Presentation is loading. Please wait.

Presentation is loading. Please wait.

XRootD Release 4.5 And Beyond

Published byWalter Simpson Modified over 6 years ago

Similar presentations

Presentation on theme: "XRootD Release 4.5 And Beyond"— Presentation transcript:

1 XRootD Release 4.5 And Beyond
XRootD Workshop Tokyo Stanford University/SLAC November 10, 2016 Andrew Hanushevsky, SLAC

2 November Release 4.5 Highlights
Request signing Dual stack networking option Client reporting of release at login time Separate negative cache timeout in cmsd Allow file names with spaces Allow host names starting with digit Automatic URL prefixing Zip archive support

3 Request Signing Protects XRootD servers from bad actors
Client Server Request Response Delete File x Client can cryptographically sign requests Sever verifies request came from the same authenticated client Bad actor problem avoided

4 Enabling Request Signing
Request signing gives you peace of mind When allowing R/W access to the server Especially on the WAN Server configuration option sec.level {all|local|remote] [relaxed] level all applies level to local and remote client local and remote provide split options relaxed provides a migration path It requires signing only for 4.5 and up clients

5 Request Signing Levels
none The default compatible Only destructive operations Is compatible with R/O access for old clients standard | intense | pedantic Each requires more operations to be signed

6 Request Verification by Level
Operation Compatible Standard Intense Pedantic admin verified auth --- bind chmod close decrypt dirlist endsess getfile locate login mkdir mv open read open Write ping prepare protocol putfile query query special read readv rm rmdir set set special sigver stat statx sync truncate verifyw write

7 Dual Stack Networking Option
Pre-4.3 clients may report as IPv6 only This is a big headache for IPv4-only servers New server-side option xrd.network assumev4 Server will assume client has IPv4 Only applied to 4.4 or older clients Server can’t detect a client’s release level until…

8 Client Release Reporting
Client will report it’s release level Happens at login time This allows future server-side bypasses When a particular release has a bug Upgrading server can bypass old client bugs Make client migration much easier

9 Separate Negative Cache Timeout
The cmsd caches file location Implicitly caches missing files as well Default is 8 hours Incorrectly missing files will be missing 8 hours Unless data server updates the cahe New server configuration option cms.fxhold noloc ntime[h|m|s]  ntime expiration for cached missing files only

10 Allow File Names With Spaces
XRootD allows spaces in file names Every operation except rename Protocol extension covers rename now All 4.5 plus clients use the protocol extension

11 Host Names Starting With Digits
XRootD originally adhered to RFC 952 Hostnames may contain letters, digits, dashes But may not start with a digit Now it adheres to RFC 1123 Supplants RFC 952 allows 1st char as a digit Required for auto-generated hostnames Typically a problem for VM’s and containers

12 Automatic URL Prefixing
Required by fully firewalled sites Outside World Forwarding Proxy Server Inside Client Much like HTTP proxy Open(“root://x//file”) Automatically converted to Open(“root://proxy//root://x//file”) Done as a configurable client plug-in Usable by 4.0 and above clients Will address multi-tenant sites later

13 Zip Archive Support Fully implemented as a client feature
Allows extraction of file from archive No need to transmit the whole archive Covered by Elvin’s talk

14 January Release 4.6 Async I/O Proxy Handling Disk Caching Proxy
Possible other addition Extreme (multi-source) copy Perhaps others to be determined

15 Async I/O Proxy Handling
Proxy now handles async I/O requests Previously converted async to sync I/O Motivation Improve streaming performance of xrdcp Improve Disk Caching Proxy performance Certain background operations (e.g. pre-fetch) May require tuning to get best performance See xrootd.async directive

16 Disk Caching Proxy File or block level caching

17 Typical Disk Caching Proxy Uses
Remote XRootD Clusters Speed up Remote Access Self-Managed SE’s Local Clients Caching Proxy Speed up Random Access XRootD Server HDFS Caching Proxy Speed up HD Access SSD XRootD Cluster FS

18 More On Disk Caching Proxy
High potential to solve vexing problems Reduced remote latency for user analysis Just in time data Avoids pre-placement delays Optimized disk space utilization Cached data access via xroot and http Currently being tested at scale MWT2, SLAC, University of Notre Dame

19 Disk Caching Proxy Caveats
Needs installation of tcmalloc or jemalloc Avoids memory growth problems in glibc It’s very easy to overload the proxy Lager sites should consider caching clusters Two or more proxies clustered together Fully supported upon release

20 Disk Caching Proxy Deployment
Target sites without ATLAS managed disk Opportunistic sites OSG diskless sites Pacific Research Platform sites (NSF funded program) NASA, NREN, U Washington, UC School System Includes University California LHC sites (3 ATLAS T3’s) Interconnected via CalREN, ESNET, & Pacific Wave Sites and networking may expand

21 In The Pipeline for 4.7 or 4.8 Space quotas Scalable Service Interface

22 Space Quotas Experiments want write access to XRootD
Current development Non-hierarchical logical path based quotas Quota is soft Roughly within a specified resolution Periodic recalibration Will be a plug-in so can be replaced This is much harder than imagined!

23 Scalable Service Interface
Framework for distributed services Builds on robust & recoverable XRootD Uses a remote object execution model Current deployed for LSST qserv Distributed unshared mySQL servers Successfully being used with 100’s of nodes API is still being refined Will be released when finalized

24 Future Enhancements (not yet set)
Multi-source copy Multi-Source load balancing client Eliminating cmsd write lookup delays Tracking file ownership Eliminating 64-node limit (exploratory) HTTP 2 plug-in

25 Multi-Source Copy Implement the –sources xrdcp option
The source can be a redirector or metalink I/O automatically balanced across sources Advanced algorithm to avoid ending tail XRootD Source 1 Source 2 Source 3 Source 4 xrdcp –sources 4 source target

26 Multi-Source Load Balancing Client
Similar to xrdcp but with a big twist The source can be a redirector or metalink A new source is added only if current one slow Can bounce around multiple sources Determines by real-time performance metrics XRootD Source 1 Source 2 Source 3 Source 4 TFile.open(source);

27 The Missing File Problem
Linux Server Machine A xroot Server Data Files xrdcp root://R//foo /tmp Linux Server Machine R xroot Server Application 1 Who has /foo? xroot Client Redirector open(“/foo”); Linux 2 Nope! Client Machine 5 /foo Data Files xroot Server File deemed not to exist if there is no response after 5 seconds! OK for read access not so much for file creation. Linux Server Machine B

28 Eliminating cmsd Write Lookup Delay
The cmsd uses a no response model No response -> file does not exist Extremely scalable for analysis use case Usually always looking for existing files Not so good for creating files A small change in protocol can fix this Required for efficient handling of experiments desire for writable clusters

29 Tracking File Ownership
UID/GID tracking of ownership Available for certain authentication methods GSI with a gridmap file Kerberos (in domain only) Simple Shared Secret Unix Must start XRootD as root Security considerations abound May allow of uid/gid based quotas

30 New Third Party Transfer
New 3rd Party Transfer Plan to use forwardable credentials X.509 (i.e. Grid Certificates) Allows almost universal 3rd party access Only one of three parties needs to support it The File Residency Manager already does this Will coexist with current mechanism

31 Eliminating 64-Node Limit I
xrootd cmsd xrootd cmsd Manager (Root Node) xrootd cmsd xrootd cmsd 641 = xrootd cmsd 642 = Supervisors (Interior Nodes) xrootd cmsd 643 = xrootd cmsd 644 = Data Server (Leaf Nodes)

32 Eliminating 64-Node Limit II
A B64 tree architecture is generally ideal Fast scaling and highly parallel file search But it’s cumbersome for large clusters Need to deploy sufficient supervisor nodes Exploring different type of trees B128 B256 B512 etc Parallelism is the biggest stumbling block However, it would simplify configuration

33 That’s All! What’s Your Wish List?

Download ppt "XRootD Release 4.5 And Beyond"

Similar presentations

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Distributed Xrootd Derek Weitzel & Brian Bockelman.

Distributed Xrootd Derek Weitzel & Brian Bockelman.
EGEE is a project funded by the European Union under contract IST-2003-508833 Using SRM: DPM and dCache G.Donvito,V.Spinoso INFN Bari www.eu-egee.org.

EGEE is a project funded by the European Union under contract IST Using SRM: DPM and dCache G.Donvito,V.Spinoso INFN Bari
1 Chapter 11: File-System Interface  File Concept  Access Methods  Directory Structure  File System Mounting  File Sharing  Protection  Chapter.

1 Chapter 11: File-System Interface  File Concept  Access Methods  Directory Structure  File System Mounting  File Sharing  Protection  Chapter.
Adding scalability to legacy PHP web applications Overview Mario A. Valdez-Ramirez.

Adding scalability to legacy PHP web applications Overview Mario A. Valdez-Ramirez.
Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.

Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.
Extensible Scalable Monitoring for Clusters of Computers Eric Anderson U.C. Berkeley Summer 1997 NOW Retreat.

Extensible Scalable Monitoring for Clusters of Computers Eric Anderson U.C. Berkeley Summer 1997 NOW Retreat.
Other File Systems: AFS, Napster. 2 Recap NFS: –Server exposes one or more directories Client accesses them by mounting the directories –Stateless server.

Other File Systems: AFS, Napster. 2 Recap NFS: –Server exposes one or more directories Client accesses them by mounting the directories –Stateless server.
ArcGIS for Server Reference Implementations An ArcGIS Server’s architecture tour.

ArcGIS for Server Reference Implementations An ArcGIS Server’s architecture tour.
PRASHANTHI NARAYAN NETTEM.

PRASHANTHI NARAYAN NETTEM.
NETOP ONDEMAND What’s new in version 2.1? DECEMBER 09 NETOP ONDEMAND1.

NETOP ONDEMAND What’s new in version 2.1? DECEMBER 09 NETOP ONDEMAND1.
Outline Network related issues and thinking for FAX Cost among sites, who has problems Analytics of FAX meta data, what are the problems  The main object.

Outline Network related issues and thinking for FAX Cost among sites, who has problems Analytics of FAX meta data, what are the problems  The main object.
CVMFS: Software Access Anywhere Dan Bradley Any data, Any time, Anywhere Project.

CVMFS: Software Access Anywhere Dan Bradley Any data, Any time, Anywhere Project.
TAM STE Series 2008 © 2008 IBM Corporation WebSEAL SSO, Session 108/2008 TAM STE Series 2008 - WebSEAL SSO, Session 1 Presented by: Andrew Quap.

TAM STE Series 2008 © 2008 IBM Corporation WebSEAL SSO, Session 108/2008 TAM STE Series WebSEAL SSO, Session 1 Presented by: Andrew Quap.
Experiences Deploying Xrootd at RAL Chris Brew (RAL)

Experiences Deploying Xrootd at RAL Chris Brew (RAL)
CSC 456 Operating Systems Seminar Presentation (11/13/2012) Leon Weingard, Liang Xin The Google File System.

CSC 456 Operating Systems Seminar Presentation (11/13/2012) Leon Weingard, Liang Xin The Google File System.
10 May 2007 HTTP - - User data via HTTP(S) Andrew McNab University of Manchester.

10 May 2007 HTTP - - User data via HTTP(S) Andrew McNab University of Manchester.
Xrootd Authentication & Authorization Andrew Hanushevsky Stanford Linear Accelerator Center 6-June-06.

Xrootd Authentication & Authorization Andrew Hanushevsky Stanford Linear Accelerator Center 6-June-06.
The Next Generation Root File Server Andrew Hanushevsky Stanford Linear Accelerator Center 27-September-2004

The Next Generation Root File Server Andrew Hanushevsky Stanford Linear Accelerator Center 27-September-2004
Computing on the Cloud Jason Detchevery March 4 th 2009.

Computing on the Cloud Jason Detchevery March 4 th 2009.

Similar presentations

Ads by Google