On 11/25/2014 08:31 AM, Winnie Lacesso wrote:
> Good morning,
Yes, but a cold one (after 30 miles on my old Kawasaki).
> I've just built an emi-3 UI & when I voms-proxy-init --voms cms, when it
> round-robins (or whatever it is) to lcg-voms2.cern.ch, it doesn't work,
> but fortunately tries a next one:
>
> phpwl@lcgmon01> voms-proxy-init --voms cms
> Enter GRID pass phrase for this identity:
> Contacting lcg-voms2.cern.ch:15002 [/DC=ch/DC=cern/OU=computers/CN=lcg-voms2.cern.ch] "cms"...
> Error contacting lcg-voms2.cern.ch:15002 for VO cms: Connection refused
> Error contacting lcg-voms2.cern.ch:15002 for VO cms: Connection refused
There is a functioning server on that addr:port, i.e.
# telnet voms2.cern.ch 15002
Trying 128.142.142.78...
Connected to voms2.cern.ch.
Escape character is '^]'.
So it's "wrong" that your system says "connection refused". Try the
telnet test and see if you
get the same as me (Connected to voms2.cern.ch) or if you get anything
else. Suspect
firewall, routing, DNS, other network problems etc.
> I can't replicate this on pplxint8 (Oxford UI - the only one I have access
> to) as it *always* asks lcg-voms.cern.ch never lcg-voms2.cern.ch
> (which seems odd too) although I can force it to ask the new one with same
> failure as seen on Bristol UIs:
A new voms-proxy-init has no load balancing random selection. Another
new one does!
I suspect that your one does not, hence it always asks the first in the
list. Aren't these
defined in /etc/vomses/... ?
----------------------------------------------
# ls -lrt /etc/vomses/atlas-*
-rw-r--r-- 1 root root 98 Jul 14 12:11 /etc/vomses/atlas-lcg-voms.cern.ch
-rw-r--r-- 1 root root 90 Jul 14 12:11 /etc/vomses/atlas-voms.cern.ch
-rw-r--r-- 1 root root 100 Jul 14 12:11 /etc/vomses/atlas-lcg-voms2.cern.ch
-rw-r--r-- 1 root root 92 Jul 14 12:11 /etc/vomses/atlas-voms2.cern.ch
----------------------------------------------
In this case, it would always use (e.g.) /etc/vomses/atlas-lcg-voms.cern.ch
>
> lacesso@pplxint8> voms-proxy-init --voms cms
> Enter GRID pass phrase for this identity:
> Contacting lcg-voms.cern.ch:15002
> [/DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch] "cms"...
> Remote VOMS server contacted succesfully.
> Created proxy in /tmp/x509up_u1152.
> Your proxy is valid until Tue Nov 25 20:28:41 GMT 2014
>
> lacesso@pplxint8> voms-proxy-init --voms lcg-voms2.cern.ch:cms
> /* is that syntax wrong? What's the right syntax? */
I use voms-proxy-init --voms dteam --vomses
/etc/vomses/dteam-voms2.hellasgrid.gr to vary the voms server. There may
be other ways.
Cheers,
Steve
--
Steve Jones [log in to unmask]
System Administrator office: 220
High Energy Physics Division tel (int): 42334
Oliver Lodge Laboratory tel (ext): +44 (0)151 794 2334
University of Liverpool http://www.liv.ac.uk/physics/hep/
|