Difference between revisions of "Atlas:StorageRequirements"
| Ligne 10: | Ligne 10: | ||
* Unless mentioned, the size is for a typical T2 with ~500 CPUs and ~100 TB disk | * Unless mentioned, the size is for a typical T2 with ~500 CPUs and ~100 TB disk | ||
* Site admin's are requested to create at least the space tokens. The namespace directories can be left to atlas production if the top directory is properly set up so that <code>/atlas/Role=production</code> is allowed to execute dpns-mkdir and dpns-setacl remotely. (Of course they are welcome to create them by themselves). | * Site admin's are requested to create at least the space tokens. The namespace directories can be left to atlas production if the top directory is properly set up so that <code>/atlas/Role=production</code> is allowed to execute dpns-mkdir and dpns-setacl remotely. (Of course they are welcome to create them by themselves). | ||
| − | |||
* In general ''read'' permission should be given to all ATLAS users everywhere. | * In general ''read'' permission should be given to all ATLAS users everywhere. | ||
| − | * In general ''write'' permission should be given to /atlas/Role=production everywhere, so that the ATLAS central deletion tool can work. | + | * In general ''write'' permission should be given to <code>/atlas/Role=production</code> everywhere, so that the ATLAS central deletion tool can work. |
| + | * It is suggested at LAPP to give ''write'' permission to <code>atlas/Role=lcgadmin</code> everywhere, so that the ATLAS admin can control the storage. (less people in <code>Role=lcgadmin</code> than in than in <code>/atlas/Role=production</code>). Stephane will discuss this issue with ATLAS. | ||
== ATLAS top directory == | == ATLAS top directory == | ||
* On this page the top directory for ATLAS is represented by <code>.../atlas</code>. Each site should replace it according to their SE configuration. | * On this page the top directory for ATLAS is represented by <code>.../atlas</code>. Each site should replace it according to their SE configuration. | ||
| − | ** eg. | + | ** eg. <code>lapp-se01.in2p3.fr:/dpm/in2p3.fr/home/atlas</code> for lapp. |
* Although it is up to sites policies, but it is recommended | * Although it is up to sites policies, but it is recommended | ||
| − | ** to have this top directory configured so that only /atlas/Role=production and /atlas/Role=lcgadmin can create files/directories underneath and | + | ** to have this top directory configured so that only /atlas/Role=production and /atlas/Role=lcgadmin can create files/directories underneath and ordinary users cannot. |
| Ligne 37: | Ligne 37: | ||
| [[#ATLASDATADISK|see below*]] | | [[#ATLASDATADISK|see below*]] | ||
| .../atlas/atlasdatadisk | | .../atlas/atlasdatadisk | ||
| + | write permission only to atlas/Role=production | ||
|----- | |----- | ||
| [[#ATLASMCDISK|ATLASMCDISK]] | | [[#ATLASMCDISK|ATLASMCDISK]] | ||
| Ligne 52: | Ligne 53: | ||
| 6TB ([[#ATLASGROUPDISK|see below*]]) | | 6TB ([[#ATLASGROUPDISK|see below*]]) | ||
| .../atlas/atlasgroupdisk <br> write permission to atlas/Role=production | | .../atlas/atlasgroupdisk <br> write permission to atlas/Role=production | ||
| − | + | <br>.../atlas/atlasgroupdisk/$GROUP <br> write permission to atlas/Role=production and /atlas/$GROUP/Role=production | |
| − | <br><br>([[#ATLASGROUPDISK|see below*]]) | + | <br><br>($GROUP: [[#ATLASGROUPDISK|see below*]]) |
|----- | |----- | ||
| [[#ATLASUSERDISK|ATLASUSERDISK]] | | [[#ATLASUSERDISK|ATLASUSERDISK]] | ||
| /atlas | | /atlas | ||
| 5TB ([[#ATLASUSERDISK|see below*]]) | | 5TB ([[#ATLASUSERDISK|see below*]]) | ||
| − | | .../atlas/user <br> write permission to all ATLAS users | + | | '''.../atlas/user''' <br> write permission to all ATLAS users<br>write permission to /atlas/Role=production for central deletion |
| − | <br>write permission to /atlas/Role=production for central deletion | ||
|----- | |----- | ||
| [[#ATLASLOCALGROUPDISK|ATLASLOCALGROUPDISK]] | | [[#ATLASLOCALGROUPDISK|ATLASLOCALGROUPDISK]] | ||
| /atlas/<locality>, <locality>=fr,ro,cn,jp,... | | /atlas/<locality>, <locality>=fr,ro,cn,jp,... | ||
| sites to decide | | sites to decide | ||
| − | | .../atlas/<locality>/user <br> write permission to local ATLAS users | + | | '''.../atlas/<locality>/user''' <br> write permission to local ATLAS users |
|} | |} | ||
| Ligne 70: | Ligne 70: | ||
* Estimation of size comes later | * Estimation of size comes later | ||
* VOMS group associated with the space: /atlas/Role=production | * VOMS group associated with the space: /atlas/Role=production | ||
| − | * | + | * Namespace directory to be created: .../atlas/atlasdatadisk |
| − | ** Normally, sites already | + | ** Normally, sites have already this namespace created. |
| − | * | + | * Namespace ACL: writable by only atlas/Role=production, readable by all ATLAS users |
<pre> | <pre> | ||
# group: atlas/Role=production | # group: atlas/Role=production | ||
| Ligne 87: | Ligne 87: | ||
</pre> | </pre> | ||
| + | * A T3 will need ATLASDATADISK if it would like to receive real data, ATLASMCDISK to received simulated data, ATLASGROUPDISK to receive group analysis data, and ATLASPRODDISK to contribute official production. ATLASUSERDISK is not necessary, but may be needed if the site contributes non-local user analysis. | ||
| Ligne 93: | Ligne 94: | ||
** 60TB for a T2 requesting for 100% AOD. | ** 60TB for a T2 requesting for 100% AOD. | ||
** The size may increase in case D1PD comes in this space. | ** The size may increase in case D1PD comes in this space. | ||
| − | * | + | * VOMS group associated with the space: /atlas/Role=production |
| − | ** Normally, sites already | + | * Namespace directory to be created: <code>/atlas/atlasmcdisk</code> |
| − | * Namespace ACL: | + | ** Normally, sites have already this namespace created. |
| + | * Namespace ACL: writable by only atlas/Role=production, readable by all ATLAS users | ||
<ul><pre> | <ul><pre> | ||
# group: atlas/Role=production | # group: atlas/Role=production | ||
| Ligne 114: | Ligne 116: | ||
** scales with the CPU capacity of the site. | ** scales with the CPU capacity of the site. | ||
** will be larger if the reconstruction jobs run on the site. | ** will be larger if the reconstruction jobs run on the site. | ||
| − | * Namespace to be created | + | * VOMS group associated with the space: /atlas/Role=production |
| + | * Namespace directory to be created: .../atlas/atlasproddisk | ||
| + | * Namespace ACL: writable by only atlas/Role=production, readable by all ATLAS users | ||
<pre> | <pre> | ||
# group: atlas/Role=production | # group: atlas/Role=production | ||
| Ligne 132: | Ligne 136: | ||
* 6TB for a typical T2 with ~500 CPU?fs and ~100 TB disk | * 6TB for a typical T2 with ~500 CPU?fs and ~100 TB disk | ||
** The size may decrease in case D1PD goes into ATLASMCDISK. | ** The size may decrease in case D1PD goes into ATLASMCDISK. | ||
| + | * One single space to be reserved for all the group activities ($GROUP = phys-beauty, phys-exotics, phys-gener, phys-hi, phys-higgs, phys-lumin, phys-sm, phys-susy, phys-top, perf-egamma, perf-flavtag, perf-jets, perf-muons, perf-tau, etc.) | ||
* VOMS group associated with the space: /atlas | * VOMS group associated with the space: /atlas | ||
** A temporary solution until multiple group support to the spaces is available. | ** A temporary solution until multiple group support to the spaces is available. | ||
| − | ** Once it is available, the groups will be /atlas/Role=production and /atlas/$GROUP/Role=production | + | ** Once it is available, the groups will be /atlas/Role=production and /atlas/$GROUP/Role=production for all $GROUP |
| − | * | + | * Namespaces directory to be created and their ACLs: |
| − | ** .../atlas/atlasgroupdisk | + | ** .../atlas/atlasgroupdisk: writable by only atlas/Role=production, readable by all ATLAS users |
| − | ** .../atlas/atlasgroupdisk/$GROUP | + | ** .../atlas/atlasgroupdisk/$GROUP: writable by atlas/Role=production and /atlas/$GROUP/Role=production, readable by all ATLAS users |
** eg. for phys-higgs | ** eg. for phys-higgs | ||
<ul><pre> | <ul><pre> | ||
| Ligne 158: | Ligne 163: | ||
== ATLASUSERDISK == | == ATLASUSERDISK == | ||
* 5TB for a typical T2 with ~500 CPU?fs and ~100 TB disk | * 5TB for a typical T2 with ~500 CPU?fs and ~100 TB disk | ||
| − | * | + | * VOMS group associated with the space: /atlas |
| − | * ACL: | + | * Namespace directory to be created: .../atlas/user |
| − | * Normally, sites already | + | * Namespace ACL: writable by all ATLAS users |
| + | * Normally, sites have already this namespace created by user analysis jobs so far. | ||
* example commands | * example commands | ||
** <code>dpns-mkdir .../atlas/user</code> | ** <code>dpns-mkdir .../atlas/user</code> | ||
| Ligne 183: | Ligne 189: | ||
* size to be decided by sites. | * size to be decided by sites. | ||
** the resources not included in the pledge. | ** the resources not included in the pledge. | ||
| + | * VOMS group associated with the space: /atlas/fr (or /atlas/ro, /atlas/cn, /atlas/jp correspondingly) | ||
* name space: .../atlas/fr/user (or .../atlas/ro/user, .../atlas/cn/user, .../atlas/jp/user, etc.) | * name space: .../atlas/fr/user (or .../atlas/ro/user, .../atlas/cn/user, .../atlas/jp/user, etc.) | ||
* ACL: write permission only to /atlas/fr group (or /atlas/ro, /atlas/cn, /atlas/jp correspondingly) | * ACL: write permission only to /atlas/fr group (or /atlas/ro, /atlas/cn, /atlas/jp correspondingly) | ||
* example ACL: | * example ACL: | ||
<ul><pre> | <ul><pre> | ||
| − | # group: atlas/ | + | % DPNS_HOST=lapp-se01.in2p3.fr; dpns-getacl $DPNS_HOST:/dpm/in2p3.fr/home/atlas/atlaslocalgroupdisk |
| + | # file: lapp-se01.in2p3.fr:/dpm/in2p3.fr/home/atlas/atlaslocalgroupdisk | ||
| + | # owner: root | ||
| + | # group: atlas/Role=production | ||
user::rwx | user::rwx | ||
| − | group:: | + | group::r-x #effective:r-x |
| − | group:atlas/Role= | + | group:atlas/Role=lcgadmin:rwx #effective:rwx |
| − | group:atlas/fr:rwx | + | group:atlas/fr:rwx #effective:rwx |
mask::rwx | mask::rwx | ||
other::r-x | other::r-x | ||
default:user::rwx | default:user::rwx | ||
| − | default:group:: | + | default:group::rwx |
| − | default:group:atlas/Role= | + | default:group:atlas/Role=lcgadmin:rwx |
| + | default:group:atlas/fr:rwx | ||
default:mask::rwx | default:mask::rwx | ||
default:other::r-x | default:other::r-x | ||
</pre></ul> | </pre></ul> | ||
Version du 17:58, 7 juillet 2008
Sommaire
Introduction
- Information only for T2s (and T3s).
- ACL information only for DPM for the moment.
- Atlas official requirements in http://indico.cern.ch/materialDisplay.py?contribId=1&materialId=slides&confId=37181
- but contents are not final yet.
- The requirements for ATLASGROUPDISK is temporary due to a technical limitation in DPM. Atlas has contacted DPM developpers. The proper implementation is expected to be available in September.
- Unless mentioned, the size is for a typical T2 with ~500 CPUs and ~100 TB disk
- Site admin's are requested to create at least the space tokens. The namespace directories can be left to atlas production if the top directory is properly set up so that
/atlas/Role=productionis allowed to execute dpns-mkdir and dpns-setacl remotely. (Of course they are welcome to create them by themselves).
- In general read permission should be given to all ATLAS users everywhere.
- In general write permission should be given to
/atlas/Role=productioneverywhere, so that the ATLAS central deletion tool can work. - It is suggested at LAPP to give write permission to
atlas/Role=lcgadmineverywhere, so that the ATLAS admin can control the storage. (less people inRole=lcgadminthan in than in/atlas/Role=production). Stephane will discuss this issue with ATLAS.
ATLAS top directory
- On this page the top directory for ATLAS is represented by
.../atlas. Each site should replace it according to their SE configuration.- eg.
lapp-se01.in2p3.fr:/dpm/in2p3.fr/home/atlasfor lapp.
- eg.
- Although it is up to sites policies, but it is recommended
- to have this top directory configured so that only /atlas/Role=production and /atlas/Role=lcgadmin can create files/directories underneath and ordinary users cannot.
Summary table for Space token and Name space
| space token | voms group to be associated | space to be reserved | namespace directory(-ies) to be created |
| ATLASDATADISK | /atlas/Role=production | see below* | .../atlas/atlasdatadisk
write permission only to atlas/Role=production |
| ATLASMCDISK | /atlas/Role=production | 15TB (60TB for 100% AOD) see below* |
.../atlas/atlasmcdisk write permission only to atlas/Role=production |
| ATLASPRODDISK | /atlas/Role=production | 2TB (see below*) | .../atlas/atlasproddisk write permission only to atlas/Role=production |
| ATLASGROUPDISK | /atlas (only temporary. see below*) | 6TB (see below*) | .../atlas/atlasgroupdisk write permission to atlas/Role=production
|
| ATLASUSERDISK | /atlas | 5TB (see below*) | .../atlas/user write permission to all ATLAS users write permission to /atlas/Role=production for central deletion |
| ATLASLOCALGROUPDISK | /atlas/<locality>, <locality>=fr,ro,cn,jp,... | sites to decide | .../atlas/<locality>/user write permission to local ATLAS users |
ATLASDATADISK
- Estimation of size comes later
- VOMS group associated with the space: /atlas/Role=production
- Namespace directory to be created: .../atlas/atlasdatadisk
- Normally, sites have already this namespace created.
- Namespace ACL: writable by only atlas/Role=production, readable by all ATLAS users
# group: atlas/Role=production user::rwx group::rwx #effective:rwx group:atlas/Role=production:rwx #effective:rwx mask::rwx other::r-x default:user::rwx default:group::rwx default:group:atlas/Role=production:rwx default:mask::rwx default:other::r-x
- A T3 will need ATLASDATADISK if it would like to receive real data, ATLASMCDISK to received simulated data, ATLASGROUPDISK to receive group analysis data, and ATLASPRODDISK to contribute official production. ATLASUSERDISK is not necessary, but may be needed if the site contributes non-local user analysis.
ATLASMCDISK
- 15TB for a typical T2 with ~500 CPU?fs and ~100 TB disk
- 60TB for a T2 requesting for 100% AOD.
- The size may increase in case D1PD comes in this space.
- VOMS group associated with the space: /atlas/Role=production
- Namespace directory to be created:
/atlas/atlasmcdisk- Normally, sites have already this namespace created.
- Namespace ACL: writable by only atlas/Role=production, readable by all ATLAS users
# group: atlas/Role=production user::rwx group::rwx #effective:r-x group:atlas/Role=production:rwx #effective:rwx mask::rwx other::r-x default:user::rwx default:group::rwx default:group:atlas/Role=production:rwx default:mask::rwx default:other::r-x
ATLASPRODDISK
- 2TB for a typical T2 with ~500 CPU?fs (the size is to be re-visited)
- scales with the CPU capacity of the site.
- will be larger if the reconstruction jobs run on the site.
- VOMS group associated with the space: /atlas/Role=production
- Namespace directory to be created: .../atlas/atlasproddisk
- Namespace ACL: writable by only atlas/Role=production, readable by all ATLAS users
# group: atlas/Role=production user::rwx group::rwx #effective:rwx group:atlas/Role=production:rwx #effective:rwx mask::rwx other::r-x default:user::rwx default:group::rwx default:group:atlas/Role=production:rwx default:mask::rwx default:other::r-x
ATLASGROUPDISK
- 6TB for a typical T2 with ~500 CPU?fs and ~100 TB disk
- The size may decrease in case D1PD goes into ATLASMCDISK.
- One single space to be reserved for all the group activities ($GROUP = phys-beauty, phys-exotics, phys-gener, phys-hi, phys-higgs, phys-lumin, phys-sm, phys-susy, phys-top, perf-egamma, perf-flavtag, perf-jets, perf-muons, perf-tau, etc.)
- VOMS group associated with the space: /atlas
- A temporary solution until multiple group support to the spaces is available.
- Once it is available, the groups will be /atlas/Role=production and /atlas/$GROUP/Role=production for all $GROUP
- Namespaces directory to be created and their ACLs:
- .../atlas/atlasgroupdisk: writable by only atlas/Role=production, readable by all ATLAS users
- .../atlas/atlasgroupdisk/$GROUP: writable by atlas/Role=production and /atlas/$GROUP/Role=production, readable by all ATLAS users
- eg. for phys-higgs
# group: atlas/Role=production user::rwx group::rwx #effective:rwx group:atlas/Role=production:rwx #effective:rwx group:atlas/phys-higgs/Role=production:rwx #effective:rwx mask::rwx other::r-x default:user::rwx default:group::rwx default:group:atlas/Role=production:rwx default:group:atlas/phys-higgs/Role=production:rwx default:mask::rwx default:other::r-x </ul>
ATLASUSERDISK
- 5TB for a typical T2 with ~500 CPU?fs and ~100 TB disk
- VOMS group associated with the space: /atlas
- Namespace directory to be created: .../atlas/user
- Namespace ACL: writable by all ATLAS users
- Normally, sites have already this namespace created by user analysis jobs so far.
- example commands
dpns-mkdir .../atlas/userdpns-setacl -m g:atlas:rwx,m:rwx,d:g:atlas:r-x .../atlas/userdpns-getacl .../atlas/user
# group: atlas user::rwx group::rwx #effective:rwx group:atlas/Role=production:rwx #effective:rwx mask::rwx other::r-x default:user::rwx default:group::r-x default:group:atlas/Role=production:rwx default:mask::rwx default:other::r-x
ATLASLOCALGROUPDISK
- size to be decided by sites.
- the resources not included in the pledge.
- VOMS group associated with the space: /atlas/fr (or /atlas/ro, /atlas/cn, /atlas/jp correspondingly)
- name space: .../atlas/fr/user (or .../atlas/ro/user, .../atlas/cn/user, .../atlas/jp/user, etc.)
- ACL: write permission only to /atlas/fr group (or /atlas/ro, /atlas/cn, /atlas/jp correspondingly)
- example ACL:
% DPNS_HOST=lapp-se01.in2p3.fr; dpns-getacl $DPNS_HOST:/dpm/in2p3.fr/home/atlas/atlaslocalgroupdisk # file: lapp-se01.in2p3.fr:/dpm/in2p3.fr/home/atlas/atlaslocalgroupdisk # owner: root # group: atlas/Role=production user::rwx group::r-x #effective:r-x group:atlas/Role=lcgadmin:rwx #effective:rwx group:atlas/fr:rwx #effective:rwx mask::rwx other::r-x default:user::rwx default:group::rwx default:group:atlas/Role=lcgadmin:rwx default:group:atlas/fr:rwx default:mask::rwx default:other::r-x
