[GE users] kestore/passwd issue when adding GE adaptive service

cbyun cbyun at ll.mit.edu
Tue Jul 21 14:08:57 BST 2009


Thanks Michal,

I completely forgot about it.
Now it works.

- Chansup

> -----Original Message-----
> From: Michal.Bachorik at sun.com [mailto:Michal.Bachorik at sun.com]
> Sent: Friday, July 17, 2009 2:59 PM
> To: users at gridengine.sunsource.net
> Subject: Re: [GE users] kestore/passwd issue when adding GE adaptive
> service
> 
> chansup,
> 
> put the keystore password to ge service configuration:
> 
>  > sdmadm mc -c gesvc
> ...
> <ge_adapter:connection
> keystore="/var/sgeCA/port6444/default/userkeys/root/keystore"
>                            password="your keystore password here"
> ...
> 
>  > sdmadm uc -c gesvc
> 
> see
> http://72.5.124.69/display/gridengine62u3/Grid+Engine+Service+Adapter+Conf
> iguration,
> and look for a keystore reference. if keystore is password protected,
> the password attribute of connection element is used to get the password
> information.
> 
> Regards,
> 
> michal
> 
> 
> cbyun wrote:
> > Hi,
> >
> > I've cleaned up my test environment and restarted to install everything
> from the scratch. But I got the following issue when I tried to add GE
> adaptive service:
> >
> > # sdmadm ss
> > host            service    cstate  sstate
> > ------------------------------------------
> > llgriddev.local gesvc      STOPPED ERROR
> >                 spare_pool STARTED RUNNING
> >
> > The log shows that
> >
> > 07/17/2009
> 11:31:44|21|e.impl.ge.GEServiceAdapterImpl.doStartService|I|Service gesvc:
> Starting Grid Engine service
> > 07/17/2009
> 11:31:44|21|rm.service.impl.AbstractServiceAdapter$1.call|E|Service
> startup failed: Cannot create keystore from
> /var/sgeCA/port6444/default/userkeys/sge/keystore: Keystore was tampered
> with, or password was incorrect
> > 07/17/2009
> 11:31:44|22|rm.impl.AbstractComponent$3.performTransition|W|Componentgesvc
> : Error in startup procedure: Service gesvc: Unexpected error in state
> transition UnknownStateHandler[UNKNOWN] -> StartingStateHandler[STARTING]:
> Service startup failed: Cannot create keystore from
> /var/sgeCA/port6444/default/userkeys/sge/keystore: Keystore was tampered
> with, or password was incorrect
> >
> > The only thing I did differently this time was that I generated sge
> admin user keystore with a password so that I can use the sge admin user
> account to access the SGE inspect tool. Apparently this new step caused
> the issue.
> >
> > Is this not allowed?
> >
> > Here is what I did:
> >
> > 1. Install SGE qmaster on llgriddev
> > 2. Create SGE Admin user (sge) kestore with password [additonal step]
> >    # $SGE_ROOT/util/sgeCA/sge_ca -ks sge -ksout \
> >       /var/sgeCA/port6444/default/userkeys/sge/keystore \
> >       -kspwf ./mysecret.txt
> >
> >     This step will overwrite the existing admin keystore.
> >     Is this not allowed?
> >
> > 3. Install SGE inspect
> > 4. Check if the SGE admin user to connect to the cluster via SGE inspect
> >   (This worked fine using the password used in 2nd step)
> >
> > 5. Install SDM master hosts
> > 6. Install SDM managed hosts
> >    For this procedure, I used the following sge keystore and cacert:
> >     /var/spool/sdm/sdm62u3/security/users/sge.keystore \
> >     /var/spool/sdm/sdm62u3/security/ca/ca_top/cacert.pem \
> >
> >    All JVMs are up and running fine:
> >
> > # sdmadm sj
> > name  host            state      used_mem  max_mem   message
> > ------------------------------------------------------------------------
> ---------------------
> > cs_vm blade-0-1.local STARTED           9M       28M
> >       blade-0-2.local STARTED           3M       28M
> >       blade-0-3.local STARTED           5M       28M
> >       blade-0-4.local STARTED           8M       28M
> >       blade-0-5.local STARTED           5M       28M
> >       blade-0-6.local STARTED           8M       28M
> >       blade-0-8.local STARTED           8M       28M
> >       blade-0-9.local STARTED           4M       28M
> >       llgriddev.local STARTED          11M      341M
> >
> >
> >  7. Add GE adaptive service:
> >
> >     # sdmadm add_ge_service -h llgriddev -j cs_vm -s gesvc -start
> >
> >     Then, added the following the cluster information:
> >
> > <ge_adapter:connection
> > keystore="/var/sgeCA/port6444/default/userkeys/sge/keystore"
> > password=""  [empty if keystore used]
> > username="sge"
> > jmxPort="6446"
> > execdPort="6445"
> > masterPort="6444"
> > cell="default"
> > root="/usr/local/sge/62u3"
> > clusterName="dev6444"/>
> >
> > Thanks,
> > - Chansup
> >
> > ------------------------------------------------------
> >
> http://gridengine.sunsource.net/ds/viewMessage.do?dsForumId=38&dsMessageId
> =207820
> >
> > To unsubscribe from this discussion, e-mail: [users-
> unsubscribe at gridengine.sunsource.net].
> >
> 
> ------------------------------------------------------
> http://gridengine.sunsource.net/ds/viewMessage.do?dsForumId=38&dsMessageId
> =207846
> 
> To unsubscribe from this discussion, e-mail: [users-
> unsubscribe at gridengine.sunsource.net].

------------------------------------------------------
http://gridengine.sunsource.net/ds/viewMessage.do?dsForumId=38&dsMessageId=208607

To unsubscribe from this discussion, e-mail: [users-unsubscribe at gridengine.sunsource.net].



More information about the gridengine-users mailing list