EUROPEAN MIDDLEWARE INITIATIVE

Similar documents
Introduction to Portal for ArcGIS

Introduction to Portal for ArcGIS. Hao LEE November 12, 2015

Portal for ArcGIS: An Introduction

Replication cluster on MariaDB 5.5 / ubuntu-server. Mark Schneider ms(at)it-infrastrukturen(dot)org

Leveraging Web GIS: An Introduction to the ArcGIS portal

INSPIRE Monitoring and Reporting Implementing Rule Draft v2.1

Demand Forecasting. for. Microsoft Dynamics 365 for Operations. User Guide. Release 7.1. April 2018

Portal for ArcGIS: An Introduction. Catherine Hynes and Derek Law

From BASIS DD to Barista Application in Five Easy Steps

From BASIS DD to Barista Application in Five Easy Steps

ArcGIS GeoAnalytics Server: An Introduction. Sarah Ambrose and Ravi Narayanan

ArcGIS Enterprise: What s New. Philip Heede Shannon Kalisky Melanie Summers Shreyas Shinde

Infrastructure Automation with Salt

Packaging for major Linux distributions rpm in a nutshell

ArcGIS Enterprise: What s New. Philip Heede Shannon Kalisky Melanie Summers Sam Williamson

Temperature Sensor -40 C to 140 C

Estonian Place Names in the National Information System and the Place Names Register *

Android Security Mechanisms (2)

XR Analog Clock - Manual Setting Model Troubleshooting Guide

Thermocouple TC-K Sensor 0 C to 1200 C

table of contents Why Worry? Chapter 1: Pay Statements Chapter 2: Pay Frequency Chapter 3:

CHAPTER 22 GEOGRAPHIC INFORMATION SYSTEMS

Web GIS & ArcGIS Pro. Zena Pelletier Nick Popovich

ArcGIS Earth for Enterprises DARRON PUSTAM ARCGIS EARTH CHRIS ANDREWS 3D

ESDIN Results from a Crossborder INSPIRE Preparatory Project. Jörgen Hartnor, Lantmäteriet.

Running jobs on the CS research cluster

Fog Monitor 100 (FM 100) Extinction Module. Operator Manual

WeatherHub2 Quick Start Guide

Deep-dive into PyMISP MISP - Malware Information Sharing Platform & Threat Sharing

Capstan Design (Capstan Power) for Berthing

ArcGIS Enterprise: Administration Workflows STUDENT EDITION

Web GIS Deployment for Administrators. Vanessa Ramirez Solution Engineer, Natural Resources, Esri

GEOGRAPHICAL STATISTICS & THE GRID

Data Basin ArcGIS Geoprocessing Tools Documentation

Orbit Support Pack for Excel. user manual

Technical Report Intelligent Transport Systems (ITS); Application Object Identifier (ITS-AID); Registration list

Web GIS: Architectural Patterns and Practices. Shannon Kalisky Philip Heede

BOUNDARY MAP USER GUIDE

PAID INVOICE TAX REPORT

USGS QUADRANGLES IN GOOGLE EARTH

OpenWeatherMap Module

ST-Links. SpatialKit. Version 3.0.x. For ArcMap. ArcMap Extension for Directly Connecting to Spatial Databases. ST-Links Corporation.

Accountability. User Guide

ARGUS.net IS THREE SOLUTIONS IN ONE

Databases through Python-Flask and MariaDB

CiA Draft Standard Proposal 447

Assembly and Operation Manual. April 2016

Weather Company Energy and Power Products

MapOSMatic: city maps for the masses

Chapter X: Radiation Safety Audit Program

isma-b-aac20 isma Weather kit User Manual Version 1.0 Page 1 / 11

Local stageout update

What s New. August 2013

New Directions in Catastrophe Risk Models

Overview of Geospatial Open Source Software which is Robust, Feature Rich and Standards Compliant

Web GIS Patterns and Practices

SDS developer guide. Develop distributed and parallel applications in Java. Nathanaël Cottin. version

R. Alvino, I. De Marino, M. Magrì, M. Oliviero, G. Severino and Th. Straus

Development of a Web-Based GIS Management System for Agricultural Authorities in Iraq

Statistics for Python

Q/A-LIST FOR THE SUBMISSION OF VARIATIONS ACCORDING TO COMMISSION REGULATION (EC) 1234/2008

Account Setup. STEP 1: Create Enhanced View Account

arxiv:astro-ph/ v1 28 Jun 2002

ISO INTERNATIONAL STANDARD. Geographic information Metadata Part 2: Extensions for imagery and gridded data

Data Aggregation with InfraWorks and ArcGIS for Visualization, Analysis, and Planning

GIS at UCAR. The evolution of NCAR s GIS Initiative. Olga Wilhelmi ESIG-NCAR Unidata Workshop 24 June, 2003

ETH Beowulf day January 31, Adrian Biland, Zhiling Chen, Derek Feichtinger, Christoph Grab, André Holzner, Urs Langenegger

Biology 559R: Introduction to Phylogenetic Comparative Methods Topics for this week:

Geodatabase Best Practices. Dave Crawford Erik Hoel

LECTURE 10 MONITORING

Data-Sharing Agreement

How to Calculate Form Line 15

Sapienza universita di Roma Dipartimento di Informatica e Sistemistica. User guide WSCE-Lite Web Service Composition Engine v 0.1.

Open Source ENKI: Dynamic Environmental Model Framework. A possible pre-processor for WRF-Hydro?

Small Bodies Assessment Group USGS ISIS Update

ADDENDUM NO. 1 TO THE BIDDING /CONTRACT DOCUMENTS AND SPECIFICATIONS CITY OF COCOA BEACH BID NO: CB15-002

Data harmonization aspects of the Irish pilot project for INSPIRE data publishing and Network Services

Yes, the Library will be accessible via the new PULSE and the existing desktop version of PULSE.

Weather Company Energy and Power Products

CHEMICAL INVENTORY ENTRY GUIDE

National Historic Landfill Data

TECDIS and TELchart ECS Weather Overlay Guide

Troubleshooting Replication and Geodata Service Issues

An easy-to-use application that lets end users prepare and deploy background maps to your Carmenta based applications.

Grid implementation of the Weather Research and Forecasting model

Changes in Esri GIS, practical ways to be ready for the future

Information on the test material EDS-TM002 and the BAM software package EDX Spectrometer Test for determination of the spectrometer performance

Innovation. The Push and Pull at ESRI. September Kevin Daugherty Cadastral/Land Records Industry Solutions Manager

SteelSmart System Cold Formed Steel Design Software Download & Installation Instructions

Technical Specifications. Form of the standard

Leveraging ArcGIS Online Elevation and Hydrology Services. Steve Kopp, Jian Lange

IntelMQ - a KISS incident handling automation project (IHAP)

LIGO Grid Applications Development Within GriPhyN

Procedure for Uncertainty Determination for Calibration Consoles

Continuous Performance Testing Shopware Developer Conference. Kore Nordmann 08. June 2013

Geodatabase: Best Practices. Robert LeClair, Senior Instructor

Newcastle City Council - Migration to QGIS and Open Source GIS

pka Calculations of Key Ionizable Protein Residues in Acetylcholinesterase

Roadmap to interoperability of geoinformation

ArcGIS 9 ArcGIS StreetMap Tutorial

Transcription:

EUROPEAN MIDDLEWARE INITIATIVE MYPROXY YAIM ADMINISTRATOR GUIDE Document version: 1.0.2-1 EMI Component Version: 1.x 1/10

This work is co-funded by the European Commission as part of the EMI project under Grant Agreement INFSO-RI-261611. Copyright c Members of the EGEE Collaboration. 2004. See http://www.eu-egee.org/partners/ for details on the copyright holders. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/license-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. 2/10

CONTENTS 1 MYPROXY CONFIGURATION BY YAIM 4 1.1 NAME............................................ 4 1.2 DESCRIPTION........................................ 4 1.3 CONFIGURATION VARIABLES............................... 4 1.4 EXAMPLES......................................... 5 1.5 DOCUMENTATION...................................... 5 1.6 AUTHORS.......................................... 6 1.7 CONTACT.......................................... 6 2 YAIM-LESS MYPROXY DEPLOYMENT PROCEDURE SCIENTIFIC LINUX 7 3 YAIM-LESS MYPROXY DEPLOYMENT PROCEDURE DEBIAN 9 3/10

1 MYPROXY CONFIGURATION BY YAIM 1.1 NAME yaim - YAIM (YAIM Aint an Installation Manager) is, as the name suggests, a way of configuring Grid Services. The aim of YAIM is to provide a simple installation and configuration method that can be used to set up a simple Grid Site but can be easily adapted and extended to meet the need of larger sites. The yaim-myproxy module is configuring the MyProxy server. 1.2 DESCRIPTION The yaim-myproxy module allows you to configure the MyProxy server. 1.3 CONFIGURATION VARIABLES This is the list of variables needed to set up in order to configure the MyProxy server. For more details, please check: https://twiki.cern.ch/twiki/bin/view/lcg/px_configuration_variables Mandatory Variables: Site admins must ensure these variables are properly defined according to the features of the site site-info.def variables: These variables are defined in /opt/glite/yaim/examples/site-info.def. INSTALL_ROOT : Installation root - change if using the re-locatable distribution. SITE_NAME : The GIIS of the site where the MyProxy server belongs to. GLOBUS_TCP_PORT_RANGE: Port range for Globus IO. It should be specified as "num1,num2". YAIM automatically handles the syntax of this variable depending on the version of VDT. If it s VDT 1.6 it leaves "num1,num2". If it s a version < VDT 1.6 it changes to "num1 num2". node specific variables: These variables are defined in /opt/glite/yaim/examples/services/glite-px. GRID_TRUSTED_BROKERS : List of the DNs of the Resource Brokers host certificates which are trusted by the Proxy node. (ex: /O=Grid/O=CERN/OU=cern.ch/CN=host/testbed013.cern.ch). Now deprecated, use GRID_DEFAULT_RENEWERS instead. GRID_AUTHORIZED_RENEWERS : List of authorized_renewrs. GRID_DEFAULT_RENEWERS : List of default_renewers GRID_AUTHORIZED_RETRIEVERS : List of authorized_retrievers. 4/10

GRID_DEFAULT_RETRIEVERS : List of default_retrievers. GRID_AUTHORIZED_KEY_RETRIEVERS : List of authorized_key_retrievers. GRID_DEFAULT_KEY_RETRIEVERS : List default_key_retrievers. GRID_TRUSTED_RETRIEVERS : List of trusted_retrievers. GRID_DEFAULT_TRUSTED_RETRIEVERS : List of default_trusted_retrievers. GRID_ALLOW_SELF_AUTHORIZATION : Enable refreshing or renewing proxy by itself. Enabling this is not recommended for security reasons - the compromised proxy could be renewed indefinitely. MYPROXY_DISABLE_USAGE_STATS : Disable Usage Metrics reporting. The myproxy server may be blocked when target server is inaccessible, thus you may want to disable it. 1.4 EXAMPLES How to configure the Myproxy node. cat << > /root/site-info.def SITE_NAME=emitb PX_HOST= hostname -f GRID_AUTHORIZED_RETRIEVERS="$\backslash$*" GRID_AUTHORIZED_RENEWERS=" /DC=org/DC=terena/DC=tcs/C=CZ/O=Masaryk University/CN=emitb2.ics.muni.cz /DC=ch/DC=cern/OU=computers/CN=cvitbrcnagios.cern.ch /DC=ch/DC=cern/OU=computers/CN=lxbra2302.cern.ch " GRID_TRUSTED_RETRIEVERS=" /DC=ch/DC=cern/OU=computers/CN=cvitbrcnagios.cern.ch " /opt/glite/yaim/bin/yaim -c -s /root/site-info.def -n glite-px To debug the configuration process: /opt/glite/yaim/bin/yaim -c -s /root/site-info.def -n glite-px -d 6 1.5 DOCUMENTATION You can find useful information on these web pages: Entry point for YAIM documentation: https://twiki.cern.ch/twiki/bin/view/egee/yaim 5/10

The Generic Installation and Configuration guides as well as the YAIM guides: https://twiki.cern.ch/twiki/bin/view/lcg/lcgdocs Useful links: http://lcg.web.cern.ch/lcg/sites/the-lcg-directory.html 1.6 AUTHORS YAIM is a collaborative project where different modules are developed and maintened by different groups. Here are some of the present contributors: Maria Allandes Pradillo, Gergely Debreczeni, Laurence Field, Di Qing, Andreas Unterkircher, Oliver Keeble, Steve Traylen, Owen Synge, Gavin Mccance, Maarten Litmaath, and we are happy to receive patches from everybody! 1.7 CONTACT To contact YAIM people use the yaim-contact@cern.ch email address. Table of Contents Name Description Configuration Variables Examples Documentation Authors Contact 6/10

2 YAIM-LESS MYPROXY DEPLOYMENT PROCEDURE SCIENTIFIC LINUX! / bin / sh The primary purpose of t h i s s c r i p t i s to document the procedure t h a t may be f ollowed i n case MyProxy server cannot be configured by YAIM DN= openssl x509 i n / etc / grid s e c u r i t y / h o s t c e r t.pem noout s u b j e c t sed s / s u b j e c t = / / echo "$DN" cp p / etc / myproxy server. c o n f i g / tmp cat >> / etc / myproxy server. c o n f i g << l o c a l c o n f i g u r a t i o n f o r uname n authorized_renewers "$DN" a u t h o r i z e d _ r e t r i e v e r s " " cp pv / etc / grid s e c u r i t y / host.pem / etc / grid s e c u r i t y / myproxy chown v myproxy : myproxy / etc / grid s e c u r i t y / myproxy / host.pem / etc / i n i t. d / myproxy server r e s t a r t chkconfig myproxy server on setup BDII resource ( o p t i o n a l ) r equired packages : b d i i g l i t e i n f o provider s e r v i c e sudo redhat l s b INFO_SERVICE_CONFIG= / etc / g l i t e / i n f o / service SITE_NAME= sitename cp $ {INFO_SERVICE_CONFIG } / g l i t e i n f o service myproxy. conf. template $ { INFO_SERVICE_CONFIG } / g l i t e i n f o service myproxy. conf cp $ {INFO_SERVICE_CONFIG } / g l i t e i n f o glue2 myproxy. conf. template $ { INFO_SERVICE_CONFIG } / g l i t e i n f o glue2 myproxy. conf cat << >/ var / l i b / b d i i / gip / p r o v i d e r / g l i t e i n f o provider service myproxy wrapper / usr / bin / g l i t e i n f o s e r v i c e $ {INFO_SERVICE_CONFIG } / g l i t e i n f o service myproxy. conf $SITE_NAME / usr / bin / g l i t e i n f o glue2 simple $ {INFO_SERVICE_CONFIG } / g l i t e i n f o glue2 myproxy. conf $SITE_NAME chmod +x / var / l i b / b d i i / gip / p r o v i d e r / g l i t e i n f o provider service myproxy wrapper newer slapd with rwm backend r e quired f o r SL5 7/10

[ x / usr / sbin / slapd2.4 ] && echo "SLAPD=/ usr / sbin / slapd2. 4 " >> / etc / sysconfig / b d i i chkconfig b d i i on / etc / i n i t. d / b d i i r e s t a r t 8/10

3 YAIM-LESS MYPROXY DEPLOYMENT PROCEDURE DEBIAN! / bin / sh The primary purpose of t h i s s c r i p t i s to document the procedure t h a t may be f ollowed i n case MyProxy server cannot be configured by YAIM DN= openssl x509 i n / etc / grid s e c u r i t y / h o s t c e r t.pem noout s u b j e c t sed s / s u b j e c t = / / echo "$DN" cp p / etc / myproxy server. c o n f i g / tmp cat >> / etc / myproxy server. c o n f i g << l o c a l c o n f i g u r a t i o n f o r uname n authorized_renewers "$DN" a u t h o r i z e d _ r e t r i e v e r s " " cp pv / etc / grid s e c u r i t y / host.pem / etc / grid s e c u r i t y / myproxy chown v myproxy : myproxy / etc / grid s e c u r i t y / myproxy / host.pem / etc / i n i t. d / myproxy server r e s t a r t cp p / etc / i n i t. d / myproxy server / tmp / sed i / etc / i n i t. d / myproxy server e s / \ ( Default S t a r t : \ ). / \ 1 2 3 4 5 / sed i / etc / i n i t. d / myproxy server e s / \ ( Default Stop : \ ). / \ 1 0 1 6 / update rc. d myproxy server d e f a u l t s setup BDII resource ( o p t i o n a l ) r equired packages : b d i i g l i t e i n f o provider s e r v i c e sudo lsb release INFO_SERVICE_CONFIG= / etc / g l i t e / i n f o / service SITE_NAME= sitename cp $ {INFO_SERVICE_CONFIG } / g l i t e i n f o service myproxy. conf. template $ { INFO_SERVICE_CONFIG } / g l i t e i n f o service myproxy. conf cp $ {INFO_SERVICE_CONFIG } / g l i t e i n f o glue2 myproxy. conf. template $ { INFO_SERVICE_CONFIG } / g l i t e i n f o glue2 myproxy. conf cat << >/ var / l i b / b d i i / gip / p r o v i d e r / g l i t e i n f o provider service myproxy wrapper / usr / bin / g l i t e i n f o s e r v i c e $ {INFO_SERVICE_CONFIG } / g l i t e i n f o service myproxy. conf $SITE_NAME / usr / bin / g l i t e i n f o glue2 simple $ {INFO_SERVICE_CONFIG } / g l i t e i n f o glue2 9/10

myproxy. conf $SITE_NAME chmod +x / var / l i b / b d i i / gip / p r o v i d e r / g l i t e i n f o provider service myproxy wrapper BDII_PASSWD= dd i f =/ dev / random bs=1 count=10 2 >/dev / n u l l base64 cat << > / etc / d e f a u l t / b d i i RUN=yes SLAPD_CONF= SLAPD= BDII_RAM_DISK= sed i " s. rootpw. rootpw \ t$ {BDII_PASSWD} " / etc / b d i i / b d i i slapd. conf / etc / i n i t. d / b d i i r e s t a r t 10/10

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback