Project

General

Profile

Wiki » History » Version 9

Parag Mhashilkar, 09/02/2011 01:51 PM

1 1 Parag Mhashilkar
h1. Documentation
2 1 Parag Mhashilkar
3 9 Parag Mhashilkar
toc.
4 9 Parag Mhashilkar
5 1 Parag Mhashilkar
h2. Creating a IFGridftpServerBase Image
6 1 Parag Mhashilkar
7 2 Parag Mhashilkar
OpenNebula specification file used for Base Image creation is as follows
8 2 Parag Mhashilkar
9 2 Parag Mhashilkar
<pre>
10 2 Parag Mhashilkar
NAME   = IFGridftpServerBase
11 2 Parag Mhashilkar
CPU    = 1
12 2 Parag Mhashilkar
VCPU   = 2
13 4 Parag Mhashilkar
MEMORY = 4096
14 2 Parag Mhashilkar
15 2 Parag Mhashilkar
DISK   = [
16 2 Parag Mhashilkar
           source   = /cloud/images/OpenNebula/images/current-image.img,
17 2 Parag Mhashilkar
           save     = yes,
18 2 Parag Mhashilkar
           target   = vda,
19 2 Parag Mhashilkar
           bus = virtio,
20 2 Parag Mhashilkar
           persistent = yes,
21 2 Parag Mhashilkar
           readonly = no
22 2 Parag Mhashilkar
         ]
23 2 Parag Mhashilkar
24 2 Parag Mhashilkar
DISK   = [
25 2 Parag Mhashilkar
  type     = swap,
26 4 Parag Mhashilkar
  size     = 4096,
27 2 Parag Mhashilkar
  target   = vdb ]
28 2 Parag Mhashilkar
29 2 Parag Mhashilkar
NIC    = [ NETWORK = "FermiCloud" ]
30 2 Parag Mhashilkar
31 2 Parag Mhashilkar
FEATURES=[ acpi="no" ]
32 2 Parag Mhashilkar
33 2 Parag Mhashilkar
GRAPHICS = [
34 2 Parag Mhashilkar
  type    = "vnc",
35 2 Parag Mhashilkar
  listen  = "127.0.0.1",
36 2 Parag Mhashilkar
  port    = "-1",
37 2 Parag Mhashilkar
  autoport = "yes",
38 2 Parag Mhashilkar
  keymap = "en-us"]
39 2 Parag Mhashilkar
40 2 Parag Mhashilkar
41 1 Parag Mhashilkar
CONTEXT = [
42 2 Parag Mhashilkar
    ip_public   = "$NIC[IP, NETWORK=\"FermiCloud\"]",
43 4 Parag Mhashilkar
    hostname    = "if-gridftp-base.fnal.gov",
44 2 Parag Mhashilkar
    netmask     = "255.255.254.0",
45 2 Parag Mhashilkar
    gateway     = "131.225.154.1",
46 2 Parag Mhashilkar
    ns          = "131.225.8.120",
47 2 Parag Mhashilkar
    files       = "/cloud/images/OpenNebula/templates/init.sh /home/parag/OpenNebula/cedps/k5login",
48 2 Parag Mhashilkar
    target      = "hdc",
49 2 Parag Mhashilkar
    root_pubkey = "id_dsa.pub",
50 2 Parag Mhashilkar
    username    = "opennebula",
51 1 Parag Mhashilkar
    user_pubkey = "id_dsa.pub"
52 1 Parag Mhashilkar
]
53 4 Parag Mhashilkar
54 4 Parag Mhashilkar
REQUIREMENTS = "HYPERVISOR=\"kvm\""
55 4 Parag Mhashilkar
56 2 Parag Mhashilkar
</pre>
57 3 Parag Mhashilkar
58 1 Parag Mhashilkar
Launch a new VM with dynamic IP address.
59 1 Parag Mhashilkar
60 1 Parag Mhashilkar
<pre>
61 4 Parag Mhashilkar
[parag@fcl002 cedps]$ onevm create IFGridftpServerBase.one
62 4 Parag Mhashilkar
63 4 Parag Mhashilkar
# Once the VM is running login into the VM from same of different machine
64 4 Parag Mhashilkar
[parag@cd-109337 ~]$ ssh root@131.225.154.59
65 4 Parag Mhashilkar
66 4 Parag Mhashilkar
# Stop and Disable ypbind
67 4 Parag Mhashilkar
[root@fermicloud002 ~]# service ypbind stop
68 4 Parag Mhashilkar
Shutting down NIS services:                                [  OK  ]
69 4 Parag Mhashilkar
[root@fermicloud002 ~]# chkconfig --list| grep ypbind
70 4 Parag Mhashilkar
ypbind          0:off   1:off   2:on    3:on    4:on    5:on    6:off
71 4 Parag Mhashilkar
[root@fermicloud002 ~]# chkconfig ypbind off
72 4 Parag Mhashilkar
[root@fermicloud002 ~]# chkconfig --list| grep ypbind
73 4 Parag Mhashilkar
ypbind          0:off   1:off   2:off   3:off   4:off   5:off   6:off
74 4 Parag Mhashilkar
75 4 Parag Mhashilkar
# Make the experiment disks available without ypbind
76 4 Parag Mhashilkar
[root@fermicloud002 etc]# scp root@fcl002:/etc/auto.* /etc/
77 4 Parag Mhashilkar
[root@fermicloud002 etc]# service autofs stop
78 4 Parag Mhashilkar
Stopping automount:                                        [  OK  ]
79 4 Parag Mhashilkar
[root@fermicloud002 etc]# service autofs start
80 4 Parag Mhashilkar
Starting automount:                                        [  OK  ]
81 4 Parag Mhashilkar
82 4 Parag Mhashilkar
# Check that experiment areas are available without ypbind
83 4 Parag Mhashilkar
[root@fermicloud002 etc]# ls -la /minos/app
84 4 Parag Mhashilkar
85 4 Parag Mhashilkar
# Install pacman & VDT
86 4 Parag Mhashilkar
[root@fermicloud002 etc]# cd /usr/local/
87 4 Parag Mhashilkar
[root@fermicloud002 pacman-3.29]# tar xzf /tmp/pacman-latest.tar.gz
88 4 Parag Mhashilkar
[root@fermicloud002 local]# cd pacman-3.29/
89 4 Parag Mhashilkar
[root@fermicloud002 pacman-3.29]# source ./setup.sh 
90 4 Parag Mhashilkar
[root@fermicloud002 etc]# cd /usr/local/
91 4 Parag Mhashilkar
[root@fermicloud002 local]# mkdir /usr/local/vdt-2.0.99
92 4 Parag Mhashilkar
[root@fermicloud002 local]# ln -s /usr/local/vdt-2.0.99 /usr/local/vdt
93 4 Parag Mhashilkar
[root@fermicloud002 local]# cd /usr/local/vdt-2.0.99/
94 6 Parag Mhashilkar
[root@fermicloud002 vdt-2.0.99]# pacman -get http://vdt.cs.wisc.edu/vdt_200_cache:EDG-Make-Gridmap \
95 6 Parag Mhashilkar
http://vdt.cs.wisc.edu/vdt_200_cache:CA-Certificates-Updater \
96 6 Parag Mhashilkar
http://vdt.cs.wisc.edu/vdt_200_cache:CA-Certificates \
97 6 Parag Mhashilkar
http://vdt.cs.wisc.edu/vdt_200_cache:Fetch-CRL 
98 6 Parag Mhashilkar
http://vdt.cs.wisc.edu/vdt_200_cache:Configure-Fetch-CRL \
99 6 Parag Mhashilkar
http://vdt.cs.wisc.edu/vdt_200_cache:VOMS-Client \
100 6 Parag Mhashilkar
http://vdt.cs.wisc.edu/vdt_200_cache:Globus-Base-Data-Server \
101 6 Parag Mhashilkar
http://vdt.cs.wisc.edu/vdt_200_cache:EDG-Make-Gridmap
102 4 Parag Mhashilkar
Do you want to add [http://vdt.cs.wisc.edu/vdt_200_cache] to [trusted.caches]? (y/n/yall): yall
103 1 Parag Mhashilkar
104 5 Parag Mhashilkar
# Setup CA Certificates and other required VDT services
105 5 Parag Mhashilkar
[root@fermicloud002 vdt-2.0.99]# source /usr/local/vdt/setup.sh 
106 5 Parag Mhashilkar
107 5 Parag Mhashilkar
# Change $VDT_LOCATION/vdt-app-data/vdt-update-certs/vdt-update-certs.conf to enable OSG CA Certs
108 5 Parag Mhashilkar
[root@fermicloud002 vdt-2.0.99]# vi $VDT_LOCATION/vdt-app-data/vdt-update-certs/vdt-update-certs.conf
109 5 Parag Mhashilkar
[root@fermicloud002 vdt-2.0.99]# vdt-setup-ca-certificates --certs-dir /usr/local/vdt-2.0.99/
110 5 Parag Mhashilkar
111 5 Parag Mhashilkar
# Make sure Host certs and keys are in place
112 5 Parag Mhashilkar
[root@fermicloud002 vdt-2.0.99]# ls -la /etc/grid-security/
113 5 Parag Mhashilkar
114 5 Parag Mhashilkar
# First make sure that /etc/services do not have gsiftp service. If it does remove it
115 7 Parag Mhashilkar
[root@fermicloud002 vdt-2.0.99]# vi /etc/services
116 7 Parag Mhashilkar
117 5 Parag Mhashilkar
# Enable VDT Services
118 5 Parag Mhashilkar
[root@fermicloud002 vdt-2.0.99]# vdt-control --list
119 5 Parag Mhashilkar
Service                 | Type   | Desired State
120 5 Parag Mhashilkar
------------------------+--------+--------------
121 5 Parag Mhashilkar
fetch-crl              | cron    | do not enable 
122 5 Parag Mhashilkar
vdt-rotate-logs        | cron    | do not enable 
123 5 Parag Mhashilkar
vdt-update-certs       | cron    | do not enable 
124 5 Parag Mhashilkar
gsiftp                 | inetd   | do not enable 
125 7 Parag Mhashilkar
126 5 Parag Mhashilkar
[root@fermicloud002 vdt-2.0.99]# vdt-control --enable fetch-crl vdt-rotate-logs vdt-update-certs gsiftp
127 5 Parag Mhashilkar
running 'vdt-register-service --name fetch-crl --enable'... ok
128 5 Parag Mhashilkar
running 'vdt-register-service --name vdt-rotate-logs --enable'... ok
129 5 Parag Mhashilkar
running 'vdt-register-service --name vdt-update-certs --enable'... ok
130 1 Parag Mhashilkar
running 'vdt-register-service --name gsiftp --enable'... ok
131 7 Parag Mhashilkar
132 5 Parag Mhashilkar
[root@fermicloud002 vdt-2.0.99]# vdt-control --on
133 5 Parag Mhashilkar
enabling cron service vdt-rotate-logs... ok
134 5 Parag Mhashilkar
enabling inetd service gsiftp... ok
135 5 Parag Mhashilkar
enabling cron service vdt-update-certs... ok
136 1 Parag Mhashilkar
enabling cron service fetch-crl... ok
137 7 Parag Mhashilkar
138 8 Parag Mhashilkar
# Download & Install the if-gridftp-authz-tools available from the Files section of the twiki
139 8 Parag Mhashilkar
[root@fermicloud002 log]# cd /opt/
140 8 Parag Mhashilkar
[root@fermicloud002 opt]wget https://cdcvs.fnal.gov/redmine/attachments/download/5156/if-gridftp-authz-tools-v0.1.tgz
141 8 Parag Mhashilkar
[root@fermicloud002 opt]# tar xzf if-gridftp-authz-tools-v0.1.tgz 
142 8 Parag Mhashilkar
[root@fermicloud002 opt]# mkdir if-gridftp-authz-tools/log
143 1 Parag Mhashilkar
</pre>