Changes between Version 13 and Version 14 of NagiosProbes

Show
Ignore:
Timestamp:
07/18/13 15:12:32 (11 years ago)
Author:
piontek
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • NagiosProbes

    v13 v14  
    1313= Deployment steps = 
    1414The installation and configuration of the Nagios probe consists of two mandatory steps: 
    15 * installation of the set of trusted Certificate Authorities certificates, 
     15* [https://www.qoscosgrid.org/trac/qcg/wiki/CA%20certificates installation of the set of trusted Certificate Authorities certificates], 
    1616* installation of the probe and all packages it depends on. 
    17  
    18 == Certificate authorities == 
    19 To enable mutual authentication and secure communication between the client (which is used by the probe) and the QCG-Broker service set of trusted CA certificates must be copied either into the /etc/grid-security/certificates directory or configured individually for the test user.  
    20  
    21 === EGI IGTF CAs === 
    22 Install EGI Accepted CA certificates (this also install the Polish Grid CA) 
    23 * Add appropriate YUM repository 
    24 {{{ 
    25 #!div style="font-size: 90%" 
    26 {{{#!sh 
    27 cat > /etc/yum.repos.d/egi-trustanchors.repo << EOF 
    28 [EGI-trustanchors] 
    29 name=EGI-trustanchors 
    30 baseurl=http://repository.egi.eu/sw/production/cas/1/current/ 
    31 gpgkey=http://repository.egi.eu/sw/production/cas/1/GPG-KEY-EUGridPMA-RPM-3 
    32 gpgcheck=1 
    33 enabled=1 
    34 EOF 
    35 }}} 
    36 }}} 
    37  
    38 * Install certificates 
    39 {{{ 
    40 #!div style="font-size: 90%" 
    41 {{{#!sh 
    42 yum install ca-policy-egi-core 
    43 }}} 
    44 }}} 
    45  
    46 The above instruction is based on this [https://wiki.egi.eu/wiki/EGI_IGTF_Release manual] 
    47  
    48 === PL-Grid Simpla-CA certificate (PL-Grid only) === 
    49 * Add appropriate YUM repository 
    50 {{{ 
    51 #!div style="font-size: 90%" 
    52 {{{#!sh 
    53 cat > /etc/yum.repos.d/plgrid.repo << EOF 
    54 [PLGRID-general] 
    55 name=PLGRID general packages repository 
    56 baseurl=http://software.plgrid.pl/packages/general/ 
    57 enabled=1 
    58 metadata_expire=300 
    59 gpgcheck=0 
    60 EOF 
    61 }}} 
    62 }}} 
    63  
    64 * Install certificates 
    65 {{{ 
    66 #!div style="font-size: 90%" 
    67 {{{#!sh 
    68 yum install ca_PLGRID-SimpleCA 
    69 }}} 
    70 }}} 
    71  
    72  
    73 === Certificate Revocation List - CLR === 
    74 Configure the system to periodically update the information about revoked certificates. 
    75  
    76 * Add appropriate YUM repository 
    77 {{{ 
    78 #!div style="font-size: 90%" 
    79 {{{#!sh 
    80 cat > /etc/yum.repos.d/fetch-crl.repo << EOF 
    81 [EUGRIDPMA-fetch-crl] 
    82 name=EUGRIDPMA fetch-crl repository 
    83 baseurl=https://dist.eugridpma.info/distribution/util/fetch-crl3/ 
    84 enabled=1 
    85 metadata_expire=300 
    86 gpgcheck=0 
    87 EOF 
    88 }}} 
    89 }}} 
    90  
    91 * Install certificate revocation list fetching utility  
    92 {{{ 
    93 #!div style="font-size: 90%" 
    94 {{{#!sh 
    95 yum install fetch-crl 
    96 }}} 
    97 }}} 
    98  
    99 * Get fresh CRLs now 
    100 {{{ 
    101 #!div style="font-size: 90%" 
    102 {{{#!sh 
    103 /usr/sbin/fetch-crl  
    104 }}} 
    105 }}} 
    106  
    107 * Install cron job for fetching CRLs 
    108 {{{ 
    109 #!div style="font-size: 90%" 
    110 {{{#!sh 
    111 cat > /etc/cron.daily/fetch-crl.cron << EOF 
    112 #!/bin/sh  
    113 /usr/sbin/fetch-crl 
    114 EOF 
    115 }}} 
    116 }}} 
    117  
    118 {{{ 
    119 #!div style="font-size: 90%" 
    120 {{{#!sh 
    121 chmod a+x /etc/cron.daily/fetch-crl.cron 
    122 }}} 
    123 }}} 
    124  
    125  
    126  
    127  
    12817 
    12918== QCG-Broker Nagios Probe ==