Open bbockelm opened 1 month ago
Ideally the above Docker command would just mount /etc
or /etc/pelican
to shorten things up. But Pelican (or maybe more accurately XRootD) creates root-owned files/directories that cannot be removed by the user once the Docker container is exited. If things need to be cleaned up or reset, the user needs to either have sudo or (not tested) needs to run another Docker container with the mounts in order to remove those files.
I think this is a good idea, but will need to be careful about permissions for folks who have Docker access but not root access.
Yeah - I think that's surmountable. One could invoke the container as the current user, then bind mount all the mutable directories (run, logs) to corresponding directories inside the user's home.
Watching @aowen-uwmad's tutorial during HTC24, one idea came to me. Origins are currently started with the following command:
That's long and ugly enough that we ended up writing a small shell script (
start-origin.sh
in this repo) to avoid having users type this out.Pelican, in principle, could parse its configuration file to determine the ports, the certificates, the data mounts, etc. We could have:
be a shortcut for the above CLI invocation.