Speaker
Description
Currently, the StoRM storage manager relies on the SRM specification to recall files from tape. Although SRM has served us well for many years, its complexity has pushed the WLCG community to adopt a simpler approach, more in line with modern web technologies.
The WLCG tape REST API offers a common HTTP interface allowing clients to manage disk residency of tape-stored files and observe the progress of file transfers to disk. Such API, as the name suggests, is RESTful and consists of a single endpoint handling different operations: a bulk request to stage many tape-stored files, making them available with disk latency; tracking the progress of a previous stage request; cancellation and deletion of previous requests; access to staged file metadata.
In the context of the StoRM project developed at INFN-CNAF, a new component of the service is presented: the StoRM Tape REST API. Using an NGINX reverse proxy to expose the APIs to the outside world, access to the exposed functionality will be handled via authentication mechanisms based on VOMS proxies and OAuth2 tokens. Furthermore, we show an investigation of the Open Policy Agent (OPA) open-source engine to define authorization policies and to ensure safe and fine-grained controls, without sacrificing availability or performance. At the INFN Tier-1, this new service is required to coexist with the current StoRM deployments and to integrate smoothly within the existing infrastructure, in particular with the Grid-Enabled Mass Storage System (GEMSS).
Consider for long presentation | No |
---|