|
|
The procedure for a given site to enter the EGEE production Grid depends on the regional requirements of each federation. Even so, there are some common steps, which will be mentioned in this paragraph. Site certification is done by the Federation ROC and could be a more or less time consuming activity depending on the experience of the site administrator, the complexity of the services the site wants to provide and the local site environment (firewall, site policies, batch system etc.).
First of all a new site has to pass the process of site registration. This process includes in general the following steps, which can be slightly different depending on the individual ROC:
- Request of an X509 user certificate from its national CA each of the site administrators.
- Site contacts its ROC to get information what site-specific information and which statement of acceptance of policy documents the site has to provide. Afterwards the site should send this information to the ROC representative and accept the required policies and agreements.
- The ROC representative validates this information and transfers it to the ROC Manager in the case of a distributed ROC, where they are not the same person.
- The ROC Manager adds the new site to the GOCDB and sets it certification status to “candidate” and the production status to “production”.
- Then the site administrators, which are registered in the GOCDB identified by their certificate DN, can add the missing information to the GOCDB (adding security contacts, more site administrators etc.).
- After this information is validated by the ROC the site certification status will be set to “uncertified”.
- Now the site administrators should request the membership for dteam VO, inscribe themselves to the regional and global Grid relevant mailing lists and fulfil other required regional registration need (register in regional helpdesk etc.).
- The next step is to certificate the site, which can be done by an ROC representative or the ROC Manager itself.
- Then the site should install the middleware with guidance and support of its ROC middleware support contacts.
- After the site is certified and appears stable in all of the standard tests (SAM, GSTAT etc.) the ROC sets the certification status of the site to “Certified” and the production status to “production”.
As a guideline for the ROC the site certification process could be divided into the following stages to give some principal idea:
- ROC should provide the site the access to the installation information of the middleware and its regional adoption.
- Site should install the Grid middleware services at make the first local test.
- ROC should check GSTAT (site appears under the category test) and check if the site information is published properly. In case of important configuration problems for sites using YAIM, analyzing the site-info.def, after having previously deleted sensible information (passwords etc.). Wrong defined configuration variables are sometimes difficult to detect for new site administrators. Also firewall related problems should be taken into account.
- After the info system is working properly, the ROC could send tests to the site through the SAM admin page taking into account that some services like Replica Manager could not be tested by this page having the site in “uncertified” status. The detected problems should be fixed so that SAM tests results reach the desired state.
- All the additional, not already tested components should be tested using the middleware client software.
- After all the tests finish successful the site could be put in the certification status “Certified” at the GIC DB
- The ROC should intensively observe the SAM and GTSAT test results during the first days for the new production site and establish some short distance communication to be able to react quickly to the problems and give the required support.
|
|
