Operations Portal

This service is provided by CCIN2P3, and funded by the European Union’s Horizon 2020 research and innovation programme

Latest news

• EGI monthly broadcast - July 2022

June 30, 2022 15:09 | Alessandro Paolini
More details

EGI monthly broadcast - July 2022

=============== Content: ==================

1) Notifications for the WARNING status with the metrics in the ARGO_MON_CRITICAL profile

2) Please enable the ops VO on Xrootd endpoints

============================================

1) Notifications for the WARNING status with the metrics in the ARGO_MON_CRITICAL profile

Currently ARGO sends notifications about the status of a service endpoint when:
- The flags for the endpoint and the site are set to “yes” on GOCDB
- The status of a metric changes from OK to CRITICAL and vice versa
- The metric is included in the A/R profile

Starting from July, also the WARNING status is going to be included in the notification mechanism. This change was triggered by a ticket (a service request) which was then discussed and approved by the OMB.

In case there are too many notifications generated, you can contact us through a ticket, and the current behaviour can be restored.

List of metrics in the ARGO_MON_CRITICAL profile: https://poem.egi.eu/ui/public_metricprofiles/ARGO_MON_CRITICAL

2) Please enable ops VO on Xrootd endpoints

Over the past few months the monitoring probe for the EOS Storage endpoints, using the XRootD interface (see https://github.com/EGI-Federation/nagios-plugins-xrootd ), was successfully tested.
On GOCDB the EOS endpoints are registered as XrootD service endpoints.
We would like to deploy the probe on the ARGO production instance and then include the metric in the ARGO_MON_OPERATORS first and finally in the ARGO_MON_CRITICAL one

In order to allow the proper execution of the probe, please do the following:
- enable the ops VO on your EOS/XrootD endpoints
- for each EOS/Xrootd service endpoint add the following Extension Property:
- Name: XROOTD_URL
- Value: XRootD base SURL to test (the path where ops VO has write access, for example: root://lcgdpmse.dnp.fmph.uniba.sk:1094/ops/ or similar)

Please do the same even if you provide an XRootD interface with a different type of storage element.

June 30, 2022 15:09
by Alessandro Paolini

• argus-it.cnaf.infn.it certificate update

June 27, 2022 12:14 | Diego Michelotto
More details

argus-it.cnaf.infn.it certificate update

Dear all,

we have recently updated the argus-it.cnaf.infn.it certificate, this the new subject and issuer:

subject: /DC=org/DC=terena/DC=tcs/C=IT/ST=Roma/O=Istituto Nazionale di Fisica Nucleare/OU=CNAF/CN=argus-it.cnaf.infn.it
issuer: /C=NL/O=GEANT Vereniging/CN=GEANT eScience SSL CA 4

Pay attention to field OU, it's different from previous one.

Please update your configurations as soon as possible.

Diego
NGI_IT

June 27, 2022 12:14
by Diego Michelotto

• voms2.cnaf.infn.it certificate update

June 27, 2022 10:48 | Diego Michelotto
More details

voms2.cnaf.infn.it certificate update

Dear all,

due to a problem with broadcast system I resend this broadcast, for who already received this broadcast sorry for the duplicated notifications.

We have recently updated the voms2.cnaf.infn.it certificate, this the new subject and issuer:

subject: /DC=org/DC=terena/DC=tcs/C=IT/ST=Roma/O=Istituto Nazionale di Fisica Nucleare/OU=CNAF/CN=voms2.cnaf.infn.it
issuer: /C=NL/O=GEANT Vereniging/CN=GEANT eScience SSL CA 4

Pay attention to field ST=Roma previously was L=Frascati.

Please update your configurations as soon as possible.

Diego
NGI_IT

June 27, 2022 10:48
by Diego Michelotto

• voms2.cnaf.infn.it certificate update

June 27, 2022 10:48 | Diego Michelotto
More details

voms2.cnaf.infn.it certificate update

June 27, 2022 10:48
by Diego Michelotto

• Update on GOCDB's status

June 20, 2022 14:48 | Greg Corbett
More details

Update on GOCDB's status

Following on from the RAL wide network upgrade work over the weekend (Saturday 18th and Sunday 19th June), goc.egi.eu is once again being served by the read/write RAL infrastructure.

The service remains at risk until the 25th June. Please note there will be occasional outages as the resilience of the networking infrastructure is tested, but these are expected to be short term.

Thanks,
The GOCDB Team

June 20, 2022 14:48
by Greg Corbett

More news

• GOCDB will be read only from Friday 17th 09:45 UTC to Monday 20th 12:00 UTC

June 8, 2022 15:33 | Greg Corbett
More details

GOCDB will be read only from Friday 17th 09:45 UTC to Monday 20th 12:00 UTC

In advance of RAL wide network upgrade work on Saturday 18th and Sunday 19th June, goc.egi.eu will be served by the failover infrastructure from Friday 17th 09:45 UTC until Monday 20th 12:00 UTC at the latest. This is to ensure that there are no database transactions in progress on the RAL infrastructure when the upgrade work starts.

A warning downtime has been declared in GOCDB: https://goc.egi.eu/portal/index.php?Page_Type=Downtime&id=32511

At 09:45 UTC on Friday 17th, we will switch the DNS entry for goc.egi.eu to point at the read-only failover infrastructure. Over the following two hours, all connections will move to being served by the failover.

We expect to receive the all clear from our networking and database teams by mid morning on Monday 20th, at which point we will switch the DNS entry for goc.egi.eu back to the RAL based infrastructure. By 12:00 UTC, we expect that the vast majority of connections will move back to being served by the RAL based infrastructure.

The service will remain at risk until the 25th June. Warning downtimes have been declared accordingly:
- https://goc.egi.eu/portal/index.php?Page_Type=Downtime&id=32112
- https://goc.egi.eu/portal/index.php?Page_Type=Downtime&id=32512

If you have any questions, please contact gocdb-admins@mailman.egi.eu.

We apologies for any inconvenience this brings,
Kind Regards,
The GOCDB Team

June 8, 2022 15:33
by Greg Corbett

• myproxy-6.2.9-8 restores backward compatibility

May 4, 2022 20:49 | Maarten Litmaath
More details

myproxy-6.2.9-8 restores backward compatibility

Dear colleagues,
thanks to a great response from the Grid Community Forum experts,
backward-compatible version 6.2.9-8 has already appeared in EPEL 7
and should appear in EPEL 8 within a day.

FYI, version 6.2.9-9 is expected to bring a further desired change,
viz. support for OpenSSL v3 on EL9, in a backward-compatible way
and has already been tested on EL7 and 8.

May 4, 2022 20:49
by Maarten Litmaath

• NOTE - myproxy-6.2.9-7 backward incompatibility

May 3, 2022 17:15 | Maarten Litmaath
More details

NOTE - myproxy-6.2.9-7 backward incompatibility

Dear colleagues,
please beware of the backward incompatibility of myproxy-6.2.9-7
that recently got published in EPEL, e.g. for EPEL 7:

https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/m/

It only works if both the client and the server are on that release!

As an upgrade of myproxy.cern.ch caused serious problems for ALICE,
that service has been downgraded to its previous version 6.2.9-1,
which also happens to be the latest in the EGI UMD-4 repository:

http://repository.egi.eu/sw/production/umd/4/centos7/x86_64/updates/

Grid Community Forum experts are looking into the best strategy for
introducing the desired improvements, hopefully in a way that would
keep backward compatibility with existing deployments.

May 3, 2022 17:15
by Maarten Litmaath

• Restart required for ARGUS and voms-admin due to changes on CERN Grid CA

May 2, 2022 08:29 | Baptiste Grenier
More details

Restart required for ARGUS and voms-admin due to changes on CERN Grid CA

Dear all,
IGTF 1.116 was released on April 25th and brings an updated intermediate CERN Grid CA ICA with extended validity.

The NGI ARGUS services are now showing errors in the monitoring as reported on ARGO.
https://argo-mon.egi.eu/nagios/cgi-bin/status.cgi?servicegroup=SERVICE_ngi.ARGUS&style=detail

The ARGUS services have to be restarted to make use of the new certificate.

Similar changes have had repercussions on various middleware components for which a service restart may be required to replace the CA in memory.

The VOMS-Admin service should be restarted to make use of the cert CERN Grid CA.
dCache and StoRM - only the most recent versions do not need to be restarted, check the release notes and / or ask the product team.

Best regards,
Baptiste
EGI SDIS officer on duty

May 2, 2022 08:29
by Baptiste Grenier

• EGI Trust Anchor release 1.116-1

April 26, 2022 11:13 | Joao Pina
More details

EGI Trust Anchor release 1.116-1

Dear all,

EUGridPMA has announced a new set of CA rpms. Based on this IGTF release a new set of CA RPMs has been packaged for EGI.

Please upgrade until 2022.05.02 at your earliest convenience. When this time is over, SAM will throw critical errors on CA tests if old CAs are still detected.

Please check https://wiki.egi.eu/wiki/EGI_IGTF_Release for more details
EGI UMD software provisioning Team

The following change log accompanies this version:

European Grid Infrastructure EGI Trust Anchor release 1.116 2022.04.25

------------------------------------------------------------------------------
For release DOCUMENTATION available on this EGI Trust Anchor release see
the EGI operations manual HOWTO-01 at https://edu.nl/envyq
------------------------------------------------------------------------------

This is the EGI Trust Anchor release, based on the updated IGTF Accredited CA
distribution version 1.116-1 with the specific DOGWOOD CA in
meta-package "ca-policy-egi-combined-adequacy-model-1.116-1"
that supports the model of joint assurance provision as detailed in the
EGI Policy on Acceptable Authentication Assurance.

The following notices are republished from the IGTF, inasfar as pertinent to
this release. Details are found in the newsletter https://www.eugridpma.org/

Changes from 1.115 to 1.116
---------------------------
(25 April 2022)

* Updated intermediate CERN Grid CA ICA with extended validity (CERN)

The CA modifications encoded in both "requires" and "obsoletes" clauses (RPM)
and Conflicts/Replaced clauses (Debian) have been incorporated in the above-
mentioned meta-packages. This release is best enjoyed with fetch-crl v3 or
better, available from GNU/Linux OS add-on repositories Fedora, EPEL, Debian,
and from the IGTF at https://www.igtf.net/fetch-crl

Policy on Acceptable Authentication Assurance
---------------------------------------------
If a Community or e-Infrastructure registration service is accredited by EGI
to meet the approved authentication assurance level, also an IGTF "DOGWOOD"
accredited Authority, used in combination with such a service, is sufficient.
HOWTO01, https://edu.nl/envyq#combined-assuranceadequacy-model has the details.

TECHNICALLY THIS MEANS ...
that you must ONLY install the new ca-policy-egi-cam packages if you ALSO
at the same time implement VO-specific authorization controls in your
software stack. This may require reconfiguration or a software update.
OTHERWISE
just ONLY install or update the regular ca-policy-egi-core package. There
are no changes in this case. The ca-policy-egi-core package is approved for
all VOs membership and assurance models. No configuration change is needed.

Version information: ca-policy-egi-combined-adequacy-model = 1.116-1

April 26, 2022 11:13
by Joao Pina

• Decommissioning of grid153.kfki.hu (MyProxy) and grid155.kfki.hu (LFC) services

April 17, 2022 11:49 | Csaba Hajdu
More details

Decommissioning of grid153.kfki.hu (MyProxy) and grid155.kfki.hu (LFC) services

Hello,

Decommissioning of grid153.kfki.hu (MyProxy) and grid155.kfki.hu (LFC) services has started.

The services will be put into downtime on 03.05.2022.

The services will be shut down and removed from GOCDB on 31.05.2022.

Best regards:
Csaba Hajdu

April 17, 2022 11:49
by Csaba Hajdu

• [EGI Webinar 2022]Supercomputing in Brazil and the LNCC, Wednesday, 27th Apr 2022 |14:00 -15:00 PM CEST-- Registration is Open!

April 13, 2022 13:39 | Yin Chen
More details

[EGI Webinar 2022]Supercomputing in Brazil and the LNCC, Wednesday, 27th Apr 2022 |14:00 -15:00 PM CEST-- Registration is Open!

Dear all

You are warmly invited to our next EGI webinar on 27th April, to learn about the supercomputer development in Brazil. LNCC is one of the leading national science institutions in Brazil with 40 years of experience in supporting scientific research and collaborators, and has achieved recognition for their scientific, technological and innovative performance. We are honoured to invite Prof. Fábio Borges, the director of LNCC, to give the talk.
Register now to secure a place!

Title: Supercomputing in Brazil and the LNCC
Date & Time: Wednesday, 27th Apr 2022 |14:00 -15:00 PM CEST
Agenda: https://indico.egi.eu/event/5879/
Registration: https://us02web.zoom.us/webinar/register/WN_dFptRdqGS0amBf8zVPRYdg

Description:
Brazil has the fastest private and public supercomputers in Latin America. The supercomputer Santos Dumont is situated at the National Laboratory for Scientific Computing (LNCC) that coordinates the National High Performance Processing System (SINAPAD), which aggregates nine public supercomputing centres. In addition to services, LNCC develops interdisciplinary research and has a doctoral program in computational modelling with several strategic international collaborations.

Speaker: Prof. Fábio Borges, Director, National Laboratory for Scientific Computing (LNCC), Brazil

Prof. Dr.-Ing. Fábio Borges de Oliveira is director of the National Laboratory for Scientific Computing (LNCC) and professor at LNCC where he gives lectures to PhD students in Computational Modelling. He works in the areas of Security & Privacy, Artificial Intelligence, Smart Grids, High Performance Computing, and Algorithms. He is author of the book On Privacy-Preserving Protocols for Smart Metering Systems: Security and Privacy in Smart Grids. In addition, he is coauthor, with C.R. Rao and B.B. Pereira, of the book Statistical Learning Using Neural Networks: A Guide for Statisticians and Data Scientists with Python. He holds a Ph.D. degree in Doctor of Engineering (Dr.-Ing.) from the Department of Computer Science at TU Darmstadt, a master's degree in Computational Modelling at LNCC, and a bachelor's degree in Mathematics at Londrina State University (UEL). He is an IEEE Senior Member and received the Latin America Distinguished Service Award by IEEE Communications Society.

Please follow our EGI webinar program at: https://www.egi.eu/webinars/

Kind Regards and Looking forward to seeing you all soon!

Yin

----
Dr Yin Chen
Community Support Officer
EGI Foundation (Amsterdam, The Netherlands)
W: www.egi.eu | E: yin.chen@egi.eu | M: +31 (0)6 3037 3096 | Skype: yin.chen.egi | Twitter: @yinchen16

EGI: Advanced Computing for Research
The EGI Foundation is ISO 9001:2015 and ISO/IEC 20000-1:2011 certified

#####
https://www.egi.eu/about/egi-foundation/team/yin-chen/

April 13, 2022 13:39
by Yin Chen

• EGI monthly broadcast - April 2022

April 7, 2022 12:18 | Alessandro Paolini
More details

EGI monthly broadcast - April 2022

=============== Content: ==================

1) UMD 4.16.0 released

2) enabling ops VO on Xrootd endpoints

============================================

1) UMD 4.16.0 released

UMD 4.16.0 has been released (https://repository.egi.eu/UMD/4.16.0.html) and includes several updates for CentOS7:

- python-jess 0.2.37 https://repository.egi.eu/static/SW/python-jess0.2.37.html
- nagios-plugins-webdav 0.4.5 https://repository.egi.eu/static/SW/nagios-plugins-webdav0.4.5.html
- nagios-plugins-check-ssl-cert 1.84.0 https://repository.egi.eu/static/SW/nagios-plugins-check-ssl-cert1.84.0.html
- qcg-nagios-probes 4.0.0 https://repository.egi.eu/static/SW/qcg-nagios-probes4.0.0.html
- ARC6 6.14.0 https://repository.egi.eu/static/SW/ARC66.14.0.html
- xroot 5.3.4 https://repository.egi.eu/static/SW/xroot5.3.4.html
- nagios-plugins-xroot 0.0.1 https://repository.egi.eu/static/SW/nagios-plugins-xroot0.0.1.html
- python-nap 0.1.20 https://repository.egi.eu/static/SW/python-nap0.1.20.html
- nagios-plugins-srm 0.0.5 https://repository.egi.eu/static/SW/nagios-plugins-srm0.0.5.html

2) enabling ops VO on Xrootd endpoints

We are testing the monitoring probe for the EOS Storage endpoints which uses the XRootD interface (see https://github.com/EGI-Federation/nagios-plugins-xrootd )
On GOCDB the EOS endpoints are registered as XrootD service endpoints.

In order to allow the proper execution of the probe, we would like you to:
- enable the ops VO on your endpoints
- for each EOS (Xrootd) service endpoint add the following Extension Property:
- Name: XROOTD_URL
- Value: XRootD base SURL to test (the path where ops VO has write access, for example: root://eospps.cern.ch:1094/eos/pps/ or similar)

Please do the same even if you provide an XRootD interface with a different type of storage element.

April 7, 2022 12:18
by Alessandro Paolini

• EGI Trust Anchor release 1.115-1

March 28, 2022 13:56 | Joao Pina
More details

EGI Trust Anchor release 1.115-1

Dear all,

EUGridPMA has announced a new set of CA rpms. Based on this IGTF release a new set of CA RPMs has been packaged for EGI.

Please upgrade until 2022.04.04 at your earliest convenience. When this time is over, SAM will throw critical errors on CA tests if old CAs are still detected.

Please check https://wiki.egi.eu/wiki/EGI_IGTF_Release for more details
EGI UMD software provisioning Team

The following release notes accompany this version:
European Grid Infrastructure EGI Trust Anchor release 1.115 2022.03.28

------------------------------------------------------------------------------
For release DOCUMENTATION available on this EGI Trust Anchor release see
the EGI operations manual HOWTO-01 at https://edu.nl/envyq
------------------------------------------------------------------------------

This is the EGI Trust Anchor release, based on the updated IGTF Accredited CA
distribution version 1.115-1 with the specific DOGWOOD CA in
meta-package "ca-policy-egi-combined-adequacy-model-1.115-1"
that supports the model of joint assurance provision as detailed in the
EGI Policy on Acceptable Authentication Assurance.

The following notices are republished from the IGTF, in as far as pertinent to
this release. Details are found in the newsletter https://www.eugridpma.org/

Changes from 1.114 to 1.115
---------------------------
(28 March 2022)

* Removed obsolete CNRS2 CAs, superseded by AC-GRID-FR hierarchy (FR)
* Add supplementary BCDR download location for UGRID-G2 CRL (UA)
* Extended validity period of HPCI CA (JP)

The CA modifications encoded in both "require" and "obsoletes" clauses (RPM)
and Conflicts/Replaced clauses (Debian) have been incorporated in the above-
mentioned meta-packages. This release is best enjoyed with fetch-crl v3 or
better, available from GNU/Linux OS add-on repositories Fedora, EPEL, Debian,
and from the IGTF at https://www.igtf.net/fetch-crl

Policy on Acceptable Authentication Assurance
---------------------------------------------
If a Community or e-Infrastructure registration service is accredited by EGI
to meet the approved authentication assurance level, also an IGTF "DOGWOOD"
accredited Authority, used in combination with such a service, is sufficient.
HOWTO01, https://edu.nl/envyq#combined-assuranceadequacy-model has the details.

TECHNICALLY THIS MEANS ...
that you must ONLY install the new ca-policy-egi-cam packages if you ALSO
at the same time implement VO-specific authorization controls in your
software stack. This may require reconfiguration or a software update.
OTHERWISE
just ONLY install or update the regular ca-policy-egi-core package. There
are no changes in this case. The ca-policy-egi-core package is approved for
all VOs membership and assurance models. No configuration change is needed.

Version information: ca-policy-egi-combined-adequacy-model = 1.115-1

March 28, 2022 13:56
by Joao Pina

Home

Broadcast

Downtimes

VO Management

VO List

Dashboard

Metrics

Sla

v6.4 - 2022-04-13