VOMSdeployment2013

Plan for deploying the two new GridPP slave VOMS servers into active service.

Background and rationale

We have a VOMS server, voms.gridpp.ac.uk which hosts various mostly UK local VOs; that server is based in Manchester. For sake of resilience we are deploying two 'slave' VOMS servers, voms02.gridpp.ac.uk (at Oxford) and voms03.gridpp.ac.uk (at Imperial) which will be able to take over the job of issuing VOMS proxies in the event of an outage to the master server. The slave servers will not run the VOMS admin web interface.

Status

The slave servers are installed, but not fully tested, and not being used

Plan

Test all the VO's hosted at voms server at Manchester and replicated at Oxford and Imperial.

We have created a tarball kit to help test the new VOMS servers at Oxford and Imperial for some major GridPP hosted VOs, which can be used (on a working UI) as follows:

$ wget http://www-pnp.physics.ox.ac.uk/~macmahon/voms-testing.tar.gz
$ tar -zxvf  voms-testing.tar.gz
$ cd voms-testing
$ cat README
$ export X509_VOMS_DIR=$(pwd)/vomsdir
$ voms-proxy-init --debug  --vomses ./voms02/vo.southgrid.ac.uk  --voms vo.southgrid.ac.uk

If proxy is created successfully then update the table below.

Test Status - getting a VOMS proxy

Further steps

• Add the Oxford and Imperial servers to their respective GOCdb entries : Done
• Once they're known to be working, get the VO admins of each of the hosted VOs to add the necessary to their VOID cards in the operations portal
• Poke sites and get them to update their service node configurations to match the changed VOID card entries.
• Once a suitable time has passed and most service nodes are updated, encourage UI configurations to be updated.