WLCG DOMA BDT Meeting

Name: WLCG DOMA BDT Meeting
Start: 2022-03-16T16:30:00+01:00
End: 2022-03-16T17:30:00+01:00
Location: No location set

Wednesday 16 Mar 2022, 16:30 → 17:30 Europe/Zurich

Brian Paul Bockelman (University of Wisconsin Madison (US)), Maria Arsuaga Rios (CERN), Petr Vokac (Czech Technical University in Prague (CZ))

Description

Topic: WLCG DOMA BDT Meeting

- 16:30 → 16:35
  Hot topics 5m
  New FTS devel version deployed on fts3-public.cern.ch supports per link protocol preference configuration RQF1986690
  
  useful for individual SRM+protocol on FTS instance shared by multiple VOs
  
  configuration details not available in FTS web interface
  
  it'll be released in FTS 3.12 FTS-1768
  
  gfal2 2.20.5 released in EPEL with built-in SE-token support
  
  SE-tokens enabled by default for all operations (RETRIEVE_BEARER_TOKEN=true)
  
  gfal-rename fails with DPM < 1.15.2
  
  HTTP-TPC can be finally easily done (tested) from CLI
  
  necessary for SRM+https (official FTS / DMC repo already provided 2.20.x version for quite some time)
  
  new DPM release 1.15.2 (EPEL testing, but should reach stable within a week)
  
  supports MOVE operation with SE-tokens (used during `rucio upload`)
  
  comes with DPM to dCache migration tools
  
  dCache 6.2.41, 7.2.11 and 8.0.1 comes with improved WLCG SRR support
  
  frontend.srr.public=true (documentation)
- 16:35 → 16:50
  Token Authorization testbed 15m
  
  Speaker: Francesco Giacomini (INFN CNAF)
  compliance testbed
  
  wlcg.groups in the token are now sufficient to authorize storage access (issue#21)
  
  no storage.* scope necessary
  
  compliance tests updated
  
  2 related dCache compliance tests now fails
  
  no agreement yet on different 401 vs. 403 error codes
  
  xroot protocol with TLS and tokens
  
  should work fine for two party copy
  
  not completely clear if we have compatible third party implementation
  
  passing tokens from xrdcp command
  
  two different auth mechanisms - token & ZTN
  
  dCache has to implement ZTN fallback to be fully compatible with XRootD
  
  there may still be changes how xroot client deals with tokens
- 16:50 → 17:05
  
  Tape REST access 15m
  
  Speaker: Cedric Caffy (CERN)
  
  Work in progress on final TAPE REST API documentation.
- 17:05 → 17:20
  Packet marking 15m
  
  Speakers: Marian Babik (CERN), Shawn Mc Kee (University of Michigan (US))
  
  Flow and Packet Marking Technical Specification
  XRootD implementation sends firefly only to central collector and not to the real destination using same network path as transferred data
  
  useful to test collector and may be to start with some basic monitoring interface
  
  not very useful when it comes to probes that capture passing firefly packets
  
  very limited functionality - current implementation not really for wider deployment
  
  passing experiment activity is tricky and needs to be implemented
  
  for HTTP-TPC (HTTP COPY operation) it might be useful to use TransferHeader prefix, because these headers (with stripped TransferHeader prefix) are passed also to passive party
  
  TransferFlowExp -> TransferHeaderFlowExp (passive party gets FlowExp header)
  
  TransferFlowAct -> TransferHeaderFrowAct (passive party gets FlowAct header)
  
  experiments should provides list of activities they consider useful for packet marking
- 17:20 → 17:30
  
  AOB 10m