Globus Connect Server Endpoint Setup

Name

globus-connect-server endpoint setup - Create a new Globus Connect Server Endpoint

Synopsis

globus-connect-server endpoint setup DISPLAY_NAME [OPTIONS]…

Description

The globus-connect-server endpoint setup command provides a command-line interface for creating a new Globus Connect Server v5.4 endpoint.

At the bare minimum, you must supply the -o and --organization options with their values and a display name, but you may use some of the other parameters. Many of these are used by the Globus Web App to help your users find your endpoint in order to use your storage. The more information you supply the more meaningful the search results will be, and the more useful your endpoint will be for your users.

When you invoke this command with its required arguments, it will create an endpoint for the client with the information you’ve provided. This process takes several minutes to complete, as it registers a domain name for your endpoint and also obtains a host certificate that can be used for interaction with the endpoint, its managed data, and its configuration API.

Upon completion, it will create a file called deployment-key.json (by default). This file is important. It must be kept in order to be able to deploy the Globus services for this endpoint on a Data Transfer Node. It must also be kept confidential as it can be used to unlock the data key used to encrypt your endpoint’s configuration.

After running this command, the most common next step is to use the globus-connect-server node setup command to configure the Globus services on a data transfer nodes to make the endpoint usable.

Note

Globus Connect Server prior to version 5.4.61 required manual registration with Globus Auth via the Developers web interface, and specifying client credentials to the GCS CLI required the --client-id option. If you are running a GCS version prior to 5.4.61 or your GCS deployment key was created prior to version 5.4.61, you must use the --client-id option to this command. As of version 5.4.67, the --client-id option has been removed. See the subcommand

endpoint
key convert

to update any existing deployment keys to include the client ID and secret.

Options

-h, --help: Show a help message and exit.
--version: Show the version and exit.
-c, --client-id CLIENT_ID (required prior to 5.4.61, removed in 5.4.67): Auth Client ID for this Globus Connect Server Endpoint. See the note above for when to use this option.
-o, --owner USERNAME (required): Identity username of the owner of this endpoint (e.g. janedoe@example.edu). This must be a valid identity username in Globus Auth. Unless --dont-set-advertised-owner is used, the owner identity must belong to the caller. The user who owns identity will be granted the owner role on this endpoint, which will allow them to create and view storage gateway configuration for this endpoint.
--project-id PROJECT_ID (new in 5.4.61): The Globus Auth project ID where this endpoint will be registered. Ignored if using --always-create-project. If the admin does not have a project, one will be created. If the admin only has a single Globus Auth project, it will be used by default. Otherwise, the admin must specify the Globus Auth project ID using this option. Projects can be administered through the Globus Developers web interface at app.globus.org/settings/developers.
--project-name PROJECT_NAME (new in 5.4.72): Name of the Auth project where the new endpoint client will be registered. If the project does not exist, it will be created with this value as its display name. Defaults to the value of the new endpoint’s display name.
--project-admin USERNAME (new in 5.4.62): Globus username of the admin of the Auth project where the new endpoint client will be registered. Only required if the project admin identity is different from the endpoint owner. This identity must belong to the caller. If not given, the value of --owner is used. Unless --dont-set-advertised-owner is used, the value of --owner must be an identity linked to the project admin identity.
--always-create-project (new in 5.4.72): Create a new auth project for this endpoint, even if you are already the admin of an existing project. Without this option, only your first project can be auto-created.
--organization ORGANIZATION: Organization that owns this endpoint
-d, --deployment-key PATH: Path for deployment key configuration. If this file exists, it will be loaded and used as the source for the deployment key (for example, if you had previously run this command but interrupted it). If it doesn’t exist, then a new deployment key is created and stored in this file. By default the value deployment-key.json is used.
--keywords KEYWORD,…: Comma-separated list of keywords to help searches for this endpoint.
--department DEPARTMENT: Department within the organization that runs the Data Transfer Nodes.
--contact-email ADDRESS (required): Email address of the support contact for this endpoint. This is visible to end users so that they may contact your organization for support.
--contact-info INFO: Other non-email contact information for the endpoint, e.g. phone and mailing address. This is visible to end users for support.
--info-link URL: Link to a web page with more information about the endpoint. The administrator is responsible for running a website at this URL and verifying that it"s accepting public connections.
--description DESCRIPTION: Description of this endpoint.
--public / --private: Set the Endpoint to be public or private.

Example

This invocation creates an endpoint using the client_id stored in the $CLIENT_ID environment variable, setting admin@example.org as the endpoint owner, with the endpoint’s organization set to Example Organization and its display name set to Example Endpoint. If you are planning on setting up your own endpoint, use your own Globus username as the owner and a meaningful organization and display name.

globus-connect-server endpoint setup "Example Endpoint"\
    -o admin@example.org \
    --contact-email support@example.org \
    --organization "Example Organization"