Administration
SyncGTS Server Side Approach
 |
 |
 |
 |
Table of Contents |
 |
 |
 |
 |
This guide provides a step by step process for syncing with the trust fabric using the SyncGTS Server Side Approach. The SyncGTS server side approach is intended to be used to sync server environments or environments running grid services with the trust fabric. In this approach SyncGTS is deployed to a service container ensuring that the server environment is automatically updated to be in sync with the most up to date trust fabric.
SyncGTS is distributed as standalone project as well as part of other projects such as caGrid. Each of the distributions contains a syncgts directory herein referred to as SYNC_GTS_LOCATION. To sync with the trust fabric using the command line approach complete the following steps:
Step 1: Building SyncGTS
If you have obtained a source release of the SyncGTS you will need to build the SyncGTS. To build the SyncGTS type the following from a command prompt:
%> cd SYNC_GTS_LOCATION
%> ant clean all
 | Depending on the SyncGTS distribution it may be required to build the entire project that SyncGTS is distributed with prior to building SyncGTS. For example if you have obtained a caGrid source distribution this is required, if you received a SyncGTS standalone distribution this is not required. |
Step 2: Configuring SyncGTS (Optional)
SyncGTS is configured through an XML configuration file herein referred to as the Sync Description. The default Sync Description file can be found in SYNC_GTS_LOCATION/ext/resource/sync-description.xml. For most distributions, SyncGTS is pre-configured to work with the Grid in which it is being distributed for, therefore no further configuration is required. If you do need to make configuration changes to SyncGTS, in most cases you will only need to edit the gtsServiceURI, GTSIdentity, and ExcludedCAs elements. For comprehensive details on configuring SyncGTS click here.
Step 3: Installing GTS Trust Roots (Optional)
In order for SyncGTS to sync with a GTS service, it is required that the local environment trust the GTS service being synced with. In other words the local environment must trust the certificate authority that issued the GTS Service's credentials. Most distributions of SyncGTS are pre-configured to trust the GTS credentialing certificate authority for the Grid in which the distribution if configured for. If this is the case no further configuration is required. If this is not the case SyncGTS can easily be configured to trust other certificate authorities by placing a copy of the CA's certificate in the directory: SYNC_GTS_LOCATION/ext/resources/certificates. The CA certificate must be contained in PEM format and must be given a digit (0-9) extension. For example to configure SyncGTS to trust a CA whose certificate is contained in the file cacert.pem, the file should be rename to cacert.0 and copied to the directory: SYNC_GTS_LOCATION/ext/resources/certificates. In most cases you will also want to also add an entry to the excluded CA list in SyncGTS's configuration file. For more details on the SyncGTS configuration file click here.
Step 4: Deploying SyncGTS
Once you have configured a container (Globus or Tomcat) you need to deploy SyncGTS to that container. To deploy SyncGTS to a Globus container type the following from a command prompt:
%> cd SYNC_GTS_LOCATION
%> ant deployGlobus
To deploy SyncGTS to a secure Tomcat container type the following from a command prompt:
%> cd SYNC_GTS_LOCATION
%> ant deployTomcat
No matter which container you choose you should see a significant amount of output to the screen, if the deployment is successful you should see the words "BUILD SUCCESSFUL" outputted to the screen.