Storage Manager: Difference between revisions

From Grid5000
Jump to navigation Jump to search
(Created page with "== How does it work == An user can share its home with other node on Grid'5000. Each time you start a job, an access for all the assigned nodes is automatically created. You m...")
 
 
(48 intermediate revisions by 7 users not shown)
Line 1: Line 1:
== How does it work ==
{{Portal|Tutorial}}
An user can share its home with other node on Grid'5000. Each time you start a job, an access for all the assigned nodes is automatically created. You may want to use this tutorial if you want to allow additional addresses to access your home.
{{Portal|User}}
{{StorageHeader}}
{{TutorialHeader}}


{{Note|text=Only the home owner can interact with his accesses, so you need to be authenticated. It's done automatically on the froentend.}}
The Storage Manager manages access to NFS shares on Grid'5000. It is used for user's home and [[Group Storage]].  


== Create access ==
== How it works ==
Accesses creation is done by sending POST to the API.
The storage API works with '''access''' object. An access is defined by a list of addresses and a termination condition for a specific location on an NFS Server.
Let's assume we want to share the <code class="replace">nancy</code> home of user <code class="replace">jpicard</code> to IP addresses <code class="replace">172.16.72.1</code> and <code class="replace">172.16.72.25</code>


We need a termination condition, it can be a specific date or a job termination.
On the frontends and on <code class="env">nfs</code> environments (such as <code class="env">centosstream9-nfs</code>), <code class="env">debianXX-big</code> environments (such as <code class="env">debian11-big</code>)  autofs is used for the local home and group storage directories.  '''The accesses are created automatically in this case'''. You may want to use this page if you want to allow additional addresses to access your home (like when you are using VLAN), if you want to access your home over-site or to access group storage on other environments.


You will need to use the [[API|Grid'5000 API]], the entry-point for the home of a '''user''' on a specific '''site''' is:
<nowiki>https://api.grid5000.fr/stable/sites/</nowiki><code class="replace">site</code>/storage/home/<code class="replace">username</code>/access
For [[Group Storage]], the entry-point of a '''storage''' on a server '''server''' of a '''site''' is:
  <nowiki>https://api.grid5000.fr/stable/sites/</nowiki><code class="replace">site</code>/storage/<code class="replace">server</code>/<code class="replace">storage</code>/access
For example, <code><nowiki>https://api.grid5000.fr/stable/sites/lille/storage/storage1/my-team-storage/access</nowiki></code>
{{Note|text=Only the home owner or a group member can interact with his or her accesses, so you need to be authenticated. It's done automatically on the frontend. With curl, you can also use the <code>-u </code><code class="replace">username</code> option and you will be prompted for your password before the request is sent.}}
== Usage ==
We assume that we want to manage the storage group <code class="replace">delta</code> on the <code class="replace">storage1.nancy</code>.grid5000.fr, so the storage API entry-point will be:
  <nowiki> https://api.grid5000.fr/stable/sites/</nowiki><code class="replace">nancy</code>/storage/<code class="replace">storage1</code>/<code class="replace">delta</code>/access
=== Create access ===
Accesses creation is done by sending a POST request to the API with a JSON payload.
We must provide a list of '''hosts''' to whom we want to give access to, for instance <code class="replace">dahu-1.grenoble.grid5000.fr</code> and <code class="replace">dahu-2.grenoble.grid5000.fr</code>. We also need a termination condition, it can be a specific date or a job termination.
{{Note|text=To give access to a storage from a specific VLAN, you can use its domain name, for example for dahu-1 on VLAN 2, you can add <code class="replace">dahu-1-kavlan-2.grenoble.grid5000.fr</code>.}}
==== Until termination ====
If we want to use a specific time (for example <code class="replace">2018-12-25 19:38</code>), we send the following request to the Storage API:
If we want to use a specific time (for example <code class="replace">2018-12-25 19:38</code>), we send the following request to the Storage API:
   curl -X POST 'https://api.grid5000.fr/stable/sites/nancy/storage/home/jpicard/access' -H "Content-Type: application/json" -d '{"ipv4": ["172.16.72.1", "172.16.72.25"], "termination" : {"until":"2018-12-25 19:38"}}'
   curl -X POST <nowiki>'https://api.grid5000.fr/stable/sites/</nowiki><code class="replace">nancy</code>/storage/<code class="replace">storage1</code>/<code class="replace">delta</code>/access'  
  -H "Content-Type: application/json"  
  -d '{"hosts": [<code class="replace">"dahu-1.grenoble.grid5000.fr", "dahu-2.grenoble.grid5000.fr"</code>],  
      "termination" : {"until":"<code class="replace">2018-12-25 19:38"</code>}}'
 
==== Job termination ====
If we want our access to be valid until the end of a Grid'5000 job, for example the job <code class="replace">4548</code> of  <code class="replace">grenoble</code>, we do:
  curl -X POST <nowiki>'https://api.grid5000.fr/stable/sites/</nowiki><code class="replace">nancy</code>/storage/<code class="replace">storage1</code>/<code class="replace">delta</code>/access'
  -H "Content-Type: application/json"
  -d '{"hosts": [<code class="replace">"dahu-1.grenoble.grid5000.fr", "dahu-2.grenoble.grid5000.fr"</code>],
      "termination" : {"job": <code class="replace">4548</code>, "site": <code class="replace">"grenoble"</code>}}'
If we want to give access to all the assigned nodes of a job, we don't need to give any hosts, the API will fill them for us:
  curl -X POST <nowiki>'https://api.grid5000.fr/stable/sites/</nowiki><code class="replace">nancy</code>/storage/<code class="replace">storage1</code>/<code class="replace">delta</code>/access'
  -H "Content-Type: application/json"
  -d '{"termination" : {"job": <code class="replace">4548</code>, "site": <code class="replace">"grenoble"</code>}}'


If we want to use a job termination, for example the job <code class="replace">4548</code> of  <code class="replace">grenoble</code>:
{{Warning|text= The access is created immediately and is valid until the termination of the job, even if the job has not started yet.}}
  curl -X POST 'https://api.grid5000.fr/stable/sites/nancy/storage/home/jpicard/access' -H "Content-Type: application/json" -d '{"ipv4": ["172.16.72.1", "172.16.72.25"], "termination" : {"job": 4548, "site": "grenoble"}}
{{Warning|text= The access is create immediately and until the termination of the job, even if the job has not yet started.}}


== List access ==
The '''nfs_address''' field will contain the address used to manually mount the storage:
To list all access, you should do:
{{Term|location=node|cmd=mount <code class="replace">storage1.nancy</code>.grid5000.fr:/export/group/<code class="replace">delta</code> <code class="replace">/mnt/</code>}}
   curl https://api.grid5000.fr/stable/sites/<code class="replace">nancy</code>/storage/home/<code class="replace">jpicard</code>/access
 
You get a list of accesses
 
{{Warning|text=When access is explicitly given to a group storage (e.g. this is not done automatically by the job management system), this group storage can be mounted using the ''mount'' command as super-user (via ''sudo-g5k'' or in a ''deploy'' job). However, trying to access to the group storage in the autofs mount point in <code>/srv/storage/</code> is not supported.}}
 
=== List access ===
To list all accesses, you should do:
   curl <nowiki>https://api.grid5000.fr/stable/sites/</nowiki><code class="replace">nancy</code>/storage/<code class="replace">storage1</code>/<code class="replace">delta</code>/access'
You get a list of accesses:
   {
   {
     "G5k-home_jpicard_j_1666466-nancy_1": {
     "G5k-group_delta_j_1666466-nancy_1": {
       "ipv4": [
       "ipv4": [
         "172.16.64.97"
         "172.16.64.97"
Line 29: Line 64:
         "job": 1666466,
         "job": 1666466,
         "site": "nancy"
         "site": "nancy"
       }
       },
      "nfs_address": "storage1.nancy.grid5000.fr:/export/group/delta"
     },
     },
     "G5k-home_jpicard_u_1535456240_1": {
     "G5k-group_delta_u_1535456240_1": {
       "ipv4": [
       "ipv4": [
         "172.16.64.16"
         "172.16.64.16"
Line 37: Line 73:
       "termination": {
       "termination": {
         "until": 1535456240,
         "until": 1535456240,
       }
       },
      "nfs_address": "storage1.nancy.grid5000.fr:/export/group/delta"
     }
     }
   }
   }
You can also ask for a specific access by providing its identifier, for instance :
You can also ask for a specific access by providing its identifier, for instance:
   curl https://api.grid5000.fr/stable/sites/<code class="replace">nancy</code>/storage/home/<code class="replace">jpicard</code>/access/<code class="replace">G5k-home_jpicard_u_1535456240_1</code>
   curl <nowiki>https://api.grid5000.fr/stable/sites/</nowiki><code class="replace">nancy</code>/storage/<code class="replace">storage1</code>/<code class="replace">delta</code>/access/<code class="replace">G5k-group_delta_u_1535456240_1</code>
 
After that, you should be able to mount the home where you want:
{{Term|location=node|cmd=mount nfs.<code class="replace">nancy</code>.grid5000.fr:/home/<code class="replace">jpicard</code>}}
 
 
{{Note|text=<code class="env">debian9-x64-std</code>,<code class="env">debian9-x64-big</code> and <code class="env">debian9-x64-nfs</code> use autofs for the /home of the local NFS server. So <code>cd /home/jpicard/</code> will automount the home of jpicard if you have the right}}
 
== Delete an access ==
Accesses deletion is done by sending DELETE to the API.
To delete an access you specify it's identifier, for instance:
curl -X DELETE https://api.grid5000.fr/stable/sites/<code class="replace">nancy</code>/storage/home/<code class="replace">jpicard</code>/access/<code class="replace">G5k-home_jpicard_u_1535456240_1</code>
 
 
== API Specification: ==
 
=== GET /stable/sites/<code class="replace">site</code>/storage/home/<code class="replace">username</code>/access ===
fetch a list of access.
 
=== GET /stable/sites/<code class="replace">site</code>/storage/home/<code class="replace">username</code>/access/<code class="replace">access_id</code> ===
fetch information of a specific access


=== DELETE /stable/sites/<code class="replace">site</code>/storage/home/<code class="replace">username</code>/access/<code class="replace">access_id</code> ===
=== Delete an access ===
delete a specific access
Access deletion is done by sending a DELETE request to the API with the access identifier.
curl -X DELETE <nowiki>https://api.grid5000.fr/stable/sites/</nowiki><code class="replace">nancy</code>/storage/<code class="replace">storage1</code>/<code class="replace">delta</code>/access/<code class="replace">G5k-group_delta_u_1535456240_1</code>


=== DELETE /stable/sites/<code class="replace">site</code>/storage/home/<code class="replace">username</code>/access/?job=<code class="replace">job_id</code>&site=<code class="replace">job_site</code> ===
== API Specification ==
delete all access link to job '''job_id''' of site '''job_site'''


=== POST /stable/sites/<code class="replace">site</code>/storage/home/<code class="replace">username</code>/access ===
[https://api.grid5000.fr/doc/stable/#tag/storage See here] for the storage manager API specification.
Create new access. The payload must be in JSON format, and contains the following mandatory properties:
{| class="wikitable"
|-
! Parameter !! Type !! Description & Examples
|-
| ipv4 || Mandatory || Array of ipv4 allowed to access NFS
  ["172.16.72.1",
    ""172.16.72.25]
|-
| termination || Mandatory || Termination condition can be of two types "Until" or "Job". The form is a structure/hash.
Until termination takes a date as an '''until''' parameter. The access will be deleted after the specify date. eg: 
  {"until" : "2018-12-25 19:38"}
Job terminations takes two parameters, '''job''' and '''site''', which are respectively the id and the site of a Grid'5000 job. When the job end, the export is deleted. eg:
  {"job": "4548, "site":"nancy"}
|-

Latest revision as of 15:27, 26 July 2023

See also: Storage overview | Storage Manager | Group Storage | Ceph | Local (on nodes) disks reservation
Note.png Note

This page is actively maintained by the Grid'5000 team. If you encounter problems, please report them (see the Support page). Additionally, as it is a wiki page, you are free to make minor corrections yourself if needed. If you would like to suggest a more fundamental change, please contact the Grid'5000 team.

The Storage Manager manages access to NFS shares on Grid'5000. It is used for user's home and Group Storage.

How it works

The storage API works with access object. An access is defined by a list of addresses and a termination condition for a specific location on an NFS Server.

On the frontends and on nfs environments (such as centosstream9-nfs), debianXX-big environments (such as debian11-big) autofs is used for the local home and group storage directories. The accesses are created automatically in this case. You may want to use this page if you want to allow additional addresses to access your home (like when you are using VLAN), if you want to access your home over-site or to access group storage on other environments.

You will need to use the Grid'5000 API, the entry-point for the home of a user on a specific site is: 

https://api.grid5000.fr/stable/sites/site/storage/home/username/access

For Group Storage, the entry-point of a storage on a server server of a site is: 

 https://api.grid5000.fr/stable/sites/site/storage/server/storage/access

For example, https://api.grid5000.fr/stable/sites/lille/storage/storage1/my-team-storage/access

Note.png Note

Only the home owner or a group member can interact with his or her accesses, so you need to be authenticated. It's done automatically on the frontend. With curl, you can also use the -u username option and you will be prompted for your password before the request is sent.

Usage

We assume that we want to manage the storage group delta on the storage1.nancy.grid5000.fr, so the storage API entry-point will be: 

  https://api.grid5000.fr/stable/sites/nancy/storage/storage1/delta/access

Create access

Accesses creation is done by sending a POST request to the API with a JSON payload. We must provide a list of hosts to whom we want to give access to, for instance dahu-1.grenoble.grid5000.fr and dahu-2.grenoble.grid5000.fr. We also need a termination condition, it can be a specific date or a job termination.

Note.png Note

To give access to a storage from a specific VLAN, you can use its domain name, for example for dahu-1 on VLAN 2, you can add dahu-1-kavlan-2.grenoble.grid5000.fr.

Until termination

If we want to use a specific time (for example 2018-12-25 19:38), we send the following request to the Storage API: 

 curl -X POST 'https://api.grid5000.fr/stable/sites/nancy/storage/storage1/delta/access' 
 -H "Content-Type: application/json" 
 -d '{"hosts": ["dahu-1.grenoble.grid5000.fr", "dahu-2.grenoble.grid5000.fr"], 
      "termination" : {"until":"2018-12-25 19:38"}}'

Job termination

If we want our access to be valid until the end of a Grid'5000 job, for example the job 4548 of grenoble, we do: 

 curl -X POST 'https://api.grid5000.fr/stable/sites/nancy/storage/storage1/delta/access'
 -H "Content-Type: application/json" 
 -d '{"hosts": ["dahu-1.grenoble.grid5000.fr", "dahu-2.grenoble.grid5000.fr"], 
      "termination" : {"job": 4548, "site": "grenoble"}}'

If we want to give access to all the assigned nodes of a job, we don't need to give any hosts, the API will fill them for us: 

 curl -X POST 'https://api.grid5000.fr/stable/sites/nancy/storage/storage1/delta/access'
 -H "Content-Type: application/json"
 -d '{"termination" : {"job": 4548, "site": "grenoble"}}'
Warning.png Warning

The access is created immediately and is valid until the termination of the job, even if the job has not started yet.

The nfs_address field will contain the address used to manually mount the storage:

Terminal.png node:
mount storage1.nancy.grid5000.fr:/export/group/delta /mnt/


Warning.png Warning

When access is explicitly given to a group storage (e.g. this is not done automatically by the job management system), this group storage can be mounted using the mount command as super-user (via sudo-g5k or in a deploy job). However, trying to access to the group storage in the autofs mount point in /srv/storage/ is not supported.

List access

To list all accesses, you should do: 

 curl https://api.grid5000.fr/stable/sites/nancy/storage/storage1/delta/access'

You get a list of accesses: 

 {
   "G5k-group_delta_j_1666466-nancy_1": {
     "ipv4": [
       "172.16.64.97"
     ],
     "termination": {
       "job": 1666466,
       "site": "nancy"
     },
     "nfs_address": "storage1.nancy.grid5000.fr:/export/group/delta"
   },
   "G5k-group_delta_u_1535456240_1": {
     "ipv4": [
       "172.16.64.16"
     ],
     "termination": {
       "until": 1535456240,
     },
     "nfs_address": "storage1.nancy.grid5000.fr:/export/group/delta"
   }
 }

You can also ask for a specific access by providing its identifier, for instance: 

 curl https://api.grid5000.fr/stable/sites/nancy/storage/storage1/delta/access/G5k-group_delta_u_1535456240_1

Delete an access

Access deletion is done by sending a DELETE request to the API with the access identifier. 

curl -X DELETE https://api.grid5000.fr/stable/sites/nancy/storage/storage1/delta/access/G5k-group_delta_u_1535456240_1

API Specification

See here for the storage manager API specification.

Retrieved from "https://www.grid5000.fr/mediawiki/index.php?title=Storage_Manager&oldid=99909"