LCG-2 Data Management and Interoperability

Document Sample
LCG-2 Data Management and Interoperability Powered By Docstoc
					                                       Enabling Grids for E-sciencE




                  Experiences with LFC and
                  comparison with RNS

                  Erwin Laure <Erwin.Laure@cern.ch>
                  Jean-Philippe Baud <Jean-Philippe.Baud@cern.ch>
                  Akos Frohner <Akos.Frohner@cern.ch>



www.eu-egee.org


INFSO-RI-508833
                                                 LFC Overview
                  Enabling Grids for E-sciencE



   • LFC overview
      • Hierarchical namespace
      • POSIX like command line tools
      • POSIX style permissions
      • Virtual users and groups
   • API comparison
      • RNS add
      • RNS list
      • RNS move
      • RNS query
      • permissions in LFC
      • bulk methods in LFC



INFSO-RI-508833                                     OGF GFS-WG: LFC   2
                                                               LCG “File” Catalog
                        Enabling Grids for E-sciencE


  •   The LFC stores mappings between                                    “Replicas” are “Copies”
       –   Users’ file names and file locations on the Grid
       –   Stores Permissions and
       –   Ownership                 LFC file name 1                                     File replica 1
       –   Simple metadata                 …                        GUID
                                                                                         File replica 2
                                             LFC file name n                                   …
                                                                 /grid                   File replica m
  •   Provides a hierarchical name space
  •   Supports GSI security model                                    /vo
       – Including VOMS based ACLs
                                                                          /data
             Very fine grained control
             Implementation based on virtual IDs                            file
       – Soon: encrypted channels
  •   Simple DLI interface
       – Data Location Interface
       – GUID <---> Location
       – Integration with WMS&RBs                                All files are “Write Once”

INFSO-RI-508833                                                                     OGF GFS-WG: LFC       3
                                                                              LFC
                      Enabling Grids for E-sciencE



   • MySQL and ORACLE back-ends
        – Ensures scalability and allows small scale deployment
        – Read only replication of catalogue is in production
          (using Oracle streams)
   • Multi-threaded C server
        – Supports multiple instances for load balancing
   • Thread-safe C clients
        – Python & Perl bindings
        – No WS interfaces (apart from DLI)
        – Command line interface
   • Supports sessions to avoid authentication costs
        – GSI is very expensive!
   • Bulk methods to reduce the number of round trips
        – Under test by ATLAS --> 20 times faster
   • Widely used in EGEE:
        – largest LFC instance contains 8 millions entries
INFSO-RI-508833                                                   OGF GFS-WG: LFC   4
                                                          How does it look ?
                     Enabling Grids for E-sciencE




   • Hierarchical namespace
        > lfc-ls -l /grid/dteam
        drwxrwxr-x 2 18947                     2688   0   Jun 09 11:11 tests


        > lfc-ls -l /grid/dteam/tests
        drwxrwxr-x 2 18947 2688                       0   Jun 09 11:15 tutorial


        > lfc-ls -l /grid/dteam/tests/tutorial
        drwxrwxr-x 2 18947 2688 0              Jun 09 11:19 directory1
        -rw-rw-r-- 1 18947 2688 179 Jun 09 11:17 file.6008
        -rw-rw-r-- 1 18947 2688 179 Jun 09 11:18 file.6009




INFSO-RI-508833                                                         OGF GFS-WG: LFC   5
                                                                  Using LFC
                         Enabling Grids for E-sciencE




   • From a UI (as a user)
                 export LFC_HOST=mylfc.domain.name
                 voms-proxy-init –voms myVO
                 lfc-ls /grid/myVO
                 lfc-mkdir /grid/myVO/test_dir
                 lfc-rm –R /grid/myVO/test_dir
                 lcg-cr --vo myVO –d mySE.domain.name file:/path/to/file




INFSO-RI-508833                                                    OGF GFS-WG: LFC   6
                                                        Permissions
                      Enabling Grids for E-sciencE



   • Permissions/ownership
              lfc-chmod
              lfc-chown (only admin can use it)


   • Virtual uid, gid
              lfc-ls –l …
              lfc-enterusrmap, lfc-modifyusrmap, lfc-listusrmap
              lfc-entergrpmap, lfc-modifygrpmap, lfc-listgrpmap


   • POSIX ACLs
              lfc-getacl, lfc-setacl
   • Secondary groups via VOMS groups & roles


INFSO-RI-508833                                             OGF GFS-WG: LFC   7
                                                          Virtual users and groups
                           Enabling Grids for E-sciencE



    DN: /DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=erwin/CN=589293/CN=Erwin Laure

                   voms-proxy-init -voms dteam

                   lfc-ls /grid/dteam/generated


                                Does this DN exists                          • no need to create pool
                                in Cns_userinfo?                               accounts
            LFC                 No -> create it!
           daemon
                                Does this FQAN exists
                                                                             • no need to change the
                                in Cns_groupinfo?                              /etc/passwd file
                                No -> create it!
                                                                             • faster check on ACL
            LFC DB
                                                                               than with string/pattern
                                                                               matching on DN/FQAN

                   Cns_userinfo
                                                             DPNS DB
   5428 /DC=ch/DC=cer/n../CN=589293/CN=Erwin Laure


                                                          Cns_groupinfo
                                                           105 dteam



INFSO-RI-508833                                                                      OGF GFS-WG: LFC    8
                                                 Comparison Overview
                  Enabling Grids for E-sciencE



   • LFC overview
      • Hierarchical namespace
      • POSIX like command line tools
      • POSIX style permissions
      • Virtual users and groups
   • API comparison
      • RNS add
      • RNS list
      • RNS move
      • RNS query
      • permissions
      • performance improvements



INFSO-RI-508833                                            OGF GFS-WG: LFC   9
                                                                     API: add
                     Enabling Grids for E-sciencE


   • RNS:
        add (string: entry_name, EndpointReferenceType: entry_reference)
   • LFC:
        lfc_mkdir (string path, mode_t)
        lfc_mkdirg (string path, string guid, mode_t)
        lfc_creatg (string path, string guid, mode_t)
        lfc_addreplica (string path, ...)
        lfc_symlink (string srcpath, string dstpath)
        ...

        /rns:add/entry_name ~ LFN
        /rns:add/entry_reference ~ replica or symlink

        RNS is missing the detailed attributes of the replicas.



INFSO-RI-508833                                                   OGF GFS-WG: LFC   10
                                                                             API: list
                       Enabling Grids for E-sciencE


   • RNS:
        list(string: entry_name_regexp)
   • LFC:
        lfc_DIR lfc_opendir...(string path)
        dirent lfc_readdir... (lfc_DIR)
            lfc_readdirc (), lfc_readdirg(), lfc_readdirx ()
            lfc_readdirxc (), lfc_readdirxp (), lfc_readdirxr ()
        lfc_rewinddir (lfc_DIR)
        lfc_closedir (lfc_DIR)

        lfc_filereplica lfc_listreplica (string, string, int, lfc_list)
        lfc_filereplica lfc_listreplicax (string, string, string, int, lfc_list)
        lfc_filereplicax lfc_listrepset (string, int, lfc_list)

        The problematic part is listing directories recursively.


INFSO-RI-508833                                                         OGF GFS-WG: LFC   11
                                                            API: move
                     Enabling Grids for E-sciencE


   • RNS:
        move (EndpointReferenceType: parent, string: entry_name)
   • LFC:
        lfc_rename(string src, string dst)




INFSO-RI-508833                                             OGF GFS-WG: LFC   12
                                                                      API: query
                        Enabling Grids for E-sciencE


   • RNS:
        query()
   • LFC:
        lfc_stat (string path, lfc_filestat)
            lfc_statg (), lfc_statr (), lfc_statx (), lfc_lstat()

        lfc_getlinks (string, string, int *, struct lfc_linkinfo[])
        lfc_getreplica (string, string, string, int *, struct lfc_filereplica[])
        lfc_getreplicas (int, string[], string, int *, lfc_filereplicas[])
        lfc_getreplicasl (int, string[], string, int *, lfc_filereplicas[])
        lfc_getreplicax (string, string, string, int *, lfc_filereplicax[])


        The attributes of a namespace entry should be defined,
        allowing specialized queries and lookups.


INFSO-RI-508833                                                        OGF GFS-WG: LFC   13
                                                                  API: remove
                       Enabling Grids for E-sciencE


   • RNS:
        remove (string: entry_name_regexp)
   • LFC:
        lfc_unlink (string)
        lfc_undelete (string)
        lfc_delcomment (string)
        lfc_delete (string)
        lfc_delfilesbyguid (int, string[], int, int *, int **)
        lfc_delfilesbyname (int, string[], int, int *, int **)
        lfc_delfilesbypattern (string, string, int, int *, struct lfc_filestatus **)
        lfc_delreplica (string, struct lfc_fileid *, string)
        lfc_delreplicas (int, string[], string, int *, int **)
        lfc_rmdir (string)




INFSO-RI-508833                                                        OGF GFS-WG: LFC   14
                           API: performance improvements
                      Enabling Grids for E-sciencE


   • LFC:
      • bulk methods: cuts the round-trip time
          lfc_delreplicas(), lfc_delfilesbyguid(),
          lfc_delfilesbyname(), lfc_delfilesbypattern(),
          lfc_getreplicas(), lfc_getreplicasl()


        • session: cuts the authentication time
          lfc_startsess(), lfc_endsess()


        • transactions: cuts the authentication time,
          and provides roll-back for complex changes
          lfc_starttrans(), lfc_aborttrans(), lfc_endtrans()




INFSO-RI-508833                                                OGF GFS-WG: LFC   15
                                                                         API: permissions
                        Enabling Grids for E-sciencE


   • Posix style permission with grid credentials:
        lfc_access (string path, int)
        lfc_chmod (string path, mode_t)
        lfc_chown (string path, uid_t, gid_t)
        lfc_getacl (string path, int nentries, lfc_acl[])
        lfc_setacl (string path, int nentries, lfc_acl[])


   • Virtual users and groups (mapping to Posix numbers):
        lfc_entergrpmap (gid_t, string) lfc_getgrpbynam (string, gid_t *)
        lfc_getgrpbygid (gid_t, string)                lfc_getgrpbygids (int, gid_t *, string[])
        lfc_getgrpmap (int *, struct lfc_groupinfo **)
        lfc_modifygrpmap (gid_t, string)                    lfc_rmgrpmap (gid_t, string)
        lfc_enterusrmap (uid_t, string)                     lfc_getusrbynam (string, uid_t *)
        lfc_getusrbyuid (uid_t, string)
        lfc_getusrmap (int *, struct lfc_userinfo **)
        lfc_modifyusrmap (uid_t, string)                    lfc_rmusrmap (uid_t, string)



INFSO-RI-508833                                                                         OGF GFS-WG: LFC   16
                                                   Documentation
                    Enabling Grids for E-sciencE




   • Main LFC/DPM documentation page
        – https://twiki.cern.ch/twiki/bin/view/LCG/DataManagementTop



   • LFC Admin Guide
        – https://twiki.cern.ch/twiki/bin/view/LCG/LfcAdminGuide



   • Troubleshooting page
        – https://twiki.cern.ch/twiki/bin/view/LCG/LfcTroubleshooting




INFSO-RI-508833                                            OGF GFS-WG: LFC   17