Contents
- Useful system tools
- Required Globus tools
- System settings
- System user creation
- User environment setup
- Globus folders creation
- Globus installation
- Grid CA creation (on CA host)
- Globus GPT setup (on each executor host)
- Grid host certificate creation (on each executor host)
- Globus container setup (on each executor host)
- Globus GRAM setup (on each executor host)
- Globus GridFTP setup (on each executor host)
- Globus RFT setup (on each executor host)
- Globus WS GRAM setup (on each executor host)
- Globus GRAM startup (on each executor host)
- Globus GridFTP startup (on each executor host)
- Globus container startup (on each executor host)
- Grid user certificate creation (on user any host)
- Grid user mapping (on each executor host)
- Grid job submission (on any user host)
Useful system tools
root# aptitude install \
openssh-server \
screen \
mcRequired Globus tools
root# aptitude install \
\
make \
gcc \
g++ \
\
sun-java5-jre \
sun-java5-jdk \
ant \
\
openssl \
\
libxml-parser-perl \System settings
- setup ntp
- setup firewall to allow only ports:
- ssh (22)
- Gatekeeper (2119)
- GridFTP (2811)
- Globus container (HTTP -- non-secure) (8080)
- Globus container (HTTPS -- secure) (8443)
System user creation
root# adduser globus root# adduser user
User environment setup
root# mcedit ~root/.bashrc root# mcedit ~globus/.bashrc root# mcedit ~user/.bashrc
export JAVA_HOME=/usr/lib/jvm/java-1.5.0-sun export ANT_HOME=/usr/share/ant export GLOBUS_HOSTNAME=globus.grid export GLOBUS_LOCATION=/opt/globus--4.2.1 export PATH="$JAVA_HOME/bin:$ANT_HOME/bin:$PATH" . $GLOBUS_LOCATION/etc/globus-user-env.sh . $GLOBUS_LOCATION/etc/globus-devel-env.sh
Globus folders creation
root# mkdir $GLOBUS_LOCATION root# chown globus:globus $GLOBUS_LOCATION
root# mkdir /etc/grid-security root# chown globus:globus /etc/grid-security
Globus installation
- obtain and unpack binary package
- cd into unpacked binary package
globus$ ./configure --prefix=$GLOBUS_LOCATION globus$ make globus$ make install
Grid CA creation (on CA host)
globus$ $GLOBUS_LOCATION/setup/globus/setup-simple-ca
subject name := O=grid, CN=ca email := ca@grid expiration := 1825
Globus GPT setup (on each executor host)
globus$ $GLOBUS_LOCATION/sbin/gpt-build ~/.globus/simpleCA/globus_simple_ca_*_setup-*.tar.gz gcc32 globus$ $GLOBUS_LOCATION/sbin/gpt-postinstall globus$ $GLOBUS_LOCATION/setup/globus_simple_ca_*_setup/setup-gsi -default
Grid host certificate creation (on each executor host)
globus$ grid-cert-request -host globus.grid globus$ grid-ca-sign -in /etc/grid-security/hostcert_request.pem -out /etc/grid-security/hostcert.pem
Globus container setup (on each executor host)
globus$ cp /etc/grid-security/hostcert.pem /etc/grid-security/containercert.pem globus$ cp /etc/grid-security/hostkey.pem /etc/grid-security/containerkey.pem
Globus GRAM setup (on each executor host)
globus$ mcedit $GLOBUS_LOCATION/etc/globus-gatekeeper.conf
-x509_cert_dir /etc/grid-security/certificates -x509_user_cert /etc/grid-security/hostcert.pem -x509_user_key /etc/grid-security/hostkey.pem -gridmap /etc/grid-security/grid-mapfile -home $GLOBUS_LOCATION$ -e libexec -logfile var/globus-gatekeeper.log -port 2119 -grid_services etc/grid-services -debug
globus$ mcedit $GLOBUS_LOCATION/etc/globus-job-manager.conf
-home "$GLOBUS_LOCATION$" -globus-gatekeeper-host globus.grid -globus-gatekeeper-port 2119 -globus-gatekeeper-subject "/O=grid/CN=host/globus.grid" -globus-host-cputype i686 -globus-host-manufacturer pc -globus-host-osname Linux -globus-host-osversion 2.6.18-6-686 -globus-toolkit-version 4.2.1 -save-logfile on_error -state-file-dir $GLOBUS_LOCATION$/tmp/gram_job_state -machine-type unknown
globus$ mcedit $GLOBUS_LOCATION/etc/grid-services/jobmanager-fork
stderr_log,local_cred - $GLOBUS_LOCATION$/libexec/globus-job-manager globus-job-manager -conf $GLOBUS_LOCATION$/etc/globus-job-manager.conf -type fork -machine-type unknown -publish-jobs
Globus GridFTP setup (on each executor host)
root# chown root:root /etc/grid-security/hostcert.pem root# chown root:root /etc/grid-security/hostkey.pem
Globus RFT setup (on each executor host)
globus$ $GLOBUS_LOCATION/setup/globus/setup-rft-database
Globus WS GRAM setup (on each executor host)
root# visudo
globus ALL = (ALL) NOPASSWD: $GLOBUS_LOCATION$/libexec/globus-gridmap-and-execute -g /etc/grid-security/grid-mapfile $GLOBUS_LOCATION$/libexec/globus-job-manager-script.pl * globus ALL = (ALL) NOPASSWD: $GLOBUS_LOCATION$/libexec/globus-gridmap-and-execute -g /etc/grid-security/grid-mapfile $GLOBUS_LOCATION$/libexec/globus-gram-local-proxy-tool *
globus$ sed s/localhost/globus.grid/g -i $GLOBUS_LOCATION/etc/globus_wsrf_gram/globus_gram_fs_map_config.xml
Globus GRAM startup (on each executor host)
root# globus-gatekeeper -conf $GLOBUS_LOCATION/etc/globus-gatekeeper.conf
or
globus$ sudo -i <<<'globus-gatekeeper -conf $GLOBUS_LOCATION/etc/globus-gatekeeper.conf'
Globus GridFTP startup (on each executor host)
root# globus-gridftp-server -p 2811
or
globus$ sudo -i <<<'globus-gridftp-server -p 2811'
Globus container startup (on each executor host)
globus$ globus-start-container -i globus.grid
Grid user certificate creation (on user any host)
user$ grid-cert-request globus$ grid-ca-sign -in ~user/.globus/usercert_request.pem -out /tmp/usercert.pem user$ cp /tmp/usercert.pem ~/.globus/usercert.pem
Grid user mapping (on each executor host)
- obtain ~/.globus/usercert.pem
globus$ grid-mapfile-add-entry -dn /O=grid/CN=user -ln user globus$ grid-mapfile-check-consistency
Grid job submission (on any user host)
user$ grid-proxy-init user$ globus-job-run globus.grid /bin/date user$ globus-job-run-ws globus.grid /bin/date