Changes between Version 145 and Version 146 of Doc/gLite/TemplateCustomization


Ignore:
Timestamp:
Jan 7, 2010, 11:17:04 AM (16 years ago)
Author:
/O=GRID-FR/C=FR/O=CNRS/OU=LAL/CN=Michel Jouvin
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • Doc/gLite/TemplateCustomization

    v145 v146  
    930930
    931931In addition to the previous variable, it is possible to use variable `GRID_TRUSTED_BROKERS` to define the WMS which are allowed to use the MyProxy server. The list provided with this variable is merged with `MYPROXY_AUTHORIZED_RENEWERS`.
     932
     933== VOMS Server ==
     934
     935__Base template__ : `machine-types/voms`.
     936
     937VOMS server default configuration can be customized with the following variables:
     938 * `VOMS_VOS`: this variable describe each VO managed by the VOMS server. This is a nlist where the key is the VO name and the value a nlist specifiying the VO parameters. A typical entry is:
     939{{{
     940  'vo.lal.in2p3.fr',  nlist('port', '20000',
     941                            'host', 'grid12.lal.in2p3.fr',
     942                            'dbName', 'voms_lal',
     943                            'dbUser', 'root',
     944                            'dbPassword', 'clrtxtpwd',
     945                            'adminEmail', 'vomsadmins@example.com',
     946                            'adminCert', '/etc/grid-security/vomsadmin.pem',
     947                           ),
     948}}}
     949 * `VOMS_DB_TYPE`: can be `mysql` or `oracle`.
     950 * `VOMS_MYSQL_ADMINPWD`: password of the MySQL administrator account (MySQL account). Required if DB type is `mysql` (no default).
     951 * `VOMS_MYSQL_ADMINUSER`: username of the MySQL administrator account (MySQL account). Ignored if DB type is not `mysql`. Default: `root`.
     952 * `VOMS_ADMIN_SMTP_HOST`: STMP host used by VOMS admin when sending emails. Default: `localhost`.
     953 * `VOMS_CRON_EMAIL`: user to notify in case of problems during cron jobs. Default: `root@localhost`.
     954
     955In addition to configuring the previous variable, it is generally necessary to install the certificate of the initial administrator of the VO. This certificate is passed in paramater `adminCert` in VO parameters (`VOMS_VOS`). This is typically done with Quattor configuration module `filecopy` in the site-specific configuration of the VOMS server. A typical sequence to do this is:
     956{{{
     957include { 'components/filecopy/config' };
     958variable CONTENTS = <<EOF;
     959-----BEGIN CERTIFICATE-----
     960... Copy certificate from the PEM file ...
     961-----END CERTIFICATE-----
     962EOF
     963
     964# Now actually add the file to the configuration.
     965'/software/components/filecopy/services' =
     966  npush(escape('/etc/grid-security/vomsadmin.pem'),
     967        nlist('config',CONTENTS,
     968              'perms','0755'));
     969}}}
     970
    932971== VOBOX ==
    933972