Home -> Toolkit -> Docs -> Development -> 3.9.4 -> Data -> Gridftp -> Admin

GT 3.9.4 GridFTP: System Administrator's Guide

• Introduction
• Building and Installing
• Configuring
• Deploying
• Testing
• Security Considerations
• Troubleshooting

Introduction

This guide should help you configure and run the GridFTP server in some standard configurations.

Building and Installing

See the Installation Guide.

Configuring

Information on configuration settings and environment variables can be found in the public interface guide.

Deploying the GridFTP Server: globus-gridftp-server

It is assumed that the toolkit installation was successful and that Globus security is properly configured. For more information, see the Installation Guide. Also be sure to reference the GridFTP configuration and command line options.

• Running in daemon mode
• Running under inetd/xinetd
• Remote data-nodes and striped operation

Running in daemon mode

The server should generally be run as root in daemon mode, though it is possible to run it as a user (see below). When run as root you will need to have a host certificate.

Run the server:

globus-gridftp-server < -s | -S > <args>

where:

-s	Runs in the foreground. (this is the default mode)
-S	Detaches from the terminal and runs in the background.

The following additional steps may be required when running as a user other than root.

• Create a ~/.gridmap file, containing the DNs of any clients you wish to allow, mapped to the current username.
• Create proxy: grid-proxy-init

Running under inetd or xinetd

The -i command line option enables the server to be run under inetd or xinetd.

See the Configuration and command line options section for example xinetd and inetd configuration entries.

Remote data-nodes and striped operation

The GridFTP server now supports seperate front end (client control connection) and back end (data node) processes. In addition, a single front end process may connect to multiple back end data nodes.

When multiple back end data nodes are available, the server is said to be in a striped configuration, or simply, is a striped server. In this mode, transfers are divided over all available data nodes, thus allowing the combined bandwidth of all data nodes to be used.

Note: The connection between the front end and data nodes is referred to as the ipc channel.

The ability to use inetd or daemon execution modes applies to both front end servers and data nodes, and the same certificate and user requirements apply.

To start the front end:

globus-gridftp-server <args> -r <host:port>[,<host:port>,...]

To start the data-node:

globus-gridftp-server -p <port> -dn

The -p <port> option used on the data-node is the port that will be used for ipc connections. This is the port that you will register with the front end server.

For example:

machineB> globus-gridftp-server -p 6000 -dn
machineC> globus-gridftp-server -p 7000 -dn
machineA> globus-gridftp-server -p 5000 -r machineB:6000,machineC:7000

The client would only connect to the front end at machineA:5000, for example, using globus-url-copy with the -stripe option:

globus-url-copy -stripe gsiftp://machineA:5000/file file:///destination
   or
globus-url-copy -stripe gsiftp://machineA:5000/file gsiftp://machineX/destination

Where machineX may be another striped server or a standard GridFTP server.

Testing

If the globus-ftp-client-test package has been installed, our standard test suite may be run to verify functionality on your platform. Simply set up the globus environment, chdir to $GLOBUS_LOCATION/test/globus_ftp_client_test/ and run ./TESTS.pl

Please also see the Call for Community Testing.

Security Considerations

[describe security considerations relevant for this component]

Troubleshooting

If you are having problems using the GridFTP server, you should try these steps:

Verify that the server has started successfully. The easiest way to do this is to telnet to the port on which the server is running.

% telnet localhost 2811
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 GridFTP Server localhost.localdomain 0.11 (gcc32dbg, 1098910702-1) ready.

If you see anything other than a 220 banner such as that, then the server has not started correctly. Verify that you have the options you expect. Try no other options besides -s, -i, or -p (the server defaults should be fine in most cases). Verify that there are no configuration files being unexpectedly loaded from /etc/grid-security/gridftp.conf or $GLOBUS_LOCATION/etc/gridftp.conf. If all else fails and you still cannot pass this test, seek help on discuss@globus.org

If the server has started correctly, and your problem is with a security failure or gridmap lookup failure, verify that you have security configured properly here.

If the server is running and your client succesfully authenticates, but has a problem at some other time during the session, please ask for help on discuss@globus.org