====== Introduction ======
Check also: https://twiki.cern.ch/twiki/bin/view/Atlas/Tier3gStartingCondor
===== Changes to iptables =====
Edit the */etc/sysconfig/iptables* file to add these lines ahead of the reject line
# Condor additions -A RH-Firewall-1-INPUT -s 128.105.245.0/16 -m state --state ESTABLISHED,NEW -p tcp -m tcp --dport 9000:10000 -j ACCEPT #
Condor additions -A RH-Firewall-1-INPUT -s 128.105.245.0/16 -m state --state ESTABLISHED,NEW -p udp -m udp --dport 9000:10000 -j ACCEPT #
mkdir /export/home/shared
cd /export/home/shared
wget http://newbio.cs.wisc.edu/zkm/condor-7.4.8-linux-x86-rel5-dymamic-1.x86_64.rpm
cd /root/
rpm -i --test /export/home/shared/condor-7.4.0-linux-x86_64-....
rpm -i /export/home/share/condor-7.4.0 ....
cd /opt/condor-7.4.0/etc/examples
edit condor.init. Look for "error program not found" /usr/sbin/$prog goes to /opt/condor/sbin/$prog
cp /opt/condor-7.4.0/condor.sh /etc/sysconfig/condor
#edit condor
CONDOR_CONFIG="/export/share/condor-etc/condor_config"
cd ../../
cp etc/examples/condor.init /etc/init.d/condor
/sbin/chkconfig --level 235 condor on
/sbin/chkconfig --list condor
chmod 755 /etc/init.d/condor
mkdir /var/run/condor
chown condor:condor /var/run/condor
cd etc/
# edit condor_config
RELEASE_DIR = /opt/condor
LOCAL_DIR = /local/condor
LOCAL_CONFIG_FILE = /export/share/condor-etc/condor_config.$(HOSTNAME).local
CONDOR_ADMIN =
UID_DOMAIN = cs.wisc.edu
FILESYSTEM_DOMAIN = $(UID_DOMAIN)
ALLOW_WRITE = *.$(UID_DOMAIN)
at the end of the file add
SEC_DAEMON_AUTHENTICATION = required
SEC_DAEMON_AUTHENTICATION_METHODS = password #change this to different method
SEC_CLIENT_AUTHENTICATION_METHODS = password,fs,gsi,kerberos
SEC_PASSWORD_FILE = /local/condor/condor_credential
ALLOW_DAEMON = condor_pool@*
cd ../local.glow-223 (condor manager)
# edit condor_config.local
CONDOR_HOST = glow-c223.es.wisc.edu
#LOCAL_DIR
#CONDOR_ADMIN
DAEMON_LIST= COLLECTOR, MASTER, NEGOTIATOR (for condor master)
cp condor_config.local /export/share/condor-etc/condor_config.glow-c223.local
cp /etc/sysconfig/condor /opt/condor/condor.sh
#checking
source /opt/condor/condor.sh
echo $CONDOR_CONFIG should be /export/share/condor-etc/condor_config
condor_config_val RELEASE_DIR should be /opt/condor
condor_config_val LOCAL_DIR should be /local/condor
#set up local space
mkdir /local/condor
chown condor:condor /local/condor
cd /opt/condor/local.glow-c223/
mv execute/ log/ spool/ /local/condor/
#set password
condor_store_cred -c add (enter password)
#start condor
/etc/init.d/condor start (should say ok)
#check
condor_config_val log (should be /local/condor/log)
cd /local/condor/log
#check Master log
condor_status -negotiator
Instructions - transcript v2:
#rpm -i condor.rpm
# make sure that there is a repository configuration file /etc/yum.repos.d/condor.repo
yum install condor
ln -s /opt/condor-7.4.0 /opt/condor
## set up init.d so condor starts automatically
vi /opt/condor/condor.sh
+ fix CONDOR_CONFIG to /export/share/condor-etc
+ fix path to /opt/condor/bin /opt/condor/sbin
cp /opt/condor/condor.sh /etc/sysconfig/condor
chmod 755 /opt/condor/etc/examples/condor.init
vi /opt/condor/etc/examples/condor.init
+ change /usr/sbin/$prog to /opt/condor/sbin/$prog
cp /opt/condor/etc/examples/condor.init /etc/init.d/condor
chkconfig --level 235 condor on
mkdir /var/run/condor
chown condor:condor /var/run/condor
## central manager only:
RELEASE_DIR = /opt/condor
LOCAL_DIR = /local/condor
LOCAL_CONFIG_FILE = /export/share/condor-etc/condor_config.$(HOSTNAME).local
#CONDOR_ADMIN =
#UID_DOMAIN = cs.wisc.edu
#FILE_SYSTEM_DOMAIN = $(UID_DOMAIN)
COLLECTOR_NAME =
ALLOW_WRITE = *.$(UID_DOMAIN)
# search for LOWPORT and add
IN_HIGHPORT = 9999
IN_LOWPORT = 9000
at end of file:
SEC_DAEMON_AUTHENTICATION = Required
SEC_DAEMON_AUTHENTICATION_METHODS = PASSWORD
SEC_CLIENT_AUTHENTICATION_METHODS = PASSWORD,FS,GSI,KERBEROS
SEC_PASSWORD_FILE=/local/condor/condor_credential
ALLOW_DAEMON=condor_pool@*
## On all condor nodes
vi /opt/condor/local.*/condor_config.local
#CONDOR_HOST
#RELEASE_DIR
#CONDOR_ADMIN
DAEMON_LIST
cp /opt/condor/local.*/condor_config.local /export/share/condor-etc/condor_config.<name>.local
#this will not work on hosts not owning the NFS shared directory (root squash)
#from the NFS master
scp <name>:'/opt/condor/local.*/condor_config.local' /export/share/condor-etc/condor_config.<name>.local
#E.g. scp glow-c226:'/opt/condor/local.*/condor_config.local' /export/share/condor-etc/condor_config.glow-c226.local
## set up condor's local space
mkdir /local/condor
chown condor:condor /local/condor
cd /opt/condor/local.<name>/
mv execute log spool /local/condor
## set up password authentication
source /opt/condor/condor.sh
condor_store_cred -c add
## iptables may interfere with condor:
# set
-- Main.RikYoshida - 04 Nov 2009