Installation Walkthrough and Notes on the GlideinWMS System

DISCLAIMER: These are my personal notes, so don't trust them. It's always best to rely on your own notes. You are welcome to use my notes to make your own notes. Also, don't hold me accountable if something goes wrong or you have any problems whatsoever. You've been warned and now are continuing to read at your own risk. Now, here's the good stuff!

Installation Outline

This is an extremely complex installation process for the first timer. Here is a brief outline of all of the steps.

  • STEP 1: Obtain, install, and update a Linux distribution (on ALL servers)
  • STEP 2: Install VDT, GlideinWMS Collector and Factory (on server #1)
    • Part 1: Check and Install Prerequisite Software
    • Part 2: Install VDT Grid Software
    • Part 3: Install GlideinWMS Collector
    • Part 4: Install GlideinWMS Factory
  • STEP 3: Install VDT, GlideinWMS Frontend (on server #2)
    • Part 1: Check and Install Prerequisite Software
    • Part 2: Install VDT Grid Software
    • Part 3: Install GlideinWMS Frontend

STEP 1: Obtain, install, and update a Linux distribution (on ALL servers)

I used Scientific Linux 5.3 from: http://www.scientificlinux.org/

You can also use Redhat Enterprise 5.3 or CentOS 5.3. My installation was on two VMWare Workstation 6.5.3 virtual machines named SL1 and SL2. I selected that they would have 512 MiB? of RAM and up to 16 GiB? hard disks. To use GlideinWMS, there is no requirement to use a 64-bit system. You can use a 32-bit and all of the software will be compatible. The reverse is not necessarily true, but I have not confirmed this yet. It's also a good idea to update the system with the latest recommended patches and security updates before continuing any futher. I also reconfigured /etc/ssh/sshd_config to use a different port and adjusted the VM to acquire an IP address from my router in order to make my virtual machines accessible remotely through SSH. I had to change /etc/hosts to list the names of my systems as FQDNs, aliases, and their local IP addresses. Also, I had to edit /etc/resolv.conf to setup DNS after switching to a static IP in the GUI since it wasn't getting it from DHCP anymore.

STEP 2: Install VDT, GlideinWMS Collector and Factory (on server #1)

Part 1: Check and Install Prerequisite Software

First, we need to verify all the required software is loaded on our system.

  • A reasonably recent Linux OS (RH/SL4 nad RH/SL5 tested at press time).
cat /etc/redhat-release
Scientific Linux SL release 5.3 (Boron)
  • The Python interpreter (v2.3.4 or above)

python -V
Python 2.4.3

  • The perl-Time-HiRes rpm.
perl -e 'use Time::HiRes;'
# NO ERROR - MEANS THAT IT IS INSTALLED
  • The OSG client software.
    • Installed from the GlideinWMS installer by selecting "Components" and then "OSG VDT client".
  • A HTTP server, like Apache or TUX.
    • Installed from the GlideinWMS installer by selecting "Components" and then "Web server".
  • The Condor distribution.
    • This is NOT (?) required if you install: pool Collector AND User Schedd
    • Installed from the GlideinWMS installer by selecting "Components" and then "Base Condor installation".
  • The RRDTool package (v1.2.18 or later)
    • The GlideinWMS installer tells us what to install by selecting "Components" and then "rrdtool graphics package".
    • Since no installation takes place, you have to go find the files on the web. The website that lists the installation RPMS points to broken links. I found the RPMs for my 64-bit installation here:
    • http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS/
yum install ruby

# This is installed with --nodeps because it has a cross-dependency with rrdtool
rpm -ivh --nodeps perl-rrdtool-1.3.8-2.el5.rf.x86_64.rpm
rpm -ivh rrdtool-1.3.8-2.el5.rf.x86_64.rpm
rpm -ivh rrdtool-devel-1.3.8-2.el5.rf.x86_64.rpm
rpm -ivh python-rrdtool-1.3.8-2.el5.rf.x86_64.rpm
python -c "import M2Crypto? "
# NO ERROR - MEANS THAT IT IS INSTALLED

Part 2: Install VDT Grid Software

First, we need to download the glideinWMS software. We're going to use a specific snapshot.

su - root
cvs -d :pserver:anonymous@cdcvs.fnal.gov:/cvs/cd_read_only co -r snapshot_091029 glideinWMS

Now, let's install VDT as root.

glideinWMS/install/glideinWMS_install

Choose [8] for Components and then [a] for OSG VDT Client.

Do you have already a VDT installation?: (y/n) n
Do you want to install the full OSG VDT client?: (y/n) n
Do you want to install a minimal Grid VDT client?: (y/n) y
Where do you want the VDT installed?: [/opt/vdt]
Directory '/opt/vdt' does not exist, should I create it?: (y/n)
What pacman version should I use?: [3.28]
What VDT cache should I use?: [http://vdt.cs.wisc.edu/vdt_200_cache]
Which platform do you want to use (leave empty for autodetect):
Do you agree to the licenses? [y/n] y
Where should I fetch the CAs from?: [http://software.grid.iu.edu/pacman/cadist/ca-certs-version]
Do you want OSG_VDT_BASE defined globally?: (y/n) y

Part 3: Install GlideinWMS Collector

Let's proceed with installing the collector on SL1. First we need a new user to own the installation. Let's call them gfactory.

su - root
groupadd -g 5001 gfactory
useradd -c "GFactory Daemon" -g 5001 -m -s /bin/bash -u 5001 gfactory

Let's download (http://www.cs.wisc.edu/condor/) and copy condor to the gfactory's home directory:

cp condor-7.3.1-linux-x86-rhel5-dynamic.tar.gz /home/gfactory/
cd /home/gfactory/
chown -R gfactory:gfactory /home/gfactory/condor-7.3.1-linux-x86-rhel5-dynamic.tar.gz

Let's copy the glideinWMS we already downloaded as root to the gfactory user's home directory.

cp -fr glideinWMS/ /home/gfactory/
chown -R gfactory:gfactory /home/gfactory/glideinWMS

Copy our personal certificate to the gfactory's home directory. (MORE ABOUT HOW TO GET THIS LATER)

cp cert.p12 /home/gfactory
cp cert.key /home/gfactory
chown -R gfactory:gfactory /home/gfactory/cert.*

We should update our gfactory user's environment to point at the VDT we just installed. We put it in .bashrc so that the environment is affected in both interactive and non-interactive bash shells.

vi /home/gfactory/.bashrc

Let's add the following at the bottom of the file under "# User specific aliases and functions":

. /opt/vdt/setup.sh;

In order for each of the servers to communicate on the grid, we need a valid proxy on all of the servers. The proxy allows the servers to act on behalf of you. However, we needed VDT Grid Software to be installed before this is possible. Since at least the minimal VDT is now installed, we can use VOMS (Virtual Organization Membership Service) to create the proxy.

In order to create a proxy, you first need your personal certificate. I received my certificate by my web browser after I contacted my sponsor who is already authenticated for instructions and applied on the website which distributes them. If you're not trying to get authenticated on someone else's grid, you can probably just make your own. More details on how to do that later...

We will now generate the proxy using my personal certificate:

Using root, I put my certificate file cert.p12 in the gfactory directory, then I switched into the gfactory user's account.

cp cert.p12 /home/gfactory
exit
su - gfactory

In order to initialize the voms proxy, I need the private key out of my cert. I was able to get my private key using this command and I saved it to a file called cert.key:

openssl pkcs12 -in cert.p12 -info

Now the permissions need to be adjusted on these files in order to generate the proxy:

chmod 644 /home/gfactory/cert.p12
chmod 400 /home/gfactory/cert.key

Let's make a directory to hold the proxy:

mkdir /home/gfactory/.globus

Run this command to generate the proxy for 1000 hours (you'll need to enter your certificate password):

voms-proxy-init -cert /home/gfactory/cert.p12 -key /home/gfactory/cert.key -out /home/gfactory/.globus/x509_service_proxy -valid 1000:0.0

Now, we want to begin the installation of the GlideinWMS Collector. MAKE SURE TO DO THIS AS THE gfactory USER. The installation also adds a cron job for gfactory. Here is how to start the installation:

su - gfactory
~/glideinWMS/install/glideinWMS_install

Choose the option [1] glideinWMS Collector and then let's answer the questions for the installer interactively. Here are the installer answers:

Where do you have the Condor tarball? /home/gfactory/condor-7.3.1-linux-x86-rhel5-dynamic.tar.gz
Where do you want to install it?: [/home/gfactory/glidecondor]
Directory '/home/gfactory/glidecondor' does not exist, should I create it?: (y/n) y
If something goes wrong with Condor, who should get email about it?: me@mydomain.myext
Do you want to split the config files between condor_config and condor_config.local?: (y/n) [y]
Do you want to get it from VDT?: (y/n) y
Do you have already a VDT installation?: (y/n) y
Where is the VDT installed?: [/opt/vdt]
Will you be using a proxy or a cert? (proxy/cert) proxy
Where is your proxy located?: /home/gfactory/.globus/x509_service_proxy
DN:
What name would you like to use for this pool?: [My glideinWMS pool] devg4pool
What port should the collector be running?: [9618] 9618
How many secondary schedds do you want?: [9]

******************************************
WMS collector successfully installed
******************************************

Part 4: Install GlideinWMS Factory

First, we must install some additional prerequisite software. We need to get the latest flot tarball, move it into the gfactory's home and extract it. Here is the website to get it from:

http://code.google.com/p/flot/

su - root
cp flot-0.6.tar.gz /home/gfactory/flot-0.6.tar.gz
chown gfactory:gfactory /home/gfactory/flot-0.6.tar.gz

Let's also get JavaScriptRRD? . You might be able to find it on:

http://sourceforge.net/projects/javascriptrrd/

cp javascriptrrd-0.4.2.zip /home/gfactory/javascriptrrd-0.4.2.zip
chown gfactory:gfactory /home/gfactory/javascriptrrd-0.4.2.zip

We will be using the same proxy used in Part 2, so no additional configuration will be necessary for the proxy. This file is:

/home/gfactory/.globus/x509_service_proxy

We also need to add a web directory for glidein submission:

mkdir /var/www/html/glidefactory
chown gfactory:gfactory /var/www/html/glidefactory

If you haven't already started Apache HTTPD as root, it would be a good time to do that. You can just use "yum install httpd" as root if you don't already have it installed.

apachectl start

Let's login as gfactory user and unpack flot and javascriptrrd:

su - gfactory
unzip javascriptrrd-0.4.2.zip
gunzip -c flot-0.6.tar.gz | tar xvf -

We are now installing the factory. Select option [2] Glidein Factory from the glideinWMS installation script.

~/glideinWMS/install/glideinWMS_install

Here are my answers to the interactive installation script:

Do you have already a javascriptRRD installation?: (y/n) y
Where is javascriptRRD installed?: /home/gfactory/javascriptrrd-0.4.2
Do you have already a Flot installation?: (y/n) y
Where is Flot installed?: /home/gfactory/flot
Do you want to use such a proxy?: (y/n) y
Where is your proxy located?: /home/gfactory/.globus/x509_service_proxy
Where will you host your config and log files?: [/home/gfactory/glideinsubmit]
Directory '/home/gfactory/glideinsubmit' does not exist, should I create it?: (y/n) y
Where will the web data be hosted?: [/var/www/html/glidefactory]
What Web URL will you use?: [http://myhost.mydomain/glidefactory/]
Give a name to this Glidein Factory?: [mySites-server-name] gfactory-devg4
Give a name to this Glidein instance?: [v1_0]
What is the Condor base directory?: [/home/gfactory/glidecondor]
The following glidein schedds have been found: ... Do you want to use all of them?: (y/n) y
Do you want to use CCB (requires Condor 7.3.0 or better)?: (y/n) n
Please list all the GCB servers you will be using ... Leave an empty line when finished ... GCB node:
Do you want to use gLExec?: (y/n) y
Force VO frontend to provide its own proxy?: (y/n) [y] y
Do you want to fetch entries from RESS?: (y/n) [n] n
Do you want to fetch entries from BDII?: (y/n) [n] n
Please list all additional glidein entry points, Entry name (leave empty when finished): entry-devg6
Gatekeeper for 'entry-devg6': devg-6.t2.ucsd.edu
RSL for 'myentry':
Work dir for 'myentry': .
Site name for 'myentry': [myentry] entry-devg6
gLExec path for 'myentry': [OSG]
Entry name (leave empty when finished):
Should glideins use the more efficient Match authentication (works for Condor v7.1.3 and later)?: (y/n) y
Do you want to create the glidein (as opposed to just the config file)?: (y/n) [n]

To create the glidein, you need to run
/home/gfactory/glideinWMS/creation/create_glidein /home/gfactory/glideinsubmit/glidein_v1_0.cfg/glideinWMS.xml

Configuration files are located in /home/gfactory/glideinsubmit/glidein_v1_0.cfg

Remember to set X509_USER_PROXY before starting the daemon

Now edit and add this line to /home/gfactory/.bashrc, logout, and log back in:

export X509_USER_PROXY=/home/gfactory/.globus/x509_service_proxy
exit
su - gfactory

Let's create the glidein:

/home/gfactory/glideinWMS/creation/create_glidein /home/gfactory/glideinsubmit/glidein_v1_0.cfg/glideinWMS.xml

Let's restart Condor:

killall condor_master
/home/gfactory/glidecondor/start_condor.sh

Let's also restart the Factory (BUG in start script requires us to be in the correct directory):

cd /home/gfactory/glideinsubmit/glidein_v1_0

./factory_startup start

If the factory fails to start, consult the factory's log directory:

cat /home/gfactory/glideinsubmit/glidein_v1_0/log/*

This concludes the glideinWMS Collector and Factory installation. Now move along to Server #2.

STEP 3: Install VDT, GlideinWMS Frontend (on server #2)

Part 1: Check and Install Prerequisite Software

Simply follow the same instructions above in Step 2, Part 1.

Part 2: Install VDT Grid Software

Simply follow the same instructions above in Step 2, Part 2.

Part 3: Install GlideinWMS Frontend

The next system needed is the GlideinWMS frontend system. We will install this on my system named SL2. This system needs most of the pre-requisites of SL1.

  • Any Condor-supported OS
  • The OSG client software
  • The Condor distribution
  • A HTTP server, like Apache or TUX
  • The RRDTool package (v1.2.18 or later)
  • The M2Crypto? python library (v0.17 or later)
  • The javascriptRRD package (0.4 or later)
  • The perl-Time-HiRes rpm
  • The glideinWMS software

Let's assume we've already installed these components. If not, follow the steps in part 1.

We need a user for condor to run under.

su - root
groupadd -g 5003 condor
useradd -c "Condor Daemon" -g 5003 -m -s /bin/bash -u 5003 condor

BEGIN WARNING -- MISSING CONDOR INSTALL (DO THIS PROXY STUFF ON OTHER SERVER AND COPY IT OVER)

We also need our proxy certificate to identify ourselves (this could be the same as the one generated on SL1):

su - frontend
mkdir .globus
scp -c blowfish -P 4221 gfactory@sl1:/home/gfactory/cert.p12 /home/frontend/
. /home/frontend/vdt/setup.sh
openssl pkcs12 -in cert.p12 -out cert.key

Now remove the public keys from the private key file:

vi cert.key

Now the permissions need to be adjusted on these files in order to generate the proxy:

chmod 644 /home/frontend/cert.p12
chmod 400 /home/frontend/cert.key

Run this command to generate the proxy for 500 hours:

/home/frontend/vdt/glite/bin/voms-proxy-init -cert /home/frontend/cert.p12 -key /home/frontend/cert.key -out /home/frontend/.globus/x509_service_proxy -valid 500:0.0

Now, let's make the cert and key owned by root to prevent any bad stuff from happening:

su - root
chown root:root /home/frontend/cert.p12
chown root:root /home/frontend/cert.key

Proxy was created and installed successfully!

END WARNING

Now we need to move the proxy certificate into a global location:

mkdir /etc/grid-security/
cp x509_service_proxy /etc/grid-security/

Let's install the "condor collector" and "condor schedd" AT THE SAME TIME (by selecting 4,5) as root.

su - root
/root/glideinWMS/install/glideinWMS_install
Please select: 4,5
Do you have already a VDT installation?: (y/n) n
Do you want to install the full OSG VDT client?: (y/n) n
Do you want to install a minimal Grid VDT client?: (y/n) y
Where do you want the VDT installed?: [/opt/vdt]
Directory '/opt/vdt' does not exist, should I create it?: (y/n) y
What pacman version should I use?: [pacman-3.26]
What VDT cache should I use?: [http://vdt.cs.wisc.edu/vdt_1101_cache]
Which platform do you want to use (leave empty for autodetect):
Do you agree to the licenses? [y/n] y
Would you like to setup daily rotation of VDT log files? y
Do you want to update the CA certification revocation lists (CRLs) automatically? [y/n] y
Where would you like to install CA files? r
Do you want to automatically update your CA Certificates? [y/n] y
Where should I fetch the CAs from?: [http://software.grid.iu.edu/pacman/cadist/ca-certs-version]
Which user should Condor run under?: [condor]
Where do you have the Condor tarball? /root/condor-7.3.2-linux-x86_64-rhel5-dynamic.tar.gz
Where do you want to install it?: [/opt/glidecondor]
Directory '/opt/glidecondor' does not exist, should I create it?: (y/n) y
If something goes wrong with Condor, who should get email about it?: me@mydomain.ext
Do you want to split the config files between condor_config and condor_config.local?: (y/n) [y]
Will you be using a proxy or a cert? (proxy/cert) proxy
Where is your proxy located?: /etc/grid-security/x509_service_proxy
DN:
How many slave collectors do you want?: [5]
What name would you like to use for this pool?: [My pool] devg5-pool
Do you want to use the more efficient Match authentication (works for Condor v7.1.3 and later)?: (y/n) y
GCB node:
How many secondary schedds do you want?: [9]

Let's restart condor:

killall condor_master
/opt/glidecondor/start_condor.sh

Condor Collector and Schedd is installed on the frontend system.

Now, we can begin installing the frontend user. We need to create a user account to host the frontend software installation:

su - root
groupadd -g 5002 frontend
useradd -c "Frontend Daemon" -g 5002 -m -s /bin/bash -u 5002 frontend

Make sure to get a copy of condor into the frontend's home directory:

cp condor-7.3.2-linux-x86_64-rhel5-dynamic.tar.gz /home/frontend/
chown frontend:frontend /home/frontend/condor-7.3.2-linux-x86_64-rhel5-dynamic.tar.gz

Copy the glideinWMS software into the frontend user's directory from CVS:

su - frontend
cvs -d :pserver:anonymous@cdcvs.fnal.gov:/cvs/cd_read_only co -r v2_1 glideinWMS

Now we need the HTTP server installation:

su - root
yum install httpd

HTTPD is installed

Copy over the JavaScriptRRD? package into the frontend's home directory:

cp javascriptrrd-0.4.2.zip /home/frontend/
chown frontend:frontend /home/frontend/javascriptrrd-0.4.2.zip
su - frontend
unzip javascriptrrd-0.4.2.zip

JavaScriptRRD is installed

Let's also install Flot:

wget http://flot.googlecode.com/files/flot-0.5.tar.gz
gunzip -c flot-0.5.tar.gz | tar xvf -

Flot was installed successfully!

Let's create a directory for the host and config log files:

mkdir /home/frontend/frontstage

Let's also create a directory for the web files:

su - root
mkdir /var/www/html/vofrontend
chown frontend:frontend /var/www/html/vofrontend

Finished with directory setup!

Now comes time to install the frontend. Let's begin:

su - frontend
/home/frontend/glideinWMS/install/glideinWMS_install
Please select: 7
Do you have already a javascriptRRD installation?: (y/n) y
Where is javascriptRRD installed?: /home/frontend/javascriptrrd-0.4.2
Do you have already a Flot installation?: (y/n) y
Where is Flot installed?: /home/frontend/flot
Where is your proxy located?: /etc/grid-security/x509_service_proxy
Where will you host your config and log files?: [/home/frontend/frontstage]
Where will the web data be hosted?: [/var/www/html/vofrontend]
What Web URL will you use?: [http://devg-5.t2.ucsd.edu/vofrontend/]
Give a name to this VO Frontend?: [myVO-devg-5] devg5-vo
Give a name to this VO Frontend instance?: [v1_0]
What node is the WMS collector running?: devg-4.t2.ucsd.edu
Collector name(s): [devg-5.t2.ucsd.edu]
Do you want to monitor all of them?: (y/n) y
What kind of jobs do you want to monitor?: [(JobUniverse? ==5)&&(GLIDEIN_Is_Monitor ! TRUE)&&(JOB_Is_Monitor ! TRUE)]
Give a name to the main group: [main]
Match string: [True]
Job attributes: []
Factory attributes: []
Do you want to use is to submit glideins: (y/n) [y] y
An empty entry means you are done. ... proxy fname:
DN (leave empty when finished):
Do you want to use the more efficient Match authentication (works for Condor v7.1.3 and later)?: (y/n) y
Do you want to expose the Grid env. to the user jobs?: (y/n) y
Do you want to create the VO Frontend instance (as opposed to just the config file)?: (y/n) [n] n

Ok, now add these lines to .bashrc:

vi ~/.bashrc
export X509_USER_PROXY=/etc/grid-security/x509_service_proxy

Let's create the VO Frontend instance:

/home/frontend/glideinWMS/creation/create_frontend /home/frontend/frontstage/instance_v1_0.cfg/frontend.xml

Let's also restart the VO Frontend:

/home/frontend/frontstage/frontend_devg5-vo-v1_0/frontend_startup stop
/home/frontend/frontstage/frontend_devg5-vo-v1_0/frontend_startup start

If the frontend fails to start, consult the frontend's log directory:

ls /home/frontend/frontstage/frontend_frontend-sl2-v1_0/log

Edit | Attach | Print version | History: r11 < r10 < r9 < r8 < r7 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r10 - 2009/11/09 - 22:40:00 - ChrisBoynton
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback