== '''''How to Install Globus Toolkit Based on DRBL''''' == * 1. Introduction[[BR]][[BR]] * The installation guide is written by consulting GT 4.2 Quickstart. We install GT4.2 and DRBL on Debian.[[BR]][[BR]] * 2. Install and set up on the DRBL server and clients[[BR]][[BR]] * At first, you can download gt4.2.0-all-source-installer.tar.gz and build it. After installing, you can test successfully if you follow the instructions(see GT 4.2 Quickstart) to set up your machine. Now we only list some differences and modifications for GT4.2 based on DRBL.[[BR]][[BR]] * part_a) Globus Toolkit:[[BR]][[BR]] * Default shared directory on each machine is $GLOBUS_LOCATION. This directory should be readable and writable by all machines.[[BR]][[BR]] * "$GLOBUS_LOCATION/var" is the only one subdirectory which should be moved to non-NFS mount file system. This is because that globus-schedler-event-generator may doesn't work correctly if the locking of globus-fork.log fails.[[BR]][[BR]] * (1) on the DRBL_server {{{ cd $GLOBUS_LOCATION mv var /etc/ ln -s /etc/var var chmod 622 $GLOBUS_LOCATION/var/globus-for.log (Its permission should be like "-rw--w--w-".) cp /etc/var /tftpboot/nodes/[client_ip]/etc/ -rf }}} * (2) on all DRBL_clients {{{ chmod 622 $GLOBUS_LOCATION/var/globus-for.log (Its permission should be like "-rw--w--w-".) }}} * Each machine has its own directory: /etc/grid-security. This directory stores the signed host(container) keys and certificates and grid-mapfile for usr authorization.[[BR]][[BR]] * (1) on the DRBL_server {{{ cp /etc/grid-security /tftpboot/nodes/[client_ip]/etc/ -rf }}} * (2) on each machine {{{ To request and sign its own host certificates. }}} * /etc/grid-security {{{ root@drbl-srv:/etc/grid-security# ls -l drwxr-xr-x 4 root root 4096 2008-09-10 21:45 certificates -rw-r--r-- 1 root root 4625 2008-09-10 20:00 containercert.pem -r-------- 1 root root 891 2008-08-15 22:59 containerkey.pem lrwxrwxrwx 1 root root 61 2008-09-10 21:04 globus-host-ssl.conf -> /etc/grid-security/certificates/globus-host-ssl.conf.71a89a47 lrwxrwxrwx 1 root root 61 2008-09-10 21:04 globus-user-ssl.conf -> /etc/grid-security/certificates/globus-user-ssl.conf.71a89a47 -rw-r--r-- 1 root root 277 2008-08-25 21:10 grid-mapfile lrwxrwxrwx 1 root root 59 2008-09-10 21:04 grid-security.conf -> /etc/grid-security/certificates/grid-security.conf.71a89a47 -rw-r--r-- 1 root root 4625 2008-09-10 20:00 hostcert.pem -rw-r--r-- 1 root root 1367 2008-08-15 01:22 hostcert_request.pem -r-------- 1 root root 891 2008-08-15 01:22 hostkey.pem }}} * /etc/grid-security/certificates {{{ root@drbl-srv:/etc/grid-security/certificates# ls -l -rw-r--r-- 1 root root 1285 2008-09-08 10:16 71a89a47.0 -rw-r--r-- 1 root root 1344 2008-04-09 10:24 71a89a47.signing_policy -rw-r--r-- 1 root root 2625 2008-09-10 14:37 globus-host-ssl.conf.71a89a47 -rw-r--r-- 1 root root 2625 2008-09-10 14:37 globus-user-ssl.conf.71a89a47 -rw-r--r-- 1 root root 1306 2008-04-09 11:27 grid-security.conf.71a89a47 }}} * Each machine should also has some files in its own "/etc". You should copy this files from the DRBL_server to all clients. {{{ /etc/sudoers /etc/services /etc/xinetd.d/myproxy /etc/xinetd.d/gridftp /etc/xinetd.d/globus-gatekeeper }}}