Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "URT:Agenda-08-02-2016"

From EGIWiki
Jump to navigation Jump to search
 
(10 intermediate revisions by 3 users not shown)
Line 11: Line 11:


== Ready tobe Released ==
== Ready tobe Released ==
N/A


== Under Staged Rollout ==
== Under Staged Rollout ==
* dcache 2.13.17


== In Verification ==
== In Verification ==
* canl 2.2.6
* Gridsite
* storm 1.11.10
* voms-admin 3.4.0


= Report from WLCG MW Officer =
= Report from WLCG MW Officer =
Line 20: Line 29:
The latest version of java openjdk ( 1.6/1.7/1.8) on SL5/Sl6 and SL7 disabled the support for MD5 signed certificates,  
The latest version of java openjdk ( 1.6/1.7/1.8) on SL5/Sl6 and SL7 disabled the support for MD5 signed certificates,  
this has created issued for the WLCG VOs mainly for 2 reasons:
this has created issued for the WLCG VOs mainly for 2 reasons:
- some users still have MD5 signed certs, most of them have been renewed but still some are available
* some users still have MD5 signed certs, most of them have been renewed but still some are available
- there is still some software running ( mainly part of the Experiment framework) which makes use of old components still signing with MD5 : i.e. HTCondor 3.2.x which includes an old version of Cream client still signing with MD5. In this particular case we have asked to upgrade the version of HT Condor, but we are still investigating if other components are using MD5
* there is still some software running ( mainly part of the Experiment framework) which makes use of old components still signing with MD5 : i.e. HTCondor 3.2.x which includes an old version of Cream client still signing with MD5. In this particular case we have asked to upgrade the version of HT Condor, but we are still investigating if other components are using MD5
 
can we confirm that all the latest UMD components are not using MD5 ?


we have sent a broadcast to the sites to ask not to upgrade to the latest java or to enable again MD5 in the configuration. Once we will be sure that MD5 is not there , we will contact again the sites to ask to upgrade java and disable MD5
we have sent a broadcast to the sites to ask not to upgrade to the latest java or to enable again MD5 in the configuration. Once we will be sure that all MD5 certificates/proxies are fixed, we will contact again the sites to ask to upgrade java and disable MD5


= Updates from Technical Providers =
= Updates from Technical Providers =
Line 30: Line 41:


== DPM/LFC ==
== DPM/LFC ==
NTR


== Data management clients ==
== Data management clients ==
NTR


== FTS ==
== FTS ==
NTR


== ARC ==
== ARC ==
Line 41: Line 55:


== Globus ==
== Globus ==
* Update to fix missing ppc64le builds in EPEL7 (Testing: 2016-01-14, Stable: 2016-01-29)
** EPEL7: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-290cbc1746
* globus-gridmap-eppn-callout-1.9-1, globus-net-manager-0.14-1, globus-gssapi-gsi-11.25-1, globus-gridftp-server-9.4-1, dpm-dsi-1.9.7-2 (Testing: 2016-01-14, Stable: 2016-02-02)
** EPEL5: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-c62c0c35bb
** EPEL6: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-29c460a42f
** EPEL7: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cf72c1e0f2
* globus-gram-job-manager-pbs-2.5-1 (Testing: 2016-01-24, Stable: 2016-02-07)
** EPEL5: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8d51092434
** EPEL6; https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-b94c16260e
** EPEL7: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-3103b9bb6b
* globus-gssapi-gsi-11.26-1 (Testing: 2016-01-29, Stable: TBD)
** EPEL5: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-360ad6c8bd
** EPEL6; https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-1ae2843014
** EPEL7: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f2e8fc5635


=== Changing the default name compatibility mode to strict RFC ===
=== Changing the default name compatibility mode to strict RFC ===

Latest revision as of 14:37, 8 February 2016

Meeting

Calendar: https://indico.egi.eu/indico/categoryDisplay.py?categId=107

News

Status of the products verification/staged rollout

Ready tobe Released

N/A

Under Staged Rollout

  • dcache 2.13.17

In Verification

  • canl 2.2.6
  • Gridsite
  • storm 1.11.10
  • voms-admin 3.4.0

Report from WLCG MW Officer

The latest version of java openjdk ( 1.6/1.7/1.8) on SL5/Sl6 and SL7 disabled the support for MD5 signed certificates, this has created issued for the WLCG VOs mainly for 2 reasons:

  • some users still have MD5 signed certs, most of them have been renewed but still some are available
  • there is still some software running ( mainly part of the Experiment framework) which makes use of old components still signing with MD5 : i.e. HTCondor 3.2.x which includes an old version of Cream client still signing with MD5. In this particular case we have asked to upgrade the version of HT Condor, but we are still investigating if other components are using MD5

can we confirm that all the latest UMD components are not using MD5 ?

we have sent a broadcast to the sites to ask not to upgrade to the latest java or to enable again MD5 in the configuration. Once we will be sure that all MD5 certificates/proxies are fixed, we will contact again the sites to ask to upgrade java and disable MD5

Updates from Technical Providers

dCache

DPM/LFC

NTR

Data management clients

NTR

FTS

NTR

ARC

  • Jon will be away on parental leave until May 25.

QCG

Globus

Changing the default name compatibility mode to strict RFC

Reminder: the release of the update that will change the default name compatibility mode from "HYBRID" to "STRICT_RFC2818" is planned for April 1, 2016.

xrootd

Discussions

AOB

Next meeting: February 22th, 2016