VDT logo
Search:

(Powered by Google)

Note: This web site is only kept up to date for OSG Software 1.2 (VDT 2.0.0). If you are looking for information for the most recent release, the RPM-based OSG Software 3.0, please see the OSG documentation web site

Note: This version of the VDT (1.3.4) is no longer supported. Feel free to look through the documentation and install it, but we cannot guarantee support for it. The current stable release is 2.0.0.

Post-install Configuration

Congratulations! You've installed the VDT. That wasn't so hard now, was it? If it was, please let us know. We're always working to make the VDT easier to install and your feedback is essential.

After the VDT install completes there are still a few server components left unconfigured. Take a quick look at this list and handle anything that applies to you. You almost certainly do not need to do everything in this list--just do the ones that are relevant to you.

To learn more about the software you've just installed take a look at the documentation for VDT 1.3.4.

Set up the Globus gatekeeper for additional batch systems
By default the VDT will configure the Condor jobmanager. However, the VDT included jobmanagers for PBS, LSF, FBSng and LoadLeveler as well. To set up any of these, first make sure the batch system's command line tools are in your path. Next, install the appropriate package. 
> pacman -get http://vdt.cs.wisc.edu/vdt_134_cache:Globus-FBSNG-Setup
    or
> pacman -get http://vdt.cs.wisc.edu/vdt_134_cache:Globus-Loadleveler-Setup
    or
> pacman -get http://vdt.cs.wisc.edu/vdt_134_cache:Globus-LSF-Setup
    or
> pacman -get http://vdt.cs.wisc.edu/vdt_134_cache:Globus-PBS-Setup
Configure MonaLisa
During installation the VDT configures MonaLisa with workable, yet inaccurate information. If you plan on running a MonaLisa server you'll want to run $VDT_LOCATION/vdt/setup/configure_monalisa.sh first.
Get a host certificate
If you plan on running any grid services you'll need a host certificate for your machine. See our instructions for more information.
Get service certificates
If you use authenticated MDS, you will need an 'ldap' service certificate. If you use DRM or a service that depends on Apache (VOMS or jClarens) you will need an 'http' service certificate. These are stored in subdirectories of /etc/grid/security/. For instance: 
> ls -l /etc/grid-security/ldap
total 12
-rw-r-----    1 daemon   daemon       1194 Feb  2 13:34 ldapcert.pem
-rw-r-----    1 daemon   daemon       1351 Feb  2 13:34 ldapcert_request.pem
-r--------    1 daemon   daemon        887 Feb  2 13:34 ldapkey.pem

> ls -l /etc/grid-security/http
total 12
-rw-rw-r--    1 daemon   daemon       1193 Feb  2 13:34 httpcert.pem
-rw-r--r--    1 daemon   daemon       1379 Feb  2 13:34 httpcert_request.pem
-r--------    1 daemon   daemon        887 Feb  2 13:34 httpkey.pem
Set up a Globus gridmap file
The gridmap file -- located at /etc/grid-security/grid-mapfile -- is also required to run any grid services. It contains a mapping of users' certificate subjects to local UNIX accounts. A user must be in your gridmap file in order for them to take advantage of any grid services you're running. See the Globus documentation for more information.
Planning on compiling against Globus?
If so, you to set up the Globus-Core package. The VDT does not do this by default because it would add a significant amount of time to the installation. 
> pacman -get Globus-Core
Installing package [Globus-Core].
Package [Globus-Core] has been installed.
Done.
Set up Simple CA
Most people do not need to set up a certificate authority because they already have access to one. However, you might want to set up a CA for testing purposes and you can use the Globus Simple CA included in the VDT. You will need to run a couple of commands in order to set it up: 
$GLOBUS_LOCATION/setup/globus/setup-simple-ca
(This will ask you several questions, including the name of your CA
and your passphrase)

$GLOBUS_LOCATION/setup/globus_simple_ca_HASH_setup/setup-gsi -default
(The HASH will be replaced with the hash for your CA--the first 
command will print it out)
For more details, see: Globus's Simple CA directions
Adding VDT services to TCP wrappers
The VDT runs several services via inetd/xinetd. If you're running TCP wrappers you'll need to modify your access policies to include these new servers. See our TCP wrappers documentation for more details.
Try out the new GridFTP server
By default, VDT 1.3.4 ships with the GridFTP server from 3.2.1, since that is the version of Globus we ship. However, you can optionally try out the Globus GridFTP server from Globus 3.9.5. Why would you want to do this? Bill Allcock from the Globus Alliance says:
Why use the new GridFTP server? From a protocol level, the servers are completely identical. Old clients can talk to new servers, new clients can talk to old servers, you can third party transfer between a new server and an old server, etc, so it is NOT mandatory that you upgrade. The real reasons for using the new server are more subtle. First, this code base has been subjected to a much higher level of testing than the previous server. We have successfully handled 1800 clients on a single host, we have achieved 90% utilization on a 30 Gbs link, we have had single file transfers that ran for a month. Second, bugs in the new server are our top priority, while bugs in the old server are very low priority. Third, documentation on the new server is significantly improved. Finally, the new server gives you additional flexibility. We are working on custom Data Storage Interfaces (DSI) to NeST, SRB, and HPSS. If you want to add custom functionality, there are clean interfaces in all the right places, so it should be relatively easy to do, where it is completely impractical with the old server.
It's easy to install, just install the Globus-New-GridFTP-Server package. Currently this will not ask you if you want the GridFTP server installed (like when you install the old GridFTP server), but will simply install it. It can run alongside the old GridFTP server because it runs on port 2812 instead of port 2811. Don't worry, this doesn't install any other parts of Globus 4.0. A few details:
  • The configuration is in $VDT_LOCATION/globus/etc/gridftp.conf
  • The log file is in $VDT_LOCATION/globus/var/log/gridftp.log
  • The Globus web site has more documentation
Try out Nest
If you want to try out Nest, just install the Nest package. Note that it will reconfigure the GridFTP server to use Nest for access to all storage. You can disable this by editing GridFTP's configuration file.