MDS 2.4 Configuration Files
The MDS 2.4 installation creates several configuration files of interest to system administrators and programmers. These files are located in $GLOBUS_LOCATION/etc. The configuration files and their functions are as follows. Click on a configuration file name to see an example of that file.
Sets the default values for the arguments to the grid-info-search command. Specifies the administrator's e-mail address.
Determines which GRIS information providers are active and available to send data to the GIIS resources to which a GRIS is registering. Describes the core information providers as well as any custom providers for the GRIS. This file shows the set of available providers and how they fit into the hierarchy of Distinguished Names (DNs) in the Directory Information Tree (DIT). In addition to the core GRIS providers, this file includes an entry for a GridFTP performance provider.
grid-info-resource-register.conf
Lists the GIIS servers to which a GRIS will register directly. The default is to register to the local GIIS on the host. This file identifies host names, ports, and time values that control registration messages from a GRIS to a GIIS server. This file also specifies the binding method for mutual authentication between GIIS and GRIS machines as well as between GIIS machines in a hierarchy. The binding method must be specified in this file for registration to work.
Initializes the data structure for a GRIS registering to a GIIS. The GIIS server reads this file and initializes registration entries in its data structure. This file allows the GIIS to initialize registrations regardless of receiving registration messages from other GIIS or GRIS machines.
This file also allows the GIIS to set timing, registration control, and binding method parameters. Without this file, those parameters are set only by registrants that send registration messages to the GIIS.
Controls the acceptance of registration messages by a GIIS. Can be used to create an open policy where all registrants are welcome, or a closed system whereby only specified resources can register with a GIIS. This file can specify the binding method for mutual authentication between a specified GRIS or GIIS resource registering with a GIIS. The default is for the GIIS to accept registrations only from itself, and from port 2135. This file must be modified from the default in a hierarchical GIIS environment.
Note that the policydata: line in this file must be on the very next line after the objectclass: line; there should not be a blank or any other line between these two lines. This is a requirement of LDIF syntax standards as described in The LDIF Data Interchange Format - Technical Specification (RFC 2849: ftp://ftp.isi.edu/in-notes/rfc2849.txt).
Designates the GIIS and GRIS provider components to OpenLDAP. This file sets basic information access control rules, establishes LDAP and MDS information schema, defines back ends supported by the slapd server, and sets anonymous binding.
This file also controls the number of objects returned by the slapd server to the client, the amount of time the slapd server will spend in answering a search request, and the maximum number of worker threads in a slapd process. By increasing the maximum number of threads, the slapd server can handle more simultaneous queries faster, but at the expense of using more resources such as memory.
grid-info-deployment-comments.conf
Contains an administrator-specified comment regarding MDS system deployment. This file can be edited to include any desired comment regarding MDS deployment. The comment appears in the output of the grid-info-search command when all objects on a host are queried.
Sets the values of the environment variables (such as those for the certificate and key) when MDS is started.
Provided for use with the gridftp-perf-info information provider if you want to publish GridFTP performance information into MDS. This file can be edited to configure it to your GridFTP environment and information reporting requirements in terms of host name, URL, and logfile location.
Feedback on This Document
Please send any
questions or comments on this document to:
mds-documentation@globus.org
Related Documentation
For more details on core information providers, refer to MDS 2.4 Core GRIS Providers.
For more details on custom information providers and on grid-info-resource-ldif.conf, refer to MDS 2.4 GRIS Specification Document: Creating New Information Providers.
For more details on grid-info-resource-ldif.conf, grid-info-resource-register.conf, timing and registration control parameters, grid-info-site-policy.conf, and grid-info-slapd.conf, refer to MDS 2.4: Creating a Hierarchical GIIS.
#################################################################
#
# File: grid-info.conf
#
# Purpose: This file contains the configuration information
# for the local MDS service
#
#################################################################
# These values are modifiable by the administrator
GRID_INFO_HOST="giis-demo.globus.org"
GRID_INFO_PORT="2135"
GRID_INFO_BASEDN="Mds-Vo-name=local, o=Grid"
GRID_INFO_ORGANIZATION_DN="Mds-Vo-name=site, o=Grid"
GRID_INFO_ORGANIZATION_ADMIN_DN=""
GRID_INFO_TIMEOUT="30"
# Specify the administrator's e-mail address here
GRID_INFO_ADMINISTRATOR="name@organization.org"
export GRID_INFO_HOST
export GRID_INFO_PORT
export GRID_INFO_TIMEOUT
export GRID_INFO_ORGANIZATION_DN
export GRID_INFO_ORGANIZATION_ADMIN_DN
export GRID_INFO_ADMINISTRATOR
# These values are used by several scripts
hostname="giis-demo.globus.org"
Example grid-info-resource-ldif.conf
# This file contains the core GRIS providers and must be
# configured for a particular platform to specialize the
# template...
# generate top-level Mds-Host-hn=host object every minute
dn: Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid
objectclass: GlobusTop
objectclass: GlobusActiveObject
objectclass: GlobusActiveSearch
type: exec
path: /testing/beta2.0/globus-install/libexec
base: grid-info-platform-merged
args: -dn Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid -validto-secs 60 -keepto-secs 60
cachetime: 60
timelimit: 20
sizelimit: 1
# generate CPU availablity information every minute
dn: Mds-Device-Group-name=processors,
Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid
objectclass: GlobusTop
objectclass: GlobusActiveObject
objectclass: GlobusActiveSearch
type: exec
path: /testing/beta2.0/globus-install/libexec
base: grid-info-cpufast-uptime
args: -devclassobj -devobjs -dn Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid -validto-secs 60 -keepto-secs 60
cachetime: 60
timelimit: 20
sizelimit: 100
# generate CPU inventory (hidden cache) every 12 hours
dn: Mds-Device-Group-name=processors, Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid
objectclass: GlobusTop
objectclass: GlobusActiveObject
objectclass: GlobusActiveSearch
type: exec
path: /testing/beta2.0/globus-install/libexec
base: grid-info-cpu-linux
args: -noobjs
cachetime: 43200
timelimit: 20
sizelimit: 1
# generate memory info every minute
dn: Mds-Device-Group-name=memory, Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid
objectclass: GlobusTop
objectclass: GlobusActiveObject
objectclass: GlobusActiveSearch
type: exec
path: /testing/beta2.0/globus-install/libexec
base: grid-info-mem-linux
args: -devclassobj -devobjs -dn Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid -validto-secs 60 -keepto-secs 60
cachetime: 60
timelimit: 10
sizelimit: 3
# generate disk info every 15 minutes
dn: Mds-Device-Group-name=filesystems,
Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid
objectclass: GlobusTop
objectclass: GlobusActiveObject
objectclass: GlobusActiveSearch
type: exec
path: /testing/beta2.0/globus-install/libexec
base: grid-info-fs-posix
args: -devclassobj -devobjs -dn Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid -validto-secs 900 -keepto-secs 900
cachetime: 900
timelimit: 20
sizelimit: 20
# generate network info every 15 minutes
dn: Mds-Device-Group-name=networks, Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid
objectclass: GlobusTop
objectclass: GlobusActiveObject
objectclass: GlobusActiveSearch
type: exec
path: /testing/beta2.0/globus-install/libexec
base: grid-info-net-linux
args: -devclassobj -devobjs -dn Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid -validto-secs 900 -keepto-secs 900
cachetime: 900
timelimit: 20
sizelimit: 20
# generate OS info every 12 hours
dn: Mds-Software-deployment=operating system, Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid
objectclass: GlobusTop
objectclass: GlobusActiveObject
objectclass: GlobusActiveSearch
type: exec
path: /testing/beta2.0/globus-install/libexec
base: grid-info-os-uname
args: -devclassobj -devobjs -dn Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid -validto-secs 900 -keepto-secs 900
cachetime: 43200
timelimit: 20
sizelimit: 1
# generate GRIS info every 12 hours
dn: Mds-Software-deployment=MDS GRIS, Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid
objectclass: GlobusTop
objectclass: GlobusActiveObject
objectclass: GlobusActiveSearch
type: exec
path: /testing/beta2.0/globus-install/libexec
base: grid-info-mds-core
args: -devclassobj -devobjs -dn Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local,o=grid -validto-secs 43200 -keepto-secs 43200
cachetime: 43200
timelimit: 20
sizelimit: 1
# generate GridFTP performance information every 1 day
# dn: Mds-Device-Group-name=performance, Mds-Host-hn=giis-demo.globus.org, Mds-Vo-name=local, o=grid
# objectclass: GlobusTop
# objectclass: GlobusActiveObject
# objectclass: GlobusActiveSearch
# type: exec
# path: /testing/beta2.0/globus-install/libexec
# base: gridftp-perf-info
# args: -devclassobj -devobjs -dn Mds-Host-hn=giis-
# demo.globus.org,Mds-Vo-name=local,o=grid -validto-secs 86400
# -keepto-secs 86400
# cachetime: 86400
# timelimit: 100
# sizelimit: 100
Example grid-info-resource-register.conf
#
# Each LDIF record describes one registration target. May have
# zero or more.
#
# Currently supported "MDSreg2" format:
#
# dn: <LDAP add object DN>
# regtype: <version level>
# reghn: <host to send registration to>
# regport: <port to send registration to>
# regperiod: <length of time between outgoing registration
# messages (seconds)>
# [service attribute/value]...
#
# Note that regtype is the version level of the MDS software.
# For example,any resource running MDS 2.4 would use a regtype
# of mdsreg2.
# The [service attribute/value] entries depend on the type of
# LDAP object being published. For MDS 2.4 registration
# objects, the attributes are:
#
# type: ldap
# hn: <hostname of registrant>
# port: <port of registrant>
# rootdn: <DN suffix of registrant>
# ttl: <length of time to keep registration data in the
# registrar>
# timeout: <after how long should a client abandon queries to
# registrant>
# mode: cachedump
# cachettl: <length of time for client to cache data>
# bindmethod: binding method from the upper level giis
# AUTHC-ONLY/AUTHC-FIRST/ANONYM-ONLY
#
# for default MDS 2.4 install
# register this server GRIS to this server GIIS
dn: Mds-Vo-Op-name=register, Mds-Vo-name=site, o=grid
regtype: mdsreg2
reghn: giis-demo.globus.org
regport: 2135
regperiod: 600
type: ldap
hn: test.isi.edu
port: 2135
rootdn: Mds-Vo-name=local, o=grid
ttl: 1200
timeout: 20
mode: cachedump
cachettl: 30
bindmethod: ANONYM-ONLY
Example grid-info-site-giis.conf
#
# Each LDIF record describes one registration target. May have
# zero or more.
#
# Example entry:
#
# dn: Mds-Vo-name=site,o=Grid
# objectClass: Mds
# objectClass: MdsVoOp
# objectClass: MdsService
# objectClass: MdsServiceLdap
# Mds-Service-type: ldap
# Mds-Service-hn: giis-demo.globus.org
# Mds-Service-port: 2135
# Mds-Service-Ldap-suffix: Mds-Vo-name=local, o=grid
# Mds-Service-Ldap-sizelimit: 0
# Mds-Service-Ldap-timeout: 30
# Mds-Service-Ldap-cachettl: 50
# Mds-Bind-Method-servers: ANONYM-ONLY
# Mds-validfrom: 20020522174628Z
# Mds-validto: 20020522180128Z
# Mds-keepto: 20020522180128Z
Example grid-info-site-policy.conf
#
# MDS registration policy file
#
# example:
# objectclass: MdsRegistrationPolicy
# policydata:
# (&(Mds-Service-hn=dc-*.isi.edu)(Mds-Service-port=2135))
#
# Note that the policydata: line must be on the very next
# line after the objectclass: line; no other lines (even
# blanks) should be between them.
# accept our own local GRIS by default
objectclass: MdsRegistrationPolicy
policydata:
(&(Mds-Service-hn=test.isi.edu)(Mds-Service-port=2135))
sizelimit 1024
# This sets the global sizelimit for the number of objects
# returned by the slapd server to the client. The default is 500. # A specific sizelimit can also be set for an individual
# database, as shown for the ldif database below.
timelimit 75
# This sets the global timelimit in seconds for the amount of
# time the slapd server will spend in answering a search request. # The default is 3600. A specific timelimit can also be set for
# an individual database, as shown for the ldif database below.
threads 256
# This sets the maximum number of worker threads in a slapd
# process. The default is 32. The threads value affects the
# performance of the slapd server when it receives multiple
# simultaneous queries. For example, if threads is 32 and 35
# queries arrive simultaneously, then 3 queries are queued
# waiting for 3 threads to become available.
schemacheck off
include /scratch/jn-beta/new-
release/test/INSTALL/etc/openldap/schema/core.schema
include /scratch/jn-beta/new-
release/test/INSTALL/etc/grid-info-resource.schema
pidfile /scratch/jn-beta/new-
release/test/INSTALL/var/resourceslapd.pid
argsfile /scratch/jn-beta/new-
release/test/INSTALL/var/resourceslapd.args
modulepath /scratch/jn-beta/new-
release/test/INSTALL/libexec/openldap/gcc32dbg
moduleload libback_ldif.la
moduleload libback_giis.la
database ldif
suffix "Mds-Vo-name=local, o=Grid"
sizelimit 50
timelimit 36
conf /scratch/jn-beta/new-
release/test/INSTALL/etc/grid-info-resource-ldif.conf
anonymousbind yes
access to * by * write
database giis
suffix "Mds-Vo-name=site, o=Grid"
conf /scratch/jn-beta/new-
release/test/INSTALL/etc/grid-info-site-giis.conf
policyfile /scratch/jn-beta/new-
release/test/INSTALL/etc/grid-info-site-policy.conf
anonymousbind yes
access to * by * write
Example grid-info-deployment-comments.conf
# Every line of this file which does not begin with # will be
# used to generate an Mds-Service-admin-comment entry in the
# MDS software deployment object.
This is the MDS 2.4 deployment. Change this comment as you like.
Example grid-info-server-env.conf
#! /bin/bash
. ${GLOBUS_LOCATION}/libexec/globus-script-initializer
if [ ! -z "${GRID_SECURITY_DIR}" ] &&
[ -r "${GRID_SECURITY_DIR}/ldap/ldapkey.pem" ] &&
[ -r "${GRID_SECURITY_DIR}/ldap/ldapcert.pem" ] ; then
X509_USER_CERT=${GRID_SECURITY_DIR}/ldap/ldapcert.pem
X509_USER_KEY=${GRID_SECURITY_DIR}/ldap/ldapkey.pem
elif [ -r "/etc/grid-security/ldap/ldapkey.pem" ] &&
[ -r "/etc/grid-security/ldap/ldapcert.pem" ] ; then
X509_USER_CERT=/etc/grid-security/ldap/ldapcert.pem
X509_USER_KEY=/etc/grid-security/ldap/ldapkey.pem
secconfdir="/etc/grid-security"
elif [ -r "${GLOBUS_LOCATION}/etc/ldap/ldapkey.pem" ] &&
[ -r "${GLOBUS_LOCATION}/etc/ldap/ldapcert.pem" ] ; then
secconfdir="${GLOBUS_LOCATION}/etc"
X509_USER_CERT=${GLOBUS_LOCATION}/etc/ldap/ldapcert.pem
X509_USER_KEY=${GLOBUS_LOCATION}/etc/ldap/ldapkey.pem
fi
# It is possible that we may reach the end of this if without
# matching, if no certificate/key pair found anywhere.
# This is ok.
X509_RUN_AS_SERVER=true
GRIDMAP=${sysconfdir}/grid-mapfile
LD_LIBRARY_PATH=${GLOBUS_LOCATION}/lib:${LD_LIBRARY_PATH}
SASL_PATH=${GLOBUS_LOCATION}/lib/sasl
export X509_USER_CERT
export X509_USER_KEY
export X509_RUN_AS_SERVER
export GRIDMAP
export LD_LIBRARY_PATH
export SASL_PATH
dn: Mds-Device-name=GridFTP,Mds-Device-Group-name=performance,
Mds-Device-name: GridFTP
Mds-Device-Group-name: performance
Mds-Host-hn: giis-demo.globus.org
Mds-Gridftp-gridftpurl: gsiftp://configure.me:61000
Mds-Gridftp-loglocation: /pathto/logfile
objectClass: MdsGridftp