LFC lfc.grid.cyf-kr.edu.pl will be decommissioned soon.

According to my knowledge it hasn't been used by any VO in at least few years. If this information is incorrect please let me know.

GGUS ticket: https://ggus.eu/index.php?mode=ticket_info&ticket_id=154049

Timeline:
2021-09-15 - announcement
2021-10-01 - start of downtime
2021-10-27 - removal from GOCDB

Regards,
Krzysztof Oziomek

Dear all,

EUGridPMA has announced a new set of CA rpms. Based on this IGTF release a new set of CA RPMs has been packaged for EGI.

Please upgrade until 2021.08.24 at your earliest convenience. When this time is over, SAM will throw critical errors on CA tests if old CAs are still detected.

Please check https://wiki.egi.eu/wiki/EGI_IGTF_Release for more details
EGI UMD software provisioning Team

The following release notes accompany this version:
European Grid Infrastructure EGI Trust Anchor release 1.112 2021.08.16

------------------------------------------------------------------------------
For release DOCUMENTATION available on this EGI Trust Anchor release see
https://wiki.egi.eu/wiki/EGI_IGTF_Release
------------------------------------------------------------------------------

This is the EGI Trust Anchor release, based on the updated IGTF Accredited CA
distribution version 1.112-1 with the specific DOGWOOD CA in
meta-package "ca-policy-egi-combined-adequacy-model-1.112-1"
that supports the model of joint assurance provision as detailed in the
EGI Policy on Acceptable Authentication Assurance.

The following notices are republished from the IGTF, inasfar as pertinent to
this release. Details are found in the newsletter https://www.eugridpma.org/

Changes from 1.111 to 1.112
---------------------------
(16 August 2021)

* Updated ANSPGrid CA with extended validity date (BR)

The CA modifications encoded in both "requires" and "obsoletes" clauses (RPM)
and Conflicts/Replaced clauses (Debian) have been incorporated in the above-
mentioned meta-packages. This release is best enjoyed with fetch-crl v3 or
better, available from GNU/Linux OS add-on repositories Fedora, EPEL, Debian,
and from the IGTF at https://www.igtf.net/fetch-crl

IMPORTANT NOTICE:
This release contains a new "cam" (combined assurance/adequacy) package
based on the approved policy on differentiated assurance. See details on
the EGI Wiki at https://wiki.egi.eu/wiki/EGI_IGTF_Release#cam-impl
TECHNICALLY THIS MEANS THAT
you must ONLY install the new ca-policy-egi-cam packages if you ALSO
at the same time implement VO-specific authorization controls in your
software stack. This may require reconfiguration or a software update. See
https://wiki.egi.eu/wiki/EGI_IGTF_Release#cam-impl
OTHERWISE
just only install or update the regular ca-policy-egi-core package. There
are no changes in this case. The ca-policy-egi-core package is approved for
all VOs membership and assurance models. No configuration change is needed.

Policy on Acceptable Authentication Assurance (Updated 1 Feb 2017)
------------------------------------------------------------------
If a VO registration service or e-Infrastructure registration service is
accredited by EGI to meet the approved authentication assurance, an IGTF
"DOGWOOD" accredited Authority - used solely in combination with said
registration service - is also adequate for user authentication. See
the policy at https://documents.egi.eu/document/2930 for details.
This additional restriction policy must be implemented by each service
in the authorization software. The "combined assurance" model package MUST NOT
be installed unless the additional authorization is in place. You will need
to reconfigure and may need to install upgrades.

Version information: ca-policy-egi-combined-adequacy-model = 1.112-1

In advance of RAL wide network upgrade work on Saturday 14th August, goc.egi.eu will be served by the failover infrastructure from Friday 13th 1pm UTC onwards until Monday 16th 1pm UTC at the latest. This is to ensure that there are no database transactions in progress on the RAL infrastructure when the upgrade work starts.

A warning downtime has been declared in GOCDB: https://goc.egi.eu/portal/index.php?Page_Type=Downtime&id=31032

At 1pm UTC on Friday 13th, we will switch the DNS entry for goc.egi.eu to point at the failover infrastructure. Over the following two hours, all connections will move to being served by the failover infrastructure.

We expect to receive the all clear from our networking and database teams no later than 11am UTC on Monday 16th, at which point we will switch the DNS entry for goc.egi.eu back to the RAL based infrastructure. Over the following two hours, we expect that the vast majority of connections will move back to being served by the RAL based infrastructure.

Another RAL wide networking at risk is scheduled for the following weekend, but at this time it is not known if we will need to engage the failover again.

If you have any questions, please contact gocdb-admins@mailman.egi.eu.

We apologies for any inconvenience this brings,
Kind Regards,
The GOCDB Team

=============== Content: ==================

1) UMD 4.15.0 released

2) Message Brokers network decommissioned, change your settings

3) New version of the APEL Pub and Sync metrics

============================================

1) UMD 4.15.0 released

UMD 4.15.0 has been released (https://repository.egi.eu/static/UMD/4.15.0.html) and includes several updates for CentOS7:

- StoRM 1.11.21 - several bugs fixes and improvements https://italiangrid.github.io/storm/2021/04/12/storm-v1.11.20-released.html
- lcmaps-plugins 1.8.1 - Update of lcmaps plugins
- CERN Frontier 4.15.2.1 - see http://frontier.cern.ch/dist/rpms-debug/frontier-squidRELEASE_NOTES
- dmlite 1.15.0 - https://lcgdm.web.cern.ch/dmlitedpm-1150-pushed-epel
- APEL SSM 3.2.1 - bug fixes and improvements https://github.com/apel/ssm/releases/tag/3.2.1-1
- Dynamic DNS Nagios probe 1.0.1 - https://github.com/tdviet/DDNS-probe/releases/tag/1.0.1
- Infrastructure Manager Nagios probe 1.0.1 - https://github.com/grycap/im/tree/master/monitoring
- dCache 6.2 - https://www.dcache.org/old/downloads/1.9/release-notes-6.2.shtml

2) Message Brokers network decommissioned, change your settings

As previously announced, the old Message Broker network was switched off on 8th July 2021.
All the sites have been asked to use the new ARGO Message Service to publish the accounting data: please implement the new settings as requested in the ticket you received or you won't be able to send the accounting records to the central repository.

3) New version of the APEL Pub and Sync metrics

The new version of the APEL Pub and Sync metrics was deployed in production.
In order to enable the monitoring of the accounting data, ensure you have registered on GOCDB one service endpoint associated to the "APEL" service type (it is enough to associate it to one CE per site).
The results of the tests are also published to the following webpages:
- http://goc-accounting.grid-support.ac.uk/rss/SITENAME_Pub.html
- http://goc-accounting.grid-support.ac.uk/rss/SITENAME_Sync.html

Due to an urgent network intervention GOCDB is currently unavailable until around 10:30 UTC.

Dear all,

VO planck is non supported since long time.

Consider to remove the VO configurations from your site.

Best regards.
Diego for NGI_IT