Globus 2.0 alpha 4 Installation Instructions for the DOE Science Grid

Step 1: Get modified alpha 4 tarballs at ftp://george.lbl.gov/pub/globus/alpha-4

Download the following source tarballs:

globus_common-2.0.tar.gz
globus_common_setup-2.0.tar.gz
globus_core-2.0.tar.gz
globus_core_setup-2.0.tar.gz
globus_cyrus-sasl-1.5.27.tar.gz
globus_data_conversion-2.0.tar.gz
globus_duct_common-2.0.tar.gz
globus_duct_control-2.0.tar.gz
globus_duct_runtime-2.0.tar.gz
globus_duroc_bootstrap-2.0.tar.gz
globus_duroc_common-2.0.tar.gz
globus_duroc_control-2.0.tar.gz
globus_duroc_runtime-2.0.tar.gz
globus_ftp_client-1.1.tar.gz
globus_ftp_control-1.0.tar.gz
globus_gass_cache-2.0.tar.gz
globus_gass_cache_program-2.0.tar.gz
globus_gass_copy-2.0.tar.gz
globus_gass_file-2.0.tar.gz
globus_gass_server_ez-2.0.tar.gz
globus_gass_transfer-2.0.tar.gz
globus_gatekeeper-2.0.tar.gz
globus_gatekeeper_setup-2.0.tar.gz
globus_gram_client-2.0.tar.gz
globus_gram_client_tools-2.0.tar.gz
globus_gram_job_manager-2.0.tar.gz
globus_gram_job_manager_scripts_setup-2.0.tar.gz
globus_gram_job_manager_setup-2.0.tar.gz
globus_gram_myjob-2.0.tar.gz
globus_gram_protocol-2.0.tar.gz
globus_gsi_wuftpd-0.6.tar.gz
globus_gsincftp-0.1.tar.gz
globus_gss_assist-2.0.tar.gz
globus_gssapi_gsi-2.0.tar.gz
globus_io-2.0.tar.gz
globus_ldapmodules-0.1.tar.gz
globus_libtool-1.4.tar.gz
globus_mds_back_giis-0.0.tar.gz
globus_mds_common-2.0.tar.gz
globus_mds_common_setup-2.0.tar.gz
globus_mds_gris-2.0.tar.gz
globus_mds_gris_setup-2.0.tar.gz
globus_mp-2.0.tar.gz
globus_nexus-6.0.tar.gz
globus_openldap-2.0.14.tar.gz
globus_openssl-0.9.6b.tar.gz
globus_replica_catalog-2.1.tar.gz
globus_replica_management-2.1.tar.gz
globus_rsl-2.0.tar.gz
globus_rsl_assist-2.0.tar.gz
globus_sasl_gssapi_gsi-0.1.tar.gz
globus_ssl_utils-2.0.tar.gz
globus_ssl_utils_setup-2.0.tar.gz
globus_user_env-2.0.tar.gz
gpt-0.1.tar.gz

Step 2: Get DOE Science Grid install script at ftp://george.lbl.gov/pub/globus/alpha-4/build_globus_alpha.py

Edit the first couple lines of the build script and create the following directories:

SRC_TAR_LOC -- the location of the downloaded tarballs
GLOBUS_LOC -- the location of the Globus 2.0 installation directory

Step 3: Run the following setup scripts in $GLOBUS_LOCATION/setup/globus:

First you must set the environment variable $GLOBUS_LOCATION to point to the same directory as GLOBUS_LOC from the previous step.

setup-globus-core
setup-globus-common
setup-globus-gatekeeper
setup-globus-gram-job-manager
setup-globus-gram-job-manager-scripts
setup-globus-mds-common

And as root run:

setup-ssl-utils

Step 4: Setup the DOE Science Grid CA certificate and signing policies

Unzip DOE SG certiifcates from ftp://george.lbl.gov/pub/globus/certificates.tar.gz to /etc/grid-security/certificates.
Create a host certificate that will be used by the globus gatekeeper and the gsi wu-ftp server. Follow the directions at http://www.globus.org/security/v1.1/host_cert.html

Step 5: Setup Globus gatekeeper and GSI WU-FTP server

Copy globus-gatekeeper-wrapper and in.ftpd-wrapper to $GLOBUS_LOCATION/sbin. Edit globus-gatekeeper-wrapper and in.ftpd-wrapper making sure GLOBUS_LOCATION points to the correct path of Globus 2.0 alpha.

If you are running inetd
Edit inetd.conf and add the following replacing GLOBUS_LOCATION with the actual GLOBUS_LOCATION path:

globus-gatekeeper stream tcp nowait root GLOBUS_LOCATION/sbin/globus-gatekeeper-wrapper
gsiftp  stream  tcp  nowait  root GLOBUS_LOCATION/sbin/in.ftpd-wrapper

If you are running xinetd
Add the following files to the /etc/xinetd.d directory replacing $GLOBUS_LOCATION with the actual path.

globus-gatekeeper  
service globus-gatekeeper
{
	log_type        = FILE /var/log/gateservicelog
        log_on_success  = HOST PID
        log_on_failure  = HOST RECORD
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = root
        server          = $GLOBUS_LOCATION/sbin/globus-gatekeeper
	server_args     = -conf $GLOBUS_LOCATION/etc/globus-gatekeeper.conf
        env             = LD_LIBRARY_PATH=$GLOBUS_LOCATION/lib GLOBUS_LOCATION=$GLOBUS_LOCATION
        disable         = no
}
gsiftp
service gsiftp
{
	log_type        = FILE /var/log/gsiservicelog
        log_on_success  = HOST PID
        log_on_failure  = HOST RECORD
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = root
        server          = $GLOBUS_LOCATION/sbin/in.ftpd
	server_args     = -l -a
        env             = LD_LIBRARY_PATH=$GLOBUS_LOCATION/lib GLOBUS_LOCATION=$GLOBUS_LOCATION
        disable         = no
}
and also edit /etc/hosts.allow

globus-gatekeeper: ALL
in.ftpd: ALL

Edit /etc/services and add the following:

gsiftp                  2811/tcp
globus-gatekeeper       2119/tcp

Now restart inetd or xinetd.

Testing the Globus gatekeeper and GSI WU-FTP server

Request a personal and a host certificate from the DOE SG CA Add your certificate DN to /etc/grid-security/grid-mapfile. Put the host certificate and private key into /etc/grid-security/hostcert.pem and hostkey.pem.

When using globus, you should issue the following:
(csh) source $GLOBUS_LOCATION/etc/globus-user-env.csh
(sh) . $GLOBUS_LOCATION/etc/globus-user-env.sh

To test the GSI wu-ftp server: %>gsincftp [machine-name]

To test the Globus gatekeeper: %>globusrun -a -r [machine-name] and globusrun -s -r [machine-name] "&(executable=/bin/ls)"

DOE SG Test Machines

scott.lbl.gov (linux)
portnoyc.lbl.gov (solaris 2.7)
thammada.csm.ornl.gov (linux)
dg0n8.mcs.anl.gov (linux)
pier.emsl.pnl.gov (linux)

Last modified: Wed Oct 17 19:14:05 PDT 2001