Hi John,
Looking at https://github.com/cernops/puppet-voms/tree/master/manifests
I didn't see an entry for 'gridpp' (or any other non-core VOs) so I
assumed that it wasn't available. However, it turns out that I am
using (like you are I guess) the HEP-Puppet fork so they're all
available. Brilliant!
However, it's still a shame that we have to do the mkgridmap stuff
manually, has anyone attempted to centralise that?
Cheers,
Matt
On 20 July 2016 at 12:05, John Hill <[log in to unmask]> wrote:
> Hi Matt,
> I don't believe that you don't need the voms::client... section. For
> example, a snippet of my config for ATLAS and GridPP has (hopefully cut and
> pasted correctly!):
>
> class{"voms::atlas":}
> class{"voms::gridpp":}
>
> $groupmap = {
> "vomss://voms2.cern.ch:8443/voms/atlas?/atlas" => "atlas",
> "vomss://lcg-voms2.cern.ch:8443/voms/atlas?/atlas" => "atlas",
> "vomss://voms.gridpp.ac.uk:8443/voms/gridpp?/gridpp" =>
> "gridpp",
> }
>
> lcgdm::mkgridmap::file {"lcgdm-mkgridmap":
> configfile => "/etc/lcgdm-mkgridmap.conf",
> mapfile => "/etc/lcgdm-mapfile",
> localmapfile => "/etc/lcgdm-mapfile-local",
> logfile => "/var/log/lcgdm-mkgridmap.log",
> groupmap => $groupmap,
> localmap => {"nobody" => "nogroup"}
>
> Cheers,
> John
>
>
> On 20/07/2016 11:28, Matt Williams wrote:
>>
>> Hi all,
>>
>> I'm currently working on installing our new disk servers with the
>> newest version of DPM using the new LCG puppet modules. Following
>> through
>> https://svnweb.cern.ch/trac/lcgdm/wiki/Dpm/Admin/InstallationConfigurationPuppetSimple
>> seems simple enough but the section on the Grid map file seems quite
>> heavy
>> (https://svnweb.cern.ch/trac/lcgdm/wiki/Dpm/Admin/InstallationConfigurationPuppetSimple#Createthegridmapfile)
>>
>> It requires a very verbose formatting of the approved VOs information
>> (pasted at the end of this email) which is going to be difficult to
>> keep up to date. Is there any place that this information is
>> centralised in an automatic way that can be read by these puppet
>> modules? Given that every site in the UK (and maybe even in the world)
>> will have an identical config here it seems strange to have to have
>> this repeated at every site.
>>
>> Any thoughts?
>>
>> Cheers,
>> Matt
>>
>> class{"voms::atlas":}
>> class{"voms::dteam":}
>> class{"voms::ops":}
>> voms::client{'gridpp':
>> vo => 'gridpp',
>> servers => [{server => 'voms.gridpp.ac.uk',
>> port => '15000',
>> dn =>
>> '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
>> ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK
>> e-Science CA 2B'
>> },
>> {server => 'voms02.gridpp.ac.uk',
>> port => '15000',
>> dn =>
>> '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
>> ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK
>> e-Science CA 2B'
>> },
>> {server => 'voms03.gridpp.ac.uk',
>> port => '15000',
>> dn =>
>> '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms03.gridpp.ac.uk',
>> ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK
>> e-Science CA 2B'
>> },
>> ],
>> }
>> <snip>
>>
>> $groupmap = {
>> "vomss://voms2.cern.ch:8443/voms/alice?/alice"
>> => "alice",
>> "vomss://lcg-voms2.cern.ch:8443/voms/alice?/alice"
>> => "alice",
>> "vomss://voms2.cern.ch:8443/voms/atlas?/atlas"
>> => "atlas",
>> "vomss://lcg-voms2.cern.ch:8443/voms/atlas?/atlas"
>> => "atlas",
>> "vomss://cclcgvomsli01.in2p3.fr:8443/voms/biomed?/biomed"
>> => "biomed",
>> "vomss://voms-prg.bifi.unizar.es:8443/voms/fusion?/fusion"
>> => "fusion",
>>
>> "vomss://voms.gridpp.ac.uk:8443/voms/na62.vo.gridpp.ac.uk?/na62.vo.gridpp.ac.uk"
>> => "na62.vo.gridpp.ac.uk",
>>
>> "vomss://voms02.gridpp.ac.uk:8443/voms/na62.vo.gridpp.ac.uk?/na62.vo.gridpp.ac.uk"
>> => "na62.vo.gridpp.ac.uk",
>>
>> "vomss://voms03.gridpp.ac.uk:8443/voms/na62.vo.gridpp.ac.uk?/na62.vo.gridpp.ac.uk"
>> => "na62.vo.gridpp.ac.uk",
>>
>> "vomss://voms.gridpp.ac.uk:8443/voms/cernatschool.org?/cernatschool.org"
>> => "cernatschool.org",
>> "vomss://voms.gridpp.ac.uk:8443/voms/gridpp?/gridpp"
>> => "gridpp",
>> "vomss://voms2.cern.ch:8443/voms/lhcb?/lhcb"
>> => "lhcb",
>> "vomss://lcg-voms2.cern.ch:8443/voms/lhcb?/lhcb"
>> => "lhcb",
>> "vomss://voms2.cern.ch:8443/voms/ops?/ops"
>> => "ops",
>> "vomss://lcg-voms2.cern.ch:8443/voms/ops?/ops"
>> => "ops",
>> "vomss://voms.hellasgrid.gr:8443/voms/dteam?/dteam"
>> => "dteam"
>> <snip>
>> }
>>
>> lcgdm::mkgridmap::file {"lcgdm-mkgridmap":
>> configfile => "/etc/lcgdm-mkgridmap.conf",
>> mapfile => "/etc/lcgdm-mapfile",
>> localmapfile => "/etc/lcgdm-mapfile-local",
>> logfile => "/var/log/lcgdm-mkgridmap.log",
>> groupmap => $groupmap,
>> localmap => {}
>> }
>>
>
|