EMI Registry Service Endpoint Record Publisher (EMIR-SERP) Service Reference Card

Functional Description

The EMIR-SERP is a daemon that allows the administrators to automatically and periodically register their services into the EMI Registry that weren't prepared for that. Hopefully after a while this tool is getting to be unnecessary but for the transition time this feature seems to essential to enable these service for the UMD infrastructure.

Daemons Running

The product itself is the emir-serp daemon that running in the background and performing it's job by registering the services.

Init Scripts And Options (start|stop|restart|...)

The corresponding init script can be found on its standard place: /etc/init.d/emir-serp

The available options are the common ones: start - to start the daemon stop - to stop the daemon restart - to restart (by stopping and starting) the daemon

Configuration Files Location With Example Or Template

The configuration can be found basically in one file that default location is /etc/emi/emir-serp/emir-serp.ini.

This file contains every configuration options that can be the emir-serp daemon control by, like service url, logging verbosity, credential location, etc.

The advanced service entries to be propagated can be described in separated configuration files preferably also under this directory and use to have .json extension.

Log File Locations (And Management) And Other Useful Audit Information

The default log files can be located by default inside logs folder under /var/log/emi/emir-serp. This location is also a configurable option.

Open Ports

The daemon just build sockets to remote servers and do not accept remote connections, but performs intensive communication to the other directions so the ports of the configured remote services (54321 by default) of outgoing connections and the support of established connections is a must.

Possible Unit Test Of The Service

No Unit Tests are available.

Where Is Service State Held (And Can It Be Rebuilt)

There is no state held. Every such kind of information are coming from the configuration.

CRON Jobs

No CRON Jobs needed.

Security Information

Access Control Mechanism Description

This is a client, not a service. No remote access is allowed.

How To Block/Ban A User

There is no point of this section.

Network Usage

The daemon periodically connects to the remote service and send a small amount of data via a TCP channel. The period can be configured.

Firewall Configuration

The daemon performs communication to the service configured to register to so the ports of the configured remote services (54321 by default) of outgoing connections and the support of established connections is a must.

Security Recommendations

Preferably not execute with root rights.

Security Incompatibilities

There are no known limitations.

List Of External Packages That Are Not Maintained By The Supported OS

No such external dependencies are. The only dependency is (python 2.4.3, python-ldap and python-simplejson) that is supported by the OS itself.

Utility Scripts

No related utility scripts.

-- IvanMarton - 22-Nov-2011