Notes from first attempt at globus

From DISI
Jump to: navigation, search

https://www.globus.org/globus-connect-server

In an attempt to install Globus Connect Server, here is my notes of what I have done so far.

Note: I have tried installed Globus on gimel2, tau. So far no luck getting it working

Detail complete guide https://docs.globus.org/globus-connect-server-installation-guide/

https://www.h3abionet.org/images/Technical_guides/L2_04_How_To_Setup_and_Configure_Globus_Connect_Endpoint_V1.5.pdf

Open required TCP Ports

Check if FQDN is resolvable

$ hostname -f

$ nslookup 'tau.compbio.ucsf.edu' 8.8.4.4

Globus TCP Ports

Note: Our server is behind the lab and UCSF firewalls. I have attempted to open these ports on tau and UCSF IT also helped open these port on UCSF firewall.

The TCP ports that must be open for the default Globus Connect Server installation, together with brief descriptions of each, are listed here:

Port 2811 inbound from 54.237.254.192/29
Used for GridFTP control channel traffic.
Ports 50000—​51000 inbound and outbound to/from Any
Used for GridFTP data channel traffic.
The use of the default port range is strongly recommended (you can read why here).
Data channel traffic is sent directly between endpoints—​it is not relayed by the Globus service.
Port 443 outbound to 54.237.254.192/29 and nexus.api.globusonline.org
Used to communicate with the Globus service via its REST API.
nexus.api.globusonline.org is a CNAME for an Amazon ELB; IP addresses in the ELB are subject to change.
Port 443 outbound to downloads.globus.org
Used to pull Globus Connect Server packages from the Globus repository.
Port 443 outbound to crl.cilogon.org
Used to pull CRL file updates for endpoints configured to use CILogon based activation
Port 7512 inbound from 54.237.254.192/29
Used for MyProxy traffic.
Needed if your server will run MyProxy service.
Port 443 inbound from Any
Used for OAuth traffic.
Needed if your server will run OAuth service.
OAuth traffic comes directly from clients using your OAuth service—​it is not relayed by the Globus service.

Globus Connect Server v.4 Installation / Uninstallation

Install Globus on Centos

Install EPEL repository on CentOS 6, Red Hat Enterprise Linux 6, and Scientific Linux 6:

$ sudo curl -LOs https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
$ sudo yum install epel-release-latest-6.noarch.rpm

Install EPEL repository on CentOS 7, Red Hat Enterprise Linux 7, and Scientific Linux 7:

$ sudo curl -LOs https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
$ sudo yum install epel-release-latest-7.noarch.rpm


$ sudo yum install yum-plugin-priorities
$ sudo yum install globus-connect-server
Uninstall
  • Stop Globus Sever
$ globus-connect-server-setup
  • Remove packages
$ yum remove \*globus\*
$ yum remove \*myproxy\*
  • Remove globus configure folders and files
$ rm /etc/globus-connect-server.conf
$ rm -f /etc/gridftp.conf
$ rm -rf /etc/grid-security
$ rm -rf /var/lib/globus-connect-server


Create & Configure Globus Endpoint

Create a Globus ID https://www.globusid.org/login Note: use something like bkslab or ucsf_bks, don't use your name since globus uses username in conjunction with the endpoint name (ie ucsf_bks@zinc)

$ vim /etc/globus-connect-server.conf

  [Endpoint]
  Name = zinc
  Public = True

Run this command after make changed to /etc/globus-connect-server.conf

$ sudo globus-connect-server-setup

Globus FTP

Login with your UCSF credential or globusid https://app.globus.org/

Error

This is the error that I got stuck on Globus error.png