Software Links
Getting Started
- Doc Structure
- A Globus Primer
- Globus Is Modular!
- Quickstart
- Installing GT
- Platform Notes
- Migrating from GT2
- Migrating from GT3
Reference
- PDF version
- Best Practices
- Coding Guidelines
- API docs
- Public Interfaces
- Resource Properties
- Samples
- Glossary
- Performance Studies
Common Runtime
Security
Data Mgt
Information Svcs
Execution Mgt
Table of Contents
This guide contains installation and configuration information for system administrators installing the Java CoG Kit. It explains how to install, configure and test the installation.
![[Important]](/docbook-images/important.gif) | Important |
|---|---|
This information is in addition to the basic Globus Toolkit prerequisite, overview, installation, security configuration instructions in the GT 4.1.1 System Administrator's Guide. Read through this guide before continuing! |
Java CoG Kit is distributed as part of a default GT 4.1.1 installation. For basic installation instructions, see the GT 4.1.1 System Administrator's Guide. No extra installation steps are required for this component.
The following are optional instructions for more advanced types of installations. These are for those advanced users who want to build the latest code from CVS or are just interested in the Java CoG Kit.
| 1. |
Obtain the source code for Java CoG Kit: From CVS.
From source distribution.
|
| 2. |
Run: ant all
|
| 1. | Untar or unzip the distribution archive. tar xvfz cog-XXX-tar.gz |
| 2. | Change into the unpacked distribution directory. cd cog-XXX |
| 3. | Set the COG_INSTALL_PATH environment variable to the unpacked distribution directory. On Windows: set COG_INSTALL_PATH=c:\cog-1.2
On Unix/Linux: setenv COG_INSTALL_PATH /soft/cog-1.2/ or export COG_INSTALL_PATH=/soft/cog-1.2/
|
In general no extra configuration is required to use Java CoG Kit. However, in certain cases additional configuration might be required. The Java CoG Kit configuration file is placed in $HOME/.globus/cog.properties on Unix/Linux machines or %USERPROFILE%\.globus\cog.properties on Windows machines.
Trusted certificates can be configured as described below and are loaded in the specified order:
Property
cacertsin configuration file cog.properties file can be used to set the trusted certificates. The value of the property is a list of comma-separated CA certificates or directories of certificates. Example:cacert = /home/gawor/MyCaCert.pem, /etc/grid-security/certificates/If a directory is specified in the list, all certificate files within that directory with .<digit> extension will be loaded.
The system property
X509_CERT_DIRcan be used to configured trusted certificates. It is used if the cog.properties file is not found or thecacertproperty is not setTrusted certificates can be placed in
${user.home}/.globus/certificatesdirectory. If system property is not set, this location is checked.The certificates can be placed in
/etc/grid-security/certificatesdirectory. This directory is checked on Unix/Linux machines if certificates are not found as described in previous steps.
If one of the above directories with certificates is found, all the certificates in that directory will be loaded and used. If no directory is found, the Java CoG will not work.
User certificate can be configured as described below and an attempt is made to find the file in the order specified:
Location of the file can be specified as value of property
usercertin configuration file cog.propertiesLocation of the user certificate can be set as value of environment variable
X509_USER_CERT. This property is used if cog.properties file is not configured or theusercertproperty is not specified in the file.The certificate can be placed in default location
${user.home}/.globus/usercert.pem. If none of the above configuration is found, the library defaults to this location.
User private key can be configured as described below and an attempt is made to find the file in the order specified:
Location of the file can be specified as value of property
userkeyin configuration file cog.propertiesLocation of the user private key can be set as value of environment variable
X509_USER_KEY. This property is used if cog.properties file is not configured or theuserkeyproperty is not specified in the file.The private key can be placed in default location
${user.home}/.globus/userkey.pem. If none of the above configuration is found, the library defaults to this location.
Proxy file can be configured as described below and an attempt is made to find the file in the order specified:
Location of the file can be specified as value of property
proxyin configuration file cog.propertiesLocation of the proxy can be set as value of environment variable
X509_USER_PROXY. This property is used if cog.properties file is not configured or theproxyproperty is not specified in the file.If the above configuration is not used, then the library looks for proxy in default location using the following rules:
If a UID system property is set, and running on a Unix/Linux machine it returns /tmp/x509up_u${UID}.
If on any other machine than Unix/Linux,it returns ${tempdir}/x509up_u${UID}, where tempdir is a platform-specific temporary directory as indicated by the java.io.tmpdir system property.
If a UID system property is not set, the username will be used instead of the UID. That is, it returns ${tempdir}/x509up_u_${username}
Sometimes, especially on machines with DHCP enabled, the local IP address of the machine might be incorrectly detected by Java or the wrong non-public IP address might be used if behind a NAT router or on VPN. To configure the public IP address used by Java CoG Kit, add the following line to the configuration file:
ip=<current ip>
This has the same effect as setting the GLOBUS_HOSTNAME environment property or Java system property.
Sometimes it is necessary to restrict the listening port numbers that Java CoG Toolkit will use. To set the port range in the configuration file, just add the following line:
tcp.port.range=<min>,<max>
This has the same effect as setting the GLOBUS_TCP_PORT_RANGE environment property or Java system property.
There are no tests to test the Java CoG installation. However, the unit tests are available with the source distribution. Since some of the unit tests rely on GT2 services to be running, first make sure that they are running ok. Also, you will need to configure the tests (look for various test.properties files) in the source distribution with the appropriate information (for example the right service port, hostname, etc.). Finally, to run the tests do:
ant test
Under some circumstances, the org.globus.util.Util.setFilePermissions() and the org.globus.util.ConfigUtil.getUID() functions execute an external program; thus, its behavior is influenced by environment variables such as the caller's PATH and the environment variables that control dynamic loading. Care should be used if calling these functions from a program that will be run as a Unix setuid program, or in any other manner in which the owner of the Unix process does not completely control its runtime environment.
Since Java does not provide an API for setting the permissions of a file, the Java CoG Kit will attempt to execute the /bin/chmod program in the background to set the permissions of the given file. If that program cannot be executed for any reason or fails to execute correctly, a proxy file might end up with incorrect file permissions (depending on umask setting). Usually a warning will be displayed if that occurs (especially on Windows since /bin/chmod is not supported on that platform).
Please see the FAQ and the web page for any problems concerning Java CoG Kit. Also, you can send email describing your problem to the java@globus.org mailing list (must subscribe first) or search for the problem in the archives.