You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 26 Next »

Xrootd Servers

 

typehostalias
system testsfermilnx-v07

glast-xrootd01

redirectorfermilnx-v02, fermilnx-v12glast-rdr
test redirectorfermilnx-v03, fermilnx-v06glast-test-rdr
proxyfermilnx-v06glast-xrd-xfer

For the Fermi servers see: NFS/GPFS and Xroot Disk Allocations

Server Setup

  • Outage for XrootD redirector

Authentication and Authorization

Access to the Fermi Xrootd cluster requires the users authentication. The authentication and authorization is based on the users name and uses the xrootd unix-authentication module. The authorization information, which directory path a user can read from and write to, is kept in a file that a xrootd server reads and periodically checks for updates. 

  • All Fermi users have read access to all files
  • Special productions accounts (glast, glastraw,...) have write access (to all path, including the science-group directories)
  • Science groups directories in /glast/ScienceGroups/<groupName> are writeable by all users that are associated with this group
  • There are a few extra non-Fermi users that have read access granted (for example myself)

The authorization file is created in two steps:

  1. The first step is a cron job that creates the auth-file from the fermi users list and the list of users in the science groups.
    The program ScaAuthfileUpdate creates the auth-file and runs as a trscrontab (as wilko).
  2. Each data server runs a cron job that  updates the local auth-file that xrootd uses if the master file (from step 1) has been updated.

Tasks

  • No labels