geonmo.grid

Panoramica Versioni Approfondimenti

Grid

This is an Ansible role designed to set up grid repositories, certificates, and VOMS definitions for WLCG/LCG sites.

The role was inspired by the Ansible Role UMD created by the EGI Foundation.

Requirements

EL6/7
EPEL

Role Variables

Here are the available variables and their default values (see defaults/main.yml):

grid_enable_repo: true
- This enables the grid repository, including YUM priorities.
grid_umd_version: 4
- This specifies the UMD version of the repository, likely version 4.
grid_umd_exclude: []
- A list of packages to exclude from updates or installations.
grid_umd_includepkgs: []
- A list of packages that you want to use only from the UMD repository.
grid_enable_certificates: true | false | 'cvmfs'
- This enables grid certificates. Choosing 'cvmfs' uses certificates from the CVMFS repository (grid.cern.ch).
grid_ca_polices_pkgs:
- - ca-policy-egi-core
- - ca-policy-lcg
- RPMs of CA policies to be installed.
grid_fetchcrl_options: []
- Options for fetchcrl can be provided as a hash. For example, you can set options like timeout, logging mode, etc.
grid_vos: []
- List of Virtual Organizations (VOs) to configure, details come from the EGI Operation Portal.
grid_voinfo_url:
- http://cclavoisier01.in2p3.fr:8080/lavoisier/voVoms?accept=json
- URL to get information on the VOs.
grid_install_voms_client: false
- If set to true, it installs VOMS client packages, although these are usually not needed as they are requested by other installations.
grid_voms_client_pkgs:
- - voms-clients-cpp
- - voms-clients-java
- These are the VOMS client packages to install.
grid_host_certificate: {}
- Install a host certificate. It's provided as a hash:
  - cert: path to the host certificate
  - key: path to the private host key (secured with ansible-vault).
grid_dummy_host_certificate: false | true | 'caonly'
- This installs an insecure dummy host certificate for CI purposes. Only 'caonly' configures the CA.
grid_dummy_ca:
- Contains Dummy CA information distributed with the role.

Example Playbook

Configuring a server without CVMFS:

- hosts: servers
  roles:
    - name: hephyvienna.grid
      vars:
        grid_vos:
          - cms
          - alice
          - belle
        grid_host_certificate:
          cert: server.crt
          key: server.key
    - name: hephyvienna.argus

Configuring a worker node with CVMFS:

- hosts: workers
  roles:
    - name: hephyvienna.grid
      vars:
        grid_vos:
          - cms
          - alice
          - belle
        grid_enable_certificates: cvmfs
    - role: hephyvienna.cvmfs
    - role: hephyvienna.grid_worker
      vars:
        grid_worker_role: wn