-
Notifications
You must be signed in to change notification settings - Fork 0
ESGF Installation Using Autoinstaller
Regardless of whether you have installed and administered an ESGF node previously, please read the following document on ESGF policies, as this should influence what type on installation you should do:
http://esgf.llnl.gov/media/pdf/ESGF-Policies-and-Guidelines-V1.0.pdf
The ESGF Autoinstaller provides a full installation on a clean linux system without the need to answer questions during the course of the installation. This procedure assumes either (1) installation of all four ESGF node subtypes: Data, Index, IDP, Compute; or (2) a Data-only node. If you desire to install some other combination of the subtypes, e.g. index and IDP, please perform a traditional installation without the aid of the Autoinstaller.
Platform
RHEL 6, CentOS 6, Scientific Linux 6
Unix User
You must be root or effectively root to run this program, prefixing the command with sudo will not allow the use of needed environment variables! If you must use sudo, do so only to become root, using sudo su -.
Prerequisites
- Ports to open: 80, 443, (GridFTP: 2811, 50000-51000), (MyProxy: 7512)
- During the installation process, you'll be asked for a globus username and password. You'll need to sign up for a globusonline account beforehand, and provide the username and password when asked for it. You can sign up for an account at https://www.globus.org/SignUp
Download and Execute the Bootstrap Script
To setup a 'devel' install
cd /usr/local/bin
wget -O esg-bootstrap http://distrib-coffee.ipsl.jussieu.fr/pub/esgf/dist/devel/esgf-installer/2.3/esg-bootstrap --no-check-certificate
chmod 555 esg-bootstrap
./esg-bootstrap --devel
To setup a 'master' install
cd /usr/local/bin
wget -O esg-bootstrap http://distrib-coffee.ipsl.jussieu.fr/pub/esgf/dist/esgf-installer/2.3/esg-bootstrap --no-check-certificate
chmod 555 esg-bootstrap
./esg-bootstrap
Start the auto-installer process
You'll require two terminals for this. Either create two terminals or start up a 'screen' session and create two windows.
A setup of type 'all' is shown below. For a 'data' type install, you'll be asked to provide the idp peer's FQDN. Note that this idp peer should already be installed with ESGF and must be having proper certificates (issued by a federation CA, not temporary certificates) in order to work.
In terminal 1:
setup-autoinstall
Do you wish to save the answer file from this questionnaire for later use? (n/Y) y
Your choices will be stored in /opt/esgf/answers
Do you wish to load in an answer file from an earlier run? (y/N) n
setup-autoinstall supports type 'all' and type 'data' installs. Which type do you want to install (all/data)
all
Enter fqdn: esg-rc.local
Enter admin-password: somegoodpassword-6chars-or-longer-and-alphanumeric-only
Re-enter admin-password: THESAMEgoodpassword
Enter orgname: yourorgname
Enter shortname: shortnodename
Enter longname: longernodename
Enter revdomain: reversed-domain
Enter peergroup: esgf-test (for a production node, this will be esgf-prod)
Enter defaultpeer: yournode's fqdn (for a production node, this will be pcmdi9.llnl.gov)
Enter publishendpoint: yournode's fqdn
Enter admin-email: admin email for your ESGF node
Enter publisher password: somepasswordforpublisheruser
Enter a single ip address which would be cleared to access admin restricted pages.
You will be prompted if you want to enter more ip-addresses
<IP address>
Do you wish to allow further ips? y/n
n
Enter globus-username: yourglobusconnectusername
Enter globus-password: yourglobusconnectpassword
Ready with the answers. You can now run the installer with a </tmp/inputpipe
Use CTRL-C at the end of the install, to cleanup.
In terminal 2:
esg-node --type all --install </tmp/inputpipe 2>&1|tee installation.log
(if you are doing a 'data' type install, you should specify --type data, instead of --type all)
At this point, the installer should be able to complete the installation without any further inputs from you. You should not close/kill the process in terminal 1 till the installation completes fully. When completed, simply do a ctrl-c in terminal 1, to clean-up.
If you had selected to save the answer file, it'll be saved as /opt/esgf/answers. You can store it some place safe and use it for your next install, or modify it and use it on another machine.
For self-generated certificates, install them like this:
(Note: Do not worry about warnings/errors during the node stop)
./esg-node stop
./esg-node --install-keypair /etc/tempcerts/hostcert.pem /etc/tempcerts/hostkey.pem
For the CA chain question, use /etc/tempcerts/cacert.pem
./esg-node start
If you have signed certificates, use those instead:
./esg-node stop
./esg-node --install-local-certs
./esg-node --install-keypair /etc/esgfcerts/hostcert.pem /etc/esgfcerts/hostkey.pem
If Prashanth signed your certificate, use /etc/grid-security/certificates/cd6ccc41.0
./esg-node start