TWiki>
EMI Web>EmiProjectStructure>EmiProductTeams>StoRM>StoRMPTServiceReferenceCard (2013-01-15, unknown)
EditAttachPDF
EMI Web>EmiProjectStructure>EmiProductTeams>StoRM>StoRMPTServiceReferenceCard (2013-01-15, unknown) EditAttachPDFService Reference Card (EMI-3)
- Functional description:
- Services running:
- FE: (C/C++ application)
- BE: (Java application)
- GridHTTPS: (Java servlet)
- GridFTP: (C/C++ application)
- Init scripts and options:
- FE: /etc/init.d/storm-frontend-server {start|stop|status|restart}
- BE: /etc/init.d/storm-backend-server {start|stop|restart|force-reload|status}
- GridHTTPS: /etc/init.d/storm-gridhttps-server {start|stop|status}
- GridFTP: /etc/init.d/storm-globus-gridftp {start|stop|status|restart|condrestart|try-restart|reload|force-reload}
- Configuration files location with example:
- FE:
- Config directory: /etc/storm/frontend-server/
- Examples:
- storm-frontend-server.conf
- BE:
- Config directory: /etc/storm/backend-server/
- Examples:
- storm.properties
- logging.xml
- namespace.xml
- path-authz.db
- GridHTTPS:
- Config directory: /etc/storm/gridhttps-server/
- Examples:
- server.ini
- Config directory: /etc/storm/gridhttps-plugin/
- Examples:
- storm.gridhttps.plugin.properties
- GridFTP:
- Config directory: /etc/grid-security/
- Examples:
- gridftp.conf
- FE:
- Logfile locations (and management) and other useful audit information:
- FE:
- Logging directory: =/var/log/storm/
- Logging configuration: = /etc/storm/frontend-server/storm-frontend-server.conf
- log.debuglevel= [ERROR | WARN | INFO | DEBUG | DEBUG2]
- Logging configuration: = /etc/storm/frontend-server/monitoring.log
- monitoring.enabled = [true | false]
- monitoring.detailed = [true | false]
- monitoring.timeInterval = <number of seconds>
- BE:
- Logging directory: =/var/log/storm/
- Logging configuration: = /etc/storm/backend-server/logging.xml
-
< logger name="it.grid.storm"> <level value="[ERROR | WARN | INFO | DEBUG | TRACE]" /> </logger>
-
<logger name="it.grid.storm"> <level value="[ERROR | WARN | INFO | DEBUG | TRACE]" /> </logger>
-
<logger name="health"> <level value="[ERROR | WARN | INFO | DEBUG | TRACE]" /> </logger>
-
<logger name="bookkeeping"> <level value="[ERROR | WARN | INFO | DEBUG | TRACE]" /> </logger>
-
<logger name="system.out"> <level value="[ERROR | WARN | INFO | DEBUG | TRACE]" /> </logger>
-
<logger name="system.err"> <level value="[ERROR | WARN | INFO | DEBUG | TRACE]" /> </logger>
-
- GridHTTPS:
- Logging directory: =/var/log/storm/
- Logging configuration: = /etc/storm/gridhttps-server/logback.xml
-
<logger name="it.grid.storm" level="[FATAL | ERROR | WARN | INFO | DEBUG | TRACE]">
-
- GridFTP:
- Logging directory: =/var/log/storm/
- Logging configuration: = /etc/globus-gridftp-server/gridftp.gfork
- log_level = [ERROR | WARN | INFO | DUMP | ALL]
- FE:
- Open ports:
- FE:
- Service port:
*:8444
- Service port:
- BE:
- xmlrpc port:
localhost:8080 - restful admin service port:
localhost:9998 - Admin port:
localhost:4444
- xmlrpc port:
- GridHTTPS:
- Service http port:
localhost:8085 - Service https port:
localhost:8443
- Service http port:
- GridFTP:
- Service port:
localhost:2811
- Service port:
- FE:
- Possible unit test of the service:
- Where is service state held (and can it be rebuilt): The services (FE, BE, GridFTP, GridHHTTPS) are stateless.
- Cron jobs:
- Security information
- Access control mechanism (authentication & authorization):
- Authentication:
- SSL/TLS client authentication on the service ports
- Authorization:
- BE uses access control list to authorize actions on managed Storage Areas
- GridHTTPS behaves as a PEP (Policy Enforcement Point) using BE component ad PDP (Policy Decision Point) to authorize actions on files
- Authentication:
- How to block/ban a user
- To ban an user use ARGUS service and the chosen StoRM resource (default "storm")
- Network Usage
- Firewall configuration
- All the ports reported on Open ports section must be opend on the respective host
- Security recommendations
- Security incompatibilities
- List of externals (packages are NOT maintained by Red Hat)
- xmlrpc-c
- xmlrpc-c-devel
- xmlrpc-c-c++
- xmlrpc-c-client
- xmlrpc-c-client++
- Other security relevant comments
- Access control mechanism (authentication & authorization):
- Utility scripts:
- Location of reference documentation for users: Not applicable
- Location of reference documentation for administrators:
- General documentation:
EMI Web
News
Events
Procedures and Tools
Mailing Lists
Documents
Project Structure
Create New Topic
Index
Search
Changes
Statistics
- ABATBEA
- ACPP
- ADCgroup
- AEGIS
- AfricaMap
- AgileInfrastructure
- ALICE
- AliceEbyE
- AliceSPD
- AliceSSD
- AliceTOF
- AliFemto
- ALPHA
- Altair
- ArdaGrid
- ASACUSA
- AthenaFCalTBAna
- Atlas
- AtlasLBNL
- AXIALPET
- CAE
- CALICE
- CDS
- CENF
- CERNSearch
- CLIC
- Cloud
- CloudServices
- CMS
- Controls
- CTA
- CvmFS
- DB
- DefaultWeb
- DESgroup
- DPHEP
- DM-LHC
- DSSGroup
- EGEE
- EgeePtf
- ELFms
- EMI
- ETICS
- FIOgroup
- FlukaTeam
- Frontier
- Gaudi
- GeneratorServices
- GuidesInfo
- HardwareLabs
- HCC
- HEPIX
- ILCBDSColl
- ILCTPC
- IMWG
- Inspire
- IPv6
- IT
- ItCommTeam
- ITCoord
- ITdeptTechForum
- ITDRP
- ITGT
- ITSDC
- LAr
- LCG
- LCGAAWorkbook
- Leade
- LHCAccess
- LHCAtHome
- LHCb
- LHCgas
- LHCONE
- LHCOPN
- LinuxSupport
- Main
- Medipix
- Messaging
- MPGD
- NA49
- NA61
- NA62
- NTOF
- Openlab
- PDBService
- Persistency
- PESgroup
- Plugins
- PSAccess
- PSBUpgrade
- R2Eproject
- RCTF
- RD42
- RFCond12
- RFLowLevel
- ROXIE
- Sandbox
- SocialActivities
- SPI
- SRMDev
- SSM
- Student
- SuperComputing
- Support
- SwfCatalogue
- TMVA
- TOTEM
- TWiki
- UNOSAT
- Virtualization
- VOBox
- WITCH
- XTCA
 |
|
Copyright &© 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback