Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

HOWTO12 Globus Online cookbook for EGI VOs

From EGIWiki
Revision as of 16:54, 23 May 2013 by Ekarolis (talk | contribs)
Jump to navigation Jump to search


About

This page provides guidance for Virtual Organisations (VO) of the European Grid Infrastructure (EGI) on how to use the Globus Online service that is available at http://www.globusonline.eu. The services provides robust and easy to use file transfer capabilities for EGI users. Globus Online manages file transfers for you, monitoring performance, retrying failures, auto-tuning and recovering from faults automatically where possible, and reporting status. The Cookbook demonstrates how SRM storages of EGI could be used as endpoints for file transfers in Globus Online.

The Cookbook consists of two parts:

  • The first part provides step-by-step instructions for VO Managers on how to register SRM storage services in Globus Online in such a way, that these appear as endpoints that VO members can find and use for file tranfers. Although these steps could be performed by any member of a VO, we assume that for most VOs the VO Manager is the most suitable person to complete the steps, because the VO Managers have sufficient knowledge on storage sites of the VO and about using the BDII information system to obtain detailed information about these storages.
  • The second part provides step-by-step instructions for VO members on how to use storage endpoints in Globus Online. These steps can be carried out by any VO member.

The "biomed" VO is used as an example in the Cookbook to demonstrate Globus Online usage.

Please email any feedback about this Cookbook to the EGI.eu User Community Support Team: ucst@egi.eu.

VO Managers

1. Get all storage managers (Glue 2.0):


-bash-3.2$ ldapsearch -x -h lcg-bdii.cern.ch -p 2170 -b o=glue '(&(objectclass=GLUE2StorageService))' |perl -p00e 's/\r?\n //g'|grep ^dn:|cut -d" " -f2 > GLUE2StorageServiceDN

2. Filter out only storage managers for your VO (Glue 2.0):


-bash-3.2$ for i in `cat GLUE2StorageServiceDN`;do ldapsearch -LLL -x -H ldap://lcg-bdii.cern.ch:2170 -x -b "$i" "(&(objectClass=GLUE2AccessPolicy)(GLUE2PolicyRule=*:biomed))" GLUE2PolicyRule| grep -q GLUE2PolicyRule && echo $i;done > GLUE2AccessPolicyDN


3. Get all GridFTP endpoints for your VO (Glue 2.0):


-bash-3.2$ for i in `cat GLUE2AccessPolicyDN`; do ldapsearch -LLL -x -H ldap://lcg-bdii.cern.ch:2170 -x -b "$i" "(&(objectClass=GLUE2Endpoint)(GLUE2EndpointInterfaceName=gsiftp))" GLUE2EndpointURL | grep ^GLUE |tail -n 1;done
GLUE2EndpointURL: gsiftp://gaeds023.ciemat.es:2811
GLUE2EndpointURL: gsiftp://se001.ipp.acad.bg:2811
GLUE2EndpointURL: gsiftp://juliet.zih.tu-dresden.de:2811
GLUE2EndpointURL: gsiftp://sedsk58.grid.hep.ph.ic.ac.uk:2811

ATTENTION: you might not get all the GridFTP endpoints, because at the moment only dCache is publishing them to information system. Currently there several discussions ongoing about what storage managers must publish to information system and make easier way of querying the information for DPM and StoRM. REF: https://ggus.eu/tech/ticket_show.php?ticket=94264.

4. Find myproxy server


-bash-3.2$ lcg-infosites --is lcg-bdii.cern.ch --vo biomed myproxy
myproxy.cern.ch:7512
myproxy.usatlas.bnl.gov:7512
myproxy://cluster6.knu.ac.kr:7512/
myproxy://grid-mypx.feit.ukim.edu.mk:7512/
myproxy://grid-px0.desy.de:7512/
myproxy://grid153.kfki.hu:7512/
myproxy://gridpx01.ifca.es:7512/
myproxy://ii.biomed.kiev.ua:7512/
myproxy://kek2-px.cc.kek.jp:7512/
myproxy://lcg-px01.icepp.jp:7512/
myproxy://lcg2proxy.ific.uv.es:7512/
myproxy://lcgpx01.jinr.ru:7512/
myproxy://lcgrbp01.gridpp.rl.ac.uk:7512/
<...>

Additional steps for finding the GridFTP endpoints for DPM and StoRM:

Extra step 1. Example script to get the needed info:

#!/bin/bash

bdii="lcg-bdii.cern.ch";

lcg-infosites --is $bdii --vo biomed se |awk '{print $4}'|sort|uniq> biomed_srm_hosts

for host in `cat biomed_srm_hosts`; do

ServiceEndpoint=`lcg-info --list-service --bdii ldap://lcg-bdii.cern.ch:2170 --vo biomed --query "ServiceType=SRM" --attrs "ServiceEndpoint"|grep $host|cut -d" " -f3|head -1;`
   
VOInfoPath=`lcg-info --list-se --bdii ldap://$bdii:2170 --vo biomed --query "SE=$host" --attrs "VOInfoPath"|grep VOInfoPath|awk '{print $3}'`;

gsiftp=`ldapsearch -LLL -x -H ldap://$bdii:2170 -x -b o=grid "(&(GlueSEAccessProtocolType=gsiftp)(GlueChunkKey=GlueSEUniqueID=$host))" GlueSEAccessProtocolEndpoint | grep ^Glue |awk '{print $2}'| tail -1`;

details=`ldapsearch -LLL -h lcg-bdii.cern.ch -p 2170 -x -b o=grid "(&(objectClass=GlueSE)(GlueSEUniqueID=$host))" GlueSEImplementationName GlueSEImplementationVersion|grep ^Glue`;

echo -e "Host: $host\nSRMServiceEndpoint: $ServiceEndpoint\nVOInfoPath: $VOInfoPath\nGlueSEAccessProtocolEndpoint: $gsiftp\n$details\n";

done;


-bash-3.2$ ./go.sh

Host: dcache-se-desy.desy.de
SRMServiceEndpoint: httpg://dcache-se-desy.desy.de:8443/srm/managerv2
VOInfoPath: /pnfs/desy.de/biomed
GlueSEAccessProtocolEndpoint: gsiftp://dcache-door-desy09.desy.de:2811
GlueSEImplementationVersion: 1.9.12-12 (ns=Chimera)
GlueSEImplementationName: dCache

Host: dc2-grid-64.brunel.ac.uk
SRMServiceEndpoint: httpg://dc2-grid-64.brunel.ac.uk:8446/srm/managerv2
VOInfoPath: /dpm/brunel.ac.uk/home/biomed
GlueSEAccessProtocolEndpoint: 
GlueSEImplementationVersion: 1.8.6
GlueSEImplementationName: DPM

Host: grid2.fe.infn.it
SRMServiceEndpoint: httpg://grid2.fe.infn.it:8444/srm/managerv2
VOInfoPath: /biomed
GlueSEAccessProtocolEndpoint: 
GlueSEImplementationVersion: 1.10.0
GlueSEImplementationName: StoRM

<...>

Extra step 2. Finding GridFTP endpoint for DPM or StoRM:


-bash-3.2$ touch test
-bash-3.2$ lcg-cp file://$PWD/test srm://dc2-grid-64.brunel.ac.uk:8446/dpm/brunel.ac.uk/home/biomed/test
-bash-3.2$ lcg-gt srm://dc2-grid-64.brunel.ac.uk:8446/dpm/brunel.ac.uk/home/biomed/test gsiftp
gsiftp://dc2-grid-pool-a4-02.brunel.ac.uk/dc2-grid-pool-a4-02.brunel.ac.uk:/data2/dpmfs/biomed/2013-05-23/test.29428758.0
d4f44efc-b0c2-4ab2-ba0d-1c80f758e25b
-bash-3.2$ lcg-del -l srm://dc2-grid-64.brunel.ac.uk:8446/dpm/brunel.ac.uk/home/biomed/test
 

Making sure that GridFTP endpoint is accessible:


-bash-3.2$ uberftp dc2-grid-pool-a4-02.brunel.ac.uk "ls /dpm/brunel.ac.uk/home/biomed"


5. Go to http://www.globusonline.eu/

a) Create an account with your VO name e.g. biomed. (Note that usernames can include only letters and numbers and "_".)

b) Upload your ssh public key via globusonline.eu -> "manage identities"

c) Now you can manage your account using globusonline.eu client


-bash-3.2$ ssh biomed@cli.globusonline.eu "help"

d) Lets create the endpoint with the all needed information we have


-bash-3.2$ ssh biomed@cli.globusonline.eu "endpoint-add BRUNEL_UK -p gsiftp://dc2-grid-64.brunel.ac.uk:2811"
-bash-3.2$ ssh biomed@cli.globusonline.eu "endpoint-modify --public BRUNEL_UK"
-bash-3.2$ ssh biomed@cli.globusonline.eu "endpoint-modify --myproxy-server=px.grid.sara.nl BRUNEL_UK"
-bash-3.2$ ssh biomed@cli.globusonline.eu "endpoint-modify --default-directory=/dpm/brunel.ac.uk/home/biomed/ BRUNEL_UK"
-bash-3.2$ ssh biomed@cli.globusonline.eu "endpoint-list -v BRUNEL_UK"
Name                    : biomed#BRUNEL_UK
Host(s)                 : gsiftp://dc2-grid-64.brunel.ac.uk:2811
Subject(s)              : 
Target Endpoint         : n/a
Default Directory       : /dpm/brunel.ac.uk/home/biomed/
Force Encrypted Transfer: No
Disable Verify          : No
MyProxy Server          : px.grid.sara.nl
MyProxy DN              : n/a
MyProxy OAuth Server    : n/a
Credential Status       : EXPIRED
Credential Expires      : 
Credential Subject      : 


VO Members

1. Generating credentials.

Generate VOMS proxy:


-bash-3.2$ voms-proxy-init --voms biomed

Enter GRID pass phrase for this identity:
Contacting cclcgvomsli01.in2p3.fr:15000 [/O=GRID-FR/C=FR/O=CNRS/OU=CC-IN2P3/CN=cclcgvomsli01.in2p3.fr] "biomed"...
Remote VOMS server contacted succesfully.

Created proxy in /tmp/x509up_u507.

Your proxy is valid until Fri May 24 04:12:03 CEST 2013

Upload VOMS proxy to MyProxy.


-bash-3.2$ myproxy-init -s px.grid.sara.nl
Your identity: /O=dutchgrid/O=users/O=egi/CN=Karolis Eigelis
Enter GRID pass phrase for this identity:
Creating proxy ........................................................................ Done
Proxy Verify OK
Your proxy is valid until: Thu May 30 16:15:47 2013
Enter MyProxy pass phrase: <YOU NEW PASSWORD TO BE USED LATER AT GLOBUSONLINE>
Verifying - Enter MyProxy pass phrase: <YOU NEW PASSWORD TO BE USED LATER AT GLOBUSONLINE>
A proxy valid for 168 hours (7.0 days) for user karolis now exists on px.grid.sara.nl.

ATTENTION: The password you enter for MyProxy will be used to authenticate you via globusonline.eu and the user name is the one which is given by myproxy server, in this case - "karolis".


2. Go to to http://www.globusonline.eu/

a) Create account for yourself

b) Go to "Star Transfer"

c) Search for your VO name in the endpoint field e.g. biomed

Gobiomed.png


e) Click "Authenticate"

That is it. Now using Globus Online you can access Storage Element in EGI which is used also by SRM and FTS.

What you can do ?

  • Transfer files from your laptop using GlobusConnect client to SRM storage endpoint in EGI using GO.
  • Transfer files from SRM endpoint in EGI using GO to your laptop using GlobusConnect client.
  • Transfer files from one SRM endpoint in EGI to another SRM endpoint in EGI or to any other Infrastructure using GO and receive nice notifications by email


Additional materials

Tests have been carried out while creating this Cookbook: GO_testing