DCaheInstallationAndConfigurationDocumentation < Sandbox

---+ Common items for dCache/FedCloud installation

links
   * [[http://trac.dcache.org/wiki/Installation%20of%20dCache%20server%20-%20Taipei2014][old manual of 2014 year]]
   * [[https://www.dcache.org/manuals/Book-2.16/index-fhs.shtml][The dCache Book for 2.16-series]]
   * [[https://www.dcache.org/downloads/IAgree.shtml][The actual dCache sources]]
   * [[http://trac.dcache.org/wiki/TroubleShooting][TroubleShooting]]
   * [[https://github.com/dCache/dcache/wiki/ZooKeeper][github about zookeeper]]
   * [[http://trac.dcache.org/wiki/dcache_components][dCache twiki]]

---++ Operating systems and software repositories

%STARTSECTION{"base.system.and.repos"}%
Standard software repositories:
   * RHEL 6.x <literal>(CentOS, Scientific Linux, etc)</literal>
   * EPEL, 
   * Postrgesql 94 (for Server):
For centos:
<verbatim>
yum install -y https://download.postgresql.org/pub/repos/yum/9.4/redhat/rhel-6-x86_64/pgdg-centos94-9.4-2.noarch.rpm
</verbatim>
For SL:
<verbatim>
yum install -y https://download.postgresql.org/pub/repos/yum/9.4/redhat/rhel-6-x86_64/pgdg-sl94-9.4-3.noarch.rpm
</verbatim>
Packages:
   * Main package:
<verbatim>
wget --no-check-certificate  https://131.169.4.221/downloads/1.9/repo/2.16/dcache-2.16.10-1.noarch.rpm
or
wget --no-check-certificate  https://131.169.4.221/downloads/1.9/repo/3.0/dcache-3.0.10-1.noarch.rpm

yum localinstall dcache-2.16.10-1.noarch.rpm -y
or
yum localinstal dcache-3.0.10-1.noarch.rpm -y
</verbatim>
   * Requrements packages:
<verbatim>
yum install java-1.8.0-openjdk rpcbind liquibase -y
</verbatim>
   * Database pacakages (for server):

<verbatim>
yum install postgresql94-server postgresql94-jdbc plpgsql_check_94 -y
</verbatim>
   * CA and voms (for server):
<verbatim>
yum install http://repository.egi.eu/sw/production/umd/4/sl6/x86_64/updates/umd-release-4.1.2-1.el6.noarch.rpm
yum install lcg-CA
</verbatim>

---++ Server setting
 
DB setting:

<verbatim>
service postgresql-9.4 initdb
sed -ie 's/max_connections = 100/max_connections = 1000/' /var/lib/pgsql/9.4/data/postgresql.conf
mv  /var/lib/pgsql/9.4/data/pg_hba.conf{,_ori}
cat > /var/lib/pgsql/9.4/data/pg_hba.conf <<EOF
local   all        all                               trust
host    all         all         127.0.0.1/32          trust
host    all         all         ::1/128               trust
EOF


service postgresql-9.4 start
chkconfig postgresql-9.4 on
</verbatim>

<verbatim>

createuser -U postgres --no-superuser --no-createrole --createdb chimera
createuser -U postgres --no-superuser --no-createrole --createdb dcache
createuser -U postgres --no-superuser --no-createrole --createdb srmdcache
createdb -U srmdcache dcache
createdb -O dcache -U postgres chimera 
createdb -O srmdcache -U postgres billing
createdb -O dcache -U postgres spacemanager
createdb -U dcache replica


</verbatim>

Autentiction setting (emty)
<verbatim>
mv /etc/dcache/gplazma.conf{,_ori}
vim /etc/dcache/gplazma.conf
</verbatim>

example  /etc/dcache/gplazma.conf for FedSE:
<verbatim>
[root@alice01 ~]# cat  /etc/dcache/gplazma.conf
auth    optional  x509
auth    optional  kpwd

map     requisite gridmap
map     sufficient authzdb

session sufficient authzdb
session requisite kpwd
</verbatim>

Example /etc/dcache/dcache.conf 
<verbatim>

~]# cat  /etc/dcache/dcache.conf
dcache.layout=fedlayout
pnfsmanager.default-retention-policy=REPLICA
pnfsmanager.default-access-latency=ONLINE

# It is used by logback.xml
dcache.log.dir=/var/log/dcache
#keep logs while domain restarting
dcache.log.mode=keep
#log levels
#dcache.log.level.file=debug
dcache.log.level.file=info
#dcache.log.level.pinboard=debug
#dcache.log.level.events=off
#dcache.log.level.access=debug
dcache.log.level.access=info
#log format
dcache.log.format.file=%d{yyyy-MM-dd}T%d{HH:mm:ss.SSS} \\(%X{cells.cell}\\) [%X{org.dcache.ndc}] %m%n
dcache.log.format.pinboard=${dcache.log.format.file}

 dcache.java.memory.heap=512m
 dcache.java.memory.direct=512m


xrootd.net.port=1094
xrootdIsReadOnly=false

xrootd.authz.read-paths = /
xrootd.authz.write-paths = /
xrootd.plugins=gplazma:gsi
xrootdAuthNPlugin=gsi
dcache.authn.hostcert.verify=true

dcache.enable.replica=true
#replica.poolgroup=reppool


</verbatim>

And files for gplazma:
<verbatim>
touch  /etc/grid-security/grid-mapfile
chmod 664 /etc/grid-security/grid-mapfile
touch  /etc/grid-security/storage-authzdb
chown dcache: /etc/grid-security/storage-authzdb
</verbatim>
Example layout file (fedlayout.conf now)

<verbatim>
~]# cat  /etc/dcache/layouts/fedlayout.conf
[dCacheDomain]
[dCacheDomain/admin]
[dCacheDomain/poolmanager]
[dCacheDomain/spacemanager]
[dCacheDomain/pnfsmanager]
[dCacheDomain/billing]
[dCacheDomain/httpd]
[dCacheDomain/topo]
[dCacheDomain/info]


[zookeeperDomain]
[zookeeperDomain/zookeeper]

[XROOTD]
[XROOTD/xrootd]

[AUTH]
[AUTH/gplazma]

[replicaDomain]
[replicaDomain/replica]
</verbatim>


Update DB
<verbatim>
dcache database update
</verbatim>

Create access for admin interface:
<verbatim>
cat .ssh/id_rsa.pub > /etc/dcache/admin/authorized_keys2  
</verbatim>


Start services:
<verbatim>
dcache start
</verbatim>

Check access:
<verbatim>
ssh -p 22224 -l admin localhost -i .ssh/id_rsa
</verbatim>

Port open:
For servers:
<verbatim>
tcp  2181
tcp  11111
udp 11111
</verbatim>

For all:
<verbatim>
tcp 1094
</verbatim>

---++ Pool setting

Files: 
<verbatim>
[root@eos ~]# cat /etc/dcache/dcache.conf
# This is the main configuration file of dCache.
#
# This file used to be called config/dCacheSetup, but is now stored in
# etc/dcache.conf. Documentation may still refer to it as
# config/dCacheSetup. Most of the parameters are the same and the
# documentation also applies to this file.
#
# By default the file is empty. Default values are picked up from the
# properties files in share/defaults/. Do not modify the defaults
# files: any changes will be lost when upgrading. Instead override the
# defaults by redefining the parameters in this file.


dcache.broker.host=alice01.spbu.ru
dcache.layout=domain01

dcache.net.lan.port.min = 1095
dcache.net.lan.port.max = 1099


[root@eos ~]#    
</verbatim>

And layout:
<verbatim>
cat >> /etc/dcache/layouts/domain01.conf << EOF
[${HOSTNAME}-pool]
[${HOSTNAME}-pool/xrootd]
EOF
</verbatim>

Command:
<verbatim>
dcache start
dcache pool create --size=1000G /data0/dcache2 `hostname -s`_2 ${HOSTNAME}-poo
dcache restrart
</verbatim>



Port open:
For servers:
<verbatim>
tcp  11111
udp 11111
</verbatim>

For all:
<verbatim>
tcp 1094:1099
</verbatim>


---++ Authorisation setting (on manager)

Example of files:
<verbatim>
[root@muon ~]# cat /etc/grid-security/storage-authzdb
authorize eosuser read-write 2016 2016 / / /
[root@muon ~]# cat /etc/grid-security/grid-mapfile
"/C=RU/O=RDIG/OU=users/OU=spbu.ru/CN=Andrey Zarochentsev" eosuser
</verbatim>

Setting on chimeria:
<verbatim>
chimera:/# mkdir /dcache
chimera:/# mkdir /dcache/fedcloud
chimera:/# mkdir /dcache/fedcloud/zar/

chimera:/# chown 2016:2016 /dcache/fedcloud/
chimera:/# chown 2016:2016 /dcache/fedcloud/zar
</verbatim>

Host certs:
<verbatim>
[root@muon ~]# cp /etc/grid-security/daemon/host* /etc/grid-security/
[root@muon ~]# chown dcache: /etc/grid-security/host*
</verbatim>






-- Main.AndreyZarochentsev - 2016-08-25
Topic revision: r22 - 2017-03-21 - AndreyZarochentsev
Account
- Log In
- Cern Search
- TWiki Search
- Google Search
Sandbox All webs
Edit
Attach
Copyright &© 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback