Perun Services

Z MetaCentrum
Skočit na navigaci Skočit na vyhledávání

Back to Perun main page

Warning.gif WARNING: This part of the documentation is not complete yet.

Introduction

Perun-services are automatically activated tools which allow to keep the situation stated at the database the same as the status of all resources controlled by system Perun.

List of Perun-services can be increased by adding new services which can have special functionality according to needing administrators and users of the system.


fs_home (short version)

This Service is used for maintenance user's home directories on target facilities.

Directories which have not been existed yet are created. At formerly created directories is checked owner and his permissions for access.

Deleting of home directories is not executed, old or invalid directories must be deleted by hand. Service sets home files quotas and limits for their number.


fs_home (long version)

For this Service, Facility object represents machine or set machines for which we want to create home directories.

Resource object that is assigned this service within this Facility represents just one directory in which the user's home directories are created.

Destinations object defines a particular physical machine (node) on which all home directories are set up. If more than one Destination object is set,

the same configuration will be distributed to all the nodes set in this way. Typically, we want Destination object as all machines that are represented

by Facility, object to ensure that each of them creates home directories. In the case of a shared file system, it is necessary to select only

one of these machines as Destination object, through which the home directories are set up on a shared file system, and thus make it available to the rest of the machines.


pop-up definition:

Destination

Represents a relation between service and destination address for propagation.


Machine or set of machines that represent the Facility object have the following common features for all such machines:

  • Namespace for user logins (represented by attribute "login-namespace")
  • Namespace for user UID‘s (represented by attribute "UID-namespace")
  • Namespace for group names (represented by attribute "groupName-namespace")
  • Namespace for group GID‘s (represented by attribute "GID-namespace")
  • Optional quota setting (represented by attribute "quotaEnabled")


Same rights for all home directories (represented by attribute "homeDirUmask").

If this attribute is not set, the default value is "0775".


Each Resource object has the following properties:

  • Each user-specific home directory is created for each user assigned to this Resource object (group membership)
  • Directory name for creating home directories (represented by attribute "fsHomeMountPoint"), which can be shared across multiple Resource objects

(this is not unique), allowing this directory to be shared across multiple VO objects.

  • Common primary GID for all users assigned to a given Resource object (represented by attribute "unixGID")
  • Common volume on which individual users can set quotas and limits above their home directory (represented by attribute "fsVolume")
  • Default settings for shared quotas above home directories, both quota for the maximum number of files and quotas for maximum data size

in the home directory (represented by attributes: "defaultDataQuota", "defaultDataLimit", "defaultFilesQuota", "defaultFilesLimit")


Optional functionality

  • Set up quotas for home directories
    • is enabled with value "1" set in attribute "quotaEnabled" within the Facility object (default setting is "off")
    • within the same "volume" represented by one or more Resource objects, that this "volume" represents (despite multiple VO objects),

users quotas are added up. The resulting quota is then set for its home directory (especially the quota and the data and file limit)


pop-up definition:

Volume

It's a part of the file structure where quotas are set.


    • for each Resource object, a higher value is taken from the attributes generally set for it

(see the default quota settings on the Resource object) or the user-specific exception (represented by attributes "dataQuota", "dataLimit", "filesQuota", "filesLimit").

    • "/usr/sbin/setquota" is used as the default quota setting tool, which can be changed by setting the "SET_QUOTA_PROGRAM" variable in pre-script.

Here, you can also edit the "SET_QUOTA_TEMPLATE" variable that provides the order and argument names for the tool you set up. A sample of such settings can be seen in the file "example-pre_01_set_quota"

    • in pre-script "pre_01_set_quota" you can also enforce quota adjustment for selected nodes (if you cannot do so by setting an attribute within the VO object)
    • quotas can do exception for individual users
  • Creating home files based on "/etc/skel"
    • using this functionality will allow you to create new home directories based on the original of the existing directory in the system
    • to enable this functionality, it is necessary to set the path to the directory to serve as a template using the "PERUN_SKEL_PATH" variable,

such paths can be set more in the variable (separated by a colon), and the first existing directory is applied. Example of such setting can be seen in the file

    • "example-pre_20_set_skel"
    • IMPORTANT: this setting does not apply to existing directories
Citováno z „https://wiki.metacentrum.cz/w/index.php?title=Perun_Services&oldid=7260