T2 Condor Client setup for the UCSD UAF Cluster

Contents

Installation Steps

  • Download the latest tarball for condor
  • Grab the GlideinWMS from the cvs repo
  • Install the GlideinWMS and Condor

Grab tarball of condor

Grab it from the latest release, or another CE

Grab the glideinWMS

cd /root
cvs -d :pserver:anonymous@cdcvs.fnal.gov:/cvs/cd_read_only co -r v2_5_1 glideinWMS

Remove Existing Condor

Remove any existing condor install

Install condor and GlideinWMS

# cd ~/glideinWMS/install
# ./glideinWMS_install 
Welcome to the glideinWMS Installation Helper

What do you want to install?
(May select several options at one, using a , separated list)
[1] glideinWMS Schedds and Collector
[2] Glidein Factory
[3] GCB
[4] User Pool Collector
[5] User Schedd
[6] Condor for VO Frontend
[7] VO Frontend
[8] Components
Please select: 5

The following profiles will be installed:
[5] User Schedd

Installing user submit schedds

Installing condor

Which user should Condor run under?: [condor] 

You will now need the Condor tarball
You can find it on http://www.cs.wisc.edu/condor/
Versions v7.4.4 and 7.5.4 have been tested, but you
should always use the latest one

Where do you have the Condor tarball? /root/condor-7.6.1-x86_rhap_5-stripped.tar.gz
Checking...
Seems condor version 7.6.1-x86_rhap_5-stripped

Where do you want to install it?: [/opt/glidecondor] /data/glidecondor
Directory '/data/glidecondor' does not exist, should I create it?: (y/n) y
Installing condor in '/data/glidecondor'

If something goes wrong with Condor, who should get email about it?: t2support@physics.ucsd.edu
Extracting from tarball
Running condor_configure
Installing Condor from /data/glidecondor/tar/condor-7.6.1-x86_rhap_5-stripped to /data/glidecondor

Condor has been installed into:
    /data/glidecondor

Configured condor using these configuration files:
  global: /data/glidecondor/etc/condor_config
  local:  /data/glidecondor/condor_local/condor_config.local
You should look inside the installation log for some details about how
Condor was installed.
Created scripts which can be sourced by users to setup their
Condor environment variables.  These are:
   sh: /data/glidecondor/condor.sh
  csh: /data/glidecondor/condor.csh

Do you want to split the config files between condor_config and condor_config.local?: (y/n) [y] y
Condor installed

Configuring GSI security

GSI security relies on a list of trusted CAs
Where can I find the directory with the trusted CAs?

Do you want to get it from VDT?: (y/n) y
Do you have already a VDT installation?: (y/n) y
Where is the VDT installed?: /data/vdt/
Using VDT installation in /data/vdt

To use the GSI security for User Schedd, you either need 
a valid GSI proxy or a valid x509 certificate and relative key.
Its subject (i.e. DN) will be added as the trusted daemon 
in the condor configuration.

Will you be using a proxy or a cert? (proxy/cert) cert
Where is your certificate located?: /etc/grid-security/hostcert.pem
Where is your certificate key located?: /etc/grid-security/hostkey.pem
My DN = '/DC=org/DC=doegrids/OU=Services/CN=uaf-8.t2.ucsd.edu'

You will most probably need other DNs in the condor grid mapfile.
The schedd will need to talk to the Pool Collector on a 
daemon to daemon level. The Glidein startds will also need 
to be authenticated as daemons. Any other node or process 
that needs to talk securely with the schedd (like the 
VO Frontend) also needs to be authenticated, but not as 
a daemon. Finally, if you expect any processes on this node 
to use condor security toward other nodes (e.g. the VO Frontend 
talking to the WMS Collector), the remote services will also 
need to be authenticated. The subjects (i.e. DNs) 
for these services will thus most likely be needed.

Please insert all such DNs, together with a user nickname.
An empty DN entry means you are done.
DN: /DC=org/DC=doegrids/OU=Services/CN=uaf-2.t2.ucsd.edu
nickname: [condor001] uaf2
Is this a trusted Condor daemon?: (y/n) y
DN: 

Condor supports a more efficient Match authentication that is also more secure.
Newer versions of the VO Frontend will not work if you don't enable it,
but you may still be able to use this schedd for other purposes.
Do you want to enable Match authentication?: (y/n) y

Make sure you use Match authentication in the glideins, too


Condor 7.5.3 and up support the use of a shared_port_daemon
that drastically reduces the number of ports used
and thus also improves the pool scalability.

Do you want to enable the shadred_port_daemon?: (y/n) n
What node is the collector running (i.e. CONDOR_HOST)?: uaf-2.t2.ucsd.edu
Please list all the GCB servers you will be using
Leave an empty line when finished
GCB node: 
How many secondary schedds do you want?: [9] 0

Restarting Condor

**************************************************
User submit schedd installation succeeded
**************************************************

-- TerrenceMartin - 2011/07/11

Topic revision: r1 - 2011/07/11 - 22:17:04 - TerrenceMartin
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback