wiki:WebDAV Hands on
Last modified 10 years ago Last modified on 03/16/11 17:27:30

WebDAV Hands on

This part describes how to enable and use the WebDAV service.

Preparation

Before we start this hands-on, rollback to the simple 1.9.12 setup.

VBoxManage modifyvm <your VM name> --natpf1 delete "guestwebdav"
VBoxManage modifyvm <your VM name> --natpf1 delete "guestwebdavsec"

VBoxManage modifyvm <your VM name> --natpf1 "guestwebdav,tcp,,22880,,2880"
VBoxManage modifyvm <your VM name> --natpf1 "guestwebdavsec,tcp,,22881,,2881"
[root@dcachetogo ~]# umount pnfs
[root@dcachetogo ~]# /etc/init.d/dcache stop
...
[root@dcachetogo ~]# mv /opt/d-cache /opt/d-cache_cs
[root@dcachetogo ~]# mv /opt/d-cache_1912 /opt/d-cache
[root@dcachetogo ~]# /etc/init.d/dcache start
...

Server settings

First create the WebDAV service on our virtual machine.

Add the following lines to the layout file /opt/d-cache/etc/layouts/dcachetogo.conf:

[webdav-${host.name}Domain]
[webdav-${host.name}Domain/webdav]

In order to enable access for everyone to the worldwritable directory /pnfs/dcache.org/data/worldwritable via WebDAV add the following lines to the dcache.conf file:

webdavAnonymousAccess=FULL
webdavRootPath=/pnfs/dcache.org/data/worldwritable

Finally start the newly configured domain.

[root@dcachetogo ~]# /opt/d-cache/bin/dcache start webdav-dcachetogoDomain
Starting webdav-dcachetogoDomain done

At this point you now have a WebDAV door contactable by using the port 22880 on your host, which will be forwarded to port 2880 on your guest machine.

Checking functionality

The first simple check would be to point your favourit web browser towards the URL http://localhost:22880/. Currently you can list but not download the data due to missing port redirection for communication from guest to host OS. In order to fix it disable the redirect on read. The drawback will be that all reads will go through the WebDAV door which eventually may become a bottleneck this way.

webdav.redirect.on-read=false

Some clients expect that PUT indeed overwrites existing files. In particular Mac OS X is known to have issues writing and deleting files with dCache when this property is false.

webdav.overwrite=false

Add these lines on the dcache.conf file and restart the WebDAV service.

[root@dcachetogo ~]# /opt/d-cache/bin/dcache restart webdav-dcachetogoDomain
Stopping webdav-dcachetogoDomain (pid=5138) 0 done
Starting webdav-dcachetogoDomain done

Now you should not have a problem with reading the data. Moreover, you even may now write via the WebDAV interface into dCache! Choose one of the following methods of accessing WebDAV according to your preferences (and possibilities)...

WebDAV clients

Web browsers like Firefox, Internet Explorer and Safary allow you to browse and download your data, but not to upload a file. For the write access you can use WebDAV clients supported by your OS such as Nautilus (supported by GNOME) or command line clients like curl or cadaver.

Linux

command line examples:

  • list data on the WebDAV using cadaver:
    oleg> cadaver http://localhost:22880
    dav:/> ls
    Listing collection `/': succeeded.
           Sintel_trailer.mkv               7422470  Feb 24 20:24
           elephantsdream_trailer.mp4      30639218  Feb 24 20:24
    dav:/> bye
    Connection to `localhost' closed.
    oleg>
    
  • uploading data using curl
    oleg> curl -v -T /bin/bash http://localhost:22880/test.tst
    * About to connect() to localhost port 22880
    *   Trying 127.0.0.1... connected
    * Connected to localhost (127.0.0.1) port 22880
    > PUT /test.tst HTTP/1.1
    > User-Agent: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
    > Host: localhost:22880
    > Accept: */*
    > Content-Length: 801512
    > Expect: 100-continue
    >
    < HTTP/1.1 100 Continue
    HTTP/1.1 201 Created
    < Transfer-Encoding: chunked
    < Server: Jetty(7.2.2.v20101205)
    * Connection #0 to host localhost left intact
    * Closing connection #0
    oleg>
    

GUI client:

  • nautilus

open server connecton: File->Connect to Server


fill the form :

  • Service type : WebDAV (HTTP)
  • Server: localhost
  • Port: 22880



and connect to server:

Windows

command line:

  • cigwin : curl or cadaver

GUI(German):

  • shared folders

computer -> Netzwerkadresse hinzufügen

Following the master: Internet- oder netzwerkadress: http://localhost:22880

And browse data:

Mac OS X

Firefox Plugin for all major operating systems

On the Firefox menu:

  • Goto Extras -> add-ons - search for the plugin “Trail-Mix” install plugin and restart firefox.

Click on the squirrel icon and select "Online files"


fill the WebDAV URL address



And browse files:

Additional test

According to Patricks' presentation, dCache now is able to support NFS 4.1 sever, thus new POSIX-like features may be used. E.g. create new files directly into the mounted namespace.

  • Shut down the nfsv3 service and configure dCache to run the nfsv41 service instead.
    [root@dcachetogo ~]# umount /pnfs
    [root@dcachetogo ~]# service dcache stop namespaceDomain
    Stopping namespaceDomain (pid=1364) 0 1 2 3 done
    
  • Adapt the layout file.
    • Remove...
      [namespaceDomain/nfsv3]
      
    • Add...
      [nfsv41Domain]
      [nfsv41Domain/nfsv41]
      
  • Re-/Start the services and mount /pnfs. Note that the commandline options for mounting changed.
    [root@dcachetogo ~]# service dcache start namespaceDomain nfsv41Domain
    Starting namespaceDomain done
    Starting nfsv41Domain done
    [root@dcachetogo ~]# mount -t nfs4 -o minorversion=1,rsize=32768,wsize=32768 localhost:/pnfs /pnfs
    

Copy an existing graphics file into dCache using NFS v4.1.

[root@dcachetogo ~]# su - dc_user
[dc_user@dcachetogo ~]$ cp /usr/share/doc/pycairo-1.8.8/examples/cairo_snippets/data/romedalen.png /pnfs/dcache.org/data/worldwritable

You should be able to see this file with the URL http://localhost:22880/romedalen.png.

Now we generate a new file directly within the mounted namespace.

[dc_user@dcachetogo ~]$ dd if=/dev/urandom of=/pnfs/dcache.org/data/worldwritable/testfile_dc_user.tst  bs=1024 count=2000
2000+0 records in
2000+0 records out
2048000 bytes (2.0 MB) copied, 2.08245 s, 983 kB/s

This new file may be downloaded for example via the WebDAV interface.

Cookbook

Server

Available properties and documentation of webdav service see file /opt/d-cache/share/defaults/webdav.properties.

Problem: setup simple read only http WebDAV service:

Solution:

Add the parameters on the file /opt/d-cache/etc/dcache.conf :

webdavRootPath=/pnfs/dcache.org/data/users/  

default path is set to “/” which also shows admin setup of your namespace. Recommends always redefine these parameter.

webdavAnonymousAccess=READONLY
webdavReadOnly=true

Add WebDAV service to the layout file:

[webdav-${host.name}Domain]
[webdav-${host.name}Domain/webdav]

Problem: setup https WebDAV service with x.509 authorization:

Solution:

/opt/d-cache/etc/dcache.conf :

webdavRootPath=/pnfs/dcache.org/data/worldwritable/
webdavProtocol=https

Some clients expect that PUT indeed overwrites existing files. In particular Mac OS X is known to have issues writing and deleting files with dCache when this property is false.

webdav.overwrite=true

For security access also is necessary to export host certificate and CA certificates using following commands:

/opt/d-cache/bin/dcache import hostcert
/opt/d-cache/bin/dcache import cacerts

Problem: you want to have 2 WebDAV doors on the single dCache node

Solution: There is no limitation to create 2 WebDAV services on the layout file. But there is no definition to set variable on the specified domain or service. The service depended parameters must be defined on the layout file. the part of layout configuration file :

[webdav-${host.name}_httpDomain]
[webdav-${host.name}_httpDomain/webdav]
cell.name=WebDAV-${host.name}-1
webdavRootPath=/pnfs/dcache.org/data/users/  
webdavAnonymousAccess=READONLY
webdavReadOnly=true
 port=2880

[webdav-${host.name}_httpsDomain]
[webdav-${host.name}_httpsDomain/webdav]
cell.name=WebDAV-${host.name}-2
webdavProtocol=https
webdavAnonymousAccess=NONE
 port=2881

Client

convert .pem to .p12

[root@dcachetogo ~]# su -l dc_user
[dc_user@dcachetogo ~]$ openssl pkcs12 -export -out cert.p12 -inkey ./userkey.pem -in ./usercert.pem

Import you certificate to the system

  • Windows:

double click on your .p12 certificate and following import master.

  • Linux davfs

If you use davfs, you need to edit your davfs2.conf by setting:

servercert example-ca-cert.pem 
clientcert example-certificate.p12 

You need to store your servercert in the davfs2/certs directory and the clientcert in the davfs2/certs/private directory. You can find the additional info on http://manpages.ubuntu.com/manpages/karmic/man8/mount.davfs.8.html

To mount your WebDAV-directory to your local file system add to /etc/fstab :

https://localhost:2880/     /mnt/davfs2     davfs     user, noauto     0    0 

Attachments