Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "APEL/SSMInstallation"

From EGIWiki
Jump to navigation Jump to search
 
(92 intermediate revisions by 3 users not shown)
Line 1: Line 1:
The Secure Stomp Messenger (SSM) is used to transmit arbitrary messages using the STOMP protocol.  For a description, see [[APEL/SSMOverview|SSM Overview]].  
* Back to [[APEL/SSM]].


'''PLEASE NOTE THIS IS NOT PRODUCTION-LEVEL SOFTWARE''' '''This software is distributed as an example and for testing'''.  Expect bugs, and if you find any please let us know about them: apel-admins@mailtalk.ac.uk.
If you are beginning your testing now please use [[APEL/SSM2Installation|SSM2]]


== ssm-0.4 ==
SSM1 downloads are available at https://github.com/apel/ssm/downloads.


'''NOTE:''' Before you can send your messages to the Accounting server you must send your host certificate DN to apel-admins [at] stfc.ac.uk, e.g. output from running


=== Prerequisites ===
<code>openssl x509 -subject -noout -in hostcert.pem</code>
* python:
** we use 2.4.3, the standard version with SL5
* stomppy: the python STOMP library
** the version in the epel repository (3.0.3) conflicts with python 2.4 - '''don't use this!'''
** We have been using 2.0.2; the version in the EGEE SA1 repository is 2.0.4 and this works as well
* openssl:
** we use 0.9.8, the standard version with SL5
* lcg-CA


=== Installation ===
= Installing SSM =


You can't currently download a version of the code, but if you would like a zip file please email apel-admins@mailtalk.ac.uk and we will send you a version.
* For details on the testing process, see this page: [[APEL/APELSSMExternalTesting]]
* If you find any bugs please let us know about them: apel-admins [at] stfc.ac.uk.


* Unzip the file into a directory, which is denoted as $SSM_HOME below.
== ssm-1.2 ==


=== Configuration ===
The same package is installed for CPU accounting, StAR and Cloud accounting records.
The environment variable SSM_HOME must be set appropriately:
* <code>export SSM_HOME=<directory></code>


There are two other configuration files.
Version 1.2 is the current version.


==== <code>$SSM_HOME/conf/ssm.cfg</code> ====
'''It changes the default messages location from the previous version:'''
'''The default values should suffice to send messages to the APEL test system''', but there are notes about the file below.
* OLD: <code>/opt/apel/ssm/messages/</code>
* NEW:  <code>/var/opt/apel/messages/</code>


This SSM will be a producer, so the consumer section can be left out or given dummy values - it doesn't hurt. The file is well commented, it should be straightforward. In this file configure:
Installation and removal instructions are now packaged with the SSM in the README file.  If you would like to read it before you install the SSM, here is the version included with ssm-1.2: [[APEL/SSM/README12]].


* the broker to use (host: dev.msg.cern.ch port: 6163 for testing purposes)
'''Please note''': the default configuration sends messages to the CPU Accounting test server.  See [[APEL/SSMConfiguration]] for how to change the configuration.
* the message store (suggest: $SSM_HOME/messages)
* the certificate/key settings and CA directory
* the topic to send to (/topic/grid.accounting.cpuTest.CENTRAL is being used for testing)
* The DN of the consumer that messages are sent to(<code>consumerDN: /C=UK/O=eScience/OU=CLRC/L=RAL/CN=rap.esc.rl.ac.uk/emailAddress=sct certificates@rl.ac.uk</code>)


* The acknowledgment topic; a sensible default is already used.
==== <code>$SSM_HOME/conf/ssm.log.cfg</code> ====
This is the configuration for the logging.  ''''You need to change one thing:'''
* In the section [handler_fileHander], specify the path to a log file.  The directory must exist.  You need a full path - you can't use $SSM_HOME.
* Example: <code>args=('/home/apel/ssm/ssm.log', 'a')</code>


=== Certificates ===
[[Category:Accounting]]
 
Your SSM '''encrypts''' using our certificate.  Before it does this, it tries to verify it against the CA certificates in <code>/etc/grid-security/certificates</code>.  To ensure this works fine, install the lcg-CA package using yum.
 
Your SSM uses your host certificate to '''sign''' the messages it sends.  When our version of the SSM receives a message, it retrieves your certificate and attempts to verify it against the CA certificates in the lcg-CA rpm.
 
If your host certificate is not signed by one of these CAs, discuss this with apel-admins@mailtalk.ac.uk.
=== Running the SSM ===
 
* <code>cd $HOME/bin</code>
* <code>./run-ssm</code>
 
Once the SSM is running, it will send messages from the directory <code>$SSM_HOME/messages/outgoing</code> automatically. All you need to do is to put the messages in this directory.  If they don't disappear, check the log file to see what it says, check your configuration, then send us an email.

Latest revision as of 19:12, 1 November 2018

If you are beginning your testing now please use SSM2

SSM1 downloads are available at https://github.com/apel/ssm/downloads.

NOTE: Before you can send your messages to the Accounting server you must send your host certificate DN to apel-admins [at] stfc.ac.uk, e.g. output from running

openssl x509 -subject -noout -in hostcert.pem

Installing SSM

  • For details on the testing process, see this page: APEL/APELSSMExternalTesting
  • If you find any bugs please let us know about them: apel-admins [at] stfc.ac.uk.

ssm-1.2

The same package is installed for CPU accounting, StAR and Cloud accounting records.

Version 1.2 is the current version.

It changes the default messages location from the previous version:

  • OLD: /opt/apel/ssm/messages/
  • NEW: /var/opt/apel/messages/

Installation and removal instructions are now packaged with the SSM in the README file. If you would like to read it before you install the SSM, here is the version included with ssm-1.2: APEL/SSM/README12.

Please note: the default configuration sends messages to the CPU Accounting test server. See APEL/SSMConfiguration for how to change the configuration.

Retrieved from "https://wiki.egi.eu/w/index.php?title=APEL/SSMInstallation&oldid=100408"