Non-root administration daemon

An administration daemon (scaleadmd) is deployed on the IBM Storage Scale nodes to use IBM Storage Scale native REST API functions. The purpose of this daemon is to serve the IBM Storage Scale native REST API interface, process the administrative requests from users, and handle all associated authentication and authorization controls for each request.

When you install the gpfs.scaleapi package, a new user and group are created. If a user or group with the same name exists, the installation fails. The installation creates the following items:The home directory for the user is at /var/mmfs/scaleadm.
  • User:scaleapiadmd
  • Group:scaleapiadm
  • Home directory:/var/mmfs/scaleadm

Installation, upgrade, and support operations require root access on all cluster nodes. You must maintain this access and enable or disable it based on your operational and security requirements.

Some IBM Storage Scale operations require root privileges. The /usr/lpp/mmfs/bin/scaleadmexec binary uses Linux capabilities to elevate privileges during execution. The administration daemon invokes this binary for operations such as direct disk access, PAM authentication, SSH or SCP replacement calls (such as scaleadmremoteexecute or scaleadmremotetransfer), among others.
Note: Make sure any output directory that is specified by a command has the correct permissions for the administration daemon to access it.
Important: When the administration daemon starts or restarts, there might be a brief delay before it can serve requests. As a result, the first CLI or REST API request might be rejected if the daemon startup routines are still completing. This behavior is similar to the delay that occurs before the I/O daemon can serve all requests.
The administration daemon restart can introduce this delay in the following situations:
  • Immediately after installation of the native REST API rpm (the administration daemon starts at the end of the installation process).
  • After nodes are added to the cluster (the remote node administration daemon internal services restart on the added nodes).
  • After you manual start or restart the administration daemon by using the systemd or a similar command
  • After node deletion (the administration daemon restarts on the node that is deleted).

A common error status that is returned is UNAVAILABLE, but other errors might also occur. If a request fails after the administration daemon restarts under these conditions, wait briefly (a few seconds) and retry the command. Repeat this process as needed.