Index / Installation Prerequisites

Installation Prerequisites  

The following sections lists some required packages or necessary configurations that has to be checked or done before installing StoRM components.

Platform  

All the StoRM components are certified to work on:

  • CentOS 6
  • CentOS 7

There are no specific minimum hardware requirements but it is advisable to have at least 4GB of RAM on Backend host.

NTP service  

NTP service must be installed.

yum install ntp
systemctl enable ntpd
systemctl start ntpd
yum install ntp
chkconfig ntpd on
service ntpd start

You can also use a Puppet module to install and configure NTP service. Install the NTP Puppet module:

puppet module install puppetlabs-ntp

And apply the following manifest.pp:

include ntp

FQDN Hostname  

Hostname must be a Fully Qualified Domain Name (FQDN).

To check if your hostname is a FQDN, run:

hostname -f

The command must return the host FQDN.

If you need to correct it and you are using bind or NIS for host lookups, you can change the FQDN and the DNS domain name, which is part of the FQDN, in the /etc/hosts file.

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1       MYHOSTNAME.MYDOMAIN MYHOSTNAME localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6

Set your own MYHOSTNAME and MYDOMAIN and restart the network service:

service network restart

Host credentials  

Hosts participating to the StoRM-SE which run services such as StoRM Frontend, StoRM Backend, StoRM WebDAV or StoRM Globus GridFTP must be configured with X.509 certificates signed by a trusted Certification Authority (CA).

Usually, the hostcert.pem and hostkey.pem certificate and private key are located in the /etc/grid-security directory. They must have permission 0644 and 0400 respectively:

ls -l /etc/grid-security/hostkey.pem
-r-------- 1 root root 887 Mar  1 17:08 /etc/grid-security/hostkey.pem

ls -l /etc/grid-security/hostcert.pem
-rw-r--r-- 1 root root 1440 Mar  1 17:08 /etc/grid-security/hostcert.pem

Check if your certificate is expired as follow:

openssl x509 -checkend 0 -in /etc/grid-security/hostcert.pem

To change permissions, if necessary:

chmod 0400 /etc/grid-security/hostkey.pem
chmod 0644 /etc/grid-security/hostcert.pem

ACL support  

StoRM uses the ACLs on files and directories to implement the security model. In so doing, StoRM uses the native access to the file system. Therefore in order to ensure a proper running, ACLs need to be enabled on the underlying file-system (sometimes they are enabled by default) and work properly.

If the getfacl and setfacl commands are not available on your host you have to install acl package:

yum install acl

To check if all works properly, try to set an acl to a test file as follow:

touch test
setfacl -m u:storm:rw test

Note: storm user must exist.

getfacl test

Should return the following values:

# file: test
# owner: root
# group: root
user::rw-
user:storm:rw-
group::r--
mask::rw-
other::r--

To enable ACLs (if needed), you must add the acl property to the relevant file system in your /etc/fstab file. For example:

/dev/hda3     /storage      ext3     defaults, acl     1 2

Then you need to remount the affected partitions as follows:

mount -o remount /storage

This is valid for different file system types (i.e., ext3, xfs, gpfs and others).

Extended Attribute support  

StoRM uses the Extended Attributes (EA) on files to store some metadata related to the file (e.g. the checksum value); therefore in order to ensure a proper running, the EA support needs to be enabled on the underlying file system and work properly.

If the getfattr and setfattrl commands are not available on your host, install attr package:

yum install attr

To check if all properly works, try to set an extendend attribute to a test file:

touch testfile
setfattr -n user.testea -v test testfile
getfattr -d testfile

It should return:

# file: testfile
user.testea="test"

To enable EA (if needed) you must add the user_xattr property to the relevant file systems in your /etc/fstab file. For example:

/dev/hda3     /storage     ext3     defaults,acl,user_xattr     1 2

Then you need to remount the affected partitions as follows:

mount -o remount /storage

Index / Installation Prerequisites