cvmfs. Statum-0. Restore of repository.

#

# new repository @ stratum-0 = cfs-f000.jinr.ru = cvmfs-st-0.jinr.ru

#
# params for new repo:
# — name of new repo w/o .jinr.ru, valid [a-z_]
# — quota of new repo: 1T, 100G, 500M
#

newrepo=test
qutrepo=100G

#
# create user for repo management and set quota on / FS
# user name & group wil lbe cfs.$newrepo
# to maintenance the repo, user need his ssh’s rsa pub key
# in $HOME/.ssh/authorized_keys
# in this way the user will be able to ssh to
# stratum-0 and change his repository by commands in /etc/sudoers.d/cfs_$newrepo
#
usrrepo=»cfs.$newrepo»
getent passwd $usrrepo >/dev/null 2>&1
if test $? -ne 0 ; then
useradd -c «user for cvmfs repo $newrepo» -p «*NP*» -U $usrrepo
fi
#
# allow interactive login
#
grep -Eq «^$usrrepo$» /etc/users.allow
if test $? -ne 0 ; then
echo $usrrepo >> /etc/users.allow
fi
#
# user quota on / FS = 50MB
#
xfs_quota -x -c «limit -u bsoft=50m bhard=55m $usrrepo» / 2>/dev/null

#
# insert project name & id in /etc/projects & /etc/projid
#
prjrepo=`grep -E «:/srv/cvmfs/$newrepo.jinr.ru$» /etc/projects | \
awk -F: ‘{ print $1 }’`
if test X»$prjrepo» = «X» ; then
ln=`cat /etc/projects | \
awk -F: ‘{ print $1 }’ | \
sort -n | \
uniq | \
tail -n 1`
test X»$ln» = «X» && ln=0
prjrepo=`expr $ln + 1`
echo «$prjrepo:/srv/cvmfs/$newrepo.jinr.ru» >> /etc/projects
fi
grep -Eq «^$newrepo:» /etc/projid
if test $? -ne 0 ; then
echo «$newrepo:$prjrepo» >> /etc/projid
fi
#
# allow sudo for user
#
usudof=»cfs_$newrepo»
cat > /etc/sudoers.d/$usudof << EOD
$usrrepo ALL=(ALL) NOPASSWD: \\
/usr/bin/cvmfs_server list, \\
/usr/bin/cvmfs_server info $newrepo.jinr.ru, \\
/usr/bin/cvmfs_server transaction $newrepo.jinr.ru, \\
/usr/bin/cvmfs_server resign $newrepo.jinr.ru, \\
/usr/bin/cvmfs_server abort $newrepo.jinr.ru, \\
/usr/bin/cvmfs_server gc $newrepo.jinr.ru, \\
/usr/bin/cvmfs_server publish $newrepo.jinr.ru, \\
/usr/bin/chown $usrrepo /cvmfs/$newrepo.jinr.ru, \\
/usr/sbin/xfs_quota -x -c report /srv/cvmfs
EOD
chmod 440 /etc/sudoers.d/$usudof
#
# create empty ~$usrrepo/.ssh/authorized_keys#
mkdir /home/$usrrepo/.ssh
touch /home/$usrrepo/.ssh/authorized_keys
chmod 600 /home/$usrrepo/.ssh/authorized_keys
chown -R $usrrepo /home/$usrrepo/
chgrp -R $usrrepo /home/$usrrepo/

#

# create new repo
#
cvmfs_server mkfs -o $usrrepo -g -z -k /etc/cvmfs/keys/jinr.ru $newrepo.jinr.ru
#
# copy JINR’s common keys&certs for new repo
#
for k in `/bin/ls -1 /etc/cvmfs/keys/jinr.ru/jinr*` ; do
nk=`echo $k | \
sed -e «s|/etc/cvmfs/keys/jinr.ru/|/etc/cvmfs/keys/jinr.ru/$newrepo.|»`
/bin/cp -pv $k $nk
done
#
# change PUBLIC_KEY to JINR common
#
sed -i -e «s|^CVMFS_PUBLIC_KEY=.*$|CVMFS_PUBLIC_KEY=/etc/cvmfs/keys/jinr.ru/jinr.ru.pub|» \
/etc/cvmfs/repositories.d/$newrepo.jinr.ru/client.conf
#
# resing repo key
#
cvmfs_server resign -d 60 $newrepo.jinr.ru
#
# enable & set quota for project dirs tree
#
xfs_quota -x -c «limit -p bhard=$qutrepo bsoft=$qutrepo $prjrepo» /srv/cvmfs
xfs_quota -x -c «project -s $prjrepo» /srv/cvmfs
#
# check new repo
#
cvmfs_server check -i $newrepo.jinr.ru
cvmfs_server info $newrepo.jinr.ru
#
# check all repos on stratum-0/1
#
ch_all_repos
#
# set owner for the repository
#
cvmfs_server transaction $newrepo.jinr.ru
chown -R $usrrepo /cvmfs/$newrepo.jinr.ru
chgrp -R $usrrepo /cvmfs/$newrepo.jinr.ru
cvmfs_server publish $newrepo.jinr.ru
cvmfs_server check -i $newrepo.jinr.ru

#
# how to maintenace the repo
#
# to update repo
# 1. transaction — make cvmfs/$newrepo.jinr.ru writable
# 2. cvmfs_rsync — copy new content to repo
# 3. publish — commit chages in repo
# make it read-only again
# & ready for snapshort from stratum-1
#
cvmfs_server transaction $newrepo.jinr.ru
cvmfs_rsync -a <from> /cvmfs/$newrepo.jinr.ru
chown -R $usrrepo /cvmfs/$newrepo.jinr.ru

chgrp -R $usrrepo /cvmfs/$newrepo.jinr.ru
cvmfs_server publish $newrepo.jinr.ru

#
# misc commands
#
# abort commit (just before publish)
#
cvmfs_server abort $newrepo.jinr.ru
#
# remove repo from stratum-0 complitely
# do that on stratum-1 too
#
cvmfs_server rmfs $newrepo.jinr.ru

#
# restore repo from stratum-1
#
# on cfs-rp02:

#
saverepo=test
rsync -c -rlptW —delete /cvmfs/$saverepo.jinr.ru/ /cvmfs_bkp/$saverepo.jinr.ru
#
# on cfs-f000
#
mount cfs-rp02:/cvmfs_bkp /cvmfs_bkp
saverepo=test
cvmfs_server transaction $saverepo.jinr.ru
cvmfs_rsync -c -rlptW —delete /cvmfs_bkp/$saverepo.jinr.ru/ /cvmfs/$saverepo.jinr.ru
chown -R cfs.$saverepo $saverepo.jinr.ru
cvmfs_server publish $saverepo.jinr.ru
cvmfs_server check -i $saverepo.jinr.ru
#
# CORNER CASE!!!
# if the error does not go away
#
cvmfs_server rmfs $saverepo.jinr.ru
/bin/rm -rf /srv/cvmfs/$saverepo.jinr.ru
umount /srv/cvmfs
mount /srv/cvmfs
xfs_repair /dev/CVMFS/srv
# create repository again.
# and rsync saved copy
cvmfs_server transaction $saverepo.jinr.ru
cvmfs_rsync -c -rlptW —delete /cvmfs_bkp/$saverepo.jinr.ru/ /cvmfs/$saverepo.jinr.ru
chown -R cfs.$saverepo $saverepo.jinr.ru
cvmfs_server publish $saverepo.jinr.ru
cvmfs_server check -i $saverepo.jinr.ru

#
# check quota
#
/usr/sbin/xfs_quota -x -c report /srv/cvmfs
#
# check cvmfs’s dirs user/free size
#
df /var/spool/cvmfs /srv/cvmfs