Setting up a GUMS server on Ubuntu

From BeSTGRID

This guide is tightly meshed with the Setting up a GUMS server guide. It tries to avoid redundancies and refers back frequently to its parent.

At time of writing the descriptions are based on the (64 bit) server release of Ubuntu 10.04 LTS (Long Term Support, code name "Lucid Lynx"). It is likely to work equally well with slightly older or newer releases, 32 bit releases and with (some minor) modifications with current Debian releases as well.

Note: Some of these notes may not be 100% in proper chronological order. The order has been retained from the original install notes to keep them in sync. But it should be quite obvious that certain configuration can only be integrated into VDT once VDT has been installed. Please, keep this in mind when using this guide.

Contents 1 Preliminaries 1.1 OS requirements 2 GUMS install 2.1 Clean the System 2.2 Check Firewall 2.3 Prerequisite Packages 2.4 Pacman and VDT 2.5 Configure VDT certificate distribution 2.6 Set ServerName in Apache 2.7 MOD_SSL Bug 2.8 Turn VDT services on 3 Post-install configuration 4 Populate GUMS configuration 5 Polishing Globus 6 Next: Install Auth Tool

[edit] Preliminaries

See also Setting up a GUMS server#Preliminaries.

[edit] OS requirements

See also Setting up a GUMS server#OS requirements.

• Scripting shell:
  • Many of the VDT supplied scripts are not safe for a POSIX compliant shell, but require the presence of a bash. To circumvent this problem altogether, reconfigure /bin/sh to use bash (rather than the faster dash used by Ubuntu's default).
  • See also here: https://wiki.ubuntu.com/DashAsBinSh
  • Reconfigure the dash to disable it (say "no" when prompted for the install of dash for /bin/sh)
    (Note: The VDT team has been informed, and they will submit an upstream patch to the pacman maintainers to resolve this issue for future releases.)

$ sudo dpkg-reconfigure dash

• SMTP mail relay:
  • Configure the host as an SMTP relay,
  • Install the package postfix, and configure the host as a "satellite system" using your institution's SMTP server's FQDN as a relay host
• Install the package lockfile-progs to prevent locking problems with /etc/cron.daily/standard running multiple times.
• Install/configure the NTP daemon (package ntp)
• Install the mailutils package
• Install the chkconfig package (system tool to enable or disable system services)

[edit] GUMS install

[edit] Clean the System

See also Setting up a GUMS server#Clean CentOS Install.

We're not running CentOS, but it may still make sense to check the system for a clean install. Make sure there is no Apache web server (package apache2) or MySQL server (package mysql-server) installed. Remove or purge these package first to insure a working setup.

[edit] Check Firewall

See also Setting up a GUMS server#Check Firewall.

[edit] Prerequisite Packages

See also Setting up a GUMS server#Prerequisite Packages.

No repositories need to be added/edited.

Get and install the APAC GridPulse system monitor:

• Get the RPM from the ARCS RPM repository, in this case here: http://projects.arcs.org.au/dist/production/5/x86_64/noarch/APAC-gateway-gridpulse-0.3-4.noarch.rpm
• Convert it with the alien tool to a Debian package (do not use the --scripts option), copy the Debian package to the host and install it.
• Hack the script /usr/local/bin/gridpulse to fit Ubuntu!
  This one should work for a start: gridpulse (Note: renamed for upload on the wiki.)
• Create a file /usr/local/lib/gridpulse/system_packages.pulse and add the following line to it:

apac-gateway-gridpulse

• Add a crontab entry for executing the script every 20 minutes:

3,23,43 * * * * /usr/local/bin/gridpulse grid_pulse@lists.arcs.org.au >/dev/null 2>&1

[edit] Pacman and VDT

See also Setting up a GUMS server#Pacman and VDT.

Most of these steps are much more easily performed with a root shell. To obtain one use the following:

$ sudo su -

Following steps using a root shell use a preceding shell prompt "#".

• If your institution requires a proxy, configure the environment (change host and port accordingly).
  • It might also make sense to add this to a (newly created) script under /etc/profile.d/proxy.sh to manifest it for all future login shells.

# export http_proxy=http://institute.proxy.server.ac.nz:8080

• Create a new base directory for VDT:

# mkdir -p /opt/vdt

• Download and setup pacman (the packager used)

# cd /opt/vdt
# wget http://physics.bu.edu/pacman/sample_cache/tarballs/pacman-latest.tar.gz
# tar xfz pacman-latest.tar.gz
# cd pacman-3.29 && source setup.sh && cd ..

• Install Grid tools from VDT
  (Note: It is very important to use the -pretend-platform switch at the first usage of pacman. For Ubuntu Karmic (9.10) and Lucid (10.04) "Debian-5" worked well.)

# cd /opt/vdt
# export VDTMIRROR=http://vdt.cs.wisc.edu/vdt_200_cache
# pacman -pretend-platform Debian-5 -get $VDTMIRROR:GUMS

• Make the environment variable setup script created by VDT load in the default profile

# ln -s /opt/vdt/setup.sh /etc/profile.d/vdt.sh
# . /etc/profile

[edit] Configure VDT certificate distribution

Proceed as described in Setting up a GUMS server#Configure VDT certificate distribution.

[edit] Set ServerName in Apache

Proceed as described in Setting up a GUMS server#Set ServerName in Apache.

[edit] MOD_SSL Bug

Proceed as described in Setting up a GUMS server#MOD_SSL Bug.

[edit] Turn VDT services on

Proceed as described in Setting up a GUMS server#Turn VDT services on.

[edit] Post-install configuration

Proceed as described in Setting up a GUMS server#Post-install configuration.

[edit] Populate GUMS configuration

Proceed as described in Setting up a GUMS server#Populate GUMS configuration.

[edit] Polishing Globus

See also Setting up a GUMS server#Polishing Globus.

Do not edit the starting scripts for fixing the starting order. Do proceed in this following way, however to fix the problem with the starting order of MySQL, Tomcat and Apache:

• Enable the linking of the script into the init process using update-rc.d (the fields "90", "95" and "99" are important for indicating the starting order of the services). Stop the services, remove their starting order links, re-insert the links, and finally start them again.

$ # Stop services
$ sudo service apache stop
$ sudo service tomcat-55 stop
$ sudo service mysql5 stop
$ # Remove service links
$ sudo update-rc.d -f mysql5 remove
$ sudo update-rc.d -f tomcat-55 remove
$ sudo update-rc.d -f apache remove
$ # Insert service links
$ sudo update-rc.d mysql5 defaults 90
$ sudo update-rc.d tomcat-55 defaults 95
$ sudo update-rc.d apache defaults 99
$ # Start services
$ sudo service mysql5 start
$ sudo service tomcat-55 start
$ sudo service apache start

[edit] Next: Install Auth Tool

See also Setting up a GUMS server#Next: Install Auth Tool.

Setup content of this section has not been tested for Ubuntu.