On 10 Jan 2011, at 13:50, J Coles wrote:
> Dear All
>
> Sorry for this blanket followup but I do not yet have details about which sites switched and those that did not.
>
> Please could I remind you of this ticket
https://gus.fzk.de/ws/ticket_info.php?ticket=65307. If your site appeared in the list and you did not take action to query only the
hellasgrid.gr VOMS for dteam please could you update now? We will review the status and ticket sites individually from next week.
>
> Many thanks,
> Jeremy
>
>
> On 15 Dec 2010, at 12:01, Jeremy Coles wrote:
>
>> Hi Stuart/Daniela/All
>>
>> I think the list may be using a much cruder approach having found this ticket earlier today
https://gus.fzk.de/ws/ticket_info.php?ticket=65323. A list seems to be created by checking which nodes are still querying the CERN based VOMS. However, David in GridIreland has pointed out to me:
>>
>> "we didn't disable the old VOMS servers for dteam for
>> mkgridmap.
>>
>>
https://wiki.egi.eu/wiki/Dteam_vo says "Note that CERN VOMS servers are to
>> remain in the site configuration during this transitional phase. "
>>
>> The last step is "9. Advise sites to drop CERN dteam configuration. " but no
>> date is given and I don't think we've received such a notification yet
>> (unless this is it!)."
>>
>> So I am not surprised now to see so many UKI sites listed, including those that are not part of EGI. In discussion with some of you I'm also in agreement that the broadcast system itself needs improvement to differentiate the large number of downtime notifications from requests for sites to take action and information updates. I did not get any message myself.
>>
>> I have asked for more information in the ticket assigned to UKI. They should at least test the hosts in their list with a dteam proxy from the new VOMS to see which have actually updated.
>>
>> Jeremy
>>
>> On 15 Dec 2010, at 11:55, Daniela Bauer wrote:
>>
>>> Hi Stuart,
>>>
>>> No acccording to the ticket they are looking for edg-mkgridmap.conf,
>>> which of course doesn't exist on a WMS.
>>> (my vomses dir had all the Greek voms stuff)
>>>
>>> Sigh.
>>>
>>> Daniela
>>>
>>>
>>> On 15 December 2010 11:50, Stuart Purdie <
[log in to unmask]> wrote:
>>>>
>>>> On 15 Dec 2010, at 09:37, Daniela Bauer wrote:
>>>>
>>>>> Same is true for gfe02 - what test are they running ?!
>>>>
>>>> Probably checking the VOMSES files in /opt/glite/etc/vomses
>>>>
>>>> On a WMS these are used to map the VO name into a vomses server, to be used to sign the VOMS extensions on a renewed proxy. (Similarly on a UI, for direct proxy creation)
>>>>
>>>> That's the problem we have^Whad:
>>>>
>>>> svr023# ls /opt/glite/etc/vomses/ | grep dteam
>>>>
dteam-lcg-voms.cern.ch
>>>>
dteam-voms.cern.ch
>>>>
>>>> Would be good to know more precisly, in case I'm guessing incorrectly. Anyway, the vomses files are needed. The instructions say to add the requisite bits to site-info.def, but doesn't say you need to re-run YAIM... (although I added them manually)
>>>>
>>>>
>>>>> [root@gfe02 dteam]# cat *hellas*
>>>>> /C=GR/O=HellasGrid/OU=
hellasgrid.gr/CN=voms2.hellasgrid.gr
>>>>> /C=GR/O=HellasGrid/OU=Certification Authorities/CN=HellasGrid CA 2006
>>>>> /C=GR/O=HellasGrid/OU=
hellasgrid.gr/CN=voms.hellasgrid.gr
>>>>> /C=GR/O=HellasGrid/OU=Certification Authorities/CN=HellasGrid CA 2006
>>>>>
>>>>> [root@gfe02 vomsdir]# ls *hellas*
>>>>> voms2.hellasgrid.gr.1650.lcg.pem voms.hellasgrid.gr.1649.lcg.pem
>>>>>
>>>>> Daniela
>>>>>
>>>>> On 15 December 2010 09:35, Daniela Bauer
>>>>> <
[log in to unmask]> wrote:
>>>>>>
>>>>>> I don't understand wmslb01 at Imperial. That has been up to date for
>>>>>> weeks, if it doesn't work it must be something else. (I assume they
>>>>>> mean the WMS, not the LB as V0s aren't defined on the LB).
>>>>>>
>>>>>> On 14 December 2010 17:30, Jeremy Coles <
[log in to unmask]> wrote:
>>>>>>> Dear All
>>>>>>>
>>>>>>> I missed broadcasts about this update but presumably they arrived if you are a site administrator?
>>>>>>>
>>>>>>> We now have a UKI ticket (
https://gus.fzk.de/ws/ticket_info.php?ticket=65307) that relates to many services at lots of sites. If your site appears in the list below, please could you check the broadcast and update as soon as possible or let me know if you believe there is a mistake here. The GGUS ticket will be duplicated and assigned to sites individually but since that may take time this message may get things done quicker.
>>>>>>>
>>>>>>> The text of the ticket:
>>>>>>>
>>>>>>> "Detailed description:
>>>>>>> Dear support staff,
>>>>>>>
>>>>>>> The following sites have hosts without updated configuration for the dteam VO as broadcasted on November 12th and December the 7th (
https://cic.gridops.org/index.php?section=vo&page=broadcast_archive&step=2&typeb=C&idbroadcast=48119). Please ask them to do so as soon as possible.
>>>>>>>
>>>>>>> EFDA-JET
grid001.jet.efda.org
>>>>>>> RAL-LCG2
lcglb01.gridpp.rl.ac.uk
>>>>>>> RAL-LCG2
lcglb01.gridpp.rl.ac.uk
>>>>>>> UKI-LT2-Brunel
dgc-grid-50.brunel.ac.uk
>>>>>>> UKI-LT2-IC-HEP
gfe02.grid.hep.ph.ic.ac.uk
>>>>>>> UKI-LT2-IC-HEP
wmslb01.hep.ph.ic.ac.uk
>>>>>>> UKI-LT2-RHUL
se2.ppgrid1.rhul.ac.uk
>>>>>>> UKI-LT2-RHUL
ui1.pp.rhul.ac.uk
>>>>>>> UKI-LT2-UCL-CENTRAL
gw-4.ccc.ucl.ac.uk
>>>>>>> UKI-LT2-UCL-HEP
lcg-dpm01.hep.ucl.ac.uk
>>>>>>> UKI-NORTHGRID-LANCS-HEP
abaddon.hec.lancs.ac.uk
>>>>>>> UKI-NORTHGRID-LANCS-HEP
fal-pygrid-30.lancs.ac.uk
>>>>>>> UKI-NORTHGRID-LIV-HEP
hepgrid11.ph.liv.ac.uk
>>>>>>> UKI-NORTHGRID-MAN-HEP
bohr3226.tier2.hep.manchester.ac.uk
>>>>>>> UKI-NORTHGRID-SHEF-HEP
lcgse0.shef.ac.uk
>>>>>>> UKI-SCOTGRID-DURHAM
se01.dur.scotgrid.ac.uk
>>>>>>> UKI-SCOTGRID-ECDF
se3.glite.ecdf.ed.ac.uk
>>>>>>> UKI-SCOTGRID-ECDF
se3.glite.ecdf.ed.ac.uk
>>>>>>> UKI-SCOTGRID-GLASGOW
svr023.gla.scotgrid.ac.uk
>>>>>>> UKI-SOUTHGRID-BHAM-HEP
epgse1.ph.bham.ac.uk
>>>>>>> UKI-SOUTHGRID-BRIS-HEP
lcgse02.phy.bris.ac.uk
>>>>>>> UKI-SOUTHGRID-CAM-HEP
serv02.hep.phy.cam.ac.uk
>>>>>>> UKI-SOUTHGRID-OX-HEP
t2se01.physics.ox.ac.uk
>>>>>>> cpDIASie
gridgate.cp.dias.ie
>>>>>>> csQUBuk
gridgate.besc.ac.uk
>>>>>>> csTCDie
gridstore.cs.tcd.ie
>>>>>>> csUCCie
gridstore.ucc.ie
>>>>>>> giDCUie
gridgate.dcu.ie
>>>>>>> giDITie
gridgate.dit.ie
>>>>>>> giNUIMie
gridstore.nuim.ie
>>>>>>> giRCSIie
gridgate.rcsi.ie
>>>>>>> giULie
gridgate.grid.ul.ie
>>>>>>> mpUCDie
gridstore.ucd.ie
>>>>>>> obsARMuk
gridgate.arm.ac.uk
>>>>>>> oxford-ngs2
ngs.oerc.ox.ac.uk
>>>>>>> ral-ngs2
ngswms01.ngs.ac.uk
>>>>>>> scgNUIGie
gridgate.scg.nuigalway.ie"
>>>>>>>
>>>>>>> And the text of the broadcast request:
>>>>>>>
>>>>>>> "The dteam VO voms servers are being migrated from CERN to NGI_GRNET.
>>>>>>> Please update your configuration no later than December 12th 2010 according to point 2 at
http://wiki.egi.eu/wiki/Dteam_vo . CiC portal also contains the new voms servers.
>>>>>>>
>>>>>>> The voms cert is being distributed in the latest version of the lcg-vomscert rpm.
>>>>>>>
>>>>>>> The new yaim variables are in the above wiki page."
>>>>>>>
>>>>>>> I need to check why I did not get the broadcasts. If you also did not receive them I am interested to know - possibly a subscription issue.
>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> -----------------------------------------------------------
>>>
[log in to unmask]
>>> HEP Group/Physics Dep
>>> Imperial College
>>> Tel: +44-(0)20-75947810
>>>
http://www.hep.ph.ic.ac.uk/~dbauer/