Difference between revisions of "DUNE xrootd"

From DUNE
Jump to navigation Jump to search
Line 5: Line 5:
 
===Disclaimer===
 
===Disclaimer===
 
The information below is not a reliable piece of documentation meaning it was obtained by experimentation with a small xrootd built from scratch in trying to overcome a modicum of obscurity that is present in the official xrootd docs. There are probably more scientific and proper ways to do things.
 
The information below is not a reliable piece of documentation meaning it was obtained by experimentation with a small xrootd built from scratch in trying to overcome a modicum of obscurity that is present in the official xrootd docs. There are probably more scientific and proper ways to do things.
===Starting the service===
+
===Starting a simple instance of xrootd service===
 
There is more than way to start the xrootd service (see documentation).
 
There is more than way to start the xrootd service (see documentation).
 
The most primitive way is to start the requisite daemon processes from the command line. A few details are given below.
 
The most primitive way is to start the requisite daemon processes from the command line. A few details are given below.
Line 24: Line 24:
 
</pre>
 
</pre>
  
 +
===Clustering===
 
In a clustered environment, you also need to start the cluster manager daemon, e.g.
 
In a clustered environment, you also need to start the cluster manager daemon, e.g.
 
<pre>
 
<pre>
xrootd -c xr1.cfg /path/to/data
+
xrootd -c configFile.cfg /path/to/data
cmsd -c xr1.cfg /path/to/data
+
cmsd -c configFile.cfg /path/to/data
 
</pre>
 
</pre>
  
 +
===Configuration File===
 
An example of a working configuration file suitable for a server node (not for the manager node):
 
An example of a working configuration file suitable for a server node (not for the manager node):
 
<pre>
 
<pre>
 
all.role server
 
all.role server
all.export /home/maxim
+
all.export /path/to/data
 
all.manager 192.168.0.191:3121
 
all.manager 192.168.0.191:3121
 
xrd.port 1094
 
xrd.port 1094
acc.authdb /home/maxim/auth_file
+
acc.authdb /path/to/data/auth_file
 
</pre>
 
</pre>
 
In the example above the IP address for the manager needs to be set correctly, it's arbitrary in this sample. The "authdb" bit is important, nothing will work without proper authorization (quite primitive in this case as it relies on a file with permissions. If all users are given access to all data, the content of the file can be as simple as
 
In the example above the IP address for the manager needs to be set correctly, it's arbitrary in this sample. The "authdb" bit is important, nothing will work without proper authorization (quite primitive in this case as it relies on a file with permissions. If all users are given access to all data, the content of the file can be as simple as

Revision as of 23:45, 15 July 2016

Documentation

dCache/xrootd

  • A comprehensive review of dCache/xrootd. This document is quite relevant as it explains how dCache storage at FNAL is equipped with a "xroot door" so that it's exposed to external xrootd servers.

A pedestrian view on running a xrootd service

Disclaimer

The information below is not a reliable piece of documentation meaning it was obtained by experimentation with a small xrootd built from scratch in trying to overcome a modicum of obscurity that is present in the official xrootd docs. There are probably more scientific and proper ways to do things.

Starting a simple instance of xrootd service

There is more than way to start the xrootd service (see documentation). The most primitive way is to start the requisite daemon processes from the command line. A few details are given below.

Starting the xrootd daemon by itself is enough to serve data from a single node.

xrootd -c configFile.cfg /path/to/data

In this case configFile.cfg contains the necessary configuration. Without it present, some simple defaults will be assumed but one cannot do anything remotely meaningful.

Likewise, if the "path to data" is not explicitely defined, xrootd will default to /tmp which might work for initial testing but isn't practical otherwise. Whether xrootd is running as expected can be tested by using the xrdcp client from any machine from which the server is accessible, e.g.

xrdcp myFile.txt root://serverIP//path/to/data

Clustering

In a clustered environment, you also need to start the cluster manager daemon, e.g.

xrootd -c configFile.cfg /path/to/data
cmsd -c configFile.cfg /path/to/data

Configuration File

An example of a working configuration file suitable for a server node (not for the manager node):

all.role server
all.export /path/to/data
all.manager 192.168.0.191:3121
xrd.port 1094
acc.authdb /path/to/data/auth_file

In the example above the IP address for the manager needs to be set correctly, it's arbitrary in this sample. The "authdb" bit is important, nothing will work without proper authorization (quite primitive in this case as it relies on a file with permissions. If all users are given access to all data, the content of the file can be as simple as

u * /path/to/data lr

xrootd@BNL

Currently there is a small DUNE Cluster (for historical reason named "lbne cluster") at Brookhaven National Lab under the umbrella of RACF RHIC and ATLAS Computing Facility. The machines have names like lbne0001 etc. Xrootd software is deployed on all of these. To utilize it, the user needs to be authenticated with a X.509 certificate by the xrootd service and authorized to access it by system administrators (please contact Brett Viren or Maxim Potekhin for further information.

Once authorized on the site, the user will need the use the following commands to obtain the Grid proxy:

setenv GLOBUS_LOCATION /afs/rhic.bnl.gov/@sys/opt/vdt/globus
source $GLOBUS_LOCATION/etc/globus-user-env.csh
grid-proxy-init

...and enter the passphrase as required. This will make sure the user can be authenticated to the xrootd service is allowed to use it.

The following is an example of a shell command that will transport a single file from FNAL to BNL:

xrdcp root://lbnelrd.rcf.bnl.gov//lbne/mc/lbne/simulated/001/singleparticle_antimu_20140801_Simulation1.root \
/tmp/singleparticle_antimu_20140801_Simulation1.root

Possible xrootd architecture for medium term

The idea behind the architecture proposed here is to achieve federation of storage and access to data across a few data centers (e.g. national labs) with modest amount of effort and resources. In this approach, this is effectively achieved by using a "global redirector" which allows xrootd services to locate a particular piece of data within the federation.

Xrootd-arch.png

Misc

For Xrootd we can have global Xrootd paths like:

root://data.<tbd>.org/path/to/file.root

But, in the future we may want to serve data files on other protocols but in the same domain/namespace. Ie:

http://data.<tbd>.org/path/to/file.root

Since the two are on different ports this should be okay.

Back to Main Page (DUNE)

Back to DUNE Computing