Here please ask any question about Rucio.

How do I make a transfer request?!?!

You don't. Instead you make a rule. See RucioUserDocsRules for more details.

Full Rucio documentation

There is full Rucio documentation available online at In particular:

What naming conventions must be used?

We have tried to keep Rucio to the same naming conventions used in DBS and the rest of our software. In other words:

  • CMS dataset name and Rucio container names are of form /AlphaNumeric/AlphaNumeric/ALPHABETIC
  • Block names are [container name]#AlphaNumeric
  • File names for users are /store/user/rucio/[USERNAME]/path/to/file.ext

The actual rules are a little looser as underscores, dashes, and periods are allowed in some contexts, but if you stick to the above, you will be fine.

Is it possible to download a file in Rucio?

See RucioUserDocsLocation

How can I get the ids of the rules that apply on a file?

Please follow an example in GetRuleId.

Will DBS stop being used?


How does Rucio know lfn to pfn mapping and how do I publish the update of lfn to pfn mapping?

The trivial file catalog (TFC) that a site specifies in their SITECONF storage.xml is synchronized from PhEDEx into the Rucio RSE definition once per day. In the future, we will move to pulling storage.json from gitlab, so sites are strongly encouraged to make sure the files in PhEDEx and gitlab agree.

Is Rucio DB filled properly? Rucio and PhEDEx datasvc results are different

The reality is that PhEDEx is constantly moving data, and the one-way PhEDEx->Rucio synchronization is not instantaneous. Some temporary discrepancies will exist.

Are the transfer and deletion log files for Rucio accessible?

As was the case with PhEDEx, ultimately all actual transfers are made with FTS. Rucio keeps track of the FTS transfer IDs that are shown when querying stuck rules. In addition, a high-level overview is available via MONIT infrastructure, e.g. transfer rates and logs in kibana. Also, rucio digests the FTS errors and presents an alternative log [][here]]. Deletion logs are also available in the latter link.

How does Rucio transfers verify the sanity of transfers? Is it the FTS that does it?

FTS is responsible for verifying the transfer was successful and the destination checksum matches both the source and the catalog.

How I can modify which FTS Server to Use?

As of now, there is only the possibility to specify one FTS server per destination RSE. Once storage.json is fully deployed, the setting will be taken from there.

Are there any consistency checks for site admins to ensure that numbers are == with local storage?

A full site to catalog consistency check is being developed for Rucio. It will use xrootd to list the contents of the site storage and compare to the catalog to ensure consistency.

Can the user be assigned to a group 'local' - which means quota is for all local users?

At present, the quota mechanism can target one rucio account at a time. Accounts can be created for users or groups. A shared group "RSE_user" could be made and the appropriate user identities could be attached, such that they share a quota. We are working on a mechanism to use e-groups + CRIC to automate this.

Are there any alarms sent to administrators once ~95% of quota usage is reached on one or another quota?

We can investigate such an alarm

How I can set production quota and does it also consider files in /store/unmerged or is a separate quota?

In the current scheme, /store/unmerged is not managed by rucio. For the remainder, it is part of the DDM quota and the relative share is managed by central operations as needed.

How would it work with local user jobs?

%GREY% Local users have access to a dedicated local queue and they store the same files under the same storage bypassing CRAB and Production.Questions are: How do these files need to be registered in Rucio? Do they need to store under /store/temp and let Rucio to handle transfer from /store/temp/user to /store/user? Or they can manually publish specific Rucio block, like copying himself directly to /store/user? Or does it mean that local users should not have delete/write access on the Site storage? - This seems will not work with Analysis Facilities and needs a solution

In summary, user files that are managed by Rucio are stored in /store/user/rucio/, which will have local permissions identical to /store/mc or the other global namespace prefixes (see DMWMPG_Namespace for details). As such, there is no conflict with users who only have permissions to /store/user/. When a user injects data they hand over unix permissions to Rucio, at which point they must interact with Rucio to transfer or delete data. Of course, a user can opt-out of this by simply continuing to write to /store/user/ as they do now.

Is there a way in Rucio to say - never ever do not store any MINIAOD at a specific site and that there is a virtual storage (does not mean that file is present, like xrootd cache) on that specific site.

We have not explored site-admin controlled restrictions on DDM space. There is a concept of cache RSEs where Rucio is aware of but does not control the presence of replicas.

If sites create a rule for the SAM dataset, will Rucio automatically trigger the transfer? Do they have to do anything else?

If a site creates a rule, Rucio would start the transfer of the files automatically unless there is some issue. Admins should keep track of the transfer and open a ticket in case they see something is wrong.

If a site has some missing files, should they delete the rest and re-transfer the entire container or should they only ask for the specific files/datasets?

If the admin suspects his/her site has missing or corrupted files, they should open a ticket for Transfer Team. Transfer team will just locally invalidate the files if they have replicas somewhere else, and they will get re-transferred. No need of delete the whole dataset or container.

Do files need to be deleted before at the site (in case of corrupted files, etc.)?

No need to delete, as long as it is a disk site the file will be overwritten by the FTS transfer (corrupt tape site copies would need to be deleted though).

Can site admins/execs invalidate files themselves?

No. Though the invalidation is a Rucio API call and suitable adjustment of permissions may in the future allow sites to declare bad replicas themselves.

For managing SAM dataset rules, perhaps a facilities shared account is a good solution, otherwise transfer_ops can make the rule. High-watermark deletions only apply to data not protected by rules, so as long as a rule is active the data will stay.

Which certificates will be used by Rucio when replacing Phedex agents? How sites can obtain it?

Rucio writes data to sites using DN:

/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=cmsrucio/CN=430796/CN=Robot: CMS Rucio Data Transfer
and FQAN:
Sites should have no need for a certificate because there is no site-resident daemon to run. Sites should ensure that the local account the above certificate maps to has permission via srm/gsiftp/davs/etc. to write and delete all subdirectories of /store listed as "production" in DMWMPG_Namespace
Edit | Attach | Watch | Print version | History: r15 < r14 < r13 < r12 < r11 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r15 - 2021-02-11 - GaryfalliaPaspalaki
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    CMSPublic All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback