The following is an installation log by Tamas Hauer on Gentoo including
first configuration steps:
AMGA INSTALL
Prerequisites:
# need update to bison-2.3 for gcc 4.*
emerge unixODBC ## [2.2.11-r1]
emerge libxml2 ## [2.6.27]
emerge boost ## [1.33.1-r1 thread]
emerge openldap ## [2.3.30-r2]
# emerge myodbc ## [3.51.12]
# emerge --config =dev-db/myodbc-3.51.12
# apparently the gentoo out-of-box odbc drivers don't work very well, so
# we go with the libs installed directly from mysql and postgresql:
# /opt/mysql.com/lib/libmyodbc3-3.51.15.so
# /opt/postgresql.org/lib/psqlodbcw.so
wget http://belnet.dl.sourceforge.net/sourceforge/gsoap2/gsoap-linux-2.7.1.tar.gz
tar zxf gsoap-linux-2.7.1.tar.gz -C /opt
Installation:
Get Tarball:
amgadir="glite-amga-server-CVS-current"
amgaver="glite-amga-server-CVS-`date +'%Y%m%d.%H.%M'`"
wget http://jra1mw.cvs.cern.ch:8180/cgi-bin/jra1mw.cgi/org.glite.amga.server/org.glite.amga.server.tar.gz?tarball=1
mv org.glite.amga.server.tar.gz\?tarball\=1 $amgaver.tar.gz
tar zxf $amgaver.tar.gz
mv org.glite.amga.server $amgaver
rm -f $amgadir; ln -s $amgaver glite-amga-server-CVS-current
cp BDIIClient.cc $amgadir/src/client/BDIIClient.cc
#############################################
# in the file src/client/BDIIClient.cc
# comment out the body of the methods reset() and search()
# that's because of wrong ldap version and these are needed
# for --with-globus only
#############################################
CVS update:
export CVSROOT=":pserver:anonymous@glite.cvs.cern.ch:/cvs/glite"
cvs co org.glite.amga.server
[cvs up]
Build and Install:
sh bootstrap
export PATH=/opt/gsoap-linux-2.7:$PATH
./configure --with-gsoap-prefix=/opt/gsoap-linux-2.7/ \
--prefix=/opt/amga \
--with-readline \
--without-globus
make
sudo make install
Environment:
Certificates:
server ~ # ls -lR /etc/grid-security/
/etc/grid-security/:
drwxr-xr-x 2 root root 4096 Apr 19 11:53 certificates
-rw-r--r-- 1 root root 2278 Apr 18 18:29 hostcert.pem
-r--r----- 1 root hostkey 1857 Apr 18 18:29 hostkey.pem
/etc/grid-security/certificates:
-rw-r--r-- 1 root root 2053 Apr 17 08:55 420d2f6e.0
-rw-r--r-- 1 root root 57 Apr 19 11:53 420d2f6e.crl_url
-rw-r--r-- 1 root root 3728 Apr 19 11:53 420d2f6e.r0
-rw-r--r-- 1 root root 258 Apr 18 23:55 420d2f6e.signing_policy
unixODBC driver:
server ~ # odbcinst -j
unixODBC 2.2.11
DRIVERS............: /etc/unixODBC/odbcinst.ini
SYSTEM DATA SOURCES: /etc/unixODBC/odbc.ini
USER DATA SOURCES..: /root/.odbc.ini
server ~ # cat /etc/unixODBC/odbcinst.ini
[MySQL]
Description = MySQL ODBC driver for linux, version 3-51.15
Driver = /opt/mysql.com/lib/libmyodbc3.so
Setup = /opt/mysql.com/lib/libmyodbc3S.so
FileUsage = 1
UsageCount = 1
[PostgreSQL]
Description = PostgreSQL ODBC driver for Linux
Driver = /opt/postgresql.org/lib/psqlodbcw.so
FileUsage = 1
AMGA user:
server ~ # cat /etc/group | grep amga
amga:x:1084:
hostkey:x:1085:root,amga
server ~ # cat /etc/passwd | grep amga
amga:x:10302:1084::/home/amga:/bin/bash
server ~ # ls -ld /etc/amga /var/log/amga
drwxr-xr-x 2 amga amga 4096 Apr 18 14:25 /etc/amga
drwxr-xr-x 2 amga amga 4096 Apr 18 14:26 /var/log/amga
Gentoo config, initscript - single AMGA
server ~ # ls -l /etc/amga/
total 8
-rw-r--r-- 1 amga amga 1724 May 22 11:50 amgad.config
server ~ # cat /etc/conf.d/amgad
AMGAUSER=amga
AMGABIN=/opt/amga/bin/amgad
AMGACONF=/etc/amga/amgad.config
AMGALOG=/var/log/amga/amga.log
AMGAOPTS="-D -c $AMGACONF -l $AMGALOG"
server ~ # cat /etc/init.d/amgad
#!/sbin/runscript
depend() {
use mysql
use logger
}
start() {
ebegin "Starting amgad"
start-stop-daemon --start -c $AMGAUSER --exec $AMGABIN -- $AMGAOPTS
eend $?
}
stop() {
ebegin "Stopping amgad"
start-stop-daemon --stop -c $AMGAUSER --exec $AMGABIN
eend $?
}
Gentoo config, initscript - multiple AMGAs:
server ~ # ls -l /etc/amga/
total 8
-rw-r--r-- 1 amga amga 1724 May 22 11:50 amgadmysql.config
-rw-r--r-- 1 amga amga 1742 May 22 11:49 amgadpostgresql.config
server ~ # ls -l /etc/conf.d/amgad*
-rw-r--r-- 1 root root 222 May 22 11:03 /etc/conf.d/amgad
lrwxrwxrwx 1 root root 5 May 22 11:03 /etc/conf.d/amgadmysql -> amgad
lrwxrwxrwx 1 root root 5 May 22 11:03 /etc/conf.d/amgadpostgresql -> amgad
server ~ # cat /etc/conf.d/amgad
AMGADB=${SVCNAME##amgad}
AMGAUSER=amga
AMGABIN=/opt/amga/bin/amgad
AMGACONF=/etc/amga/amgad${AMGADB}.config
AMGALOG=/var/log/amga/amgad${AMGADB}.log
AMGAOPTS=" -c $AMGACONF -l $AMGALOG"
AMGAPID=/var/run/amgad${AMGADB}.pid
server ~ # ls -l /etc/init.d/amgad*
-rwxr-xr-x 1 root root 388 May 22 11:10 /etc/init.d/amgad
lrwxrwxrwx 1 root root 5 May 22 10:31 /etc/init.d/amgadmysql -> amgad
lrwxrwxrwx 1 root root 5 May 22 10:28 /etc/init.d/amgadpostgresql -> amgad
server ~ # cat /etc/init.d/amgad
#!/sbin/runscript
depend() {
use ${AMGADB}
use logger
}
start() {
ebegin "Starting amga using ${AMGADB}"
start-stop-daemon --start -c $AMGAUSER --pidfile $AMGAPID --exec $AMGABIN --background -m -- $AMGAOPTS
eend $?
}
stop() {
ebegin "Stopping ${AMGADB} amga instance"
start-stop-daemon --stop -c $AMGAUSER --pidfile $AMGAPID --exec $AMGABIN
eend $?
}
Setup:
Creating "amga" database (assumes amga DB user)
amga@server ~/amga/dbsetup $ cat createDBMySQL.sh
#!/bin/bash
mysql -uthauer -p <<EOF
drop database if exists amga;
create database amga;
GRANT ALL PRIVILEGES ON amga.* TO 'amga'@'localhost';
EOF
amga@server ~/amga/dbsetup $ cat createDBPSQL.sh
#!/bin/bash
dropdb -Upostgres amga
createdb -Upostgres amga
psql -Upostgres <<EOF
ALTER DATABASE amga OWNER TO amga;
EOF
ODBC setup
amga@server $ cat ~/.odbc.ini
[MySQL]
Description = AMGA metadata catalog database
Driver = MySQL
Server = localhost
User = amga
Database = amga
Password = ****
Trace = Yes
TraceFile = /var/log/amga/odbc.log
ReadOnly = No
[PSQL]
Description = AMGA metadata catalogue database
Driver = PostgreSQL
Trace = Yes
TraceFile = /var/log/amga/odbc.log
Database = amga
Servername = localhost
UserName = amga
Password = ****
ReadOnly = No
ODBC test
amga@server ~ $ echo "select current_date;" | isql -b -d' ' PSQL
2007-05-22
amga@server ~ $ echo "select current_date;" | isql -b -d' ' MySQL
2007-05-22
Database Initialisation
amga@server ~/amga/dbsetup $ sed -e 's/metadata/amga/' /opt/amga/share/doc/*/createInitialMySQL5.sql > \
createInitialMySQL.sql
amga@server ~/amga/dbsetup $ mysql -p -u amga amga < createInitialMySQL.sql
Enter password:
amga@server ~/amga/dbsetup $ echo "show tables;" | isql -b -m30 MySQL
+-------------------------------+
| Tables_in_amga |
+-------------------------------+
| amga |
| certificates |
| constraints |
| groups |
| guids |
| masterindex |
| masters |
| mounts |
| replicas |
| sequencer |
| sites |
| users |
| usersequences |
+-------------------------------+
SQLRowCount returns 13
13 rows fetched
amga@server ~/amga/dbsetup $ psql -Uamga amga < createInitialPG.sql
Password for user amga:
amga@server ~/amga/dbsetup $ echo "select table_name from information_schema.tables "\
"where table_catalog='amga' and table_type='BASE TABLE' and table_schema='public';" \
| isql -b -m30 PSQL
+-------------------------------+
| table_name |
+-------------------------------+
| groups |
| certificates |
| users |
| replicas |
| guids |
| sites |
| transactions |
| subscriptions |
| subscribers |
| mounts |
| constraints |
| masterindex |
| amga |
| masters |
| logs |
+-------------------------------+
SQLRowCount returns 15
15 rows fetched
AMGAD first start - no authentication
amga@server ~ $ grep RequireAuthentication /etc/amga/*
/etc/amga/amgadmysql.config:RequireAuthentication = 0
/etc/amga/amgadpostgresql.config:RequireAuthentication = 0
amga@server ~ $ sudo /etc/init.d/amgadpostgresql start
* Starting amga using postgresql ... [ ok ]
amga@server ~ $ sudo /etc/init.d/amgadmysql start
* Starting amga using mysql ... [ ok ]
Create root user (client side):
thauer@client $ cat createroot.sh
[ -z $2 ] && exit
cat >| /tmp/mdclient.config <<EOF
Host = $1
Port = $2
Login = root
EOF
/opt/amga/bin/mdclient -c /tmp/mdclient.config <<EOF
user_create root
user_subject_add root 'C = ES, O = Maat_GKnowledge, CN = Tamas Hauer'
quit
EOF
rm -rf /tmp/mdclient.config
thauer@client $ ./createroot.sh server.cern.ch 8822
Connecting to server.cern.ch:8822...
ARDA Metadata Server 1.2.10
Query> user_create root
Query> user_subject_add root 'C = ES, O = Maat_GKnowledge, CN = Tamas Hauer'
Query> quit
Exiting
thauer@client $ ./createroot.sh server.cern.ch 8833
Connecting to server.cern.ch:8833...
ARDA Metadata Server 1.2.10
Query> user_create root
Query> user_subject_add root 'C = ES, O = Maat_GKnowledge, CN = Tamas Hauer'
Query> quit
Exiting
Restore authentication:
amga@server ~ $ grep RequireAuthentication /etc/amga/*
/etc/amga/amgadmysql.config:RequireAuthentication = 1
/etc/amga/amgadpostgresql.config:RequireAuthentication = 1
amga@server ~ $ sudo /etc/init.d/amgadmysql restart
* Stopping mysql amga instance ... [ ok ]
* Starting amga using mysql ... [ ok ]
amga@server ~ $ sudo /etc/init.d/amgadpostgresql restart
* Stopping postgresql amga instance ... [ ok ]
* Starting amga using postgresql ... [ ok ]
With this, all the server-side tweaking has finished. AMGA is
running and we can access it as root. 'rc-update add
amga[mysql|postgresql] default' puts the server into the default
boot sequence.
Using AMGA...
Some useful aliases - useful while accessing multiple AMGA
instances:
thauer@client $ cat /home/thauer/work/amga/alias.sh
mdc_base=~/work/amga/mdc.base
mdconfig=~/.mdclient.config
mdclient="/opt/amga/bin/mdclient"
mkfifo $mdconfig 2>/dev/null
alias amgamy=" sed -e 's/_PORT_/8822/' -e 's/_USER_/tamas_hauer/' $mdc_base > $mdconfig & $mdclient"
alias amgamy.root="sed -e 's/_PORT_/8822/' -e 's/_USER_/root/' $mdc_base > $mdconfig & $mdclient"
alias amgapg=" sed -e 's/_PORT_/8833/' -e 's/_USER_/tamas_hauer/' $mdc_base > $mdconfig & $mdclient"
alias amgapg.root="sed -e 's/_PORT_/8833/' -e 's/_USER_/root/' $mdc_base > $mdconfig & $mdclient"
thauer@client $ cat /home/thauer/work/amga/mdc.base
Login = _USER_
Host = server.cern.ch
Port = _PORT_
UseSSL = require
AuthenticateWithCertificate = 1
CertFile = /home/thauer/.globus/usercert.pem
KeyFile = /home/thauer/.globus/userkey.pem
PrivateKeyPassword = ""
TrustedCertDir = /etc/grid-security/certificates
VerifyServerCert = 1
#IgnoreCertificateNameMismatch = 1
PermissionMask = rwx
GroupMask = r--
Working on the client side - creating users and directories:
thauer@client $ cat work/amga/usersetup
user_create tamas_hauer
user_create dmitry_rogulin
user_create andrew_branson
user_create jetendr_shamdasani
grp_create uwe
grp_adduser uwe tamas_hauer
grp_adduser uwe andrew_branson
grp_adduser uwe dmitry_rogulin
grp_adduser uwe jetendr_shamdasani
user_subject_add tamas_hauer 'C = ES, O = Maat_GKnowledge, CN = Tamas Hauer'
user_subject_add dmitry_rogulin 'C = ES, O = Maat_GKnowledge, CN = Dmitry Rogulin'
user_subject_add andrew_branson 'C = ES, O = Maat_GKnowledge, CN = Andrew Branson'
user_subject_add jetendr_shamdasani 'C = ES, O = Maat_GKnowledge, CN = Jetendr Shamdasani'
user_subject_add root 'C = ES, O = Maat_GKnowledge, CN = Dmitry Rogulin'
user_subject_add root 'C = ES, O = Maat_GKnowledge, CN = Andrew Branson'
user_subject_add root 'C = ES, O = Maat_GKnowledge, CN = Jetendr Shamdasani'
quit
thauer@client $ amgamy.root < /home/thauer/work/amga/usersetup
thauer@client $ amgapg.root < /home/thauer/work/amga/usersetup
thauer@client $ cat dirsetup
createdir DATA
acl_add DATA root:uwe rwx
createdir home
cd home
createdir dmitry
createdir andy
createdir tamas
createdir jet
chown dmitry dmitry_rogulin
chown andy andrew_branson
chown tamas tamas_hauer
chown jet jetendr_shamdasani
quit
thauer@client $ amgamy.root < /home/thauer/work/amga/dirsetup
thauer@client $ amgapg.root < /home/thauer/work/amga/dirsetup
--
Tamás Hauer
University of the West of England
PH/UCM, CERN
Geneve 23 Switzerland 1211
Tel: (+41)-22-767-3373
Fax: (+41)-22-766-9107
http://cern.ch/tamas.hauer