| Version 24 (modified by bartek, 12 years ago) (diff) |
|---|
QCG-Notification Configuration Examples
GSI Authentication
Configuration of the service to use GSI Authentication
- Organize credential files for the QCG-Notification service, i.e. cert and key in pem format. The files should be owned by the qcg-ntf user and have appropriate permissions.
# tree -pug /etc/qcg/qcg-ntf/certs /etc/qcg/qcg-ntf/certs |-- [-rw-r--r-- qcg-ntf qcg-dev ] hostcert.pem `-- [-r-------- qcg-ntf qcg-dev ] hostkey.pem
- Edit the QCG-Notification configuration file and configure the sm:atc_transport_gsi.service authentication module. Set the X509CertFile and X509KeyFile to point to the respective credential files. The example configuration file may look as follows:
<sm:QCGCore xmlns:sm="http://schemas.qoscosgrid.org/core/2011/04/config" xmlns="http://schemas.qoscosgrid.org/ntf/2011/04/config" xmlns:smn="http://schemas.qoscosgrid.org/ntf/2011/04/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <Configuration> <sm:ModuleManager> <sm:Directory>/usr/lib64/qcg-core/modules</sm:Directory> <sm:Directory>/usr/lib64/qcg-ntf/modules</sm:Directory> </sm:ModuleManager> <sm:Service xsi:type="ntfd" description="QCG Notification"> <sm:Logger> <sm:Filename>/var/log/qcg/qcg-ntf/qcg-ntfd.log</sm:Filename> <sm:Level>INFO</sm:Level> </sm:Logger> <sm:Transport> <sm:Module xsi:type="sm:ecm_gsoap.service"> <sm:Host>grass1.man.poznan.pl</sm:Host> <sm:Port>19001</sm:Port> <sm:UseWSA>true</sm:UseWSA> <sm:Authentication> <sm:Module xsi:type="sm:atc_transport_gsi.service"> <sm:X509CertFile>/etc/qcg/qcg-ntf/certs/hostcert.pem</sm:X509CertFile> <sm:X509KeyFile>/etc/qcg/qcg-ntf/certs/hostkey.pem</sm:X509KeyFile> </sm:Module> </sm:Authentication> </sm:Module> <sm:Module xsi:type="smn:ntf-service-gsoap"/> </sm:Transport> <sm:Module xsi:type="smn:ntf-publisher-gsoap-anonymous"> <smn:UseWSA>true</smn:UseWSA> </sm:Module> <smn:Core> <smn:NotificationsVar> <smn:TopicNsDir>/etc/qcg/qcg-ntf/topicns</smn:TopicNsDir> </smn:NotificationsVar> <smn:Database> <smn:DatabaseEnabled>true</smn:DatabaseEnabled> <smn:DSN>qcg-ntf</smn:DSN> <smn:User>qcg-ntf</smn:User> <smn:Password>some_password</smn:Password> <smn:CleanAtStart>false</smn:CleanAtStart> </smn:Database> </smn:Core> </sm:Service> </Configuration> </sm:QCGCore>
Validation
- Install the client tool for QCG-Notification:
# yum install qcg-ntf-client
- Setup the client gsi authentication module by editing the qcg-ntf-client configuration file (by default /etc/qcg/qcg-ntf/qcg-ntf-client.xml).
<sm:QCGCore xmlns:sm="http://schemas.qoscosgrid.org/core/2011/04/config" xmlns="http://schemas.qoscosgrid.org/ntf/2011/04/config" xmlns:smn="http://schemas.qoscosgrid.org/ntf/2011/04/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <Configuration> <sm:ModuleManager> <sm:Directory>/usr/lib64/qcg-core/modules/</sm:Directory> <sm:Directory>/usr/lib64/qcg-ntf/modules/</sm:Directory> </sm:ModuleManager> <sm:Client xsi:type="ntf-client" description="QCG Notification client"> <sm:Transport> <sm:Module xsi:type="sm:ecm_gsoap.client"> <sm:ServiceURL>httpg://grass1.man.poznan.pl:19001</sm:ServiceURL> <sm:UseWSA>true</sm:UseWSA> <sm:Authentication> <sm:Module xsi:type="sm:atc_transport_gsi.client"/> </sm:Authentication> <sm:Module xsi:type="smn:ntf-client-gsoap"/> </sm:Module> </sm:Transport> </sm:Client> </Configuration> </sm:QCGCore>
- Generate GSI proxy (as a regular user):
$ grid-proxy-init Your identity: /C=PL/O=GRID/O=PSNC/CN=Bartosz Bosak Enter GRID pass phrase for this identity: Creating proxy ............................................. Done Your proxy is valid until: Thu Aug 1 23:20:35 2013
- Try to create a sample subscription:
$ qcg-ntf-client -u httpg://grass1.man.poznan.pl:19001 -S "cons=http://localhost:2233 top=http://schemas.qoscosgrid.org/ntf/2011/04/sample/myhousetopics;//*;Full" Subscribe details: >>> provider: 'httpg://grass1.man.poznan.pl:19001' >>> consRef: 'http://localhost:2233' >>> topicNamespace: 'http://schemas.qoscosgrid.org/ntf/2011/04/sample/myhousetopics' >>> topic: '//*' >>> dialect: 'http://docs.oasis-open.org/wsn/t-1/TopicExpression/Full' >>> period: '' >>> xslt: no Subscribed, subRef: '272872857'
- Delete the subsription:
$ qcg-ntf-client -u httpg://grass1.man.poznan.pl:19001 -U "id=272872857" Unsubscribe details: >>> provider: 'httpg://grass1.man.poznan.pl:19001' >>> subRef: '272872857' Unsubscribed: '272872857'
Publisher Modules
XMPP Publisher module configuration
If needed, the module for publishing notifications via XMPP protocol may be installed and enabled in the service's configuration. To install the plugin invoke:
yum install qcg-ntf-xmpp-publisher-plugin
The relevant part of QCG-Notification configuration file should be uncommented and adjusted to the real situation. For instance, the integration with the PL-Grid XMPP server, assuming that the XMPP account equals 'someaccount' and password is 'somepass', requires the following settings:
<sm:Module xsi:type="smn:ntf-publisher-xmpp"> <smn:JID>someaccount@plgrid.pl/qcg-ntf</smn:JID> <smn:Password>somepass</smn:Password> <smn:Encryption>TLS</smn:Encryption> <smn:CertFingerprint>7B55E421B023D4358BD9CE29F091D91C</smn:CertFingerprint> </sm:Module>
SMTP Publisher module configuration
Sending notifications through e-mails is possible with QCG-Notification SMTP publisher module. To install the module use:
yum install qcg-ntf-smtp-publisher-plugin
The SMTP module can be enabled in the QCG-Notification configuration file by uncommenting and adjusting the relevant 'Module' element. The sample XML fragment presented below is sufficient to distribute e-mails via the locally running SMTP server (eg. Postfix).
<sm:Module xsi:type="smn:ntf-publisher-smtp"> <smn:ServerURL>smtp://localhost:25</smn:ServerURL> </sm:Module>
