VOMS Setup

Much of the VOMS configuration from the system perspective follows the MyProxy configuration (PxWlcg).

It consists of Linux-HA sharing the prod-voms address with lemon sensors for voms load and status.

Certificate request

Only a certificate for the prod-voms and vom101 was requested. There was no need for voms102 and voms103 since they are in high availability configuration.

Lemon monitoring

A lemon sensor for VOMS availability is set up using voms status. This reports to lemon metrics 808 and 809.

The same procedure as the BDII was followed.

Testing

User Setup

Login to lxplus
source /afs/cern.ch/project/gd/LCG-share/sl3/etc/profile.d/grid_env.csh

Create file ~/.edg/vomses/test-voms102.cern.ch with content (ONE line):

"test" "voms102.cern.ch" "15010" "/C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch" "test"

You may also test the other host (voms core keeps running at all times) by creating file ~/.edg/vomses/test-voms103.cern.ch with content (ONE line):

"test" "voms103.cern.ch" "15010" "/C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch" "test"

If you want the proxy to be successful you 'll have to register in the VO 'test' by opening https://voms102.cern.ch:8443/vo/test/vomrs We will approve you.

You don't need to repeat the registration for voms103 as they share the same db.

Testing

Running voms-proxy-init to create a new proxy

$ voms-proxy-init -voms test
Your identity: /C=CH/O=CERN/OU=GRID/CN=Tim Bell 6176
Enter GRID pass phrase:
Creating temporary proxy ............................ Done
Contacting  voms102.cern.ch:15010 [/C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch] "test" Done
Creating proxy .................................................................... Done
Your proxy is valid until Wed Apr  5 03:08:19 2006
If you get the message
Contacting  voms102.cern.ch:15010 [/C=CH/O=CERN/OU=GRID/CN=host/lcg-voms.cern.ch] "test"
Warning: test: User unknown to this VO. Error: VERR_SERVERCODE Failed.
Failed to contact servers for test.

If you get Error: VERR_NOSOCKET Failed., the server is down.

Standby testing

Check that

- vomrs is up on master

# /usr/lib/heartbeat/hb_standby

check

- vomrs has stopped on master - vomrs starts on slave

Related Documents

Link Description
VomsStartStopCheck Start/Stop check for VOMS
vomsrs VOMSRS Documentation
voms VOMS Guide
voms-admin VOMS-Admin component Guide
-- TimBell - 24 Mar 2006
Edit | Attach | Watch | Print version | History: r10 | r8 < r7 < r6 < r5 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r6 - 2006-04-04 - TimBell
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    LCG All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback