RucioNewVO

From GridPP Wiki
Jump to: navigation, search

Introduction

This page describes the progress of how you request a new VO to be created on the RAL Multi-VO instance.

Use Case

The Multi-VO Rucio instance at RAL is design to be able to support multiple Virtual Organisations (VOs). A VO normally maps to a science experiment / project (e.g. ATLAS or GridPP). Each VO is kept entirely separate from each other. e.g. you won't be able to see the files that other experiments have stored.

  • VOs that wish to manage their data across several sites and plan to store less than 10PB or 100 million files.
  • VOs that would like to evaluate Rucio to see if it is the correct solution for them.

Pre-requisites

Currently in order to make use of the Rucio instance at RAL you need to have an existing precesence on the Grid

  • Your experiment/project must be an established Virtual Organisation (VO).

Process

Users

To request a new VO to be setup

Admin

Setup of the Daemon server for each VO

Created a new VM either using a snapshot of the Daemons server01 and named new server 0X or start a set-up from scratch in containers

Copy across the usercert and userkey to a new /opt/rucio/<new VO>

Add the <new VO> to the list of valid VOs by copying the relevant files to the /etc/vomses directory this may include the voms*.pem lcg-voms*.pem and within this directory make a new directory of <new VO>

Add the <new VO> LSC file in the newly created /etc/grid-security/vomsdir/<new VO>

Add the <new VO> information in the /etc/vomses/ directory, it only needs to be a simple text file with the following format: 

"<VO name>" "<VO URL>" "<PORT>" "<DN>" "<VO name>"

"dteam" "voms2.hellasgrid.gr" "15004" "/C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms2.hellasgrid.gr" "dteam"

Use voms-proxy-init --voms <new VO> specifying the usercert and userkey you copied earlier and output to the /opt/rucio/ska/x509PlainProxy - this will be changed in the future, but currently many scripts and Rucio components point here.

Edit the cron (in /etc/cron.d) 'renew-proxy.cron' to point to the correct --<new VO>

Once the cron has run, check the /var/log/renew-proxy.log for success of creating the proxy to persist beyond the day.

Edit /etc/supervizord.conf to point to the new VO you are setting up for the daemons that require it.

If you want testing for the VO and RSEs that are registered with the VO

There is a script in /etc/cron.d on daemon01 and daemon02, called functional_test.cron which points to functional_test.sh which will need to be copied and edited with the cron.

The .sh file needs to be edited to use the <NEW VO 3 char code> and the RSEs that the VO is associated with.

Retrieved from "https://www.gridpp.ac.uk/w/index.php?title=RucioNewVO&oldid=21013"