Argus Service Deployment for 1.7 version¶
Argus Service Reference Card: Argus Service Reference Card.
Requirements¶
Platform¶
The supported platforms are:
Host Certificate¶
The Argus services require a valid host certificate. The key pair is
typically installed in /etc/grid-security/hostcert.pem
and
/etc/grid-security/hostkey.pem
Installation with YUM¶
The Argus Authorization Service is a bundle of 3 services (the PAP, PDP and PEP
Server). Packages for the three services can be easily installed on a given
machine by installing the argus-authz
metapackage, as in the following
command:
yum install argus-authz
Install the EGI IGTF Bundle¶
If not already present on your host, install the EGI IGTF trust anchors. More information available online: https://wiki.egi.eu/wiki/EGI_IGTF_Release
Verify fetch-crl¶
The Argus metapackage install the fetch-crl
cron job;
run it once, and verify that the cron job is enabled and started:
# run it immediately (it can take some time...)
fetch-crl
# enable the periodic fetch-crl cron job
chkconfig fetch-crl-cron on
service fetch-crl-cron start
For EL7 system, enable fetch-crl
cron job with:
systemctl start fetch-crl-cron
systemctl enable fetch-crl-cron
Install the Argus Metapackage¶
The argus-authz
metapackage bundles the 3 Argus services: PAP, PDP and
PEP Server
Therefore, the argus-authz
metapackage is the simplest way to install
the Argus Authorization Services (PAP, PDP and PEP Server) on your host.
Use YUM to install the Argus metapackage: yum install argus-authz
At this point all 3 Argus services (PAP, PDP and PEP server) are installed on your host. You must now continue with the Argus service configuration with YAIM.
Update with YUM¶
Argus and its components are packages in the UMD repositories,
and therefore automatically updated if a new version is available and
yum update
is executed. The updating process however is stopping the
Argus services (PAP, PEPd and PDP). To get Argus back to work after an
update it is recommended to restart the services.
Warning
Please make sure that your system does not use the automated yum updating service, since this may lead to a stopped Argus server in case of a unnoticed update.
Configuration¶
- Version 1.7: manual configuration.
- Older version: Configuration with YAIM.
Nagios Probes for Argus¶
A set of Nagios probes for Argus (EMI-2 and EMI-3) are available to monitor the Argus PAP, PDP and PEP Server:
- Argus Nagios Probes Documentation (EMI): Nagios Probes for Argus (UMD)
EMIR Publisher for Argus 1.6 (EMI-3)¶
You can use EMIR-SERP to publish the Argus resource information to EMIR. EMIR-SERP uses the information already available in the resource BDII and publish it to an EMIR DSR endpoint.
- See the Argus EMIR Configuration to publish the Argus into EMIR: Argus EMIR Publisher Configuration (EMI-3)
Known Issues¶
In the 1.7 version, there are no known issues. For older versions, see Known Issues for older version