Administration
Naming Authority Installation
 |
 |
 |
 |
Contents |
 |
 |
 |
 |
Overview
This guide provides step-by-step details on how to install and configure the Naming Authority Web Application and Grid Service version 1.4.
Prerequisites
In order to install and run the Naming Authority for identifiers, the following prerequisite software must be installed:
- Java 1.5 JDK or Greater
- Mysql 5 or Greater
Step 1: Install caGrid
In this step you will download and install the Naming Authority using the caGrid Installer. If you already have caGrid 1.4 installed on your machine, you may proceed to the next step. To install caGrid, complete the following steps:
Installer Prerequisites
The caGrid Installer installs all prerequisites except for Java and MySQL.
- Java 6 JDK
- Make sure the JAVA_HOME environment variable is set and points to the location where the JDK has been installed.
- (Optional) If you are deploying caGrid core services locally, you may also need a MySQL database.
Note
MySQL is only required for the security services and GME. You can use 4.x (with transaction enabled; i.e., use InnoDB engine) or 5.x.
Installing caGrid 1.4 Using the Installer
| Internet Resources Required by the Installer Unless you are using a customized installer, the installer will need to be able to access these internet resources:
|
- Download the caGrid 1.4 Installer, unless you have a customized installer that you have been instructed to use for your grid. The downloaded installer should be contained in the file caGrid-installer-1.4.zip. If you are using a customized installer the name may vary.
- Unzip the file caGrid-installer-1.4.zip. This creates the directory caGrid-installer-1.4. This documentation refers to this directory as CAGRID_INSTALLER_LOCATION.
- From a command prompt, launch the installer using the following command:
Do not launch the installer by double-clicking the jar file 
> cd *CAGRID_INSTALLER_LOCATION*
> java -jar caGrid-installer-1.4.jar - Select the I agree to this license checkbox and then click Next.
- Select the Install/Configure caGrid Software checkbox and then click Next.
- The installer detects whether or not you have already installed Ant. It installs or reinstalls it, depending on your installation status. In either case, you must specify the location where you want to install Ant.
- The installer detects whether or not you have already installed Globus. It installs or reinstalls it, depending on your installation status. In either case, you must specify the location where you want to install Globus.
- The installer asks you for a location on your local file system to install caGrid. Specify a location to install caGrid and click Next.
To select a file location that is not in the User's Home directory, Click the Look In: drop down list and select a new starting location. 
- The installer displays a list of tasks that the installer will perform. Click Next to begin the installation process. At this time the installer downloads, builds, and installs several components. This process takes several minutes.
- Once the installer has completed installing all the components, click Next.
- The installer prompts you to specify which Grid you want to configure your installation to use. The installer supports configuring caGrid to work out of the box with many community Grid environments. For testing and development purposes, we recommend selecting the Training Grid. If you do not want to configure caGrid to work with an existing Grid you may select that as well. The installer can also be modified to support additional Grids.
- The installer shows a summary of the tasks to be completed. Click Next to configure caGrid to use the selected target Grids. This process takes several minutes.
- Once the installer has finished configuring caGrid to use the target Grid, click Next. The final screen reminds you to set your ANT_HOME and GLOBUS_LOCATION environment variables. Set these variables immediately and click Finish.
Congratulations! You have successfully installed caGrid.
|
 | Add ANT_HOME/bin to PATH You will be running the ant program from the command line so add ANT_HOME/bin to PATH. |
The installer places caGrid in the directory you specified during installation. From this point forward we refer to this directory as CAGRID_HOME.
Step 2: Obtain Host Credentials
The identifiers security framework requires a secure web application container. In order to run a secure service, the container hosting the service must run with a host credential. A host credential consists of an X.509 certificate and private key. In a production environment, it is very important that this credential be issued by a certificate authority that the environment trusts. For the purposes of this guide we will provide instructions on how to obtain a host credential from Dorian. Dorian is an open-source service framework for issuing PKI credentials and is a trusted certificate authority in many Grid environments. Most target Grids (selected in the last step) are configured with one or more Dorian instances. For the purposes of this guide, we will provide documentation on requesting a host credential from the Training Dorian; similar steps can be used for requesting a host credential from other Dorian instances.
|
To request a host credential from the Training Dorian, you must have an account. Any user may request an account from the Training Dorian. If you have an account with the Training Dorian, complete the steps below to get a host credential. Otherwise, click here for directions on requesting an account and then proceed with the steps below:
|
|
Immediately after clicking the Request Certificate button, the UI will submit the host certificate request to Dorian. Upon receiving the request, Dorian will either immediately approve the request or submit the request to an administrator for approval. In the case where the request is immediately approved, the host credentials (certificate and private key) will be written to the directory specified. The file containing the certificate will be named THE_HOSTNAME_YOU_ENTERED-cert.pem,. The file containing the private key will be named THE_HOSTNAME_YOU_ENTERED-key.pem.
In the case where a host certificate request requires approval of an administrator, the file containing the private key will be named THE_HOSTNAME_YOU_ENTERED-key.pem. The host certificate WILL NOT be written since it is not issued until the request is approved. You will need to wait for an administrator to approve your request before proceeding forward. The GAARDS UI provides a means of checking the status of your request. For directions on how to do this, click here.
| Please note the location to which the host certificate and private key were written. These will be needed later to configure the container. |
Step 3: Configure a Secure Container
In this step, we will configure a web service container that will host the Naming Authority. For the purposes of this guide, we will provide detailed instructions on how to use the caGrid Installer to install and configure a secure Tomcat container. You will need to supply the installer with the host credentials you created in the last step.
- From a command prompt, launch the caGrid Installer:
> cd \ CAGRID_INSTALLER_LOCATION
> java -jar caGrid-installer-1.4.jar - Select the I agree to this license box and then click Next.
- Select the Install/Configure Grid Service Container box and then click Next.
- Select the Container to which you want to deploy your service. Because this guide will use a secure Tomcat, select the Should this container be secure? box and then click Next.
- In the hostname box, enter the hostname of your server. This should match the hostname you used when you created your host credentials. Click Next.
If you plan on using this container to deploy a service that registers to an existing grid, it is important that you use a publicly resolvable DNS name (or static IP). Otherwise, you will need to manually edit configuration files later to correct this. - From the Obtain host credentials method list, select the option that applies to your situation and click Next.
Options: - If you do not yet have credentials for your service, select Use GAARDS to obtain host credentials.
- If you have host credentials that are not in the default location, then select Browse to host credentials on the file system.
- If you have host credentials that are in the default location, then select Host credentials are already installed.
Default credential location:
- On Windows, this will be a path like "C:\Documents and Settings\<USERNAME>\.cagrid\certificates".
- On Linux/MAC this will be a path like "/Users/YOUR_USERNAME/.cagrid/certificates".
- If you selected Browse to host credentials on the file system, the next screen will prompt you for the location of your credentials. Enter the location of your host certificate in the Certificate text box. Enter the location of your private key in the Key text box. Click Next.
- The next screen asks where you want to install Tomcat. Enter that location in the Directory text box and click Next.
- A list of tasks appears that the installer will perform in order to install and configure Tomcat. Click Next.
- Once the installer has completed installing all of the components, click Next.
- Click Next. The final screen reminds you to set your ANT_HOME, GLOBUS_LOCATION and CATALINA_HOME environment variables. Set these variables immediately and click Finish.
Congratulations! You have successfully installed and configured your Tomcat container.
Step 4: Configure and Deploy
Now that we have installed caGrid and configured a secure Tomcat container, we are ready to configure and deploy the Naming Authority. There are two components to the naming authority: the web application and the grid service. The web application enables the resolution of identifiers via HTTP while the grid service provides an interface for clients to create and maintain identifiers.