SAM Doc : Installing SAM-Gridmon Update-16
This page last changed on Feb 13, 2012 by vibhuti.
This page describes the process to install and configure SAM-Gridmon node type from scratch.
EnvironmentDisabled selinux in /etc/selinux/config SELINUX=disabled
RequirementsYou need to install host certificate in order to secure the Nagios web portal. Certificate should be placed on the standard location: ls -l /etc/grid-security/host* -rw-r--r-- 1 root root 2286 Oct 28 19:26 /etc/grid-security/hostcert.pem -r-------- 1 root root 887 Oct 28 19:25 /etc/grid-security/hostkey.pem
openssl x509 -in /etc/grid-security/hostcert.pem -noout -purpose | grep "SSL client" SSL client : Yes If you plan to use the SAM DB (i.e. NCG_TOPOLOGY_USE_SAM or NCG_REMOTE_USE_SAM set to true) you need to request access to SAM PI from your Nagios host. Details on enabling access are maintained by the SAM team here. In the request you should provide the machine address(es) and simply specify that you require access under the "EGEE-SA1 Monitoring Profile". RepositoriesInstall YUM and rpmforge packages:
Remove the old lcg-CA repository, if installed:
Repositories ListConfigure the following repositories:
Repository PrioritiesInstall yum-priorities: yum install yum-priorities Modify repository files:
Installationyum install lcg-CA httpd subversion yum --enablerepo=slc5-cernonly -y install oracle-instantclient-basic oracle-instantclient-sqlplus oracle-instantclient-tnsnames.ora perl-DBD-Oracle yum install sam-gridmon Install the cx_Oracle python bindings from http://cx-oracle.sourceforge.net wget "http://prdownloads.sourceforge.net/cx-oracle/cx_Oracle-5.1.1-10g-py24-1.x86_64.rpm?download" rpm -i cx_Oracle-5.1.1-10g-py24-1.x86_64.rpm Make sure sqlplus works. If not, you may need to add the Oracle home to your library path. $ echo /usr/lib64/oracle/10.x.x.x/client/lib64 >> /etc/ld.so.conf.d/oracle-instantclient.conf $ ldconfig Database DeploymentSAM-Gridmon requires an oracle database. The deploy the required schema the following steps should be performed:
ConfigurationThe configuration of all SAM-Gridmon boxes is based on https://twiki.cern.ch/twiki/bin/view/EGEE/YAIM. The following variables must be set. Edit YAIM configuration file: # GENERIC SITE_NAME=CERN-PROD BDII_HOST=lcg-bdii.cern.ch VOS="dteam ops" VO_DTEAM_VOMS_SERVERS='vomss://voms.hellasgrid.gr:8443/voms/dteam?/dteam/' VO_DTEAM_VOMSES="'dteam voms.hellasgrid.gr 15004 /C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms.hellasgrid.gr dteam 24' 'dteam voms2.hellasgrid.gr 15004 /C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms2.hellasgrid.gr dteam 24'" VO_DTEAM_VOMS_CA_DN="'/C=GR/O=HellasGrid/OU=Certification Authorities/CN=HellasGrid CA 2006' '/C=GR/O=HellasGrid/OU=Certification Authorities/CN=HellasGrid CA 2006'" VO_OPS_VOMS_SERVERS="vomss://voms.cern.ch:8443/voms/ops?/ops/" VO_OPS_VOMSES="'ops lcg-voms.cern.ch 15009 /DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch ops 24' 'ops voms.cern.ch 15004 /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch ops 24'" VO_OPS_VOMS_CA_DN="'/DC=ch/DC=cern/CN=CERN Trusted Certification Authority' '/DC=ch/DC=cern/CN=CERN Trusted Certification Authority'" RB_HOST=skurut2.cesnet.cz # irelevant, RB is unsupported VO_DTEAM_WMS_HOSTS="wms204.cern.ch wms205.cern.ch" # put to your NGI WMSes VO_OPS_WMS_HOSTS="wms204.cern.ch wms205.cern.ch" # put to your NGI WMSes # DATABASE DB_TYPE=oracle DB_NAME=<db_name> DB_USER=<db_user> DB_PASS=<db_pass> # MESSAGING MSG_CONSUME2DB_TYPE="non-durable" MS_CONSUMER_NAME="<client id>" # hostname with dots replaced by underscores, e.g. grid_monitoring_test_cern_ch" MSG_BROKER_CACHE_HOST="sam-validation.msg.cern.ch" # NAGIOS NAGIOS_ADMIN_DNS="/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=wlapka/CN=623537/CN=Wojciech Lapka,/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=straylen/CN=613539/CN=Steve Traylen,/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=jshade/CN=468767/CN=John Shade,/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=jamesc/CN=380618/CN=James Casey,/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=kskaburs/CN=658461/CN=Konstantin Skaburskas,/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=dcollado/CN=496848/CN=David Collados Polidura,/C=IT/O=INFN/OU=Personal Certificate/L=Roma 1/CN=Alessandro Di Girolamo,/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=asciaba/CN=430796/CN=Andrea Sciaba,/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=sciaba/CN=430796/CN=Andrea Sciaba,/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=pmendez/CN=477458/CN=Patricia Mendez Lorenzo,/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=mpaladin/CN=696692/CN=Massimo Paladin,/DC=org/DC=doegrids/OU=People/CN=Vikas Singhal 692459,/O=Grid/O=NorduGrid/OU=ndgf.org/CN=Anders Rhod Gregersen,/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=magini/CN=577890/CN=Nicolo Magini,/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=girolamo/CN=614260/CN=Alessandro Di Girolamo,/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=santinel/CN=564059/CN=Roberto Santinelli,/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=mbabik/CN=555091/CN=Marian Babik" NAGIOS_ROLE="central-web" NAGIOS_HTTPD_ENABLE_CONFIG=true # ATP ATP_VO_FEEDS="<list of VOs>" ATP_VO_FEED_<vo1>="<vo feed url>" ATP_VO_FEED_<vo2>="<vo feed url>" # MYWLCG ENABLE_MYWLCG_ALIAS=1 MYWLCG_DB_LIMIT=50000 MYWLCG_THROTTLE=False MYWLCG_ACCESS_PERIOD=5 MYWLCG_NUMBER_OF_ACCESSES=100 MYEGI_ADMIN_NAME=Admin Name MYEGI_ADMIN_EMAIL=it-dep-gt-tom-services@cern.ch MYEGI_DEFAULT_PROFILE=ROC MYEGI_ACE="True" # POEM POEM_ADMIN_NAME="Admin Name" POEM_ADMIN_EMAIL="sam-nagios-val@cern.ch" # MDDB NCG_MDDB_SUPPORTED_PROFILES="ROC,ROC_CRITICAL,ROC_OPERATORS,GLEXEC" # OTHERS DAEMON_USER="edguser" DAEMON_GROUP="edguser" You may need to change your database connection settings, as well as the admin data. Run YAIM: /opt/glite/yaim/bin/yaim -s site-info.def -c -n glite-NAGIOS_WEB Additional ConfigurationThrottling of MyWLCG WEB APIPerformance limits in MyWLCG/MyEGI portal are set by YAIM variables. # Limit number of rows that can be fetched at a time to avoid DB dumps. MYWLCG_DB_LIMIT=50000 # Limit number of accesses per IP address in a given time(seconds). MYWLCG_ACCESS_PERIOD=5 MYWLCG_NUMBER_OF_ACCESSES=100 ValidationAfter successful running of YAIM you should be able to access SAM-Girdmon web interface at the address https://SAMGRIDMON_SERVER/mywlcg or https://SAMGRIDMON_SERVER/myegi. Known IssuesWhen using yum to upgrade a machine from Update-11 to Update-12 the following exclude option is required for the yum command: yum --exclude=egee-NAGIOS update ProblemsA description of common problems when installing SAM can be found at the Troubleshooting section. |
Document generated by Confluence on Feb 27, 2014 10:19 |