Difference between revisions of "1.0 Release Notes"
From GCube System
Manuele.simi (Talk | contribs) (→Changes Related to the gHN) |
Manuele.simi (Talk | contribs) |
||
Line 12: | Line 12: | ||
:::* ''allowedScopes'', letting the Site Manager to decide to which VOs the gHN can be joined in the future (upon VO Manager decisions) | :::* ''allowedScopes'', letting the Site Manager to decide to which VOs the gHN can be joined in the future (upon VO Manager decisions) | ||
:::* ''trustedGHNSynchInterval'', how often the gHN refreshes the list of trusted gHNs (in seconds). | :::* ''trustedGHNSynchInterval'', how often the gHN refreshes the list of trusted gHNs (in seconds). | ||
− | ::* the <code>Security descriptor ($ | + | ::* the <code>Security descriptor ($GLOBUS_LOCATION/etc/globus_wsrf_core/global_security_descriptor.xml)</code> for the gHN must be enabled (by removing the comment surrounding the ''containerSecDesc'' element in the ''$GLOBUS_LOCATION/etc/globus_wsrf_core/server-config.wsdd'') and configured to load the appropriate host credentials |
::* <code>$X509_USER_PROXY</code> environment variable is now exploited to contact the gContainer from outside the process. It is expected to contain a valid proxy accepted by the local gContainer process. | ::* <code>$X509_USER_PROXY</code> environment variable is now exploited to contact the gContainer from outside the process. It is expected to contain a valid proxy accepted by the local gContainer process. | ||
: All of them are taken into consideration only in case of secure distribution. | : All of them are taken into consideration only in case of secure distribution. |
Revision as of 16:55, 4 February 2010
gCore 1.0
introduces the following changes:
Changes Related to the gHN
- distribution: there are now two distributions of the gHN, secure and standard distribution
- the secure distribution includes Local Services and Libraries from the standard onf plus:
- enhanced
Delegation
service, in charge for providing local services with delegated credentials - enhanced
Security
library, with support for authentication and authorisation of gCube calls and policies management. - new
gcore-stop-container
script, to shutdown a secure container
- enhanced
- configuration: a set of new configuration settings is available:
- the
GHNConfig.xml
has been extended with two additional configuration parameters:
- allowedScopes, letting the Site Manager to decide to which VOs the gHN can be joined in the future (upon VO Manager decisions)
- trustedGHNSynchInterval, how often the gHN refreshes the list of trusted gHNs (in seconds).
- the
Security descriptor ($GLOBUS_LOCATION/etc/globus_wsrf_core/global_security_descriptor.xml)
for the gHN must be enabled (by removing the comment surrounding the containerSecDesc element in the $GLOBUS_LOCATION/etc/globus_wsrf_core/server-config.wsdd) and configured to load the appropriate host credentials -
$X509_USER_PROXY
environment variable is now exploited to contact the gContainer from outside the process. It is expected to contain a valid proxy accepted by the local gContainer process.
- the
- All of them are taken into consideration only in case of secure distribution.
Changes Related to Services
None
Changes Related to the Documentation
- new/revised sections in the Administrator's Guide.
- Administrator's Guide has an enriched configuration section on how to setup a secure gHN.