|Audio conference link||Conference system is Adobe Connect, |
no password required.
|Audio conference details||Indico page|
1. Middleware releases and staged rollout
1.1 News from URT
F2F meeting during technical forum, there have not been direct reports from the product teams.
Main update from the ARC team: a major update is scheduled for the beginning of November (ARC 4.**), the major release is necessary because it contains backward incompatibilities. UMD cut a major release in May 2013, therefore the plan is to release the first version of ARC 4 in UMD-3. The new packages will change name (not only version), therefore there should not be any problem for sites using ARC and UMD.
1.2 Staged rollout updates
On 12th of September there was a new UMD update 3.2.0
- APEL 2.2.0 This release provides a security update.
- BDII-Top 1.1.1, BDII-Site 1.2.1 and BDII-Core 1.5.2 this release provides bug fixes and a security update.
There is a bug that affects top-BDII due to the ldap info provider for both GLUE 1 and GLUE 2 publishing. This bug may or may not affect top BDIIs, depending on how well the hosting environment is performing. . Please consult release notes
- QCG products first release in UMD.
- QCG-broker-client 3.0.1
- QCG NTF 3.0.3
- CREAM 1.16.1 This release implements EMI CANL for authentication and authorization
- CREAM-GE 2.1.0 solves some issues in both glite-info-dynamic-ge and the glite-yaim-ge-utils.
- Glexec 1.2.1 this release provides some bugfixes to lcmaps, lcmaps-plugins-basic and lcmaps-plugins-voms.
- ARGUS 1.6.1 release provides some bug fixes namely the fact that pap-admin ban doesn't convert DN in OpenSSL format to rfc2253.
- EMI-UI 3.0.2 Added dependency on globus-gsi-cert-utils-progs, providing "grid-cert-info".
- EMIR 2.0.0 This is the first release in UMD-3.
- BDII-Top 1.1.1, BDII-Site 1.2.1 and BDII-Core 1.5.2 released in SL5 and SL6:
- GRIDWAY 5.14.0 this release provies a new driver for the EMI-ES based on an ARC Client plug-in.
- WMS 3.6.0 release in SL5 and SL6 Bug fix release. After update re-run YAIM.QCG Broker 3.0.1 release in SL5:
- GRIDFTP 5.2.4 released in SL5, SL6 and Debian:
- DCACHE 2.6.5 This is first release in UMD-3. Among other new features, this release provides support for certificates with SHA-2 and a new JSON API prototype together with a new command to find out files locality.
- VOMS Admin 3.2.0 This release provides several bug fixes and improvements, in particular for the groups management.
- YAIM-CORE This release provides a new functionality that config_mkgridmap prevents standard grid-mapfile on both FTS and LFC.
- CANL 2.1. Fixed a bug affecting RFC proxies.
- Gridsite 2.1.2 Bug fix release, now dash character is allowed in delegation IDs.
- BLAH 1.20.2
- LB 4.0.11
Presently under Staged Rollout:
- EMI.unicore-hila v. 2.4.0
- EMI.fts. v. 2.2.9
- IGE.security-integration v. 3.0.0
- EMI.cream-torque v. 2.1.1
- EMI.emi-cluster v. -2.0.1
- EMI.lfc.sl5 v. 1.8.7
2 Operational issues
2.1 Updates from DMSU
Jobs aborted with the error "CREAM'S database has been scratched and all its jobs have been lost"
see details in GGUS #95559
Since Sep 13th (at least with WMS servers at CNAF) almost all the production jobs are failing, mainly due to two bugs: for the first one, (almost) all the jobs in the ICE DB are marked with DB_ID=0; for the second bug, a particular CE (prod-ce-01.pd.infn.it) was triggering the signal of deleting the jobs with DB_ID=0. All the WMS servers which contacted that CE are affected by this issue
It was found out that CREAM CE(s) are sending (since a certain date) an empty DB_ID information as result of an interoperability problem (missing SOAP_HEADER) between gSOAP and Axis2 (ICE uses gSOAP, CREAM uses Axis2 as SOAP frameworks).
The fix (CREAM-125) has been already committed: with the new version of glite-ce-cream-client-api-c CREAM re-starts to send to ICE a not empty DB_ID in the JobRegister query
Other tickets opened for this issue:
2.2 Proposal of an additional repository for security patches
Considering that in the infrastructure there are several software not distributed through the o.s. repositories (e.g. EPEL) or UMD, but still supported by developers with security updates, there may be the need to collect the suggested patches in a single repository and make them available for the infrastructure. This repository could be be maintained by the SVG team,and it would not be part of an official UMD release - to have more flexibility- but the packages could undergo a testing process before being distributed among the infrastructure.
As a recent example a security patch was released for a widely deployed component, but in EPEL the software is not maintained anymore, and there are little chances that it would reach the EPEL stable. This patch could be released in the "EGI security updates repository", with a brief testing, to be more easily deployed by site managers.
3.2 Next meeting
October 7th, h14:00 Amsterdam time.