Green Grid Project
Project Home
Project Background
MDS Data
Presentations
Downloads

Campus Grid Resources
grid-mapfile
Dartmouth CA
fMRIDC Grid
CGL Discovery Cluster

Green Grid Project: Client Debugging

(Globus Error Code 74)

Fully Qualified Hostnames

Check to see that your hostname is fully qualified:

[jed@mitral ~]$ globus-hostname
mitral.cns.dartmouth.edu

Your system's domain name is set in /etc/resolv.conf make sure that domainname has a value if the hostname itself isn't fully qualified. If you are using dhcp you may need to modify the dhclient-script (/sbin/dhclient-script) to set the domain name when it configures /etc/resolv.conf. An non-fully qualified hostname will look like this:

[jed@dbic-lab-02 ~]$ globus-hostname
dbic-lab-02

Firewalls

The Globus GRAM client needs to connect back to your workstation to communicate and transfer input and output files. The Green Grid client package will set a port range to be used for Globus this port range is from TCP 40000 to TCP 50000. The GLOBUS_TCP_PORT_RANGE environment variable will contain the port range. You may need to have your system administrator or firewall administrator add rules to enable communication from the Globus GRAM services back to your client. The following rules for the Linux iptables package have been found to work (used on Fedora Core):

# Enable Globus communication
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 40000:50000 -d 0/0 -j ACCEPT

Reference: The Globus Firewall Requirements document (Von Welch).

Globus Gatekeeper/GRAM

The globusrun command can be used to "ping" a remote GRAM resource. This will verify that you have been authorized to access Green Grid resources. You must have a valid proxy which can check with the grid-proxy-info command. If this returns an error your certificate's subject name (DN) has not been correctly authorized for Green Grid access.

[jed@unknown jed]$ globusrun -a -r pbs-01.grid.dartmouth.edu

GRAM Authentication test successful

The Globus GRAM service has several jobmanagers available. These jobmanagers can submit to a distributed resource management (DRM) system such as PBS or Grid Engine. If you want to test your ability to stage a binary and/or run on the Globus Gatekeeper node you can use the fork jobmanager (jobmanager-fork). This will fork a job on the Gatekeeper node and not run through a DRM package. Note that the Gatekeeper may not have the same configuration as the execution nodes (example: Gatekeeper is a x86 and execution nodes are x86-64).

[jed@dbic-lab-02 jed]$ globus-job-run cs-01.grid.dartmouth.edu/jobmanager-fork /bin/hostname
cs-01.grid.dartmouth.edu

You can request a specific jobmanager by appending jobmanager-jobmanager-name to the contact string in the globus utilities (globus-job-run, globus-job-submit). To simplify our configuration the default jobmanager should submit to the local DRM package. If you run the previous command with the default jobmanager you should be able to determine if a problem is in the DRM package or the Gatekeeper.

[jed@dbic-lab-02 jed]$ globus-job-run cs-01.grid.dartmouth.edu /bin/hostname
cs-05.grid.dartmouth.edu

If the Gatekeeper you are connecting to has the default Green Grid setup the batch jobmanager will be called 'jobmanager-sge'.