ReSSinstallation

Introduction

Installation

• Starting from here, from that page there is this pdf document which has a time stamp of June 17, 2009 and Gabiele and Parag claim are the latest.
• Installed on gs-ress.uchicago.edu

Download and install ReSS

• Obtained ReSS rpm using wget --no-check-certificate https://twiki.grid.iu.edu/twiki/pub/ResourceSelection/InformationGathererDownload/ress-1.0-9.noarch.rpm
• Installed using standard rpm install: =rpm -Uvh ress-1.0-9.noarch.rpm =
• ReSS installed in /opt/ress-1.0

Download and install pacman 3.29

• Ran

  wget http://atlas.bu.edu/~youssef/pacman/sample_cache/tarballs/pacman-latest.tar.gz

• Untarred and setup pacman

[root@gs-ress opt]# tar xvzf pacman-latest.tar.gz 
[root@gs-ress opt]# ln -s pacman-3.29/ pacman
[root@gs-ress opt]# cd pacman
[root@gs-ress pacman]# source setup.sh

Install VDT components

• ReSS needs condor, tomcat and java from vdt
• Install components in /opt/vdt-2.0

[root@gs-ress opt]# mkdir /opt/vdt-2.0
[root@gs-ress opt]# cd vdt-2.0/
[root@gs-ress vdt-2.0]# pacman -get http://vdt.cs.wisc.edu/vdt_200_cache:Condor 
Do you want to add [http://vdt.cs.wisc.edu/vdt_200_cache] to [trusted.caches]? (y/n/yall): yall
Beginning VDT prerequisite checking script vdt-common/vdt-prereq-check... 

The VDT installs a variety of software, each with its own license.
In order to continue, you must agree to the licenses.
You can view the licenses online at:

    http://vdt.cs.wisc.edu/licenses/

After the installation has completed, you will also be able to
view the licenses in the "licenses" directory.

Do you agree to the licenses? [y/n]
y
All prerequisite checks are satisfied.
                                                                          


========== IMPORTANT ==========
Most of the software installed by the VDT *will not work* until you install
certificates.  To complete your CA certificate installation, see the notes
in the post-install/README file.
[root@gs-ress vdt-2.0]# pacman -get http://vdt.cs.wisc.edu/vdt_200_cache:Tomcat-5.5
[root@gs-ress vdt-2.0]# source setup.sh
[root@gs-ress vdt-2.0]# vdt-post-install 
Starting...
Nothing needs to be done at this time.
[root@gs-ress vdt-2.0]# vdt-ca-manage setupCA --url osg --location local
Setting CA Certificates for VDT installation at '/opt/vdt-2.0'

Setup completed successfully.
[root@gs-ress vdt-2.0]# vdt-control --enable fetch-crl
running 'vdt-register-service --name fetch-crl --enable'... ok
[root@gs-ress vdt-2.0]# vdt-control --enable vdt-rotate-logs
running 'vdt-register-service --name vdt-rotate-logs --enable'... ok
[root@gs-ress vdt-2.0]# vdt-control --enable vdt-update-certs
running 'vdt-register-service --name vdt-update-certs --enable'... ok
[root@gs-ress vdt-2.0]# vdt-control --enable condor
running 'vdt-register-service --name condor --enable'... ok
[root@gs-ress vdt-2.0]# vdt-control --enable apache
running 'vdt-register-service --name apache --enable'... ok
[root@gs-ress vdt-2.0]# vdt-control --enable tomcat-55
running 'vdt-register-service --name tomcat-55 --enable'... ok

Configuring ReSS

• Edit /opt/ress-1.0/var/config/ig.properties
• Used the following settings

fnal.ress.condor.pools=gs-ress.uchicago.edu
fnal.ress.condor.path=/opt/vdt-2.0/condor
fnal.ress.condor.config=/opt/vdt-2.0/condor/etc/condor_config
fnal.ress.condor.file=/opt/ress-1.0/var/config/staticCondorClassadAttributes.data
fnal.ress.condor.submitter=/opt/ress-1.0/bin/condor_advertise.sh
fnal.ress.condor.logdir=/opt/vdt-2.0/tomcat/v55/logs

• setup certificates/host certificates for ReSS

[root@gs-ress etc]# mkdir grid-security
[root@gs-ress etc]# cd grid-security/
[root@gs-ress grid-security]# ln -s /opt/vdt-2.0/globus/share/certificates certificates
[root@gs-ress grid-security]# cp /home/sthapa/28740cert.pem httpcert.pem
[root@gs-ress grid-security]# cp /home/sthapa/28740key.pem  httpkey.pem
[root@gs-ress grid-security]# chown daemon:daemon *.pem

• Edit /opt/ress-1.0/var/config/ig.xml.template and change to match the following

<Context path="/ig" docBase="/opt/ress-1.0/webapps/ig.war">
        <Environment name="ConfFileDir"
                     value="/opt/ress-1.0/var/config"
                     type="java.lang.String" override="false"/>

</Context>

Configure apache and tomcat

• Edit /opt/vdt-2.0/apache/conf/httpd.conf
• Add the following :

JkMount /ig/* tomcat55
JkMount /ig tomcat55
<Location /ig>
  SSLCACertificatePath /etc/grid-security/certificates
  SSLVerifyClient require
  SSLVerifyDepth 10
  SSLOptions +StdEnvVars +ExportCertData
</Location>

• Comment out RewriteRule (.*) https://%{SERVER_NAME}:8443$1 in /opt/vdt-2.0/apache/conf/extra/httpd-ssl.conf
• Change SSLCertificateFile setting to SSLCertificateFile /etc/grid-security/httpcert.pem in /opt/vdt-2.0/apache/conf/extra/httpd-ssl.conf
• Change SSLKeyFile setting to SSLCertificateKeyFile /etc/grid-security/httpkey.pem in /opt/vdt-2.0/apache/conf/extra/httpd-ssl.conf
• Add the following to /opt/vdt-2.0/post-install/tomcat-55 above export CATALINA_HOME=/usr/local/vdt-1.10.1/tomcat/v55

ulimit -n 10000

• Change the export JAVA_OPTS in that file to

export JAVA_OPTS='-server -Xmx768M -XX:MaxPermSize=256m'

• Setup webapp for tomcat

[root@gs-ress config]# cp ig.xml.template  /opt/vdt-2.0/tomcat/v55/conf/Catalina/localhost/ig.xml

• Turn on vdt services using vdt-control --on
• Visit https://gs-ress.uchicago.edu:8443/ig/services/CEInfoCollector?wsdl in web browser and verified that wsdl information is being output
• Edit /opt/vdt-2.0/condor/local.gs-ress/condor_config.local and remove STARTD from DAEMON_LIST
• Run vdt-control --on condor to start up condor
• After about 10 minutes, you should be able to run condor_status -pool gs-ress.uchicago.edu and see class ads from CE sending classads

References

• https://twiki.grid.iu.edu/bin/view/ResourceSelection/InformationGathererInstallationNotes