If you need to update an existing CREAM CE installation:
* Update the RPMs via yum
* Follow what is reported below under “Cream CE configuration” and “Blparser configuration” sections
Please also refer to these gLite official guides:
A standard SL4 distribution is supposed to be properly installed.
It is highly suggested not to use SLC4 because otherwise you will have problems with java and tomcat installation (this is because in SL4, jdk is in the sl-base repo and java-1.6.0-sun-compat in in the sl-errata repo, and this helps in avoiding conflicts during installation).
ATTENTION: If you plan to use LSF batch system you have to install it manually.
With YAIM you can automatically configure only torque batch system.
Set the repositories needed by cream CE installation:
wget http://grid-deployment.web.cern.ch/grid-deployment/glite/repos/3.1/glite-CREAM.repo -O /etc/yum.repos.d/glite-CREAM.repo
If your CE runs Torque:
wget http://grid-deployment.web.cern.ch/grid-deployment/glite/repos/3.1/glite-TORQUE_utils.repo -O /etc/yum.repos.d/glite-TORQUE_utils.repo
If your CE is also Torque master:
wget http://grid-deployment.web.cern.ch/grid-deployment/glite/repos/3.1/glite-TORQUE_server.repo -O /etc/yum.repos.d/glite-TORQUE_server.repo
If your CE runs LSF:
wget http://grid-deployment.web.cern.ch/grid-deployment/glite/repos/3.1/glite-LSF_utils.repo -O /etc/yum.repos.d/glite-TORQUE_utils.repo
To avoid problems in java and tomcat installations, it is suggested to use the jPackage repo suggested by INFN-GRID:
wget http://grid-it.cnaf.infn.it/mrepo/repos/jpackage.repo -O /etc/yum.repos.d/jpackage.repo
instead of the one suggested in the official gLite installation:
wget http://grid-deployment.web.cern.ch/grid-deployment/glite/repos/3.1/jpackage.repo -O /etc/yum.repos.d/jpackage.repo
The difference is setting enabled = 0 in the non-free repo.
wget http://grid-it.cnaf.infn.it/mrepo/repos/lcg-ca.repo -O /etc/yum.repos.d/lcg-ca.repo
Prepare the environment with:
yum clean all yum update
As good practice it is suggested to disable the yum-autoupdate service. In particular an automatic update of the cream and of the glexec RPMs (not followed by a reconfiguration) will cause problems.
The following script disable_yum.sh (thanks to Giuseppe Platania) can be used to disable yum-autoupdate.
Install java and tomcat before installing the metapackage. You can try the following:
yum install java-1.6.0-sun-compat tomcat5
yum install tomcat5
yum install lcg-CA
Install the cream-CE metapackage:
yum install glite-CREAM
Depending on which batch system you are going to use, you have also to install the related batch system metapackages:
yum install glite-TORQUE_server glite-TORQUE_utils
yum install glite-TORQUE_utils
yum install glite-LSF_utils
/etc/grid-security your host certificate and key
scp hostcert.pem root@<cream_CE>:/etc/grid-security/ scp hostkey.pem root@<cream_CE>:/etc/grid-security
On cream CE host set the right permissions
chmod 600 /etc/grid-security/hostcert.pem chmod 400 /etc/grid-security/hostkey.pem
Remember to install all the needed VOMS server certificates of the VOs you want to support. They must be installed in /etc/grid-security/vomsdir.
Prepare your customized
<site-info.def> (and save it in a secure location, <site-info.def_dir>) using the template provided by
If you already have a
<site-info.def> for your site installation, you may use
vimdiff for a careful side-by-side comparison:
vimdiff /opt/glite/yaim/examples/siteinfo/site-info.def <site-info.def>
See this page to see which variables are relevant for the CREAM CE
Configure cream CE profile using YAIM. If ig-yaim is installed (or was installed), before proceeding with the configuration, do the following:
rm /opt/glite/yaim/functions/local/config_cream* rm /opt/glite/yaim/defaults/creamce.pre
To configure the CREAM CE do the following:
/opt/glite/yaim/bin/yaim -c -s <site-info.def> -n creamCE -n TORQUE_server -n TORQUE_utils
/opt/glite/yaim/bin/yaim -c -s <site-info.def> -n creamCE -n TORQUE_utils
/opt/glite/yaim/bin/yaim -c -s <site-info.def> -n creamCE -n LSF_utils
After having configured CREAM, it is necessary to also configure the BLAH Blparser.
The blparser must be installed on a machine where the batch system log files are available (let's call this host 'blparser host'). So the blparser host can be the batch system master or a different machine where the log files are available (e.g. they have been exported via NFS).
There are two possible layouts:
1) If your configuration satisfies the first layout, you need simply configure the blparser on your CREAM CE running:
/opt/glite/yaim/bin/yaim -r -s <site-info.def> -n creamCE -f config_cream_blparser
Then restart tomcat:
service tomcat5 restart
2) If instead your layout is the second one, you need to perform the instructions reported here on the blparser node (BLPARSER_HOST) and then restart tomcat on the creamce node
service tomcat5 restart
If the blparser has to serve multiple CREAM CEs, please follow the instructions reported here
CREAM supports two types of authorization (AuthZ) mechanisms: one AuthZ is VOMS based while the other AuthZ is specified by Grid User DNs (via the gridmapPDP). So if you want to also enable specific user DNs, list them in the
"/C=IT/O=INFN/OU=Personal Certificate/L=Padova/CN=X Y/Emailemail@example.com" .egee "/C=IT/O=INFN/OU=Personal Certificate/L=Padova/CN=W Z/Emailfirstname.lastname@example.org" .egee
It is possible to choose a value to be published as GlueCeState instead of Production. This is managed by the yaim variable CREAM_CE_STATE. Its default (set in /opt/glite/yaim/defaults/glite-creamce.pre) is “Special”