Grid user crash course

From GridPP Wiki
Jump to: navigation, search

Using the Grid

The information herein is summarized from the currently most comprehensive document for new Grid users, i.e. gLite User Guide. That document is long, but it's worth knowing what it contains. A link it can be found on this page: http://www.gridpp.ac.uk/deployment/users/

This is a crash course on using the grid. Hopefully, if you use this course, your jobs won't crash. I assume from the start that you already have a configured UI at your disposal, although we have a tutorial on that too, should you need it.


Getting a grid certificate

Getting a grid certificate is a multi-step process, and is run by the UK e-science Certificate Authority, which is part of the National Grid Service. To start the process, you need to choose a web browser (e.g. Firefox) that you will have consistent access to (you need to use the same system for both requesting your certificate and retrieving it when it's ready). Don't use a temporary login anywhere.

Using the browser visit https://ca.grid-support.ac.uk/ and select the 'Request a Certificate' option, then choose 'User Certificate', fill in your personal details (using your departmental email address) and select the appropriate registration authority (RA) for your site. Further instructions will then be emailed to you; once that has happened you should get a further email from the RA staff, and you'll then need to visit them in person, with some photo-id.

Converting your grid certificate

To convert the new certificate for use in grid jobs, use the openssl pkcs12 command to convert the certificate into the certificate and key files you will need to generate proxies for grid work.

$ cd ~/.globus
$ mv [your-cert-file] ./.
$ openssl pkcs12 -in [your-cert-file] -clcerts -nokeys -out usercert.pem
$ openssl pkcs12 -in [your-cert-file] -nocerts -out userkey.pem

...where [your-cert-file] is the name and path of your exported certificate file, and [path]/[filename].pem is the name and path for the certificate and key file to be generated in an existing directory. In response to each command, you will be prompted for your grid password.

You will then need to Change permissions to protect the converted key file:

$ chmod 600 userkey.pem

(Adapted from the instructions here - thanks!)

Joining a VO

Your grid certificate identifies you to the grid as an individual user, but it's not enough on its own to allow you to run jobs; you also need to join a Virtual Organisation (VO). These are essentially just user groups, typically one per experiment, and individual grid sites can choose to support (or not) work by users of a particular VO. Most sites support the four LHC VOs, fewer support the smaller experiments. The sign-up procedures vary from VO to VO, UK ones typically require a manual approval step, LHC ones require an active CERN account.

For anyone that's interested in using the grid, but is not working on an experiment with an existing VO, some sites have a local VO that can be used to get started.

Running jobs (this section is obsolete)

Please refer to the introduction to the GridPP DIRAC server instead.

Data management (this section is obsolete)

Data storage on the grid is based around Storage Element (SE) systems and DIRAC File Catalogue (DFC). The former store data, the latter keep track of the locations of the data. Please see the introduction to GridPP DIRAC for basic data management commands.