wiki:chwhs/Grid_environment/GT_DRBL

Version 1 (modified by chwhs, 16 years ago) (diff)

--

How to Install Globus Toolkit Based on DRBL

  • 1. Introduction

    • The installation guide is written by consulting GT 4.2 Quickstart. We install GT4.2 and DRBL on Debian.

  • 2. Install and set up on the DRBL server and clients

    • At first, you can download gt4.2.0-all-source-installer.tar.gz and build it. After installing, you can test successfully if you follow the instructions(see GT 4.2 Quickstart) to set up your machine. Now we only list some differences and modifications for GT4.2 based on DRBL.

    • part_a) Globus Toolkit:

      • Default shared directory on each machine is $GLOBUS_LOCATION. This directory should be readable and writable by all machines.

      • "$GLOBUS_LOCATION/var" is the only one subdirectory which should be moved to non-NFS mount file system. This is because that globus-schedler-event-generator may doesn't work correctly if the locking of globus-fork.log fails.

        • (1) on the DRBL_server
           cd $GLOBUS_LOCATION
           mv var /etc/
           ln -s /etc/var var
           chmod 622 $GLOBUS_LOCATION/var/globus-for.log (Its permission should be like "-rw--w--w-".)
           cp /etc/var /tftpboot/nodes/[client_ip]/etc/ -rf
          
        • (2) on all DRBL_clients
           chmod 622 $GLOBUS_LOCATION/var/globus-for.log (Its permission should be like "-rw--w--w-".)
          
      • Each machine has its own directory: /etc/grid-security. This directory stores the signed host(container) keys and certificates and grid-mapfile for usr authorization.

        • (1) on the DRBL_server
          cp /etc/grid-security /tftpboot/nodes/[client_ip]/etc/ -rf
          
        • (2) on each machine
          To request and sign its own host certificates.
          
        • /etc/grid-security
           root@drbl-srv:/etc/grid-security# ls -l
          drwxr-xr-x  4 root root 4096 2008-09-10 21:45 certificates
          -rw-r--r--  1 root root 4625 2008-09-10 20:00 containercert.pem
          -r--------  1 root root  891 2008-08-15 22:59 containerkey.pem
          lrwxrwxrwx  1 root root   61 2008-09-10 21:04 globus-host-ssl.conf -> /etc/grid-security/certificates/globus-host-ssl.conf.71a89a47
          lrwxrwxrwx  1 root root   61 2008-09-10 21:04 globus-user-ssl.conf -> /etc/grid-security/certificates/globus-user-ssl.conf.71a89a47
          -rw-r--r--  1 root root  277 2008-08-25 21:10 grid-mapfile
          lrwxrwxrwx  1 root root   59 2008-09-10 21:04 grid-security.conf -> /etc/grid-security/certificates/grid-security.conf.71a89a47
          -rw-r--r--  1 root root 4625 2008-09-10 20:00 hostcert.pem
          -rw-r--r--  1 root root 1367 2008-08-15 01:22 hostcert_request.pem
          -r--------  1 root root  891 2008-08-15 01:22 hostkey.pem
          
        • /etc/grid-security/certificates
           root@drbl-srv:/etc/grid-security/certificates# ls -l
          -rw-r--r--  1 root root 1285 2008-09-08 10:16 71a89a47.0
          -rw-r--r--  1 root root 1344 2008-04-09 10:24 71a89a47.signing_policy
          -rw-r--r--  1 root root 2625 2008-09-10 14:37 globus-host-ssl.conf.71a89a47
          -rw-r--r--  1 root root 2625 2008-09-10 14:37 globus-user-ssl.conf.71a89a47
          -rw-r--r--  1 root root 1306 2008-04-09 11:27 grid-security.conf.71a89a47
          
      • Each machine should also has some files in its own "/etc". You should copy this files from the DRBL_server to all clients.
         /etc/sudoers
         /etc/services
         /etc/xinetd.d/myproxy
         /etc/xinetd.d/gridftp
         /etc/xinetd.d/globus-gatekeeper