From EGEE-see WIki

Contents 1 Cluster Configuration for env.see-grid-sci.eu VO 1.1 VOMS server certificates installation 1.2 site-info.def configuration 1.3 vo.d directory configuration 1.4 groups.conf configuration 1.5 users.conf configuration 1.6 Environment variables 1.7 Core services status

Cluster Configuration for env.see-grid-sci.eu VO

VOMS server certificates installation

Primary VOMS server certificate for env.see-grid-sci.eu can be downloaded following the list of valid certificates from BG.ACAD CA: http://ca.acad.bg/certs and downloading http://ca.acad.bg/certs/hosts-voms.ipp.acad.bg-20080703-085100-cert.pem Usually you should install this certificate under /etc/grid-security/voms.ipp.acad.bg.777 or install the rpm - https://gserv1.ipp.acad.bg:8443/Welcome/IPP-vomscert-20091014-1.noarch.rpm . Also you have to make sure that the /etc/grid-security/vomsdir/env.see-grid-sci.eu/voms.ipp.acad.bg.lsc file contains the proper DN of the voms: /DC=bg/DC=acad/O=hosts/O=IPP-BAS/OU=GTA/CN=voms.ipp.acad.bg .

site-info.def configuration

Add “env.see-grid-sci.eu" to the VOS variable:

VOS="ops dteam env.see-grid-sci.eu"

And envir to QUEUES variable:

QUEUES="ops dteam envir"

Finally enable the QUEUE to the VO Roles:

ENVIR_GROUP_ENABLE="env.see-grid-sci.eu /VO=env.see-grid-sci.eu/GROUP=/env.see-grid-sci.eu/Role=sgmadmin /VO=env.see-grid-sci.eu/GROUP=/env.see-grid-sci.eu/Role=ops"

vo.d directory configuration

You have two options - you can either create a file under vo.d directory or include a section inside site-info.def.

If you include a section in site-info.def, you can include these lines (see below for YOURDEFAULTSEHOST and STORAGE_DIR) :

VO_ENV_SEE_GRID_SCI_EU_SW_DIR=$VO_SW_DIR/envir
VO_ENV_SEE_GRID_SCI_EU_DEFAULT_SE=$YOURDEFAULTSEHOST
VO_ENV_SEE_GRID_SCI_EU_STORAGE_DIR="$STORAGE_DIR/env.see-grid-sci.eu"
VO_ENV_SEE_GRID_SCI_EU_VOMS_SERVERS="'vomss://voms.ipp.acad.bg:8443/voms/env.see-grid-sci.eu?/env.see-grid-sci.eu'"
VO_ENV_SEE_GRID_SCI_EU_VOMSES="'env.see-grid-sci.eu voms.ipp.acad.bg 15001 /DC=bg/DC=acad/O=hosts/O=IPP-BAS/OU=GTA/CN=voms.ipp.acad.bg env.see-grid-sci.eu'"
VO_ENV_SEE_GRID_SCI_EU_VOMS_CA_DN="'/DC=bg/DC=acad/CN=BG.ACAD CA'"

You can instead create a file under the vo.d directory with filename env.see-grid-sci.eu and add the following lines:

VO_ENV_SEE_GRID_SCI_EU_VOMSES="'env.see-grid-sci.eu voms.ipp.acad.bg 15001 /DC=bg/DC=acad/O=hosts/O=IPP-BAS/OU=GTA/CN=voms.ipp.acad.bg env.see-grid-sci.eu'"
STORAGE_DIR=$STORAGE_DIR/envir
SW_DIR=$VO_SW_DIR/envir
DEFAULT_SE=$YOURDEFAULTSEHOST
QUEUES="envir"
VOMS_SERVERS="vomss://voms.ipp.acad.bg:8443/voms/env.see-grid-sci.eu?/env.see-grid-sci.eu"

where you can replace YOURDEFAULTSEHOST with DPM_HOST or DCACHE_ADMIN (or CLASSIC_HOST) as appropriate (i.e. at most sites this line will be

DEFAULT_SE=$DPM_HOST

You must also make sure that you have a line like:

STORAGE_DIR=/dpm/YOURDOMAIN/home
</pre
for DPM, 
<pre>
STORAGE_DIR=/pnfs/YOURDOMAIN/data

for dCache, and replace YOURDOMAIN with the appropriate domain for your Grid site, e.g. ipp.acad.bg or phy.bg.ac.yu.

If you get yaim complaining about some environment variable in the second case try adding or deleting VO_ENV_SEE_GRID_SCI_EU_ from/to the beginning of the corresponding line.

groups.conf configuration

"/VO=env.see-grid-sci.eu/GROUP=/env.see-grid-sci.eu/ROLE=sgmadmin":::sgm:
"/VO=env.see-grid-sci.eu/GROUP=/env.see-grid-sci.eu/ROLE=ops":::prd:
"/VO=env.see-grid-sci.eu/GROUP=/env.see-grid-sci.eu"::::
"/VO=env.see-grid-sci.eu/GROUP=/env.see-grid-sci.eu/*"::::

users.conf configuration

Typically within the users.conf file you need to add a few sgm pool accounts and a few more regular pool accounts. A sample configuration for 200 regular pool accounts is the following one

23001:envir001:23000:envir:env.see-grid-sci.eu::
23002:envir002:23000:envir:env.see-grid-sci.eu::
...
23200:envir200:23000:envir:env.see-grid-sci.eu::

Similarly for 20 ops or prd pool accounts:

23801:prdenvir001:23080,23000:prdenvir,envir:env.see-grid-sci.eu:prd:
23802:prdenvir002:23080,23000:prdenvir,envir:env.see-grid-sci.eu:prd:
...
23820:prdenvir020:23080,23000:prdenvir,envir:env.see-grid-sci.eu:prd:

For the sgm pool accounts the configuration of the users.conf file should be similar to the following.

23901:sgmenvir001:23090,23000:sgmenvir,envir:env.see-grid-sci.eu:sgm:
23902:sgmenvir002:23090,23000:sgmenvir,envir:env.see-grid-sci.eu:sgm:
...
23920:sgmenvir020:23090,23000:sgmenvir,envir:env.see-grid-sci.eu:sgm:

You can use the following script to generate such accounts:

#!/usr/bin/perl -w
my $VO=$ARGV[0];
my $ACCT=$ARGV[1];
my $BASE=$ARGV[2];
for ($i=1;$i<=200;$i++){
        my $accno=$BASE*1000+$i;
        my $groupno=$BASE*100;
        my $xx= sprintf  "%03d", $i;
        print "$accno:$ACCT$xx:$groupno:$ACCT:$VO"."::\n";
}
for ($i=1;$i<=10;$i++){
        my $accno=$BASE*1000+800+$i;
        my $groupno1=$BASE*100+80;
        my $groupno2=$BASE*100;
        my $xx=sprintf "%03d",$i;
        print "$accno:prd$ACCT$xx:$groupno1,$groupno2:prd$ACCT,$ACCT:$VO:prd:\n";
}
for ($i=1;$i<=10;$i++){
        my $accno=$BASE*1000+900+$i;
        my $groupno1=$BASE*100+90;
        my $groupno2=$BASE*100;
        my $xx=sprintf "%03d",$i;
        print "$accno:sgm$ACCT$xx:$groupno1,$groupno2:sgm$ACCT,$ACCT:$VO:sgm:\n";
}

Save it as a file gener.pl, and run <pred> chmod +x gener.pl ; ./gener.pl env.see-grid-sci.eu envir 23 </pre>

Environment variables

variables for DNS like VOs are not added to /etc/profile.d/lcgenv.sh so we create a new file /etc/profile.d/envir.sh:

#!/bin/sh
if test "x${LCG_ENV_SET+x}" = x; then
export VO_ENV_SEE_GRID_SCI_EU_DEFAULT_SE=NAMEOFYOURSTORAGELEMENT
export VO_ENV_SEE_GRID_SCI_EU_SW_DIR=/opt/exp_soft/envir
fi

where you MUST replace NAMEOFYOURSTORAGELEMENT with the real hostname of your storage element and check if the directory /opt/exp_soft/envir exists and has correct ownership/permissions, as below:

ls -dl /opt/exp_software/envir/
drwxrwxr-x  2 sgmenvir001 sgmenvir 4096 Jul 24 16:45 /opt/exp_soft/envir/

Advanced: In order to make the variable VO_ENV_SEE_GRID_SCI_EU_SW_DIR visible in the infosystem, you must patch /opt/lcg/libexec/lcg-info-provider-software on the CE as in:

        $software_dir = "VO_ $_ _SW_DIR";
        $software_dir =~tr/[a-z]/[A-Z]/;
        $software_dir =~s/ //g;
        $software_dir =~s/[-.]/_/g;   #<-------add this line, in order to change VO.ENV_SEE_GRID_SCI.EU_SW_DIR into VO_ENV_SEE_GRID_SCI_EU_SW_DIR

Core services status

Applying for membership - https://voms.ipp.acad.bg:8443/voms/env.see-grid-sci.eu

VOMS server voms.ipp.acad.bg - operational. WMS server wms.ipp.acad.bg - operational MYPROXY server myproxy.ipp.acad.bg - operational Local LFC server (not visible by default) - lfc.ipp.acad.bg - operational. You can use myproxy.ipp.acad.bg with many other SEEGRID wms, not only with wms.ipp.acad.bg.

Other WMS servers are: testbed007.grid.ici.ro(operational), wms.seegrid.grid.pub.ro(not available yet), wms.grid.info.uvt.ro(operational), wms.mosigrid.utcluj.ro(not available yet)

The main LFC server is lfc01.mosigrid.utcluj.ro. Other LFC servers are lfc.ipp.acad.bg and testbed003.grid.ici.ro

Bulgarian and other users can use the LFC at IPP by setting the environment variable LFC_HOST:

export LFC_HOST=lfc.ipp.acad.bg