Table of Contents

  1. Introduction
  2. CentOS Installation
  3. Pacman Installation
  4. VDT/OSG-client Installation
  5. Get CA distribution package
  6. Set up CA

Introduction

The following instructions provide guideline about setting up VDT/OSG-client. The CentOS 5.2 is used as an operating system.

CentOS Installation

Install CentOS using the kickstart file. In this installation we have used CentOS-5.2 as our operating system. The kickstart file should be web accessible. At the boot prompt enter following command to start installation. You will need to change CDs during the installation process. 

linux ks=http://<ip.addr.kickstart.url>/<path-to-kickstart.file>

Pacman Installation

VOMS uses pacman for installation. Download and install pacman using following set of commands. This will update the $PATH variable with the pacman binaries directory. 

cd /var/tmp
wget http://physics.bu.edu/pacman/sample_cache/tarballs/pacman-3.28.tar.gz
tar --no-same-owner -C /opt/ -xzvf pacman-3.28.tar.gz
cd /opt
ln -s pacman-3.28 pacman
cd pacman
source setup.sh

VDT/OSG-client Installation

Create a VDT/OSG-client installation directory and start installation using pacman: 

mkdir -p /usr/local/osg/vdt-client
export VDT_LOCATION=/usr/local/osg/vdt-client
cd $VDT_LOCATION
pacman -get http://software.grid.iu.edu/osg-1.2:client

The above commands will install VOMS, but it is not configured yet as we don't host certificate/key in place right now. You should see output similar to following lines: 

[root@localhost voms]# pacman -get  http://software.grid.iu.edu/osg-1.2:voms
Do you want to add [http://software.grid.iu.edu/osg-1.2] to [trusted.caches]? (y/n/yall): y
Do you want to add [http://vdt.cs.wisc.edu/vdt_200_cache] to [trusted.caches]? (y/n/yall): y
Beginning VDT prerequisite checking script vdt-common/vdt-prereq-check...

All prerequisite checks are satisfied.

========== IMPORTANT ==========
Most of the software installed by the VDT *will not work* until you install
certificates.  To complete your CA certificate installation, see the notes
in the post-install/README file.

vdt/setup/configure_voms: ERROR: need host certificate (see post-install/README)

Source the VDT setup file which will define and update appropriate environment variables 

source setup.sh

You can also add it to the /etc/profile.d so that users don't have to source it every time they login. 

cp $CDT_LOCATION/setup.sh /etc/profile.d/vdt-client.sh 
chmod +x /etc/profile.d/vdt-client.sh

Get CA distribution package

We need to get CA distribution package from which we will get our certificates. We will use the SimpleCA installed on the VOMS machine as our CA. Ideally the CA should be on a separate machine, but it is fine in case of our test environment. The following set of commands will copy SimpleCA distribution package on compute element and configure it for requesting new certs. 

scp voms1:/root/.globus/simpleCA/globus_simple_ca_442e8efa_setup-0.19.tar.gz /var/tmp/ 
gpt-build /var/tmp/globus_simple_ca_442e8efa_setup-0.19.tar.gz
gpt-postinstall
/usr/local/osg/ce/globus/setup/globus_simple_ca_442e8efa_setup/setup-gsi

Set up CA

vdt-ca-manage setupca --location local --url http://<host.ip.addr.or.hostname>/software/certificates/ca-certs-version