Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
cta
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Container registry
Harbor Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
dCache
cta
Commits
7c4234cd
Commit
7c4234cd
authored
7 years ago
by
Michael Davis
Browse files
Options
Downloads
Patches
Plain Diff
Documents ObjectStore configuration
parent
8df96f2d
Branches
Branches containing commit
Tags
Tags containing commit
No related merge requests found
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
doc/latex/CTA_Admin_Install.tex
+107
-26
107 additions, 26 deletions
doc/latex/CTA_Admin_Install.tex
with
107 additions
and
26 deletions
doc/latex/CTA_Admin_Install.tex
+
107
−
26
View file @
7c4234cd
...
...
@@ -143,35 +143,126 @@ Section~\ref{compile_cta_from_source}
To install CTA from previously-built artifacts:
\begin{lstlisting}
# yum-config-manager --enable cta-artifacts
# yum-config-manager --enable ceph
# yum -y install cta-objectstore-tools cta-doc mt-st mtx lsscsi sg3
_
utils
\
cta-catalogueutils ceph-common
# yum -y install cta-catalogueutils cta-debuginfo cta-doc cta-frontend
\
cta-objectstore-tools mt-st mtx lsscsi sg3
_
utils
# yum clean packages
\end{lstlisting}
To install CTA from RPMs built in Section~
\ref
{
compile
_
cta
_
from
_
source
}
:
\begin{lstlisting}
# yum -y install RPM/RPMS/x86
_
64/cta-*
\end{lstlisting}
\section
{
Configure ObjectStore
}
\subsection
{
Configuration for a test system
}
In a test system, configure the ObjectStore as a Virtual File System (VFS). Initialise the new ObjectStore VFS and set
global
\texttt
{
rwx
}
permissions:
\begin{lstlisting}
# ~/CTA/objectstore/cta-objectstore-initialize
New object store path: file:///tmp/jobStoreVFSUaHSAk
# chmod -R 0777 /tmp/jobStoreVFSUaHSAk/
\end{lstlisting}
Then create environment variables to store the type and location of the new ObjectStore:
\begin{lstlisting}
# export OBJECTSTORETYPE=file
# export OBJECTSTOREURL=file:///tmp/jobStoreVFSUaHSAk
\end{lstlisting}
%Now we need to add it as a configuration parameter in the \texttt{castor.conf}, as in the following example:
%\begin{lstlisting}
%TapeServer ObjectStoreBackendPath /tmp/jobStoreVFSOKJCjW
%\end{lstlisting}
\subsection
{
Configuration for a production system
}
In a production system, configure the ObjectStore to use Ceph. To install Ceph:
\begin{lstlisting}
# yum-config-manager --enable ceph
# yum -y install ceph-common
\end{lstlisting}
Create
\texttt
{
/etc/ceph/ceph.conf
}
with the following contents:
\begin{lstlisting}
[global]
mon host = cephmond.cern.ch:6790
\end{lstlisting}
Create
\texttt
{
/etc/ceph/ceph.client.cta-id.keyring
}
with the following contents:
\begin{lstlisting}
[client.cta-id]
key = KEY
caps mon = "allow r"
caps osd = "allow rwx pool=cta-tapepool namespace=cta-ns"
\end{lstlisting}
Then create environment variables to store the type and location of the new ObjectStore:
\begin{lstlisting}
export OBJECTSTORETYPE=ceph
export OBJECTSTOREURL=rados://cta-id@cta-tapepool:cta-ns
export OBJECTSTORENAMESPACE=cta-ns
export OBJECTSTOREID=cta-id
export OBJECTSTOREPOOL=cta-tapepool
\end{lstlisting}
\section
{
Install CTA Front-end
}
Installing RPMs doesn't install cta-frontend. That is done in the script:
https://gitlab.cern.ch/cta/CTA/blob/master/continuousintegration/docker/ctafrontend/cc7/opt/run/bin/ctafrontend.sh
\section
{
Set up the objectstore VFS backend
}
First we create the new objectstore VFS backend using a simple executable:
\begin{verbatim}
$
<cta
_
build
_
dir>
/
objectstore
/
cta
-
objectstore
-
initialize
\end
{
verbatim
}
This command will return the newly created path to the VFS backend. Now we give it full permissions:
\begin
{
verbatim
}
$
chmod -R 0777 <result
_
dir
_
of
_
previous
_
cmd>
\end{verbatim}
Now we need to add it as a configuration parameter in the
\texttt
{
castor.conf
}
, as in the following example:
\begin{verbatim}
TapeServer ObjectStoreBackendPath /tmp/jobStoreVFSOKJCjW
\end{verbatim}
\subsection
{
Kubernetes ctafrontend.sh
}
\begin{lstlisting}
yes | cp -r /opt/ci/ctafrontend/etc /
/opt/run/bin/init
_
objectstore.sh
. /tmp/objectstore-rc.sh
echo "ObjectStore BackendPath
$
OBJECTSTOREURL" >
/
etc
/
cta
/
cta
-
frontend.conf
echo "Catalogue NumberOfConnections
1
" >>
/
etc
/
cta
/
cta
-
frontend.conf
echo "Log URL file:
/
cta
-
frontend.log" >>
/
etc
/
cta
/
cta
-
frontend.conf
/
opt
/
run
/
bin
/
init
_
database.sh
.
/
tmp
/
database
-
rc.sh
echo
${
DATABASEURL
}
>/etc/cta/cta
_
catalogue
_
db.conf
# Create user cta early so that we can set file ownership correctly
useradd cta
# EOS INSTANCE NAME used as username for SSS key
EOSINSTANCE=ctaeos
# Create SSS key for ctafrontend, must be forwardable in kubernetes realm
echo y | xrdsssadmin -k ctafrontend+ -u
${
EOSINSTANCE
}
-
g cta add
/
etc
/
ctafrontend
_
SSS
_
s.keytab
# copy it in the client file that contains only one SSS
cp
/
etc
/
ctafrontend
_
SSS
_
s.keytab
/
etc
/
ctafrontend
_
SSS
_
c.keytab
chmod
600
/
etc
/
ctafrontend
_
SSS
_
s.keytab
/
etc
/
ctafrontend
_
SSS
_
c.keytab
chown cta
/
etc
/
ctafrontend
_
SSS
_
s.keytab
/
etc
/
ctafrontend
_
SSS
_
c.keytab
sed
-
i 's|.
*
sec.protocol sss.
*
|sec.protocol sss
-
s
/
etc
/
ctafrontend
_
SSS
_
s.keytab
-
c
/
etc
/
ctafrontend
_
SSS
_
c.keytab|'
/
etc
/
xrootd
/
xrootd
-
cta.cfg
sed
-
i 's|.
*
sec.protocol unix.
*
|#sec.protocol unix|'
/
etc
/
xrootd
/
xrootd
-
cta.cfg
# Hack the default xrootd
-
cta.cfg provided by the sources
sed
-
i 's|.
*
sec.protocol krb
5
.
*
|sec.protocol krb
5
/
etc
/
cta
-
frontend.keytab cta
/
cta
-
frontend@TEST.CTA|'
/
etc
/
xrootd
/
xrootd
-
cta.cfg
# Allow only SSS and krb
5
for frontend
sed
-
i 's|
^
sec.protbind .
*
|sec.protbind
*
only sss krb
5
|'
/
etc
/
xrootd
/
xrootd
-
cta.cfg
# Wait for the keytab file to be pushed in by the creation script.
echo
-
n "Waiting for
/
etc
/
cta
-
frontend.keytab"
for
((
;;
))
; do test
-
e
/
etc
/
cta
-
frontend.keytab
&&
break; sleep
1
; echo
-
n .; done
echo OK
touch
/
cta
-
frontend.log
chmod a
+
w
/
cta
-
frontend.log
tail
-
F
/
cta
-
frontend.log
&
echo "Launching frontend"
runuser
--
shell
=
'
/
bin
/
bash'
--
session
-
command
=
'cd ~cta; xrootd
-
n cta
-
c
/
etc
/
xrootd
/
xrootd
-
cta.cfg
-
I v
4
' cta
echo "frontend died"
sleep infinity
\end
{
lstlisting
}
\section
{
Ceph
}
...
...
@@ -238,16 +329,6 @@ https://gitlab.cern.ch/cta/CTA/blob/master/continuousintegration/docker/ctafront
here is what I understood:
\subsection
{
1/ Config file for the object store:
}
\begin{verbatim}
[root@ctafrontend ~]# cat /tmp/objectstore-rc.sh
export OBJECTSTORENAMESPACE=cta-vlado
export OBJECTSTOREID=cta-vlado
export OBJECTSTOREPOOL=tapetest
export OBJECTSTORETYPE=ceph
export OBJECTSTOREURL=rados://cta-vlado@tapetest:cta-vlado
\end{verbatim}
\subsection
{
2
/
Config file for the DB:
}
\begin
{
verbatim
}
[
root@ctafrontend ~
]
# cat
/
tmp
/
database
-
rc.sh
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment