Installing GridPort and Globus - PowerPoint PPT Presentation

1 / 22
About This Presentation
Title:

Installing GridPort and Globus

Description:

Modest hardware. 256MB RAM, 1GB HD space, 500MHz. NPACI All Hands Meeting. March 6, 2002 ... Don't install any unnecessary network services (ftp, telnet server, DNS) ... – PowerPoint PPT presentation

Number of Views:85
Avg rating:3.0/5.0
Slides: 23
Provided by: kur145
Category:

less

Transcript and Presenter's Notes

Title: Installing GridPort and Globus


1
Installing GridPort and Globus
  • Kurt Mueller
  • San Diego Supercomputer Center
  • kurt_at_sdsc.edu

2
What is Required?
  • Unix system
  • Production portals currently running on Solaris 7
  • Tutorial covers installing on linux
  • Probably works on NT/2000/XP
  • Perl not installed by default
  • Greater OS overhead
  • Greater security risks
  • Modest hardware
  • 256MB RAM, 1GB HD space, 500MHz

3
What will we install?
  • Globus
  • Production systems use 1.1.4
  • Tutorial covers Globus 2.0
  • GridPort ToolKit
  • Optional packages
  • SRB

4
Operating System installation
  • Redhat Linux 7.2
  • Choose server installation
  • Dont install any unnecessary network services
    (ftp, telnet server, DNS)
  • Do check redhats website immediately after
    installation and apply security patches
  • Consider using ipchains or iptables for firewall
    protection -- install option

5
Globus 2.0 installation
  • Download linux binaries from www.globus.org
  • globus_api_bundle_i686_pc_linux_gnu.tar.gz
  • globus_tools_bundle-i686-pc-linux_gnu.tar.gz
  • gpt-0.2.tar.gz
  • Create globus directory
  • gt mkdir /usr/local/globus
  • Set Globus environment variable
  • GLOBUS_LOCATION/usr/local/globus
  • For SRB, also set
  • GLOBUS_INSTALLPATH/usr/local/globus
  • LD_LIBRARY_PATH/usr/local/globus/lib

6
Globus Installation (cont)
  • Install globus packaging toolkit
  • gt tar xvfz gpt-0.2.tar.gz
  • gt cd gpt-0.2
  • gt ./build_gpt
  • gt cd ..

7
Globus Installation (cont)
  • Install globus tools
  • gt /usr/local/globus/sbin/globus-\ install
    globus_tools_bundle-i686-pc\ linux-gnu.tar.gz
  • gt /usr/local/globus/setup/globus-\ postinstall.sh
  • gt /usr/local/globus/sbin/gpt_verify

8
Globus Installation (cont)
  • Install globus API (needed for myproxy)
  • gt /usr/local/globus/sbin/globus-\ install
    globus_api_bundle-i686-pc-\ linux-gnu.tar.gz
  • gt /usr/local/globus/setup/globus-\ postinstall.sh
  • gt /usr/local/globus/sbin/gpt_verify
  • Configure /etc/grid-security directory
  • gt /usr/local/globus/setup/globus/setup-gsi

9
Certificate considerations
  • Users must get certificates from a certificate
    authority that is trusted by portal and
    resources.
  • Certificates can be stored in gridport, or
    accessed via myproxy
  • http//www.ncsa.uiuc.edu/Divisions/ACES/MyProxy/
  • Users must be in grid-mapfile on resources in
    order to access them.

10
Install MyProxy
  • Get latest myproxy from ftp//ftp.ncsa.uiuc.edu/ac
    es/myproxy/myproxy-latest.tar.gz
  • gt mkdir /usr/local/portals
  • gt tar xvfz myproxy-latest.tar.gz
  • gt cd myproxy-0.4.1
  • gt ./configure \
  • --prefix/usr/local/portals/myproxy
    --with-globus-\ flavorgcc32dbgpthr
  • gt make
  • gt make client-install
  • gt make tools-install

11
Install GSI certificates
  • Request a host certificate from Globus
  • Instructions are online at
  • http//www.globus.org/gt2/install/verify
  • Save hostcert.pem and hostkey.pem to
    /etc/grid-security
  • Obtain Certificate Authority (CA) signing
    certificates from partner institutions (NPACI,
    NCSA, IPG, etc) and place in /etc/grid-security/ce
    rtificates.
  • Update /etc/grid-security/certificates/ca-signing-
    policy.conf with new CA information.

12
Install Apache web server
  • need Apache with SSL support
  • Using apache 1.3.20 in our testing
  • Packages
  • apache_1.3.20.tar.gz
  • mod_ssl-2.8.4-1.3.20.tar.gz
  • openssl-0.9.6b.tar.gz
  • Installation instructions are available at
  • http//rewind.sdsc.edu/docs/gridport_apache_insta
    ll.txt
  • Instructions include mod-perl, PHP4

13
Install additional Perl modules
  • Not included with base Redhat install, but
    necessary for GridPort Toolkit
  • IO-Tty-0.05
  • IO-Stty-.02
  • Expect-1.12
  • Digest-MD5-2.16
  • BundleDBI
  • Available from http//www.cpan.org

14
Install GridPort Toolkit
  • Download from https//gridport.npaci.edu
  • gt cp gridport0.9b.tar /usr/local/portals
  • gt cd /usr/local/portals
  • gt tar xvf gridport0.9b.tar
  • gt more README

15
GridPort setup hints
  • Install gridport out of webspace
  • Potential security problems if web server has
    access to gridport
  • /usr/local/apache/htdocs vs. /usr/local/portals/gr
    idport
  • Configure webserver to run as a specific user in
    a specific group that youve created just for
    this purpose.

16
GridPort setup hints (cont)
  • Example create new user gpserve in group
    gpserve set apache to run as this user.
  • In /usr/local/portals/gridport, create a
    directory called gpserve. Certificates and
    proxies will live here.
  • Change owner/group of gpserve directory to
    gpserve/gpserve
  • gt chown gpserve gpserve chgrp gpserve gpserve
  • Only owner/group read/write on gpserve and
    subdirectories
  • gt chmod 660 gpserve

17
GridPort setup hints (cont)
  • In gridport/services/globus/config, edit
    globus.conf for your system.
  • Gridport directory /usr/local/portals/gridport
  • globus path /usr/local/globus/bin
  • For Globus 2.0, add to end of globus.conf
  • ENVGLOBUS_PATH/usr/local/globus
  • ENVLD_LIBRARY_PATH/usr/local/globus/lib
  • ENVSASL_PATH/usr/local/globus/lib/sasl

18
GridPort setup hints (cont)
  • In gridport/services/authentication, edit
    gridport_user_login.cgi
  • Change cookie domain from .npaci.edu to your
    domain name.
  • Check all gridport scripts for variables and
    commmands to be changed. Normally at beginning of
    scripts, such as
  • whoami/usr/ucb/whoami
  • Update to reflect your local environment.

19
GridPort setup hints (cont)
  • Create machine configuration files for the
    resources you want to access.
  • These are in gridport/services/globus/config.
  • Files are called ltmachgt.conf
  • See EXAMPLE.conf for syntax

20
GridPort setup hints (cont)
  • SSPHN.conf
  • machinesSSPHNnametitleBlue Horizon
  • machinesSSPHNnameorgNPACI
  • machinesSSPHNnamesiteSDSC
  • machinesSSPHNgv1.13
  • machinesSSPHNstockai/usr/local/bin/reslist
  • machinesSSPHNstockquota/usr/sbin/quota
  • machinesSSPHNstockqs/usr/local/bin/llq/pac
    i/loadl/maui/bin/showq
  • machinesSSPHNstockcp/bin/cp
  • machinesSSPHNstockwhereis/usr/bin/whereis
  • machinesSSPHNstocksubmit_job/usr/local/bin/
    llsubmit
  • machinesSSPHNstockmake/usr/bin/make
  • machinesSSPHNstockgzip/usr/local/bin/gzip
  • machinesSSPHNstockgunzip/usr/local/bin/gunz
    ip
  • machinesSSPHNstockwhoami/usr/bin/whoami

21
Installing SRB
  • Email gridport_at_sdsc.edu or talk to one of us
    about getting latest srb scripts for gridport.
  • Also, need to get srb binaries compiled for linux
    and globus2.0 from us.
  • Install scripts in /usr/local/globus/services/srb/
  • Install binaries in /usr/local/portals/srb/

22
Create a portal
  • Use hotpage as template, available at
    https//gridport.npaci.edu
  • or
  • Create your own from scratch
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Installing GridPort and Globus" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!