Difference between revisions of "RucioNewUsers"

From GridPP Wiki
Jump to: navigation, search
(Created page with "== Adding a new User == As a VO admin/Superadmin to add a new user you will need: * Rucio username, * The subject from your eScience certificate to get this use: openssl x5...")
 
m (Timothy Noble 142318329a moved page NewUser to RucioNewUsers)
 
(No difference)

Latest revision as of 13:15, 14 April 2022

Adding a new User

As a VO admin/Superadmin to add a new user you will need:

  • Rucio username,
  • The subject from your eScience certificate to get this use:
openssl x509 -subject -noout -in <path/to/your/usercert.pem>
  • The preferred email address
  • Name of the VO you wish to join or create.

Using this information you will then add the user to Rucio by using a Rucio client and running the following command:

rucio-admin account add <username> <email>

This will create an initial account, you will then need to add an identity to the account:

rucio-admin identity add -account <account> --type <type> --id <'x509 id' or account name for Password> --email <email>

The account will now have an identity, but will need a scope:

rucio-admin scope add --account <account> --scope <scope - usually for a personal scope this will be user.<account>>

The user then needs a space allocations for each of the RSEs that they will use:

rucio-admin account set-limits <account> <RSE> <space - this is default in bytes but 100G will give 100gb of space>

The user will then need to edit their /opt/rucio/etc/rucio.cfg to ensure that the base installed config is set up for Multi-VO Rucio, it will need the following:

[common]
logdir = /var/log/rucio
multi_vo = False
loglevel = INFO
[client]
rucio_host = https://rucio-server.gridpp.rl.ac.uk:443
auth_host = https://rucio-server.gridpp.rl.ac.uk:443
vo = <3 char vo nane, this is drc for dirac, dtm for dteam, gpp for gridpp>
account = <account>
ca_cert = /opt/rucio/etc/web/ca-first.pem
auth_type = x509
client_cert = /opt/rucio/etc/usercert.pem
client_key = /opt/rucio/etc/userkey.pem
client_x509_proxy = /tmp/x509up_u1000
request_retries = 5