[Ru_ngi] Configuring the CMS TFC Plugin in D-Cache
Liudmila Stepanova
sli at inr.ru
Mon May 29 16:25:07 MSK 2023
Виктор, спасибо.
Я все тоже самое сделала у себя. Но чего-то у меня не хватает.
Проверяю 1095 порт
Должно быть
gfal-ls -l root://lcgsexrd.jinr.ru:1095/store/temp
dr-xr-xr-x 0 0 0 512 May 29 14:18 user
gfal-ls -l root://vobox0002.m45.ihep.su:1095/store/temp/
dr-xr-xr-x 0 0 0 512 May 29 14:16 user
У меня
gfal-ls -l root://grse001.inr.troitsk.ru:1095/store/
xrootd.log
secgsi_XrdOucGMap::dn2user: mapping DN
'/C=RU/O=RDIG/OU=users/OU=inr.ru/CN=Liudmila Stepanova' to '.cms'
230529 16:06:22 31445 secgsi_Authenticate: VOMS: Entity.vorg:
cms
230529 16:06:22 31445 secgsi_Authenticate: VOMS: Entity.grps:
/cms
230529 16:06:22 31445 secgsi_Authenticate: VOMS: Entity.role:
NULL
230529 16:06:22 31445 secgsi_Authenticate: VOMS: Entity.endorsements:
/cms/Role=NULL/Capability=NULL
230529 16:06:22 31445 XrootdXeq: sli.993:32 at grinr06 pub IP64 login as
.cms
less /etc/xrootd/Authfile
u * /store rl
u = /store/temp/home/user/@=/ a
Нужен ли xrootd-multiuser-2.1.2-1.1.osg36.el7.x86_64 ?
Best regards,
Liudmila.
Viktor Kotliar писал 2023-05-25 15:40:
> На всякий ещё конфигурация dCache xrootd door у нас [1]
>
>
> [1]
> ```
> [xrootd-dp0015Domain]
> [xrootd-dp0015Domain/xrootd]
> xrootd.root=/pnfs/m45.ihep.su/data/cms
> xrootd.plugins=gplazma:gsi
> ```
>
> 25.05.2023 15:01, Liudmila Stepanova пишет:
>>
>> Виктор и Валерий спасибо,
>> nfs заработал. Помогло добавить
>>
>> [nfs-${host.name}Domain]
>> [nfs-${host.name}Domain/nfs]
>>
>> Но хвост вытащила, голова увязла. Перестала работать dCache door
>> [file:/usr/share/dcache/services/xrootd.batch]: line 71: (1) Command
>> failed: java.lang.IllegalArgumentException: Authorization plugin not
>> found: cms-tfc
>> May 25 14:48:58 grse001 dcache at xrootd-grse001Domain: 25 May 2023
>> 14:48:58 (c-centralDomain-AAX8gzRb-4A)
>> [grse001.inr.troitsk.ru/2a0e:e140:0:0:0:0:0:180:11111] Sleeping 12
>> seconds
>> rpm -aq |grep tfc
>> xrootd-cmstfc-1.5.2-6.osg35up.el7.x86_64
>> xrootd-cmstfc-devel-1.5.2-6.osg35up.el7.x86_64
>>
>> Сейчас оставила xrootd.plugins=gplazma:gsi
>>
>> Попробую редиректор установить на другю машину
>> С уважением,
>> Людмила.
>>
>> Viktor Kotliar писал 2023-05-25 08:39:
>>> У нас dcache на одном хосте, редиректор на другом (CMS VO BOX)
>>>
>>> Конфиг dCache [1]. Конфиг xrootd [2]. Пакеты для xroot из osg [3].
>>> fstab [4] на редиректоре. storage.xml на редиректоре, не помню
>>> используется ли сейчас xrootd плагинами [5] При монтировании dcache
>>> NFS на хосте где NFS door fstab такой [6] /etc/export для NFS сервера
>>> такой [7]
>>>
>>> [1]
>>> ```
>>> [nfsDomain]
>>> [nfsDomain/nfs]
>>> nfs.version = 4.1
>>> nfs.domain=m45.ihep.su
>>> ```
>>>
>>> [2]
>>> ```
>>> cat /etc/xrootd/xrootd-clustered.cfg
>>>
>>> xrd.port 1095
>>>
>>> all.role server
>>> all.sitename T2_RU_IHEP
>>> all.manager xrootd-cms.infn.it+ 1213
>>>
>>> oss.localroot /pnfs/m45.ihep.su/data/cms
>>> xrootd.redirect dp0015.m45.ihep.su:1094 /
>>>
>>> all.export / r/o
>>>
>>> cms.allow host *
>>>
>>> xrootd.trace emsg login stall redirect
>>> ofs.trace none
>>> xrd.trace conn
>>> cms.trace all
>>>
>>> oss.namelib /usr/lib64/libXrdCmsTfc.so
>>> file:/etc/xrootd/storage.xml?protocol=direct
>>> xrootd.seclib /usr/lib64/libXrdSec-5.so
>>> all.adminpath /var/run/xrootd
>>> all.pidpath /var/run/xrootd
>>>
>>> # Turn on authorization
>>> ofs.authorize 1
>>> acc.authdb /etc/xrootd/Authfile
>>> sec.protocol /usr/lib64 gsi -d:1 -crl:0 -vomsfun:default
>>> -vomsat:extract -crl:0 -d:1 -gmapopt:11 -gmapto:60
>>>
>>> cms.delay startup 10
>>> cms.fxhold 60s
>>>
>>> xrd.report xrootd.t2.ucsd.edu:9931 every 60s all sync
>>> xrootd.monitor all auth flush io 60s ident 5m mbuff 8k rbuff 4k rnums
>>> 3 window 10s dest files io info user redir xrootd.t2.ucsd.edu:9930
>>>
>>> pss.setopt ReadCacheSize 0
>>>
>>> ```
>>>
>>> [3]
>>> ```
>>> rpm -qa|grep xroot
>>> xrootd-client-compat-5.4.2-1.1.osg36.el7.x86_64
>>>
>>> xrootd-server-5.4.2-1.1.osg36.el7.x86_64
>>> xrootd-libs-5.4.2-1.1.osg36.el7.x86_64
>>> xrootd-client-5.4.2-1.1.osg36.el7.x86_64
>>> nordugrid-arc-plugins-xrootd-6.14.0-1.el7.x86_64
>>> xrootd-server-libs-5.4.2-1.1.osg36.el7.x86_64
>>> xrootd-5.4.2-1.1.osg36.el7.x86_64
>>> xrootd-scitokens-5.4.2-1.1.osg36.el7.x86_64
>>> xrootd-voms-5.4.2-1.1.osg36.el7.x86_64
>>> xrootd-selinux-5.4.2-1.1.osg36.el7.noarch
>>> xrootd-cmstfc-1.5.2-6.osg36.el7.x86_64
>>> xrootd-server-compat-5.4.2-1.1.osg36.el7.x86_64
>>> xrootd-client-libs-5.4.2-1.1.osg36.el7.x86_64
>>> xrootd-lcmaps-99-1.osg36.el7.x86_64
>>> gfal2-plugin-xrootd-2.19.2-3.el7.x86_64
>>> xrootd-multiuser-2.0.3-1.osg36.el7.x86_64
>>>
>>> ```
>>>
>>> [4]
>>> ```
>>> dp0015-int.m45.ihep.su:/pnfs /pnfs nfs4
>>> rw,nosuid,nodev,nolock,hard,intr,nfsvers=4.1 0 0
>>> ```
>>>
>>> [5]
>>> ```
>>> cat /etc/xrootd/storage.xml
>>> <storage-mapping>
>>> <lfn-to-pfn protocol="direct" path-match="/+LoadTest/(.*)"
>>> result="/pnfs/m45.ihep.su/data/cms/phedex_loadtest/$1"/>
>>> <lfn-to-pfn protocol="direct"
>>> path-match=".*/LoadTest07_.*_IHEP_(.*)_.*_.*"
>>> result="/pnfs/m45.ihep.su/data/cms/store/PhEDEx_LoadTest07/LoadTest07/LoadTest07_IHEP_$1"/>*/LoadTest07_.*_CERN_(.*)_.*_.*
>>> <lfn-to-pfn protocol="direct"
>>> path-match="/+store/test/xrootd/T2_RU_IHEP/store/(.*)"
>>> result="/pnfs/m45.ihep.su/data/cms/store/$1"/>
>>> <lfn-to-pfn protocol="direct" path-match="/+store/(.*)"
>>> result="/pnfs/m45.ihep.su/data/cms/store/$1"/>
>>> <lfn-to-pfn protocol="dcap" chain="direct" path-match="(.*)"
>>> result="dcap://dp0015.m45.ihep.su:22125$1"/>
>>> <lfn-to-pfn protocol="srm" chain="direct" path-match="(.*)"
>>> result="srm://dp0015.m45.ihep.su:8443/srm/managerv1?SFN=$1"/>
>>> <lfn-to-pfn protocol="srmv2" chain="direct" path-match="(.*)"
>>> result="srm://dp0015.m45.ihep.su:8443/srm/managerv2?SFN=$1"/>
>>> <lfn-to-pfn protocol="gsiftp" chain="direct" path-match="(.*)"
>>> result="gsiftp://dp0015.m45.ihep.su/$1"/>
>>> <pfn-to-lfn protocol="dcap"
>>> path-match="dcap://dp0015.m45.ihep.su:22125/pnfs/m45.ihep.su/data/cms/store/(.*)"
>>> result="/store/$1"/>
>>> <pfn-to-lfn protocol="direct"
>>> path-match="/+pnfs/m45.ihep.su/data/cms/phedex_loadtest/(.*)"
>>> result="/LoadTest/$1"/>
>>> <pfn-to-lfn protocol="direct"
>>> path-match="/+pnfs/m45.ihep.su/data/cms/store/(.*)"
>>> result="/store/$1"/>
>>> <pfn-to-lfn protocol="direct"
>>> path-match="/+pnfs/m45\.ihep\.su/data/cms/(.*)" result="/$1"/>
>>> <pfn-to-lfn protocol="srm" chain="direct"
>>> path-match=".*\srm/managerv1?SFN=(.*)" result="$1"/>
>>> <pfn-to-lfn protocol="srmv2" chain="direct"
>>> path-match=".*\srm/managerv2?SFN=(.*)" result="$1"/>
>>> <pfn-to-lfn protocol="gsiftp" chain="direct"
>>> path-match="[a-z]+://[-a-z0-9:.]+/(.*)" result="$1"/>
>>> </storage-mapping>
>>> ```
>>>
>>>
>>> [6]
>>> ```
>>> 127.0.0.1:/pnfs /pnfs/ nfs4
>>> hard,intr,bg,noac,auto,vers=4.1 0 0
>>>
>>> ```
>>>
>>> [7]
>>> ```
>>> cat /etc/exports
>>> /pnfs localhost(rw,no_root_squash)
>>> / localhost(rw,no_root_squash)
>>> /pnfs 192.168.175.170/32(rw,no_root_squash)
>>> /pnfs 192.168.160.0/20
>>>
>>> ```
>>> 24.05.2023 21:06, Liudmila Stepanova пишет:
>>>> Добрый день всем.
>>>> Я выполнила переход с DPM на dCache. Не могу сконфигурировать CMS
>>>> TFC Plugin in D-Cache. Мне дали ссылку для конфигурации
>>>> https://twiki.cern.ch/twiki/bin/view/CMSPublic/DCacheXRootD
>>>> Где указано PNFS must be mounted for the xrootd federation host to
>>>> function. Это у меня не получается.
>>>> xrootd federation и dCashe door на одном сервере
>>>> (grse001.inr.troitsk.ru)
>>>> /etc/dcache/layouts/layout-grse001.inr.troitsk.ru.conf
>>>> doorsDomain/xrootd]
>>>>
>>>> [xrootd-${host.name}Domain]
>>>> [xrootd-${host.name}Domain/xrootd]
>>>> xrootd.plugins=gplazma:gsi,authz:cms-tfc
>>>> #xrootd.plugins=gplazma:gsi
>>>> xrootd.cms.tfc.path=/etc/dcache/storage.xml
>>>> xrootd.cms.tfc.protocol=direct
>>>> #xrootd.cms.tfc.protocol=xrootd
>>>> #
>>>> xrootd.authz.read-paths=/
>>>> xrootd.authz.write-paths=/
>>>> #
>>>> xrootd.limits.threads = 3000
>>>> xrootd.mover.timeout=28800000
>>>>
>>>> [doorsDomain/nfs]
>>>> nfs.version = 4.1
>>>>
>>>> DCache dcache-8.2.10-1.noarch
>>>> xrootd.log
>>>> /etc/xrootd/xrootd-clustered.cfg
>>>> #oss.localroot /dpm/inr.troitsk.ri/home/cms
>>>> xrd.port 11000
>>>> all.role server
>>>> all.manager any xrootd-cms.infn.it+ 1213
>>>> all.sitename T2_RU_INR
>>>> xrootd.redirect grse001.inr.troitsk.ru:1094 /
>>>> all.export / nostagea
>>>> #all.export /dpm/inr.troitsk.ru/home/cms/
>>>> cms.allow host *
>>>> xrootd.trace emsg login stall redirect
>>>> ofs.trace all
>>>> xrd.trace conn
>>>> cms.trace all
>>>> cms.space linger 0 recalc 30 min 2% 1g 5% 2g
>>>> oss.namelib /usr/lib64/libXrdCmsTfc.so
>>>> file:/etc/xrootd/storage.xml?protocol=direct
>>>> ofs.authorize 1
>>>> acc.authdb /etc/xrootd/Authfile
>>>> #sec.protocol /usr/lib64 gsi -d:1 -crl:0 -authzfun:libXrdLcmaps.so
>>>> -authzfunparms:--loglevel,1 -gmapopt:10 -gmapto:0
>>>> sec.protocol /usr/lib64 gsi -crl:3
>>>> -key:/etc/grid-security/xrd/xrdkey.pem
>>>> -cert:/etc/grid-security/xrd/xrdcert.pem -md:sha256:sha1 -ca:2
>>>> -gmapopt:10 -vomsfun:/usr/lib64/libXrdSecgsiVOMS.so
>>>> xrootd.seclib /usr/lib64/libXrdSec.so
>>>> all.adminpath /var/run/xrootd
>>>> all.pidpath /var/run/xrootd
>>>> cms.delay startup 10
>>>> cms.fxhold 60s
>>>> if exec xrootd
>>>> xrd.report grse001.inr.troitsk.ru:9931 every 60s all sync
>>>> xrootd.monitor all fstat 60s lfn ops ssq xfr 5 ident 5m dest
>>>> fstat info user CMS-AAA-EU-COLLECTOR.cern.ch:9330
>>>> fi
>>>>
>>>> Спасибо,
>>>> Людмила.
More information about the Ru_ngi
mailing list