Pre-GDB Meeting

IT Auditorium (CERN)

IT Auditorium


Flavia Donno (CERN AND INFN)
Minutes of the GSSD face-to-face meeting: 5th June, 2007

Minutes by: Flavia Donno
We report here only the conclusions regarding VOMS ACLs, QUOTA and Monitoring. At the end of these minutes we also report some notes about the SRM v2.2 rollout planning in production.


Jean-Philippe Baud reported on the VOMS ACLs as implemented at the moment in DPM. They are based on virtual UIDs and GIDs which are created on the fly when a new DN appears to the system. In particular, UIDs are associated to DNs and GIDs are associated to VOMS groups/roles. Therefore, a user at a given time is associated to one internal DPM virtual UID and several virtual GIDs that define the user privileges. In DPM, VOMS ACLs can be set on directories and files. VOMS ACLs can be also set on pools (set of file systems). It was requested to be able to fall back on a default VO specific pool if a DN match (with the VOMS ACLs) could not be found or if the assigned pool is full. This should be a configurable option left to the site administrator to decide. Also, it should be possible to allow for negative ACLs.
The same functionalities guaranteed by DPM can be also made available by CASTOR. However, this feature is not expected before middle of 2008.
dCache implements similar functionalities that will be made available by the end of 2007.
StoRM allows for Just-in-Time (JIT) and for Ahead-of-time (AOT) ACLs. The JIT ACLs are automatically and dynamically created and deleted by the system when a request arrives and finishes respectively, consulting an external authorization service. Instead the AOT ACLs are created in advance or the first time a request for a given file/directory arrives. In StoRM a Storage Area corresponds to a directory. Therefore setting ACLs on a directory implies the same ACLs to be set in the Storage Area.
The question raised was if the model followed by the various SE implementations satisfies the use-cases and the requests by the experiments. Nick Brook from LHCb stated that LHCb is well in contact with Jean-Philippe and at the moment they feel OK with the proposed solution. We had no input from the other experiments.
Action: We proposed to come up with a small document that describes the functionalities made available by the current SE implementations and submit it to the experiments and site administrators for comments.


Jean-Philippe Baud presented his study for implementing QUOTA in DPM. Please, check the presentation in the agenda page. It was noted that here we do not have a common interface for allowing a VO manager to control quotas. We should therefore try to identify a possible common interface for the implementations. Also in this case a general document should be created and submitted for comments to the experiments and site administrators communities.
Action:During the July 2-3 Storage Workshop we would like to come to an agreement between experiments, developers and sites, about the functionality that can be made available in the medium and long term.


Giacinto Donvito from INFN-Bari presented the tool that has been developed in Italy to monitor SE activities (please, check presentation). The tool uses whatever interfaces are available for info retrieval and dCache billing files. For CASTOR log files are used instead, because of the absence of similar billing files. It was noted that it was not a good practice to use log files since their format can change and it is not standardized. It should be made clear there is a need for interfaces or billing files for monitoring purposes. The probes created by the people in Italy for monitoring will adhere to the standard for outputting the results proposed by the WLCG monitoring group.
However, a question raised by the dashboard people (Julia Andreeva) was how to gather all info collected by the probes and make them available to the dashboard.
Action: Giacinto and his group will investigate on how to aggregate the info and make it available to the experiments dashboard.
Action: Mirco is collecting comments on the document circulated some time ago containing a proposal on the metrics to monitor. Experiments and sites are invited to provide input.

SRM v2.2 Rollout plan

The experiments expressed their concerns on the usage of the PPS. It is not considered as an adequate platform to validate new middleware for various reasons. In particular, the test instances in PPS are quite small and not adequate for real tests. However, ATLAS and LHCb have agreed to put the PPS SRM v2.2 endpoints in their "production" chain tests.
It was noted that sites need to be notified well in advance about upgrades necessary for the experiments. On the other hand, experiments are not willing to request an upgrade without a good testing phase. Sites are also concerned about the level of support given during an upgrade.
Experiments are short in human resources to perform tests. It was stressed that for these tests experiments can rely on GSSD and EIS human resources. It was proposed as well that a test suite provided by the experiments can be run by CERN GSSD people to "validate" an installation.
Action: All these concerns need to be brought up at the GDB and MB level and find there a suitable way to proceed.
For the moment, the plan is to continue testing with the involvement of the experiments as foreseen. Test first dCache 1.8 sites and data transfers from CASTOR-2 @ CERN to SRM v2.2 at BNL, FZK and IN2P3 and data access patterns from various SRM v2.2 (dCache, DPM, StoRM). Include CASTOR SRM v2.2 as soon as ready.
