Locked History Actions

HowTo/SetupGlobusServer

Setup Globus Connect Server

Follow instructions here.

Install globus-connect-server package

$ curl -LOs http://toolkit.globus.org/ftppub/globus-connect-server/globus-connect-server-repo_latest_all.deb
$ sudo dpkg -i globus-connect-server-repo_latest_all.deb
$ sudo apt-get update
$ sudo apt-get install globus-connect-server

Configure endpoint

Edit /etc/globus-connect-server.conf

Set Name to "darkmatter"

Create endpoint

This will create the endpoint dmargala#darkmatter.

$ sudo globus-connect-server-setup --verbose
[sudo] password for dmargala: 
Globus Username: dmargala
Globus Password: 
ENTER: ID.setup()
ENTER: GCMU.configure_credential()
Fetching credential from relay
Fetching key from relay relay.globusonline.org
Writing certificate to disk
Writing key to disk
EXIT: GCMU.configure_credential()
ca create output:  

    C e r t i f i c a t e    A u t h o r i t y    S e t u p

This script will setup a Certificate Authority for signing Globus
users certificates.  It will also generate a simple CA package
that can be distributed to the users of the CA.

The CA information about the certificates it distributes will
be kept in:

/var/lib/globus-connect-server/myproxy-ca

The unique subject name for this CA is:

CN=696a344c-1578-11e5-ac74-22000b92c6ec,OU=Globus Connect Service,O=Globus Consortium,C=US

[H[2JInstalling new CA files to /etc/grid-security/certificates... done

ca create stderr: Generating a 1024 bit RSA private key
.......................................++++++
........++++++
writing new private key to '/var/lib/globus-connect-server/myproxy-ca/private/cakey.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:Level 0 Organization [Globus Consortium]:Level 0 Organizational Unit [Globus Connect Service]:Name (E.g., John M. Smith) []:
ENTER: GCMU.configure_trust_roots()
EXIT: GCMU.configure_trust_roots()
 Enabling system startup links for /etc/init.d/myproxy-server ...
 Removing any system startup links for /etc/init.d/myproxy-server ...
   /etc/rc0.d/K20myproxy-server
   /etc/rc1.d/K20myproxy-server
   /etc/rc2.d/S20myproxy-server
   /etc/rc3.d/S20myproxy-server
   /etc/rc4.d/S20myproxy-server
   /etc/rc5.d/S20myproxy-server
   /etc/rc6.d/K20myproxy-server
 Adding system startup for /etc/init.d/myproxy-server ...
   /etc/rc0.d/K20myproxy-server -> ../init.d/myproxy-server
   /etc/rc1.d/K20myproxy-server -> ../init.d/myproxy-server
   /etc/rc6.d/K20myproxy-server -> ../init.d/myproxy-server
   /etc/rc2.d/S20myproxy-server -> ../init.d/myproxy-server
   /etc/rc3.d/S20myproxy-server -> ../init.d/myproxy-server
   /etc/rc4.d/S20myproxy-server -> ../init.d/myproxy-server
   /etc/rc5.d/S20myproxy-server -> ../init.d/myproxy-server

update-rc.d: warning:  start runlevel arguments (none) do not match myproxy-server Default-Start values (2 3 4 5)
update-rc.d: warning:  stop runlevel arguments (none) do not match myproxy-server Default-Stop values (0 1 6)

ENTER: GCMU.restart()
restarting with /usr/sbin/service myproxy-server restart
EXIT: GCMU.restart()
 Configured MyProxy server on darkmatter.ps.uci.edu:7512
CA DN: /C=US/O=Globus Consortium/OU=Globus Connect Service/CN=696a344c-1578-11e5-ac74-22000b92c6ec
ENTER: get_myproxy_dn_from_server()
fetching myproxy dn from server
MyProxy DN is /C=US/O=Globus Consortium/OU=Globus Connect Service/CN=696a344c-1578-11e5-ac74-22000b92c6ec
EXIT: get_myproxy_dn_from_server()
Service DN: /C=US/O=Globus Consortium/OU=Globus Connect Service/CN=696a344c-1578-11e5-ac74-22000b92c6ec
EXIT: ID.setup()
ENTER: Web.setup()
No OAuth server to configure on this node
ENTER: IO.setup()
ENTER: IO.configure_credential()
ENTER: GCMU.configure_credential()
EXIT: GCMU.configure_credential()
Writing GridFTP credential configuration
EXIT: IO.configure_credential()
ENTER: configure_server()
Creating gridftp configuration
EXIT: IO.configure_server()
ENTER: IO.configure_sharing()
GridFTP Sharing Disabled
ENTER: IO.configure_trust_roots()
ENTER: GCMU.configure_trust_roots()
EXIT: GCMU.configure_trust_roots()
EXIT: IO.configure_sharing()
ENTER: configure_gridmap_verify_myproxy_callout()
MyProxy CA DN is /C=US/O=Globus Consortium/OU=Globus Connect Service/CN=696a344c-1578-11e5-ac74-22000b92c6ec
CA dir is /var/lib/globus-connect-server/grid-security/certificates
EXIT: configure_gridmap_verify_myproxy_callout()
EXIT: IO.configure_logging()
ENTER: GCMU.restart()
restarting with /usr/sbin/service globus-gridftp-server restart
EXIT: GCMU.restart()
 Enabling system startup links for /etc/init.d/globus-gridftp-server ...
 Removing any system startup links for /etc/init.d/globus-gridftp-server ...
   /etc/rc0.d/K20globus-gridftp-server
   /etc/rc1.d/K20globus-gridftp-server
   /etc/rc2.d/S20globus-gridftp-server
   /etc/rc3.d/S20globus-gridftp-server
   /etc/rc4.d/S20globus-gridftp-server
   /etc/rc5.d/S20globus-gridftp-server
   /etc/rc6.d/K20globus-gridftp-server
 Adding system startup for /etc/init.d/globus-gridftp-server ...
   /etc/rc0.d/K20globus-gridftp-server -> ../init.d/globus-gridftp-server
   /etc/rc1.d/K20globus-gridftp-server -> ../init.d/globus-gridftp-server
   /etc/rc6.d/K20globus-gridftp-server -> ../init.d/globus-gridftp-server
   /etc/rc2.d/S20globus-gridftp-server -> ../init.d/globus-gridftp-server
   /etc/rc3.d/S20globus-gridftp-server -> ../init.d/globus-gridftp-server
   /etc/rc4.d/S20globus-gridftp-server -> ../init.d/globus-gridftp-server
   /etc/rc5.d/S20globus-gridftp-server -> ../init.d/globus-gridftp-server

update-rc.d: warning:  start runlevel arguments (none) do not match globus-gridftp-server Default-Start values (2 3 4 5)
update-rc.d: warning:  stop runlevel arguments (none) do not match globus-gridftp-server Default-Stop values (0 1 6)

ENTER: IO.bind_to_endpoint()
Configuring endpoint darkmatter
ENTER: get_myproxy_dn_from_server()
fetching myproxy dn from server
MyProxy DN is /C=US/O=Globus Consortium/OU=Globus Connect Service/CN=696a344c-1578-11e5-ac74-22000b92c6ec
EXIT: get_myproxy_dn_from_server()
endpoint darkmatter does not exist, creating
EXIT: IO.bind_to_endpoint()
Configured GridFTP server to run on darkmatter.ps.uci.edu
Server DN: /C=US/O=Globus Consortium/OU=Globus Connect Service/CN=696a344c-1578-11e5-ac74-22000b92c6ec
Using Authentication Method MyProxy
Configured Endpoint darkmatter
EXIT: IO.setup()

Debug transfer issues

I ran into the following error trying to transfer files:

Error (transfer)
Server: lbnl#sdss3 (sdss3data.lbl.gov:2811)
File: /sas/dr12/boss/spectro/redux/v5_7_0/spectra/lite/4216/spec-4216-55477-0758.fits
Command: RETR /sas/dr12/boss/spectro/redux/v5_7_0/spectra/lite/4216/spec-4216-55477-0758.fits
Message: Fatal FTP response
---
500-Command failed. : globus_gridftp_server_register_write failed. 
500-globus_xio: Unable to connect to 127.0.1.1:50905 
500-globus_xio: System error in connect: Connection refused 
500-globus_xio: A system call failed: Connection refused 
500 End.

I fixed this error by editing changing the line in /etc/hosts

127.0.0.1  darkmatter.ps.uci.edu   darkmatter

to

128.200.48.77   darkmatter.ps.uci.edu   darkmatter

The following can be used to check the ip address of the server:

>>> import socket
>>> socket.gethostbyname(socket.gethostname())
'128.200.48.77'

Before this used to say '127.0.1.1'. The shell command hostname -i can also be used to return the ip address of the server.