TWiki
>
Computing Web
>
AliceBox
(31 Aug 2010,
_47C_61UK_47O_61eScience_47OU_61Birmingham_47L_61ParticlePhysics_47CN_61christopher_32curtis
?
)
(raw view)
E
dit
A
ttach
---+ AliceBox A discussion on setting up the ALICE VOBox at Birmingham. %TOC% ---++ Introduction The aim is to configure our grid resources at Birmingham to allow ALICE production jobs to run. The intention is to eventually support user analysis jobs as well. Instructions on how to setup a generic VOBox are available on the [[http://goc.grid.sinica.edu.tw/gocwiki/VO-box_HowTo][GOC Twiki]], and specific instructions for ALICE are available on the [[http://alien.cern.ch/twiki/bin/view/AliEn/HowToInstallLcgVoBox][AliEn Twiki]]. ---++ VOBox Installation ---+++ Machine Installation The VOBox has been deployed as a 64 bit [[LocalGridMachines][virtual machine]] running SL 5.3. It has the name =epgr03.ph.bham.ac.uk= and the DN =epgr03.ph.bham.ac.uk/emailAddress=lcg-site-admin@hep.ph.bham.ac.uk=. The machine is configured using cfengine (known as the class =alice_vobox=, with configuration files stored in the =repo/alice_vobox= on =epgmo1=). The command =yum -y update= was issued before any further installation commenced. The machine has been configured to use =ntpd=. ---+++ gLite Installation Installation proceed by first downloading the [[http://grid-deployment.web.cern.ch/grid-deployment/glite/repos/3.2/lcg-CA.repo][lcg-CA]] and [[http://grid-deployment.web.cern.ch/grid-deployment/glite/repos/3.2/glite-VOBOX.repo][glite-VOBOX]] yum repo config files. The repos =sl-contrib=, =sl-srpms= and =dag= were also enabled. The packages =lcg-CA= and =lcg-VOBOX= were installed using yum. =alpine= and =zsh= were also installed as standard. ---+++ Firewall settings In addition to the normal Birmingham-enabled ports (ssh, cfengine etc), the following ports have been enabled: | *Port* | *Function* | *Restricted to* | | 1975 | GSISSH | Global | | 2170 | BDII | Global | | 2811 | GridFTP | Global | | 2119 | Globus Gatekeeper | Global | | 1093 | Proofd | Global | | 1094 | Xrootd | Global | | 8082 | Storage Adapter | Global | | 8084 | Site Computing Agent | Global | | 9991 | PackMan | Global | | 8884 | MonALISA | Global | | 20000-25000 | Globus TCP Port Range | Global | These ports have been explicitly enabled as INPUTs in the iptables definition. The following ports were also added to =/etc/hosts.allow=: <verbatim> slapd: 127.0.0.1 sshd: 137.138. sshd: 128.142. nrpe: 147.188.46.55 sshd: gridppnagios.physics.ox.ac.uk </verbatim> ---+++ Software Areas Only the ALICE local cluster software area is available at the moment, NFS mounted to =epgr03:/egee/soft/alice=. *NOTE!* This area is owned by =sgmali01:alicesgm= on epgsr1, and this user does not exist on epgr03! ---+++ Yaim Configuration ---++++ Users Only one ALICE user has been configured on the VOBox: * yaim-conf/users.conf <verbatim> 1001:alicesgm:1002,1000:alicesgm,alice:alice:sgm: </verbatim> * yaim-conf/groups.conf <verbatim> "/VO=alice/GROUP=/alice/ROLE=lcgadmin":::sgm: "/VO=alice/GROUP=/alice/ROLE=production":::prd: "/VO=alice/GROUP=/alice":::: </verbatim> Online the =vo.d/alice= config file has been transferred to the VOBox by cfengine. In addition, the normal compliment of =Ops= VO users were created, in order to pass the nagios tests. ---++++ =site-info.def= The normal list of site level variables were included in the =site-info.def= file. In addition, the following VOBox specific variables were also included: <verbatim> LB_HOST=lcgrb01.gridpp.rl.ac.uk PX_HOST=myproxy.cern.ch RB_HOST=lcgrb01.gridpp.rl.ac.uk WMS_HOST=lcgwms01.gridpp.rl.ac.uk VOBOX_HOST=epgr03.ph.bham.ac.uk VOBOX_PORT=1975 GSSKLOG="no" </verbatim> Yaim was then executed, with the command =/opt/glite/yaim/bin/yaim -c -s /root/yaim-conf/site-info.def -n lcg-VOBOX=. ---+++ Backup Policy The standard list of log files are backed up from this node, including gridftp log files. In addition, the file =/opt/vobox/alice/log/events.log= is also included in the backup rules. ---+++ Testing ---++++ Port Availability Tested with telnet (ie =telnet epgr03.ph.bham.ac.uk 1975= etc). Comparing with port availability on =vobox.egee.cesga.es=. | *Port* | *Example Box* | *Bham Box* | | 1975 | %Y% | %Y% | | 2811 | %Y% | %Y% | ---++++ GSISSH 1 Edit =/etc/grid-security/grid-mapfile= and map DN to alicesgm (ie add line ="/C=UK/O=eScience/OU=Birmingham/L=ParticlePhysics/CN=christopher curtis" alicesgm=) 1 Log onto node using gsissh: =gsissh -p 1975 epgr03.ph.bham.ac.uk= 1 $X509_USER_PROXY variable should be set after successful log in. ---++++ GridFTP The command =edg-gridftp-ls gsiftp://epgr03.ph.bham.ac.uk/tmp= may be used to check the =globus-gridftp= service is running. ---++++ Myproxy Retrieval On lxplus, register a proxy certificate with the command =myproxy-init -s myproxy.cern.ch -d -n -t 48 -c 900=. Log onto the VOBox using gsissh and retrieve the proxy with the command =/opt/lcg/bin/vobox-proxy --vo atlas --proxy-safe 10000 --myproxy-safe 20000 ---voms alice:/alice/Role=lcgadmin -email cjc@hep.ph.bham.ac.uk register= _This test fails at the moment because the VOBox has not been registered properly in the myproxy server at CERN. Emailed px.support@cern.ch for advice!_ ---++ Site BDII The VOBox has been entered into the site BDII information by adding the line: <verbatim> BDII_VOBOX_URL="ldap://epgr03.ph.bham.ac.uk:2170/mds-vo-name=resource,o=grid" </verbatim> to the =site_bdii/site-info.def= file. Yaim has been re-run on the site BDII. ---++ Storage Element ALICE require xrootd to be installed on the Storage Element. -- Main.ChristopherCurtis - 29 Jul 2009
E
dit
|
A
ttach
|
Watch
|
P
rint version
|
H
istory
: r9
<
r8
<
r7
<
r6
<
r5
|
B
acklinks
|
V
iew topic
|
WYSIWYG
|
M
ore topic actions
Topic revision: r9 - 31 Aug 2010
-
_47C_61UK_47O_61eScience_47OU_61Birmingham_47L_61ParticlePhysics_47CN_61christopher_32curtis
?
Computing
Log In
Computing Web
Create New Topic
Index
Search
Changes
Notifications
RSS Feed
Statistics
Preferences
Webs
ALICE
ATLAS
BILPA
CALICE
Computing
General
LHCb
LinearCollider
Main
NA62
Publish
Sandbox
TWiki
Welcome
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki?
Send feedback