What about installing a XRootD proxy with caching? Afaik there is no such service installed. Let me know if I’m wrong in this point.
I think it would improve SWAN immensely for a lot of people! Let me give an example:
We run a ROOT hands-on with around 50 people. Each of them pull via XRootD a file with around 10 GB. Currently all of these transfers go through the network all the time. However, you could have local reading performance with the XRootD cache after the first user pulled the file. Wouldn’t that be awesome?
I came here for the same question, is it possible to access files from tier2/tier3 via xrootd in swan? Or do I have to copy them local to my cernbox everytime that I need them?
Just to understand your use case, you want to read those files remotely with ROOT via xrootd? If that is the case, you just need to do a kinit from the SWAN terminal and you will be able to read those files remotely.
Thanks @etejedor for the reply.
What I want is to access remote files (from a T2/T3 somewhere else) and run some code in a notebook from swan. I guess that this can be done through xrootd. But I have two (stupid) technical questions:
Do I need to set my grid certificate for that? and if yes, how?
I can access those files through swan, like: ROOT.TFIle.Open(‘root://xrootd-cms.infn.it//store/mc/blahblah.root’)
It seems that the first thing you would need to do is copy your grid certificate in your CERNBox. After that, you should run voms-proxy-init (available in SWAN) from the SWAN terminal to get your proxy certificate. Then, from your notebook, you should be able to open the file with ROOT.
We had a presentation from a user in the SWAN workshop that did a similar thing for ALICE:
See e.g. slide 5 where he talks about setting up the grid certificate. @blim perhaps you can help @algomez out with this?
I tried this before contacting this forum, I installed my certificate as usual but then trying to run voms-proxy-init I am getting this message:
algomez@b02b398a660c:/home/algomez$ voms-proxy-init --voms cms
Enter GRID pass phrase:
Your identity: /DC=ch/DC=cern/OU=blahblah
Cannot find file or dir: /etc/vomses
VOMS Server for cms not known!
while from other machines this work. That is why I assumed that this does not work. Any suggestion?
In the meantime, what you can do is copy the CMS voms server configuration files you need from lxplus to your CERNBox. Then, when you run voms-proxy-init, there is a parameter that you can pass to make it look elsewhere for voms server configuration files:
-vomses <file> Non-standard location of configuration files.
Hi @etejedor
thank you so much, yes this works like a charm! and thank you for the JIRA ticket as well.
Now I’ll try to run more complicated things in swan
Your proxy is valid until Mon Jul 13 23:18:32 2020
Error: verification failed.
Cannot verify AC signature!
So a proxy is created but without verifying the AC signature I cannot use features like xrootd.
Is this known and is there a solution? I see that the JIRA ticket is still open.
Yes, that JIRA issue is still open since we need to install the VOMS server configuration files in SWAN. You can for now copy them e.g. from lxplus into your CERNBox as described in this post.
However, the error you show is more related to RQF1600959. We are trying to figure out why the AC signature verification failure happens in SWAN. I added you as watcher of that ticket, so I suggest you follow the progress there.
Thanks for the prompt reply. I did copy the VOMS server configs from /etc/vomses to SWAN. That’s how I managed to generate the proxy. However, without the AC signature, seems I cannot access files using the XROOT protocol. Is this expected and is there a workaround?
BTW, the link to the ticket seems to be broken. It says " Record not found".
No, it’s not expected, we are in contact with other IT colleagues to see how we can fix this, basically we need to reproduce the same configuration that exists on lxplus.