Table of Contents
The Grid Portlets Administrator's Guide describes how to install and configure the Grid Portlets web application. Please consult the User's Guide for more information on how to use Grid Portlets for managing jobs and data on the Grid. Please consult the Developer's Guide for more information on how to use Grid Portlets to develop custom Grid portal web applications.
Grid Portlets requires a deployed GridSphere version 2.1.1 or higher. Otherwise, Grid Portlets has the same initial pre-requisites as GridSphere, so please consult GridSphere's documentation if you have any questions.
The Ant build file, build.xml, uses the build.properties file to obtain user-specific compilation options. You may wish to edit build.properties appropriately for your needs. The default values should be sufficient for installing
To install Grid Portlets for the first time, run "ant install". This will compile and deploy the Grid Portlets web application and documentation to Tomcat. However, before installing, you should probably take the time to read TIPS.txt.
Start/restart tomcat to see the results. To be sure, check
the logs in $CATALINA_HOME/logs/catalina.out that no strange
errors occur. If all looks fine, login to GridSphere as the
"root" user.
When you login, go to the Profile Manager Portlet. You should see the "gridportlets" group as an available group to add to your user profile.
Add the Grid Portlets group to the root user's profile to in the Profile Manager Portlet. You should then see a "Grid" tab available in your tab view.
Whenever you update the Grid Portlets source code from a new distribution or from CVS you just need to run "ant update". This will deploy the latest Grid Portlets software and documentation to Tomcat, as well as update your existing Grid Portlets database.
Grid Portlets makes use of the Java Commodity Grid (CoG) Kit for performing many tasks on the Grid, including retrieving credentials from MyProxy, submitting jobs to Globus Gatekeepers, transferring files with Grid Ftp and setting up GASS servers to collect job output. We recommend you visit the Globus Cog Kits Website to learn more about Java CoG.
If you have set the "ogsa.version" property in build.properties to "ogsa-3.0.2", then Java Cog 1.1 will be used. If you have set the "ogsa.version" property to "ogsa-3.2.1", then Java CoG 1.2 will be used.
Configuring Java CoG amounts to setting properties
in ${HOME}/.globus/cog.properties.
That is, you should have a .globus
directory inside the home directory of the user under
which you are running your portal. For more information,
please consult the Java CoG manual.
Example 1. The "ip" property
ip=<YOUR-IP-ADDRESS>
This is a very handy property to set when you are developing on a laptop or host that gets its IP address from a DHCP server or some other means. Setting this property to the appropriate value will insure that you can collect job output when you are using the job submission portlet. You should not have to set this property, however, on hosts that have a permanent IP address _and_ that host is properly configured.
It's easy to setup and administer the set of resources the Grid Portlets web application makes available to users. Grid Portlets maintains a Resource Registry that contains information about resources Grid Portlets should make available to users. The Resource Registry can be used to describe hardware resources, the services that run on them, available software and user accounts.
The Resource Registry can be administered in one of two ways, by editing
$CATALINA_HOME/webapps/gridportlets/WEB-INF/Resources.xml
before startup or via the Resource Registry Portlet at runtime.
Grid Portlets deploys the ./webapp/WEB-INF/Resources.xml
file to its target web application directory when it is installed or
updated. This file contains a nested structure of hardware resource descriptions
that are imported into the database when the portal starts up.
You can edit this file, then redeploy the Grid Portlets web application with
"ant deploy" or "ant update" or replace it with another copy while the portal is
running and reload the file with the Resource Registry Portlet.
Below we include an example file configured to use resources in the GridLab Project.
Example 2. A sample Resources.xml
<?xml version="1.0" encoding="UTF-8"?>
<grid-resources>
<hardware-resource label="GridLab MyProxy"
description="Hosts The GridLab MyProxy"
hostname="myproxy.gridlab.org">
<myproxy-resource label="MyProxy"
description="Online Credential Repository"
portalProxyFile="/tmp/proxy.pem"
portalCertFile=""
portalKeyFile=""/>
</hardware-resource>
<hardware-resource label="GridLab GIIS"
description="Hosts The GridLab GIIS"
hostname="mds.gridlab.org">
<giis-resource label="GIIS"
description="Grid Information Index Service"
basedn="Mds-Vo-name=gridlab,o=grid"/>
</hardware-resource>
<hardware-resource label="Peyote"
description="AEI Peyote Cluster"
hostname="peyote.aei.mpg.de">
<gris-resource label="GRIS"
description="Grid Resource Information Service"/>
<gram-resource label="Globus Gatekeeper"
description="Globus Resource Management Service"/>
<gridftp-resource label="Grid Ftp"
description="Grid Ftp Service"/>
</hardware-resource>
<hardware-resource label="Helix"
description="LSU Helix Cluster"
hostname="helix.bcvc.lsu.edu">
<gris-resource label="GRIS"
description="Grid Resource Information Service"/>
<gram-resource label="Globus Gatekeeper"
description="Globus Resource Management Service"/>
<gridftp-resource label="Grid Ftp"
description="Grid Ftp Service"/>
</hardware-resource>
<hardware-resource label="SuperMike"
description="LSU SuperMike Cluster"
hostname="mike4.lsu.edu">
<gris-resource label="GRIS"
description="Grid Resource Information Service"/>
<gram-resource label="Globus Gatekeeper"
description="Globus Resource Management Service"/>
<gridftp-resource label="Grid Ftp"
description="Grid Ftp Service"/>
</hardware-resource>
</grid-resources>
![[Note]](common-images/note.png) | Note |
|---|---|
| The complete list of resource tags that Grid Portlets offers are provided in the Resource Tags Reference. |
When you login as the portal administrator (or an admin of the gridportlets) you will see the
Grid=>Registry tab containing the Resource Registry Portlet. Here you can edit the
the Resources.xml file deployed to $CATALINA_HOME/gridportlets/WEB-INF
directly from the portal.
| Note |
|---|---|
| The complete list of resource tags that Grid Portlets offers are provided in the Resource Tags Reference. |
Grid Portlets can be configured to support monitoring of resources and resource discovery. Grid Portlets offers an MDS2 Resource Provider Service that supports the ability to poll Grid Resource Information Service (GRIS) resources to monitor hardware resources and to poll Grid Index Information Service (GIIS) resources to discover hardware and other types of resources.
If MDS2 is installed on resources in your Grid, simply describe their location with the
gris-resource and giis-resource tags in
the Resource Registry. For example, in the GridLab project we would describe our
MDS2 resources as below:
<?xml version="1.0" encoding="UTF-8"?>
<hardware-resource label="GridLab GIIS"
description="Hosts The GridLab GIIS"
hostname="mds.gridlab.org">
<giis-resource label="GIIS"
description="Grid Information Index Service"
basedn="Mds-Vo-name=gridlab,o=grid"/>
</hardware-resource>
<hardware-resource label="Peyote"
description="AEI Peyote Cluster"
hostname="peyote.aei.mpg.de">
<gris-resource label="GRIS"
description="Grid Resource Information Service"/>
</hardware-resource>
| Note |
|---|---|
| It was our experience that GIIS did not perform well enough to use it for discovering hardware resources. In production, we simply made entries for all of the hardware resources in the Resource Registry, since this list did not change that often, and then used our GRIS resources to monitor the hardware resources for useful information. |
It is quite easy to utilize information services other than MDS2. Grid Portlets can be extended by developing new Resource Provider Services. This is described in more detail in the Developer's Guide.
In order to allow users to "sign-on" to the Grid with their GSI credentials, the portal must be configured to allow users to retrieve credentials from a "credential repository". Currently, the only credential repository Grid Portlets supports is MyProxy.
In order to allow users to retrieve credentials from the portal, you must have access to a MyProxy online credential repository. More information on MyProxy can be found at http://grid.ncsa.uiuc.edu/myproxy/. Essentially, MyProxy is used to store users credentials and provides command line tools to allow them to do this. The portal can then allow users to retrieve their credentials from MyProxy at login time in order to provide single sign-on access to remote resources.
There are three ways to configure Grid Portlets to use a MyProxy online creedential repository.
The following examples illustrate how to specify a MyProxy resource in
$GRIDSPHERE_HOME/projects/gridportlets/WEB-INF/Resources.xml.
| Note |
|---|---|
| Be sure to specify your own MyProxy server if you decide to copy one of the examples below! |
- A MyProxy Resource contained within a Hardware Resource
If you are using a MyProxy server that does not require authentication for retrieving credentials, then you don't need a portal credential to retrieve credentials. Just specify the location of the MyProxy resource as in the example below:
<hardware-resource label="GridLab MyProxy" description="Hosts The GridLab MyProxy" hostname="myproxy.gridlab.org"> <myproxy-resource label="MyProxy" description="Online Credential Repository" port="7512"/> </hardware-resource> - A MyProxy Resource configured to use a host certifcate
Create a "host" certificate, that is a public cert / private key pair that does not require a password to generate a proxy. GT2.X certificates are created with the grid-cert-request command. Java CoG provides some simplified tools as does our "Grid Login" system. You would then specify where the public cert and private key files are located on your system. For example, if you were if your host certificate were files located in
/etc/grid-security(a common location for host certificates), you would then enter something like:<hardware-resource label="GridLab MyProxy" description="Hosts The GridLab MyProxy" hostname="myproxy.gridlab.org"> <myproxy-resource label="MyProxy" description="Online Credential Repository" port="7512" portalCertFile="/etc/grid-security/hostcert.pem" portalKeyFile="/etc/grid-security/hostkey.pem"/> </hardware-resource> - A MyProxy Resource configured to use a user certifcate
Create a "user" certificate, that is a public cert / private key pair that requires a password to generate a proxy. Often times, generated user proxies end up in a file named something like
/tmp/x509up_<userid>, this depends on your how your system is configured. You would then specify where that proxy file is located (since, unlike example 2, the portal cannot automatically generate a proxy with the public cert / private key). Here's an example with a proxy portal file located at/tmp/proxy.pem:<hardware-resource label="GridLab MyProxy" description="Hosts The GridLab MyProxy" hostname="myproxy.gridlab.org"> <myproxy-resource label="MyProxy" description="Online Credential Repository" port="7512" portalProxyFile="/tmp/proxy.pem"/> </hardware-resource>
Example 2 is the best in terms of simplicity and security. You really should configure your MyProxy server to be secure but you should use a host certificate to eliminate the need to generate a proxy by hand.