Created
February 6, 2018 13:27
-
-
Save kashif74/499fc3678b82fbcab2229b8bbec9188e to your computer and use it in GitHub Desktop.
dpmhead_puppet_manifest
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$token_password = "**" | |
#The Mysql root pass ( if Mysql is installed locally), it has the same value as the YAIM var MYSQL_PASSWORD | |
$mysql_root_pass = "**" | |
#the DPM DB user, it has the same value as the YAIM var DPM_DB_USER | |
$db_user = "dpmmgr" | |
#the DPM DB user password, it has the same value as the YAIM var DPM_DB_PASSWORD | |
$db_pass = "**" | |
#the DPM DB host, it has the same value as the YAIM var DPM_DB_HOST | |
$db_host = "localhost" | |
# the DPM host domain, it has the same value as the YAIM var MY_DOMAIN | |
$localdomain = "physics.ox.ac.uk" | |
$localsitename = "UKI-SOUTHGRID-OX-HEP" | |
# the list of VO tu support, it has the same value as the YAIM var VOS | |
$volist = ["LIST_OF_VO"] | |
# the list of disknodes to configure | |
$disk_nodes = " LIST_OF_POOLNODES" | |
# the xrootd shared key, it has the same value as the YAIM var DPM_XROOTD_SHAREDKEY | |
$xrootd_sharedkey = "**" | |
#enable debug logs | |
$debug = false | |
#enable installation and configuration of the DB locally | |
$local_db = true | |
# the dpmmgr UID, it has the same value as the YAIM var DPMMGR_UID | |
$dpmmgr_uid = * | |
# the dpmmgr GID, it has the same value as the YAIM var DPMMGR_GID | |
$dpmmgr_gid = * | |
# | |
# Set inter-module dependencies | |
# | |
Class[Lcgdm::Dpm::Service] -> Class[Dmlite::Plugins::Adapter::Install] | |
Class[Lcgdm::Ns::Config] -> Class[Dmlite::Srm::Service] | |
Class[Dmlite::Head] -> Class[Dmlite::Plugins::Adapter::Install] | |
Class[Dmlite::Plugins::Adapter::Install] ~> Class[Dmlite::Srm] | |
Class[Dmlite::Plugins::Adapter::Install] ~> Class[Dmlite::Gridftp] | |
Class[Dmlite::Plugins::Adapter::Install] -> Class[Dmlite::Dav] | |
Dmlite::Plugins::Adapter::Create_config <| |> -> Class[Dmlite::Dav::Install] | |
Class[Dmlite::Plugins::Mysql::Install] ~> Class[Dmlite::Srm] | |
Class[Dmlite::Plugins::Mysql::Install] ~> Class[Dmlite::Gridftp] | |
Class[Dmlite::Plugins::Mysql::Install] -> Class[Dmlite::Dav] | |
Class[Bdii::Install] -> Class[Lcgdm::Bdii::Dpm] | |
Class[Lcgdm::Bdii::Dpm] -> Class[Bdii::Service] | |
Class[fetchcrl::service] -> Class[Xrootd::Config] | |
# | |
# MySQL server setup - disable if it is not local | |
# | |
if ($local_db) { | |
Class[Mysql::Server] -> Class[Lcgdm::Ns::Service] | |
#adding perf tunings | |
$override_options = { | |
'mysqld' => { | |
'max_connections' => '1000', | |
'query_cache_size' => '256M', | |
'query_cache_limit' => '1MB', | |
'innodb_flush_method' => 'O_DIRECT', | |
'innodb_buffer_pool_size' => '1000000000', | |
} | |
} | |
class{"mysql::server": | |
service_enabled => true, | |
root_password => "${mysql_root_pass}", | |
override_options => $override_options | |
} | |
} | |
# | |
# DPM and DPNS daemon configuration. | |
# | |
class{"lcgdm": | |
dbflavor => "mysql", | |
dbuser => "${db_user}", | |
dbpass => "${db_pass}", | |
dbhost => "${db_host}", | |
domain => "${localdomain}", | |
volist => $volist, | |
uid => $dpmmgr_uid, | |
gid => $dpmmgr_gid, | |
} | |
# | |
# RFIO configuration. | |
# | |
class{"lcgdm::rfio": | |
dpmhost => "${::fqdn}", | |
} | |
lcgdm::dpm::pool{"dpmPart": | |
def_filesize => "100M" | |
} | |
Class[Lcgdm::Base::Config] -> | |
file { | |
"/dpm": | |
ensure => directory, | |
owner => "root", | |
group => "root", | |
mode => "0755"; | |
"/dpm/pool1": | |
ensure => directory, | |
owner => "dpmmgr", | |
group => "dpmmgr", | |
seltype => "httpd_sys_content_t", | |
mode => "0775"; | |
} | |
-> | |
# | |
# Entries in the shift.conf file, you can add in 'host' below the list of | |
# machines that the DPM should trust (if any). | |
# | |
lcgdm::shift::trust_value{ | |
"DPM TRUST": | |
component => "DPM", | |
host => "${disk_nodes}"; | |
"DPNS TRUST": | |
component => "DPNS", | |
host => "${disk_nodes}"; | |
"RFIO TRUST": | |
component => "RFIOD", | |
host => "${disk_nodes}", | |
all => true | |
} | |
lcgdm::shift::protocol{"PROTOCOLS": | |
component => "DPM", | |
proto => "rfio gsiftp http https xroot" | |
} | |
class{"voms::dteam":} | |
class{"voms::ops":} | |
class{"voms::alice":} | |
class{"voms::atlas":} | |
class{"voms::lhcb":} | |
class{"voms::cms":} | |
class{"voms::pheno":} | |
class{"voms::ilc":} | |
class{"voms::fusion":} | |
class{"voms::esr":} | |
class{"voms::gridpp":} | |
class{"voms::vo_southgrid_ac_uk":} | |
class{"voms::mice":} | |
class{"voms::t2k_org":} | |
class{"voms::snoplus_snolab_ca":} | |
$groupmap = { | |
"vomss://voms2.hellasgrid.gr:8443/voms/dteam?/dteam" => "dteam", | |
"vomss://voms.hellasgrid.gr:8443/voms/dteam?/dteam" => "dteam", | |
"vomss://voms2.cern.ch:8443/voms/ops?/ops/" => "ops", | |
"vomss://lcg-voms2.cern.ch:8443/voms/ops?/ops/" => "ops", | |
'vomss://lcg-voms2.cern.ch:8443/voms/alice?/alice' => "alice", | |
'vomss://voms2.cern.ch:8443/voms/alice?/alice' => "alice", | |
"vomss://voms2.cern.ch:8443/voms/atlas?/atlas" => "atlas", | |
"vomss://lcg-voms2.cern.ch:8443/voms/atlas?/atlas" => "atlas", | |
'vomss://lcg-voms2.cern.ch:8443/voms/lhcb?/lhcb' => "lhcb", | |
'vomss://voms2.cern.ch:8443/voms/lhcb?/lhcb' => "lhcb", | |
'vomss://lcg-voms2.cern.ch:8443/voms/cms?/cms' => "cms", | |
'vomss://voms2.cern.ch:8443/voms/cms?/cms' => "cms", | |
'vomss://voms.gridpp.ac.uk:8443/voms/pheno?/pheno' => "pheno", | |
'vomss://grid-voms.desy.de:8443/voms/ilc?/ilc' => "ilc", | |
'vomss://voms-prg.bifi.unizar.es:8443/voms/fusion?/fusion' => "fusion", | |
'vomss://voms.grid.sara.nl:8443/voms/esr?/esr' => "esr", | |
'vomss://voms.gridpp.ac.uk:8443/voms/gridpp?/gridpp' => "gridpp", | |
'vomss://voms.gridpp.ac.uk:8443/voms/vo.southgrid.ac.uk?/vo.southgrid.ac.uk' => "vo_southgrid_ac_uk", | |
'vomss://voms.gridpp.ac.uk:8443/voms/mice?/mice' => "mice", | |
"vomss://voms.gridpp.ac.uk:8443/voms/t2k.org?/t2k.org" => "t2k_org", | |
'vomss://voms.gridpp.ac.uk:8443/voms/snoplus.snolab.ca?/snoplus.snolab.ca' => "snoplus_snolab_ca" | |
} | |
lcgdm::mkgridmap::file {"lcgdm-mkgridmap": | |
configfile => "/etc/lcgdm-mkgridmap.conf", | |
mapfile => "/etc/lcgdm-mapfile", | |
localmapfile => "/etc/lcgdm-mapfile-local", | |
logfile => "/var/log/lcgdm-mkgridmap.log", | |
groupmap => $groupmap, | |
localmap => {"nobody" => "nogroup"}, | |
} | |
exec{"/usr/sbin/edg-mkgridmap --conf=/etc/lcgdm-mkgridmap.conf --safe --output=/etc/lcgdm-mapfile": | |
require => Lcgdm::Mkgridmap::File["lcgdm-mkgridmap"] | |
} | |
# | |
# dmlite configuration. | |
# | |
class{"dmlite::head": | |
token_password => "${token_password}", | |
mysql_username => "${db_user}", | |
mysql_password => "${db_pass}", | |
} | |
# | |
# Frontends based on dmlite. | |
# | |
class{"dmlite::dav::config": | |
ns_secure_redirect => 'Off', | |
ns_prefix => 'dpm/physics\.ox\.ac\.uk', | |
} | |
class{"dmlite::dav":} | |
class{"dmlite::srm":} | |
class{"dmlite::gridftp": | |
dpmhost => "${::fqdn}" | |
} | |
# The XrootD configuration is a bit more complicated and | |
# the full config (incl. federations) will be explained here: | |
# https://svnweb.cern.ch/trac/lcgdm/wiki/Dpm/Xroot/PuppetSetup | |
# | |
# The simplest xrootd configuration. | |
# | |
# the xrootd_user and xrootd_group vars are configured as in YAIM with the value of DPMMGR_USER | |
# | |
class{"xrootd::config": | |
xrootd_user => 'dpmmgr', | |
xrootd_group => 'dpmmgr' | |
} | |
class{"dmlite::xrootd": | |
nodetype => [ 'head','disk' ], | |
domain => "${localdomain}", | |
site_name => "${localsitename}", | |
dpm_xrootd_debug => $debug, | |
dpm_xrootd_sharedkey => "${xrootd_sharedkey}", | |
dpm_xrootd_fedredirs => { | |
"atlas" => { | |
name => 'fedredir_atlas', | |
fed_host => 'atlas-xrd-uk.cern.ch', | |
xrootd_port => 1094, | |
cmsd_port => 1098, | |
local_port => 11000, | |
namelib_prefix => "/dpm/physics.ox.ac.uk/home/atlas", | |
namelib => "XrdOucName2NameLFC.so pssorigin=localhost sitename=UKI-SOUTHGRID-OX-HEP", | |
paths => [ '/atlas' ], | |
xrd_report => "uct2-int.mwt2.org:9931 every 60s all -buff -poll sync", | |
xrootd_monitor => "all auth flush 30s fstat 60 lfn ops xfr 5 window 5s dest fstat info user redir uct2-int.mwt2.org:9330" | |
}, | |
"cms" => { | |
name => 'fedredir_cms', | |
fed_host => 'cms-xrd-transit.cern.ch', | |
xrootd_port => 1094, | |
cmsd_port => 1213, | |
local_port => 11001, | |
namelib_prefix => "/dpm/physics.ox.ac.uk/home/cms", | |
namelib => "libXrdCmsTfc.so file:/etc/xrootd/storage.xml?protocol=direct", | |
paths => [ '/store' ], | |
xrd_report => "xrootd.t2.ucsd.edu:9931 every 60s all -buff -poll sync", | |
xrootd_monitor => "all fstat 60 lfn ops ssq xfr 5 ident 5m dest fstat info user redir cms-aaa-eu-collector.cern.ch:9330" | |
} | |
}, | |
# xrd_report => "uct2-int.mwt2.org:9931 every 60s all -buff -poll sync", | |
# xrootd_monitor => "all auth flush 30s fstat 60 lfn ops xfr 5 window 5s dest fstat info user redir uct2-int.mwt2.org:9330" | |
} | |
# YAIM vars for reference | |
#DPM_XROOTD_FEDREDIRS="atlas-xrd-uk.cern.ch:1094:1098,atlas,/atlas" | |
#DPM_XROOTD_FED_ATLAS_NAMELIBPFX="/dpm/physics.ox.ac.uk/home/atlas" | |
#DPM_XROOTD_FED_ATLAS_NAMELIB="XrdOucName2NameLFC.so root=/dpm/physics.ox.ac.uk/home/atlas match=t2se01.physics.ox.ac.uk" | |
#DPM_XROOTD_FED_ATLAS_SETENV="LFC_HOST=prod-lfc-atlas-ro.cern.ch LFC_CONRETRY=0 GLOBUS_THREAD_MODEL=pthread CSEC_MECH=ID" | |
# BDII | |
include('bdii') | |
# DPM GIP config | |
class{"lcgdm::bdii::dpm": | |
sitename => "UKI-SOUTHGRID-OX-HEP", | |
vos => $volist | |
} | |
#memcache configuration | |
Class[Dmlite::Plugins::Memcache::Install] ~> Class[Dmlite::Dav::Service] | |
Class[Dmlite::Plugins::Memcache::Install] ~> Class[Dmlite::Gridftp] | |
Class[Dmlite::Plugins::Memcache::Install] ~> Class[Dmlite::Srm] | |
Class[Lcgdm::Base::Config] | |
-> | |
class{"memcached": | |
max_memory => 2000, | |
listen_ip => "127.0.0.1", | |
} | |
-> | |
class{"dmlite::plugins::memcache": | |
expiration_limit => 600, | |
posix => 'on', | |
} | |
# | |
# dmlite shell configuration. | |
# | |
class{"dmlite::shell":} | |
#limit conf | |
# Limit conf is no more required as dmlite is creating limit /etc/security/limits.d/90-nproc.conf | |
#$limits_config = { | |
# "*" => { | |
# nofile => { soft => 65000, hard => 65000 }, | |
# nproc => { soft => 65000, hard => 65000 }, | |
# } | |
# } | |
# class{'limits': | |
# config => $limits_config, | |
# use_hiera => false | |
# } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment