Install XRootD Standalone¶
XRootD is a hierarchical storage system that can be used in a variety of ways to access data, typically distributed among actual storage resources. In this document we focus on using XRootD as a simple layer exporting an underlying storage system (e.g., HDFS) to the outside world.
Note
The OSG only supports XRootD standalone installations on EL7 hosts
Before Starting¶
Before starting the installation process, consider the following points:
- User IDs: If it does not exist already, the installation will create the Linux user ID
xrootd - Service certificate: The XRootD service uses a host certificate and key pair at
/etc/grid-security/xrd/xrdcert.pemand/etc/grid-security/xrd/xrdkey.pem - Networking: The XRootD service uses port 1094 by default
As with all OSG software installations, there are some one-time (per host) steps to prepare in advance:
- Ensure the host has a supported operating system
- Obtain root access to the host
- Prepare the required Yum repositories
- Install CA certificates
Installing XRootD¶
To install XRootD, run the following Yum command:
[email protected] # yum install xrootd
Configuring XRootD¶
To configure XRootD as a standalone server, replace the contents of /etc/xrootd/xrootd-standalone.cfg as follows:
-
Add an
all.exportdirective for each directory that you wish to serve via XRootD. For example, to serve the contents of/storeand/public:all.export /store/ all.export /public/
Note
The directories specified this way are writable by default. Access controls should be managed via authorization configuration.
-
Add an
all.sitenamedirective set to the resource name of your XRootD service. For example, the XRootD service registered at the FermiGrid site should set the following configuration:all.sitename Fermilab Public DCache
Note
CMS sites should follow CMS policy for
all.sitename -
Append the following configuration to the end of
/etc/xrootd/xrootd-standalone.cfgxrd.port 1094 all.role server cms.allow host * # Logging verbosity xrootd.trace emsg login stall redirect ofs.trace -all xrd.trace conn cms.trace all xrd.report xrd-report.osgstorage.org:9931 xrootd.monitor all \ auth \ flush 30s \ window 5s fstat 60 lfn ops xfr 5 \ dest redir fstat info user xrd-report.osgstorage.org:9930 \ dest fstat info user xrd-mon.osgstorage.org:9930 xrd.network keepalive kaparms 10m,1m,5 xrd.timeout idle 60m
Configuring authorization¶
To configure XRootD authorization please follow the documentation here.
Optional configuration¶
The following configuration steps are optional and will likely not be required for setting up a small site. If you do not need any of the following special configurations, skip to the section on using XRootD.
Enabling HTTP support¶
In order to enable XRootD HTTP support please follow the instructions here
Enabling Hadoop support¶
For documentation on how to export your Hadoop storage using XRootD please see this documentation
Enabling CMS TFC support (CMS sites only)¶
For CMS users, there is a package available to integrate rule-based name lookup using a storage.xml file.
See this documentation.
Using XRootD¶
In addition to the XRootD service itself, there are a number of supporting services in your installation. The specific services are:
| Software | Service Name | Notes |
|---|---|---|
| Fetch CRL | fetch-crl-boot and fetch-crl-cron |
See CA documentation for more info |
| XRootD | [email protected] |
Start the services in the order listed and stop them in reverse order.
As a reminder, here are common service commands (all run as root):
| To … | On EL 7, run the command… |
|---|---|
| Start a service | systemctl start SERVICE-NAME |
| Stop a service | systemctl stop SERVICE-NAME |
| Enable a service to start during boot | systemctl enable SERVICE-NAME |
| Disable a service from starting during boot | systemctl disable SERVICE-NAME |
Validating XRootD¶
To validate an XRootD installation, perform the following verification steps:
-
Verify file transfer over the XRootD protocol using XRootD client tools:
-
Install the client tools:
[email protected] # yum install xrootd-client -
Copy a file to a directory for which you have write access:
[email protected] # xrdcp /bin/sh root://localhost:1094//tmp/first_test [xrootd] Total 0.76 MB [====================] 100.00 % [inf MB/s]
-
Verify that the file has been copied over:
[email protected] # ls -l /tmp/first_test -rw-r--r-- 1 xrootd xrootd 801512 Apr 11 10:48 /tmp/first_test
-
-
If you have enabled HTTP support, verify file transfer over HTTP using GFAL2 client tools:
-
Install the GFAL2 client tools:
[email protected] # yum install gfal2-util gfal2-plugin-http -
Copy a file to a directory for which you have write access:
[email protected] # gfal-copy /bin/sh http://localhost:1094//tmp/first_test -
Verify that the file has been copied over:
[email protected] # ls -l /tmp/first_test -rw-r--r-- 1 xrootd xrootd 801512 Apr 11 10:48 /tmp/first_test
-
Getting Help¶
To get assistance. please use the Help Procedure page.
Reference¶
- XRootD documentation
- Export directive in the XRootD configuration and relevant options
File locations¶
| Service/Process | Configuration File | Description |
|---|---|---|
xrootd |
/etc/xrootd/xrootd-standalone.cfg |
Main XRootD configuration |
/etc/xrootd/auth_file |
Authorized users file |
| Service/Process | Log File | Description |
|---|---|---|
xrootd |
/var/log/xrootd/server/xrootd.log |
XRootD server daemon log |
cmsd |
/var/log/xrootd/server/cmsd.log |
Cluster management log |