XRootD Third Party Copy for the WLCG and HLLHC

T Adye; B Bockelman; K Ellis; O Freyermuth; F Furano; G Ganis; A Hanushevsky; H Ito; I Johnson; O Keeble; D Litvintsev; A Manzi; P Millar; T Mkrtchyan; G Patargias; A Rossi; H Severini; M Simon; E Sindrilaru; W Yang

doi:10.1051/epjconf/202024504034

EPJ

a
b
c
d
e
ap
st
h
plus
ds
pv
ti
qt
am
n

Proceedings

Open Access

EPJ Web of Conferences 245, 04034 (2020)
https://doi.org/10.1051/epjconf/202024504034

XRootD Third Party Copy for the WLCG and HLLHC

T Adye¹, B Bockelman², K Ellis¹, O Freyermuth³, F Furano⁴, G Ganis⁴, A Hanushevsky⁵, H Ito⁶, I Johnson¹, O Keeble⁴, D Litvintsev⁷, A Manzi⁴, P Millar⁸, T Mkrtchyan⁸, G Patargias¹, A Rossi⁷, H Severini⁹, M Simon⁴, E Sindrilaru⁴ and W Yang⁵^* on behalf of the WLCG TPC Working Group

¹ Science and Technology Facilities Council, United Kingdom
² Morgridge Institute for Research, United States
³ University of Bonn, Germany
⁴ European Organization for Nuclear Research (CERN), Switzerland
⁵ SLAC National Accelerator Laboratory, United States
⁶ Brookhaven National Laboratory, United States
⁷ Fermi National Accelerator Laboratory, United States
⁸ Deutsches Elektronen-Synchrotron (DESY), Germany
⁹ University of Oklahoma, United States

^* Corresponding author : yangw@slac.stanford.edu

Published online: 16 November 2020

Abstract

A Third Party Copy (TPC) mechanism has existed in the pure XRootD storage environment for many years. However, using the XRootD TPC in the WLCG environment presents additional challenges due to the diversity of the storage systems involved such as EOS, dCache, DPM and ECHO, requiring that we carefully navigate the unique constraints imposed by these storage systems and their site-specific environments through customized configuration and software development. To support multitenant setups seen at many WLCG sites, X509 based authentication and authorization in XRootD was significantly improved to meet both security and functionality requirements. This paper presents architecture of the pull based TPC with optional X509 credential delegation, and how it is implemented in native XRootD and dCache. The paper discusses technical requirements, challenges, design choices and implementation details in the WLCG storage systems, as well as in FTS/gfal2. It also outlines XRootD’s plan to support newer TPC and security models such as token based authorization.

© The Authors, published by EDP Sciences, 2020

This is an Open Access article distributed under the terms of the Creative Commons Attribution License 4.0, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.