Commit 8a87fbb1 authored by Andrii Salnikov's avatar Andrii Salnikov

adding country-level deployment hings to archery deployment guide

parent 952bc96a
Pipeline #3729 canceled with stages
================================
Deploying ARCHERY for Project/VO
================================
========================================
Deploying ARCHERY for Country/Project/VO
========================================
This document shows the example configuration of ARCHERY to hold Computing Elements endpoints
for some project (experiment, virtual organization, etc).
for some project (country-level, experiment, virtual organization, etc).
Examples assumes that you have BIND as a DNS service.
Configuration examples in this guide are provided for BIND, however you can use any name server implementation.
Entry point
===========
......@@ -15,10 +15,13 @@ To submit job using ARCHERY run::
arcsub -g example.org myjob.xrsl
The ``nordugrid.org`` represents the whole Nordugrid infrastructure entry point. It holds references to the country-level
endpoints named upon country code top-level domain (ccTLD) identifiers: ``<ccTLD>.archery.nordugrid.org``
Transaction signature key to manage endpoints
=============================================
It is possible to manage records manually, however to provide up-to-date information and keep is simple to manage endpoints
It is possible to manage records manually, however to provide up-to-date information and keep it simple to manage endpoints
it is advised to use Dynamic DNS updates with ``archery-manage``.
Generate key
......@@ -59,11 +62,14 @@ reasons it is advised to have dedicated zone configured for ARCHERY records.
.. [#] The content will be updated dynamically and it is better to eliminate the possiblity of changing non-archery related records. Dedicated subzone is an easiest way.
You can use any name for dedicated sub-zone, this example uses ``index.example.org``.
You can use any name for dedicated zone, this example uses ``index.example.org``. [#]_
.. [#] Use ``<ccTLD>.archery.nordugrid.org`` if you are setting up country-level index for the Nordugrid infrastructure
Addresses used in the following examples:
- Master DNS: ``ns1.example.org (192.0.2.100)``
- Slave DNS: ``ns2.example.org (192.0.2.200)``
- Primary (master) DNS: ``ns1.example.org (192.0.2.100)``
- Seondary (slave) DNS: ``ns2.example.org (192.0.2.200)``
Define zone in DNS
------------------
......@@ -87,9 +93,9 @@ Add zone definition to master ``named.conf``::
Please note ``allow-update`` directive that authorize dynamic DNS update queries signed by ``archery-manage`` key.
Slave DNS should be configured without any special options::
Secondary DNS should be configured without any special options::
zone "dk.archery.nordugrid.org." IN {
zone "index.example.org." IN {
type slave;
file "slave/index.example.org.db";
masters {
......@@ -121,6 +127,9 @@ The zonefile template (timers are subject to arrange depending on planned update
Define records in parent zone
-----------------------------
.. note:: If you setup country-level index for the Nordugrid infrastructure such records are defined in the parent ``nordugrid.org`` zone.
Please provide your setup information for the top-level index instead of this section.
Define ``NS`` records [#]_ to refer defined subzone::
$ORIGIN example.org.
......@@ -157,7 +166,7 @@ Populate DNS with information
To populate DNS zone with endpoints information you should run ``archery-manage`` in the following way::
archery-manage -s file:ce.list --ddns-update \
archery-manage -s file:ces.list --ddns-update \
--domain index.example.org --ddns-master-ip 192.0.2.100 \
--ddns-tsig-keyfile archery-manage.key
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment