Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

APEL/SSMInstallation

From EGIWiki
< APEL
Revision as of 15:35, 20 May 2011 by Cdelcano (talk | contribs)
Jump to navigation Jump to search

The Secure Stomp Messenger (SSM) is used to transmit arbitrary messages using the STOMP protocol. For a description, see SSM Overview.

PLEASE NOTE THIS IS NOT PRODUCTION-LEVEL SOFTWARE This software is distributed as an example and for testing. Expect bugs, and if you find any please let us know about them: apel-admins@mailtalk.ac.uk.

ssm-0.2

Prerequisites

  • python:
    • we use 2.4.3, the standard version with SL5
  • stomppy: the python STOMP library
    • the version in the epel repository (3.0.3) conflicts with python 2.4
    • We have been using 2.0.2; the version in the EGI jra1 repository is 2.0.4 and this works as well
  • openssl:
    • we use 0.9.8, the standard version with SL5
  • lcg-CA

Installation

You can't currently download a version of the code, but if you would like a zip file please email apel-admins@mailtalk.ac.uk and we will send you a version.

  • Unzip the file into a directory, which is denoted as $SSM_HOME below.

Configuration

The environment variable SSM_HOME must be set appropriately:

  • export SSM_HOME=<directory>

There are two other configuration files.

$SSM_HOME/conf/ssm.cfg

The default values should suffice to send messages to the APEL test system, but there are notes about the file below.

This SSM will be a producer, so the consumer section can be left out or given dummy values - it doesn't hurt. The file is well commented, it should be straightforward. In this file configure:

  • the broker to use (host: dev.msg.cern.ch port: 6163 for testing purposes)
  • the message store (suggest: $SSM_HOME/messages)
  • the certificate/key settings and CA directory
  • the topic to send to (/topic/grid.accounting.cpuTest.CENTRAL is being used for testing)
  • The DN of the consumer that messages are sent to(consumerDN: /C=UK/O=eScience/OU=CLRC/L=RAL/CN=rap.esc.rl.ac.uk/emailAddress=sct certificates@rl.ac.uk)
  • The acknowledgment topic; a sensible default is already used.

$SSM_HOME/conf/ssm.log.cfg

This is the configuration for the logging. 'You need to change one thing:

  • In the section [handler_fileHander], specify the path to a log file. The directory must exist. You need a full path - you can't use $SSM_HOME.
  • Example: args=('/home/apel/ssm/ssm.log', 'a')

Certificates

Your SSM encrypts using our certificate. Before it does this, it tries to verify it against the CA certificates in /etc/grid-security/certificates. To ensure this works fine, install the lcg-CA package using yum.

Your SSM uses your host certificate to sign the messages it sends. When our version of the SSM receives a message, it retrieves your certificate and attempts to verify it against the CA certificates in the lcg-CA rpm.

If your host certificate is not signed by one of these CAs, discuss this with apel-admins@mailtalk.ac.uk.

Running the SSM

  • cd $HOME/bin
  • ./run-ssm

Once the SSM is running, it will send messages from the directory $SSM_HOME/messages/outgoing automatically. All you need to do is to put the messages in this directory. If they don't disappear, check the log file to see what it says, check your configuration, then send us an email.

Retrieved from "https://wiki.egi.eu/w/index.php?title=APEL/SSMInstallation&oldid=17767"