Difference between revisions of "Swestore-irods"

From SNIC Documentation
Jump to: navigation, search
m (iRODS)
m
Line 14: Line 14:
 
storage systems.
 
storage systems.
  
== dCache ==
 
 
Swestore dCache is distributed across the SNIC centres [http://www.c3se.chalmers.se/ C3SE], [http://www.hpc2n.umu.se/ HPC2N], [http://www.lunarc.lu.se/ Lunarc],
 
Swestore dCache is distributed across the SNIC centres [http://www.c3se.chalmers.se/ C3SE], [http://www.hpc2n.umu.se/ HPC2N], [http://www.lunarc.lu.se/ Lunarc],
 
[http://www.nsc.liu.se/ NSC], [http://www.pdc.kth.se PDC] and [http://www.uppmax.uu.se Uppmax].
 
[http://www.nsc.liu.se/ NSC], [http://www.pdc.kth.se PDC] and [http://www.uppmax.uu.se Uppmax].
  
 
Data is stored in two copies with each copy at a different SNIC centre. This enables the system to cope with a multitude of issues ranging from a simple
 
Data is stored in two copies with each copy at a different SNIC centre. This enables the system to cope with a multitude of issues ranging from a simple
crash of a storage element to losing an entire site while stil providing access to the stored data. To protect against silent data corruption the
+
crash of a storage element to losing an entire site while stil providing access to the stored data.  
 +
 
 +
 
 +
== dCache ==
 +
To protect against silent data corruption the
 
dCache storage system checksums all stored data and periodically verifies the data using this checksum.
 
dCache storage system checksums all stored data and periodically verifies the data using this checksum.
  
Line 36: Line 39:
 
: Hypertext Transfer Protocol (read-only), Web Distributed Authoring and Versioning - http://webdav.swestore.se/ (unauthenticated), https://webdav.swestore.se/
 
: Hypertext Transfer Protocol (read-only), Web Distributed Authoring and Versioning - http://webdav.swestore.se/ (unauthenticated), https://webdav.swestore.se/
 
: NFS4.1
 
: NFS4.1
: iRODS with yubikey as authentication
 
  
 
For authentication eScience certificates are used, which provides a higher level of security than legacy username/password schemes.
 
For authentication eScience certificates are used, which provides a higher level of security than legacy username/password schemes.

Revision as of 08:41, 31 October 2013


This is not official yet

SNIC is building a storage infrastructure to complement the computational resources.

Many forms of automated measurements can produce large amounts of data. In scientific areas such as high energy physics (the Large Hadron Collider at CERN), climate modeling, bioinformatics, bioimaging etc., the demands for storage are increasing dramatically. To serve these and other user communities, SNIC has appointed a working group to design a storage strategy, taking into account the needs on many levels and creating a unified storage infrastructure, which is now being implemented.

Swestore is in collaboration with ECDS, SND, Bioimage Sweden, BILS, UPPNEX,WLCG, NaturHistoriska RiksMuseet.

National storage

The Swestore Nationally Accessible Storage, commonly called just Swestore, is a robust, flexible and expandable long term storage system aimed at storing large amounts of data produced by various Swedish research projects. It is based on the dCache and iRODS storage systems.

Swestore dCache is distributed across the SNIC centres C3SE, HPC2N, Lunarc, NSC, PDC and Uppmax.

Data is stored in two copies with each copy at a different SNIC centre. This enables the system to cope with a multitude of issues ranging from a simple crash of a storage element to losing an entire site while stil providing access to the stored data.


dCache

To protect against silent data corruption the dCache storage system checksums all stored data and periodically verifies the data using this checksum.

The system does NOT yet provide protection against user errors like inadvertent file deletions and so on.

One of the major advantages to the distributed nature of dCache is the excellent aggregated transfer rates possible. This is achieved by bypassing a central node and having transfers going directly to/from the storage elements if the protocol allows it. The Swestore Nationally Accessible Storage system can achieve aggregated transfer rates in excess of 100 Gigabit per second, but in practice this is limited by connectivity to each University (usually 10 Gbit/s) or a limited number of files (typically max 1 Gbit/s per file/connection).

Access protocols

Currently supported protocols
GridFTP - gsiftp://gsiftp.swestore.se/
Storage Resource Manager - srm://srm.swegrid.se/
Hypertext Transfer Protocol (read-only), Web Distributed Authoring and Versioning - http://webdav.swestore.se/ (unauthenticated), https://webdav.swestore.se/
NFS4.1

For authentication eScience certificates are used, which provides a higher level of security than legacy username/password schemes.

Acquire an eScience client certificate

Follow the instructions on Requesting a certificate to get your client certificate. This step can be performed while waiting for the storage application to be approved and processed. Of course, if you already have a valid eScience certificate you don't need to acquire another one.
For Terena certificates
If intending to access SweStore from a SNIC resource, please make sure you also export the certificate, transfer it to the intended SNIC resource and prepare it for use with grid tools (not necessarily needed with ARC 3.x, see proxy certificates using Firefox credential store).
For Nordugrid certificates
Please make sure to also install your client certificate in your browser.
Request membership in the SweGrid VO
Follow the instructions on Requesting membership in the SweGrid VO to get added to the SweGrid Virtual Organisation (VO) and request membership to your allocated storage project.

Download and upload data

Interactive browsing and manipulation of single files
SweStore is accessible in your web browser in two ways, as a directory index interface at https://webdav.swestore.se/ and with an interactive file manager at https://webdav.swestore.se/browser/. Note that the interactive file manager has a lot of features and functions not supported in SweStore, only the basic file transfer features are supported.
To browse private data you need to have your certificate installed in your browser (default with Terena certificates, see above). Projects are organized under the /snic directory as https://webdav.swestore.se/snic/YOUR_PROJECT_NAME/.
Upload and delete data interactively or with automation

There are several tools that are capable of using the protocols provided by SweStore national storage. For interactive usage on SNIC clusters we recommend using the ARC tools which should be installed on all SNIC resources. As an integration point for building scripts and automated systems we suggest using the curl program and library.

Use the ARC client. Please see the instructions for Accessing SweStore national storage with the ARC client. Recommended method when logged in on SNIC resources.
Use lftp. Please see the instructions for Accessing SweStore national storage with lftp.
Use cURL. Please see the instructions for Accessing SweStore national storage with cURL.
Use globus-url-copy. Please see the instructions for Accessing SweStore national storage with globus-url-copy.


Tools and scripts

There exists a number of tools and utilities developed externally that can be useful. Here are some links:

Slides and more

Slides and material from seminar for Lund users on April 18th

Usage monitoring

iRODS

Access protocols

iRODS with yubikey as authentication
CLI client
Web client

For authentication yubikey is used, which provides a higher level of usability than certificates and a higher level of security than legacy username/password schemes.

Download and upload data

Use the icommands CLI client eirods icommands
Point your web browser to iweb.swestore.se

Apply for YubiKey

Getting access

Apply for storage
Please follow the instructions on the Apply for storage on SweStore page.

Support

If you have any issues using SweStore please do not hesitate to contact support@swestore.se.

Center storage

Centre storage, as defined by the SNIC storage group, is a storage solution that lives independently of the computational resources and can be accessed from all such resources at a centre. Key features include the ability to access the same filesystem the same way on all computational resources at a centre, and a unified structure and nomenclature for all centra. Unlike cluster storage which is tightly associated with a single cluster, and thus has a limited life-time, centre storage does not require the users to migrate their own data when clusters are decommissioned, not even when the storage hardware itself is being replaced.

Unified environment

To make the usage more transparent for SNIC users, a set of environment variables are available on all SNIC resources:

  • SNIC_BACKUP – the user's primary directory at the centre
    (the part of the centre storage that is backed up)
  • SNIC_NOBACKUP – recommended directory for project storage without backup
    (also on the centre storage)
  • SNIC_TMP – recommended directory for best performance during a job
    (local disk on nodes if applicable)