Operations Portal

This service is provided by CCIN2P3, and funded by the European Union’s Horizon 2020 research and innovation programme

Latest news

• Service degradation on Tuesday, September 20th

September 13, 2022 15:59 | Gino MARCHETTI
More details

Service degradation on Tuesday, September 20th

Dear all,

Due to a network maintenance by the hosting institute, the service may be degraded on Tuesday, September 20th, from 9:00 to 14:00.

Best regards,
Dirac support.

September 13, 2022 15:59
by Gino MARCHETTI

• Update of Check-in endpoint at EGI Notebooks

September 1, 2022 12:06 | Enol Fernandez
More details

Update of Check-in endpoint at EGI Notebooks

Dear users of EGI Notebooks,

Next Wednesday 7th of September 2022 at 9:00 CEST, EGI Notebooks will upgrade its configuration to use the new Check-in OpenID Connect Provider.

During the change, the service won't be available, although running servers should keep running. Once the upgrade is finalised, you will be able to access the service as usual.

If you are relying on the access tokens automatically generated from the Notebooks (see https://docs.egi.eu/users/dev-env/notebooks/integration/#egi-services-access-tokens for more information), these will no longer be accepted in those services that have not migrated their configuration to the new Check-in OpenID Connect Provider. Let us know if you encounter any issues with any service.

Regards
EGI Notebooks support team

September 1, 2022 12:06
by Enol Fernandez

• EGI Trust Anchor release 1.117-1

August 29, 2022 18:03 | Joao Pina
More details

EGI Trust Anchor release 1.117-1

Dear all,

EUGridPMA has announced a new set of CA rpms. Based on this IGTF release a new set of CA RPMs has been packaged for EGI.

Please upgrade until 2022.09.05 at your earliest convenience. When this time is over, SAM will throw critical errors on CA tests if old CAs are still detected.

Please check https://wiki.egi.eu/wiki/EGI_IGTF_Release for more details
EGI UMD software provisioning Team

The following change log accompanies this version:
European Grid Infrastructure EGI Trust Anchor release 1.117 2022.08.29

------------------------------------------------------------------------------
For release DOCUMENTATION available on this EGI Trust Anchor release see
the EGI operations manual HOWTO-01 at https://edu.nl/envyq
------------------------------------------------------------------------------

This is the EGI Trust Anchor release, based on the updated IGTF Accredited CA
distribution version 1.117-1 with the specific DOGWOOD CA in
meta-package "ca-policy-egi-combined-adequacy-model-1.117-1"
that supports the model of joint assurance provision as detailed in the
EGI Policy on Acceptable Authentication Assurance.

The following notices are republished from the IGTF, inasfar as pertinent to
this release. Details are found in the newsletter https://www.eugridpma.org/

Changes from 1.116 to 1.117
---------------------------
(29 August 2022)

* Add new intermediate ICA DigiCert Grid-TLS (US)
* Add new intermediate ICA DigiCert Grid-Client-RSA2048-SHA256-2022-CA1 (US)
* Removed discontinued NCSA-slcs-2013 following end of XSEDE (US)
* Removed discontinued PSC-Myproxy-CA following end of XSEDE (US)
* RPM packaging: rpm packages are now signed using a SHA-256 digest, file
digests using algo 8 (SHA-256), and the yum/dnf listings are signed with
SHA-256 as well. This removes support for yum-based distributions up to EL5
(for which ELS ended in November 2020), but allows installation of
packages on EL9 (Rocky9, AlmaLinux9, etc.) that require SHA-256.

The CA modifications encoded in both "requires" and "obsoletes" clauses (RPM)
and Conflicts/Replaced clauses (Debian) have been incorporated in the above-
mentioned meta-packages. This release is best enjoyed with fetch-crl v3 or
better, available from GNU/Linux OS add-on repositories Fedora, EPEL, Debian,
and from the IGTF at https://www.igtf.net/fetch-crl

Policy on Acceptable Authentication Assurance
---------------------------------------------
If a Community or e-Infrastructure registration service is accredited by EGI
to meet the approved authentication assurance level, also an IGTF "DOGWOOD"
accredited Authority, used in combination with such a service, is sufficient.
HOWTO01, https://edu.nl/envyq#combined-assuranceadequacy-model has the details.

TECHNICALLY THIS MEANS ...
that you must ONLY install the new ca-policy-egi-cam packages if you ALSO
at the same time implement VO-specific authorization controls in your
software stack. This may require reconfiguration or a software update.
OTHERWISE
just ONLY install or update the regular ca-policy-egi-core package. There
are no changes in this case. The ca-policy-egi-core package is approved for
all VOs membership and assurance models. No configuration change is needed.

Version information: ca-policy-egi-combined-adequacy-model = 1.117-1

August 29, 2022 18:03
by Joao Pina

• EGI Workload Manager downtime

July 22, 2022 16:15 | Andrei Tsaregorodtsev
More details

EGI Workload Manager downtime

The EGI Workload Manager (DIRAC) service will be in downtime on Tuesday 26th July for the whole day (from 8am to 8pm). The service will undergo a major software upgrade as well as will change its hosting environment. The changes should be transparent for the users. The already submitted jobs will continue to run. New job submission will be blocked for some part or for the entire downtime period.

July 22, 2022 16:15
by Andrei Tsaregorodtsev

• BEgrid-ULB-VUB site decommissioning of one of its CEs

July 8, 2022 13:04 | Stephane Gerard
More details

BEgrid-ULB-VUB site decommissioning of one of its CEs

Dear VO managers and users,
We have started the decommissioning procedure of one of our CEs:
testumd-htcondorce.iihe.ac.be
This CE will be put in downtime on the 22nd of July 2022.
We invite you to not submit jobs anymore to this CE during the decommissioning process, and to use instead these CEs:
ce01.iihe.ac.be
ce02.iihe.ac.be
Best Regards,
Stephane Gerard for the Grid-admin Team in Brussels

July 8, 2022 13:04
by Stephane Gerard

More news

• argus-it.cnaf.infn.it certificate update

June 27, 2022 12:14 | Diego Michelotto
More details

argus-it.cnaf.infn.it certificate update

Dear all,

we have recently updated the argus-it.cnaf.infn.it certificate, this the new subject and issuer:

subject: /DC=org/DC=terena/DC=tcs/C=IT/ST=Roma/O=Istituto Nazionale di Fisica Nucleare/OU=CNAF/CN=argus-it.cnaf.infn.it
issuer: /C=NL/O=GEANT Vereniging/CN=GEANT eScience SSL CA 4

Pay attention to field OU, it's different from previous one.

Please update your configurations as soon as possible.

Diego
NGI_IT

June 27, 2022 12:14
by Diego Michelotto

• voms2.cnaf.infn.it certificate update

June 27, 2022 10:48 | Diego Michelotto
More details

voms2.cnaf.infn.it certificate update

Dear all,

due to a problem with broadcast system I resend this broadcast, for who already received this broadcast sorry for the duplicated notifications.

We have recently updated the voms2.cnaf.infn.it certificate, this the new subject and issuer:

subject: /DC=org/DC=terena/DC=tcs/C=IT/ST=Roma/O=Istituto Nazionale di Fisica Nucleare/OU=CNAF/CN=voms2.cnaf.infn.it
issuer: /C=NL/O=GEANT Vereniging/CN=GEANT eScience SSL CA 4

Pay attention to field ST=Roma previously was L=Frascati.

Please update your configurations as soon as possible.

Diego
NGI_IT

June 27, 2022 10:48
by Diego Michelotto

• voms2.cnaf.infn.it certificate update

June 27, 2022 10:48 | Diego Michelotto
More details

voms2.cnaf.infn.it certificate update

June 27, 2022 10:48
by Diego Michelotto

• Update on GOCDB's status

June 20, 2022 14:48 | Greg Corbett
More details

Update on GOCDB's status

Following on from the RAL wide network upgrade work over the weekend (Saturday 18th and Sunday 19th June), goc.egi.eu is once again being served by the read/write RAL infrastructure.

The service remains at risk until the 25th June. Please note there will be occasional outages as the resilience of the networking infrastructure is tested, but these are expected to be short term.

Thanks,
The GOCDB Team

June 20, 2022 14:48
by Greg Corbett

• ARGO UI - v2.10

June 17, 2022 07:42 | Cyril Lorphelin
More details

ARGO UI - v2.10

The ARGO UI v2.10 is now ready : https://ui.devel.argo.grnet.gr/
This version will be released on production on Monday morning (June 20th - 9h CEST) .

This version includes new features and fixes :

- NEW trends pages
* Trends about flapping services /groups
* Trends about flapping services /groups group by tag
* Trends about services statuses
* Trends about tags

- NEW Console page for admins : check the status of the different reports and reload the configuration of the UI without restarting it

- Fix for the dropdown list : the switch to another tenant is now dependant from the content of the page . The list is now on the right top corner

- Improvements on the menu

Don't hesitate to contact us for comments, feedback, bugs at argo@mailman.egi.eu

Regards,

June 17, 2022 07:42
by Cyril Lorphelin

• GOCDB will be read only from Friday 17th 09:45 UTC to Monday 20th 12:00 UTC

June 8, 2022 15:33 | Greg Corbett
More details

GOCDB will be read only from Friday 17th 09:45 UTC to Monday 20th 12:00 UTC

In advance of RAL wide network upgrade work on Saturday 18th and Sunday 19th June, goc.egi.eu will be served by the failover infrastructure from Friday 17th 09:45 UTC until Monday 20th 12:00 UTC at the latest. This is to ensure that there are no database transactions in progress on the RAL infrastructure when the upgrade work starts.

A warning downtime has been declared in GOCDB: https://goc.egi.eu/portal/index.php?Page_Type=Downtime&id=32511

At 09:45 UTC on Friday 17th, we will switch the DNS entry for goc.egi.eu to point at the read-only failover infrastructure. Over the following two hours, all connections will move to being served by the failover.

We expect to receive the all clear from our networking and database teams by mid morning on Monday 20th, at which point we will switch the DNS entry for goc.egi.eu back to the RAL based infrastructure. By 12:00 UTC, we expect that the vast majority of connections will move back to being served by the RAL based infrastructure.

The service will remain at risk until the 25th June. Warning downtimes have been declared accordingly:
- https://goc.egi.eu/portal/index.php?Page_Type=Downtime&id=32112
- https://goc.egi.eu/portal/index.php?Page_Type=Downtime&id=32512

If you have any questions, please contact gocdb-admins@mailman.egi.eu.

We apologies for any inconvenience this brings,
Kind Regards,
The GOCDB Team

June 8, 2022 15:33
by Greg Corbett

• myproxy-6.2.9-8 restores backward compatibility

May 4, 2022 20:49 | Maarten Litmaath
More details

myproxy-6.2.9-8 restores backward compatibility

Dear colleagues,
thanks to a great response from the Grid Community Forum experts,
backward-compatible version 6.2.9-8 has already appeared in EPEL 7
and should appear in EPEL 8 within a day.

FYI, version 6.2.9-9 is expected to bring a further desired change,
viz. support for OpenSSL v3 on EL9, in a backward-compatible way
and has already been tested on EL7 and 8.

May 4, 2022 20:49
by Maarten Litmaath

• NOTE - myproxy-6.2.9-7 backward incompatibility

May 3, 2022 17:15 | Maarten Litmaath
More details

NOTE - myproxy-6.2.9-7 backward incompatibility

Dear colleagues,
please beware of the backward incompatibility of myproxy-6.2.9-7
that recently got published in EPEL, e.g. for EPEL 7:

https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/m/

It only works if both the client and the server are on that release!

As an upgrade of myproxy.cern.ch caused serious problems for ALICE,
that service has been downgraded to its previous version 6.2.9-1,
which also happens to be the latest in the EGI UMD-4 repository:

http://repository.egi.eu/sw/production/umd/4/centos7/x86_64/updates/

Grid Community Forum experts are looking into the best strategy for
introducing the desired improvements, hopefully in a way that would
keep backward compatibility with existing deployments.

May 3, 2022 17:15
by Maarten Litmaath

• Restart required for ARGUS and voms-admin due to changes on CERN Grid CA

May 2, 2022 08:29 | Baptiste Grenier
More details

Restart required for ARGUS and voms-admin due to changes on CERN Grid CA

Dear all,
IGTF 1.116 was released on April 25th and brings an updated intermediate CERN Grid CA ICA with extended validity.

The NGI ARGUS services are now showing errors in the monitoring as reported on ARGO.
https://argo-mon.egi.eu/nagios/cgi-bin/status.cgi?servicegroup=SERVICE_ngi.ARGUS&style=detail

The ARGUS services have to be restarted to make use of the new certificate.

Similar changes have had repercussions on various middleware components for which a service restart may be required to replace the CA in memory.

The VOMS-Admin service should be restarted to make use of the cert CERN Grid CA.
dCache and StoRM - only the most recent versions do not need to be restarted, check the release notes and / or ask the product team.

Best regards,
Baptiste
EGI SDIS officer on duty

May 2, 2022 08:29
by Baptiste Grenier

Home

Broadcast

Downtimes

VO Management

VO List

Dashboard

Metrics

Sla

v6.4 - 2022-04-13