Installation Walkthrough and Notes on the GlideinWMS System

DISCLAIMER: These are my personal notes, so don't trust them. It's always best to rely on your own notes. You are welcome to use my notes to make your own notes. Also, don't hold me accountable if something goes wrong or you have any problems whatsoever. You've been warned and now are continuing to read at your own risk. Now, here's the good stuff!

Installation Outline

This is an extremely complex installation process for the first timer. Here is a brief outline of all of the steps.

  • STEP 1: Obtain, install, and update a Linux distribution (on ALL servers)
  • STEP 2: Install VDT, GlideinWMS Collector and Factory (on server #1)
    • Part 1: Check and Install Prerequisite Software
    • Part 2: Install VDT Grid Software
    • Part 3: Install GlideinWMS Collector
    • Part 4: Install GlideinWMS Factory
  • STEP 3: Install VDT, GlideinWMS Frontend (on server #2)
    • Part 1: Check and Install Prerequisite Software
    • Part 2: Install VDT Grid Software
    • Part 3: Install GlideinWMS Frontend

STEP 1: Obtain, install, and update a Linux distribution (on ALL servers)

I used Scientific Linux 5.3 from: http://www.scientificlinux.org/

You can also use Redhat Enterprise 5.3 or CentOS 5.3. My installation was on two VMWare Workstation 6.5.3 virtual machines named SL1 and SL2. I selected that they would have 512 MiB? of RAM and up to 16 GiB? hard disks. To use GlideinWMS, there is no requirement to use a 64-bit system. You can use a 32-bit and all of the software will be compatible. The reverse is not necessarily true, but I have not confirmed this yet. It's also a good idea to update the system with the latest recommended patches and security updates before continuing any futher. I also reconfigured /etc/ssh/sshd_config to use a different port and adjusted the VM to acquire an IP address from my router in order to make my virtual machines accessible remotely through SSH. I had to change /etc/hosts to list the names of my systems as FQDNs, aliases, and their local IP addresses. Also, I had to edit /etc/resolv.conf to setup DNS after switching to a static IP in the GUI since it wasn't getting it from DHCP anymore.

STEP 2: Install VDT, GlideinWMS Collector and Factory (on server #1)

Part 1: Check and Install Prerequisite Software

First, we need to verify all the required software is loaded on our system. I performed all of these checks as the root user.

su - root

  • A reasonably recent Linux OS (RH/SL4 nad RH/SL5 tested at press time).
cat /etc/redhat-release
Scientific Linux SL release 5.3 (Boron)
  • The Python interpreter (v2.3.4 or above)

python -V
Python 2.4.3

  • The perl-Time-HiRes rpm.
perl -e 'use Time::HiRes;'
# NO ERROR - MEANS THAT IT IS INSTALLED

yum install httpd
apachectl start

  • The Condor distribution.
    • I ended up using version 7.3.1 because 7.3.2 seems to have some bugs.
    • I just grabbed the uncompressed tarball and stuck it in the /root directory.
  • The RRDTool package (v1.2.18 or later)
    • The GlideinWMS installer tells us what to install by selecting "Components" and then "rrdtool graphics package".
    • Since no installation takes place, you have to go find the files on the web. The website that lists the installation RPMS points to broken links. I found the RPMs for my 64-bit installation here:
    • http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS/
yum install ruby

# This is installed with --nodeps because it has a cross-dependency with rrdtool
rpm -ivh --nodeps perl-rrdtool-1.3.8-2.el5.rf.x86_64.rpm
rpm -ivh rrdtool-1.3.8-2.el5.rf.x86_64.rpm
rpm -ivh rrdtool-devel-1.3.8-2.el5.rf.x86_64.rpm
rpm -ivh python-rrdtool-1.3.8-2.el5.rf.x86_64.rpm
python -c "import M2Crypto? "
# NO ERROR - MEANS THAT IT IS INSTALLED
wget http://flot.googlecode.com/files/flot-0.6.tar.gz

Part 2: Install VDT Grid Software

First, we need to download the glideinWMS software. We're going to use a specific snapshot.

su - root
cvs -d :pserver:anonymous@cdcvs.fnal.gov:/cvs/cd_read_only co -r snapshot_091029 glideinWMS

Now, let's install VDT as root.

glideinWMS/install/glideinWMS_install

Choose [8] for Components and then [a] for OSG VDT Client.

Do you have already a VDT installation?: (y/n) n
Do you want to install the full OSG VDT client?: (y/n) n
Do you want to install a minimal Grid VDT client?: (y/n) y
Where do you want the VDT installed?: [/opt/vdt]
Directory '/opt/vdt' does not exist, should I create it?: (y/n) y
What pacman version should I use?: [3.28]
What VDT cache should I use?: [http://vdt.cs.wisc.edu/vdt_200_cache]
Which platform do you want to use (leave empty for autodetect):
Do you agree to the licenses? [y/n] y
Where should I fetch the CAs from?: [http://software.grid.iu.edu/pacman/cadist/ca-certs-version]
Do you want OSG_VDT_BASE defined globally?: (y/n) y

Part 3: Install GlideinWMS Collector

Let's proceed with installing the collector on SL1. First we need a new user to own the installation. Let's call them gfactory.

su - root
groupadd -g 5001 gfactory
useradd -c "GFactory Daemon" -g 5001 -m -s /bin/bash -u 5001 gfactory

Let's download (http://www.cs.wisc.edu/condor/) and copy condor to the gfactory's home directory:

cp condor-7.3.1-linux-x86-rhel5-dynamic.tar.gz /home/gfactory/
cd /home/gfactory/
chown -R gfactory:gfactory /home/gfactory/condor-7.3.1-linux-x86-rhel5-dynamic.tar.gz

Let's copy the glideinWMS we already downloaded as root to the gfactory user's home directory.

cp -fr glideinWMS/ /home/gfactory/
chown -R gfactory:gfactory /home/gfactory/glideinWMS

We need to generate a certificate key file from the certificate. Do this to create the key file.

. /opt/vdt/setup.sh
openssl pkcs12 -in cert.p12 -out cert.key

Now remove the public keys from the private key file (just delete them from the file):

vi cert.key

Copy our personal certificate to the gfactory's home directory.

cp cert.p12 /home/gfactory
cp cert.key /home/gfactory
chown -R gfactory:gfactory /home/gfactory/cert.*

We should update our gfactory user's environment to point at the VDT we just installed. We put it in .bashrc so that the environment is affected in both interactive and non-interactive bash shells.

vi /home/gfactory/.bashrc

Let's add the following at the bottom of the file under "# User specific aliases and functions":

. /opt/vdt/setup.sh;

In order for each of the servers to communicate on the grid, we need a valid proxy on all of the servers. The proxy allows the servers to act on behalf of you. However, we needed VDT Grid Software to be installed before this is possible. Since at least the minimal VDT is now installed, we can use VOMS (Virtual Organization Membership Service) to create the proxy.

In order to create a proxy, you first need your personal certificate. I received my certificate by my web browser after I contacted my sponsor who is already authenticated for instructions and applied on the website which distributes them. If you're not trying to get authenticated on someone else's grid, you can probably just make your own. More details on how to do that later...

We will now generate the proxy using my personal certificate:

Using root, I put my certificate file cert.p12 in the gfactory directory, then I switched into the gfactory user's account.

cp cert.p12 /home/gfactory
exit
su - gfactory

In order to initialize the voms proxy, I need the private key out of my cert. I was able to get my private key using this command and I saved it to a file called cert.key:

openssl pkcs12 -in cert.p12 -info

Now the permissions need to be adjusted on these files in order to generate the proxy:

chmod 644 /home/gfactory/cert.p12
chmod 400 /home/gfactory/cert.key

Let's make a directory to hold the proxy:

mkdir /home/gfactory/.globus

Run this command to generate the proxy for 1000 hours (you'll need to enter your certificate password):

voms-proxy-init -cert /home/gfactory/cert.p12 -key /home/gfactory/cert.key -out /home/gfactory/.globus/x509_service_proxy -valid 1000:0.0

Now, we want to begin the installation of the GlideinWMS Collector. MAKE SURE TO DO THIS AS THE gfactory USER. The installation also adds a cron job for gfactory. Here is how to start the installation:

su - gfactory
~/glideinWMS/install/glideinWMS_install

Choose the option [1] glideinWMS Collector and then let's answer the questions for the installer interactively. Here are the installer answers:

Where do you have the Condor tarball? /home/gfactory/condor-7.3.1-linux-x86-rhel5-dynamic.tar.gz
Where do you want to install it?: [/home/gfactory/glidecondor]
Directory '/home/gfactory/glidecondor' does not exist, should I create it?: (y/n) y
If something goes wrong with Condor, who should get email about it?: me@mydomain.myext
Do you want to split the config files between condor_config and condor_config.local?: (y/n) [y]
Do you want to get it from VDT?: (y/n) y
Do you have already a VDT installation?: (y/n) y
Where is the VDT installed?: [/opt/vdt]
Will you be using a proxy or a cert? (proxy/cert) proxy
Where is your proxy located?: /home/gfactory/.globus/x509_service_proxy
DN:
What name would you like to use for this pool?: [My glideinWMS pool] devg4pool
What port should the collector be running?: [9618] 9618
How many secondary schedds do you want?: [9]

******************************************
WMS collector successfully installed
******************************************

Part 4: Install GlideinWMS Factory

First, we must install some additional prerequisite software. We need to get the latest flot tarball, move it into the gfactory's home and extract it. Here is the website to get it from:

http://code.google.com/p/flot/

su - root
cp flot-0.6.tar.gz /home/gfactory/flot-0.6.tar.gz
chown gfactory:gfactory /home/gfactory/flot-0.6.tar.gz

Let's also get JavaScriptRRD? . You might be able to find it on:

http://sourceforge.net/projects/javascriptrrd/

cp javascriptrrd-0.4.2.zip /home/gfactory/javascriptrrd-0.4.2.zip
chown gfactory:gfactory /home/gfactory/javascriptrrd-0.4.2.zip

We will be using the same proxy used in Part 2, so no additional configuration will be necessary for the proxy. This file is:

/home/gfactory/.globus/x509_service_proxy

We also need to add a web directory for glidein submission:

mkdir /var/www/html/glidefactory
chown gfactory:gfactory /var/www/html/glidefactory

Let's login as gfactory user and unpack flot and javascriptrrd:

su - gfactory
unzip javascriptrrd-0.4.2.zip
gunzip -c flot-0.6.tar.gz | tar xvf -

We are now installing the factory. Select option [2] Glidein Factory from the glideinWMS installation script.

~/glideinWMS/install/glideinWMS_install

Here are my answers to the interactive installation script:

Do you have already a javascriptRRD installation?: (y/n) y
Where is javascriptRRD installed?: /home/gfactory/javascriptrrd-0.4.2
Do you have already a Flot installation?: (y/n) y
Where is Flot installed?: /home/gfactory/flot
Do you want to use such a proxy?: (y/n) y
Where is your proxy located?: /home/gfactory/.globus/x509_service_proxy
Where will you host your config and log files?: [/home/gfactory/glideinsubmit]
Directory '/home/gfactory/glideinsubmit' does not exist, should I create it?: (y/n) y
Where will the web data be hosted?: [/var/www/html/glidefactory]
What Web URL will you use?: [http://myhost.mydomain/glidefactory/]
Give a name to this Glidein Factory?: [mySites-server-name] gfactory-devg4
Give a name to this Glidein instance?: [v1_0]
What is the Condor base directory?: [/home/gfactory/glidecondor]
The following glidein schedds have been found: ... Do you want to use all of them?: (y/n) y
Do you want to use CCB (requires Condor 7.3.0 or better)?: (y/n) n
Please list all the GCB servers you will be using ... Leave an empty line when finished ... GCB node:
Do you want to use gLExec?: (y/n) y
Force VO frontend to provide its own proxy?: (y/n) [y] y
Do you want to fetch entries from RESS?: (y/n) [n] n
Do you want to fetch entries from BDII?: (y/n) [n] n
Please list all additional glidein entry points, Entry name (leave empty when finished): entry-devg6
Gatekeeper for 'entry-devg6': devg-6.t2.ucsd.edu
RSL for 'myentry':
Work dir for 'myentry': .
Site name for 'myentry': [myentry] entry-devg6
gLExec path for 'myentry': [OSG]
Entry name (leave empty when finished):
Should glideins use the more efficient Match authentication (works for Condor v7.1.3 and later)?: (y/n) y
Do you want to create the glidein (as opposed to just the config file)?: (y/n) [n]

To create the glidein, you need to run
/home/gfactory/glideinWMS/creation/create_glidein /home/gfactory/glideinsubmit/glidein_v1_0.cfg/glideinWMS.xml

Configuration files are located in /home/gfactory/glideinsubmit/glidein_v1_0.cfg

Remember to set X509_USER_PROXY before starting the daemon

Now edit and add this line to /home/gfactory/.bashrc, logout, and log back in:

export X509_USER_PROXY=/home/gfactory/.globus/x509_service_proxy
exit
su - gfactory

Let's create the glidein:

/home/gfactory/glideinWMS/creation/create_glidein /home/gfactory/glideinsubmit/glidein_v1_0.cfg/glideinWMS.xml

Let's restart Condor:

killall condor_master
/home/gfactory/glidecondor/start_condor.sh

Let's also restart the Factory (BUG in start script requires us to be in the correct directory):

cd /home/gfactory/glideinsubmit/glidein_v1_0
./factory_startup start

If the factory fails to start, consult the factory's log directory:

cat /home/gfactory/glideinsubmit/glidein_v1_0/log/*

This concludes the glideinWMS Collector and Factory installation. Now move along to Server #2.

STEP 3: Install VDT, GlideinWMS Frontend (on server #2)

Part 1: Check and Install Prerequisite Software

Simply follow the same instructions above in Step 2, Part 1.

This system needs most of the pre-requisites of the previous server.

  • Any Condor-supported OS
  • The OSG client software
  • The Condor distribution
  • A HTTP server, like Apache or TUX
  • The RRDTool package (v1.2.18 or later)
  • The M2Crypto? python library (v0.17 or later)
  • The javascriptRRD package (0.4 or later)
  • The perl-Time-HiRes rpm
  • The glideinWMS software

Part 2: Install VDT Grid Software

Simply follow the same instructions above in Step 2, Part 2.

Part 3: Install GlideinWMS Frontend

The next system needed is the GlideinWMS frontend system.

So, of course, we need a copy of glideinWMS from CVS:

su - root
cvs -d :pserver:anonymous@cdcvs.fnal.gov:/cvs/cd_read_only co -r snapshot_091029 glideinWMS

We need a user for condor to run under.

su - root
groupadd -g 5003 condor
useradd -c "Condor Daemon" -g 5003 -m -s /bin/bash -u 5003 condor

Since we already generated a proxy, we can copy it from Server #1.

scp -c blowfish -P 22 root@devg-4:/home/gfactory/.globus/x509_service_proxy /root/x509_service_proxy

Let's copy the proxy certificate into a global location:

mkdir /etc/grid-security/
cp x509_service_proxy /etc/grid-security/

As root, let's install the "condor collector" (aka "pool collector") and "condor schedd" (aka "user schedd") AT THE SAME TIME (by selecting both options simeltaneously as 4,5):

su - root
glideinWMS/install/glideinWMS_install
Please select: 4,5
Which user should Condor run under?: [condor]
Where do you have the Condor tarball? condor-7.3.1-linux-x86-rhel5-dynamic.tar.gz
Where do you want to install it?: [/opt/glidecondor]
Directory '/opt/glidecondor' does not exist, should I create it?: (y/n) y
If something goes wrong with Condor, who should get email about it?: me@mydomain.myext
Do you want to split the config files between condor_config and condor_config.local?: (y/n) [y]
Do you want to get it from VDT?: (y/n) y
Do you have already a VDT installation?: (y/n) y
Where is the VDT installed?: [/opt/vdt]
Will you be using a proxy or a cert? (proxy/cert) proxy
Where is your proxy located?: /etc/grid-security/x509_service_proxy
DN:
How many slave collectors do you want?: [5]
What name would you like to use for this pool?: [My pool] pool-devg5
What port should the collector be running?: [9618]
Do you want to use the more efficient Match authentication (works for Condor v7.1.3 and later)?: (y/n) y
GCB node:
How many secondary schedds do you want?: [9]

Let's restart condor:

killall condor_master
/opt/glidecondor/start_condor.sh

Condor Collector and Schedd is installed on the frontend system.

Now, we can begin installing the frontend user. We need to create a user account to host the frontend software installation:

su - root
groupadd -g 5002 frontend
useradd -c "Frontend Daemon" -g 5002 -m -s /bin/bash -u 5002 frontend

Let's copy the proxy (because we need a second copy) into the frontend user's proxy directory:

mkdir /home/frontend/.globus
cp x509_service_proxy /home/frontend/.globus/x509_service_proxy
chown -R frontend:frontend /home/frontend/.globus

Make sure to get a copy of condor into the frontend's home directory:

cp condor-7.3.1-linux-x86-rhel5-dynamic.tar.gz /home/frontend/
chown frontend:frontend /home/frontend/condor-7.3.1-linux-x86-rhel5-dynamic.tar.gz

Copy the glideinWMS software into the frontend user's directory from CVS:

cp -fr glideinWMS /home/frontend/
chown -R frontend:frontend /home/frontend/glideinWMS

Copy over the JavaScriptRRD? package into the frontend's home directory:

cp javascriptrrd-0.4.2.zip /home/frontend/
chown frontend:frontend /home/frontend/javascriptrrd-0.4.2.zip

Finally, copy over our flot download:

cp flot-0.6.tar.gz /home/frontend/flot-0.6.tar.gz
chown frontend:frontend /home/frontend/flot-0.6.tar.gz

Let's also create a directory for the web files:

mkdir /var/www/html/vofrontend
chown frontend:frontend /var/www/html/vofrontend

Let's switch over to the frontend user and decompress some of our files:

su - frontend
unzip javascriptrrd-0.4.2.zip
gunzip -c flot-0.6.tar.gz | tar xvf -

Let's create a directory for the host and config log files:

mkdir /home/frontend/frontstage

Now comes time to install the frontend. Let's begin:

/home/frontend/glideinWMS/install/glideinWMS_install
Please select: 7
Do you have already a javascriptRRD installation?: (y/n) y
Where is javascriptRRD installed?: /home/frontend/javascriptrrd-0.4.2
Do you have already a Flot installation?: (y/n) y
Where is Flot installed?: /home/frontend/flot
Where is your proxy located?: /home/frontend/.globus/x509_service_proxy
What is the mapped name?: me@myemail.myext
Where will you host your config and log files?: [/home/frontend/frontstage]
Where will the web data be hosted?: [/var/www/html/vofrontend]
What Web URL will you use?: [http://devg-5.t2.ucsd.edu/vofrontend/]
Give a name to this VO Frontend?: [myVO-devg-5] vo-devg5
Give a name to this VO Frontend instance?: [v1_0]
What node is the WMS collector running?: devg-4.t2.ucsd.edu
What is the classad identity of the glidein factory?: [gfactory@devg-4.t2.ucsd.edu]
Collector name(s): [devg-5.t2.ucsd.edu:9618]
Do you want to monitor all of them?: (y/n) y
What kind of jobs do you want to monitor?: [(JobUniverse? ==5)&&(GLIDEIN_Is_Monitor ! TRUE)&&(JOB_Is_Monitor ! TRUE)]
Give a name to the main group: [main]
Match string: [True]
Job attributes: []
Factory attributes: []
Do you want to use is to submit glideins: (y/n) [y] y
An empty entry means you are done. ... proxy fname:
DN (leave empty when finished):
Do you want to use the more efficient Match authentication (works for Condor v7.1.3 and later)?: (y/n) y
Do you want to expose the Grid env. to the user jobs?: (y/n) y
Do you want to create the VO Frontend instance (as opposed to just the config file)?: (y/n) [n] n

TODO:

Using DN '/DC=org/DC=doegrids/OU=People/CN=Benjamin C. Boynton 991832'
Make sure this DN is in the WMS collector grid-mapfile

Ok, now add these lines to .bashrc:

vi ~/.bashrc
. /opt/vdt/setup.sh;
export X509_USER_PROXY=/etc/grid-security/x509_service_proxy;

Let's create the VO Frontend instance:

/home/frontend/glideinWMS/creation/create_frontend /home/frontend/frontstage/instance_v1_0.cfg/frontend.xml

Let's also restart the VO Frontend:

cd /home/frontend/frontstage/frontend_vo-devg5-v1_0/
./frontend_startup start

If the frontend fails to start, consult the frontend's log directory:

ls /home/frontend/frontstage/frontend_vo-devg5-v1_0/log


This topic: UCSDTier2 > WebHome > GlideinWMS > GlideinWMSInstallationNotesFromChrisBoynton
Topic revision: r11 - 2009/11/10 - 00:39:21 - ChrisBoynton
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback