SlideShare a Scribd company logo

Advanced Globus System Administration

Globus , profile picture
Globus

The document outlines advanced administration techniques for the Globus Connect Server (GCS) version 5, including migrating from GCS v4, managing multi-node Data Transfer Nodes (DTNs), and optimizing file transfer performance. Key topics include the setup and management of DTNs, supporting non-POSIX storage systems, and troubleshooting connection issues. The document also emphasizes best practices for maintaining endpoint continuity and performance in scientific data management environments.

Software
Related topics:
Research Data Management Data Sharing
1 of 25
Downloaded 11 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Advanced Globus System Administration Vas Vasiliadis vas@uchicago.edu 8 July 2022
Agenda • Comparing GCS v4 and v5 comparison • Migrating from GCS v4 to v5 • Multi-DTN deployments • Supporting non-POSIX storage systems • Optimizing (or not!) file transfer performance • Modifying the data channel interface 2
Adding DTNs to your endpoint 14
Recall: GCSv5 deployment key 15
Adding a node requires just two commands $ globus-connect-server node setup $CLIENT_ID --deployment-key THE_KEY $ systemctl restart apache2 Copy the deployment key from the first node (DTN) to every other node Node setup pulls configuration from Globus service Check your DTN cluster status: globus-connect-server node list
Multi-node DTN behavior • Active nodes can receive transfer tasks • Tasks on inactive node will pause until active again • GCS manager assistant – Synchronizes configuration among nodes in the endpoint – Stores encrypted configuration values in Globus service 17
Migrating an endpoint to a new host (DTN) • An endpoints is a logical construct è replace host system without disrupting the endpoint – Avoid replicating configuration data (esp. for guest collections!) – Maintain continuity for custom apps, automation scripts, etc., that use the endpoint UUID • Using GCS’s multi-node configuration, add new node(s) to endpoint and then remove original node(s) • Again, deployment key is required – Export node configuration with node setup --export-node – Import on new DTN using node setup --import-node
Supporting non-POSIX systems • Update your GCS packages • Add the appropriate storage gateway – Non-POSIX systems require add-on connector subscription(s) • Gateway configuration options vary by connector – e.g., specify bucket name(s) for AWS S3 • Collection authentication options vary by connector – e.g., provide user access key and secret key for AWS S3 – Credentials must grant appropriate permissions – Mapped collection may not actually “map” to local user account
Supporting access to AWS S3 (and S3-compatible systems) 20
On performance… 21
Globus transfer is fast …but it depends on… • Data Transfer Node (CPU, RAM, bus, NIC, …) • Network (devices, path quality, latency, …) • Storage (hardware, attach mode, …) • Dataset make-up (file#, size, tree depth, …) – Remember: LoSF == Great sadness • Things people do (one transfer per file …1M files) • …? 22
You should have Great Expectations 23 ESnet EPOC target for all DOE labs Requires at least a 10G connection
Esnet makes magic happen
Legacy Architecture (don’t do this) 10GE Border Router WAN Firewall Enterprise perfSONAR perfSONAR Filesystem (data store) 10GE Portal Server Browsing path Query path Data path Portal server applications: · web server · search · database · authentication · data service
Best practice: ScienceDMZ – you have one! 10GE 10GE 10GE 10GE Border Router WAN Science DMZ Switch/Router Firewall Enterprise perfSONAR perfSONAR 10GE 10GE 10GE 10GE DTN DTN API DTNs (data access governed by portal) DTN DTN perfSONAR Filesystem (data store) 10GE Portal Server Browsing path Query path Portal server applications: · web server · search · database · authentication Data Path Data Transfer Path Portal Query/Browse Path
Science DMZ configuration 27 Source security filters Destination security filters Destination Science DMZ Source Science DMZ Source Border Router Destination Border Router Source Router Destination Router User Organization DATA CONTROL Physical Control Path Logical Control Path Physical Data Path Logical Data Path * Port 443 * Ports 50000- 51000 Data Transfer Node (DTN) Data Transfer Node (DTN) * Please see TCP ports reference: https://docs.globus.org/resource-provider-guide/#open-tcp-ports_section
Globus balances performance with reliability 72.8Gbps
Performance is a pairs sport • Network use parameters: concurrency, parallelism • Maximum, Preferred values for each • Transfer considers source and destination endpoint settings min( max(preferred src, preferred dest), max src, max dest ) • Service limits, e.g. concurrent requests 29
Globus network use parameters • May only be changed on managed endpoints • Modify via the web app: Console à Endpoints tab • Modify via Globus Connect Server CLI – Run globus-connect-server endpoint modify • Strong recommendation: Do not change network use parameters before establishing baseline performance 30
Modifying network use parameters 31
Configuring a “private” data channel • Default: data interface is set to the DTN’s public IP address (see data_interface in /etc/gridftp.d/globus-connect-server • Create /etc/gridftp.d/STORAGE_GATEWAY_ID • Set data_interface PRIVATE_INTERFACE_IP_ADDRESS • Replicate on every DTN (files in /etc/gridftp.d/ are not sync'd between nodes by Globus) 32
Troubleshooting Globus Connect Server 33
Before asking for help… • self-diagnostic can identify many issues – Are services running? GCS manager/assistant, GridFTP server • Connectivity is a common cause – Is the DTN control channel reachable? – Can the DTN establish data channel connection? docs.globus.org/globus-connect-server/v5.4/troubleshooting-guide …and we’re always here for you: support@globus.org 34
When you really need a clean slate… • Proper clean-up—both on your system and in the Globus service—is important! • Execute these commands in the specified order: o globus-connect-server node cleanup (on every DTN) o globus-connect-server endpoint cleanup (on last DTN) • Delete the GCS registration at developers.globus.org • Don’t use the same Client ID for another endpoint!
Resources • GCSv5 Guides: docs.globus.org/globus-connect-server/ • Migration: docs.globus.org/globus-connect- server/migrating-to-v5.4/ • Globus support: support@globus.org 36

More Related Content

PDF
Advanced Globus System Administration
Globus
 
PDF
Advanced Globus System Administration
Globus
 
PDF
Globus Endpoint Migration and Advanced Administration Topics
Globus
 
PDF
GlobusWorld 2021 Tutorial: Globus for System Administrators
Globus
 
PDF
Advanced Globus System Administration Topics
Globus
 
PDF
Migrating to Globus Connect Server v5
Globus
 
PDF
Introduction to Globus for System Administrators (GlobusWorld Tour - UMich)
Globus
 
PDF
Globus for System Administrators (GlobusWorld Tour - UCSD)
Globus
 
Advanced Globus System Administration
Globus
 
Advanced Globus System Administration
Globus
 
Globus Endpoint Migration and Advanced Administration Topics
Globus
 
GlobusWorld 2021 Tutorial: Globus for System Administrators
Globus
 
Advanced Globus System Administration Topics
Globus
 
Migrating to Globus Connect Server v5
Globus
 
Introduction to Globus for System Administrators (GlobusWorld Tour - UMich)
Globus
 
Globus for System Administrators (GlobusWorld Tour - UCSD)
Globus
 

Similar to Advanced Globus System Administration (20)

PDF
Making Storage Systems Accessible via Globus (GlobusWorld Tour West)
Globus
 
PDF
Globus for System Administrators (GlobusWorld Tour - Columbia University)
Globus
 
PDF
Tutorial: Introduction to Globus for System Administrators
Globus
 
PDF
Globus Endpoint Administration (GlobusWorld Tour - STFC)
Globus
 
PDF
Globus for System Administrators (CHPC 2019 - South Africa)
Globus
 
PDF
Introduction to Globus for System Administrators
Globus
 
PPTX
Globus for System Administrators
Globus
 
PDF
Introduction to Globus Connect for System Administrators.pdf
SusanTussy1
 
PDF
Globus Endpoint Setup and Configuration - XSEDE14 Tutorial
Globus
 
PDF
Globus for System Administrators
Globus
 
PDF
Introduction to Globus for System Administrators
Globus
 
PDF
Introduction to Globus for System Administrators
Globus
 
PDF
Introduction to Globus for System Administrators
Globus
 
PPTX
Updating the Globus Connect Architecture - ARCC Workshop at PEARC17
Mary Bass
 
PPTX
Globus: Research Data Management as Service and Platform - pearc17
Mary Bass
 
PDF
Connecting Your System to Globus (APS Workshop)
Globus
 
PDF
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus
 
PPTX
Globus Connect Server 5.1 Webinar
Globus
 
PPTX
What's New With Globus
Globus
 
PDF
Introduction to Globus: Research Data Management Software at the ALCF
Globus
 
Making Storage Systems Accessible via Globus (GlobusWorld Tour West)
Globus
 
Globus for System Administrators (GlobusWorld Tour - Columbia University)
Globus
 
Tutorial: Introduction to Globus for System Administrators
Globus
 
Globus Endpoint Administration (GlobusWorld Tour - STFC)
Globus
 
Globus for System Administrators (CHPC 2019 - South Africa)
Globus
 
Introduction to Globus for System Administrators
Globus
 
Globus for System Administrators
Globus
 
Introduction to Globus Connect for System Administrators.pdf
SusanTussy1
 
Globus Endpoint Setup and Configuration - XSEDE14 Tutorial
Globus
 
Globus for System Administrators
Globus
 
Introduction to Globus for System Administrators
Globus
 
Introduction to Globus for System Administrators
Globus
 
Introduction to Globus for System Administrators
Globus
 
Updating the Globus Connect Architecture - ARCC Workshop at PEARC17
Mary Bass
 
Globus: Research Data Management as Service and Platform - pearc17
Mary Bass
 
Connecting Your System to Globus (APS Workshop)
Globus
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus
 
Globus Connect Server 5.1 Webinar
Globus
 
What's New With Globus
Globus
 
Introduction to Globus: Research Data Management Software at the ALCF
Globus
 
Ad

More from Globus (20)

PDF
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 
PDF
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Globus
 
PDF
Globus Compute Introduction - GlobusWorld 2024
Globus
 
PDF
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Globus
 
PDF
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
PDF
First Steps with Globus Compute Multi-User Endpoints
Globus
 
PDF
Enhancing Research Orchestration Capabilities at ORNL.pdf
Globus
 
PDF
Understanding Globus Data Transfers with NetSage
Globus
 
PDF
How to Position Your Globus Data Portal for Success Ten Good Practices
Globus
 
PDF
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
Globus
 
PDF
Developing Distributed High-performance Computing Capabilities of an Open Sci...
Globus
 
PDF
The Department of Energy's Integrated Research Infrastructure (IRI)
Globus
 
PDF
GlobusWorld 2024 Opening Keynote session
Globus
 
PDF
Enhancing Performance with Globus and the Science DMZ
Globus
 
PDF
Extending Globus into a Site-wide Automated Data Infrastructure.pdf
Globus
 
PDF
Globus at the United States Geological Survey
Globus
 
PDF
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
PDF
Globus Compute with Integrated Research Infrastructure (IRI) workflows
Globus
 
PDF
Reactive Documents and Computational Pipelines - Bridging the Gap
Globus
 
PDF
Innovating Inference at Exascale - Remote Triggering of Large Language Models...
Globus
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Globus
 
Globus Compute Introduction - GlobusWorld 2024
Globus
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Globus
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
First Steps with Globus Compute Multi-User Endpoints
Globus
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Globus
 
Understanding Globus Data Transfers with NetSage
Globus
 
How to Position Your Globus Data Portal for Success Ten Good Practices
Globus
 
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
Globus
 
Developing Distributed High-performance Computing Capabilities of an Open Sci...
Globus
 
The Department of Energy's Integrated Research Infrastructure (IRI)
Globus
 
GlobusWorld 2024 Opening Keynote session
Globus
 
Enhancing Performance with Globus and the Science DMZ
Globus
 
Extending Globus into a Site-wide Automated Data Infrastructure.pdf
Globus
 
Globus at the United States Geological Survey
Globus
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
Globus Compute with Integrated Research Infrastructure (IRI) workflows
Globus
 
Reactive Documents and Computational Pipelines - Bridging the Gap
Globus
 
Innovating Inference at Exascale - Remote Triggering of Large Language Models...
Globus
 
Ad

Recently uploaded (20)

PDF
Types of Token_ From Utility to Security.pdf
Herond Labs
 
PDF
DNT Brochure 2025 – ISV Solutions @ D365
sai vignesh
 
PDF
How Tridens DevSecOps Ensures Compliance, Security, and Agility
Tridens
 
PPTX
Trending Python Topics for Data Visualization in 2025
IT IDOL Technologies
 
PDF
Ableton Live Suite for MacOS Crack Full Download (Latest 2025)
hashmi66g66
 
PPTX
AMADEUS TRAVEL AGENT SOFTWARE | AMADEUS TICKETING SYSTEM
philipnathen82
 
PPTX
Weekly report ppt - harsh dattuprasad patel.pptx
bikerslovers123
 
PPTX
Custom Software Development Services.pptx.pptx
TVL IT Solutions
 
PDF
How to Make Money in the Metaverse_ Top Strategies for Beginners.pdf
Herond Labs
 
PDF
Topaz Photo AI Crack New Download (Latest 2025)
hashmi66g66
 
PPTX
Monitoring Stack: Grafana, Loki & Promtail
GhanshyamSwami3
 
PPTX
Patient Appointment Booking in Odoo with online payment
AxisTechnolabs
 
PPTX
Cybersecurity: Protecting the Digital World
SURULIAPPANPREMKMAR
 
PDF
Digital Systems & Binary Numbers (comprehensive )
fyfhqfhtv2
 
PPTX
Tech Workshop Escape Room Tech Workshop
muthuiyad
 
PPTX
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
PDF
iTop VPN Crack Latest Version Full Key 2025
hashmianya37
 
PDF
AI/ML Infra Meetup | LLM Agents and Implementation Challenges
Alluxio, Inc.
 
PDF
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 
PPTX
Why Generative AI is the Future of Content, Code & Creativity?
Webuters Technologies Pvt. Ltd
 
Types of Token_ From Utility to Security.pdf
Herond Labs
 
DNT Brochure 2025 – ISV Solutions @ D365
sai vignesh
 
How Tridens DevSecOps Ensures Compliance, Security, and Agility
Tridens
 
Trending Python Topics for Data Visualization in 2025
IT IDOL Technologies
 
Ableton Live Suite for MacOS Crack Full Download (Latest 2025)
hashmi66g66
 
AMADEUS TRAVEL AGENT SOFTWARE | AMADEUS TICKETING SYSTEM
philipnathen82
 
Weekly report ppt - harsh dattuprasad patel.pptx
bikerslovers123
 
Custom Software Development Services.pptx.pptx
TVL IT Solutions
 
How to Make Money in the Metaverse_ Top Strategies for Beginners.pdf
Herond Labs
 
Topaz Photo AI Crack New Download (Latest 2025)
hashmi66g66
 
Monitoring Stack: Grafana, Loki & Promtail
GhanshyamSwami3
 
Patient Appointment Booking in Odoo with online payment
AxisTechnolabs
 
Cybersecurity: Protecting the Digital World
SURULIAPPANPREMKMAR
 
Digital Systems & Binary Numbers (comprehensive )
fyfhqfhtv2
 
Tech Workshop Escape Room Tech Workshop
muthuiyad
 
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
iTop VPN Crack Latest Version Full Key 2025
hashmianya37
 
AI/ML Infra Meetup | LLM Agents and Implementation Challenges
Alluxio, Inc.
 
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 
Why Generative AI is the Future of Content, Code & Creativity?
Webuters Technologies Pvt. Ltd
 

Advanced Globus System Administration

  • 1. Advanced Globus System Administration Vas Vasiliadis vas@uchicago.edu 8 July 2022
  • 2. Agenda • Comparing GCS v4 and v5 comparison • Migrating from GCS v4 to v5 • Multi-DTN deployments • Supporting non-POSIX storage systems • Optimizing (or not!) file transfer performance • Modifying the data channel interface 2
  • 3. Adding DTNs to your endpoint 14
  • 5. Adding a node requires just two commands $ globus-connect-server node setup $CLIENT_ID --deployment-key THE_KEY $ systemctl restart apache2 Copy the deployment key from the first node (DTN) to every other node Node setup pulls configuration from Globus service Check your DTN cluster status: globus-connect-server node list
  • 6. Multi-node DTN behavior • Active nodes can receive transfer tasks • Tasks on inactive node will pause until active again • GCS manager assistant – Synchronizes configuration among nodes in the endpoint – Stores encrypted configuration values in Globus service 17
  • 7. Migrating an endpoint to a new host (DTN) • An endpoints is a logical construct è replace host system without disrupting the endpoint – Avoid replicating configuration data (esp. for guest collections!) – Maintain continuity for custom apps, automation scripts, etc., that use the endpoint UUID • Using GCS’s multi-node configuration, add new node(s) to endpoint and then remove original node(s) • Again, deployment key is required – Export node configuration with node setup --export-node – Import on new DTN using node setup --import-node
  • 8. Supporting non-POSIX systems • Update your GCS packages • Add the appropriate storage gateway – Non-POSIX systems require add-on connector subscription(s) • Gateway configuration options vary by connector – e.g., specify bucket name(s) for AWS S3 • Collection authentication options vary by connector – e.g., provide user access key and secret key for AWS S3 – Credentials must grant appropriate permissions – Mapped collection may not actually “map” to local user account
  • 9. Supporting access to AWS S3 (and S3-compatible systems) 20
  • 11. Globus transfer is fast …but it depends on… • Data Transfer Node (CPU, RAM, bus, NIC, …) • Network (devices, path quality, latency, …) • Storage (hardware, attach mode, …) • Dataset make-up (file#, size, tree depth, …) – Remember: LoSF == Great sadness • Things people do (one transfer per file …1M files) • …? 22
  • 12. You should have Great Expectations 23 ESnet EPOC target for all DOE labs Requires at least a 10G connection
  • 14. Legacy Architecture (don’t do this) 10GE Border Router WAN Firewall Enterprise perfSONAR perfSONAR Filesystem (data store) 10GE Portal Server Browsing path Query path Data path Portal server applications: · web server · search · database · authentication · data service
  • 15. Best practice: ScienceDMZ – you have one! 10GE 10GE 10GE 10GE Border Router WAN Science DMZ Switch/Router Firewall Enterprise perfSONAR perfSONAR 10GE 10GE 10GE 10GE DTN DTN API DTNs (data access governed by portal) DTN DTN perfSONAR Filesystem (data store) 10GE Portal Server Browsing path Query path Portal server applications: · web server · search · database · authentication Data Path Data Transfer Path Portal Query/Browse Path
  • 16. Science DMZ configuration 27 Source security filters Destination security filters Destination Science DMZ Source Science DMZ Source Border Router Destination Border Router Source Router Destination Router User Organization DATA CONTROL Physical Control Path Logical Control Path Physical Data Path Logical Data Path * Port 443 * Ports 50000- 51000 Data Transfer Node (DTN) Data Transfer Node (DTN) * Please see TCP ports reference: https://docs.globus.org/resource-provider-guide/#open-tcp-ports_section
  • 17. Globus balances performance with reliability 72.8Gbps
  • 18. Performance is a pairs sport • Network use parameters: concurrency, parallelism • Maximum, Preferred values for each • Transfer considers source and destination endpoint settings min( max(preferred src, preferred dest), max src, max dest ) • Service limits, e.g. concurrent requests 29
  • 19. Globus network use parameters • May only be changed on managed endpoints • Modify via the web app: Console à Endpoints tab • Modify via Globus Connect Server CLI – Run globus-connect-server endpoint modify • Strong recommendation: Do not change network use parameters before establishing baseline performance 30
  • 21. Configuring a “private” data channel • Default: data interface is set to the DTN’s public IP address (see data_interface in /etc/gridftp.d/globus-connect-server • Create /etc/gridftp.d/STORAGE_GATEWAY_ID • Set data_interface PRIVATE_INTERFACE_IP_ADDRESS • Replicate on every DTN (files in /etc/gridftp.d/ are not sync'd between nodes by Globus) 32
  • 23. Before asking for help… • self-diagnostic can identify many issues – Are services running? GCS manager/assistant, GridFTP server • Connectivity is a common cause – Is the DTN control channel reachable? – Can the DTN establish data channel connection? docs.globus.org/globus-connect-server/v5.4/troubleshooting-guide …and we’re always here for you: support@globus.org 34
  • 24. When you really need a clean slate… • Proper clean-up—both on your system and in the Globus service—is important! • Execute these commands in the specified order: o globus-connect-server node cleanup (on every DTN) o globus-connect-server endpoint cleanup (on last DTN) • Delete the GCS registration at developers.globus.org • Don’t use the same Client ID for another endpoint!
  • 25. Resources • GCSv5 Guides: docs.globus.org/globus-connect-server/ • Migration: docs.globus.org/globus-connect- server/migrating-to-v5.4/ • Globus support: support@globus.org 36