Note: This web site is only kept up to date for OSG Software
1.2 (VDT 2.0.0). If you are looking for information for the most recent
release, the RPM-based OSG Software 3.0, please see
the OSG documentation web site
Note: This version of the VDT (1.3.4) is no longer supported. Feel free to look through the documentation and install it, but we cannot guarantee support for it. The current stable release is 2.0.0.
Congratulations! You've installed the VDT. That wasn't so hard
now, was it? If it was, please let us know. We're always
working to make the VDT easier to install and your feedback is
After the VDT install completes there are still a few server
components left unconfigured. Take a quick look at this list and
handle anything that applies to you. You almost certainly do not need
to do everything in this list--just do the ones that are relevant to
To learn more about the software you've just installed take a look
at the documentation for VDT 1.3.4.
- Set up the Globus gatekeeper for additional batch systems
- By default the VDT will configure the Condor jobmanager. However, the VDT included jobmanagers for PBS, LSF, FBSng and LoadLeveler as well. To set up any of these, first make sure the batch system's command line tools are in your path. Next, install the appropriate package.
> pacman -get http://vdt.cs.wisc.edu/vdt_134_cache:Globus-FBSNG-Setup
> pacman -get http://vdt.cs.wisc.edu/vdt_134_cache:Globus-Loadleveler-Setup
> pacman -get http://vdt.cs.wisc.edu/vdt_134_cache:Globus-LSF-Setup
> pacman -get http://vdt.cs.wisc.edu/vdt_134_cache:Globus-PBS-Setup
- Configure MonaLisa
- During installation the VDT configures MonaLisa with workable, yet inaccurate information. If you plan on running a MonaLisa server you'll want to run $VDT_LOCATION/vdt/setup/configure_monalisa.sh first.
- Get a host certificate
- If you plan on running any grid services you'll need a host certificate for your machine. See our instructions for more information.
- Get service certificates
- If you use authenticated MDS, you will need an 'ldap' service
certificate. If you use DRM or a service that depends on Apache (VOMS or
jClarens) you will need an 'http' service certificate. These are
stored in subdirectories of /etc/grid/security/. For instance:
> ls -l /etc/grid-security/ldap
-rw-r----- 1 daemon daemon 1194 Feb 2 13:34 ldapcert.pem
-rw-r----- 1 daemon daemon 1351 Feb 2 13:34 ldapcert_request.pem
-r-------- 1 daemon daemon 887 Feb 2 13:34 ldapkey.pem
> ls -l /etc/grid-security/http
-rw-rw-r-- 1 daemon daemon 1193 Feb 2 13:34 httpcert.pem
-rw-r--r-- 1 daemon daemon 1379 Feb 2 13:34 httpcert_request.pem
-r-------- 1 daemon daemon 887 Feb 2 13:34 httpkey.pem
- Set up a Globus gridmap file
- The gridmap file -- located at
/etc/grid-security/grid-mapfile -- is also required to run
any grid services. It contains a mapping of users' certificate
subjects to local UNIX accounts. A user must be in your gridmap
file in order for them to take advantage of any grid services you're
running. See the Globus
documentation for more information.
- Planning on compiling against Globus?
- If so, you to set up the Globus-Core package. The VDT does not do this by default because it would add a significant amount of time to the installation.
> pacman -get Globus-Core
Installing package [Globus-Core].
Package [Globus-Core] has been installed.
- Set up Simple CA
- Most people do not need to set up a certificate authority
because they already have access to one. However, you might
want to set up a CA for testing purposes and you can use the Globus
Simple CA included in the VDT. You will need to run a
couple of commands in order to set it up:
(This will ask you several questions, including the name of your CA
and your passphrase)
(The HASH will be replaced with the hash for your CA--the first
command will print it out)
For more details, see:
Globus's Simple CA directions
- Adding VDT services to TCP wrappers
- The VDT runs several services via inetd/xinetd. If you're running TCP wrappers you'll need to modify your access policies to include these new servers. See our TCP wrappers documentation for more details.
- Try out the new GridFTP server
- By default, VDT 1.3.4 ships with the GridFTP
server from 3.2.1, since that is the version of Globus we
ship. However, you can optionally try out the Globus GridFTP server
from Globus 3.9.5. Why would you want to do this? Bill Allcock from
the Globus Alliance says:
Why use the new GridFTP server? From a protocol level, the servers are
completely identical. Old clients can talk to new servers, new clients can
talk to old servers, you can third party transfer between a new server and
an old server, etc, so it is NOT mandatory that you upgrade. The real
reasons for using the new server are more subtle. First, this code base has
been subjected to a much higher level of testing than the previous server.
We have successfully handled 1800 clients on a single host, we have achieved
90% utilization on a 30 Gbs link, we have had single file transfers that ran
for a month. Second, bugs in the new server are our top priority, while
bugs in the old server are very low priority. Third, documentation on the
new server is significantly improved. Finally, the new server gives you
additional flexibility. We are working on custom Data Storage Interfaces
(DSI) to NeST, SRB, and HPSS. If you want to add custom functionality,
there are clean interfaces in all the right places, so it should be
relatively easy to do, where it is completely impractical with the old
It's easy to install, just install the Globus-New-GridFTP-Server
package. Currently this will not ask you if you want the GridFTP
server installed (like when you install the old GridFTP server), but
will simply install it. It can run alongside the old GridFTP server
because it runs on port 2812 instead of port 2811. Don't worry, this
doesn't install any other parts of Globus 4.0. A few details:
- The configuration is in $VDT_LOCATION/globus/etc/gridftp.conf
- The log file is in $VDT_LOCATION/globus/var/log/gridftp.log
- The Globus web site has more documentation
- Try out Nest
- If you want to try out
Nest, just install the Nest package. Note that it will reconfigure
the GridFTP server to use Nest for access to all storage. You can
disable this by editing GridFTP's configuration file.