Operations portal

Latest news

Cambridge Cream CE Decommissioning
May 20, 2019 14:51
john hill
more details

Cambridge Cream CE Decommissioning

Good Afternoon,
I intend to decommission the Cream CE at Cambridge (vserv13.hep.phy.cam.ac.uk) as we have moved to using VAC. You are receiving this because your VO is currently supported by this CE. The timescale is:

* 10 June CE goes into downtime and job submission is stopped
* 17 June CE is switched off and shortly afterwards removed from GOCDB

The parent ticket to track the process is at:

https://ggus.eu/index.php?mode=ticket_info&ticket_id=141241

If this plan will cause you problems, please let me know.

Thanks,

John Hill

May 20, 2019 14:51
by john hill

End of LCGDM support including SRM protocol support
May 17, 2019 10:51
matthew viljoen
more details

End of LCGDM support including SRM protocol support

Dear all,

Please note that the DPM development team are ending their support of the DPM "legacy codebase" also known as "lcg-dm" at the end of May 2019. This is part of their plan to deprecate legacy mode in favour of DOME (Disk Operations Management Engine). This move affects dpns, dpmdaemon, rfio, CSec, dmlite:Adapter as well as SRM within DPM. Since release 1.10.3 of DPM it is possible to enable the non-legacy mode DOME - see: https://gitlab.cern.ch/lcgdm/dmlite/blob/master/doc/dome/dome.pdf

If you are affected by this move then please contact your site manager and we can assist with migration to an alternative protocol.

Best regards

EGI Operations Team

May 17, 2019 10:51
by matthew viljoen

DPM workshop 2019 - LHEP (Bern) - 13-14th of June - The registration is OPEN
May 8, 2019 12:12
furano
more details

DPM workshop 2019 - LHEP (Bern) - 13-14th of June - The registration is OPEN

Hello,

I would like to announce the DPM workshop 2019, which will
take place on 13-14 June 2019 at LHEP, University of Bern,
with the support of Laboratory for High Energy Physics (LHEP)
and Albert Einstein Center for Fundamental Physics (AEC).

https://indico.cern.ch/event/776832/

The registration is now OPEN.

You are invited to participate to the workshop and to the discussions,
where we cover news and updates on the status of DPM:
releases, distributions, development directions, involvement of
the DPM collaboration, features, support for old and new components,
performance evaluations and experiences in general.

In this edition, particular focus will be dedicated to discussing
the status of DPM sites with respect to themes like Storage Reporting,
volatile caching pools, third Party COPY campaigns, new bearer-token
authentication directions, and reminding of the end of
support for the older components.

Please register, to allow the local organizers to correctly organize the event and
the social dinner.

Please get in touch if you would like to contribute.
If you have ideas or suggestions for specific topics and contributions,
then please let us know.

We hope to see you all there.

Cheers
Fabrizio on behalf of the DPM team

May 8, 2019 12:12
by furano

Warning: EGI AAI Registry Update Scheduled
May 2, 2019 09:50
Nicolas Liampotis nliam@grnet-hq.admin.grnet.gr
more details

Warning: EGI AAI Registry Update Scheduled

Dear EGI AAI “Check-in” users,

We would like to let you know that on Friday, 3 May, at 10:00 AM CEST, we will perform a major software upgrade of the Check-in COmanage Registry service. The upgrade process is expected to take less than an hour. During that period, user registration and management operations concerning VOs/groups managed by the Registry will not be available. However, users who are already registered with Check-in will be able to access services based on existing VO/group membership and roles. User registration and VO/group management will resume immediately after the upgrade window.

The main changes include:
- Support for associating the subject DN of certificates issued by the RCauth.eu Online CA to the Check-in user profile
- Support for (de)provisioning Check-in user account information using VOMS.
- New EGI theme for COmanage Registry

We appreciate your patience and understanding,
The EGI AAI Check-in team

May 2, 2019 09:50
by Nicolas Liampotis nliam@grnet-hq.admin.grnet.gr

EGI Trust Anchor release 1.98-1
April 30, 2019 11:56
Joao Antonio Tomasio Pina
more details

EGI Trust Anchor release 1.98-1

Dear all,

EUGridPMA have announced a new set of CA rpms. Based on this IGTF release a new set of CA RPMs have been packaged for EGI.

Please upgrade until 2019.05.06 at your earliest convenience. When this timeout is over, SAM will throw critical errors on CA tests if old CAs are still detected.

Please check https://wiki.egi.eu/wiki/EGI_IGTF_Release for more details

EGI UMD software provisioning Team

European Grid Infrastructure EGI Trust Anchor release 1.98 2019.04.29

------------------------------------------------------------------------------
For release DOCUMENTATION available on this EGI Trust Anchor release see
https://wiki.egi.eu/wiki/EGI_IGTF_Release
------------------------------------------------------------------------------

This is the EGI Trust Anchor release, based on the updated IGTF Accredited CA
distribution version 1.98-1 with the specific DOGWOOD CA in
meta-package "ca-policy-egi-combined-adequacy-model-1.98-1"
that supports the model of joint assurance provision as detailed in the
EGI Policy on Acceptable Authentication Assurance.

IMPORTANT NOTICE:
This release contains a new "cam" (combined assurance/adequacy) package
based on the approved policy on differentiated assurance. See details on
the EGI Wiki at https://wiki.egi.eu/wiki/EGI_IGTF_Release#cam-impl
TECHNICALLY THIS MEANS THAT
you must ONLY install the new ca-policy-egi-cam packages if you ALSO
at the same time implement VO-specific authorization controls in your
software stack. This may require reconfiguration or a software update. See
https://wiki.egi.eu/wiki/EGI_IGTF_Release#cam-impl
OTHERWISE
just only install or update the regular ca-policy-egi-core package. There
are no changes in this case. The ca-policy-egi-core package is approved for
all VOs membership and assurance models. No configuration change is needed.

With the introduction of combined assurance/adequacy, the EGEE compatibility
RPM (lcg-CA) can no longer be supported, and - when still installed - will be
obsoleted. The proper dependency packages are: ca-policy-_body_-_class_ and
these have been installed automatically as dependencies since 2010.

The following notices are republished from the IGTF, inasfar as pertinent to
this release. Details are found in the newsletter https://www.eugridpma.org/

Changes from 1.97 to 1.98
-------------------------
(29 Apr 2019)

* withdrawn superseded IRAN-GRID authority (IR)

The CA modifications encoded in both "requires" and "obsoletes" clauses (RPM)
and Conflicts/Replaced clauses (Debian) have been incorporated in the above-
mentioned meta-packages. This release is best enjoyed with fetch-crl v3 or
better, available from GNU/Linux OS add-on repositories Fedora, EPEL, Debian,
and from the IGTF at https://www.igtf.net/fetch-crl

Policy on Acceptable Authentication Assurance (Updated 1 Feb 2017)
------------------------------------------------------------------
If a VO registration service or e-Infrastructure registration service is
accredited by EGI to meet or exceed the approved authentication assurance
profiles, an IGTF accredited Authority meeting the Assurance Profile DOGWOOD
- used solely in combination with said registration service - is also
adequate for user authentication. This policy has been adopted on Feb 1st,
2017, and is available at https://documents.egi.eu/document/2930
In the PKI Technology Rendering, EGI thus approves the IGTF SLCS, MICS, and
Classic APs for general use (egi-core), and in addition the IOTA AP for use
in combination with VO registration services that themselves meet the
aforementioned requirements. This additional restriction must be implemented
by each service in the authorization software. The "combined assurance"
model package must not be installed unless the additional authorization is
in place. You will need to reconfigure and may need to install upgrades.

Version information: ca-policy-egi-combined-adequacy-model = 1.98-1

April 30, 2019 11:56
by Joao Antonio Tomasio Pina

Decommissioning of Birmingham CREAM CE
April 10, 2019 15:41
mark slater
more details

Decommissioning of Birmingham CREAM CE

Hiya,

I plan to decommission the CREAM CE at the Birmingham grid site (epgr02.ph.bham.ac.uk) as we have now switched to VAC. You're receiving this because your VO is currently supported by this CE. The timescale is detailed below:

* 29th Apr CE goes into Downtime and job submission is stopped
* 6th May switch off CE and remove from GOCDB

If this is a problem, please get in touch!

Many Thanks,

Mark Slater

P.S. The parent ticket to track the overall progress is at:

https://ggus.eu/index.php?mode=ticket_info&ticket_id=140679

April 10, 2019 15:41
by mark slater

>>> More news <<<

decomissionning of the GRIF-IRFU CREAM CE
April 4, 2019 13:35
Frederic Schaer
more details

decomissionning of the GRIF-IRFU CREAM CE

Hi,

We are going to decommision the GRIF-IRFU CREAM CE : node74.datagrid.cea.fr
Remaining computing WNs will be migrated onto our ARC CE : node16.datagrid.cea.fr

The expected timeline is :

04/04/2019 : announce of the decomissioning process
22/04/2019 : start of the downtime. Jobs in queue will be allowed to run. new jobs will be disallowed.
29/04/2019 : remaining held/hung jobs will be removed. And machines will be stopped.
16/05/2019 : CREAM CE decomission should be finished. VOs should use the IRFU ARC CE(s).

VOs should from now on start and continue using our ARC CE endpoint.

April 4, 2019 13:35
by Frederic Schaer

Decommission of IN2P3-CC Central LFC lfc-biomed.in2p3.fr
April 4, 2019 10:49
Christelle Eloto
more details

Decommission of IN2P3-CC Central LFC lfc-biomed.in2p3.fr

Dear users,

The following LFC service is going to be decommissioned at IN2P3-CC:
lfc-biomed.in2p3.fr.

This LFC service is already in read-only mode as requested by the VO managers - see https://ggus.eu/index.php?mode=ticket_info&ticket_id=140540.

The timeline is:
04/04/2019 - announcement and broadcast to all VO managers and users
04/04/2019 - start of downtime for 3 months - see https://goc.egi.eu/portal/index.php?Page_Type=Downtime&id=26965
01/07/2019 - service will be decommissioned and removed from the GOCDB

Best regards,
Christelle Eloto on behalf of the IN2P3-CC Grid Team

April 4, 2019 10:49
by Christelle Eloto

EGI Trust Anchor release 1.97-1
March 26, 2019 10:51
Joao Antonio Tomasio Pina
more details

EGI Trust Anchor release 1.97-1

Dear all,

EUGridPMA have announced a new set of CA rpms. Based on this IGTF release a new set of CA RPMs have been packaged for EGI.

Please upgrade until 2019.04.01 at your earliest convenience. When this timeout is over, SAM will throw critical errors on CA tests if old CAs are still detected.

Please check https://wiki.egi.eu/wiki/EGI_IGTF_Release for more details

EGI UMD software provisioning Team

The following notes accompany this release:
European Grid Infrastructure EGI Trust Anchor release 1.97 2019.03.25

------------------------------------------------------------------------------
For release DOCUMENTATION available on this EGI Trust Anchor release see
https://wiki.egi.eu/wiki/EGI_IGTF_Release
------------------------------------------------------------------------------

This is the EGI Trust Anchor release, based on the updated IGTF Accredited CA
distribution version 1.97-1 with the specific DOGWOOD CA in
meta-package "ca-policy-egi-combined-adequacy-model-1.97-1"
that supports the model of joint assurance provision as detailed in the
EGI Policy on Acceptable Authentication Assurance.

IMPORTANT NOTICE:
This release contains a new "cam" (combined assurance/adequacy) package
based on the approved policy on differentiated assurance. See details on
the EGI Wiki at https://wiki.egi.eu/wiki/EGI_IGTF_Release#cam-impl
TECHNICALLY THIS MEANS THAT
you must ONLY install the new ca-policy-egi-cam packages if you ALSO
at the same time implement VO-specific authorization controls in your
software stack. This may require reconfiguration or a software update. See
https://wiki.egi.eu/wiki/EGI_IGTF_Release#cam-impl
OTHERWISE
just only install or update the regular ca-policy-egi-core package. There
are no changes in this case. The ca-policy-egi-core package is approved for
all VOs membership and assurance models. No configuration change is needed.

With the introduction of combined assurance/adequacy, the EGEE compatibility
RPM (lcg-CA) can no longer be supported, and - when still installed - will be
obsoleted. The proper dependency packages are: ca-policy-_body_-_class_ and
these have been installed automatically as dependencies since 2010.

The following notices are republished from the IGTF, inasfar as pertinent to
this release. Details are found in the newsletter https://www.eugridpma.org/

Changes from 1.96 to 1.97
-------------------------
(25 Mar 2019)

* temporarily withdrawn EG-GRID 4a96b1ea for network availability reasons (EG)

The CA modifications encoded in both "requires" and "obsoletes" clauses (RPM)
and Conflicts/Replaced clauses (Debian) have been incorporated in the above-
mentioned meta-packages. This release is best enjoyed with fetch-crl v3 or
better, available from GNU/Linux OS add-on repositories Fedora, EPEL, Debian,
and from the IGTF at https://www.igtf.net/fetch-crl

Policy on Acceptable Authentication Assurance (Updated 1 Feb 2017)
------------------------------------------------------------------
If a VO registration service or e-Infrastructure registration service is
accredited by EGI to meet or exceed the approved authentication assurance
profiles, an IGTF accredited Authority meeting the Assurance Profile DOGWOOD
- used solely in combination with said registration service - is also
adequate for user authentication. This policy has been adopted on Feb 1st,
2017, and is available at https://documents.egi.eu/document/2930
In the PKI Technology Rendering, EGI thus approves the IGTF SLCS, MICS, and
Classic APs for general use (egi-core), and in addition the IOTA AP for use
in combination with VO registration services that themselves meet the
aforementioned requirements. This additional restriction must be implemented
by each service in the authorization software. The "combined assurance"
model package must not be installed unless the additional authorization is
in place. You will need to reconfigure and may need to install upgrades.

Version information: ca-policy-egi-combined-adequacy-model = 1.97-1

March 26, 2019 10:51
by Joao Antonio Tomasio Pina

Decomissioning of the sbgcloud.in2p3.fr - eu.egi.cloud.vm-management.occi service
March 12, 2019 16:00
Jerome Pansanel
more details

Decomissioning of the sbgcloud.in2p3.fr - eu.egi.cloud.vm-management.occi service

Dears,

The service sbgcloud.in2p3.fr - eu.egi.cloud.vm-management.occi service is in the process of being decommissioned. The timeline is the following:
* 2019-03-12: start of the decommissioning procedure
* 2019-03-12: broadcast to the supported VOs
* 2019-04-01: start of the downtime
* 2019-04-29: the service will be stopped and removed from the GOCDB

Please not that the IN2P3-IRES Cloud resources remain accessible to the EGI communities through the Nova service (sbgcloud.in2p3.fr - org.openstack.nova).

Best regards,

Jerome Pansanel

March 12, 2019 16:00
by Jerome Pansanel

EGI Trust Anchor release 1.96-1
February 25, 2019 14:51
Joao Antonio Tomasio Pina
more details

EGI Trust Anchor release 1.96-1

Dear all,

EUGridPMA have announced a new set of CA rpms. Based on this IGTF release a new set of CA RPMs have been packaged for EGI.

Please upgrade until 2019.03.04 at your earliest convenience. When this timeout is over, SAM will throw critical errors on CA tests if old CAs are still detected.

Please check https://wiki.egi.eu/wiki/EGI_IGTF_Release for more details

EGI UMD software provisioning Team

The following notes accompany this release:
European Grid Infrastructure EGI Trust Anchor release 1.96 2019.02.25

------------------------------------------------------------------------------
For release DOCUMENTATION available on this EGI Trust Anchor release see
https://wiki.egi.eu/wiki/EGI_IGTF_Release
------------------------------------------------------------------------------

This is the EGI Trust Anchor release, based on the updated IGTF Accredited CA
distribution version 1.96-1 with the specific DOGWOOD CA in
meta-package "ca-policy-egi-combined-adequacy-model-1.96-1"
that supports the model of joint assurance provision as detailed in the
EGI Policy on Acceptable Authentication Assurance.

IMPORTANT NOTICE:
This release contains a new "cam" (combined assurance/adequacy) package
based on the approved policy on differentiated assurance. See details on
the EGI Wiki at https://wiki.egi.eu/wiki/EGI_IGTF_Release#cam-impl
TECHNICALLY THIS MEANS THAT
you must ONLY install the new ca-policy-egi-cam packages if you ALSO
at the same time implement VO-specific authorization controls in your
software stack. This may require reconfiguration or a software update. See
https://wiki.egi.eu/wiki/EGI_IGTF_Release#cam-impl
OTHERWISE
just only install or update the regular ca-policy-egi-core package. There
are no changes in this case. The ca-policy-egi-core package is approved for
all VOs membership and assurance models. No configuration change is needed.

With the introduction of combined assurance/adequacy, the EGEE compatibility
RPM (lcg-CA) can no longer be supported, and - when still installed - will be
obsoleted. The proper dependency packages are: ca-policy-_body_-_class_ and
these have been installed automatically as dependencies since 2010.

The following notices are republished from the IGTF, inasfar as pertinent to
this release. Details are found in the newsletter https://www.eugridpma.org/

Changes from 1.95 to 1.96
-------------------------
(25 Feb 2019)

* withdrawn superseded QuoVadis-Grid-ICA (1st gen) CA (BM)
* added new trust anchor MD-Grid-CA-T for rollover of existing CA (MD)
* discontinued expiring 2009 series MD-Grid-CA (MD)

The CA modifications encoded in both "requires" and "obsoletes" clauses (RPM)
and Conflicts/Replaced clauses (Debian) have been incorporated in the above-
mentioned meta-packages. This release is best enjoyed with fetch-crl v3 or
better, available from GNU/Linux OS add-on repositories Fedora, EPEL, Debian,
and from the IGTF at https://www.igtf.net/fetch-crl

Policy on Acceptable Authentication Assurance (Updated 1 Feb 2017)
------------------------------------------------------------------
If a VO registration service or e-Infrastructure registration service is
accredited by EGI to meet or exceed the approved authentication assurance
profiles, an IGTF accredited Authority meeting the Assurance Profile DOGWOOD
- used solely in combination with said registration service - is also
adequate for user authentication. This policy has been adopted on Feb 1st,
2017, and is available at https://documents.egi.eu/document/2930
In the PKI Technology Rendering, EGI thus approves the IGTF SLCS, MICS, and
Classic APs for general use (egi-core), and in addition the IOTA AP for use
in combination with VO registration services that themselves meet the
aforementioned requirements. This additional restriction must be implemented
by each service in the authorization software. The "combined assurance"
model package must not be installed unless the additional authorization is
in place. You will need to reconfigure and may need to install upgrades.

Version information: ca-policy-egi-combined-adequacy-model = 1.96-1

February 25, 2019 14:51
by Joao Antonio Tomasio Pina

decomissioning of marcream01.in2p3.fr and marcream02.in2p3.fr
February 22, 2019 08:46
Edith Knoops
more details

decomissioning of marcream01.in2p3.fr and marcream02.in2p3.fr

The cream CE marcream01.in2p3.fr and marcream02.in2p3.fr will be decomissioned end of March.
The ressources of IN2P3-CPPM are available with the ARC CE
marcce01.in2p3.fr .
Please use the arc ce as soon as possible. The ressource linked to the creams are decreased everyday.

Contact us if you have problems.

Edith for CPPM team

February 22, 2019 08:46
by Edith Knoops

Decommissioning SL6 CE, hepgrid2.ph.liv.ac.uk
February 14, 2019 12:46
stephen jones
more details

Decommissioning SL6 CE, hepgrid2.ph.liv.ac.uk

The ARC CE at Liverpool, which supports SL6 worker nodes, will be stopped 1 March 2019. A downtime will be declared to cover this period.

VOs that have used the system will be notified. An alternative ARC service exists, using CentOS7 workers, on hepgrid5.ph.liv.ac.uk. A HTCondor-CE, using CentOS7 workers, is on hepgrid6.ph.liv.ac.uk

(https://wiki.egi.eu/wiki/PROC12_Production_Service_Decommissioning)

February 14, 2019 12:46
by stephen jones

Please update cclcgvomsli01.in2p3.fr.lsc for Biomed VO
February 12, 2019 09:10
Christelle Eloto
more details

Please update cclcgvomsli01.in2p3.fr.lsc for Biomed VO

Dear site managers,

The cclcgvomsli01.in2p3.fr.lsc for the VO Biomed need to be updated.
The new configuration is here : https://cclcgvomsli01.in2p3.fr:8443/voms/biomed/configuration/configuration.action.

The details can be found in previous broadcasts :
https://operations-portal.egi.eu/broadcast/archive/2314 (2019-02-11)
https://operations-portal.egi.eu/broadcast/archive/2299 (2019-02-04)

Regards,
Christelle Eloto on behalf of the IN2P3-CC Grid Team

February 12, 2019 09:10
by Christelle Eloto

New VOMS server certificate for cclcgvomsli01.in2p3.fr
February 11, 2019 12:39
Christelle Eloto
more details

New VOMS server certificate for cclcgvomsli01.in2p3.fr

Dear site and VO managers,

This announcement follows the broadcast https://operations-portal.egi.eu/broadcast/archive/2299 of February the 4th.

The server certificate on cclcgvomsli01.in2p3.fr has been renewed from a new CA.
The CA DN is now "/C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services".
The LSC files on all of "VOMS-aware" services have to be updated according to the following configuration details for each VO:

BIOMED
https://cclcgvomsli01.in2p3.fr:8443/voms/biomed/configuration/configuration.action

VO.AGATA.ORG
https://cclcgvomsli01.in2p3.fr:8443/voms/vo.agata.org/configuration/configuration.action

VO.CTA.IN2P3.FR
https://cclcgvomsli01.in2p3.fr:8443/voms/vo.cta.in2p3.fr/configuration/configuration.action

VO.FORMATION.IDGRILLES.FR
https://cclcgvomsli01.in2p3.fr:8443/voms/vo.formation.idgrilles.fr/configuration/configuration.action

VO.FRANCE-ASIA.ORG
https://cclcgvomsli01.in2p3.fr:8443/voms/vo.france-asia.org/configuration/configuration.action

VO.FRANCE-GRILLES.FR
https://cclcgvomsli01.in2p3.fr:8443/voms/vo.france-grilles.fr/configuration/configuration.action

VO.GRIDCL.FR
https://cclcgvomsli01.in2p3.fr:8443/voms/vo.gridcl.fr/configuration/configuration.action

VO.IPNL.IN2P3.FR
https://cclcgvomsli01.in2p3.fr:8443/voms/vo.ipnl.in2p3.fr/configuration/configuration.action

VO.LPSC.IN2P3.FR
https://cclcgvomsli01.in2p3.fr:8443/voms/vo.lpsc.in2p3.fr/configuration/configuration.action

VO.MURE.IN2P3.FR
https://cclcgvomsli01.in2p3.fr:8443/voms/vo.mure.in2p3.fr/configuration/configuration.action

VO.RENABI.FR
https://cclcgvomsli01.in2p3.fr:8443/voms/vo.renabi.fr/configuration/configuration.action

Best regards,
Christelle Eloto on behalf of the IN2P3-CC Grid Team

February 11, 2019 12:39
by Christelle Eloto

Home

Home

Latest news