\item \texttt{GLITE\_LB\_EXPORT\_JPPS} -- Job Provenance Primary Storage where to export purged jobs, required if export to JP is enabled
\item \texttt{GLITE\_JP\_LOCATION} -- optional parameter for combining LB and JP subsystems on the different locations
\item \texttt{GLITE\_LB\_RTM\_ENABLED} -- enable settings for Real Time Monitor - indexes and additional access (default: false)
-\item \texttt{GLITE\_LB\_RTM\_DN} -- DN using to get notifications from \LB server\\
+\item \texttt{GLITE\_LB\_RTM\_DN} -- DNs using to get notifications from \LB server\\
(default: \texttt{heppc24.hep.ph.ic.ac.uk} machine certificate)
\item \texttt{GLITE\_LB\_SUPER\_USERS} -- additional super-users (default: empty)
\item \texttt{GLITE\_LB\_TYPE} -- type of the \LB service: server, proxy, both (default: server)
In addition to those, YAIM LB module uses following parameters:
\texttt{INSTALL\_ROOT}, \texttt{GLITE\_LOCATION\_VAR}, \texttt{GLITE\_USER}, \texttt{SITE\_EMAIL}.
+Lists separated by comma (\texttt{GLITE\_LB\_RTM\_DN} and \texttt{GLITE\_LB\_SUPER\_USERS}).
+
\subsubsection{Migration to a different OS version}
\label{inst:OSmigration}
Migration of a LB server to different machine is possible using
superusers="$1"
rtm="$2"
- superusers="`echo \"$superusers\"| grep -v ^$ | sed 's/\(.*\)/\trule permit {\n\t\tsubject = \"\1\" }\n\t}\n/'`"
- rtm="`echo \"$rtm\"| grep -v ^$ | sed 's/\(.*\)/\trule permit {\n\t\tsubject = \"\1\" }\n\t}\n/'`"
+ superusers="`echo \"$superusers\"| grep -v ^$ | tr ',' '\n' | sed 's/\(.*\)/\t\tsubject = \"\1\"/'`"
+ rtm="`echo \"$rtm\"| grep -v ^$ | tr ',' '\n' | sed 's/\(.*\)/\t\tsubject = \"\1\"/'`"
cat <<EOF > "$GLITE_LOCATION/etc/glite-lb-authz.conf.new"
resource "LB" {
action "ADMIN_ACCESS" {
+ rule permit {
$superusers
+ }
}
action "STATUS_FOR_MONITORING" {
+ rule permit {
$rtm
+ }
}
action "LOG_WMS_EVENTS" {
# superusers file deprecated
if test -s "${GLITE_LOCATION}/etc/LB-super-users"; then
yaimlog WARNING "Found old superusers file '${GLITE_LOCATION}/etc/LB-super-users', check 'ADMIN_ACCESS' section in glite-lb-authz.conf"
- mv "${GLITE_LOCATION}/etc/LB-super-users" "${GLITE_LOCATION}/etc/LB-super-users.old"
+ echo "# deprecated file, replaced by ADMIN_ACCESS action in glite-lb-authz.conf" > "${GLITE_LOCATION}/etc/LB-super-users.old"
+ cat "${GLITE_LOCATION}/etc/LB-super-users" >> "${GLITE_LOCATION}/etc/LB-super-users.old"
+ rm "${GLITE_LOCATION}/etc/LB-super-users"
fi
mv "$GLITE_LOCATION/etc/glite-lb-authz.conf.new" "$GLITE_LOCATION/etc/glite-lb-authz.conf"
echo "${GLITE_LOCATION}/etc/init.d/glite-lb-bkserverd" >> ${GLITE_LOCATION}/etc/gLiteservices
fi
- config_glite_lb_authz "$GLITE_LB_SUPER_USERS" "$GLITE_LB_RTM_DN"
+ if [ x"$GLITE_LB_RTM_ENABLED" = x"true" ]; then
+ config_glite_lb_authz "$GLITE_LB_SUPER_USERS" "$GLITE_LB_RTM_DN"
+ else
+ config_glite_lb_authz "$GLITE_LB_SUPER_USERS" ""
+ fi
if [ ! -f ${GLITE_LOCATION}/etc/glite-lb-harvester.conf ]; then
echo $HOSTNAME > ${GLITE_LOCATION}/etc/glite-lb-harvester.conf
git://scientific.zcu.cz / jra1mw.git / commitdiff