Sections

About GridPP

Documents

Activities

Management

Wiki

Help Pages

EDG 2 Testbed Install

Introduction

This is a quick and easy method for setting up a simple and working EDG testbed using LCFGng including the initial LCFGng server installation.

Presently this method can be used to install edg version 2.0.

These notes are based on the methods explained in WP4's instructions for LCFGng with some extras portions added by WP6. Do read WP4's documentations as there is much overlap with this and there are more details there in some areas.

Required Nodes

The number of nodes required for testbed 2 is one 1 more that testbed 1. A minimum testbed for accepeting jobs is one SE, one CE, one MON BOX and some WNs.

Optional boxes include the UI, an RB and a MyProxy node. All other nodes are for supporting VOs and in the first instance will be provided by core EDG testbed sites.

LCFG Server

A dedicated machine is no longer absolutly required but the starting point should be a Redhat 7.3 machine with all patches applied and five gigabytes on space available in /opt/local. A low end box for this is fine, eg at RAL a 600MHz Athlon is in use as the main LCFGng server.

The LCFGng server should have an Apache webserver, an NFS server, a DHCP server and tftp server if you plan to use PXE.

Fetch EDG Release Module and Required RPMS

Download gpp-fetch-edg-release.sh and having chosen a tag to install, presently v2_0_1 run the following commands.

# gpp-fetch-edg-release.sh -o /tmp -r v2_0_1,
# cp /tmp/edg-release/ng_updaterep/updaterep.conf /etc/updaterep.conf
# cp /tmp/edg-release/ng_updaterep/*.pl /usr/local/bin/.
# mkdir -p /opt/local/linux/7.3/RPMS
# /usr/local/bin/updateRPMCache.pl \
      --rpmcfg /tmp/edg-release/ng_rpmlist/*-rpm.h \
               /tmp/edg-release/ng_rpmlist/lcfgng-server-rpm
Note you can also delete any rpms that you do need anymore with.
# /usr/local/bin/updateRPMCache.pl --clean --rpmcfg /tmp/edg-release/ng_rpmlist/*-rpm.h

The gpp-fetch-edg-release checks a particular cvs tag of edg-release from the server at Marianne. The script updateRPMCache.pl reads both /etc/updaterep.conf and all the *rpm.h files specified on the command line and downloads the exact rpms that you need to /opt/local/linux/7.3/RPMS

Network Time Protocol

It is important that NTP be set up correctly on your host.

Set up LCFGng

Install edg-populate-serverng-1.0.22-edg1.noarch.rpm and updaterpms-static-server-1.0.2-1.i386.rpm on the LCFG server.

Now run the script:

/opt/local/linux/utils/installpackages-ngserver73

this will install some more RPMS on the LCFGng server.

Now run.

checkServerRPMs.pl /opt/local/linux/7.3/rpmcfg

This does a portion of what the script above does but with rather more success, the first script may indead not be nescesary but needs to be confirmed.

Now run the script:

/opt/local/linux/utils/create-nginstallroot-rh73

This will create a mini rpm installation within /opt/local/linux/nginstallroot/7.3 to be used as an NFS mounted root by the LCFGng clients. You may see an error like this which you can ignore.

Create a couple of empty directories.

mkdir -p /opt/local/linux/7.3/RPMS/WP8/LHCb
mkdir -p /opt/local/linux/7.3/RPMS/WP10

Prepare Profiles

Defaults

Install both the LCFGng profiles and the rpm lists for each node. 
# cp /tmp/edg-release/ng_source/* /var/obj/conf/server/source/.
# cp /tmp/edg-release/ng_rpmlist/* /opt/local/linux/7.3/rpmcfg/.

Node Types

Copy the example node files to your hostname named files, eg: 
# cp /tmp/edg-release/ng_source/examples/exampleCE /var/obj/conf/server/source/gppce06
# cp /tmp/edg-release/ng_source/examples/exampleSE /var/obj/conf/server/source/gppse06
# cp /tmp/edg-release/ng_source/examples/exampleWN /var/obj/conf/server/source/gppwn06
# cp /tmp/edg-release/ng_source/examples/exampleUI /var/obj/conf/server/source/gppui06
In this example my CE was called gppce06.gridpp.rl.ac.uk

Note in the exampleCE there is presently a mistake. Replace '#else' with '#endif'.

Customise

Move directory to /var/obj/conf/server/source and make a local copy of the site-cfg.h, eg site-cfg-ral.h. Modify this file asking tb-support@jiscmail.ac.uk if and when confusion arrises. It may be advisable to post the whole file for comment from other people before continuing. As an example this is RAL's site-cfg.h for testbed EDG2.0.0.

Modify each of your top level nodefiles , eg gppce06:

  • Change the unqualified hostname in this file.
  • Include your customised site-cfg-ral.h
  • Set a root password with the line:
    +auth.rootpwd GlNcFTQdsfjaa5
    having generated the password hash with openssl passwd.
  • If you have anything other than eepro100 ethernet card you need to add something like.
    +hardware.mod_eth0 alias eth0 e1000
    to the end of you profile to specify the network driver that is required.

Webserver

Assuming you already have apache installed you should copy the file /etc/httpd/conf/httpd.conf.ngexample73 to /etc/httpd/conf/httpd.conf.

This apache config sets up a DocumentRoot of /var/obj/conf/server/web and provides basic authentication to files that match install.cgi.

You must set a a password for this user that can view install.cgi. Running

# htpasswd -c /etc/httpd/.htpasswd lcfgng

will allow you to set a password for a user lcfgng.

htpasswd is part of the apache package.

Compile Profiles

There is now a mkxprofd service that is responsible for this. You should start it and configure it to start at boot time.
/sbin/service mkxprofd start
/sbin/chkconfig --levels 345 mkxprofd on

To actually compile the profiles

/sbin/service mkxprofd reload

can be issued.

Touching the files in /var/obj/conf/server/source/ and reloading mkxprofd will force a recompile your profiles.

To check the status of your profile compilations vist. http://yourLCFGserver.nowhere.org/status/.

NFS

Add something like the following to your /etc/exports file.

/opt/local/linux/ *.gridpp.rl.ac.uk(ro,no_root_squash)

DHCP

All nodes that you plan to install must have a DHCP entry on a DNS server. This can be your LCFG server or an existing DHCP server, even a windows one. A simple dhcpd.conf file for two nodes would be something like this. 

deny unknown-clients;
# the server will not reply to the unknown clients; in this way
# it is possible to have a second DHCP server on your subnet
not authoritative;
                                                                                
subnet 130.246.184.0 netmask 255.255.252.0 {
                                                                                  

  group {
     option domain-name "gridpp.rl.ac.uk";
     option routers 130.246.184.254;
     option user-class "http://gpplcfg.gridpp.rl.ac.uk/profiles/";
     option domain-name-servers 130.246.8.13, 130.246.72.21, 130.246.56.240;
     filename      "pxelinux.0" ;                                                                      
     next-server   gpplcfg.gridpp.rl.ac.uk;                                                                                 
     host gppse01 {
         hardware ethernet   00:03:47:97:cb:d2;
         fixed-address gppse01.gridpp.rl.ac.uk;
     }
                                                                                
     host dev06 {
         hardware ethernet 00:03:47:97:c9:95;
         fixed-address dev06.gridpp.rl.ac.uk;
     }

}

In this example this is for installing gppse01 and dev06 using the lcfgng server, gpplcfg.gridpp.rl.ac.uk on a RAL network.

The "pxelinux.0" loader file must be placed on the lcfgng server in /tftpboot.

  • cp /usr/lib/syslinux/pxelinux.0 /tftpboot

Install Nodes

There are two options for this, floppy or PXE.

Floppy

Download a floppy disk image from bootdisk_rh73_04122002.img and burn it on to a floppy with:

dd if=bootdisk_rh73_22112002.img of=/dev/fd0 bs=1024

Put this in your LCFGng client and boot from this floppy.

PXE

Enable tftp on your LCFG server. Edit /etc/xinetd.d/tftp to enable the service and restart xinetd. The file tftp should look something like.

service tftp
{
        socket_type             = dgram
        protocol                = udp
        wait                    = yes
        user                    = root
        server                  = /usr/sbin/in.tftpd
        server_args             = -s /tftpboot -v
        disable                 = no
        per_source              = 11
        cps                     = 100 2
}

with disable = no.

Visit http://yourlcfgserver/install/install.cgi providing the username(lcfgng) and password you entered earlier. You can now select a kernel to load via PXE rather than just booting by default from the hard disk.

You should modify your client' boot order in the bios to be.

  1. Floppy
  2. Network
  3. Harddisk.

Now reboot the client. At the end of the install a cgi script on the web server is called to change the clients pxe configuration to again boot from the hard disk.

Post Installation

This is now much smaller that it was. Look at the edg-release-notes.txt that you will have downloaded into /tmp/edg-release/ where the post install notes are now maintained.

Host Certificates

The pkcs12 host certificate bundle issued by the e-Science CA will need to be converted into a certificate (hostcert.pem) and private key (hostkey.pem) and put into /etc/grid-security directory. The permissions of these files should be:
  • chmod 400 hostkey.pem
  • chmod 444 hostcert.pem

Supporting the gridpp VO

On the CE, edit /opt/edg/etc/edg-mkgridmap.conf and add the line 
group ldap://vo.gridpp.ac.uk/ou=testbed,dc=gridpp,dc=ac,dc=uk .gridpp
Then re-build the grid-map file
  • /opt/edg/sbin/edg-mkgridmap --conf /opt/edg/etc/edg-mkgridmap.conf --output /share/grid-security/grid-mapfile
More details concerning the gridpp vo are available here

Setting up PBS Queues and Nodes

On the CE:
  • cd /var/spool/pbs
  • edit pbs_environment and add /usr/sbin to the PATH
  • /usr/bin/qmgr < my_qmgr.conf
  • /usr/bin/qmgr < my_nodes.conf
Example configuration files: my_qmgr.conf and my_nodes.conf

Finally, edit /var/spool/pbs/server_priv/nodes and add "np=2" to the end of each dual processor machine.

Summary

It is unlikley that everything will work smoothly or that there will not be questions along the way, do please ask the tb-support mailing list.

Last modified Mon 21 April 2008 . View page history
Switch to HTTPS . Website Help . Print View . Built with GridSite 1.4.3
For more about GridPP please contact Neasan O'Neill