Hi Matt,
That looks a lot out of date. I first experimented with this on a
dummy disk node, and so was able to see what was really there! If you
look at the contents of the lcgdm-voms puppet module, you'll find a much
longer list (including gridpp). Indeed, I found all the VOs I support in
the puppet module.
Cheers,
John
On 20/07/2016 12:15, Matt Williams wrote:
> Hi John,
>
> Looking at https://github.com/cernops/puppet-voms/tree/master/manifests
> I didn't see an entry for 'gridpp' (or any other non-core VOs) so I
> assumed that it wasn't available. However, it turns out that I am
> using (like you are I guess) the HEP-Puppet fork so they're all
> available. Brilliant!
>
> However, it's still a shame that we have to do the mkgridmap stuff
> manually, has anyone attempted to centralise that?
>
> Cheers,
> Matt
>
> On 20 July 2016 at 12:05, John Hill <[log in to unmask]> wrote:
>> Hi Matt,
>> I don't believe that you don't need the voms::client... section. For
>> example, a snippet of my config for ATLAS and GridPP has (hopefully cut and
>> pasted correctly!):
>>
>> class{"voms::atlas":}
>> class{"voms::gridpp":}
>>
>> $groupmap = {
>> "vomss://voms2.cern.ch:8443/voms/atlas?/atlas" => "atlas",
>> "vomss://lcg-voms2.cern.ch:8443/voms/atlas?/atlas" => "atlas",
>> "vomss://voms.gridpp.ac.uk:8443/voms/gridpp?/gridpp" =>
>> "gridpp",
>> }
>>
>> lcgdm::mkgridmap::file {"lcgdm-mkgridmap":
>> configfile => "/etc/lcgdm-mkgridmap.conf",
>> mapfile => "/etc/lcgdm-mapfile",
>> localmapfile => "/etc/lcgdm-mapfile-local",
>> logfile => "/var/log/lcgdm-mkgridmap.log",
>> groupmap => $groupmap,
>> localmap => {"nobody" => "nogroup"}
>>
>> Cheers,
>> John
>>
>>
>> On 20/07/2016 11:28, Matt Williams wrote:
>>>
>>> Hi all,
>>>
>>> I'm currently working on installing our new disk servers with the
>>> newest version of DPM using the new LCG puppet modules. Following
>>> through
>>> https://svnweb.cern.ch/trac/lcgdm/wiki/Dpm/Admin/InstallationConfigurationPuppetSimple
>>> seems simple enough but the section on the Grid map file seems quite
>>> heavy
>>> (https://svnweb.cern.ch/trac/lcgdm/wiki/Dpm/Admin/InstallationConfigurationPuppetSimple#Createthegridmapfile)
>>>
>>> It requires a very verbose formatting of the approved VOs information
>>> (pasted at the end of this email) which is going to be difficult to
>>> keep up to date. Is there any place that this information is
>>> centralised in an automatic way that can be read by these puppet
>>> modules? Given that every site in the UK (and maybe even in the world)
>>> will have an identical config here it seems strange to have to have
>>> this repeated at every site.
>>>
>>> Any thoughts?
>>>
>>> Cheers,
>>> Matt
>>>
>>> class{"voms::atlas":}
>>> class{"voms::dteam":}
>>> class{"voms::ops":}
>>> voms::client{'gridpp':
>>> vo => 'gridpp',
>>> servers => [{server => 'voms.gridpp.ac.uk',
>>> port => '15000',
>>> dn =>
>>> '/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk',
>>> ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK
>>> e-Science CA 2B'
>>> },
>>> {server => 'voms02.gridpp.ac.uk',
>>> port => '15000',
>>> dn =>
>>> '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk',
>>> ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK
>>> e-Science CA 2B'
>>> },
>>> {server => 'voms03.gridpp.ac.uk',
>>> port => '15000',
>>> dn =>
>>> '/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms03.gridpp.ac.uk',
>>> ca_dn => '/C=UK/O=eScienceCA/OU=Authority/CN=UK
>>> e-Science CA 2B'
>>> },
>>> ],
>>> }
>>> <snip>
>>>
>>> $groupmap = {
>>> "vomss://voms2.cern.ch:8443/voms/alice?/alice"
>>> => "alice",
>>> "vomss://lcg-voms2.cern.ch:8443/voms/alice?/alice"
>>> => "alice",
>>> "vomss://voms2.cern.ch:8443/voms/atlas?/atlas"
>>> => "atlas",
>>> "vomss://lcg-voms2.cern.ch:8443/voms/atlas?/atlas"
>>> => "atlas",
>>> "vomss://cclcgvomsli01.in2p3.fr:8443/voms/biomed?/biomed"
>>> => "biomed",
>>> "vomss://voms-prg.bifi.unizar.es:8443/voms/fusion?/fusion"
>>> => "fusion",
>>>
>>> "vomss://voms.gridpp.ac.uk:8443/voms/na62.vo.gridpp.ac.uk?/na62.vo.gridpp.ac.uk"
>>> => "na62.vo.gridpp.ac.uk",
>>>
>>> "vomss://voms02.gridpp.ac.uk:8443/voms/na62.vo.gridpp.ac.uk?/na62.vo.gridpp.ac.uk"
>>> => "na62.vo.gridpp.ac.uk",
>>>
>>> "vomss://voms03.gridpp.ac.uk:8443/voms/na62.vo.gridpp.ac.uk?/na62.vo.gridpp.ac.uk"
>>> => "na62.vo.gridpp.ac.uk",
>>>
>>> "vomss://voms.gridpp.ac.uk:8443/voms/cernatschool.org?/cernatschool.org"
>>> => "cernatschool.org",
>>> "vomss://voms.gridpp.ac.uk:8443/voms/gridpp?/gridpp"
>>> => "gridpp",
>>> "vomss://voms2.cern.ch:8443/voms/lhcb?/lhcb"
>>> => "lhcb",
>>> "vomss://lcg-voms2.cern.ch:8443/voms/lhcb?/lhcb"
>>> => "lhcb",
>>> "vomss://voms2.cern.ch:8443/voms/ops?/ops"
>>> => "ops",
>>> "vomss://lcg-voms2.cern.ch:8443/voms/ops?/ops"
>>> => "ops",
>>> "vomss://voms.hellasgrid.gr:8443/voms/dteam?/dteam"
>>> => "dteam"
>>> <snip>
>>> }
>>>
>>> lcgdm::mkgridmap::file {"lcgdm-mkgridmap":
>>> configfile => "/etc/lcgdm-mkgridmap.conf",
>>> mapfile => "/etc/lcgdm-mapfile",
>>> localmapfile => "/etc/lcgdm-mapfile-local",
>>> logfile => "/var/log/lcgdm-mkgridmap.log",
>>> groupmap => $groupmap,
>>> localmap => {}
>>> }
>>>
>>
|