Service Card for CVMFS
CVMFS is a package running on the WNs that needs a squid proxy to cache requests.Definition
Currently, the host in which the squid for cvmfs is installed iscvmfs.lcg.cscs.ch and is a Sun server with: - Scientific Linux 6.2 x86_64
- Squid 3.1.10 (squid-3.1.10-1.el6_2.1.x86_64)
Operations
Interesting information like how to deal with the service.Client tools
Testing
Start/stop procedures
# service squid status squid (pid 2268) is running...
Failover check
The WNs are configured to query both Squid servers in case of failure:# cat default.local #CVMFS_REPOSITORIES=atlas.cern.ch,atlas-condb.cern.ch,cms.cern.ch,lhcb.cern.ch,hone.cern.ch,grid.cern.ch CVMFS_REPOSITORIES=atlas,atlas-condb,lhcb,hone,cms CVMFS_HTTP_PROXY="http://cvmfs.lcg.cscs.ch:3128|http://ppcvmfs.lcg.cscs.ch:3128" CVMFS_CACHE_BASE=/cvmfs_local CVMFS_QUOTA_LIMIT=30000
Checking logs
Set up
Instructions on how to set up the service, like:Dependencies (other services, mount points, ...)
Redundancy notes
Installation
Easy:# yum install squidConfiguration (
/etc/squid/squid.conf) is managed by cfengine.
Upgrade
Monitoring
The remote monitoring by WLCG via SNMP on 3401/udp has to be enabled in the Squid configuration (through CFEngine as usual) oncvmfs.lcg.cscs.ch and cvmfs1.lcg.cscs.ch along with the ACLs required to let the remote monitoring from CERN network and CERN Hungary data center:
[root@cvmfs:~]# vim /etc/squid/squid.conf [...] acl HOST_MONITOR src 127.0.0.1/32 128.142.0.0/16 188.184.128.0/17 188.185.128.0/17 acl snmppublic snmp_community public [...] snmp_access allow snmppublic HOST_MONITOR snmp_access deny all snmp_port 3401 [...] [root@cvmfs:~]# service squid reload [root@cvmfs:~]# netstat -tlpun | grep 3401 udp 0 0 :::3401 :::* 20818/(squid)Of course the firewall has to be set in order to allow inbound connections from those networks:
-A INPUT -s 128.142.0.0/16 -p udp --dport 3401 -m state --state NEW -j ACCEPT -A INPUT -s 188.184.128.0/17 -p udp --dport 3401 -m state --state NEW -j ACCEPT -A INPUT -s 188.185.128.0/17 -p udp --dport 3401 -m state --state NEW -j ACCEPTThe status of the Squid servers running on
cvmfs and cvmfs1 can be checked on the official monitoring pages: Squid_cvmfs
, Squid_cvmfs1, Squid_monitors.
Nagios
Ganglia
Self Sanity / revival?
Other?
Manuals
External links to manualsIssues
Information about issues found with this service, and how to deal with them.Define a reasonable size of Squid disk cache
It is a good idea to set a reasonable value for the disk cache size being used by the Squid server run on CMVFS machines in order to avoid to fill up the whole disk or partition dedicated to it:[root@cvmfs1:~]# vim /etc/squid/squid.conf [...] cache_dir aufs /squid_cache/squid 400000 16 256 [...]In the example a disk cache size of 400GB has been defined along with the limit of 16 first-level directories and 256 second-level directories created under the Squid cache directory defined as second argument. Currently we manage this configuration file via CFEngine as usual.
Issue2
References
| ServiceCardForm | |
|---|---|
| Service name | cvmfs |
| Machines this service is installed in | cvmfs1,cvmfs |
| Is Grid service | No |
| Depends on the following services | |
| Expert | Gianni Ricciardi |
| CM | CfEngine |
| Provisioning | Razor |
Topic revision: r5 - 2014-12-11 - GianniRicciardi
LCGTier2
LCGTier2 Web
Create New Topic
Index
Search
Changes
Notifications
Statistics
Preferences
Home 
Site map
CmsTier3 web
Users
Groups
RSS Feed
Copyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback