Install Or Upgrade the Server¶

Overview:¶

• Tested on SLF6, assumed to work on other RH 6 based distributions
• Currently installed and upgraded via HTC owned puppet scripts on fifebatch.fnal.gov, fifebatch-preprod.fnal.gov, and fifebatch-dev.fnal.gov machines
• A non-puppetized upgrade can be done in 3 steps on fifebatch-dev:
  • disable puppet
  • edit config files
  • yum --enablerepo jobsub upgrade jobsub

Yum Repositories¶

• EPEL
• OSG
• Jobsub
  • http://jobsub.fnal.gov/rpms/prod//6/x86_64
  • contents of jobsub.repo

Config Files¶

Git Repo for New or Changed Config Files¶

• git clone ssh://p-discompsupp@cdcvs.fnal.gov/cvs/projects/discompsupp-usdc_scripts
• cd jobsub
• config files to be installed as part of RIT will be tagged with RIT number

Config File Locations and Descriptions¶

• /opt/jobsub/server/conf/jobsub.ini
  • main configuration file for jobsub server
• /etc/httpd/conf.d/jobsub_api.conf
  • main configuration file for cherrypy engine that hosts jobsub server on port 8443
• /var/www/html/cigetcertopts.txt
  • cigetcert options to jobsub_client needed for myproxy authentication
• /etc/httpd/conf.d/ssl.conf
  • needed to serve cigetcertopts.txt on port 43
• /etc/lcmaps.db and /etc/lcmaps/lcmaps.db
  • needed for lcmaps to authenticate correctly to gums
• /etc/sudoers
  • must contain line: rexbatch ALL=(ALL) NOPASSWD:SETENV: /opt/jobsub/server/webapp/jobsub_priv *
• /etc/sysconfig/httpd
  • must contain line: export OPENSSL_ALLOW_PROXY_CERTS=1

Other Important Files¶

• Logfiles. Live in /var/log/jobsub/ directory
  • error.log -> the only one you should need to monitor, ideally
  • condor_commands.log
  • submit.log ->
  • condor_superuser.log
  • krbrefresh.log
  • fill_jobsub_history.log
  • jobsub_preen.log
  • debug.log -> a large log of everything

• /fife/local/scratch/uploads
  • user stdout,stderr, and condor log files end up here
• /var/lib/jobsub/creds
  • user proxies, kerberos credentials, and other