Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland www.cern.ch/i t DBCF GT dpm-xrootd v3 Creating Federated Data Stores for the LHC David.

Slides:



Advertisements
Similar presentations
DPM Name Server (DPNS) Namespace Authorization Location of physical files DPM Server Requests queuing and processing Space Management SRM Servers v1.1,
Advertisements

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.
WebFTS as a first WLCG/HEP FIM pilot
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland t DBCF GT Simplifying Configuration Ricardo Rocha ( on behalf of the LCGDM.
© 2010 VMware Inc. All rights reserved Data Protection Module 10.
LHC Experiment Dashboard Main areas covered by the Experiment Dashboard: Data processing monitoring (job monitoring) Data transfer monitoring Site/service.
TAM STE Series 2008 © 2008 IBM Corporation WebSEAL SSO, Session 108/2008 TAM STE Series WebSEAL SSO, Session 1 Presented by: Andrew Quap.
Summary of issues and questions raised. FTS workshop for experiment integrators Summary of use  Generally positive response on current state!  Now the.
DONE-10: Adminserver Survival Tips Brian Bowman Product Manager, Data Management Group.
CERN - IT Department CH-1211 Genève 23 Switzerland t Monitoring the ATLAS Distributed Data Management System Ricardo Rocha (CERN) on behalf.
Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland t DBCF GT Performant and Future Proof: MySQL, Memcache and Raspberry Pi.
Experiment Support CERN IT Department CH-1211 Geneva 23 Switzerland t DBES PhEDEx Monitoring Nicolò Magini CERN IT-ES-VOS For the PhEDEx.
1 Chapter Overview Publishing Resources in Active Directory Service Redirecting Folders Using Group Policies Deploying Applications Using Group Policies.
CERN IT Department CH-1211 Geneva 23 Switzerland t Storageware Flavia Donno CERN WLCG Collaboration Workshop CERN, November 2008.
Configuration Management with Cobbler and Puppet Kashif Mohammad University of Oxford.
And Tier 3 monitoring Tier 3 Ivan Kadochnikov LIT JINR
July-2008Fabrizio Furano - The Scalla suite and the Xrootd1.
DYNES Storage Infrastructure Artur Barczyk California Institute of Technology LHCOPN Meeting Geneva, October 07, 2010.
MW Readiness Verification Status Andrea Manzi IT/SDC 21/01/ /01/15 2.
Experiment Support CERN IT Department CH-1211 Geneva 23 Switzerland t DBES GGUS Overview ROC_LA CERN
2/26/021 Pegasus Security Architecture Author: Nag Boranna Hewlett-Packard Company.
SKYPIAX, how to add Skype capabilities to FreeSWITCH (and Asterisk) CHICAGO, USA, September 2009.
WebFTS File Transfer Web Interface for FTS3 Andrea Manzi On behalf of the FTS team Workshop on Cloud Services for File Synchronisation and Sharing.
CERN SRM Development Benjamin Coutourier Shaun de Witt CHEP06 - Mumbai.
Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland t DBCF GT DPM Collaboration Motivation and proposal Oliver Keeble CERN On.
CERN IT Department CH-1211 Genève 23 Switzerland t Internet Services Job Priorities update Andrea Sciabà IT/GS Ulrich Schwickerath IT/FIO.
Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland t DBCF GT DPM / LFC and FTS news Ricardo Rocha ( on behalf of the IT/GT/DMS.
CERN IT Department t LHCb Software Distribution Roberto Santinelli CERN IT/GS.
Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland t DBCF GT Standard Interfaces to Grid Storage DPM and LFC Update Ricardo.
INFSO-RI Enabling Grids for E-sciencE ARDA Experiment Dashboard Ricardo Rocha (ARDA – CERN) on behalf of the Dashboard Team.
XROOTD AND FEDERATED STORAGE MONITORING CURRENT STATUS AND ISSUES A.Petrosyan, D.Oleynik, J.Andreeva Creating federated data stores for the LHC CC-IN2P3,
CERN IT Department CH-1211 Geneva 23 Switzerland GT HTTP solutions for data access, transfer, federation Fabrizio Furano (presenter) on.
Data & Storage Services CERN IT Department CH-1211 Genève 23 Switzerland t DSS XROOTD news New release New features.
Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland t DBCF GT Upcoming Features and Roadmap Ricardo Rocha ( on behalf of the.
Data Transfer Service Challenge Infrastructure Ian Bird GDB 12 th January 2005.
Andrea Manzi CERN On behalf of the DPM team HEPiX Fall 2014 Workshop DPM performance tuning hints for HTTP/WebDAV and Xrootd 1 16/10/2014.
INFSO-RI Enabling Grids for E-sciencE /10/20054th EGEE Conference - Pisa1 gLite Configuration and Deployment Models JRA1 Integration.
INFSO-RI Enabling Grids for E-sciencE SRMv2.2 in DPM Sophie Lemaitre Jean-Philippe.
CERN IT Department CH-1211 Genève 23 Switzerland t ALICE XROOTD news New xrootd bundle release Fixes and caveats A few nice-to-know-better.
Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland t DBCF GT Overview of DMLite Ricardo Rocha ( on behalf of the LCGDM team.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring Windows Server 2008 Printing.
Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland t DBCF GT Grid Technology SL Section Software Lifecycle Duarte Meneses.
1 Xrootd-SRM Andy Hanushevsky, SLAC Alex Romosan, LBNL August, 2006.
DMLite GridFTP frontend Andrey Kiryanov IT/SDC 13/12/2013.
Experiment Support CERN IT Department CH-1211 Geneva 23 Switzerland t DBES P. Saiz The future of AliEn.
09-Apr-2008Fabrizio Furano - Scalla/xrootd status and features1.
INFSO-RI Enabling Grids for E-sciencE File Transfer Software and Service SC3 Gavin McCance – JRA1 Data Management Cluster Service.
Andrea Manzi CERN EGI Conference on Challenges and Solutions for Big Data Processing on cloud 24/09/2014 Storage Management Overview 1 24/09/2014.
CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland.
Experiment Support CERN IT Department CH-1211 Geneva 23 Switzerland t DBES Author etc Alarm framework requirements Andrea Sciabà Tony Wildish.
Security recommendations DPM Jean-Philippe Baud CERN/IT.
DPM: Future Proof Storage Ricardo Rocha ( on behalf of the DPM team ) EMI INFSO-RI
Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland t DBCF GT Standard Protocols in DPM Ricardo Rocha.
EMI is partially funded by the European Commission under Grant Agreement RI DPM in EMI-II HTTP and NFS interfaces Oliver Keeble On behalf of DPM.
INFSO-RI Enabling Grids for E-sciencE GUMS vs. LCMAPS Oscar Koeroo.
DPM in FAX (ATLAS Federation) Wahid Bhimji University of Edinburgh As well as others in the UK, IT and Elsewhere.
EMI is partially funded by the European Commission under Grant Agreement RI Future Proof Storage with DPM Oliver Keeble (on behalf of the CERN IT-GT-DMS.
CERN IT Department CH-1211 Genève 23 Switzerland t DPM status and plans David Smith CERN, IT-DM-SGT Pre-GDB, Grid Storage Services 11 November.
dpm-xrootd status for xroot federations David Smith CERN DPM Workshop 07/12/2015 dpm-xrootd2.
Alain Bethuyne Web Security Architect BNPParibas Fortis
Jean-Philippe Baud, IT-GD, CERN November 2007
WLCG IPv6 deployment strategy
Status of the SRM 2.2 MoU extension
Data Federation with Xrootd Wei Yang US ATLAS Computing Facility meeting Southern Methodist University, Oct 11-12, 2011.
GFAL 2.0 Devresse Adrien CERN lcgutil team
DPM releases and platforms status
INFNGRID Workshop – Bari, Italy, October 2004
Summary of the dCache workshop
Presentation transcript:

Grid Technology CERN IT Department CH-1211 Geneva 23 Switzerland t DBCF GT dpm-xrootd v3 Creating Federated Data Stores for the LHC David Smith, on behalf of IT-GT, CERN 14 Sep 2012

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Introduction An existing dpm-xrootd written 2006 –A pair of plugins for OFS, XMI –Only ALICE token based access –Some performance issues with dispatch of requests to dpm dpm-xrootd - 2

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Introduction dpm-xrootd v3 Aim to: Provide xroot file I/O for DPM for all VOs Allow participation in xrootd federations Allow ALICE token based access Other VOs to use GSI for authentication –Support VOMS extensions –Authorization is done by DPM system use of an identity (user, [/vo,/vo/group,…]). dpm-xrootd - 3

Grid Technology Reminder of DPM dpm-xrootd - 4 /vo /dpm /domain /home DPM head node file (uid, gid1, …) DPM disk servers DPM Name Server –Namespace –Authorization –Physical files location Disk Servers –Physical files Direct data transfer from/to disk server External transfers via gridFTP CLI, C API, SRM-enabled client, etc. data transfer

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Relevant features of DPM DPM has a central service –A get request for a SURL (/dpm/example.com/home/dteam/file) gives an SFN (disk001.example.com:/data1/dteam/ /file ) to read –A put request for a SURL returns an SFN to write to –Put concluded with put_done –Authorization check during get or put –Files can not be modified once written –DPM instance is often run for multiple VOs Disk servers providing I/O –Clients have connectivity to disk servers dpm-xrootd - 5

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd Now: dpm-xrootd v3 is a set of plugins to xrootd server, using plugin interfaces (as for previous version) But different interfaces: –Use XrdOss, XrdCmsClient and XrdAccAuthorize plugins VOMS extraction disabled for now dpm-xrootd - 6

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd - 7 Example: file access

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd basic file access dpm-xrootd - 8 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd and deployment dpm-xrootd - 9 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xroot client: open xroot://dpm.example.com//dpm/example.com/dteam/file

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd and deployment dpm-xrootd - 10 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xroot client: open xroot://dpm.example.com//dpm/example.com/dteam/file dpm_put or dpm_get

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd and deployment dpm-xrootd - 11 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xroot client: open xroot://dpm.example.com//dpm/example.com/dteam/file Redirect: with host/port and opaque info &dpm.sfn=/data1/dteam/ /file

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd and deployment dpm-xrootd - 12 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xroot client: open xroot://dpm.example.com//dpm/example.com/dteam/file Open: with original filename in the request and opaque information disk001.example.com

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd and deployment dpm-xrootd - 13 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xroot client: close xroot://dpm.example.com//dpm/example.com/dteam/file Open: with original filename in the request and opaque information disk001.example.com dpm_putdone (for put only)

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Redirection to disk server Redirection xrootd interacts with DPM –Configured to offer XrdSecunix and XrdSecgsi to the xroot client –If a valid ALICE token is present in the opaque data from the client the identity is a preset. (Check if authz or signature in opaque data) –Otherwise an identity must be derivable from the XrdSecEntity authentication data (at disk too) –Goes through get or put sequence with DPM system (currently using classic dpns/dpm api) –May need to return a wait time to the client if the get or put sequence takes more than ~1 second dpm-xrootd - 14

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Redirection to disk server II If get or put is successful, redirect is returned directing to the target disk server. Opaque data is added: dpm-xrootd - 15

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Disk access keyed hash Disk servers require keyed hash (with limited duration) in opaque data Use HMAC-SHA for keyed hash Key stored in disk and memory of xrootd processes (required to be 32 to 64 bytes) dpm-xrootd - 16

CERN IT Department CH-1211 Geneva 23 Switzerland t GT At the disk server Hash and dpm.dhost checked dpm.time must be within validity window (300 seconds default) of current time Access mode of request must be consistent with dpm.put Then disk I/O via native XrdOss ofs.persist auto hold 0 is set, to remove files not closed at the end of writing dpm-xrootd - 17

CERN IT Department CH-1211 Geneva 23 Switzerland t GT At the disk server II For Put –On success call dpm_putdone with dpm token and surl. –On fail (no close) call dpm_abortfiles with dpm token and surl. For Get –No interactions with central DPM dpm-xrootd - 18

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd and federation With the basic xroot file access vo/users could devise federations.. but Want to provide integrated method (as for a native xroot site) Next: a couple of example sequences dpm-xrootd - 19 FEDERATION of XROOT access

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd federating for VO dpm-xrootd - 20 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd federating for VO dpm-xrootd - 21 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo)

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd federating for VO dpm-xrootd - 22 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo)

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd federating for VO dpm-xrootd - 23 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo) regional redirector

CERN IT Department CH-1211 Geneva 23 Switzerland t GT federation: client example 1 dpm-xrootd - 24 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo) regional redirector xroot client: open xroot://regional.example.org//vo/example.dat /vo/example.dat ?

CERN IT Department CH-1211 Geneva 23 Switzerland t GT federation: client example 1 dpm-xrootd - 25 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo) regional redirector xroot client: open xroot://regional.example.org//vo/example.dat /vo/example.dat ? XrdPss: stat /vo/example.dat (specially trusted at xrootd)

CERN IT Department CH-1211 Geneva 23 Switzerland t GT federation: client example 1 dpm-xrootd - 26 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo) regional redirector xroot client: open xroot://regional.example.org//vo/example.dat /vo/example.dat ? dpns_stat

CERN IT Department CH-1211 Geneva 23 Switzerland t GT federation: client example 1 dpm-xrootd - 27 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo) regional redirector xroot client: open xroot://regional.example.org//vo/example.dat...if site has example.dat client may be directed there Redirect to dpm.example.com:11000

CERN IT Department CH-1211 Geneva 23 Switzerland t GT federation: client example 1 dpm-xrootd - 28 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo) regional redirector xroot client: open xroot://regional.example.org//vo/example.dat

CERN IT Department CH-1211 Geneva 23 Switzerland t GT federation: client example 1 dpm-xrootd - 29 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo) regional redirector xroot client: open xroot://regional.example.org//vo/example.dat Not Involved

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd - 30 Client example 2

CERN IT Department CH-1211 Geneva 23 Switzerland t GT federation: client example 2 dpm-xrootd - 31 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo) regional redirector xroot client: open xroot://dpm.example.com//vo/example2.dat

CERN IT Department CH-1211 Geneva 23 Switzerland t GT federation: client example 2 dpm-xrootd - 32 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo) regional redirector xroot client: open xroot://dpm.example.com//vo/example2.dat Redirect: to dpm.example.com:11000

CERN IT Department CH-1211 Geneva 23 Switzerland t GT federation: client example 2 dpm-xrootd - 33 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo) regional redirector xroot client: open xroot://dpm.example.com//vo/example2.dat

CERN IT Department CH-1211 Geneva 23 Switzerland t GT federation: client example 2 dpm-xrootd - 34 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo) regional redirector xroot client: open xroot://dpm.example.com//vo/example2.dat In case of no file: Redirect to regional.example.org dpm_get

CERN IT Department CH-1211 Geneva 23 Switzerland t GT dpm-xrootd - 35 Few other details

CERN IT Department CH-1211 Geneva 23 Switzerland t GT xrootd:1095 (disk server) Name2name libs dpm-xrootd - 36 xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo) May use a standard name2name lib But loaded by our cmslib not OSS Calls lfn2pfn method, e.g. for global namespace to surl xrootd:11001 (fedredir_vo2) cmsd (fedredir_vo2)

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Plugins provided xrootd redirector –libXrdDPMFinder (XrdCmsClient) –libXrdDPMOss (XrdOss) –libXrdDPMRedirAcc (XrdAccAuthorize) xrootd disk –libXrdDPMDiskAcc (XrdAccAuthorize) –libXrdDPMOss dpm-xrootd - 37

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Options dpm-xrootd - 38

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Options: dpm dpm-xrootd - 39

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Options: alice token handling dpm-xrootd - 40

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Options: name translation dpm-xrootd - 41

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Status summary Available via dedicated repository –including xrootd packages (EPEL packaging) Expect xrootd 3.2.x in the EMI third party repo first –Eventually recent version of xrootd to go into EPEL dpm-xrootd setup instructions on the web –YAIM module written for yaim generation of the config files Deployments at four sites –May be others dpm-xrootd - 42

CERN IT Department CH-1211 Geneva 23 Switzerland t GT To do Eventually use dmlite rather than classic dpm/dpns api for dpm service access. VOMS dpm-xootd uses few xrootd interfaces for which ABI compatibility across minor releases isn’t guaranteed. Remove when possible. Monitoring –dpm site probably multi-vo dpm-xrootd - 43

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Monitoring sources dpm-xrootd - 44 xrootd:1095 (disk server) xrootd:1095 (disk server) xrootd (redirector) DPM service xrootd:11000 (fedredir_vo) cmsd (fedredir_vo) xrootd:11001 (fedredir_vo2) cmsd (fedredir_vo2)

CERN IT Department CH-1211 Geneva 23 Switzerland t GT Contacts DPM Support: dpm-xrootd setup wiki: – t/Setuphttps://svnweb.cern.ch/trac/lcgdm/wiki/Dpm/Xroo t/Setup dpm-xrootd - 45

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.