Difference between revisions of "Installing updates: OS, CAs, Quattor, VL-e"

From PDP/Grid Wiki
Jump to navigationJump to search
m
Line 39: Line 39:
 
  variable KERNEL_VERSION_NUMBER ?= "2.6.9-78.0.8.EL";
 
  variable KERNEL_VERSION_NUMBER ?= "2.6.9-78.0.8.EL";
  
=== Generation of other templates
+
=== Generation of other templates ===
  
 
Update templates for VL-e software can be generated using rpmUpdates.pl.
 
Update templates for VL-e software can be generated using rpmUpdates.pl.
  
The easiest way to deal with a set of new CAs, is to download the template from the CA site:
+
The easiest way to deal with a set of new CAs, is to download the template from the CA site: [[http://groep.web.cern.ch/groep/cadist/]] (you need to go down into the directory corresponding to the new release and get the file pro_software_meta_lcg_CA.tpl).
  
and customize it.
+
This file needs to be customized: the template's name should read common/security/lcg-CA. Do not forget to rename the generated file accordingly.
  
 
To change the Quattor software that is installed, the new versions should be added by hand to the templates.
 
To change the Quattor software that is installed, the new versions should be added by hand to the templates.

Revision as of 12:23, 17 December 2008

Installing updates comprises the following steps:

  • Synchronization of the local mirror of the OS repository
  • Generation of Quattor update templates
  • Compilation and deployment

This procedure applies to software updates for the Operating System, the CA certificates, Quattor software and VL-e software.


Synchronization of the local mirror

As user ndpfmgr at Quattor server stal, execute the script

mirror-centos

This will synchronize the local OS mirror at host stal with the OS mirror at spiegel.

At the moment, the following distributions are mirrored:

  • CentOS 3.9 i386
  • CentOS 4.7 i386
  • CentOS 4.7 x86_64
  • CentOS 5.2 i386
  • CentOS 5.2 x86_64

Other mirror scripts:

  • mirror_cas: refresh the CA mirror in /project/quattor/www/html/mirror/CA/
  • mirror-quattor: refresh the Quattor software under /project/quattor/www/html/quattor/
  • mirror-vle: refresh the VL-e PoC R3 mirror under /project/quattor/www/html/mirror/VL-e//R3/

Generation of the OS update template for Quattor

At host stal using your personal account, run rpmUpdates.pl to generate an update template from the available OS updates:

$L/../bin/rpmUpdates.pl /project/mirror/centos/4.7/updates/i386/RPMS/ > /tmp/updates-centos47_i386.tpl

The generated template will contain only the last version of each package found in the update repository, except for the kernel packages, for which all versions are added. By convention, we want Quattor only to keep the installation of the currently running kernel and the desired new kernel version. The other modules should thus be removed by hand.

While editing the generated file, ensure that the template name is rpms/updates. Finally copy the edited file to $L/cfg/os/<distribution>/rpms/updates.tpl

If the target kernel version has changed, the value of the Pan variable KERNEL_VERSION_NUMBER has to be changed accordingly in the template $L/cfg/os/<distribution>/config/os/kernel_version_arch.tpl:

variable KERNEL_VERSION_NUMBER ?= "2.6.9-78.0.8.EL";

Generation of other templates

Update templates for VL-e software can be generated using rpmUpdates.pl.

The easiest way to deal with a set of new CAs, is to download the template from the CA site: [[1]] (you need to go down into the directory corresponding to the new release and get the file pro_software_meta_lcg_CA.tpl).

This file needs to be customized: the template's name should read common/security/lcg-CA. Do not forget to rename the generated file accordingly.

To change the Quattor software that is installed, the new versions should be added by hand to the templates.

Compilation and Deployment

Perform a test compilation in your local environment and do not forget to refresh the repository templates:

makexprof -u -f itb

If this succeeds, commit the changes to SVN and follow the deployment procedure to install the updates.

Note: if a kernel update is installed, schedule a reboot of the node(s) to ensure that the desired kernel is loaded as soon as possible, to prevent surprises at a later stage.