Configuring the "Admin" Node
Prev Chapter 6. Configuration Next

Configuring the "Admin" Node

What is an "Admin" Node

The Administration node is the computer the SRM users access, this API then spreads the load across the Pool node to scale the data transfer rates to a greater speed.

This section outlines the process for configuring the admin node. The admin node is used to load-balance requests amongst the pool nodes and provide authentication and authorisation for requests. Typically the Postgres database is maintained at the admin node, however, this is not a fixed requirement but does ease the task of administration.

The SRM "door" to dCache (interface) is now dependent on Postgres. This is a common open source relational database. First check to see if the database directory is setup. The following commands must be run as user Postgres.

/opt/d-cache/install/install.sh

The "install.sh" script should be run. IMPORTANT: Using the LCG configuration script is the most practical method of doing this. To run this script you need to specify if the machine is the admin or pool node (We are using admin), where the initial pool is if you want one (we have specified "no" - this is an admin only node), and the fully qualified domain name (FQDN) of the admin machine (in this case dev07 at RAL but you should change this to the machine name you are installing the software on).

Configuring the "Admin" Database

su postgres
ls /var/lib/pgsql/data

Should not show any files. If you have moved the default database location please substitute this directory when reference is made. The file system needs initiating with database this is done as following

initdb /var/lib/pgsql/data

This should add the following files to the directory.

ls /var/lib/pgsql/data
base  global  pg_clog  pg_hba.conf  pg_ident.conf  PG_VERSION 
pg_xlog  postgresql.conf

Postgres must be enabled for network access on the default port 5432 for dCache to access them. This is done by modifying the postgresql.conf and setting the TCP/IP_socket value. The following lines are taken from a successfully configured dCache.

#
#       Connection Parameters
#
#tcpip_socket = false
tcpip_socket = true
#ssl = false

Since the security between dCache and the server is host IP address pg_hba.conf must be configured to allow the hosts to connect to the database. To get the host IP address

#ifconfig 
eth0      Link encap:Ethernet  HWaddr 00:03:47:97:C9:95  
          inet addr:130.246.184.124  Bcast:130.246.187.255
Mask:255.255.252.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3670520 errors:0 dropped:0 overruns:0 frame:0
          TX packets:307288 errors:0 dropped:0 overruns:0
carrier:292675: collisions:0 txqueuelen:1000 
          RX bytes:278656280 (265.7 Mb)  TX bytes:25081174 (23.9Mb)
          Memory:f7000000-f7020000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:36773 errors:0 dropped:0 overruns:0 frame:0
          TX packets:36773 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0 
          RX bytes:8842359 (8.4 Mb)  TX bytes:8842359 (8.4 Mb)

This value needs to be added to the following template

local   all         all                                           trust
host    all         all         127.0.0.1         255.255.255.255 trust
host    all         all         @IP of DB host@   255.255.255.255 trust
host    all         all         @IP of SRM host@  255.255.255.255 trust

So I added the lines

host    all         all         127.0.0.1         255.255.255.255 trust
host    all         all         130.246.184.124   255.255.255.255 trust

Since the IP address of the DB and the SRM host are identical.

dCache communicates the Postgres RDBMS through the user account srmdcache. Since this user account is not created by dCache it must be added in the normal way for Postgres via a administrator login.

#su postgres
$createdb dcache
CREATE DATABASE
$psql -U postgres dcache
Welcome to psql 7.3.8-RH, the PostgreSQL interactive terminal.

Type:  \copyright for distribution terms
       \h for help with SQL commands
       \? for help on internal slash commands
       \g or terminate with semicolon to execute query
       \q to quit

dcache=#  create user srmdcache password 'srmdcache';
dcache=# \du
              List of database users
 User name | User ID |         Attributes         
-----------+---------+----------------------------
 postgres  |       1 | superuser, create database
 srmdcache |     101 | 
(2 rows)

dcache-# \q

Please note that the "\du" command is only to confirm that the user has been successfully added.

Next the standard configuration is copied from the templates installed by RPM into the locations used for the application.

cp /opt/pnfs.3.1.10/pnfs/etc/pnfs_config.template /opt/pnfs.3.1.10/pnfs/etc/pnfs_config
cp /opt/d-cache/etc/node_config.template /opt/d-cache/etc/node_config
cp /opt/d-cache/etc/pool_path.template /opt/d-cache/etc/pool_path
cp /opt/d-cache/etc/dCacheSetup.template /opt/d-cache/etc/dCacheSetup
cp /opt/d-cache/etc/dcache.kpwd.template /opt/d-cache/etc/dcache.kpwd
cp /opt/d-cache/config/dCacheSetup.temp /opt/d-cache/config/dCacheSetup

These files should be inspected to see the what configuration needs to be changed. Particular changes needed are listed below.

The file /opt/d-cache/etc/node_config has to be modified to included the correct value of NODE_TYPE. Please note that the dCache configuration script is very brittle. For this reason please do not use # as a comment and be very careful of the white space. I do not believe this is a problem for dCache it self though.

cat /opt/d-cache/etc/node_config
NODE_TYPE = admin
DCACHE_BASE_DIR = /opt/d-cache
PNFS_ROOT = /pnfs
PNFS_INSTALL_DIR = /opt/pnfs.3.1.10/pnfs
PNFS_START = yes
PNFS_OVERWRITE = no
POOL_PATH = /opt/d-cache/etc
NUMBER_OF_MOVERS = 100

Now the dCache installation script should be run

#/opt/d-cache/install/install.sh 
Checking existence of node_config file
Preparing the main dCache config file
 PNFS is not running (needed to prepare dCache) 
Starting the PNFS server
 Shmcom : Installed 8 Clients and 8 Servers
 Starting database server for admin
(/opt/pnfsdb/pnfs/databases/admin) ... O.K.
 Starting database server for data1
(/opt/pnfsdb/pnfs/databases/data1) ... O.K.
 Waiting for dbservers to register ... Ready
 Starting Mountd : pmountd 
 Starting nfsd : pnfsd 
Checking on a possibly existing dCache/PNFS configuration
/pnfs/fs mount point exists, but is not mounted - going to mount it now
Creating PNFS mount point (/pnfs/fs) and mounting PNFS
Generating public/private rsa1 key pair.
Your identification has been saved in ./server_key.
Your public key has been saved in ./server_key.pub.
The key fingerprint is:
e1:67:48:fa:9c:29:ec:55:fa:7a:db:87:9c:89:2c:ca
root@dev01.gridpp.rl.ac.uk

If this stage is successful please repeat the configuration stages until the process works.

Using the LCG Script to configure a dCache "Admin" node is the most practical

Now the dCache installation script should be run

#/opt/d-cache-lcg/install/dcache-lcg-install.sh admin \
      -pool=no -admin=dev07.gridpp.rl.ac.uk
Checking existence of node_config file
Preparing the main dCache config file
Checking on a possibly existing dCache/PNFS configuration
Found an existing dCache/PNFS configuration!
Not allowed to overwrite existing configuration - Exiting
Generating public/private rsa1 key pair.
Your identification has been saved in ./server_key.
Your public key has been saved in ./server_key.pub.
The key fingerprint is: d1:93:52:cc:08:ea:16:97:df:aa:2f:4d:3b:69:be:46
root@dev07.gridpp.rl.ac.uk

Installing pnfs

/opt/pnfs.3.1.10/pnfs/install/pnfs-install.sh
/etc/init.d/pnfs start 
/etc/init.d/dcache-core start
/etc/init.d/dcache-opt start

We need to synchronise dCache with the grid-map file coping with additions and removals

$ cat > /etc/cron.hourly/grid-mapfile2dcache-kpwd << EOF
#!/bin/sh
/opt/d-cache/bin/grid-mapfile2dcache-kpwd
EOF
$ chmod 755 /etc/cron.hourly/grid-mapfile2dcache-kpwd

This is done through the grid-mapfile2dcache-kpwd command. "edginfo" is the user the grid information service uses to find information from dCache.

We need to switch the IP tables off. This reduces security and allows facilitates the setup of dCache. Once this is done it is recommended that the system administrator sets up dCache again with correctly generated firewall configuration.

service iptables stop

Starting the dCache "Admin" node

Once the installation and configuration of dCache has been completed you will probably want to start and test it. To do this you need to start three services: PNFS - to access files; dcache-core - for administration; and dcache-opt which provides gridftp and other optional services.

  /etc/init.d/pnfs start

Starting dcache services:  Shmcom : Installed 8 Clients and 8
Servers 
Starting database server for admin
(/opt/pnfsdb/pnfs/databases/admin) ... O.K.  
Starting database server for
data1(/opt/pnfsdb/pnfs/databases/data1) ... O.K.  
Waiting for dbservers to register ... Ready 
Starting Mountd : pmountd Starting nfsd : pnfsd
Starting dcache services: Starting lmDomain  6 5 4 3 2 1 0 Done(pid=10170) 
Starting dCacheDomain  6 5 4 3 2 1 0 Done (pid=10242)
Starting dirDomain  6 5 4 3 2 1 0 Done (pid=10329) 
Starting doorDomain 6 5 4 3 2 1 0 Done (pid=10410) 
Starting adminDoorDomain  6 5 4 3 2 1 0 Done (pid=10495) 
Starting pnfsDomain  6 5 4 3 2 1 0 Done (pid=10583)
Starting httpdDomain  6 5 4 3 2 1 0 Done (pid=10670)
Prev Up Next
Chapter 6. Configuration Home Configuring the HSM Interface