经验首页 前端设计 程序设计 Java相关 移动开发 数据库/运维 软件/图像 大数据/云计算 其他经验
当前位置:技术经验 » 数据库/运维 » Linux/Shell » 查看文章
opensciencegrid - GridFTP 安装
来源:cnblogs  作者:xuyaowen  时间:2019/9/20 9:22:30  对本文有异议

最近配置一个GridFTP 用于测试其传输FTP性能, 在这里简单记录,备忘;使用本教程可以简单起一个GridFTP用于测试服务;

预配置环境:

测试系统:CentOS 7 1806 

配置Yum仓库:https://opensciencegrid.org/docs/common/yum/ 

安装GridFTP:

参考文档:

https://opensciencegrid.org/docs/common/yum/

https://opensciencegrid.org/docs/data/gridftp/

https://gridcf.org/gct-docs/latest/gridftp/admin/index.html#gridftp-admin-config-security-anonymous

https://gridcf.org/gct-docs/latest/gridftp/admin/index.html#_globus_gridftp_server_quickstart (管理员手册)

https://opensciencegrid.org/docs/common/ca/ 

  1. yum install osg-gridftp

也可以直接从epel中直接安装:

  1. yum install globus-gridftp-server

启动GridFTP匿名服务器:(带有认证的没有配置成功,也不想试了)

  1. globus-gridftp-server -control-interface 0.0.0.0 -aa -p 5000 -anonymous-user 1000 # root 用户使用 1000 表示本地任意一个非root用户
  1. globus-gridftp-server -control-interface 0.0.0.0 -aa -p 5000 # 非 root 用户使用
  1. globus-gridftp-server -control-interface 0.0.0.0 -aa -p 8080 -anonymous-user 1040 -home-dir /tmp/ -auth-level 0 -allow-root

更多选项可以使用 --help 查看;

安装  globus-url-copy 命令:

  1. yum install globus-gass-copy-progs

生成测试文件:

  1. dd if=/dev/zero of=size80m bs=8k count=10240

输出测试日志:

  1. tail -f /var/log/gridftp-auth.log

运行匿名用户测试:

  1. root@localhost ~# globus-url-copy -v file:///root/size80m ftp://127.0.0.1:5000/tmp/size80m
  2. Source: file:///root/
  3. Dest: ftp://127.0.0.1:5000/tmp/
  4. size80m

测试成功:

  1. [21230] Thu Sep 19 12:29:09 2019 :: New connection from: localhost:40224
  2. [21230] Thu Sep 19 12:29:09 2019 :: User anonymous successfully authorized.
  3. [21230] Thu Sep 19 12:29:09 2019 :: Starting to transfer "/tmp/size80m".
  4. [21230] Thu Sep 19 12:29:12 2019 :: Finished transferring "/tmp/size80m".
  5. [21230] Thu Sep 19 12:29:12 2019 :: Closed connection from localhost:40224
  6. [20327] Thu Sep 19 12:29:12 2019 :: Child process 21230 ended with rc = 0

安装gridftp 客户端:

  1. [root@xuyaowen ~]# yum search gridftp | grep -i client
  2. Last metadata expiration check: 2:28:09 ago on Thu 19 Sep 2019 11:44:29 AM CST.
  3. edg-gridftp-client.x86_64 : Command line clients to GridFTP libraries
  4. uberftp.x86_64 : GridFTP-enabled ftp client (听说是最好用的工具, 但是我一运行就崩溃,最终还是使用 globus-url-copy 命令进行测试)
  5. globus-ftp-client.x86_64 : Grid Community Toolkit - GridFTP Client Library
  6. globus-ftp-client-devel.x86_64 : Grid Community Toolkit - GridFTP Client Library

测试吞吐:

  1. # test network throughput
  2. globus-url-copy -vb -p 4 ftp://10.134.150.5:5000/dev/zero file:///dev/null

顺序读:

#  tmp globus-url-copy -vb -p 4 ftp://10.134.150.5:5000/dev/zero file:///dev/null

顺序写:

#  tmp globus-url-copy -vb -p 4 file:///dev/zero ftp://10.134.150.5:5000/dev/null

使用UDT:

  1. globus-gridftp-server -control-interface 0.0.0.0 -aa -p 5000 -anonymous-user 1040 -home-dir /tmp/ -auth-level 0 -allow-root -allow-udt
  2. globus-url-copy -vb -p 4 -udt ftp://10.134.150.5:5000/dev/zero file:///dev/null

保持更新,如果对您有帮助或者对配置过程有疑问,请关注cnblogs.com/xuyaowen,并留言;

其他可用参考文档:

https://fasterdata.es.net/data-transfer-tools/gridftp/

https://www.xsede.org/wwwteragrid/archive/web/user-support/gridftp.html 

globus-url-copy 使用说明:

  1. GLOBUS-URL-COPY(1) Grid Community Toolkit Manual GLOBUS-URL-COPY(1)
  2. NAME
  3. globus-url-copy - globus-url-copy
  4. SYNOPSIS
  5. globus-url-copy [options] SOURCE-URL DESTINATION-URL
  6. DESCRIPTION
  7. The globus-url-copy program is a command line tool for multi-protocol data movement. It supports gsiftp:// (GridFTP), ftp://, http://, https://, sshftp:// and file:///
  8. protocol specifiers in the URL.
  9. OPTIONS
  10. -help, -usage
  11. Print help.
  12. -versions
  13. Print the versions of all modules that this program uses
  14. -c, -continue-on-error
  15. Do not die after any errors. By default, program will exit after most errors.
  16. -a, -ascii
  17. Convert the file to/from ASCII format to/from local file format
  18. -b, -binary
  19. Do not apply any conversion to the files. default
  20. -f FILENAME
  21. Read a list of URL pairs from filename. Each line should contain sourceURL destURL. Enclose URLs with spaces in double qoutes ("). Blank lines and lines beginning with #
  22. will be ignored.
  23. -cd, -create-dest
  24. Create destination directory if needed.
  25. -r
  26. Copy files in subdirectories
  27. -fast
  28. Recommended when using GridFTP servers. Use MODE E for all data transfers, including reusing data channels between list and transfer operations.
  29. -t SECONDS
  30. Run the transfer for this number of seconds and then end. Useful for performance testing or forced restart loops.
  31. -q, -quiet
  32. Suppress all output for successful operation.
  33. -v, -verbose
  34. Display URLs being transferred
  35. -vb, -verbose-perf
  36. During the transfer, display the number of bytes transferred and the transfer rate per second. Show URLs being transferred
  37. -dbg, -debugftp
  38. Debug ftp connections. Prints control channel communication to stderr
  39. -rst, -restart
  40. Restart failed ftp operations.
  41. -rst-retries RETRIES
  42. The maximum number of times to retry the operation before giving up on the transfer. Use 0 for infinite. Default is 5.
  43. -rst-interval SECONDS
  44. The interval in seconds to wait after a failure before retrying the transfer. Use 0 for an exponential backoff. Default is 0.
  45. -rst-timeout SECONDS
  46. Maximum time after a failure to keep retrying. Use 0 for no timeout. Default is 0.
  47. -stall-timeout SECONDS, -st SECONDS
  48. How long before cancelling/restarting a transfer with no data movement. Set to 0 to disable. Default is 600 seconds.
  49. -df FILENAME, -dumpfile FILENAME
  50. Path to a file where untransferred URLs will be saved for later restarting. Resulting file is the same format as the -f input file. If file exists, it will be read and all
  51. other URL input will be ignored.
  52. -do FILENAME, -dump-only FILENAME
  53. Perform no write operations on the destination. Instead, all files that would be transferred are enumerated and dumped to the specified file. Resulting file is the same
  54. format as the -f input file. Note: if you intend to use this file as input for a future transfer, the -create-dest option will be required if any destination directories
  55. do not already exist.
  56. -rp, -relative-paths
  57. The path portion of ftp URLs will be interpreted as relative to the user’s starting directory on the server. By default, all paths are root-relative. When this flag is
  58. set, the path portion of the ftp URL must start with %2F if it designates a root-relative path.
  59. -s SUBJECT, -subject SUBJECT
  60. Use this subject to match with both the source and dest servers.
  61. -ss SUBJECT, -source-subject SUBJECT
  62. Use this subject to match with the source server
  63. -ds SUBJECT, -dest-subject SUBJECT
  64. Use this subject to match with the destination server.
  65. -tcp-bs SIZE, -tcp-buffer-size SIZE
  66. Specify the size (in bytes) of the buffer to be used by the underlying ftp data channels.
  67. -bs block SIZE, -block-size block SIZE
  68. Specify the size (in bytes) of the buffer to be used by the underlying transfer methods.
  69. -p PARALLELISM, -parallel PARALLELISM
  70. Specify the number of parallel data connections should be used.
  71. -notpt, -no-third-party-transfers
  72. Turn third-party transfers off (on by default).
  73. -nodcau, -no-data-channel-authentication
  74. Turn off data channel authentication for ftp transfers.
  75. -dcsafe, -data-channel-safe
  76. Set data channel protection mode to SAFE
  77. -dcpriv, -data-channel-private
  78. Set data channel protection mode to PRIVATE
  79. -off, -partial-offset
  80. Offset for partial ftp file transfers, defaults to 0.
  81. -len, -partial-length
  82. Length for partial ftp file transfers, used only for the source url, defaults the full file.
  83. -list URL
  84. List the files located at URL.
  85. -stripe
  86. Enable striped transfers on supported servers.
  87. -striped-block-size, -sbs
  88. Set layout mode and block size for striped transfers. If not set, server defaults will be used. If set to 0, Partitioned mode will be used. If set to > 0, Blocked mode
  89. will be used, with this as the block size.
  90. -ipv6
  91. Use ipv6 when available (EXPERIMENTAL)
  92. -udt
  93. Use UDT, a reliable udp based transport protocol, for data transfers
  94. -g2, -gridftp2
  95. Use GridFTP v2 protocol enhancements when possible.
  96. -dp, -delayed-pasv
  97. Enable delayed passive.
  98. -mn NAME, -module-name NAME
  99. Set the back-end storage module to use for both the source and destination in a GridFTP transfer.
  100. -mp PARAMETERS, -module-parameters PARAMETERS
  101. Set the back-end storage module arguments to use for both the source and destination in a GridFTP transfer.
  102. -smn NAME, -src-module-name NAME
  103. Set the back-end storage module to use for the source in a GridFTP transfer.
  104. -smp PARAMETERS, -src-module-parameters PARAMETERS
  105. Set the back-end storage module arguments to use for the source in a GridFTP transfer.
  106. -dmn NAME, -dst-module-name NAME
  107. Set the back-end storage module to use for the destination in a GridFTP transfer.
  108. -dmp PARAMETERS, -dst-module-parameters PARAMETERS
  109. Set the back-end storage module arguments to use for the destination in a GridFTP transfer.
  110. -aa FILE, -authz-assert FILE
  111. Use the assertions in FILE to authorize the access with both source and destination servers.
  112. -saa FILE, -src-authz-assert FILE
  113. Use the assertions in this file to authorize the access with source server.
  114. -daa FILE, -dst-authz-assert FILE
  115. Use the assertions in this file to authorize the access with dest server.
  116. -cache-aa, -cache-authz-assert
  117. Cache the authz assertion for subsequent transfers.
  118. -cache-saa, -cache-src-authz-assert
  119. Cache the src authz assertion for subsequent transfers.
  120. -cache-daa, -cache-dst-authz-assert
  121. Cache the dst authz assertion for subsequent transfers.
  122. -pipeline, -pp
  123. Enable pipelining support for multi-file ftp transfers. Currently third-party transfers benefit from this. EXPERIMENTAL
  124. -concurrency, -cc
  125. Number of concurrent ftp connections to use for multiple transfers.
  126. -nl-bottleneck, -nlb
  127. Use NetLogger to estimate speeds of disk and network read/write system calls, and attempt to determine the bottleneck component.
  128. -sp COMMANDS, -src-pipe COMMANDS
  129. Set the source end of a remote transfer to use piped in input with the given command line. Do not use with -fsstack.
  130. -DP COMMANDS, -dst-pipe COMMANDS
  131. Set the destination end of a remote transfer to write data to then standard input of the program run via the given command line. Do not use with -fsstack.
  132. -pipe COMMANDS
  133. Sets both -src-pipe and -dst-pipe to the same thing.
  134. -dcstack STACK, -data-channel-stack STACK
  135. Set the XIO driver stack for the network on both the source and the destination. Both must be GridFTP servers. The stack should contain all network drivers to use, in the
  136. order specified from bottom to top (e.g. -dcstack tcp,gsi). If the gsi driver is not included in the stack and data channel authentication is enabled, it will be inserted
  137. above the transport driver in the stack.
  138. -fsstack STACK, -file-system-stack STACK
  139. Set the XIO driver stack for the disk on both the source and the destination. Both must be GridFTP servers. The stack should contain all file system drivers to use, in the
  140. order specified from bottom to top.
  141. -src-dcstack STACK, -source-data-channel-stack STACK
  142. Set the XIO driver stack for the network on the source GridFTP server. See -dcstack above for description of the STACK string.
  143. -src-fsstack STACK, -source-file-system-stack STACK
  144. Set the XIO driver stack for the disk on the source GridFTP server. See -fsstack above for description of the STACK string.
  145. -dst-dcstack STACK, -dest-data-channel-stack STACK
  146. Set the XIO driver stack for the network on the destination GridFTP server. See -dcstack above for description of the STACK string.
  147. -dst-fsstack STACK, -dest-file-system-stack STACK
  148. Set the XIO driver stack for the disk on the destination GridFTP server. See -fsstack above for description of the STACK string.
  149. -cred PATH
  150. Set the credentials to use for both ftp connections.
  151. -src-cred CRED-FILE, -sc CRED-FILE
  152. Set the credentials to use for source ftp connections.
  153. -dst-cred CRED-FILE, -dc CRED-FILE
  154. Set the credentials to use for destination ftp connections.
  155. -af FILENAME, -alias-file FILENAME
  156. File with mapping of logical host aliases to lists of physical hosts. When used with multiple concurrent connections, each connection uses the next host in the list. Each
  157. line should either be an alias, noted with the @ symbol, or a hostname[:port]. Currently, only the aliases @source and @destination are valid, and they are used for every
  158. source or destination URL.
  159. -sync
  160. Only transfer files where the destination does not exist or differs from the source. -sync-level controls how to determine if files differ.
  161. -sync-level number
  162. Criteria for determining if files differ when performing a sync transfer. The default sync level is 2. The available levels are:
  163. · Level 0 will only transfer if the destination does not exist.
  164. · Level 1 will transfer if the size of the destination does not match the size of the source.
  165. · Level 2 will transfer if the time stamp of the destination is older than the time stamp of the source.
  166. · Level 3 will perform a checksum of the source and destination and transfer if the checksums do not match. The default algorithm used for this checksum is MD5, but
  167. other algorithms can be specified with the -algo parameter.
  168. -checksum-alg CHECKSUM-ALGORITHM
  169. Set the algorithm type to use for all checksum operations during the transfer.
  170. -verify-checksum
  171. Perform a checksum on the source and destination after each file transfer and compare the two. If they do not match, fail the transfer. The default algorithm used for this
  172. checksum is MD5, but other algorithms can be specified with the -checksum-alg parameter.
  173. AUTHOR
  174. Copyright © 1999-2016 University of Chicago
  175. Grid Community Toolkit 6 03/31/2018 GLOBUS-URL-COPY(1)
globus-url-copy使用说明

globus-gridftp-server 使用说明:

  1. GLOBUS-GRIDFTP-SER(8) Grid Community Toolkit Manual GLOBUS-GRIDFTP-SER(8)
  2. NAME
  3. globus-gridftp-server - The Globus GridFTP server daemon
  4. SYNOPSIS
  5. globus-gridftp-server OPTIONS
  6. DESCRIPTION
  7. The globus-gridftp-server program is a ftp server with support for GridFTP protocol extensions, including strong authentication, parallel data transfers, and parallel data
  8. layouts.
  9. OPTIONS
  10. The list below contains the command-line options for the server, and also the name of the configuration file entry that implements that option. Note that any boolean option
  11. can be negated on the command line by preceding the specified option with -no- or -n. example: -no-cas or -nf.
  12. Informational Options
  13. -h,-help
  14. Show usage information and exit.
  15. This option can also be set in the configuration file as help. The default value of this option is FALSE.
  16. -hh,-longhelp
  17. Show more usage information and exit.
  18. This option can also be set in the configuration file as longhelp. The default value of this option is FALSE.
  19. -v,-version
  20. Show version information for the server and exit.
  21. This option can also be set in the configuration file as version. The default value of this option is FALSE.
  22. -V,-versions
  23. Show version information for all loaded globus libraries and exit.
  24. This option can also be set in the configuration file as versions. The default value of this option is FALSE.
  25. Modes of Operation
  26. -i,-inetd
  27. Run under an inetd service.
  28. This option can also be set in the configuration file as inetd. The default value of this option is FALSE.
  29. -s,-daemon
  30. Run as a daemon. All connections will fork off a new process and setuid if allowed.
  31. This option can also be set in the configuration file as daemon. The default value of this option is TRUE.
  32. -S,-detach
  33. Run as a background daemon detached from any controlling terminals.
  34. This option can also be set in the configuration file as detach. The default value of this option is FALSE.
  35. -ssh
  36. Run over a connected ssh session.
  37. This option can also be set in the configuration file as ssh. The default value of this option is FALSE.
  38. -exec string
  39. For statically compiled or non-GLOBUS_LOCATION standard binary locations, specify the full path of the server binary here. Only needed when run in daemon mode.
  40. This option can also be set in the configuration file as exec.
  41. -chdir
  42. Change directory when the server starts. This will change directory to the dir specified by the chdir_to option.
  43. This option can also be set in the configuration file as chdir. The default value of this option is TRUE.
  44. -chdir-to string
  45. Directory to chdir to after starting. Will use / if not set. Note that this is the directory of the process, not the clients home directory.
  46. This option can also be set in the configuration file as chdir_to.
  47. -threads number
  48. Enable threaded operation and set the number of threads. The default is 0, which is non-threaded. When threading is required, a thread count of 1 or 2 should be
  49. sufficient.
  50. This option can also be set in the configuration file as threads.
  51. -f,-fork
  52. Server will fork for each new connection. Disabling this option is only recommended when debugging. Note that non-forked servers running as root will only accept a single
  53. connection, and then exit.
  54. This option can also be set in the configuration file as fork. The default value of this option is TRUE.
  55. -1,-single
  56. Exit after a single connection.
  57. This option can also be set in the configuration file as single. The default value of this option is FALSE.
  58. -chroot-path string
  59. Path to become the new root after authentication. This path must contain a valid certificate structure, /etc/passwd, and /etc/group. The command
  60. globus-gridftp-server-setup-chroot can help create a suitable directory structure.
  61. This option can also be set in the configuration file as chroot_path.
  62. Authentication, Authorization, and Security Options
  63. -auth-level number
  64. Add levels together to use more than one. If not set uses level 2 for front ends and level 1 for data nodes. Note that levels 2 and 4 imply level 1 as well.
  65. 0 = Disables all authorization checks.
  66. 1 = Authorize identity.
  67. 2 = Authorize all file/resource accesses.
  68. 4 = Disable changing process uid to authenticated user (no
  69. setuid) -- DO NOT use this when process is started as root.
  70. This option can also be set in the configuration file as auth_level.
  71. -process-user string
  72. User to setuid to upon login for all connections. Only applies when running as root.
  73. This option can also be set in the configuration file as process_user.
  74. -process-group string
  75. Group to setgid to upon login for all connections. If unset, the default group of process_user will be used.
  76. This option can also be set in the configuration file as process_group.
  77. -ipc-allow-from string
  78. Only allow connections from these source ip addresses. Specify a comma separated list of ip address fragments. A match is any ip address that starts with the specified
  79. fragment. Example: 192.168.1. will match and allow a connection from 192.168.1.45. Note that if this option is used any address not specifically allowed will be denied.
  80. This option can also be set in the configuration file as ipc_allow_from.
  81. -ipc-deny-from string
  82. Deny connections from these source ip addresses. Specify a comma separated list of ip address fragments. A match is any ip address that starts with the specified fragment.
  83. Example: 192.168.2. will match and deny a connection from 192.168.2.45.
  84. This option can also be set in the configuration file as ipc_deny_from.
  85. -allow-from string
  86. Only allow connections from these source ip addresses. Specify a comma separated list of ip address fragments. A match is any ip address that starts with the specified
  87. fragment. Example: 192.168.1. will match and allow a connection from 192.168.1.45. Note that if this option is used any address not specifically allowed will be denied.
  88. This option can also be set in the configuration file as allow_from.
  89. -deny-from string
  90. Deny connections from these source ip addresses. Specify a comma separated list of ip address fragments. A match is any ip address that starts with the specified fragment.
  91. Example: 192.168.2. will match and deny a connection from 192.168.2.45.
  92. This option can also be set in the configuration file as deny_from.
  93. -encrypt-data
  94. Require encrypted data channels. This will cause an error and prevent all transfers in which the client does not request an authenticated and encrypted data channel.
  95. This option can also be set in the configuration file as encrypt_data. The default value of this option is FALSE.
  96. -si,-secure-ipc
  97. Use GSI security on ipc channel.
  98. This option can also be set in the configuration file as secure_ipc. The default value of this option is TRUE.
  99. -ia string,-ipc-auth-mode string
  100. Set GSI authorization mode for the ipc connection. Options are: none, host, self or subject:[subject].
  101. This option can also be set in the configuration file as ipc_auth_mode. The default value of this option is host.
  102. -aa,-allow-anonymous
  103. Allow clear text anonymous access. If server is running as root anonymous_user must also be set. Disables ipc security.
  104. This option can also be set in the configuration file as allow_anonymous. The default value of this option is FALSE.
  105. -anonymous-names-allowed string
  106. Comma separated list of names to treat as anonymous users when allowing anonymous access. If not set, the default names of anonymous and ftp will be allowed. Use * to
  107. allow any username.
  108. This option can also be set in the configuration file as anonymous_names_allowed.
  109. -anonymous-user string
  110. User to setuid to for an anonymous connection. Only applies when running as root.
  111. This option can also be set in the configuration file as anonymous_user.
  112. -anonymous-group string
  113. Group to setgid to for an anonymous connection. If unset, the default group of anonymous_user will be used.
  114. This option can also be set in the configuration file as anonymous_group.
  115. -sharing-dn string
  116. Allow sharing when using the supplied DN. A client connected with these credentials will be able to access any user for which sharing is enabled.
  117. This option can also be set in the configuration file as sharing_dn.
  118. -sharing-state-dir string
  119. Full path to a directory that will contain files used by GridFTP to control sharing access for individual local accounts. The special variables $HOME and $USER can be used
  120. to create a dynamic path that is unique to each local account. This pathmust be writable by the associated account. The default path is $HOME/.globus/sharing/. This must
  121. refer to a path on the filesystem, not a path that is only accessible via a DSI plugin.
  122. This option can also be set in the configuration file as sharing_state_dir.
  123. -sharing-control
  124. Allow a local user account to control its own sharing access via special GridFTP client commands. The user account must have filesystem write access to the sharing state
  125. dir.
  126. This option can also be set in the configuration file as sharing_control. The default value of this option is TRUE.
  127. -sharing-rp string
  128. Sharing specific path restrictions. This completely replaces the normal path restrictions (-rp) when an account is being shared by a sharing-dn login.Follows normal path
  129. restriction semantics.
  130. This option can also be set in the configuration file as sharing_rp.
  131. -sharing-users-allow string
  132. Comma separated list of usernames that are allowed to share unless matched in the user deny lists. If this list is set, users that are not included will be denied unless
  133. matched in the group allow list.
  134. This option can also be set in the configuration file as sharing_users_allow.
  135. -sharing-users-deny string
  136. Comma separated list of usernames that are denied sharing even if matched in the user or group allow lists.
  137. This option can also be set in the configuration file as sharing_users_deny.
  138. -sharing-groups-allow string
  139. Comma separated list of groups whose members are allowed to share unless matched in the user or group deny lists. If this list is set, groups that are not included will be
  140. denied unless matched in the user allow list.
  141. This option can also be set in the configuration file as sharing_groups_allow.
  142. -sharing-groups-deny string
  143. Comma separated list of groups whose members will be denied sharing unless matched in the user allow list.
  144. This option can also be set in the configuration file as sharing_groups_deny.
  145. -allow-root
  146. Allow clients to be mapped to the root account.
  147. This option can also be set in the configuration file as allow_root. The default value of this option is FALSE.
  148. -allow-disabled-login
  149. Do not check if a users system account is disabled before allowing login.
  150. This option can also be set in the configuration file as allow_disabled_login. The default value of this option is FALSE.
  151. -password-file string
  152. Enable clear text access and authenticate users against this /etc/passwd formatted file.
  153. This option can also be set in the configuration file as pw_file.
  154. -connections-max number
  155. Maximum concurrent connections allowed. Only applies when running in daemon mode. Unlimited if not set.
  156. This option can also be set in the configuration file as connections_max.
  157. -connections-disabled
  158. Disable all new connections. For daemon mode, issue a SIGHUP to the server process after changing the config file in order to not affect ongoing connections.
  159. This option can also be set in the configuration file as connections_disabled. The default value of this option is FALSE.
  160. -offline-msg string
  161. Custom message to be displayed to clients when the server is offline via the connections_disabled or connections_max = 0 options.
  162. This option can also be set in the configuration file as offline_msg.
  163. -disable-command-list string
  164. A comma separated list of client commands that will be disabled.
  165. This option can also be set in the configuration file as disable_command_list.
  166. -authz-callouts,-cas
  167. Enable the GSI authorization callout framework, for callouts such as CAS.
  168. This option can also be set in the configuration file as cas. The default value of this option is TRUE.
  169. -use-home-dirs
  170. Set the starting directory to the authenticated users home dir. Disabling this is the same as setting -home-dir /.
  171. This option can also be set in the configuration file as use_home_dirs. The default value of this option is TRUE.
  172. -home-dir string
  173. Set a path to override the system defined home/starting directory for authenticated users. The special variable strings $USER and $HOME may be used. The authenticated
  174. username will be substituted for $USER, and the users real home dir will be substituted for $HOME. Be sure to escape the $ character if using these on the command line.
  175. This option can also be set in the configuration file as home_dir.
  176. -rp string,-restrict-paths string
  177. A comma separated list of full paths that clients may access. Each path may be prefixed by R and/or W, denoting read or write access, otherwise full access is granted. If
  178. a given path is a directory, all contents and subdirectories will be given the same access. Order of paths does not matter the permissions on the longest matching path
  179. will apply. The special character ~ will be replaced by the authenticated users home directory, or the -home-dir option, if used. Note that if the home directory is not
  180. accessible, \~ will be set to /. By default all paths are allowed, and access control is handled by the OS. In a striped or split process configuration, this should be set
  181. on both the frontend and data nodes.
  182. This option can also be set in the configuration file as restrict_paths.
  183. -rp-follow-symlinks
  184. Do not verify that a symlink points to an allowed path before following. By default, symlinks are followed only when they point to an allowed path. By enabling this
  185. option, symlinks will be followed even if they point to a path that is otherwise restricted.
  186. This option can also be set in the configuration file as rp_follow_symlinks. The default value of this option is FALSE.
  187. -em string,-acl string
  188. A comma separated list of ACL or event modules to load.
  189. This option can also be set in the configuration file as acl.
  190. Logging Options
  191. -d string,-log-level string
  192. Log level. A comma separated list of levels from: ERROR, WARN, INFO, TRANSFER, DUMP, ALL. TRANSFER includes the same statistics that are sent to the separate transfer log
  193. when -log-transfer is used. Example: error,warn,info. You may also specify a numeric level of 1-255. The default level is ERROR.
  194. This option can also be set in the configuration file as log_level. The default value of this option is ERROR.
  195. -log-module string
  196. globus_logging module that will be loaded. If not set, the default stdio module will be used, and the logfile options apply. Built in modules are stdio and syslog. Log
  197. module options may be set by specifying module:opt1=val1:opt2=val2. Available options for the built in modules are interval and buffer, for buffer flush interval and
  198. buffer size, respectively. The default options are a 64k buffer size and a 5 second flush interval. A 0 second flush interval will disable periodic flushing, and the
  199. buffer will only flush when it is full. A value of 0 for buffer will disable buffering and all messages will be written immediately. Example: -log-module
  200. stdio:buffer=4096:interval=10
  201. This option can also be set in the configuration file as log_module.
  202. -l string,-logfile string
  203. Path of a single file to log all activity to. If neither this option or log_unique is set, logs will be written to stderr unless the execution mode is detached or inetd,
  204. in which case logging will be disabled.
  205. This option can also be set in the configuration file as log_single.
  206. -L string,-logdir string
  207. Partial path to which gridftp.(pid).log will be appended to construct the log filename. Example: -L /var/log/gridftp/ will create a separate log (
  208. /var/log/gridftp/gridftp.xxxx.log ) for each process (which is normally each new client session). If neither this option or log_single is set, logs will be written to
  209. stderr unless the execution mode is detached or inetd, in which case logging will be disabled.
  210. This option can also be set in the configuration file as log_unique.
  211. -Z string,-log-transfer string
  212. Log netlogger style info for each transfer into this file. You may also use the log-level of TRANSFER to include this info in the standard log.
  213. This option can also be set in the configuration file as log_transfer.
  214. -log-filemode string
  215. File access permissions of log files. Should be an octal number such as 0644.
  216. This option can also be set in the configuration file as log_filemode.
  217. -disable-usage-stats
  218. Usage statistics collection is no longer supported. This option is ignored.
  219. This option can also be set in the configuration file as disable_usage_stats. The default value of this option is TRUE.
  220. -usage-stats-target string
  221. Usage statistics collection is no longer supported. This option is ignored.
  222. This option can also be set in the configuration file as usage_stats_target.
  223. -usage-stats-id string
  224. Usage statistics collection is no longer supported. This option is ignored.
  225. This option can also be set in the configuration file as usage_stats_id.
  226. Single and Striped Remote Data Node Options
  227. -r string,-remote-nodes string
  228. Comma separated list of remote node contact strings.
  229. This option can also be set in the configuration file as remote_nodes.
  230. -hybrid
  231. When a server is configured for striped operation with the remote_nodes option, both a frontend and backend process are started even if the client does not request
  232. multiple stripes. This option will start backend processes only when striped operation is requested by the client, while servicing non-striped requests with a single
  233. frontend process.
  234. This option can also be set in the configuration file as hybrid. The default value of this option is FALSE.
  235. -dn,-data-node
  236. This server is a backend data node.
  237. This option can also be set in the configuration file as data_node. The default value of this option is FALSE.
  238. -sbs number,-stripe-blocksize number
  239. Size in bytes of sequential data that each stripe will transfer.
  240. This option can also be set in the configuration file as stripe_blocksize. The default value of this option is 1048576.
  241. -stripe-count number
  242. Number of number stripes to use per transfer when this server controls that number. If remote nodes are statically configured (via -r or remote_nodes), this will be set to
  243. that number of nodes, otherwise the default is 1.
  244. This option can also be set in the configuration file as stripe_count.
  245. -sl number,-stripe-layout number
  246. Stripe layout.
  247. 1 = Partitioned
  248. 2 = Blocked
  249. This option can also be set in the configuration file as stripe_layout. The default value of this option is 2.
  250. -stripe-blocksize-locked
  251. Do not allow client to override stripe blocksize with the OPTS RETR command
  252. This option can also be set in the configuration file as stripe_blocksize_locked. The default value of this option is FALSE.
  253. -stripe-layout-locked
  254. Do not allow client to override stripe layout with the OPTS RETR command
  255. This option can also be set in the configuration file as stripe_layout_locked. The default value of this option is FALSE.
  256. Disk Options
  257. -bs number,-blocksize number
  258. Size in bytes of data blocks to read from disk before posting to the network.
  259. This option can also be set in the configuration file as blocksize. The default value of this option is 262144.
  260. -sync-writes
  261. Flush disk writes before sending a restart marker. This attempts to ensure that the range specified in the restart marker has actually been committed to disk. This option
  262. will probably impact performance, and may result in different behavior on different storage systems. See the manpage for sync() for more information.
  263. This option can also be set in the configuration file as sync_writes. The default value of this option is FALSE.
  264. -perms string
  265. Set the default permissions for created files. Should be an octal number such as 0644. The default is 0644. Note: If umask is set it will affect this setting i.e. if the
  266. umask is 0002 and this setting is 0666, the resulting files will be created with permissions of 0664.
  267. This option can also be set in the configuration file as perms.
  268. -file-timeout number
  269. Timeout in seconds for all disk accesses. A value of 0 disables the timeout.
  270. This option can also be set in the configuration file as file_timeout.
  271. Network Options
  272. -p number,-port number
  273. Port on which a frontend will listen for client control channel connections, or on which a data node will listen for connections from a frontend. If not set a random port
  274. will be chosen and printed via the logging mechanism.
  275. This option can also be set in the configuration file as port.
  276. -control-interface string
  277. Hostname or IP address of the interface to listen for control connections on. If not set will listen on all interfaces.
  278. This option can also be set in the configuration file as control_interface.
  279. -data-interface string
  280. Hostname or IP address of the interface to use for data connections. If not set will use the current control interface.
  281. This option can also be set in the configuration file as data_interface.
  282. -ipc-interface string
  283. Hostname or IP address of the interface to use for ipc connections. If not set will listen on all interfaces.
  284. This option can also be set in the configuration file as ipc_interface.
  285. -hostname string
  286. Effectively sets the above control_interface, data_interface and ipc_interface options.
  287. This option can also be set in the configuration file as hostname.
  288. -ipc-port number
  289. Port on which the frontend will listen for data node connections.
  290. This option can also be set in the configuration file as ipc_port.
  291. -control-preauth-timeout number
  292. Time in seconds to allow a client to remain connected to the control channel without activity before authenticating.
  293. This option can also be set in the configuration file as control_preauth_timeout. The default value of this option is 120.
  294. -control-idle-timeout number
  295. Time in seconds to allow a client to remain connected to the control channel without activity.
  296. This option can also be set in the configuration file as control_idle_timeout. The default value of this option is 600.
  297. -ipc-idle-timeout number
  298. Idle time in seconds before an unused ipc connection will close.
  299. This option can also be set in the configuration file as ipc_idle_timeout. The default value of this option is 900.
  300. -ipc-connect-timeout number
  301. Time in seconds before canceling an attempted ipc connection.
  302. This option can also be set in the configuration file as ipc_connect_timeout. The default value of this option is 60.
  303. -allow-udt
  304. Enable protocol support for UDT with NAT traversal if the udt driver is available. Requires threads.
  305. This option can also be set in the configuration file as allow_udt. The default value of this option is FALSE.
  306. -port-range string
  307. Port range to use for incoming connections. The format is "startport,endport". This, along with -data-interface, can be used to enable operation behind a firewall and/or
  308. when NAT is involved. This is the same as setting the environment variable GLOBUS_TCP_PORT_RANGE.
  309. This option can also be set in the configuration file as port_range.
  310. -epsv-ip
  311. Adds an IPv6 address to EPSV response. Breaks RFC 2428, but allows redirection to work with IPv6.
  312. This option can also be set in the configuration file as epsv_ip. The default value of this option is FALSE.
  313. User Messages
  314. -banner string
  315. Message to display to the client before authentication.
  316. This option can also be set in the configuration file as banner.
  317. -banner-file string
  318. File to read banner message from.
  319. This option can also be set in the configuration file as banner_file.
  320. -banner-terse
  321. When this is set, the minimum allowed banner message will be displayed to unauthenticated clients.
  322. This option can also be set in the configuration file as banner_terse. The default value of this option is FALSE.
  323. -banner-append
  324. When this is set, the message set in the banner or banner_file option will be appended to the default banner message rather than replacing it.
  325. This option can also be set in the configuration file as banner_append. The default value of this option is FALSE.
  326. -version-tag string
  327. Add an identifying string to the existing toolkit version. This is displayed in the default banner message, the SITE VERSION command, and usage stats.
  328. This option can also be set in the configuration file as version_tag.
  329. -login-msg string
  330. Message to display to the client after authentication.
  331. This option can also be set in the configuration file as login_msg.
  332. -login-msg-file string
  333. File to read login message from.
  334. This option can also be set in the configuration file as login_msg_file.
  335. Module Options
  336. -dsi string
  337. Data Storage Interface module to load. File and remote modules are defined by the server. If not set, the file module is loaded, unless the remote option is specified, in
  338. which case the remote module is loaded. An additional configuration string can be passed to the DSI using the format [module name]:[configuration string] to this option.
  339. The format of the configuration string is defined by the DSI being loaded.
  340. This option can also be set in the configuration file as load_dsi_module.
  341. -allowed-modules string
  342. Comma separated list of ERET/ESTO modules to allow, and optionally specify an alias for. Example: module1,alias2:module2,module3 (module2 will be loaded when a client asks
  343. for alias2).
  344. This option can also be set in the configuration file as allowed_modules.
  345. -dc-whitelist string
  346. A comma separated list of drivers allowed on the network stack.
  347. This option can also be set in the configuration file as dc_whitelist.
  348. -fs-whitelist string
  349. A comma separated list of drivers allowed on the disk stack.
  350. This option can also be set in the configuration file as fs_whitelist.
  351. -popen-whitelist string
  352. A comma separated list of programs that the popen driver is allowed to execute, when used on the network or disk stack. An alias may also be specified, so that a client
  353. does not need to specify the full path. Format is [alias:]prog,[alias:]prog. example: /bin/gzip,tar:/bin/tar
  354. This option can also be set in the configuration file as popen_whitelist.
  355. -xnetmgr string
  356. An option string to pass to the XIO Network Manager Driver, which will then be loaded for all data channel connections. This must be in the form
  357. "manager=module;option1=value;option2=value;". See the Network Manager documentation for more info.
  358. This option can also be set in the configuration file as xnetmgr.
  359. -dc-default string
  360. A comma separated list of XIO drivers and options representing the default network stack. Format is of each driver entry is driver1[:opt1=val1;opt2=val2;...]. The bottom
  361. of the stack, the transport driver, is always first.
  362. This option can also be set in the configuration file as dc_default.
  363. -fs-default string
  364. A comma separated list of XIO drivers and options representing the default disk stack. Format is of each driver entry is driver1[:opt1=val1;opt2=val2;...]. The bottom of
  365. the stack, the transport driver, is always first.
  366. This option can also be set in the configuration file as fs_default.
  367. Other
  368. -c string
  369. Path to main configuration file that should be loaded. Otherwise will attempt to load $GLOBUS_LOCATION/etc/gridftp.conf and /etc/grid-security/gridftp.conf.
  370. -C string
  371. Path to directory holding configuration files that should be loaded. Files will be loaded in alphabetical order, and in the event of duplicate parameters the last loaded
  372. file will take precedence. Backup files and files created by package updates (e.g. file.rpmsave) will be ignored. Note that the main configuration file, if one exists,
  373. will always be loaded last.
  374. This option can also be set in the configuration file as config_dir.
  375. -config-base-path string
  376. Base path to use when config and log path options are not full paths. By default this is the current directory when the process is started.
  377. This option can also be set in the configuration file as config_base_path.
  378. -debug
  379. Sets options that make server easier to debug. Forces no-fork, no-chdir, and allows core dumps on bad signals instead of exiting cleanly. Not recommended for production
  380. servers. Note that non-forked servers running as root will only accept a single connection, and then exit.
  381. This option can also be set in the configuration file as debug. The default value of this option is FALSE.
  382. -pidfile string
  383. This option can also be set in the configuration file as pidfile.
  384. EXIT STATUS
  385. 0
  386. Successful program execution.
  387. Grid Community Toolkit 6 12/06/2018 GLOBUS-GRIDFTP-SER(8)
globus-gridftp-server 使用说明

原文链接:http://www.cnblogs.com/xuyaowen/p/gridftp-standalone.html

 友情链接:直通硅谷  点职佳  北美留学生论坛

本站QQ群:前端 618073944 | Java 606181507 | Python 626812652 | C/C++ 612253063 | 微信 634508462 | 苹果 692586424 | C#/.net 182808419 | PHP 305140648 | 运维 608723728

W3xue 的所有内容仅供测试,对任何法律问题及风险不承担任何责任。通过使用本站内容随之而来的风险与本站无关。
关于我们  |  意见建议  |  捐助我们  |  报错有奖  |  广告合作、友情链接(目前9元/月)请联系QQ:27243702 沸活量
皖ICP备17017327号-2 皖公网安备34020702000426号