Users/Service Manager Guide
- Thomas, Jyothish (STFC,RAL,SC)
Systemd Services
xrootd@unified - main xrootd service. handles all file and metadata operations excluding third party copy (due to technical limitations)
xrootd@tpc - service handling third party copy
Log Locations
/var/log/xrootd/unified/xrootd.log - main xrootd log file
/var/log/xrootd/tpc/xrootd.log - tpc logs
Protocols
RAL supports 2 protocols: root:// and davs://
Clients
main clients used by xrootd are xrdclient and gfal.
prot:// can be root:// or davs://
| transfer (read/write) | remove | stat |
|---|---|---|---|
xrd | xrdcp prot://endpoint_url:1094//pool_name/path localfile | xrdfs prot://endpoint_url:1094 rm /pool_name/path | xrdfs prot://endpoint_url:1094 stat /pool_name/path |
gfal | gfal-copy prot://endpoint_url:1094//pool_name/path localfile | gfal-rm prot://endpoint_url:1094//pool_name/path | gfal-stat prot://endpoint_url:1094//pool_name/path |
Useful pages for monitoring
xrootd functional test results icinga
kibana dashboard for WN/tranche IOPS monitoring
Echo storage node IOPS (per generation)
Authorization
Production gateways use gsi authentication (x509 certificates) with VOMS-based groupings.
Test gateways can be assigned to unix authentication where authorisation is given based on username only.
Configuration options and docs
https://xrootd.slac.stanford.edu/docs.html
Host configuration management
Hosts are configured using aquilon:
https://stfc.atlassian.net/wiki/spaces/CI/pages/24576130
Access to ceph storage backend
The following files need to be present in addition to the xrootd configuration for the gateway to access the ceph backend.
[root@echo-manager01 ~]# ls /etc/ceph/
ceph.client.admin.keyring ceph.client.monitoring.keyring ceph.conf
ceph.client.gridftp.keyring ceph.client.xrootd.keyring rbdmap