-
Nikolai Hartmann authoredNikolai Hartmann authored
xcache.singularity.def 5.68 KiB
#
# Author: Wei Yang (SLAC National Accelerator Laboratory / Stanford University, 2017)
#
Bootstrap: yum
OSVersion: 7
MirrorURL: http://mirror.centos.org/centos-%{OSVERSION}/%{OSVERSION}/os/$basearch/
Include: yum
%labels
Maintainer Wei.Yang
Version Xcache-4.7.1,rucioN2N-1.0
Purpose Xcache-for-RUCIO
%setup
mkdir -p $SINGULARITY_ROOTFS/etc/grid-security/certificates
mkdir -p $SINGULARITY_ROOTFS/etc/grid-security/vomsdir
# $GRIDSECURITY is a directory on container local build host
# GRIDSECURITY=/etc/grid-security
GRIDSECURITY="/cvmfs/oasis.opensciencegrid.org/mis/osg-wn-client/current/el7-x86_64/etc/grid-security"
if [ -d $GRIDSECURITY ]; then
cd $GRIDSECURITY
tar chf - certificates vomsdir | (cd $SINGULARITY_ROOTFS/etc/grid-security; tar xf -)
fi
%post
yum install -y curl gperftools hostname
curl -s -o /etc/yum.repos.d/xrootd-stable-slc7.repo http://www.xrootd.org/binaries/xrootd-stable-slc7.repo
curl -s -o /etc/pki/rpm-gpg/RPM-GPG-KEY-wlcg http://linuxsoft.cern.ch/wlcg/RPM-GPG-KEY-wlcg
curl -s -o /etc/yum.repos.d/wlcg-centos7.repo http://linuxsoft.cern.ch/wlcg/wlcg-centos7.repo
yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum install -y xrootd-server xrootd-client xrootd xrootd-debuginfo
yum install -y xrootd-rucioN2N-for-Xcache
yum install -y vomsxrd
yum install -y gdb
mkdir -p /data
echo "g /atlas / rl" > /etc/xrootd/auth_db
mkdir -p /etc/grid-security/xrd
touch /etc/grid-security/xrd/xrdcert.pem
touch /etc/grid-security/xrd/xrdkey.pem
touch /etc/xrootd/xcache.cfg /var/run/x509up
cat > /etc/xrootd/xcache.cfg.template <<EOF
# "redirector" should be full qualified DNS name (e.g. hostname -f)
set redirector = XCACHE_RDR
all.manager \$(redirector):1213
all.adminpath /data/xrd/var/spool/xrootd
all.pidpath /data/xrd/var/run/xrootd
oss.localroot /data/xrd/namespace
all.export /atlas/rucio stage r/o
all.export /root:/ stage r/o
all.export /xroot:/ stage r/o
if \$(redirector)
all.role manager
cms.delay startup 10
else if exec cmsd
all.role server
oss.statlib /usr/lib64/XrdName2NameDCP4RUCIO.so
else
oss.space meta /data/xrd/xrdcinfos
oss.space data /data/xrd/datafiles
all.role server
oss.path /atlas/rucio r/w
oss.path /root:/ r/w
oss.path /xroot:/ r/w
ofs.osslib /usr/lib64/libXrdPss.so
pss.cachelib /usr/lib64/libXrdFileCache.so
pss.config streams 128
pss.origin localfile:1094
pss.namelib -lfncache -lfn2pfn /usr/lib64/XrdName2NameDCP4RUCIO.so
pfc.ram XCACHE_RAMSIZE
pfc.diskusage XCACHE_SPACE_LO_MARK XCACHE_SPACE_HI_MARK
pfc.spaces data meta
pfc.blocksize 1M
pfc.prefetch 0
pfc.trace info
# Uncomment the following and bind mount to /etc/xrootd/xcache.cfg to request GSI security from client
#xrootd.seclib /usr/lib64/libXrdSec.so
#sec.protparm gsi -vomsfun:/usr/lib64/libXrdSecgsiVOMS.so -vomsfunparms:certfmt=raw|vos=atlas|grps=/atlas
#sec.protocol /usr/lib64 gsi -ca:1 -crl:3
#acc.authdb /etc/xrootd/auth_db
#acc.authrefresh 60
#ofs.authorize
fi
EOF
%runscript
# X509_USER_PROXY, X509_CERT_DIR, X509_VOMS_DIR do not have to be defined/provided
# if x509 user proxy is provided in a non-standard location (/tmp/x509up_u$(id -u)),
# then the proxy should be bind mounted: -B ${X509_USER_PROXY}:/var/run/x509up
unset X509_USER_PROXY
[ -s /var/run/x509up ] && export X509_USER_PROXY=/var/run/x509up
# if X509_CERT_DIR is not defined, or is inaccessible in the container, then we use
# the default location. Same for X509_VOMS_DIR.
# One can also bind mount:
# -B ${X509_CERT_DIR}:/etc/grid-security/certificates
# -B ${X509_VOMS_DIR}:/etc/grid-security/vomsdir
[ ! -z "$X509_CERT_DIR" ] && [ ! -d "$X509_CERT_DIR" ] && export X509_CERT_DIR=/etc/grid-security/certificates
[ ! -z "$X509_VOMS_DIR" ] && [ ! -d "$X509_VOMS_DIR" ] && export X509_VOMS_DIR=/etc/grid-security/vomsdir
mkdir -p /data/xrd/namespace /data/xrd/xrdcinfos /data/xrd/datafiles
mkdir -p /data/xrd/var/log /data/xrd/var/spool /data/xrd/var/run
runcmsd=0
if [ -z "$XCACHE_RDR" ]; then
XCACHE_RDR="www.google.com" # XCACHE_RDR must be defined
else
runcmsd=1
fi
if [ -z "$XCACHE_PFCRAM" ]; then
XCACHE_PFCRAM=$(free | tail -2 | head -1 | awk '{printf("%d", $NF/1024/1024/2)}')
[ $XCACHE_PFCRAM -lt 1 ] && XCACHE_PFCRAM=1
XCACHE_PFCRAM=${XCACHE_PFCRAM}g
fi
[ -z "$XCACHE_SPACE_LO_MARK" ] && XCACHE_SPACE_LO_MARK="0.75"
[ -z "$XCACHE_SPACE_HI_MARK" ] && XCACHE_SPACE_HI_MARK="0.85"
if [ -s /etc/xrootd/xcache.cfg ]; then
xcache_cfg=/etc/xrootd/xcache.cfg
else
xcache_cfg=/tmp/xcache.cfg
cat > $xcache_cfg <<EOF
# Xcache config file - this file is automatically generated
# Modification of this file will be lost.#
# To make a persistant change, modify and save to another file and then
# bind mount the new config file to /etc/xrootd/xcache.cfg
# Info about the system:
EOF
free | sed -e 's/^/\#\ /g' >> $xcache_cfg
echo "" >> $xcache_cfg
df -k /data | sed -e 's/^/\#\ /g' >> $xcache_cfg
echo "" >> $xcache_cfg
cat /etc/xrootd/xcache.cfg.template | sed -e "s/XCACHE_SPACE_LO_MARK/$XCACHE_SPACE_LO_MARK/g" | \
sed -e "s/XCACHE_SPACE_HI_MARK/$XCACHE_SPACE_HI_MARK/g" | \
sed -e "s/XCACHE_RAMSIZE/$XCACHE_PFCRAM/g" | \
sed -e "s/XCACHE_RDR/$XCACHE_RDR/g" >> $xcache_cfg
fi
#echo $X509_USER_PROXY $X509_CERT_DIR $X509_VOMS_DIR
export LD_PRELOAD=/usr/lib64/libtcmalloc.so
export TCMALLOC_RELEASE_RATE=10
export XRD_LOCALMETALINKFILE=1
/usr/bin/xrootd -b -c $xcache_cfg -l /data/xrd/var/log/xrootd.log -k hup
[ "$runcmsd" -eq 1 ] && /usr/bin/cmsd -b -c $xcache_cfg -l /data/xrd/var/log/cmsd.log -k 7