Setting up a brand new site

This is superceded by, please refer to that instead

Complete: 4


What will you need to be a good site


  • be a good grid site in EGEE or OSG
  • a farm with at least one CE (better 2 or more)
  • an SRM (please avoid multiple SE's as much as possible)
  • one machine to run a Squid server (two for a large site with e.g. more then 500 execution slots)
  • a Vobox to run CMS.PhEDEx agents
  • firewall permission for Squid and job monitoring
    • detailed below


  • everything as a T2, but usually at smaller scale and no need to be up 24x7

Things to do

Setting up a brand new site requires completion of all the following steps. Note, more information on installing / operating CMS.PhEDEx can be found elsewhere.

Personal Affairs

  1. The following CMS Workbook pages will guide you through general registrations matters like becoming a CERN user and CMS member, getting a CERN account, getting access rights in CMS, getting a certificate from a Certification Authority (CA) and getting registered in the CMS Virtual organization (VO).
  2. Once you will be a CMS member, you will also need to : 1 Get a HyperNews account ((needs a registered CMS member at the site)
    • Subscribe to the following HyperNews forums
  3. Register in CMS.SiteDB (needs a registered CMS member at the site)

Site Affairs (Part 1)

  1. If you are requesting Tier-2 tier, has your site signed the WLCG MOU?
  2. Open a GGUS ticket, specifying 'Type of problem' as 'CMS_Register New CMS Site' and 'CMS Support Unit' as 'CMS Datatransfers', and add the following information:
    • Site name (e.g. Pisa)
    • CMS name (e.g. T2_IT_Pisa) Please keep the length of the CMS name to 20 characters or less
    • SAM name. This should be the same thing as the GlueSiteName attribute published in BDII.
      • EGEE sites: this corresponds to the site name in GOCDB (e.g. INFN-PISA for T2_IT_Pisa)
      • OSG sites: this corresponds to the Resource Group name in OSG Resource Group Summary NOTE: you should provide the Resource Group name (e.g. MIT_CMS_T3) rather than the Resource name (e.g. MIT_CMS_T3-CE1)
    • City/Country
    • Site tier (e.g. Tier 2)
    • Storage Element host (e.g.
    • Storage Element kind (e.g. Buffer, MSS, Disk)
    • Storage Element technology (e.g. dCache, Castor, DPM, Disk, Other)
    • Computing Element host(s) (e.g. )
    • Domain name of the VO box(es) that will run your PhEDEx agents. This is needed to whitelist your domain for access to the databases. This should be the domain name, not the full hostname, so if your vobox will be then the domain to whitelist will be
    • Associated Tier 1 (e.g. INFN)
    • Grid type (e.g. LCG, OSG)
    • Data Manager name, e-mail, phone, certificate DN
    • CMS.PhEDEx Contact name, e-mail, phone, certificate DN
    • Site Admin name, e-mail, phone, certificate DN
    • Site Executive name, e-mail, phone, certificate DN
  3. Send your grid user public key (usercert.pem) to cms-phedex-admins AT or add a file with the public key to the GGUS request. You will receive 3 encrypted e-mails containing PhEDEX roles and passwords for Prod, Debug and Dev. You should decode the 3 e-mails using the same certificate you sent and put the 3 outputs in one file to use to connect to CMS.PhEDEx TMDB.

Notify CMS Management

Is your site known by CMS management?
  1. For T3 no formality is required, but CMS SiteDB admins may want to enquire a bit if we get a request from a completely unknown person. A couple of mails should be enough.
  2. For T1 or T2 Please send an email with the URL to your Savannah ticket to Matthias Kasemann, Patty McBride, Daniele Bonacorsi, Peter Kreuzer, Neil Geddes
    • Please ask them to comment/acknowledge your request in the Savannah ticket
    • Site creation in CMS.SiteDB and CMS.PhEDEx will not commence without acknowledgment in the Savannah ticket from Matthias, Patty, etc.

Off-site database access

Access to the PhEDEx database from outside CERN is firewalled, and your hosts will need to be granted access. Please send a mail to Physics-Database.Support AT and cms-phedex-admins AT asking for your host(s) to be allowed to connect. You should give the name of the domain or subnet that needs access. Ideally this domain/subnet should not contain too many machines, but it should be open enough that you can change hosts without having to repeatedly ask for new holes in the firewall.

Site Affairs (Part 2)

Pending approval of your request by CMS management:
  1. If using FTS, ask your Tier-1 Site Admin to create a dedicated channel for your site
    • Please use CMS.SiteDB to determine the appropriate site contact (needs a registered CMS member at the site)
  2. Configure a host to run CMS.PhEDEx
  3. Edit your storage.xml file (needs a registered CMS member at the site)

Joining Transfer Activities

  1. Start DEV instance
    • Subscribe to a test data set
    • Debug problems
  2. Start Debug instance

Not Only Transfers

Note that most of this stuff only works in grid environment! If you are setting up a Tier 3 for local use, you may not need it.

  • Set up a $VO_CMS_SW_DIR and ask for central installation as indicated in CMS.SiteOperationProcedures
  • Get a CMS.JobRobot test sample and ask for CMS.JobRobot submissions by opening a ticket in Computing Infrastacture Savannah and select CMS Job Robot as category
  • Ask to send CMS SAM jobs to your site
  • Make sure messages from running jobs can reach dashboard, this requires local firewall to allow outgoing UDP messages to IP address, port 8884

Edit | Attach | Watch | Print version | History: r44 < r43 < r42 < r41 < r40 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r44 - 2016-11-29 - NicoloMagini
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    CMSPublic All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2023 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback