Difference between revisions of "1.0 Release Notes"

From GCube System
Jump to: navigation, search
(Changes Related to the gHN)
(Changes Related to the gHN)
Line 14: Line 14:
 
::* the <code>Security descriptor ($GLOBUS_LOCATION/etc/globus_wsrf_core/global_security_descriptor.xml)</code> for the gHN must be enabled (by removing the comment surrounding the ''containerSecDesc'' element in the ''$GLOBUS_LOCATION/etc/globus_wsrf_core/server-config.wsdd'') and configured to load the appropriate host credentials
 
::* the <code>Security descriptor ($GLOBUS_LOCATION/etc/globus_wsrf_core/global_security_descriptor.xml)</code> for the gHN must be enabled (by removing the comment surrounding the ''containerSecDesc'' element in the ''$GLOBUS_LOCATION/etc/globus_wsrf_core/server-config.wsdd'') and configured to load the appropriate host credentials
 
::* <code>$X509_USER_PROXY</code> environment variable is now exploited to contact the gContainer from outside the process. It is expected to contain a valid proxy accepted by the local gContainer process.
 
::* <code>$X509_USER_PROXY</code> environment variable is now exploited to contact the gContainer from outside the process. It is expected to contain a valid proxy accepted by the local gContainer process.
:: All of them are taken into consideration only in case of secure distribution.
+
:: All of these above are taken into consideration only in case of secure distribution.
 +
::* <code>$START_OPTIONS</code> has been renamed to <code>$GCORE_START_OPTIONS</code>. It can be now either set in the external environment or in the <code>gcore-start-container</code> script
  
 
====Changes Related to Services ====
 
====Changes Related to Services ====

Revision as of 17:11, 4 February 2010

gCore 1.0 introduces the following changes:

Changes Related to the gHN

  • distribution: there are now two distributions of the gHN, secure and standard distribution
  • the secure distribution includes Local Services and Libraries from the standard onf plus:
  • enhanced Delegation service, in charge for providing local services with delegated credentials
  • enhanced Security library, with support for authentication and authorisation of gCube calls and policies management.
  • new gcore-stop-container script, to shutdown a secure container
  • configuration: a set of new configuration settings is available:
  • the GHNConfig.xml has been extended with two additional configuration parameters:
  • allowedScopes, letting the Site Manager to decide to which VOs the gHN can be joined in the future (upon VO Manager decisions)
  • trustedGHNSynchInterval, how often the gHN refreshes the list of trusted gHNs (in seconds).
  • the Security descriptor ($GLOBUS_LOCATION/etc/globus_wsrf_core/global_security_descriptor.xml) for the gHN must be enabled (by removing the comment surrounding the containerSecDesc element in the $GLOBUS_LOCATION/etc/globus_wsrf_core/server-config.wsdd) and configured to load the appropriate host credentials
  • $X509_USER_PROXY environment variable is now exploited to contact the gContainer from outside the process. It is expected to contain a valid proxy accepted by the local gContainer process.
All of these above are taken into consideration only in case of secure distribution.
  • $START_OPTIONS has been renamed to $GCORE_START_OPTIONS. It can be now either set in the external environment or in the gcore-start-container script

Changes Related to Services

None

Changes Related to the Documentation

  • new/revised sections in the Administrator's Guide.
Administrator's Guide has an enriched configuration section on how to setup a secure gHN.