Skip to content

ESGFNode|InstallationProcedure

Jump to bottom Edit New page
Nicolas Carenton edited this page Mar 27, 2014 · 26 revisions

P2P Data/Compute Node From Scratch Installation

This page contains information extending that documentation.

The installation script is written in BASH and is targeted to run on *NIX operating systems. In particular the target platform is RH or CentOS, because of minor command idiosyncrasies, however, the script has been used successfully executed on other *NIX systems. The install script pulls down installation artifacts from our distribution server. All artifacts and even the scripts themselves are verified against posted checksums. If verification fails the script will abort. There is a single master script, however, there is actually a series of scripts that are used to install the ESGF Node stack. The script is able to run at start up via chkconfig, supporting [start|stop|restart|update] directives. The script is also self- updating and will alert you if it has been tampered with. There are many flags that may be used with the script (see usage by using --help|-h options), as it is the central mechanism for controlling the maintenance life cycle of the data node.

The script is the preferred way to install the ESGF Node stack. It is recommended to create an "esg-user" account that is able to issue the command "sudo -s" to become root.

Procedure

Execute the installer with the command:

%> esg-node --type data --install --verify
(this will install a "data" configuration of the esgf node)

.

This will perform all installation and verification steps in sequence, prompting the user each time during an initial install. Order of installation is important! If the script aborts at any point do not continue until the issue at hand has been resolved. The general sequence is as follows:

Unix User

esg-user

'' Prérequis ''

Installer le repo epel. {{{ yum install autoconf automake bison file flex gcc gcc-c++ gettext-devel libtool uuid-devel libuuid-devel libxml2 libxml2-devel libxslt libxslt-devel lsof make openssl-devel pam-devel pax readline-devel tk-devel wget zlib-devel perl-Archive-Tar perl-XML-Parser libX11-devel libtool-ltdl-devel e2fsprogs-devel.x86_64 gcc-gfortran libicu-devel.x86_64 libgtextutils-devel.x86_64 ExtUtils }}}

'' Téléchargement du script d'installation ''

{{{ cd /usr/local/bin wget -O esg-bootstrap http://198.128.245.140/dist/esgf-installer/esg-bootstrap diff <(md5sum esg-bootstrap | tr -s " " | cut -d " " -f 1) <(curl -s http://198.128.245.140/dist/esgf-installer/esg-bootstrap.md5 | tr -s " " | cut -d " " -f 1) chmod 555 esg-bootstrap esg-bootstrap }}}

'' Lancement de l'installation ''

Vérifier la disponibilité des sites uv-cdat.llnl.gov et rainbow.llnl.gov indispensables pour l'installation puis: {{{ esg-node --version [VERIFIED] Version: v1.6.2-bushwick_myrtle-release-master Release: bushwick_myrtle Earth Systems Grid Federation (http://esgf.org) ESGF Node Installation Script }}}

{{{ script -a -c "esg-node --type data compute --install" /tmp/esgf_install.log }}} Utiliser script plutôt que tee pour le log. tee peut entraîner des corruptions de fichiers de configuration.

'' Questionnaire interactif 0 ''

{{{

Are you ready to begin the installation? [Y/n] Y

Configured host IP address does not match available IPs... Detected multiple IP addresses bound to this host... Please select the IP address to use for this installation ------------------------------------------- [0] : 134.157.179.48 [1] : 172.20.3.43 ------------------------------------------- select [] > 0

Welcome to the ESGF Node installation program! :-)

What is the fully qualified domain name of this node? [vesgint-data.ipsl.jussieu.fr]: What is the admin password to use for this installation? (alpha-numeric only) []: Please re-enter password: What is the name of your organization? [jussieu]: Please give this node a "short" name: []: VESGINT-DATA Please give this node a more descriptive "long" name []: vesgint-data.ipsl.jussieu.fr What is the namespace to use for this node? (set to your reverse fqdn - Ex: "gov.llnl") [fr.jussieu.ipsl]: What peer group(s) will this node participate in? (if not sure, use default) [esgf-test]: esgf-prod What is the default peer to this node? [esgf-node1.llnl.gov]: esgf-node.ipsl.fr What is the hostname of the node do you plan to publish to? [esgf-node1.llnl.gov]: esgf-node.ipsl.fr What email address should notifications be sent as? []: [email protected] Is the database external to this node? [y/N]: Please enter the database connection string... (form: postgresql://[username]@[host]:[port]/esgcet) What is the database connection string? [postgresql://dbsuper@localhost:5432/esgcet]: postgresql:// entered: postgresql://dbsuper@localhost:5432/esgcet What is the (low priv) db account for publisher? [esgcet]: What is the db password for publisher user (esgcet)? []: }}}

{{{ Are you ready to begin the installation? [Y/n] Configured host IP address does not match available IPs... Detected multiple IP addresses bound to this host... Please select the IP address to use for this installation ------------------------------------------- [0] : 134.157.179.48 [1] : 172.20.3.43 ------------------------------------------- select [] > 0 selected address -> 134.157.179.48 (data node type selected) (compute node type selected)

Welcome to the ESGF Node installation program! :-)

What is the fully qualified domain name of this node? [vesgdev-data.ipsl.jussieu.fr]: What is the admin password to use for this installation? (alpha-numeric only) []: Please re-enter password: What is the name of your organization? [jussieu]: Please give this node a "short" name: []: VESGDEV-DATA Please give this node a more descriptive "long" name []: vesgdev-data.ipsl.jussieu.fr What is the namespace to use for this node? (set to your reverse fqdn - Ex: "gov.llnl") [fr.jussieu.ipsl]: What peer group(s) will this node participate in? (if not sure, use default) [esgf-test]: esgf-prod What is the default peer to this node? [esgf-node1.llnl.gov]: esgf-node.ipsl.fr What is the hostname of the node do you plan to publish to? [esgf-node1.llnl.gov]: esgf-node.ipsl.fr What email address should notifications be sent as? []: [email protected] Is the database external to this node? [y/N]: Please enter the database connection string... (form: postgresql://[username]@[host]:[port]/esgcet) What is the database connection string? [postgresql://dbsuper@localhost:5432/esgcet]: postgresql:// entered: postgresql://dbsuper@localhost:5432/esgcet What is the (low priv) db account for publisher? [esgcet]: What is the db password for publisher user (esgcet)? []:

}}}

'' Questionnaire interactif 1 ''

{{{ /usr/local/pgsql/bin/createuser -U postgres -P -s -e dbsuper Enter password for new role: Enter it again: }}}

'' Questionnaire interactif 2 ''

{{{ [VERIFIED] Please Enter PostgreSQL port number [5432]:> 5432 }}}

'' Questionnaire interactif 3 ''

{{{ Would you like a "system" or "user" publisher configuration: ------------------------------------------- *[1] : System [2] : User ------------------------------------------- [C] : (Custom) ------------------------------------------- select [1] >

You have selected: 1 Publisher configuration file -> [/esg/config/esgcet/esg.ini]

Is this correct? [Y/n] Y Your publisher configuration file will be: /esg/config/esgcet/esg.ini What is your organization's id? [jussieu]: jussieu

}}}

'' Questionnaire interactif 4 ''

{{{ Looking for keystore [/esg/config/tomcat/keystore-tomcat]... (don't see one)... Keystore setup: Launching Java's keytool: store_password = ****** Would you like to use the DN: (OU=ESGF.ORG, O=ESGF) ? [Y/n]: Using keystore DN = CN=vesgdev-data.ipsl.jussieu.fr, OU=ESGF.ORG, O=ESGF Enter key password for <my_esgf_node> (RETURN if same as keystore password):
Do you wish to generate a Certificate Signing Request at this time? [Y/n] Y }}}

'' Questionnaire interactif 5 ''

{{{ Oox:-)

Please enter the password for this keystore : Please re-enter the password for this keystore:

}}}

'' Questionnaire interactif 6 ''

{{{ Please enter username for tomcat [dnode_user]:
dnode_user Please enter password for user, "dnode_user" [********]: 73769edbd97410aacfb3560ebb817f882d141517 Would you like to add another user? [y/N]: N Please Enter the public (i.e. routable) IP address of this host [xxx.xxx.xxx.xxx]:> xxx.xxx.xxx.xxx }}}

'' Questionnaire interactif 7 ''

{{{ Please select the IDP Peer for this node: ------------------------------------------- *[1] : ESGF-PCMDI-9 -> pcmdi9.llnl.gov [2] : ESGF-PCMDI -> pcmdi3.llnl.gov [3] : ESGF-JPL -> esg-gateway.jpl.nasa.gov [4] : ESGF-ORNL -> esg2-gw.ccs.ornl.gov [5] : ESGF-BADC -> cmip-gw.badc.rl.ac.uk [6] : ESGF-DKRZ -> ipcc-ar5.dkrz.de [7] : ESGF-PNNL -> esg1-gw.pnl.gov [8] : ESGF-ANL -> dev.esg.anl.gov [9] : ESGF-PCMDI-TEST3 -> esgf-node3.llnl.gov ------------------------------------------- [C] : (Manual Entry) ------------------------------------------- select [1] > C Please enter the IDP Peer's name [ESGF-PCMDI-9] ESGF-NODE-IPSL
Please enter the IDP Peer's hostname [pcmdi9.llnl.gov] esgf-node.ipsl.fr

You have selected: (Manual Entry) ESGF-NODE-IPSL -> esgf-node.ipsl.fr

Is this correct? [Y/n] Y

}}}

'' Questionnaire interactif 8 ''

{{{ Server sent 2 certificate(s):

1 Subject CN=esgf-node.ipsl.fr, OU=simpleCA-esgf-node.ipsl.fr, OU=GlobusTest, O=Grid Issuer CN=Globus Simple CA, OU=simpleCA-esgf-node.ipsl.fr, OU=GlobusTest, O=Grid sha1 cf f9 20 2b ce a6 bc b0 5d b4 a7 bb 0c 08 18 99 14 47 a6 86 md5 bd 6d ab cb 0b 75 58 fb 54 52 89 60 8e 1b 44 b8

2 Subject CN=Globus Simple CA, OU=simpleCA-esgf-node.ipsl.fr, OU=GlobusTest, O=Grid Issuer CN=Globus Simple CA, OU=simpleCA-esgf-node.ipsl.fr, OU=GlobusTest, O=Grid sha1 06 09 9b cc b6 70 6f 3e 59 00 34 b9 fa 0a ba 87 0b f1 16 10 md5 0b b0 a3 56 f6 a7 c7 32 7e 35 b5 b9 e3 bb cd 26

Enter certificate to add to trusted keystore or 'q' to quit: [1] > 1

}}}

'' Questionnaire interactif 9 ''

{{{ Creating directory /esg/content/thredds/esgcet INFO 2013-12-19 17:35:51,812 Writing THREDDS ESG master catalog /esg/content/thredds/esgcet/catalog.xml INFO 2013-12-19 17:35:51,848 Writing THREDDS root catalog /esg/content/thredds/catalog.xml THREDDS dataset root directories (option=thredds_dataset_roots) Each entry has the form 'path_identifier | absolute_directory_path': Current value is:

esg_dataroot | /esg/data

Enter lines, or to end Add new line:

}}}

'' Questionnaire interactif 10 ''

{{{ */15 * * * * sleep $(( $RANDOM%900 )); /usr/sbin/puppetd -o --no-daemonize -l syslog >/dev/null 2>&1

ESGF cronjob BEGIN

35 0,12 * * * ESG_USAGE_PARSER_CONF=/esg/config/gridftp/esg-bdm-usage-gridftp.conf /esg/tools/esg_usage_parser

ESGF cronjob END

Is this ok ? [Y/n] Y }}}

'' Questionnaire interactif 11 ''

{{{

ESGF cronjob BEGIN

35 0,12 * * * ESG_USAGE_PARSER_CONF=/esg/config/gridftp/esg-bdm-usage-gridftp.conf /esg/tools/esg_usage_parser 5 0,12 * * * ESG_USAGE_PARSER_CONF=/esg/config/gridftp/esg-server-usage-gridftp.conf /esg/tools/esg_usage_parser

ESGF cronjob END

Is this ok ? [Y/n] Y }}}

'' Questionnaire interactif 12 ''

{{{ Server sent 2 certificate(s):

1 Subject CN=esgf-node.ipsl.fr, OU=simpleCA-esgf-node.ipsl.fr, OU=GlobusTest, O=Grid Issuer CN=Globus Simple CA, OU=simpleCA-esgf-node.ipsl.fr, OU=GlobusTest, O=Grid sha1 cf f9 20 2b ce a6 bc b0 5d b4 a7 bb 0c 08 18 99 14 47 a6 86 md5 bd 6d ab cb 0b 75 58 fb 54 52 89 60 8e 1b 44 b8

2 Subject CN=Globus Simple CA, OU=simpleCA-esgf-node.ipsl.fr, OU=GlobusTest, O=Grid Issuer CN=Globus Simple CA, OU=simpleCA-esgf-node.ipsl.fr, OU=GlobusTest, O=Grid sha1 06 09 9b cc b6 70 6f 3e 59 00 34 b9 fa 0a ba 87 0b f1 16 10 md5 0b b0 a3 56 f6 a7 c7 32 7e 35 b5 b9 e3 bb cd 26

Enter certificate to add to trusted keystore or 'q' to quit: [1] > 1

}}}

Redémarrage du noeud {{{ esg-node restart }}}

Ajout de l'IDP à la whitelist. Ajouter cette ligne au fichier esg/config/esgf_idp_static.xm {{{ https://esgf-node.ipsl.fr/esgf-idp/idp/openidServer.htm }}}

Configuration du thredds_dataset_roots dans le fichier /esg/config/esgcet/esg.ini

{{{ thredds_dataset_roots = esg_dataroot | /path/to/netcdf/files }}}

Configuration de la section initialize dans le fichier /esg/config/esgcet/esg.ini {{{ [initialize] log_level = INFO initial_models_table = /esg/config/esgcet/esgcet_models_table.txt }}}

Ajout des lignes suivantes dans le fichier /esg/config/esgcet/esgcet_models_table.txt: {{{ cmip5 | IPSL-CM5A-LR | | IPSL-CM5A-LR, Institut Pierre-Simon Laplace cmip5 | IPSL-CM5A-MR | | IPSL-CM5A-MR, Institut Pierre-Simon Laplace cmip5 | IPSL-CM5B-LR | | IPSL-CM5B-LR, Institut Pierre-Simon Laplace }}}

Configuration de l'URL las dans le fichier esg.ini {{{ thredds_aggregation_services = OpenDAP | /thredds/dodsC/ | gridded LAS | http://vesg.ipsl.fr/las/getUI.do/ | LASatYourHost }}}

Redémarrage du noeud {{{ esg-node restart }}}

Vérification des web front ends {{{ http://vesg.ipsl.fr/esgf-node-manager http://vesg.ipsl.fr/thredds http://vesg.ipsl.fr/esgf-desktop http://vesg.ipsl.fr/esgf-dashboard http://vesg.ipsl.fr/las }}}

En cas de non fonctionnement de l'interface web las, redémarrer le noeud autant de fois que nécéessaire: {{{ esg-node restart }}}

== Génération d'une Certificate Signing Request et Installation du certificat ==

Préparation {{{ mkdir /etc/grid-security/workdir cp /esg/config/tomcat/hostkey.pem /etc/grid-security/workdir }}}

Installation du fichier attaché à cette page localopenssl.cnf dans /etc/grid-security/workdir

Génération de la CSR {{{ cd /etc/grid-security/workdir openssl req -config localopenssl.cnf -new -subj /O=Grid/OU=GlobusTest/OU=simpleCA-esgf-node.ipsl.fr/CN=mon_noeud.mon_institut.fr -multivalue-rdn -key hostkey.pem -out mon_noeud.mon_institut.fr.csr }}}

Vérifier la CSR puis l'envoyer à l'administrateur de l'IDP: IPSL {{{ openssl req -text -in mon_noeud.mon_institut.fr.csr }}}

Installer le certificat machine signé renvoyé par l'IPSL sur le noeud {{{ scp mon_noeud.mon_institut.fr.signed.pem root@mon_noeud.mon_institut.fr:/etc/grid-security/hostcert.pem }}}

Installer le certificat CA envoyé par l'IPSL sur le noeud {{{ scp cacert.pem root@mon_noeud.mon_institut.fr:/tmp }}}

Installer la paire de clés {{{ [root@vesgdev-data grid-security]# cd /etc/grid-security/ [root@vesgdev-data grid-security]# esg-node --install-keypair hostcert.pem workdir/hostkey.pem private key = hostkey.pem public cert = hostcert.pem keystore name = /esg/config/tomcat/keystore-tomcat keystore alias = my_esgf_node

Please set the password for this keystore : Please re-enter the password for this keystore:

truststore_name = /esg/config/tomcat/esg-truststore.ts Please enter your Certificate Athority's certificate chain file(s): [if in doubt: http://pcmdi6.llnl.gov/cacert.pem] [enter each cert file/url press return, press return with blank entry when done]

certfile> /tmp/cacert.pem certfile>

Keystore name : /esg/config/tomcat/keystore-tomcat Keystore alias: my_esgf_node Store password: Private key : hostkey.pem Certificates... Signed Cert -------> hostcert.pem Root Cert -------> /tmp/cacert.pem

checking that key pair is congruent... [OK] a9bfad6dc08cc070c317f31aa237d9b8

Is the above information correct? [Y/n] Y creating keystore... [OK] clearing keystore... [OK] converting private key... [OK] checking that chain is valid... [OK]

Constructing new keystore content... /usr/local/bin/esg-node: line 4220: extkeytool: command not found Hmmm... Cannot find extkeytool... :-( Let me get it for you! :-) [one moment please...] bin/ bin/extkeytool bin/metadatatool lib/ lib/bcprov-jdk14-117.jar lib/commons-logging-1.03.jar lib/endorsed/ lib/endorsed/dom.jar lib/endorsed/jaxp-api.jar lib/endorsed/sax.jar lib/endorsed/xalan.jar lib/endorsed/xercesImpl.jar lib/jargs-0.4.jar lib/log4j-1.2.5.jar lib/opensaml-1.1.jar lib/shib-util.jar lib/xmlsec-20050514.jar NOW... let's retry building your new keystore.... EXTKEYTOOL_HOME: /esg/tools/idptools Key import successful. [OK]

How do things look? Owner: CN=vesgdev-data.ipsl.jussieu.fr, OU=simpleCA-esgf-node.ipsl.fr, OU=GlobusTest, O=Grid Issuer: CN=Globus Simple CA, OU=simpleCA-esgf-node.ipsl.fr, OU=GlobusTest, O=Grid Serial number: b91 MD5: D0:28:2E:64:3B:B2:B5:81:5E:0A:CC:2F:DC:64:BD:62 SHA1: 20:BF:90:B3:3F:21:82:4F:5D:DA:46:19:23:F2:36:85:88:E7:F3:01 Owner: CN=Globus Simple CA, OU=simpleCA-esgf-node.ipsl.fr, OU=GlobusTest, O=Grid Issuer: CN=Globus Simple CA, OU=simpleCA-esgf-node.ipsl.fr, OU=GlobusTest, O=Grid Serial number: ea29c2eba9293358 MD5: 0B:B0:A3:56:F6:A7:C7:32:7E:35:B5:B9:E3:BB:CD:26 SHA1: 06:09:9B:CC:B6:70:6F:3E:59:00:34:B9:FA:0A:BA:87:0B:F1:16:10

Mmmm, freshly baked keystore! If Everything looks good... then replace your current tomcat keystore with /esg/config/tomcat/keystore-tomcat, if necessary. Don't forget to change your tomcat's server.xml entry accordingly :-) Remember: Keep your private key hostkey.pem and signed cert hostcert.pem in a safe place!!!

Is the above information correct? [Y/n] Y /esg/config/tomcat/vesgdev-data.ipsl.jussieu.fr-esg-node.pem' -> /esg/config/tomcat/vesgdev-data.ipsl.jussieu.fr-esg-node.pem.old' hostcert.pem' -> /esg/config/tomcat/vesgdev-data.ipsl.jussieu.fr-esg-node.pem' /esg/config/tomcat/esg-truststore.ts' -> /esg/config/tomcat/esg-truststore.ts.bak'

(Re)building truststore from esg certificates... [/esg/config/tomcat/esg-truststore.ts] /usr/local/java/jre/lib/security/cacerts' -> /esg/config/tomcat/esg-truststore.ts' /etc/grid-security/certificates/81b9768f.0 -> + Certificate was added to keystore /etc/grid-security/certificates/542ea116.0 -> + Certificate was added to keystore /etc/grid-security/certificates/7ed47087.0 -> + Certificate was added to keystore /etc/grid-security/certificates/230344cb.0 -> + Certificate was added to keystore /etc/grid-security/certificates/3bb68158.0 -> + Certificate was added to keystore /etc/grid-security/certificates/aaa0e946.0 -> + Certificate was added to keystore /etc/grid-security/certificates/1445ed77.0 -> + Certificate was added to keystore /etc/grid-security/certificates/76ac75a5.0 -> + Certificate was added to keystore /etc/grid-security/certificates/6d330c32.0 -> + Certificate was added to keystore /etc/grid-security/certificates/ff783690.0 -> + Certificate was added to keystore /etc/grid-security/certificates/ffc3d59b.0 -> + Certificate was added to keystore /etc/grid-security/certificates/0119347c.0 -> + Certificate was added to keystore /etc/grid-security/certificates/72fa7371.0 -> + Certificate was added to keystore /etc/grid-security/certificates/52440ff8.0 -> + Certificate was added to keystore /etc/grid-security/certificates/b1159c4c.0 -> + Certificate was added to keystore /etc/grid-security/certificates/594f1775.0 -> + Certificate was added to keystore /etc/grid-security/certificates/5de29f67.0 -> + Certificate was added to keystore /etc/grid-security/certificates/01bba7cf.0 -> + Certificate was added to keystore /etc/grid-security/certificates/7e0370f0.0 -> + Certificate was added to keystore /etc/grid-security/certificates/1ec4d31a.0 -> + Certificate was added to keystore /etc/grid-security/certificates/2f2c2f7c.0 -> + Certificate was added to keystore /etc/grid-security/certificates/f237c66a.0 -> + Certificate was added to keystore /etc/grid-security/certificates/69105f4f.0 -> + Certificate was added to keystore /etc/grid-security/certificates/1e12d831.0 -> + Certificate was added to keystore /etc/grid-security/certificates/219d9499.0 -> + Certificate was added to keystore /etc/grid-security/certificates/4f654c5b.0 -> + Certificate was added to keystore /etc/grid-security/certificates/4d241d64.0 -> + Certificate was added to keystore /etc/grid-security/certificates/8722d9d5.0 -> + Certificate was added to keystore /etc/grid-security/certificates/c331edde.0 -> + Certificate was added to keystore /etc/grid-security/certificates/6425fbc5.0 -> + Certificate was added to keystore /etc/grid-security/certificates/3a31e34d.0 -> + Certificate was added to keystore /etc/grid-security/certificates/1c3f2ca8.0 -> + Certificate was added to keystore /etc/grid-security/certificates/e826269a.0 -> + Certificate was added to keystore /etc/grid-security/certificates/1d1427de.0 -> + Certificate was added to keystore /etc/grid-security/certificates/0084963c.0 -> + Certificate was added to keystore /etc/grid-security/certificates/272a3167.0 -> + Certificate was added to keystore /etc/grid-security/certificates/5e86c86b.0 -> + Certificate was added to keystore /etc/grid-security/certificates/9df51c42.0 -> + Certificate was added to keystore /etc/grid-security/certificates/746ef087.0 -> + Certificate was added to keystore /etc/grid-security/certificates/99b0865c.0 -> + Certificate was added to keystore /etc/grid-security/certificates/3513523f.0 -> + Certificate was added to keystore /etc/grid-security/certificates/97552d04.0 -> + Certificate was added to keystore /etc/grid-security/certificates/b204d74a.0 -> + Certificate was added to keystore /etc/grid-security/certificates/cf22df3a.0 -> + Certificate was added to keystore /etc/grid-security/certificates/d1b603c3.0 -> + Certificate was added to keystore /etc/grid-security/certificates/42a8256f.0 -> + Certificate was added to keystore /etc/grid-security/certificates/782eb491.0 -> + Certificate was added to keystore /etc/grid-security/certificates/4e18c148.0 -> + Certificate was added to keystore /etc/grid-security/certificates/530f7122.0 -> + Certificate was added to keystore /etc/grid-security/certificates/9d0a75f2.0 -> + Certificate was added to keystore /etc/grid-security/certificates/facacbc6.0 -> + Certificate was added to keystore /etc/grid-security/certificates/6e5da70c.0 -> + Certificate was added to keystore /etc/grid-security/certificates/de6347de.0 -> + Certificate was added to keystore /etc/grid-security/certificates/f081611a.0 -> + Certificate was added to keystore /etc/grid-security/certificates/685ca547.0 -> + Certificate was added to keystore /etc/grid-security/certificates/48fa1782.0 -> + Certificate was added to keystore /etc/grid-security/certificates/157753a5.0 -> + Certificate was added to keystore /etc/grid-security/certificates/563d35fe.0 -> + Certificate was added to keystore /etc/grid-security/certificates/e922526b.0 -> + Certificate was added to keystore /etc/grid-security/certificates/7c60f3f7.0 -> + Certificate was added to keystore /etc/grid-security/certificates/d9be2151.0 -> + Certificate was added to keystore /etc/grid-security/certificates/ece35fd4.0 -> + Certificate was added to keystore /etc/grid-security/certificates/7162f3c9.0 -> + Certificate was added to keystore /etc/grid-security/certificates/8c1c0f44.0 -> + Certificate was added to keystore /etc/grid-security/certificates/9490b52e.0 -> + Certificate was added to keystore /etc/grid-security/certificates/993715d8.0 -> + Certificate was added to keystore /etc/grid-security/certificates/246d7a36.0 -> + Certificate was added to keystore /etc/grid-security/certificates/2fafbae8.0 -> + Certificate was added to keystore /etc/grid-security/certificates/e99b1c0a.0 -> + Certificate was added to keystore /etc/grid-security/certificates/bc3f2570.0 -> + Certificate was added to keystore /etc/grid-security/certificates/812e17de.0 -> + Certificate was added to keystore /etc/grid-security/certificates/46117fcc.0 -> + Certificate was added to keystore /etc/grid-security/certificates/f18deb20.0 -> + Certificate was added to keystore /etc/grid-security/certificates/12d0da68.0 -> + Certificate was added to keystore /etc/grid-security/certificates/49929bb3.0 -> + Certificate was added to keystore /etc/grid-security/certificates/2d96ae6d.0 -> + Certificate was added to keystore /etc/grid-security/certificates/faa5efcb.0 -> + Certificate was added to keystore /etc/grid-security/certificates/ae9c66bf.0 -> + Certificate was added to keystore /etc/grid-security/certificates/6107e209.0 -> + Certificate was added to keystore /etc/grid-security/certificates/f131b364.0 -> + Certificate was added to keystore /etc/grid-security/certificates/c4949a23.0 -> + Certificate was added to keystore /etc/grid-security/certificates/d2f4a5b9.0 -> + Certificate was added to keystore /etc/grid-security/certificates/244b5494.0 -> + Certificate was added to keystore /etc/grid-security/certificates/241a8801.0 -> + Certificate was added to keystore /etc/grid-security/certificates/dfc28aa6.0 -> + Certificate was added to keystore /etc/grid-security/certificates/cbf06781.0 -> + Certificate was added to keystore /etc/grid-security/certificates/b13cc6df.0 -> + Certificate was added to keystore /etc/grid-security/certificates/3c58f906.0 -> + Certificate was added to keystore /etc/grid-security/certificates/439ce3f7.0 -> + Certificate was added to keystore /etc/grid-security/certificates/971d4d32.0 -> + Certificate was added to keystore /etc/grid-security/certificates/96e2ef2f.0 -> + Certificate was added to keystore /etc/grid-security/certificates/053e3ae0.0 -> + Certificate was added to keystore /etc/grid-security/certificates/5f89743a.0 -> + Certificate was added to keystore /etc/grid-security/certificates/7395b665.0 -> + Certificate was added to keystore /etc/grid-security/certificates/02b2d53d.0 -> + Certificate was added to keystore /etc/grid-security/certificates/642655f7.0 -> + Certificate was added to keystore /etc/grid-security/certificates/d1f1d944.0 -> + Certificate was added to keystore /etc/grid-security/certificates/06c34218.0 -> + Certificate was added to keystore /etc/grid-security/certificates/44529084.0 -> + Certificate was added to keystore /etc/grid-security/certificates/7cef5492.0 -> + Certificate was added to keystore /etc/grid-security/certificates/1d552c87.0 -> + Certificate was added to keystore /etc/grid-security/certificates/7d77b8c9.0 -> + Certificate was added to keystore /etc/grid-security/certificates/da195528.0 -> + Certificate was added to keystore /etc/grid-security/certificates/159117b6.0 -> + Certificate was added to keystore /etc/grid-security/certificates/eb99629b.0 -> + Certificate was added to keystore /etc/grid-security/certificates/399e7759.0 -> + Certificate was added to keystore /etc/grid-security/certificates/0d66c1c3.0 -> + Certificate was added to keystore /etc/grid-security/certificates/98ef0ee5.0 -> + Certificate was added to keystore /etc/grid-security/certificates/5b4355a9.0 -> + Certificate was added to keystore /etc/grid-security/certificates/6a02221a.0 -> + Certificate was added to keystore /etc/grid-security/certificates/02e7f0f4.0 -> + Certificate was added to keystore /etc/grid-security/certificates/598630ad.0 -> + Certificate was added to keystore /etc/grid-security/certificates/578d5c04.0 -> + Certificate was added to keystore /etc/grid-security/certificates/dd6acc3f.0 -> + Certificate was added to keystore /etc/grid-security/certificates/25552524.0 -> + Certificate was added to keystore Sync'ing /esg/config/tomcat/esg-truststore.ts with /usr/local/java/jre/lib/security/jssecacerts ... [OK] ...done

Oo.:-) [OK] Re-Integrating keystore's certificate into truststore.... Extracting keystore's certificate... Certificate stored in file </esg/config/tomcat/keystore-tomcat.cer> [OK] Importing keystore's certificate into truststore... Certificate was added to keystore [Storing /esg/config/tomcat/esg-truststore.ts] [OK] Sync'ing /esg/config/tomcat/esg-truststore.ts with /usr/local/java/jre/lib/security/jssecacerts ... [OK] cleaning up after ourselves... removed `/esg/config/tomcat/keystore-tomcat.cer' [OK] Please restart this node for keys to take effect: "/usr/local/bin/esg-node restart"

}}}

{{{ esg-node restart }}}

== Initialisation ==

Initialisation esg {{{ esginitialize -c }}}

Directory structure

esg_root_dir = /esg
workdir = /usr/local/src/esgf

Location

Description

${esg_root_dir}

Top level directory location of the ESG configuration files and logs (default /esg).

${esg_root_dir}/backups

Application stack and database data archive location

${esg_root_dir}/config

ESGF configuration files

${esg_root_dir}/content

Thredds catalogs & LAS data files

${esg_root_dir}/data

Top level directory for data (.nc) files

${esg_root_dir}/data.replica

Top level directory for all replicated data from other nodes

${esg_root_dir}/data-index-*

Search index directories

${esg_root_dir}/gridftp_root

Chroot directory for gridftp access to data

${esg_root_dir}/log

ESGF log files

${esg_root_dir}/tools

ESGF tools (currently; esg_usage_parser)

${esg_root_dir}/config/esgcet/esg.ini or ~/.esgcet/esg.ini

esg publisher setup file. (system vs personal install)

%{esg_root_dir}/etc

Ancillary scripts and files

${esg_root_dir}/esgf-install-manifest

Log of all installed components of the application stack (date, name, location, version)

/etc/esg.env

Environment variables required by the script and used in node operation

${workdir}

Installation "scratch" directory for installation-time artifacts; source, helper scripts, et. al.

${workdir}/globus

globus sources

${workdir}/esg

publisher,thredds and other sources

Starting/Stopping etc. the Node

The esg-node installation script is also the boot script

To stop/start or restart or check the status of the node...

%> esg-node stop
%> esg-node start
%> esg-node status
%> esg-node restart
Add a custom footer
Add a custom sidebar
Clone this wiki locally