A list of the various LCLS, LCLS-II, FACET, and Test Facilities gateways managed by EED Systems Group.
Name | Purpose | PVs served | Host | CAS port | Beacon Port | Beacon sent to | Document/Comment |
LCLS | |||||||
gwEbeamServe | Serving LCLS PVs (Ebeam) to Photon | Readonly Write for selected PVs | lcls-daemon3 | 5080 | 5081 | 172.21.40.63 (Photon Gateway Subnet) | Allow all Deny OTRS:DMP1:695:.* |
gwEbeamServeWF | Serving LCLS PVs (Ebeam) to Photon | Readonly Write for selected PVs | lcls-daemon3 | 5079 | 5081 | 172.21.40.63 (Photon Gateway Subnet) | Deny all Allow OTRS:DMP1:695:.* (dedicated to serve XTCAV OTRDMP camera image PV) |
gwLCLS4FACET | Serving LCLS PVs to FACET | Readonly | lcls-daemon10 | 5070 | 5069 | 172.27.75.255 (FACETCA) | |
gwLCLS4LCLSII | Serving LCLS PVs to LCLS-II | Read and Write | lcls-daemon10 | 5060 | 5069 | 172.27.131.255 ( LCLS2IOC) and 172.27.11.255 (MCCSRV | |
gwLCLSPUB | Serving LCLS PVs to public | Readonly | lcls-prod01 | 5068 | 5069 | 134.79.151.255 (DMZ) | |
gwLCLSARCH0 | Serving LCLS and LCLS-II PVs to Archiver on DMZ | Readonly | lcls-prod01 | 5076 | 5069 | 134.79.151.255 (DMZ) | .* ALLOW (default) Deny a list refer gwLCLSARCH*.dat
|
gwLCLSARCH1 | Serving LCLS and LCLS-II PVs to Archiver on DMZ | Readonly | lcls-prod01 | 5077 | 5069 | 134.79.151.255 (DMZ) | .* DENY Allow portion in the list refer gwLCLSARCH*.dat |
gwLCLSARCH2 | Serving LCLS and LCLS-II PVs to Archiver on DMZ | Readonly | lcls-prod01 | 5078 | 5069 | 134.79.151.255 (DMZ) | .* DENY Allow portion in the list refer gwLCLSARCH*.dat |
gwLCLSARCH3 | Serving LCLS and LCLS-II PVs to Archiver on DMZ | Readonly | lcls-prod01 | 5079 | 5069 | 134.79.151.255 (DMZ) | .* DENY Allow portion in the list refer gwLCLSARCH*.dat |
LCLS-II | |||||||
gwLCLSII4LCLS | Serving LCLS-II PVs to LCLS | Read and Write | lcls2-daemon10 | 5060 | 5069 | 172.27.3.255 ( LCLSIOC) and 172.27.11.255 (MCCSRV) | |
FACET | |||||||
gwFACET4LCLS | Serving FACET PVs to LCLS | Readonly | facet-daemon1 | 5070 | 5069 | 172.27.11.255 (LCLSCA) | |
gwFACETPUB | Serving FACET PVs to public | Readonly | lcls-prod01 | 5063 | 5069 | 134.79.151.255 (DMZ) | Design |
gwEXP2FACET | Serving Fedora based PCOEdge Camera PVs in B244 to FACET controls | Readonly Write allowed from facet-srv20 to slac-dev-fed | lcls-prod01 | 5062 | 5069 | facet-srv*: 172.27.72.28 172.27.72.22 172.27.72.23 | Not in use currently |
gwFACETARCH | Serving FACET PVs to Archiver on DMZ | Readonly | lcls-prod01 | 5075 | 5069 | 134.79.151.255 (DMZ) | Allow all
|
Test Facilities | |||||||
gwACCTESTPUB | Serving Test Facilities PV to public | Readonly | testfac-daemon2 | 5048 | 5049 | 134.79.219.255 (LCLSDEV) | doc |
Cryo | |||||||
gwEbeamServe:
/etc/init.d/st.gwEbeamServe
on lcls-daemon3 to use CMDPATH=/usr/local/lcls/tools/gateway/script/st.gwEbeamServe64
Restart gateway:
[laci@lcls-daemon3]$ /etc/init.d/st.gwEbeamServe restart |
OTRS:DMP1:695:*
PVs can be seen from Photon/PCDS subnet clients.
gwEbeamServeWF:
/etc/init.d/st.gwEbeamServeWF
on lcls-daemon3 to use CMDPATH=/usr/local/lcls/tools/gateway/script/st.gwEbeamServeWF64
Restart gateway:
[laci@lcls-daemon3]$ /etc/init.d/st.gwEbeamServeWF restart |
OTRS:DMP1:695:*
PVs can be seen from Photon/PCDS subnet clients.gwLCLS4FACET:
/etc/init.d/st.gwLCLS4FACET
on lcls-daemon10 to use CMDPATH=/usr/local/lcls/tools/gateway/script/st.gwLCLS4FACET64
Restart gateway:
[laci@lcls-daemon10]$ /etc/init.d/st.gwLCLS4FACET restart |
gwLCLS4LCLSII:
/etc/init.d/st.gwLCLS4LCLSII
on lcls-daemon10 to use CMDPATH=/usr/local/lcls/tools/gateway/script/st.gwLCLS4LCLSII_64
Restart gateway:
[laci@lcls-daemon10]$ /etc/init.d/st.gwLCLS4LCLSII restart |
gwLCLSPUB:
/etc/init.d/st.gwLCLSPUB
on lcls-prod01 to use CMDPATH=/afs/slac/g/lcls/tools/gateway/script/st.gwLCLSPUB64
Restart gateway:
[laci@lcls-prod01]$ /etc/init.d/st.gwLCLSPUB restart |
lclshome
on LCLSDEV/LCLSDMZ nodes (e.g., mcclogin).gwLCLSARCH0:
Archiver Gateways should be stopped and restarted one at a time to independently verify that ACLs are working properly. |
/etc/init.d/st.gwLCLSARCH0
on lcls-prod01 to use CMDPATH=/afs/slac/g/lcls/tools/gateway/script/st.gwLCLSARCH0_64
Restart gateway:
[laci@lcls-prod01]$ /etc/init.d/st.gwLCLSARCH0 restart |
lcls-home->Network (Global)->PV Gateway Diag
Check /nfs/slac/g/lcls/tools/gateway/gwEbeamServe.log
Verify that the following PV patterns are archived in the LCLS Archiver according to the permissions below:
[laci@lcls-prod01]$ cat $TOOLS/gateway/config/gwLCLSARCH0.dat ... # allow everthing, deny patterns EVALUATION ORDER ALLOW, DENY .* ALLOW ^[A-Za-z0-9]+:UND1:.* DENY ^[A-Za-z0-9]+:LTU1:.* DENY ^[A-Za-z0-9]+:LTU0:.* DENY ^[A-Za-z0-9]+:DMP1:.* DENY ^[A-Za-z0-9]+:IN20:.* DENY ^[A-Za-z0-9]+:BSY0:.* DENY ^[A-Za-z0-9]+:BSYA:.* DENY ^[A-Za-z0-9]+:MCC0:.* DENY ^[A-Za-z0-9]+:SYS0:.* DENY ^[A-Za-z0-9]+:LR20:.* DENY ^[A-Za-z0-9]+:NEH:.* DENY ^[A-Za-z0-9]+:NEH1:.* DENY ^[A-Za-z0-9]+:FEH:.* DENY ^[A-Za-z0-9]+:FEH1:.* DENY ^[A-Za-z0-9]+:FEE1:.* DENY ^[A-Za-z0-9]+:SYS2:.* DENY ^[A-Za-z0-9]+:CLTH:.* DENY ^[A-Za-z0-9]+:GUNB:.* DENY ^[A-Za-z0-9]+:LGUN:.* DENY ^[A-Za-z0-9]+:ALH2:.* DENY ^[A-Za-z0-9]+:ALH0:.* DENY ^[A-Za-z0-9]+:ACR0:.* DENY ^[A-Za-z0-9]+:GBL0:.* DENY ^[A-Za-z0-9]+:R02:.* DENY ^[A-Za-z0-9]+:XRT1:.* DENY |
gwLCLSARCH1:
Archiver Gateways should be stopped and restarted one at a time to independently verify that ACLs are working properly. |
/etc/init.d/st.gwLCLSARCH1
on lcls-daemon10 to use CMDPATH=/afs/slac/g/lcls/tools/gateway/script/st.gwLCLSARCH
1_64
Restart gateway:
[laci@lcls-prod01]$ /etc/init.d/st.gwLCLSARCH1 restart |
Verify that the following PV patterns are archived in the LCLS Archiver according to the permissions below:
[laci@lcls-prod01]$ cat $TOOLS/gateway/config/gwLCLSARCH1.dat ... # deny everything, allow the patterns # For every allow pattern here, we should have a deny pattern in gwLCLSARCH0.dat; otherwise we'll get duplicate PVs EVALUATION ORDER DENY, ALLOW .* DENY ^[A-Za-z0-9]+:UND1:.* ALLOW ^[A-Za-z0-9]+:LTU1:.* ALLOW ^[A-Za-z0-9]+:LTU0:.* ALLOW ^[A-Za-z0-9]+:DMP1:.* ALLOW ^[A-Za-z0-9]+:IN20:.* ALLOW ^[A-Za-z0-9]+:BSY0:.* ALLOW ^[A-Za-z0-9]+:BSYA:.* ALLOW GWLCLSARCH1:.* ALLOW |
gwLCLSARCH2:
Archiver Gateways should be stopped and restarted one at a time to independently verify that ACLs are working properly. |
/etc/init.d/st.gwLCLSARCH2
on lcls-prod01 to use CMDPATH=/afs/slac/g/lcls/tools/gateway/script/st.gwLCLSARCH
2_64
Restart gateway:
[laci@lcls-prod01]$ /etc/init.d/st.gwLCLSARCH2 restart |
Verify that the following PV patterns are archived in the LCLS Archiver according to the permissions below:
[laci@lcls-prod01]$ cat $TOOLS/gateway/config/gwLCLSARCH2.dat ... # deny everything, allow the patterns # For every allow pattern here, we should have a deny pattern in gwLCLSARCH0.dat; otherwise we'll get duplicate PVs EVALUATION ORDER DENY, ALLOW .* DENY ^[A-Za-z0-9]+:MCC0:.* ALLOW ^[A-Za-z0-9]+:SYS0:.* ALLOW ^[A-Za-z0-9]+:LR20:.* ALLOW ^[A-Za-z0-9]+:NEH:.* ALLOW ^[A-Za-z0-9]+:NEH1:.* ALLOW ^[A-Za-z0-9]+:FEH:.* ALLOW ^[A-Za-z0-9]+:FEH1:.* ALLOW ^[A-Za-z0-9]+:FEE1:.* ALLOW ^[A-Za-z0-9]+:ALH0:.* ALLOW ^[A-Za-z0-9]+:ACR0:.* ALLOW ^[A-Za-z0-9]+:GBL0:.* ALLOW ^[A-Za-z0-9]+:R02:.* ALLOW ^[A-Za-z0-9]+:XRT1:.* ALLOW GWLCLSARCH2:.* ALLOW |
gwLCLSARCH3:
Archiver Gateways should be stopped and restarted one at a time to independently verify that ACLs are working properly. |
/etc/init.d/st.gwLCLSARCH3
on lcls-daemon10 to use CMDPATH=/afs/slac/g/lcls/tools/gateway/script/st.gwLCLSARCH3_64
Restart gateway:
[laci@lcls-prod01]$ /etc/init.d/st.gwLCLSARCH3 restart |
Verify that the following PV patterns are archived in the LCLS Archiver according to the permissions below:
[laci@lcls-prod01]$ cat $TOOLS/gateway/config/gwLCLSARCH3.dat ... # deny everything, allow the patterns # For every allow pattern here, we should have a deny pattern in gwLCLSARCH0.dat; otherwise we'll get duplicate PVs EVALUATION ORDER DENY, ALLOW .* DENY ^[A-Za-z0-9]+:SYS2:.* ALLOW ^[A-Za-z0-9]+:CLTH:.* ALLOW ^[A-Za-z0-9]+:GUNB:.* ALLOW ^[A-Za-z0-9]+:LGUN:.* ALLOW ^[A-Za-z0-9]+:ALH2:.* ALLOW GWLCLSARCH3:.* ALLOW |
gwLCLSII4LCLS:
/etc/init.d/st.gwLCLSII4LCLS
on lcls2-daemon10 to use CMDPATH=/usr/local/lcls/tools/gateway/script/st.gwLCLSII4LCLS64
Restart gateway:
[laci@lcls2-daemon10]$ /etc/init.d/st.gwLCLSII4LCLS restart |
Verify that LCLS2IOC subnet PVs are readable and writable from LCLSIOC subnet clients.
gwFACET4LCLS:
/etc/init.d/st.gwFACET4LCLS
on facet-daemon1 to use CMDPATH=/usr/local/facet/tools/gateway/script/st.gwFACET4LCLS64
Restart gateway:
[flaci@facet-daemon1]$ /etc/init.d/st.gwFACET4LCLS restart |
gwFACETPUB:
/etc/init.d/st.gwFACETPUB
on lcls-prod01 to use CMDPATH=/afs/slac/g/lcls/tools/gateway/script/st.gwFACETPUB64
Restart gateway:
[laci@lcls-prod01]$ /etc/init.d/st.gwFACETPUB restart |
facethome
on LCLSDEV/LCLSDMZ nodes (e.g., mcclogin).
gwEXP2FACET:
/etc/init.d/st.gwEXP2FACET
on lcls-prod01 to use CMDPATH=/usr/local/lcls/tools/gateway/script/st.gwEXP2FACET64
Restart gateway:
[laci@lcls-prod01]$ /etc/init.d/st.gwEXP2FACET restart |
gwEXP2FACET not currently in use. |
gwFACETARCH:
/etc/init.d/st.gwFACETARCH
on lcls-daemon10 to use CMDPATH=/usr/local/lcls/tools/gateway/script/st.gwFACETARCH64
Restart gateway:
[laci@lcls-prod01]$ /etc/init.d/st.gwFACETARCH restart |
Verify that the following PV patterns are archived in the FACET Archiver according to the permissions below:
[laci@lcls-prod01]$ cat $TOOLS/gateway/config/gwFACETARCH.dat ... # support the gateway internal statistics # Serve all FACET PVs .* ALLOW |
gwACCTESTPUB:
/etc/init.d/st.gwACCTESTPUB
on testfac-daemon2 to use CMDPATH=/afs/slac/g/acctest/tools/gateway/script/st.gwACCTESTPUB64
Restart gateway:
[acctf@testfac-daemon2]$ /etc/init.d/st.gwACCTESTPUB restart |
xtahome
on LCLSDEV/LCLSDMZ nodes (e.g., mcclogin).gwCRYO4LCLS:
/etc/init.d/st.gwCRYO4LCLS
on cryo-daemon1 to use CMDPATH=/usr/local/lcls/tools/gateway/script/st.gwCRYO4LCLS64
Restart gateway:
[laci@cryo-daemon1]$ /etc/init.d/st.gwCRYO4LCLS restart |
Related articles appear here based on the labels you select. Click to edit the macro and add or change labels.
|