Difference: GFTPServerInstallation (1 vs. 3)

Revision 32007/10/16 - Main.TerrenceMartin

Line: 1 to 1
 
META TOPICPARENT name="WebHome"

Installation Steps for GFTP servers

Line: 94 to 94
 echo "1,30 * * * * root /sbin/hwclock --systohc" > /etc/cron.d/systohc
Added:
>
>

TCP Tuning

net.core.rmem_max = 8388608
net.core.wmem_max = 8388608
net.core.rmem_default = 1048576
net.core.wmem_default = 1048576
net.ipv4.tcp_rmem = 262144 1048576 8388608
net.ipv4.tcp_wmem = 262144 1048576 8388608
net.ipv4.tcp_mem = 122070 196608 244140
net.ipv4.tcp_window_scaling = 1
net.core.netdev_max_backlog = 1000000
kernel.panic = 5
 

Dcache Notes

Changed:
<
<
VDT subset for GSI Host certificate pair CA certificates, CRLs, CRL update mechanisms Java JDK (different for 64 bit versus 32 bit) TCP parameter tuning /etc/hosts (or may be I can take care of this, on servers/non-pools)
>
>
  • VDT subset for GSI
  • Host certificate pair
  • CA certificates, CRLs, CRL update mechanisms
  • Java JDK (different for 64 bit versus 32 bit)
  • TCP parameter tuning
  • /etc/hosts (or may be I can take care of this, on servers/non-pools)
 

Revision 22007/10/04 - Main.TerrenceMartin

Line: 1 to 1
 
META TOPICPARENT name="WebHome"

Installation Steps for GFTP servers

Line: 93 to 93
  /sbin/hwclock --systohc echo "1,30 * * * * root /sbin/hwclock --systohc" > /etc/cron.d/systohc
Added:
>
>

Dcache Notes

VDT subset for GSI Host certificate pair CA certificates, CRLs, CRL update mechanisms Java JDK (different for 64 bit versus 32 bit) TCP parameter tuning /etc/hosts (or may be I can take care of this, on servers/non-pools)

 -- TerrenceMartin - 04 Oct 2007

Revision 12007/10/04 - Main.TerrenceMartin

Line: 1 to 1
Added:
>
>
META TOPICPARENT name="WebHome"

Installation Steps for GFTP servers

Table of Contents

OS

Install the OS Patch

VDT Install

VDT version will change over time. Check http://vdt.cs.wisc.edu/ for updates.

mkdir -p /data/vdt
mkdir -p /data/pacman
cd /data/pacman
wget http://physics.bu.edu/pacman/sample_cache/tarballs/pacman-3.21.tar.gz
tar zxvf  pacman-3.21.tar.gz
cd pacman-3.21
source setup.sh
cd ../../vdt
pacman -http-proxy http://clarens-1.local:3128
pacman -get http://vdt.cs.wisc.edu/vdt_180_cache:CA-Certificates
pacman -get http://vdt.cs.wisc.edu/vdt_180_cache:CA-Certificates-Updater
pacman -get http://vdt.cs.wisc.edu/vdt_180_cache:PPDG-Cert-Scripts
source setup.sh
./vdt/setup/setup-cert-request
/globus/bin/grid-cert-request -host <hostname>

Setup the /etc/grid-security area. It should look something like

lrwxrwxrwx 1 root root    36 Sep 20 05:48 certificates -> /etc/grid-security/certificates-30-1
drwxr-xr-x 3 root root 20480 Sep 18 06:51 certificates-29-1
drwxr-xr-x 3 root root 20480 Sep 22 01:18 certificates-30-1
lrwxrwxrwx 1 root root    40 Sep 18 06:24 doegrids -> /etc/grid-security/certificates/doegrids
lrwxrwxrwx 1 root root    57 Sep 20 05:55 globus-host-ssl.conf -> /data/vdt/globus/TRUSTED_CA/globus-host-ssl.conf.1c3f2ca8
lrwxrwxrwx 1 root root    57 Sep 20 05:55 globus-user-ssl.conf -> /data/vdt/globus/TRUSTED_CA/globus-user-ssl.conf.1c3f2ca8
-rw-r--r-- 1 root root     0 Sep 18 06:27 grid-mapfile
lrwxrwxrwx 1 root root    55 Sep 20 05:55 grid-security.conf -> /data/vdt/globus/TRUSTED_CA/grid-security.conf.1c3f2ca8
-rw-r--r-- 1 root root  1306 Sep 20 05:59 hostcert.pem
-rw-r--r-- 1 root root   639 Sep 20 05:58 hostcert_request.pem
-r-------- 1 root root   887 Sep 20 05:58 hostkey.pem
drwxr-xr-x 2 root root  4096 Sep 18 06:27 vomsdir

Setup the certs at https://pki1.doegrids.org and copy the results into the host cert file

Turn on the fetch crl and CA certificate updaters

cd /data/vdt
source setup.sh
vdt-control --on vdt-update-certs
vdt-control --on fetch-crl

Check to make sure the crontab entry is created

crontab -l
19 * * * * /data/vdt/vdt/sbin/vdt-update-certs-wrapper --vdt-install /data/vdt
16 1 * * * /data/vdt/fetch-crl/share/doc/fetch-crl-2.6.2/fetch-crl.cron

Configure the Time Daemon ntpd

Use the following /etc/ntp.conf

server 192.168.21.2
server us.pool.ntp.org
authenticate no
driftfile /var/lib/ntp/drift

Set the time and start the ntpd daemon

ntpdate 192.168.21.2
/etc/init.d/ntpd start

Synchronize the hardware clock and set cron to sync the hardware clock hourly.

 /sbin/hwclock --systohc
echo "1,30 * * * * root /sbin/hwclock --systohc" > /etc/cron.d/systohc
-- TerrenceMartin - 04 Oct 2007
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback