StoRM puppet module
Table of Contents:
Description
StoRM Puppet module allows administrators to configure StoRM services deployed on CentOS 7.
The supported services are:
-
StoRM Backend
-
StoRM Frontend
-
StoRM WebDAV
-
StoRM Globus GridFTP
Setup
StoRM Puppet module is available on puppet forge:
puppet module install cnafsd-storm
You can also build and install module from source code as follow:
git clone https://github.com/italiangrid/storm-puppet-module.git
cd storm-puppet-module
pdk build
puppet module install ./pkg/cnafsd-storm-*.tar.gz
Usage
This Puppet module allows site administrators to properly configure StoRM services on CentOS 7 platform. This module provides some classes related to the main components and also some utility classes those can be used to configure StoRM repositories, StoRM users, VO pool accounts, LCMAPS and storage directories.
Component classes:
Utility classes:
StoRM Backend class
Prerequisites: A MySQL or MariaDB server with StoRM databases must exist. Databases can be empty. If you want to use this module to install MySQL client and server and init databases, please read about StoRM database utility class.
The Backend class installs storm-backend-server
and all its related packages, such as storm-native-libs
, storm-native-libs-gpfs
in case GPFS is used as filesystem and storm-dynamic-info-provider
.
The Backend class configures storm-backend-server
service by managing the following files:
-
/etc/storm/backend-server/storm.properties
-
/etc/storm/backend-server/namespace.xml
-
/etc/systemd/system/storm-backend-server.service.d/storm-backend-server.conf
-
/etc/systemd/system/storm-backend-server.service.d/filelimit.conf
and deploys StoRM databases. In addiction, this class configures and run storm-info-provider
by managing the following file:
-
/etc/storm/info-provider/storm-yaim-variables.conf
.
The whole list of StoRM Backend class parameters can be found here.
Example of StoRM Backend configuration:
class { 'storm::backend':
db_password => 'secret-password',
transfer_protocols => ['file', 'gsiftp', 'webdav'],
xmlrpc_security_token => 'secret-token',
srm_pool_members => [
{
'hostname' => 'frontend-public-host.example',
},
{
'hostname' => 'other-frontend-host.example',
}
],
gsiftp_pool_members => [
{
'hostname' => 'gridftp-01.example',
},
{
'hostname' => 'gridftp-02.example',
}
],
webdav_pool_members => [
{
'hostname' => webdav-01.example,
},
{
'hostname' => webdav-02.example,
}
],
storage_areas => [
{
'name' => 'dteam-disk',
'root_path' => '/storage/disk',
'access_points' => ['/disk'],
'vos' => ['dteam'],
'online_size' => 40,
},
{
'name' => 'dteam-tape',
'root_path' => '/storage/tape',
'access_points' => ['/tape'],
'vos' => ['dteam'],
'online_size' => 40,
'nearline_size' => 80,
'fs_type' => 'gpfs',
'storage_class' => 'T1D0',
},
],
}
Starting from Puppet module v2.0.0, the management of Storage Site Report has been improved. Site administrators can add script and cron described in the how-to using a defined type storm::backend::storage_site_report
. For example:
storm::backend::storage_site_report { 'storage-site-report':
report_path => '/storage/info/report.json', # the internal storage area path
minute => '*/20', # set cron's minute
}
Enable HTTP as transfer protocol for SRM
To enable HTTP as transfer protocol for SRM prepare-to-get and prepare-to-put requests, you must add webdav
protocol to the list of your transfer_protocols and define at least one member for webdav_pool_members. You can re-define the default list of transfer protocols by adding your storm::backend::transfer_protocols variable and/or you can override this list by adding a specific transfer_protocols for each storage area:
class { 'storm::backend':
# ...
'webdav_pool_members' => [
{
'hostname' => webdav.test.example,
},
],
# defines the default list of transfer protocols for each storage area:
'transfer_protocols' => ['file', 'gsiftp', 'webdav'],
'storage_areas' => [
{
'name' => 'sa-http-enabled',
'root_path' => '/storage/sa-http-enabled',
'access_points' => ['/sa-http-enabled'],
'vos' => ['test.vo'],
'online_size' => 40,
},
{
'name' => 'sa-no-http-enabled',
'root_path' => '/storage/sa-no-http-enabled',
'access_points' => ['/sa-no-http-enabled'],
'vos' => ['test.vo'],
'online_size' => 40,
# disable webdav protocol for this storage area
'transfer_protocols' => ['file', 'gsiftp'],
},
# ...
],
# ...
}
The manifest.pp showed above includes the HTTP transfer protocol for all the storage area defined. By default, storm::backend::transfer_protocols includes only file
and gsiftp
.
StoRM Frontend class
The StoRM Frontend class installs storm-frontend-mp
and all the releated packages and configures storm-frontend-server
service by managing the following files:
-
/etc/storm/frontend-server/storm-frontend-server.conf
-
/etc/sysconfig/storm-frontend-server
The whole list of StoRM Frontend class parameters can be found here.
Example of StoRM Frontend configuration:
class { 'storm::frontend':
be_xmlrpc_host => 'backend.test.example',
be_xmlrpc_token => 'NS4kYAZuR65XJCq',
db_host => 'backend.test.example',
db_user => 'storm',
db_passwd => 'secret-password',
}
StoRM WebDAV class
The StoRM WebDAV class installs storm-webdav
rpm and configures storm-webdav
service by managing the following files:
-
the systemd override files
filelimit.conf
andstorm-webdav.conf
stored into/etc/systemd/system/storm-webdav.service.d
; -
the storage areas property files stored into
/etc/storm/webdav/sa.d
(optional);
The whole list of StoRM Webdav class parameters can be found here.
Example of StoRM WebDAV configuration:
class { 'storm::webdav':
storage_areas => [
{
name => 'test.vo',
root_path => '/storage/test.vo',
access_points => ['/test.vo'],
vos => ['test.vo'],
},
{
name => 'test.vo.2',
root_path => '/storage/test.vo.2',
access_points => ['/test.vo.2', '/alias'],
vos => ['test.vo.2'],
authenticated_read_enabled => true,
},
],
hostnames => ['storm-webdav.test.example', 'alias-for-storm-webdav.test.example'],
}
Storage Areas can also be configured singularly by using the defined type storm::webdav::storage_area_file
. This strategy allows site administrators to keep their manifests unaware of the improvements on StoRM WebDAV code. For example, if a new property is added into Storage Area configuration files, you haven't to update your Puppet module and all the service configuration will continue working.
Example of Storage Areas configuration done with storm::webdav::storage_area_file
:
class { 'storm::webdav':
hostnames => ['storm-webdav.test.example', 'alias-for-storm-webdav.test.example'],
}
storm::webdav::storage_area_file { 'test.vo.properties':
source => '/path/to/my/test.vo.properties',
}
storm::webdav::storage_area_file { 'test.vo.2.properties':
source => '/path/to/my/test.vo.2.properties',
}
Starting from Puppet module v2.0.0, the management of application.yml file has been removed from storm::webdav class. Site administrators can edit their own configuration files or use a defined type storm::webdav::application_file
to inject also one or more YAML files into the proper directory. For example:
class { 'storm::webdav':
jvm_opts => '-Xms1024m -Xmx1024m -Dspring.profiles.active=extra',
}
storm::webdav::application_file { 'application.yml':
source => '/path/to/my/application.yml',
}
storm::webdav::application_file { 'application-extra.yml':
source => '/path/to/my/application-extra.yml',
}
StoRM GridFTP class
The StoRM GridFTP class installs storm-globus-gridftp-mp
and configures storm-globus-gridftp
service by managing the following files:
-
/etc/grid-security/gridftp.conf
, the main configuration file; -
/etc/sysconfig/storm-globus-gridftp
, with the environment variables.
The whole list of StoRM GridFTP class parameters can be found here.
Examples of StoRM Gridftp configuration:
class { 'storm::gridftp':
redirect_lcmaps_log => true,
llgt_log_file => '/var/log/storm/storm-gridftp-lcmaps.log',
}
StoRM database class
The StoRM database utility class installs mariadb
server and releated rpms and configures mysql
service by managing the following files:
-
/etc/my.cnf.d/server.cnf
; -
/etc/systemd/system/mariadb.service.d/limits.conf
.
The whole list of StoRM Database class parameters can be found here.
Examples of StoRM Database usage:
class { 'storm::db':
root_password => 'supersupersecretword',
storm_password => 'supersecretword',
}
StoRM repo class
The StoRM repo utility class creates all the StoRM YUM repositories: stable, beta, nightly. By default, only stable repo is enabled. You can also add extra repositories to install.
The whole list of StoRM repo class parameters can be found here.
Examples of StoRM Repo usage:
class { 'storm::repo':
enabled => ['stable', 'beta'],
}
StoRM users class
The StoRM users utility class creates the default StoRM users and groups.
Use:
include storm::users
to create default scenario:
-
storm
group with id 1100 -
edguser
group with id 1101 -
storm
user with id 1100, member ofstorm
andedguser
groups -
edguser
user with id 1101, member ofedguser
andstorm
groups
You can also customize and create your own users and groups as follow:
class { 'storm::users':
groups => {
infosys => {
gid => '996',
},
},
users => {
edguser => {
comment => 'Edguser user',
groups => [ edguser, infosys, storm, ],
uid => '995',
gid => '995',
home => '/home/edguser',
},
storm => {
comment => 'StoRM user',
groups => [ storm, edguser, ],
uid => '991',
gid => '991',
home => '/home/storm',
},
},
}
The whole list of StoRM repo class parameters can be found here.
Documentation
You can find all the info about module classes and parameters at:
Developers
Run tests with:
pdk test unit
Validate code with:
pdk validate
Limitations
It works only on RedHat CentOS 7 distribution.