Argus Service Deployment for 1.7 version

Argus Service Reference Card: Argus Service Reference Card.

Requirements

Platform

The supported platforms are:

Host Certificate

The Argus services require a valid host certificate. The key pair is typically installed in /etc/grid-security/hostcert.pem and /etc/grid-security/hostkey.pem

Installation with YUM

The Argus Authorization Service is a bundle of 3 services (the PAP, PDP and PEP Server). Packages for the three services can be easily installed on a given machine by installing the argus-authz metapackage, as in the following command:

yum install argus-authz

Install the EGI IGTF Bundle

If not already present on your host, install the EGI IGTF trust anchors. More information available online: https://wiki.egi.eu/wiki/EGI_IGTF_Release

Verify fetch-crl

The Argus metapackage install the fetch-crl cron job; run it once, and verify that the cron job is enabled and started:

# run it immediately (it can take some time...)
fetch-crl

# enable the periodic fetch-crl cron job
chkconfig fetch-crl-cron on
service fetch-crl-cron start

For EL7 system, enable fetch-crl cron job with:

systemctl start fetch-crl-cron
systemctl enable fetch-crl-cron

Install the Argus Metapackage

The argus-authz metapackage bundles the 3 Argus services: PAP, PDP and PEP Server

Therefore, the argus-authz metapackage is the simplest way to install the Argus Authorization Services (PAP, PDP and PEP Server) on your host.

Use YUM to install the Argus metapackage: yum install argus-authz

At this point all 3 Argus services (PAP, PDP and PEP server) are installed on your host. You must now continue with the Argus service configuration with YAIM.

Update with YUM

Argus and its components are packages in the UMD repositories, and therefore automatically updated if a new version is available and yum update is executed. The updating process however is stopping the Argus services (PAP, PEPd and PDP). To get Argus back to work after an update it is recommended to restart the services.

Warning

Please make sure that your system does not use the automated yum updating service, since this may lead to a stopped Argus server in case of a unnoticed update.

Configuration

Nagios Probes for Argus

A set of Nagios probes for Argus (EMI-2 and EMI-3) are available to monitor the Argus PAP, PDP and PEP Server:

EMIR Publisher for Argus 1.6 (EMI-3)

You can use EMIR-SERP to publish the Argus resource information to EMIR. EMIR-SERP uses the information already available in the resource BDII and publish it to an EMIR DSR endpoint.

Known Issues

In the 1.7 version, there are no known issues. For older versions, see Known Issues for older version