wiki:manuals/admin_interface
Last modified 20 months ago

Admin interface

The admin interface allows control of all dCache components

How to generate server keys for a fresh installation of dCache

ssh-keygen -t rsa1 -f /opt/d-cache/config/server_key -b 1024
ssh-keygen -t rsa1 -f /opt/d-cache/config/host_key

Don't enter passphrases!

How to connect to the Admin interface

Interactive Connections

To access the local administration console within Dcache 

ssh -l admin localhost -p 22223 -c blowfish service

The default password is 

dickerelch

How to change the Admin Interface Password

Next Change the password by this series of commands. 

ssh -l admin -c blowfish -p 22223 localhost
(local) admin > cd acm
(acm) admin > create user admin
(acm) admin > set passwd ${newPasswd} ${newPasswd}
(acm) admin > ..
(local) admin > logoff

Using Key based Authentication with the Admin Interface

To login to the administration console using ssh keys without a password is also possible.

To generate a key pair. 

[synge@dev01 synge]$ ssh-keygen -t rsa1 -b 1024

Passwords can be left blank if the key is for automated scripting against D-Cache

The public Key MUST then be edited to have the ${USER}@${HOST} changed to admin@${HOST}. The ${HOST} variable does not seem important. 

[synge@dev01 synge]$ vi .ssh/identity.pub 
[synge@dev01 synge]$ cat .ssh/identity.pub 
1024 35
160440544125444844051808845253846690422815200721695628473265331939871186691345848836701867001143601976239540582793809053701120397700128226755024932908158725776758958889391061118039876867190297129233928174471523326595556738739370728687422769741199357550074602339715400094484076193235386255583160407690410682699
admin@dev01.gridpp.rl.ac.uk

Add the content of the public key to the D-cache ssh servers authorized keys list. Remember to change the extension to be admin@${HOST}. 

[synge@dev01 synge]$ cat .ssh/identity.pub >> /opt/d-cache/config/authorized_keys

You may then login with the following command line. 

ssh -l admin -c blowfish -p 22223 localhost

Alternatively ssh clients configuration can be edited to include the following values. 

[synge@dev01 synge]$ vi .ssh/config
[synge@dev01 synge]$ cat .ssh/config 
Host dev01.gridpp.rl.ac.uk
Port 22223
User admin
IdentityFile .ssh/identity
Protocol 1
Cipher blowfish

Now we should have password free login if ssh agents are used, if not you will be prompted for the ssh pass phrase, and if this is not correct the server will fall back to the admin password.. 

[synge@dev01 synge]$ ssh admin@dev01.gridpp.rl.ac.uk
The authenticity of host 'dev01.gridpp.rl.ac.uk (130.246.184.124)' can't be established.
RSA1 key fingerprint is 93:7a:52:c0:44:1e:95:9b:02:52:f2:d1:a5:5e:32:4a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'dev01.gridpp.rl.ac.uk,130.246.184.124' (RSA1) to the list of known hosts.

    dCache Admin (VII) (user=admin)


(local) admin > (local) admin > Connection to dev01.gridpp.rl.ac.uk closed.

This shows that we have 3 public keys that are accepted by D-Cache to bypass the servers own password. 

[synge@dev01 synge]$ cat /opt/d-cache/config/authorized_keys
1024 37
97696571718361047988560879388740126981048135413014757020862125228191718722630583619989636917236813018777031525763980460477110373262698412029683565611942639437489103447446339316583244143356605626435373583195964675119319058582552218517027711566859391331402730201225046888130774129684158492054609149327123642491
admin@localhost
1024 35
160440544125444844051808845253846690422815200721695628473265331939871186691345848836701867001143601976239540582793809053701120397700128226755024932908158725776758958889391061118039876867190297129233928174471523326595556738739370728687422769741199357550074602339715400094484076193235386255583160407690410682699
admin@dev01.gridpp.rl.ac.uk
1024 35
131076545565983366643820053831829542195899595805438560295780030532284711896268294637373000509456956496248175225719946552829896824735459333047685205633446092815158895980274776930909468322914510355955844881072163887418630782159812603725576413922906612696369871012772649673479391140555911047843414868525614417131
admin@gppse01.gridpp.rl.ac.uk

How to get a list of domains

The admin interface can be quired to get a list of running cells through the "System@dCacheDomain" cell with the command "ps -f". 

(local) admin > cd System@dCacheDomain
(System@dCacheDomain) admin > ps -f
  Cell List
------------------
l-101-Unknown-105   A 0  2  LocationMgrTunnel   <io>/Accepted -> httpdDomain
l-101-Unknown-104   A 0  2  LocationMgrTunnel   <io>/Accepted -> adminDoorDomain
l-101-Unknown-103   A 0  2  LocationMgrTunnel   <io>/Accepted -> dirDomain
System              A 0  1  SystemCell          dCacheDomain:IOrec=125;IOexc=0;MEM=3421952
l-101-Unknown-102   A 0  2  LocationMgrTunnel   <io>/Accepted -> pnfsDomain
RoutingMgr          A 0  1  RoutingManager      RoutingMgr
l-101-Unknown-115   A 0  2  LocationMgrTunnel   <io>/Accepted -> grazDomain
l-101-Unknown-114   A 0  2  LocationMgrTunnel   <io>/Accepted -> gsidcap-grazDomain
l-101-Unknown-113   A 0  2  LocationMgrTunnel   <io>/Accepted -> gridftp-grazDomain
l-101-Unknown-112   A 0  2  LocationMgrTunnel   <io>/Accepted -> dcap-grazDomain
lm                  A 0  2  LocationManager     ClientReady
l-101-Unknown-111   A 0  2  LocationMgrTunnel   <io>/Accepted -> gPlazma-grazDomain
l-101-Unknown-110   A 0  2  LocationMgrTunnel   <io>/Accepted -> srm-steyrDomain
PoolManager         A 0  3  PoolManagerV5       PoolManager
Prestager           A 0  2  DummyStager         Req=0;Err=0;
broadcast           A 0  1  BroadcastCell       broadcast
l-101               A 0  3  LoginManager        p=46980;c=dmg.cells.network.LocationMgrTunnel
l-101-Unknown-109   A 0  2  LocationMgrTunnel   <io>/Accepted -> infoProviderDomain
l-101-Unknown-107   A 0  2  LocationMgrTunnel   <io>/Accepted -> gPlazma-steyrDomain
l-101-Unknown-106   A 0  2  LocationMgrTunnel   <io>/Accepted -> utilityDomain
(System@dCacheDomain) admin > ..
(local) admin > ..

Cells can then be entered and queried directly. 

(local) admin > cd System@srm-steyrDomain
(System@srm-steyrDomain) admin > ps -f
  Cell List
------------------
System              A 0  1  SystemCell          srm-steyrDomain:IOrec=125;IOexc=
0;MEM=32098024
RoutingMgr          A 0  1  RoutingManager      RoutingMgr
RemoteHttpTransferManagerA 0  1  RemoteHttpTransferManagerRemoteHttpTransferManager
SRM-steyr           A 0  3  Storage             SRM-steyr
c-101               A 0  2  LocationMgrTunnel   <io>/Connected -> dCacheDomain
CopyManager         A 0  1  CopyManager         CopyManager
SrmSpaceManager     A 0  3  Manager             SrmSpaceManager
lm                  A 0  2  LocationManager     ClientReady
ThreadManager       A 0  24 ThreadManager       ThreadManager
RemoteGsiftpTransferManagerA 0  1  GsiftpTransferManagerRemoteGsiftpTransferManager
(System@srm-steyrDomain) admin > ..