T2 Condor Client setup for the UCSD UAF Cluster
Contents
Installation Steps
- Download the latest tarball for condor
- Grab the GlideinWMS from the cvs repo
- Install the GlideinWMS and Condor
Grab tarball of condor
Grab it from the latest release, or another CE
Grab the glideinWMS
cd /root
cvs -d :pserver:anonymous@cdcvs.fnal.gov:/cvs/cd_read_only co -r v2_5_1 glideinWMS
Remove Existing Condor
Remove any existing condor install
# cd ~/glideinWMS/install
# ./glideinWMS_install
Welcome to the glideinWMS Installation Helper
What do you want to install?
(May select several options at one, using a , separated list)
[1] glideinWMS Schedds and Collector
[2] Glidein Factory
[3] GCB
[4] User Pool Collector
[5] User Schedd
[6] Condor for VO Frontend
[7] VO Frontend
[8] Components
Please select: 5
The following profiles will be installed:
[5] User Schedd
Installing user submit schedds
Installing condor
Which user should Condor run under?: [condor]
You will now need the Condor tarball
You can find it on http://www.cs.wisc.edu/condor/
Versions v7.4.4 and 7.5.4 have been tested, but you
should always use the latest one
Where do you have the Condor tarball? /root/condor-7.6.1-x86_rhap_5-stripped.tar.gz
Checking...
Seems condor version 7.6.1-x86_rhap_5-stripped
Where do you want to install it?: [/opt/glidecondor] /data/glidecondor
Directory '/data/glidecondor' does not exist, should I create it?: (y/n) y
Installing condor in '/data/glidecondor'
If something goes wrong with Condor, who should get email about it?: t2support@physics.ucsd.edu
Extracting from tarball
Running condor_configure
Installing Condor from /data/glidecondor/tar/condor-7.6.1-x86_rhap_5-stripped to /data/glidecondor
Condor has been installed into:
/data/glidecondor
Configured condor using these configuration files:
global: /data/glidecondor/etc/condor_config
local: /data/glidecondor/condor_local/condor_config.local
You should look inside the installation log for some details about how
Condor was installed.
Created scripts which can be sourced by users to setup their
Condor environment variables. These are:
sh: /data/glidecondor/condor.sh
csh: /data/glidecondor/condor.csh
Do you want to split the config files between condor_config and condor_config.local?: (y/n) [y] y
Condor installed
Configuring GSI security
GSI security relies on a list of trusted CAs
Where can I find the directory with the trusted CAs?
Do you want to get it from VDT?: (y/n) y
Do you have already a VDT installation?: (y/n) y
Where is the VDT installed?: /data/vdt/
Using VDT installation in /data/vdt
To use the GSI security for User Schedd, you either need
a valid GSI proxy or a valid x509 certificate and relative key.
Its subject (i.e. DN) will be added as the trusted daemon
in the condor configuration.
Will you be using a proxy or a cert? (proxy/cert) cert
Where is your certificate located?: /etc/grid-security/hostcert.pem
Where is your certificate key located?: /etc/grid-security/hostkey.pem
My DN = '/DC=org/DC=doegrids/OU=Services/CN=uaf-8.t2.ucsd.edu'
You will most probably need other DNs in the condor grid mapfile.
The schedd will need to talk to the Pool Collector on a
daemon to daemon level. The Glidein startds will also need
to be authenticated as daemons. Any other node or process
that needs to talk securely with the schedd (like the
VO Frontend) also needs to be authenticated, but not as
a daemon. Finally, if you expect any processes on this node
to use condor security toward other nodes (e.g. the VO Frontend
talking to the WMS Collector), the remote services will also
need to be authenticated. The subjects (i.e. DNs)
for these services will thus most likely be needed.
Please insert all such DNs, together with a user nickname.
An empty DN entry means you are done.
DN: /DC=org/DC=doegrids/OU=Services/CN=uaf-2.t2.ucsd.edu
nickname: [condor001] uaf2
Is this a trusted Condor daemon?: (y/n) y
DN:
Condor supports a more efficient Match authentication that is also more secure.
Newer versions of the VO Frontend will not work if you don't enable it,
but you may still be able to use this schedd for other purposes.
Do you want to enable Match authentication?: (y/n) y
Make sure you use Match authentication in the glideins, too
Condor 7.5.3 and up support the use of a shared_port_daemon
that drastically reduces the number of ports used
and thus also improves the pool scalability.
Do you want to enable the shadred_port_daemon?: (y/n) n
What node is the collector running (i.e. CONDOR_HOST)?: uaf-2.t2.ucsd.edu
Please list all the GCB servers you will be using
Leave an empty line when finished
GCB node:
How many secondary schedds do you want?: [9] 0
Restarting Condor
**************************************************
User submit schedd installation succeeded
**************************************************
--
TerrenceMartin - 2011/07/11