Version 3 (modified by mmamonski, 11 years ago) (diff)

--

GridFTP server installation

  • It is recommended to take the gridFTP server from the IGE (Initiative for Globus in Europe) repository.

Please configure IGE repositories. Example configuration for SL5:

cat > /etc/yum.repos.d/IGE.repo << EOF
[IGE]
name=IGE
baseurl=http://repo-rpm.ige-project.eu/sl/sl5/x86_64/
enabled=1
gpgcheck=1
gpgkey=http://repo-rpm.ige-project.eu/RPM-GPG-KEY-IGE
EOF
cat > /etc/yum.repos.d/IGE-updates.repo << EOF
[IGE-updates]
name=IGE - Updates
baseurl=http://repo-rpm.ige-project.eu/sl/updates/sl5/x86_64/
enabled=1
gpgcheck=1
gpgkey=http://repo-rpm.ige-project.eu/RPM-GPG-KEY-IGE
EOF

IMPORTANT: If for any reason you do not want to use IGE repos, you can alternatively configure the system to use EPEL (Extra Packages for Enterprise Linux) repository.

  • The configuration can be done by installation of yum-conf-epel.noarch package using the YUM Package Manager.
    yum install yum-conf-epel.noarch
    
  • Install the gridFTP server package:
    yum install globus-gridftp-server-progs.x86_64
    

The grid-ftp server requires the X.509 certificate and key to be present in the following locations

  • /etc/grid-security/hostcert.pem
  • /etc/grid-security/hostkey.pem

The GridFTP server has to be configured to know the range of opened ports for connections. Please edit the /etc/xinetd.d/gsiftp file and set the GLOBUS_TCP_PORT_RANGE environment variable.

service gsiftp
{
 instances               = 100
 per_source              = 50
 socket_type             = stream
 wait                    = no
 user                    = root
 env                     += GLOBUS_TCP_PORT_RANGE=20000,25000
 server                  = /usr/sbin/globus-gridftp-server
 server_args             = -i  -l /var/log/globus-gridftp.log -disable-usage-stats -d ERROR,WARN
 log_on_success          += DURATION
 nice                    = 10
 disable                 = no
}

If needed please install the xinetd tool first

yum install xinetd.x86_64

IMPORTANT: Do not forget to reload xinetd service.

/etc/init.d/xinetd reload

also check if its started on system boot by default:

/sbin/chkconfig --list xinetd
xinetd         	0:off	1:off	2:off	3:on	4:on	5:on	6:off

We also recommend to adjust system wide TCP keepalive parameters for reliability reasons:

echo "600" > /proc/sys/net/ipv4/tcp_keepalive_time
echo "75" > /proc/sys/net/ipv4/tcp_keepalive_intvl
echo "9" > /proc/sys/net/ipv4/tcp_keepalive_probes

In order to make the changes persistent add it also to the /etc/sysctl.conf

  • finally simply verify the installation by issuing the following command (if posible using external client host)
    telnet grass1.man.poznan.pl 2811
    Trying 150.254.173.215...
    Connected to grass1.man.poznan.pl (150.254.173.215).
    Escape character is '^]'.
    220 grass1.man.poznan.pl GridFTP Server 6.19 (gcc64, 1359994843-83) [Globus Toolkit 5.2.3] ready.
    

Note: Alternatively you can configure GridFTP in daemon mode (instead of using xinted):

# vim /etc/gridftp.conf
$GLOBUS_TCP_PORT_RANGE 20000,25000
port 2811
log_single /var/log/globus-gridftp.log
log_level ERROR,WARN

# chkconfig globus-gridftp-server on
# /etc/init.d/globus-gridftp-server start