Line: 1 to 1 | ||||||||
---|---|---|---|---|---|---|---|---|
Added: | ||||||||
> > |
StoRM Installation & ConfigurationRepository SettingsHave a look to the section Repository Settings![]() Before starting the installation procedure remember to clean all yum cache and headers: yum clean all StoRM PrerequisitesHost certificate installation:Hosts participating to the StoRM-SE (FE, BE and GridFTP hosts) must be configured with X.509 certificates signed by a trusted Certification Authority (CA). Usually the hostcert.pem and hostkey.pem certificates are located in the /etc/grid-security/ directory, and they must have permission 0644 and 0400 respectively: Check existence[~]# ls -l /etc/grid-security/hostkey.pem -r-------- 1 root root 887 Mar 1 17:08 /etc/grid-security/hostkey.pem [~]# ls -l /etc/grid-security/hostcert.pem -rw-r--r-- 1 root root 1440 Mar 1 17:08 /etc/grid-security/hostcert.pemCheck expiration [~]# openssl x509 -in hostcert.pem -noout -datesChange permission: (if needed) [~]# chmod 0400 hostkey.pem [~]# chmod 0644 hostcert.pem ACL SUPPORTIf you are installing a new StoRM this check must be done, if you are updating your install or your storage has ACL you can step out to this issue. StoRM uses the ACLs on files and directories to implement the security model. Doing so, StoRM uses the native access to the file system. Therefore in order to ensure a proper running, ACLs need to be enabled on the underlying file system (sometime they are enabled by default) and work properly. Check ACL:[~]# touch test [~]# setfacl -m u:storm:rw testNote: the storm user used to set the ACL entry must exist. [~]# getfacl test # file: test # owner: root # group: root user::rw- user:storm:rw- group::r-- mask::rw- other::r-- [~]# rm -f testInstall ACL (eventually): If the getfacl and setfacl commands are not available on your host: [~]# yum install aclEnable ACL (if needed): To enable ACL, you must add the acl property to the relevant file system in your /etc/fstab file. For example: [~]# vi /etc/fstab ... /dev/hda3 /storage ext3 defaults, acl 1 2 ...Then you need to remount the affected partitions as follows: [~]# mount -o remount /storageThis is valid for different file system types (i.e., ext3, xfs, gpfs and others). EXTENDED ATTRIBUTE SUPPORTStoRM uses the Extended Attributes (EA) on files to store some metadata related to the file (e.g. the checksum value); therefore in order to ensure a proper running, the EA support needs to be enabled on the underlying file system and work properly. Note: Depending on OS kernel distribution, for Reiser3, ext2 and ext3 file systems, the default kernel configuration should not enable the EA. Check Extended Attribute Support :[~]# touch testfile [~]# setfattr -n user.testea -v test testfile [~]# getfattr -d testfile # file: testfile user.testea="test" [~]# rm -f testfileInstall attr (eventually): If the getfattr and setfattrl commands are not available on your host: [~]# yum install attrEnable EA (if needed): To set extended attributes, you must add the user_xattr property to the relevant file systems in your /etc/fstab file. For example: [~]# vi /etc/fstab ... /dev/hda3 /storage ext3 defaults,acl,user_xattr 1 2 ...Then you need to remount the affected partitions as follows: [~]# mount -o remount /storage CAs installation:
yum install ca-policy-egi-core Service installation
yum install emi-storm-backend-mp yum install emi-storm-frontend-mp yum install emi-storm-globus-gridftp-mp yum install emi-storm-gridhttps-mp Service ConfigurationTo proper configure the StoRM BackEnd and FrontEnd profiles you have to customize the ig-site-indo.def file with you site parameter: - ig-site-info.def![]() - ig-users.conf ![]() - ig-groups.conf ![]() YAIM Verification
/opt/glite/yaim/bin/yaim -v -s <site-info.def> -n se_storm_backend -n se_storm_frontendYou can find in this documentation: System Administrator Guide ![]() YAIM ConfigurationBefore configure pay attention: if you are installing a new StoRM in a new host go on, if you are updating StoRM to new release follow this documentation Storm Migration![]() "-d 6" ) to configure the services in order to have detailed information. For your convenience yo can save all the configuration information in a log file you can look at any time, separated from the yaimlog defulat one.
/opt/glite/yaim/bin/yaim -c -d 6 -s -n se_storm_backend -n se_storm_frontend 2>&1 | tee /root/conf_StroRM_BE_FE.`hostname -s`.`date`.logIMPORTANT NOTE The order of the profile is important and must be : -n se_storm_backend -n se_storm_frontend Service Testing - Reference CardAfter service installation to have a look if all were installed in a proper way, you could have a look to Service StoRM Reference Card![]() |