Difference between revisions of "1.0 Release Notes"

From GCube System
Jump to: navigation, search
(Changes Related to the gHN)
Line 8: Line 8:
 
:::* new <code>gcore-stop-container</code> script, to shutdown a secure container
 
:::* new <code>gcore-stop-container</code> script, to shutdown a secure container
  
:* ''configuration''
+
:* ''configuration'': a set of new configuration settings is available:
 
::* the <code>GHNConfig.xml</code> has been extended with two additional configuration parameters:
 
::* the <code>GHNConfig.xml</code> has been extended with two additional configuration parameters:
:::* '''allowedScopes''', letting the Site Manager to decide to which VOs the gHN can be joined in the future (upon VO Manager decisions)
+
:::* ''allowedScopes'', letting the Site Manager to decide to which VOs the gHN can be joined in the future (upon VO Manager decisions)
:::* '''trustedGHNSynchInterval''', how often the gHN refreshes the list of trusted gHNs (in seconds).  
+
:::* ''trustedGHNSynchInterval'', how often the gHN refreshes the list of trusted gHNs (in seconds).  
Both of the are taken into consideration only in case of secure distribution.
+
::* the <code>Security descriptor ($GLOBUS_LOCATIONetc/globus_wsrf_core/global_security_descriptor.xml)</code> for the gHN must be enabled (by removing the comment surrounding the ''containerSecDesc'' element in the ''$GLOBUS_LOCATION/etc/globus_wsrf_core/server-config.wsdd'') and configured to load the appropriate host credentials
 
::* <code>$X509_USER_PROXY</code> environment variable is now exploited to contact the gContainer from outside the process. It is expected to contain a valid proxy accepted by the local gContainer process.
 
::* <code>$X509_USER_PROXY</code> environment variable is now exploited to contact the gContainer from outside the process. It is expected to contain a valid proxy accepted by the local gContainer process.
 +
: All of them are taken into consideration only in case of secure distribution.
  
 
====Changes Related to Services ====
 
====Changes Related to Services ====

Revision as of 16:50, 4 February 2010

gCore 1.0 introduces the following changes:

Changes Related to the gHN

  • distribution: there are now two distributions of the gHN, secure and standard distribution
  • the secure distribution includes Local Services and Libraries from the standard onf plus:
  • enhanced Delegation service, in charge for providing local services with delegated credentials
  • enhanced Security library, with support for authentication and authorisation of gCube calls and policies management.
  • new gcore-stop-container script, to shutdown a secure container
  • configuration: a set of new configuration settings is available:
  • the GHNConfig.xml has been extended with two additional configuration parameters:
  • allowedScopes, letting the Site Manager to decide to which VOs the gHN can be joined in the future (upon VO Manager decisions)
  • trustedGHNSynchInterval, how often the gHN refreshes the list of trusted gHNs (in seconds).
  • the Security descriptor ($GLOBUS_LOCATIONetc/globus_wsrf_core/global_security_descriptor.xml) for the gHN must be enabled (by removing the comment surrounding the containerSecDesc element in the $GLOBUS_LOCATION/etc/globus_wsrf_core/server-config.wsdd) and configured to load the appropriate host credentials
  • $X509_USER_PROXY environment variable is now exploited to contact the gContainer from outside the process. It is expected to contain a valid proxy accepted by the local gContainer process.
All of them are taken into consideration only in case of secure distribution.

Changes Related to Services

None

Changes Related to the Documentation

  • new/revised sections in the Administrator's Guide.
Administrator's Guide has an enriched configuration section on how to setup a secure gHN.