The official Metadata Access Interface for EGEE

1
E-science grid facility forEurope and Latin
America
LFC Server Installation and Configuration
Antonio Calanducci INFN Catania
www.eu-eela.eu
2
Installation Pre-requisites

• Start from a machine with Scientific Linux 4.x
  i386 installed.
• Syncronization among all gLite nodes is
  mandatory. It can be achieved by the NTP
  protocol with a time server.
• Install ntp if not already available for your
  system
• yum install ntp

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
2
3
Installation Pre-requisite

• Check that your machine has a fully qualified
  name with
• hostname -f
• you should get back the name of the machinine
  including the domain

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
3
4
Installation Pre-requisites (Java)

• Verify that Java JDK 1.5 is installed. If not
• yum install jdk java-1.5.0-sun-compat

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
4
5
Host Certificates

• Install the host certificate
• Create the dir /etc/grid-security if not already
  there and download your certificates
• and set proper permissions
• chmod 644 /etc/grid-security/hostcert.pem
• chmod 400 /etc/grid-security/hostkey.pem
• ll /etc/grid-security/
• -rw-r--r-- 1 root root 1127 Jun 14 1227
  hostcert.pem
• -r-------- 1 root root 887 Jun 14 1228
  hostkey.pem

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
5
6
Set up YUM repositories

• The LFC version with the MySQL back-end requires
  the installation of the following metapackage
• ig_LFC_mysql
• This will install the needed RPMs to set up the
  machine
• The required repositories are
• "ca dag ig jpackage gilda"
• You can use the following bash code to populate
  /etc/yum.repos.d
• REPOS"ca dag ig jpackage gilda"
• for name in REPOS do wget http//grid018.ct.infn
  .it/mrepo/repos/name.repo -O /etc/yum.repos.d/na
  me.repo done
• Additionaly download the following file to add
  the LFC yum repository (download inside the
  /etc/yum.repos.d/ dir)
• wget http//grid-it.cnaf.infn.it/mrepo/repos/glite
  -lfc_mysql.repo

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
6
7
Install the LFC metapackage

• Run the proper YUM command
• yum install ig_LFC_mysql
• Install the Certificate Autorities stuff with
• yum install lcg-CA
• For a GILDA node, install the GILDA CA and VOMS
  certificates with
• yum install gilda_utils

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
7
8
Site Configuration File

• All the configuration values to sites have to be
  set up in a site configuration file using
  key-value pairs.
• This file is shared among all the different gLite
  node types. So edit once and keep it in a safe
  place
• Create a copy of /opt/glite/yaim/examples/siteinfo
  /ig-site-info.def template to your reference
  directory for the installation
• cp /opt/glite/yaim/examples/siteinfo/ig-site-inf
  o.def
• /opt/glite/yaim/etc/gilda/gilda-site-info.def
• The general syntax of the file is a sequence of
  bash-like assignments of variables
  (ltvariablegtltvaluegt, no spaces are allowed around
  ).
• A good syntax test for your site configuration
  file is to try to source it manually running the
  command
• source my-site-info.def

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
8
9
gilda-site-info.def

• Set the following variables
• NTP_HOSTS_IPntp-1.infn.it
• JAVA_LOCATION/usr/java/jdk1.5.0_14
• MYSQL_PASSWORDset_this_to_a_good_password
• GROUPS_CONF/opt/glite/yaim/etc/gilda/gilda_ig-gro
  ups.conf
• JAVA_LOCATION"/usr/java/jdk1.5.0_14
• LFC_HOSThostXX.MY_DOMAIN
• LFC_DB_PASSWORDwhateveryouwant
• LFC_DB_HOSTLFC_HOST
• LFC_DBcns_db
• LFC_CENTRAL"gilda"
• VOS"gilda

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
9
10
Node Configuration

• Now we can configure the node
  /opt/glite/yaim/bin/ig_yaim -c -s
  /opt/glite/yaim/etc/gilda/gilda-site-info.def -n
  ig_LFC_mysql

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
10
11
LFC Testing

• Log in on a User Interface and create a valid
  proxy with VOMS extensions.
• Set up the following env variabile to point to
  your fresh new LFC server
• LFC_HOSThostXX.YOUR_DOMAIN

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
11
12
LFC Testing

• Browse the virtual filesystem of the File
  Catalogue with
• lfc-ls -l /
• lfc-ls -l /grid/gilda
• Create a directory undet /grid/gilda
• lfc-mkdir /grid/gilda/test_dir

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
12
13
File Upload and registration

• Upload a local file to a grid Storage Element and
  register it on the file catalogue
• touch new.txt
• lcg-cr -v --vo gilda -d aliserv6.ct.infn.it -l
  lfn/grid/gilda/test_dir/new.txt
  filePWD/new.txt
• lfc-ls -l /grid/gilda/test_dir
• Try to download back the file
• lcg-cp -v --vo gilda lfn/grid/gilda/test_dir/new.
  txt filePWD/new2.txt

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
13
14
Firewall

• The following two ports should be opened up
• lfcdaemon 7111 lfcmgr 0u IPv6 7797928
  TCP 5010 (LISTEN)
• lfc-dli 7158 lfcmgr 0u IPv6 7798049
  TCP 8085 (LISTEN)
• So add the appropriate rules to your
  /etc/sysconfing/iptables
• -A RH-Firewall-1-INPUT -m state --state NEW -m
  tcp -p tcp --dport 5010 -j ACCEPT
• -A RH-Firewall-1-INPUT -m state --state NEW -m
  tcp -p tcp --dport 8085 -j ACCEPT

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
14
15
Log Files

• The LFC log files are stored under
• /var/log/lfc
• root_at_lfc-gilda lfc tail -f /var/log/lfc/log
• 06/23 153157 7111,0 Cns_srv_statg returns 0
• 06/23 153157 7111,1 Cns_srv_statg NS092 -
  statg request by /CIT/OGILDA/OUPersonal
  Certificate/LUniversita di Padova/CNNiccolo
  Michieli (176,104) from grid032.ct.infn.it
• 06/23 153157 7111,1 Cns_srv_statg NS098 -
  statg /grid/gilda/lTriPadova/rootsrc.tgz
• 06/23 153157 7111,1 Cns_srv_statg returns 0

www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
15
16
Questions?
www.eu-eela.eu
Catania, Tutorial for Trainers, 30.06.2008
16