On Thu, 2 Sep 2004, Steve Traylen wrote:
> > I'm at the UK AHM and have recently come across an issue at Cambridge where
> > Atlas jobs appear to be contacting the BDII from the WNs. Is this connection
> > (not sure if it is SSH) correct or could it be a local configuration problem
> > in Cambridge (or an Atlas problem)?
> >
> > I expect to speak with Frederick later today if you want more information.
>
> It sounds correct, the replica manager client connects to the bdii
> to locate services.
Also the atlas software collects a list of SEs - they've been complaining
that it's slow, but I think that's mainly because they've been doing it
via edg-rm printInfo, which makes a large number of queries, rather
than doing it directly with LDAP.
The connection itself is insecure, you can read BDIIs from anywhere. If
LCG were to switch to R-GMA it would potentially offer both security and
remove the need for outbound WAN connections from the WN (for that purpose
at least), but that's likely to be some way off.
Stephen
|