Changes between Version 94 and Version 95 of client_installation_guide_rpm

Timestamp:

10/03/12 10:34:48 (12 years ago)

Author:

piontek

Comment:

--

client_installation_guide_rpm

@@ -1 @@
-= QCG Broker Client Installation =
+= QCG-Client Installation =
 
 [[PageOutline]] 
+
+'''The QCG-Client is the command-line java based client to the QCG-Broker service.'''
 
 
 = Requirements =
 * '''PL-Grid LDAP integration''' - the machine where the client is to be installed has to be configured to allow users to log in to the their "plg*" accounts.
-* '''Packages requirements''' - all packages required by the QCG-Broker client will be automatically installed by YUM during the installation of qcg-broker-client package.
+* '''Packages requirements''' - all packages required by the QCG-Client will be automatically installed by YUM during the installation of qcg-broker-client package.
  * ''Java (>= 1.6)''\\
-* '''gridFTP server''' - the gridFTP server providing access to user's data for staging them in/out. It can be installed on the client machine (see Optional steps) or be any other instance of server having access to the data. 
+* '''GridFTP server''' - the GridFTP server providing access to user's data for staging them in/out. It can be installed on the client machine (see Optional steps) or be any other instance of server having access to the data. 
 
 = Mandatory steps =
-The installation and configuration of QCG-Broker client consists of two mandatory steps:
+The installation and configuration of the QCG-Client consists of two mandatory steps:
 * installation of set of trusted Certificate Authorities certificates,
 * installation of the client itself.
+
 == Certificate authorities ==
-
-To enable mutual authentication and secure communication between client and QCG-Broker service set of trusted CA certificates must be copied either into the /etc/grid-security/certificates directory or configured for every user. 
+To enable mutual authentication and secure communication between the client and the QCG-Broker service set of trusted CA certificates must be copied either into the /etc/grid-security/certificates directory or configured individually for every user. 
+
 === EGI IGTF CAs ===
 Install EGI Accepted CA certificates (this also install the Polish Grid CA)
@@ -45 +48 @@
 
 === PL-Grid Simpla-CA certificate (not part of IGTF) ===
-* Add appropriate YUM repositories
+* Add appropriate YUM repository
 {{{
 #!div style="font-size: 90%"
@@ -103 +106 @@
 }}}
 
-* Install cron job for it
+* Install cron job for fetching CRLs
 {{{
 #!div style="font-size: 90%"
@@ -125 +128 @@
 
 
-== QCG-Broker client ==
+== QCG-Client ==
+
 === Software repositories ===
-The packages are designed for Scientific Linux 5.x
+'''The packages are designed for Scientific Linux 5.x
+
 The installation process requires root privileges.
-
-* Install PL-Grid or/and QCG repositories:
- * Official PL-Grid repository
+'''
+
+* Add PL-Grid or/and QCG repositories:
+ * Official PL-Grid repository (recommended)
 {{{
 #!div style="font-size: 90%"
@@ -138 +144 @@
 }}}
 }}}
- * !QosCosGrid testing repository
+ * Official !QosCosGrid repository
 {{{
 #!div style="font-size: 90%"
@@ -151 +157 @@
 }}}
 }}}
- * !QosCosGrid developing repository (not recommended - only for testing purposes)
+ * !QosCosGrid developing repository (not recommended - mainly for developers and testers)
 {{{
 #!div style="font-size: 90%"
@@ -166 +172 @@
 
 === Installation ===
-* install QCG-Broker client using YUM Package Manager:
+* install QCG-Client using YUM Package Manager:
 {{{
 #!div style="font-size: 90%"
@@ -193 +199 @@
 * QCG_URL_DEFAULT - the URL of QCG-Broker service
 * QCG_DN_DEFAULT - the Distinguished Name of the QCG-Broker service
-* QCG_CLIENT_LOCATION_DEFAULT - the location ot the client. This value is set during the installation procedure and 
-
-Optionally it is possible to configure the host and port of GridFTP service which will be used by client to staging input/output files
-* GFTP_HOSTNAME - hostname of the host where the gridFTP server is installed. If the property is not set the default value is hostname of the host where the client is installed,
-* GFTP_PORT - port which the gridFTP server is listening on. If the property is not set the default value is "2811".
+* QCG_CLIENT_LOCATION_DEFAULT - the location of the client. This value is set during the installation procedure and shouldn't be modified.
+
+Optionally it is possible to configure the host and port of the GridFTP server which will be used by client for staging input/output files
+* GFTP_HOSTNAME - hostname of the host where the GridFTP server is installed. If the property is not set the default value is hostname of the host where the client is installed,
+* GFTP_PORT - port which the GridFTP server is listening on. If the property is not set the default value is "2811".
 
 Additionally it is possible to configure also the settings responsible for defining the policy for creation and refreshing of user's proxy.
-* QCG_PROXY_DURATION_DEFAULT - default length in hours of the created proxy 
-* QCG_PROXY_DURATION_MIN - minimal acceptable lifetime of the proxy. If the remaining lifetime of the proxy is smaller then the value, the proxy will be automatically recreated.
+* QCG_PROXY_DURATION_DEFAULT - default length in hours of the proxy created by QCG-Client,
+* QCG_PROXY_DURATION_MIN - minimal acceptable lifetime of the proxy. If the remaining lifetime of the proxy is smaller then the given value, the proxy is automatically recreated.
 
 
@@ -222 +228 @@
 
 '''IMPORTANT:'''
-To configure the client to contact the official, production instance of QCG-Broker service deployed on PLGrid infrastructure please use the following values:
+To configure the client to contact the official, production instance of the QCG-Broker service deployed on PLGrid infrastructure please use the following values:
 {{{
 #!div style="font-size: 110%"
@@ -232 +238 @@
 
 == Site configuration ==
-
 * Configure the site to display "the message of the day" for QCG-Client.
  The path to the motd file is ''/usr/share/qcg/qcg-broker-client/doc/motd''.
 * Configure the site for "nightly yum updates" to automatically install new versions of the client.
+
+
 = Optional steps =
-
-The optional steps consider installation and configuration of gridFTP server as well installation and configuration of the !GridMapFileGenerator tool being responsible for periodic creation of grid-map-file used by the server for authorisation and mapping users to physical accounts.
-
-The steps are for the case when there is no other gridFTP server providing access to user's data on the client machine and the dedicated instance of the server has to be installed.
-
-'''IMPORTANT:''' In most cases it should be possible to configure QCG-client to use the gridFTP server installed on the QCG-Computing site. Such configuration is recommended as it reduces number of software components that have to be maintained. 
+The optional steps consider installation and configuration of the GridFTP server as well installation and configuration of the !GridMapFileGenerator tool being responsible for periodic creation of grid-map-file used by the server for authorisation and mapping users to physical accounts.
+
+The steps are for the case when there is no other GridFTP server providing access to user's data on the client machine and the dedicated instance of the server has to be installed.
+
+'''IMPORTANT:''' In most cases it should be possible to configure QCG-client to use the GridFTP server installed on the QCG-Computing site. Such configuration is recommended as it reduces number of software components that have to be maintained. 
+
 == GridFTP server ==
-For the user convenience QCG client is able to stage in input data accessible from the host where it is installed and also to stage out output data there. The functionality requires the data to be accessible via gridFTP server. The gridFTP server can be installed on the client machine or it can be any gridFTP server having access to the data on client machine. The simplest and the most popular solution is to mount the same shared network file system on both machines. The mount point must be exact the same. Paths to data have to be exactly the same on both machines.
+For the user convenience QCG-client is able to stage in input data accessible from the host where it is installed and also to stage out output data there. The functionality requires the data to be accessible via GridFTP server. The GridFTP server can be installed on the client machine or it can be any GridFTP server having access to the data on client machine. The simplest and the most popular solution is to mount the same shared network file system on both machines. The mount point must be exact the same. Paths to data have to be exactly the same on both machines.
 
 
@@ -255 +262 @@
 }}}
 
-The grid-ftp server requires the X.509 certificate and key to be present in following locations
+The grid-ftp server requires the X.509 certificate and key to be present in the following locations
 * ''/etc/grid-security/hostcert.pem''
 * ''/etc/grid-security/hostkey.pem''
 
-The gridFTP server has to be configured to know the range of opened ports for connections.
+The GridFTP server has to be configured to know the range of opened ports for connections.
 Please edit the /etc/xinetd.d/gsiftp file and set the GLOBUS_TCP_PORT_RANGE environment variable.
 
@@ -305 +312 @@
 
 == Grid Mapfile ==
-To have access do data every authenticated user must be authorized by gridFTP server against the `grid-mapfile`. This file can be created manually by an administrator (if the service is run in "test mode") or generated automatically based on the LDAP directory service.
+To have access do data every authenticated user must be authorized by GridFTP server against the `grid-mapfile`. This file can be created manually by an administrator (if the service is run in "test mode") or generated automatically based on the LDAP directory service.
+
 === Manually created grid mapfile (for testing purpose only) ===
 {{{
@@ -314 +322 @@
 }}}
 }}}
+
 === LDAP generated grid mapfile ===
-* Create the ''qcg-dev'' group - this grou is allowed to read the configuration and log files.
+* Create the ''qcg-dev'' group - this group is allowed to read the configuration and log files.
 {{{
 #!div style="font-size: 90%"
@@ -352 +361 @@
 
 After installing and running this tool one can find three files:
- * /etc/grid-security/grid-mapfile.local - here you can put list of DN and local unix accounts name that will be merged with data acquired from local LDAP server
- * /etc/grid-security/grid-mapfile.deny - here you can put list od DN's (only DNs!) that you want to deny access to the QCG-Computing service
+ * /etc/grid-security/grid-mapfile.local - here you can put list of DNs and local unix account names that will be merged with data acquired from the local LDAP server
+ * /etc/grid-security/grid-mapfile.deny - here you can put list od DN's (only DNs!) that you want to deny access to the GridFTP server
  * /etc/grid-security/grid-mapfile - the final gridmap file generated using the above two files and information available in local LDAP server. Do not edit this file as it is generated automatically!