Running the xgtd
server
The server component of the xGT application is called xgtd
.
It is a linux daemon and is launched automatically at linux boot.
You can examine and control the daemon using standard linux utilities:
sudo systemctl status xgtd
sudo systemctl stop xgtd
sudo systemctl start xgtd
sudo systemctl restart xgtd
Data considerations
The default location for xgtd
to read and write data is the /srv/xgtd/data
directory.
You can copy data to the this home directory or organize data into subdirectories.
The load()
method in the xgt
python module will accepts a path name as one of the parameters.
When the path is a relative path, the server will look for the file name (or names, if
wildcards are provided) in the default location.
The save()
command uses the same default location.
To learn more about loading and saving, read the data management guide.
Configuring xgtd
Some parameters of xGT can be configured with a JSON-formatted configuration file xgtd.conf located in the computer where the user is running the server process.
The folowing variables for configuring xGT are supported:
worker_threads
: unsigned integer - Controls the number of worker threads xGT uses. Defaults to the number of cores in the system.io_threads
: unsigned integer - Controls the number of io threads xGT uses per file. Defaults to the worker thread count. The default will cap at 16.pin_threads
: true/false - Controls whether the worker threads are pinned to a specific core. This means they won't be able to move around. Defaults to false.max_memory
: unsigned integer - Controls the maximum amount of memory xGT will use. Defaults to the available system RAM.locale
: string - Locale for comparing strings. Defaults to C.aws_access_key_id
: string - Used for S3 authentication if an .aws/credentials file does not exist for the profile. Example: AKIAIOSFODNN7EXAMPLEaws_secret_access_key
: string - Used for S3 authentication if an .aws/credentials file does not exist for the profile. Example: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Example xgtd.conf
file:
{
"worker_threads" : 4,
"pin_threads" : false,
}
To configure xGT on AWS, login to the server and create the file /etc/xgtd.conf
or the file /home/xgtd/.xgtd.conf
. The system will first look for the file /home/xgtd/.xgtd.conf
, and if unsuccessful, it will look for the file /etc/xgtd.conf
.
Then you would restart xGT daemon:
sudo systemctl restart xgtd
S3 Credentials
When loading a file using the load
method and an s3:
protocol prefix, xGT will check the /home/xgtd/.aws/credentials
file for the two variables aws_access_key_id
and aws_secret_access_key
. The online AWS Access Keys document explains what these keys are and contains references to learn how to create and manage them. (These values may also be specified at runtime in user code by passing them to a Connection
object.)
When reading the /home/xgtd/.aws/credentials
file, xGT also supports profile selection via the AWS_PROFILE
environment variable.
If no environment variable is found, xGT will use the default
profile.
Using an SSL Secure Channel
By default the xGT server uses an unsecure channel. If desired the xGT server can use a secure channel using ssl self-signed certifcates. To run a secure server pass the flags -s (or --ssl) and -d (or --ssl_root_dir) when running the xgtd executable. The ssl_root_dir argument should be the path to the root directory that holds the ssl certs and private keys. xGT expects the directory structure:
.
├── certs
│ ├── ca-chain.cert.pem
│ └── server.cert.pem
└── private
└── server.key.pem
To connect to the xGT server using the xGT client, the following flags need to be passed when invoking the xgt.Connection() function: 'ssl', 'ssl_root_dir', and 'ssl_server_cn'. The 'ssl' flag needs to be set to True. The 'ssl_root_dir' flag should be set to the root directory containing the ssl certs and private keys. The 'ssl_server_cn' flag should be set to the common name for the server listed on the server side ssl certificate. The xGT client expects the following directory structure for ssl certs and private keys:
.
├── certs
│ ├── ca-chain.cert.pem
│ └── client.cert.pem
└── private
└── client.key.pem