: 32 to 32

    • Run Yaim to configure the node:
      • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n SE_dpm_mysql
    Added:
    >
    >

    Worker Nodes

    • After an installation from scratch of a worker node we should remove the corresponding entries in /etc/ssh/ssh_known_hosts and then run /opt/edg/sbin/edg-pbs-knowhost must be run

    Host certificate update

    • Do not forget to remove the password in the hostkey.pem file:
      • openssl rsa -in hostkey.pem -out hostkey.pem_decrypt
    Line: 46 to 49

    • Do not forget to register the new sBDII node in the GOCDB.
    Added:
    >
    >

    IP changes on control nodes

    • All control nodes keep in the /etc/hosts file their IP number so should the case of a IP change arises we have to change the entry in that file too.
     <<O>>  Difference Topic GLite31 (r1.7 - 25 May 2009 - MarcosASeco)

    META TOPICPARENT ConfigurationSteps
    -- MarcosASeco - 22 Jun 2007
    Line: 38 to 38

    and set its permissions to 400.

    • Do not forget to copy the certs in the MON box to:
    Changed:
    <
    <
    • /opt/glite/var/rgma
    >
    >
    • /opt/glite/var/rgma/.certs

    and restart the necessary services.

    Migration of components between nodes

     <<O>>  Difference Topic GLite31 (r1.6 - 05 Dec 2008 - MarcosASeco)

    META TOPICPARENT ConfigurationSteps
    -- MarcosASeco - 22 Jun 2007
    Line: 33 to 33

      • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n SE_dpm_mysql

    Host certificate update

    Changed:
    <
    <
    • Do not forget to copy the certs in the MON to:
        /opt/glite/var/rgma
    >
    >
    • Do not forget to remove the password in the hostkey.pem file:
      • openssl rsa -in hostkey.pem -out hostkey.pem_decrypt
      and set its permissions to 400.

    • Do not forget to copy the certs in the MON box to:
      • /opt/glite/var/rgma

    and restart the necessary services.

    Migration of components between nodes

     <<O>>  Difference Topic GLite31 (r1.5 - 15 Oct 2008 - MarcosASeco)

    META TOPICPARENT ConfigurationSteps
    -- MarcosASeco - 22 Jun 2007
    Line: 6 to 6

    • Yaimtool is a web utility to generate the VO configuration part of yaim

    Computing Element

    Added:
    >
    >
    • install the necessary elements:
      • yum install lcg-CE glite-TORQUE_utils glite-TORQUE_server

    • Run Yaim to configure the node:
      • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n lcg-CE -n TORQUE_utils -n TORQUE_server
    • Set up the correct number of processors for machines with 4 cores (lhcb43-lhcb63; Physical or hyperthreaded) or with 8 cores (lhcb64-lhcb88; Physical)
    Line: 18 to 20

    • Some more configuration steps necessary when configuring sgm/prod pool accounts

    Monitoring box

    Added:
    >
    >
    • install the necessary elements:
      • yum install glite-BDII glite-MON

    • Run Yaim to configure the node:
      • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n MON -n BDII_site
    • If we have serveral CE's it is neccessary to add access rights to the secondary CE's in accounting DB, the rights are the same as those for the main CE

    Storage Element

    Added:
    >
    >
    • install the necessary elements:
      • yum install glite-SE_dpm_mysql

    • Run Yaim to configure the node:
      • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n SE_dpm_mysql
     <<O>>  Difference Topic GLite31 (r1.4 - 07 Aug 2008 - MarcosASeco)

    META TOPICPARENT ConfigurationSteps
    -- MarcosASeco - 22 Jun 2007
    Line: 24 to 24

    Storage Element

    • Run Yaim to configure the node:
    Changed:
    <
    <
      • /opt/glite/yaim/bin/yaim -i -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -m glite-SE_dpm_mysql
    >
    >
      • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n SE_dpm_mysql

    Host certificate update

    • Do not forget to copy the certs in the MON to:
     <<O>>  Difference Topic GLite31 (r1.3 - 04 Aug 2008 - MarcosASeco)

    META TOPICPARENT ConfigurationSteps
    -- MarcosASeco - 22 Jun 2007
    Line: 29 to 29

    Host certificate update

    • Do not forget to copy the certs in the MON to:
        /opt/glite/var/rgma
    Changed:
    <
    <
    and restart the necessary services. -->
    >
    >
    and restart the necessary services.

    Migration of components between nodes

    • Do not forget to check that the necessary ports are open in the firewall of the node were we are moving the component to.
     <<O>>  Difference Topic GLite31 (r1.2 - 04 Aug 2008 - MarcosASeco)

    META TOPICPARENT ConfigurationSteps
    -- MarcosASeco - 22 Jun 2007
    Line: 19 to 19

    Monitoring box

    • Run Yaim to configure the node:
    Changed:
    <
    <
    • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n MON -n sBDII
    >
    >
    • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n MON -n BDII_site

    • If we have serveral CE's it is neccessary to add access rights to the secondary CE's in accounting DB, the rights are the same as those for the main CE

    Storage Element

     <<O>>  Difference Topic GLite31 (r1.1 - 14 Jul 2008 - MarcosASeco)
    Line: 1 to 1
    Added:
    >
    >
    META TOPICPARENT ConfigurationSteps
    -- MarcosASeco - 22 Jun 2007

    Yaim (General)

    • Yaimtool is a web utility to generate the VO configuration part of yaim

    Computing Element

    • Run Yaim to configure the node:
      • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n lcg-CE -n TORQUE_utils -n TORQUE_server
    • Set up the correct number of processors for machines with 4 cores (lhcb43-lhcb63; Physical or hyperthreaded) or with 8 cores (lhcb64-lhcb88; Physical)
    • Restart the following services in the given order:
      • pbs_server (In order to reconfigure the number of avaliable processors for the nodes in pbs queue.)
      • maui (It should be always run after pbs_server.)
      We have to check that this is indeed the order in which these services are started.
    • Some more configuration steps necessary when configuring sgm/prod pool accounts

    Monitoring box

    • Run Yaim to configure the node:
      • /opt/glite/yaim/bin/yaim -c -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -n MON -n sBDII
    • If we have serveral CE's it is neccessary to add access rights to the secondary CE's in accounting DB, the rights are the same as those for the main CE

    Storage Element

    • Run Yaim to configure the node:
      • /opt/glite/yaim/bin/yaim -i -s /opt/glite/yaim/etc/USC-LCG2-site-info.def -m glite-SE_dpm_mysql

    Host certificate update

    • Do not forget to copy the certs in the MON to:
        /opt/glite/var/rgma
      and restart the necessary services. -->

    Migration of components between nodes

    • Do not forget to check that the necessary ports are open in the firewall of the node were we are moving the component to.

    • Do not forget to register the new sBDII node in the GOCDB.
    Revision r1.1 - 14 Jul 2008 - 16:18 - MarcosASeco
    Revision r1.17 - 11 Aug 2010 - 15:35 - MarcosASeco