Imperial Dirac server
From GridPP Wiki
Revision as of 15:11, 7 August 2014 by Simon Fayer 9b75294973 (Talk | contribs)
Contents
Prerequisites
- A host machine with SL6.
- >3GB free in /opt.
- A host certificate.
- An EMI2 UI (or EMI3, but with voms-clients-2).
- Ports 8080, 8443 & 9130-9200 TCP open on any firewalls.
- No mysql or mysql-libs package on the machine (/etc/my.cnf conflicts with dirac settings).
- A link to the documentation.
- Sign up with the diracgrid-forum.
Now you need to work out which version to install; this can be found in the tags list on GitHub.
Installing the server
Following the steps here to some degree.
[root ~]# wget http://repository.egi.eu/sw/production/cas/1/current/repo-files/EGI-trustanchors.repo -O /etc/yum.repos.d/EGI-trustanchors.repo [root ~]# yum install ca-policy-egi-core [root ~]# useradd -s /bin/bash -d /home/dirac dirac [root ~]# mkdir -p /opt/dirac/etc/grid-security/ [root ~]# cp /etc/grid-security/host*.pem /opt/dirac/etc/grid-security [root ~]# chown -R dirac:dirac /opt/dirac [root ~]# su - dirac [dirac ~]$ ln -s /etc/grid-security/certificates /opt/dirac/etc/grid-security/certificates [dirac ~]$ mkdir ~/DIRAC [dirac ~]$ cd ~/DIRAC [dirac DIRAC]$ wget https://github.com/DIRACGrid/DIRAC/raw/integration/Core/scripts/install_site.sh
This is the initial preparation done, the next steps actually install the server components.
# This step takes quite a while (~10 minutes)
[dirac DIRAC]$ ./install_site.sh full.cfg
# Eventually it fails with a python error ending with: Requirement.parse('WebOb>=1.2'))
# Edit /opt/dirac/versions/v6r11p8_1407412493/Linux_x86_64_glibc-2.12/lib/python2.6/site-packages/WebTest-2.0.14-py2.6.egg/EGG-INFO/requires.txt to erase the WebOb line.
# Then start it again...
[dirac DIRAC]$ ./install_site.sh full.cfg
# This should eventually finish and print a list of component statuses.
Now open the web interface and check that it appears to work, here is ours.
Adding a new (admin) user
As the admin user specified in the config file (note: needs user*.pem in ~/.globus) do:
[dirac DIRAC]$ source /opt/dirac/bashrc [dirac DIRAC]$ dirac-proxy-init -g dirac_admin [dirac DIRAC]$ dirac-admin-add-user -N newusername -D "/C=UK/O=eScience/OU=Imperial/L=Physics/CN=new user DN" -M "user@maildomain.ac.uk" -G dirac_admin
Adding a VO
We keep the VO config separately so that we can just merge in a new VO as needed. Unfortunately if you do this, the plugin which retrieves the usernames will only work with one of them. For now we add VOs and resources at the same time, but this can probably be done independently.
[dirac DIRAC]$ source /opt/dirac/bashrc [dirac DIRAC]$ dirac-proxy-init -g dirac_admin # First create a SiteDirector instance for the VO [dirac DIRAC]$ dirac-admin-sysadmin-cli --host dwms00.grid.hep.ph.ic.ac.uk [dirachost]> install agent WorkloadManagement SiteDirectorDteam -m SiteDirector [dirachost]> quit [dirac DIRAC]$ dirac-configuration-cli (dips://...)-Connected> mergeFromFile dteam.cfg (dips://...)-Connected> writeToServer ... Data sent to server. (dips://...)-Connected> quit [dirac DIRAC]$ dirac-admin-sysadmin-cli --host dwms00.grid.hep.ph.ic.ac.uk [dirachost]> restart * # Enable the site dirac-admin-allow-site LCG.UKI-LT2-IC-HEP.uk "Go"
Now we have to upload a pilot proxy for the VO we want to use:
[dirac DIRAC]$ dirac-proxy-init -P
Things to test
- Tarball UI
