Xrootd Servers
| type | host | alias |
|---|---|---|
| system tests | fermilnx-v07 | glast-xrootd01 |
| redirector | fermilnx-v02, fermilnx-v12 | glast-rdr |
| test redirector | fermilnx-v03, fermilnx-v06 | glast-test-rdr |
| proxy | fermilnx-v06 | glast-xrd-xfer |
For the Fermi servers see: NFS/GPFS and Xroot Disk Allocations
Server Setup
- Outage for XrootD redirector
Authentication and Authorization
Access to the Fermi Xrootd cluster requires the users authentication. The authentication and authorization is based on the users name and uses the xrootd unix-authentication module. The authorization information, which directory path a user can read from and write to, is kept in a file that a xrootd server reads and periodically checks for updates.
- All Fermi users have read access to all files
- Special productions accounts (glast, glastraw,...) have write access (to all path, including the science-group directories)
- Science groups directories in /glast/ScienceGroups/<groupName> are writeable by all users that are associated with this group
- There are a few extra non-Fermi users that have read access granted (for example myself)
The authorization file is created in two steps:
- The first step is a cron job that creates the auth-file from the fermi users list and the list of users in the science groups.
The program ScaAuthfileUpdate creates the auth-file and runs as a trscrontab (as wilko). - Each data server runs a cron job that updates the local auth-file that xrootd uses if the master file (from step 1) has been updated.
Tasks
Overview
Content Tools