LFC Installation and configuration Africa 4 2010 - Joint EUMEDGRID-Support/EPIKH Federico Bitelli Bitelli<@>fis.uniroma3.it Physics Dep. Roma TRE University / INFN ROMA3

Outline Introduction to LCG File Catalogue (LFC) How to install a LFC Server Troubleshoting LFC References

File Catalog Motivations User and programs produce and require data Data may be stored in Grid datasets (files) Located in Storage Elements (SEs) Several replicas of one file in different sites Accessible by Grid users and applications from “anywhere” Locatable by the WMS (data requirements in JDL) Data may be copied from/to local filesystems (WNs, UIs) to the Grid Why File Catalogs are used? They keep track of the location of copies (replicas) of Grid files They provide DM tools and APIs through which users and grid services can deal with files

SE types Classic SE: GridFTP server Insecure RFIO daemon (rfiod) – only LAN limited file access Single disk or disk array No quota management not supported anymore

SE types ●dCache ●Storm ●CERN Advanced STORage manager (CASTOR) ● Consists of a server and one or more pool nodes. ● Centralized admin.: single point of access to the SE. ● Files are presented in the disk pools under a single virtual filesystem tree. ● Uses the GSI dCache Access Protocol (gsidcap). ●Storm ● Solution best suited to cope with large storage (> or >> 100 TB) ● Makes full advantage of parallel filesystem (GPFS, Lustre) ● SRM v2.2 interface ●CERN Advanced STORage manager (CASTOR) ● Files are migrated from a disk buffer frontend to a tape mass storage ● Uses the insecure Remote File I/O protocol (RFIO) ●Disk Pool Manager (DPM) ● Used for fairly small SEs (max 10 TB of total space) with diskbased storage only. ● Uses secure RFIO protocol Location, Meeting title, dd.mm.yyyy

Name conventions Logical File Name (LFN) An alias created by a user to refer to some item of data, e.g. “lfn:cms/20030203/run2/track1” Globally Unique Identifier (GUID) A non-human-readable unique identifier for an item of data, e.g. “guid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6” Site URL (SURL) (or Physical File Name (PFN) or Site FN) The location of an actual piece of data on a storage system, e.g. “srm://pcrd24.cern.ch/flatfiles/cms/output10_1” (SRM) “sfn://lxshare0209.cern.ch/data/alice/ntuples.dat” (Classic SE) Transport URL (TURL) a valid URI with the necessary information to access a file in a SE, e.g.“rfio://lxshare0209.cern.ch//data/alice/ntuples.dat”

What is a file catalog? File Catalog SE SE SE gLite UI

What is a File Catalog? Each file has a unique identifier Files/directories are organized on a Catalogue Similar to a filesystem (Logical File Name) The data can be stored on several Storage Elements (SE) The Catalogue hides the actual location Logical File Name LFN : /grid/gilda/dornbirn/file.txt Storage Resource Manager srm://trigrid-ce01.unime.it/dpm/unime.it/home/gilda/generated/2006-09-20/filef026441a-5834-431f-b28d-06cb7e4c784f Physical Filename /home/gilda/generated/2006-09-20/filef026441a-5834-431f-b28d-06cb7e4c784f Catalogue SE SE SE SE SE

LFC Commands Summary of the LFC Catalog commands lfc-chmod Change access mode of the LFC file/directory lfc-chown Change owner and group of the LFC file-directory lfc-delcomment Delete the comment associated with the file/directory lfc-getacl Get file/directory access control lists lfc-ln Make a symbolic link to a file/directory lfc-ls List file/directory entries in a directory lfc-mkdir Create a directory lfc-rename Rename a file/directory lfc-rm Remove a file/directory lfc-setacl Set file/directory access control lists lfc-setcomment Add/replace a comment

lcg utils commands Replica Management File Catalog Interaction lcg-aa lcg-cp Copies a grid file to a local destination lcg-cr Copies a file to a SE and registers the file in the catalog lcg-del Delete one file lcg-rep Replication between SEs and registration of the replica lcg-gt Gets the TURL for a given SURL and transfer protocol lcg-sd Sets file status to “Done” for a given SURL in a SRM request File Catalog Interaction lcg-aa Add an alias in LFC for a given GUID lcg-ra Remove an alias in LFC for a given GUID lcg-rf Registers in LFC a file placed in a SE lcg-uf Unregisters in LFC a file placed in a SE lcg-la Lists the alias for a given SURL, GUID or LFN lcg-lg Get the GUID for a given LFN or SURL lcg-lr Lists the replicas for a given GUID, SURL or LFN

LFC Server Installation

pre-requisites Start from a fresh install of SLC 5.x (X86_64) Request a X509 host certificate for the LFC Server you are going to install from a Certification Autority (CA). For example, to get host certificates from the GILDA CA, go to: https://gilda.ct.infn.it/CA/mgt/restricted/srvreq.php For Eumed : http://roc.africa-grid.org/index.php?option=com_content&view=article&id=1149&Itemid=110 Copy host certificates (hostcert.pem and hostkey.pem) in /etc/grid-security. chmod 644 hostcert.pem chmod 400 hostkey.pem If you plan to use certificates released by unsupported EGEE CA’s, be sure that their public key, signing policy and CRLs (usually distributed with an rpm) are installed in /etc/grid-security/certificates.

pre-requisites 2 Syncronization among all gLite nodes is mandatory. So install ntp #yum install ntp Check ntpd daemon

if your hostname is incorrect : pre-requisites 3 Check the FQDN (fully qualified domain name) hostname Ensure that the hostnames of your machines are correctly set. Run the command: #hostname –f if your hostname is incorrect : edit the file /etc/sysconfig/network and set the HOSTNAME variable and restart network service

Just for GILDA INFRASTRUCTURE Repository settings Download in yum repository directory wget http://grid-it.cnaf.infn.it/mrepo/repos/sl5/x86_64/dag.repo wget http://grid-it.cnaf.infn.it/mrepo/repos/sl5/x86_64/ig.repo wget http://grid-it.cnaf.infn.it/mrepo/repos/sl5/x86_64/lcg-ca.repo These 3 are common repositories for all node type (SL5.x x86_64) Copy the gilda utils: wget http://grid018.ct.infn.it/mrepo/repos/gilda.repo -O /etc/yum.repos.d/gilda.repo Just for GILDA INFRASTRUCTURE Copy the lfc utils: wget http://grid-it.cnaf.infn.it/mrepo/repos/sl5/x86_64/glite-lfc_mysql.repo -O /etc/yum.repos.d/glite-lfc_mysql.repo This is the repository specific for LFC (Mysql ) Exist one similar repository to install the Oracle version of LFC

yum install mysql-server #yum install lcg-CA #yum install gilda_utils Installation #yum clean all #yum update #yum install java yum install mysql-server Install the CAs #yum install lcg-CA (For this tutorial add the pakage gilda_utils) #yum install gilda_utils Install the metapackage #yum install <metapackage>: #yum install ig_LFC_mysql

LFC Configuration Create a copy of /opt/glite/yaim/examples/ig-site-info.def template to your reference directory for the installation (e.g. /root/sitedir): #cp /opt/glite/yaim/examples/ig-site-info.def /root/sitedeir/site-info.def Copy the directory ‘services’ in the same location # ls /root/sitedir/ my-ig-site-info.def services #ls /root/sitedir/services ig-lfc_mysql Edit the site-info.def file (you can use the one used for other services ..) Once you end the editing a good syntax test for your site configuration file is to try to source it manually running the command: #source site-info.def

edit site-info.def ig-site-info.def Important variables to edit SITE_NAME=SITE_EMAIL="your email address" MYSQL_PASSWORD=123456 MY_DOMAIN= miodomainname GROUPS_CONF=/opt/glite/yaim/examples/ig-groups.conf # (check GILDA Group) USERS_CONF=/opt/glite/yaim/examples/ig-users.conf #(Check GILDA users in it) JAVA_LOCATION=/usr/java/latest (Check this)

Support for GILDA VO example: 4451:gildasgm:4400:gilda:gilda:sgm: VOS=“eumed gilda“  add here the VOs you want to support GILDA_GROUP_ENABLE="gilda" VO_GILDA_VOMS_CA_DN="/C=IT/O=INFN/CN=INFN CA" VO_GILDA_SW_DIR=$VO_SW_DIR/gilda VO_GILDA_DEFAULT_SE=$DPM_HOST VO_GILDA_STORAGE_DIR=$CLASSIC_STORAGE_DIR/gilda VO_GILDA_VOMS_SERVERS="voms://voms.ct.infn.it:8443/voms/gilda?/gilda" VO_GILDA_VOMSES="gilda voms.ct.infn.it 15001 /C=IT/O=INFN/OU=Host/L=Catania/CN=voms.ct.infn.it gilda" Add gilda poolaccount in /opt/lcg/yaim/examples/ig-users.conf according the following format: UID:LOGIN:GID:GROUP:VO:FLAG: example: 4451:gildasgm:4400:gilda:gilda:sgm: 4401:gilda001:4400:gilda:gilda:: 4402:gilda002:4400:gilda:gilda:: Add the following lines to /opt/lcg/yaim/examples/ig-groups.conf "/gilda/ROLE=SoftwareManager":::sgm: "/gilda/grelc/das/*":gilda::: "/gilda"::::

Edit other files edit ig-lfc_mysql vi sitedir/services/ig-lfc_mysql LFC_HOST=yourhostname LFC_DB_PASSWORD=123456 LFC_DB=cns_db LFC_DB_HOST=$LFC_HOST LFC_HOST_ALIAS="" LFC_CENTRAL="gilda" LFC_LOCAL="" LFC_READONLY=no #Set to yes if are installing a replica

Configuration scripts Start the configuration of the LFC according the information provided into the site-info.def with: #/opt/glite/yaim/bin/ig_yaim -c -s /root/sitedeir/site-info.def -n ig_LFC_mysql This command will execute all the functions : config_root_email, config_ldconf ,config_ntp, config_sysconfig_edg,config_sysconfig_globus,config_sysconfig_lcg,config_crl,config_host_certs,config_vomsdir,config_edgusers,config_mkgridmap,config_bdii_only,config_gip_only,config_gip_lfc,config_gip_service_release,config_nfs_sw_dir_server,config_lfc_user,config_lfc_upgrade,config_lfc_mysql,config_lfc_server,config_lfc_dli Consider to take a look at the right function if you have some kinds of error (bash scripts) If configuration was successfull we can proced to test LFC

LFC Server Testing Log into a user interface where the LFC clients commands and lcg-utils are installed: rpm -qa | grep LFC-client rpm -qa | grep lcg_util For gliteUI should be always true !! Set the hostname of the LFC catalog you want to use(test): export LFC_HOST=yourlfchost.yourdomain export LCG_CATALOG_TYPE=lfc Be sure to have already initialized a voms proxy: voms-proxy-info –all Give a look inside the /grid/gilda folder with: lfc-ls -l /grid/gilda

LFC Server Testing (II) Check that LCG_GFAL_INFOSYS variable is correctly set up to your BDII server: export LCG_GFAL_INFOSYS=<bdii_name>:2170 Use lcg-infosites to discover which SE are available to your VO: lcg-infosites --vo gilda se Choose one SE and upload a file with: lcg-cr -v --vo gilda -d <fadq of the choosen SE> -l lfn:/grid/gilda/filename.jdl file://$PWD/filename.jdl Check if the file was correctly registered into the catalog and where it was stored: lfc-ls -l /grid/gilda/ lcg-lr --vo gilda lfn:/grid/gilda/filename.jdl

A look to Mysql [root@glitelfc ~]# mysql -p -u root Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 29 Server version: 5.0.77 Source distribution Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> show databases; +--------------------+ | Database | | information_schema | | cns_db | | mysql | | test | 4 rows in set (0.00 sec) Location, Meeting title, dd.mm.yyyy

select * from Cns_file_metadata; mysql> connect cns_db; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Connection id: 30 Current database: cns_db mysql> show tables; +--------------------+ | Tables_in_cns_db | | Cns_class_metadata | | Cns_file_metadata | | Cns_file_replica | | Cns_groupinfo | | Cns_symlinks | | Cns_unique_gid | | Cns_unique_id | | Cns_unique_uid | | Cns_user_metadata | | Cns_userinfo | | schema_version | 11 rows in set (0.00 sec) Try the command: select * from Cns_file_metadata; This give information about the structure of directory and guid of files select * from Cns_file_replica; This give information about SiteFileName Location, Meeting title, dd.mm.yyyy

References LCG File Catalog (LFC) administrators' guide https://uimon.cern.ch/twiki/bin/view/LCG/LfcAdminGuide LFC Troubleshooting https://uimon.cern.ch/twiki/bin/view/LCG/LfcTroubleshooting EUMED DATA MANAGEMENT http://applications.eumedgrid.eu/lessons/lesson06_20090731.pdf