github.com/pelicanplatform/pelican@v1.0.5/docs/pages/serving_an_origin.mdx

github.com/pelicanplatform/pelican@v1.0.5/docs/pages/serving_an_origin.mdx (about)

     1  import ExportedImage from "next-image-export-optimizer";
     2  
     3  # Install Pelican Origin
     4  
     5  The [Pelican](http://pelicanplatform.org/) origin exposes a storage backend like POSIX or S3 to other members of the federation. This will give you the steps to install XRootD as well as how to install Pelican and start up an origin.
     6  
     7  ## Before Starting
     8  
     9  
    10  Before starting the installation process, consider the following points:
    11  
    12  -   **User IDs:** If it does not exist already, the installation will create the Linux user ID `xrootd`
    13  -   **Service certificate:** The XRootD service uses a host certificate and key pair at
    14      `/etc/grid-security/xrd/xrdcert.pem` and `/etc/grid-security/xrd/xrdkey.pem` that must be owned by the `xrootd` user
    15  -   **Networking:** The XRootD service uses port 1094 by default
    16  
    17  As with all OSG software installations, there are some one-time (per host) steps to prepare in advance:
    18  
    19  -   Ensure the host has [a supported operating system](https://osg-htc.org/docs/release/supported_platforms/)
    20  -   Obtain root access to the host
    21  -   Prepare [the required Yum repositories](https://osg-htc.org/docs/common/yum/)
    22  -   Install [CA certificates](https://osg-htc.org/docs/common/ca/)
    23  -   Install XRootD (Instructions to follow)
    24  
    25  ## XRootD
    26  
    27  #### Requirements for XRootD-Multiuser with VOMS FQANs
    28  
    29      Using XRootD-Multiuser with a VOMS FQAN requires mapping the FQAN to a username, which requires a `voms-mapfile`.
    30      Support is available in `xrootd-voms 5.4.2-1.1`, in the OSG 3.6 repos, though it is expected in XRootD 5.5.0.
    31      If you want to use multiuser, ensure you are getting `xrootd-voms` from the OSG repos.
    32  
    33  
    34  ### Installing XRootD
    35  
    36  To install an XRootD Standalone server, run the following command:
    37  
    38  ```console
    39  root@xrootd-standalone # yum install osg-xrootd-standalone
    40  ```
    41  
    42  ## Installing Pelican
    43  
    44  
    45  Grab the appropriate binary for your system from the [pelican repository](https://github.com/PelicanPlatform/pelican/releases). For more details, see [the client installation instructions](/install.mdx)
    46  
    47  ## Serving an Origin
    48  
    49  ### Register the origin with the namespace-registry
    50  
    51  Before serving an origin, you need to register the origin with the namespace-registry. This can be done by running
    52  
    53  ```pelican namespace register --prefix <namespace prefix> --namespace-url <registry url>```
    54  
    55  Where `<namespace_prefix>` is a namespace prefix associated with the origin and `<registry url>` is the url of the namespace registry. This gives the registry the public key for the origin, and makes that public key available to all of the other services in the federation for verifying tokens
    56  
    57  
    58  ### Running Origin Serve
    59  
    60  To launch a pelican origin, run:
    61  
    62  ```./pelican origin serve -f <federation> -v <local_directory>:<namespace_prefix>```
    63  
    64  Where `<federation>` is the address of the federation the origin will be a part of, `<local directory>` is the directory containing objects to be exported to the federation, and `<namespace prefix>` is the namespace at which files from `<local directory>` will be made available in the federation.
    65  
    66  The first time the origin is started, you will see something that looks like the following:
    67  
    68  
    69  <ExportedImage width={1000} height={1000} src={"/pelican/origin_start.png"} alt={"Image of an origin startup terminal prompt with the initializaiton code"} />
    70  
    71  To initialize the admin interface (to see the metrics), go to the website specified (in this example replace `977d77de9b9d` with `localhost`).
    72  
    73  You will see a warning that looks like the following (with some differences with respect to the browser):
    74  
    75  <ExportedImage width={1000} height={1000} src={"/pelican/invalid_certificate.png"} alt={"Image of a safari browser invalid certificate warning"} />
    76  
    77  Proceed despite the warning to get to the code entry page. Enter the code specified in the terminal and create a root metrics password. You should now see a webpage that looks like so:
    78  
    79  <ExportedImage width={1000} height={1000} src={"/pelican/metrics_view.png"} alt={"Image of prometheus metrics graphs for a Pelican origin"} />
    80  
    81  This will refresh every 10 minutes with the xrootd health metrics so that, as an admin, you can check the status of your origin.