Chapter 2 HPSS Planning
HPSS Installation Guide September 2002 69
Release 4.5, Revision 2
are associated with storage subsystems using theStorage Subsystem Configuration screen (see
Section6.4: Storage Subsystems Configuration on page 259). If a storage subsystem has no Gatekeeper,
then the Gatekeeper field will be blank. A single Gatekeeper can be associated with every storage
subsystem, a group of storage subsystems, or one storage subsystem. A storage subsystem can
NOT use more than one Gatekeeper.
Every Gatekeeper Server has the ability to supply the Account Validation Services. A bypass flag
inthe Accounting Policy metadata indicates whether or not Account Validation for an HPSS system
is on or off. Each Gatekeeper Server will read the Accounting Policy metadata file, so if multiple
Gatekeeper Servers are configured and Account Validation has been turned on, then any
Gatekeeper Server can be chosen by the Location Server to fulfill Account Validation requests.
Every Gatekeeper Server has the ability to supply the Gatekeeping Service. The Gatekeeping
Service provides a mechanism for HPSS to communicate information through a well-defined
interface to a policy software module to be completely written by the site. The site policy code is
placed in a well-defined site shared library for the gatekeeping policy (/opt/hpss/lib/
libgksite.[a|so]) which is linked to the Gatekeeper Server. The gatekeeping policy shared library
contains a default policy which does NO gatekeeping. Sites will need to enhance this library to
implement local policy rules if they wish to monitor and/or load balance requests.
The gatekeeping site policy code will determine which types of requests it wants to monitor
(authorizedcaller, create, open, and stage). Upon initialization, each BFS will look for a Gatekeeper
Server in the storage subsystem metadata. If no Gatekeeper Server is configured for a particular
storage subsystem, then the BFS in that storage subsystem will not attempt to connect to any
Gatekeeper Server. If a Gatekeeper Server is configured for the storage subsystem that the BFS is
configured for, then the BFS will query the Gatekeeper Server asking for the monitor types by
calling a particular Gatekeeping Service API which will in turn call the appropriate Site Interface
whicheach site will write the code to determine which types of requests it wishes to monitor. This
queryby the BFS will occur each time the BFS (re)connects to the Gatekeeper Server. The BFS will
needto (re)connect to the Gatekeeper whenever the BFS or Gatekeeper Server is restarted. Thus if
a site wants to change the types of requests it is monitoring, then it will need to restart the
Gatekeeper Server and BFS.
If multiple Gatekeeper Servers are configured for gatekeeping, then the BFS that controls the file
beingmonitored will contact the Gatekeeper Server that is located in the same storage subsystem.
Converselyif one Gatekeeper Server is configured for gatekeeping for all storage subsystems, then
each BFS will contact the same Gatekeeper Server.
A Gatekeeper Server registers five different interfaces: Gatekeeper Services, Account Validation
Services, Administrative Services, Connection Manager Services, and Real Time Monitoring
Services. When the Gatekeeper Server initializes, it registers each separate interface. The
Gatekeeper Server specific configuration SFS file will contain any pertinent data about each
interface.
TheGatekeeper Service interface provides the Gatekeeping APIs which calls the site implemented
SiteInterfaces. The Account Validation Service interface provides the Account ValidationAPIs. The
AdministrativeService provides the server APIs used by SSM for viewing, monitoring, and setting
server attributes. The Connection Manager Service provides the HPSS DCE connection
management interfaces. The Real Time Monitoring Service interface provides the Real Time
Monitoring APIs.
The Gatekeeper Service Site Interfaces provide a site the mechanism to create local policy on how
tothrottle or deny create, open and stage requests and which of these request types to monitor. For
example,it might limit the number of files a user has opened at one time; or it might deny all create