API Service

Starting the API Service

 

Before starting the API Service, there are a few things to check.

 

  • The xAlien-auto.cf should be under ~/etc directory and look like this:
    • ###########################################################
      xrootd.fslib INST_DIR/alien.v2-19.168/api/lib/libXrdxAlienFs.so
      xrootd.async off nosf
      all.manager HOSTNAME
      2131
      all.export /dummy /ORG_NAME/
      xalien.trace all debug
      ###########################################################
      xrootd.seclib INST_DIR/alien.v2-19.168/api/lib/libXrdSec.so
      ###########################################################
      xalien.outputdir INST_DIR/active/
      #xalien.trace all debug
      xalien.perlmodule INST_DIR/alien.v2-19.168/api/scripts/gapiserver/AlienAS.pl
      xalien.nworker 16
      sec.protocol INST_DIR/alien.v2-19.168/api/lib/ unix
      sec.protocol INST_DIR/alien.v2-19.168/api/lib/ gsi -crl:1 -cert:$HOME/.globus/usercert.pem -key:$HOME/.globus/userkey.pem -certdir:$HOME/alien.v2-19.168/globus/share/certificates/ -gmapopt:10
      sec.protbind * gsi unix

               where INST_DIR must be the install directory, such as /home/alienmaster or /opt, HOSTNAME the full hostname of the machine (e.g. pcapiserv03.cern.ch), and ORG_NAME the name of the AliEn organisation, normally alice.

 

  • The gapiservice.cfg.xml should also be under ~/etc andbe defined as follows:
    • <?xml version="1.0" encoding="UTF-8" ?>
      <service name="gapiservice">
      <components>
      <component name="gapiservice">
      <config>
      <param name="prefork">              <value>16</value></param>
      <param name="port">                 <value>10000</value></param>
      <param name="user">                 <value>"aliprod"</value></param>
      <param name="role">                 <value>"admin"</value></param>
      <param name="debug">                <value>0</value></param>
      <param name="commandlogging">       <value>1</value></param>
      <param name="commandlogfile">       <value>"/home/alienmaster"/log/ApiCommands.log</value></param>
      <param name="performancelogging">   <value>0</value></param>
      <param name="filteredcommands">
      <arrayvalue>"get"</arrayvalue>
      <arrayvalue>"add"</arrayvalue>
      <arrayvalue>"quit"</arrayvalue>
      <arrayvalue>"exit"</arrayvalue>
      <arrayvalue>"user"</arrayvalue>
      </param>
      <param name="environment">
      <arrayvalue>SEALED_ENVELOPE_LOCAL_PRIVATE_KEY=""/home/alienmaster"/.alien/gapiserver/lpriv.pem"</arrayvalue>
      <arrayvalue>SEALED_ENVELOPE_LOCAL_PUBLIC_KEY=""/home/alienmaster"/.alien/gapiserver/lpub.pem"</arrayvalue>
      <arrayvalue>SEALED_ENVELOPE_REMOTE_PRIVATE_KEY=""/home/alienmaster"/.alien/gapiserver/rpriv.pem"</arrayvalue>
      <arrayvalue>SEALED_ENVELOPE_REMOTE_PUBLIC_KEY=""/home/alienmaster"/.alien/gapiserver/rpub.pem"</arrayvalue>
      </param>
      </config>
      </component>
      </components>
      </service>

                 as you can see, in this case our $HOME is /home/alienmaster, change it to yours if needed.

 

  • There should be a gapiserver directory in ~/.alien/, that points to .alien/authen. authen directory is normally created automatically, and should contain this:
    • [mmmartin@pcalice92 .alien]$ ls -l gapiserver/
      total 16
      -rw-r-----. 1 mmmartin mmmartin  887 Apr 25 14:09 lpriv.pem
      -rw-r-----. 1 mmmartin mmmartin 1029 Apr 25 14:09 lpub.pem
      -rw-r-----. 1 mmmartin mmmartin  887 Apr 25 14:09 rpriv.pem
      -rw-r-----. 1 mmmartin mmmartin 1029 Apr 25 14:09 rpub.pem

 

  • You will probably need to define the environment variable ALIEN_DATABASE_PASSWORD, otherwise you could find problems in ~/log/xAlienWorker.log.

 

Finally, you can start the service runnning:

      > alien StartApiService