1 / 17

Experiences with LFC and comparison with RNS

Erwin Laure < Erwin.Laure@cern.ch > Jean-Philippe Baud < Jean-Philippe.Baud@cern.ch > Akos Frohner < Akos.Frohner@cern.ch >. Experiences with LFC and comparison with RNS. LFC Overview. LFC overview Hierarchical namespace POSIX like command line tools POSIX style permissions

josef
Download Presentation

Experiences with LFC and comparison with RNS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Erwin Laure <Erwin.Laure@cern.ch> Jean-Philippe Baud <Jean-Philippe.Baud@cern.ch> Akos Frohner <Akos.Frohner@cern.ch> Experiences with LFC andcomparison with RNS

  2. OGF GFS-WG: LFC LFC Overview • LFC overview • Hierarchical namespace • POSIX like command line tools • POSIX style permissions • Virtual users and groups • API comparison • RNS add • RNS list • RNS move • RNS query • permissions in LFC • bulk methods in LFC

  3. OGF GFS-WG: LFC LCG “File” Catalog /grid /vo /data file “Replicas” are “Copies” • The LFC stores mappings between • Users’ file names and file locations on the Grid • Stores Permissions and • Ownership • Simple metadata • Provides a hierarchical name space • Supports GSI security model • Including VOMS based ACLs • Very fine grained control • Implementation based on virtual IDs • Soon: encrypted channels • Simple DLI interface • Data Location Interface • GUID <---> Location • Integration with WMS&RBs File replica 1 LFC file name 1 … GUID File replica 2 LFC file name n … File replica m All files are “Write Once”

  4. OGF GFS-WG: LFC LFC • MySQL and ORACLE back-ends • Ensures scalability and allows small scale deployment • Read only replication of catalogue is in production(using Oracle streams)‏ • Multi-threaded C server • Supports multiple instances for load balancing • Thread-safe C clients • Python & Perl bindings • No WS interfaces (apart from DLI) • Command line interface • Supports sessions to avoid authentication costs • GSI is very expensive! • Bulk methods to reduce the number of round trips • Under test by ATLAS --> 20 times faster • Widely used in EGEE: • largest LFC instance contains 8 millions entries

  5. OGF GFS-WG: LFC How does it look ? Hierarchical namespace > lfc-ls -l /grid/dteam drwxrwxr-x 2 18947 2688 0 Jun 09 11:11 tests > lfc-ls -l /grid/dteam/tests drwxrwxr-x 2 18947 2688 0 Jun 09 11:15 tutorial > lfc-ls -l /grid/dteam/tests/tutorial drwxrwxr-x 2 18947 2688 0 Jun 09 11:19 directory1 -rw-rw-r-- 1 18947 2688 179 Jun 09 11:17 file.6008 -rw-rw-r-- 1 18947 2688 179 Jun 09 11:18 file.6009

  6. OGF GFS-WG: LFC Using LFC From a UI (as a user)‏ export LFC_HOST=mylfc.domain.name voms-proxy-init –voms myVO lfc-ls /grid/myVO lfc-mkdir /grid/myVO/test_dir lfc-rm –R /grid/myVO/test_dir lcg-cr --vo myVO –d mySE.domain.name file:/path/to/file

  7. OGF GFS-WG: LFC Permissions Permissions/ownership lfc-chmod lfc-chown (only admin can use it)‏ Virtual uid, gid lfc-ls –l … lfc-enterusrmap, lfc-modifyusrmap, lfc-listusrmap lfc-entergrpmap, lfc-modifygrpmap, lfc-listgrpmap POSIX ACLs lfc-getacl, lfc-setacl Secondary groups via VOMS groups & roles

  8. OGF GFS-WG: LFC Virtual users and groups DN: /DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=erwin/CN=589293/CN=Erwin Laure voms-proxy-init -voms dteam lfc-ls /grid/dteam/generated • no need to create pool accounts • no need to change the /etc/passwd file • faster check on ACL than with string/pattern matching on DN/FQAN Does this DN exists in Cns_userinfo? No -> create it! Does this FQAN exists in Cns_groupinfo? No -> create it! LFC daemon LFC DB DPNS DB Cns_userinfo 5428 /DC=ch/DC=cer/n../CN=589293/CN=Erwin Laure Cns_groupinfo 105 dteam

  9. OGF GFS-WG: LFC Comparison Overview • LFC overview • Hierarchical namespace • POSIX like command line tools • POSIX style permissions • Virtual users and groups • API comparison • RNS add • RNS list • RNS move • RNS query • permissions • performance improvements

  10. OGF GFS-WG: LFC API: add • RNS: • add (string: entry_name, EndpointReferenceType: entry_reference)‏ • LFC: • lfc_mkdir (string path, mode_t)‏ • lfc_mkdirg (string path, string guid, mode_t)‏ • lfc_creatg (string path, string guid, mode_t)‏ • lfc_addreplica (string path, ...)‏ • lfc_symlink (string srcpath, string dstpath)‏ • ... • /rns:add/entry_name ~ LFN • /rns:add/entry_reference ~ replica or symlink • RNS is missing the detailed attributes of the replicas.

  11. OGF GFS-WG: LFC API: list • RNS: • list(string: entry_name_regexp)‏ • LFC: • lfc_DIR lfc_opendir...(string path)‏ • dirent lfc_readdir... (lfc_DIR)‏ • lfc_readdirc (), lfc_readdirg(), lfc_readdirx ()‏ • lfc_readdirxc (), lfc_readdirxp (), lfc_readdirxr ()‏ • lfc_rewinddir (lfc_DIR)‏ • lfc_closedir (lfc_DIR)‏ • lfc_filereplica lfc_listreplica (string, string, int, lfc_list)‏ • lfc_filereplica lfc_listreplicax (string, string, string, int, lfc_list)‏ • lfc_filereplicax lfc_listrepset (string, int, lfc_list)‏ • The problematic part is listing directories recursively.

  12. OGF GFS-WG: LFC API: move • RNS: • move (EndpointReferenceType: parent, string: entry_name)‏ • LFC: • lfc_rename(string src, string dst)‏

  13. OGF GFS-WG: LFC API: query • RNS: • query()‏ • LFC: • lfc_stat (string path, lfc_filestat)‏ • lfc_statg (), lfc_statr (), lfc_statx (), lfc_lstat()‏ • lfc_getlinks (string, string, int *, struct lfc_linkinfo[])‏ • lfc_getreplica (string, string, string, int *, struct lfc_filereplica[])‏ • lfc_getreplicas (int, string[], string, int *, lfc_filereplicas[])‏ • lfc_getreplicasl (int, string[], string, int *, lfc_filereplicas[])‏ • lfc_getreplicax (string, string, string, int *, lfc_filereplicax[])‏ • The attributes of a namespace entry should be defined, allowing specialized queries and lookups.

  14. OGF GFS-WG: LFC API: remove • RNS: • remove (string: entry_name_regexp)‏ • LFC: • lfc_unlink (string)‏ • lfc_undelete (string)‏ • lfc_delcomment (string)‏ • lfc_delete (string)‏ • lfc_delfilesbyguid (int, string[], int, int *, int **)‏ • lfc_delfilesbyname (int, string[], int, int *, int **)‏ • lfc_delfilesbypattern (string, string, int, int *, struct lfc_filestatus **)‏ • lfc_delreplica (string, struct lfc_fileid *, string)‏ • lfc_delreplicas (int, string[], string, int *, int **)‏ • lfc_rmdir (string)‏

  15. OGF GFS-WG: LFC API: performance improvements • LFC: • bulk methods: cuts the round-trip timelfc_delreplicas(), lfc_delfilesbyguid(), lfc_delfilesbyname(), lfc_delfilesbypattern(), lfc_getreplicas(), lfc_getreplicasl() • session: cuts the authentication timelfc_startsess(), lfc_endsess() • transactions: cuts the authentication time, and provides roll-back for complex changeslfc_starttrans(), lfc_aborttrans(), lfc_endtrans()‏

  16. OGF GFS-WG: LFC API: permissions • Posix style permission with grid credentials: • lfc_access (string path, int)‏ • lfc_chmod (string path, mode_t)‏ • lfc_chown (string path, uid_t, gid_t)‏ • lfc_getacl (string path, int nentries, lfc_acl[])‏ • lfc_setacl (string path, int nentries, lfc_acl[])‏ • Virtual users and groups (mapping to Posix numbers): • lfc_entergrpmap (gid_t, string) lfc_getgrpbynam (string, gid_t *) • lfc_getgrpbygid (gid_t, string) lfc_getgrpbygids (int, gid_t *, string[]) • lfc_getgrpmap (int *, struct lfc_groupinfo **)‏ • lfc_modifygrpmap (gid_t, string) lfc_rmgrpmap (gid_t, string)‏ • lfc_enterusrmap (uid_t, string) lfc_getusrbynam (string, uid_t *) lfc_getusrbyuid (uid_t, string)‏ • lfc_getusrmap (int *, struct lfc_userinfo **)‏ • lfc_modifyusrmap (uid_t, string) lfc_rmusrmap (uid_t, string)‏

  17. OGF GFS-WG: LFC Documentation Main LFC/DPM documentation page https://twiki.cern.ch/twiki/bin/view/LCG/DataManagementTop LFC Admin Guide https://twiki.cern.ch/twiki/bin/view/LCG/LfcAdminGuide Troubleshooting page https://twiki.cern.ch/twiki/bin/view/LCG/LfcTroubleshooting

More Related