Aquilon VM gateway for development

Owned by Thomas, Jyothish (STFC,RAL,SC)
Last updated: Apr 03, 2023
1 min read

These instructions are to build a gateway to dev echo from an openstack VM using aquilon.

  1. Login to openstack and create a VM using scientificlinux7-aq image. recommended c3-medium size

  2. ssh into the VM and run:

    1. userdel fedora

    2. userdel centos
      as these conflict with aquilon user ids

    3. hostname
      to get the FQDN for this machine. It should end with nubes.stfc.ac.uk

  3. copy /etc/grid-security/xrootd/sss.keytab.grp, /etc/ceph and /etc/grid-security/xrootd as needed from dev-gw

  4. log into aquilon and create a sandbox

  5. Edit the following files

    1. edit ./ral-tier1/features/ceph/xrootd-unified-gw/xrootd-unified.cfg

      1. Configure gsi security:
         xrootd.seclib /usr/lib64/libXrdSec.so
         sec.protocol unix
        sec.protbind * only unix

      2. comment section Use VOMS for WebDAV transfers with voms-mapfile overrides

      3. comment out TLS, leave only xrootd.tls off

      4. add xrd.trace all at the end

    2. edit shared/common/ceph/lhc-voms/voms-authdb

      1. add root and your fedid like “u root \dteam: a /dteam: a” or other pools as needed

  6. run aq make --archetype ral-tier1 --personality ceph-unified-gw-echo-test --hostname <hostname>

  7. check “tail -f /var/log/ncm-cdispd.log” and run “quattor-configure --all” to manually reattempt the configuration