Globus Connect Server Administration Guides
  • Quickstart Guide
  • Installation Guide
  • Data Access Admin Guide
  • Domain Guide
  • HTTPS Access to Collections
  • Identity Mapping Admin Guide
  • Globus OIDC Installation Guide
  • Troubleshooting Guide
  • Command-Line Reference
    • Command summary
    • Audit
      • Load
      • Query
      • Dump
    • Endpoint
      • Setup
      • Show
      • Update
      • Reset Advertised Owner String
      • Set Advertised Owner String
      • Set Owner
      • Set Subscription ID
      • Cleanup
      • Key Convert
      • Domain
      • Role
      • Upgrade
    • OIDC
      • Create
      • Delete
      • Register
      • Show
      • Update
    • Node
      • Create
      • Disable
      • Enable
      • New Secret
      • Setup
      • List
      • Show
      • Update
      • Cleanup
      • Delete
    • Login
    • Session
      • Consent
      • Show
      • Update
    • Whoami
    • Logout
    • Storage Gateway
      • Create
      • List
      • Show
      • Update
      • Delete
    • Collection
      • Create
      • List
      • Show
      • Batch Delete
      • Reset Advertised Owner String
      • Set Advertised Owner String
      • Set Owner
      • Set Subscription Admin Verified Collection Property
      • Update
      • Delete
      • Domain
      • Check
      • Role
    • Auth Policy
      • Create
      • List
      • Show
      • Update
      • Delete
    • Sharing Policy
      • Create
      • List
      • Show
      • Delete
    • User Credentials
      • Activescale Create
      • OAuth Create
      • Delete
      • List
      • S3 Create
      • S3 Keys Add
      • S3 Keys Delete
      • S3 Keys Update
    • Self Diagnostic
  • Globus Connect Server Manager API
    • Authorization
    • Versioning
    • Endpoint
    • Roles
    • Nodes
    • Storage Gateways
    • Collections
    • User Credentials
    • Domains
    • Sharing Policies
  • API Access for Portals
  • Automated Endpoint Deployment
  • Data Access Application Guide
  • Application Migration Guide
  • Change Log
Skip to main content
Globus Docs
  • APIs
    Auth Flows Groups Search Timers Transfer Globus Connect Server Compute Helper Pages
  • Applications
    Globus Connect Personal Globus Connect Server Premium Storage Connectors Compute Command Line Interface Python SDK JavaScript SDK
  • Guides
  • Support
    FAQs Mailing Lists Contact Us Check Support Tickets
  1. Home
  2. Globus Connect Server
  3. v5.4
  4. Quickstart Guide

Globus Connect Server Quickstart Guide

Table of Contents
  • 1. Introduction
    • 1.1. Install Globus Connect Server software
    • 1.2. Create the endpoint
    • 1.3. Set up services on the Data Transfer Node
    • 1.4. Log into the endpoint
    • 1.5. Set the endpoint as managed
    • 1.6. Create OIDC Server (optional)
    • 1.7. Create the Storage Gateway
    • 1.8. Create a Mapped Collection
  • 2. Additional Reading

1. Introduction

This is a condensed version of the Globus Connect Server installation and data access guides intended for users who want to do a basic setup of Globus Connect Server on a single node providing access to a Posix filesystem. The other documents provide more details and information about the available features and policies available for configuring Globus Connect Server on your system.

This document assumes you have root access to a machine to use for Globus Connect Server, running a recent Debian, Ubuntu, Fedora, or RHEL-compatible operating system. This machine must allow network access to TCP ports 443 and the range 50000-51000 and have a synchronized system clock. Read the prerequisites section of the install doc for an explanation of these.

Important

The quick start guide is not for sites running additional services or sites on TCP port 443. If that is the case, see the Installation Guide and Appendix E.

Note

In this document, we will show some example invocations of the Globus Connect Server management commands. If you plan to follow along on your own system, you’ll need to change the commands to reflect your organization and login policies. Anywhere you see something highlighted like this you’ll need to replace the text with something that matches the desired policies for your own endpoint.

1.1. Install Globus Connect Server software

Skip to the appropriate section for your Linux distribution and follow the instructions to install Globus Connect Server on your system.

sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo dnf install https://downloads.globus.org/globus-connect-server/stable/installers/repo/rpm/globus-repo-latest.noarch.rpm

Install the DNF config manager:

sudo dnf install 'dnf-command(config-manager)'

Install Globus Connect Server:

sudo dnf install globus-connect-server54
sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
sudo dnf install https://downloads.globus.org/globus-connect-server/stable/installers/repo/rpm/globus-repo-latest.noarch.rpm

Install the DNF config manager:

sudo dnf install 'dnf-command(config-manager)'

Install Globus Connect Server:

sudo dnf install globus-connect-server54
sudo dnf install https://downloads.globus.org/globus-connect-server/stable/installers/repo/rpm/globus-repo-latest.noarch.rpm

install Globus Connect Server:

sudo dnf install globus-connect-server54
curl -LOs https://downloads.globus.org/globus-connect-server/stable/installers/repo/deb/globus-repo_latest_all.deb
sudo dpkg -i globus-repo_latest_all.deb
sudo apt update
sudo apt install globus-connect-server54
curl -LOs https://downloads.globus.org/globus-connect-server/stable/installers/repo/deb/globus-repo_latest_all.deb
sudo dpkg -i globus-repo_latest_all.deb
sudo apt update
sudo apt install globus-connect-server54

If you are using SUSE Linux Enterprise server, you must enable the PackageHub repository to install all of the Globus Connect Server dependencies.

sudo rpm --import https://downloads.globus.org/globus-connect-server/stable/installers/keys/GPG-KEY-Globus
sudo zypper install https://downloads.globus.org/globus-connect-server/stable/installers/repo/rpm/globus-repo-latest.noarch.rpm
sudo zypper install globus-connect-server54

1.2. Create the endpoint

To create the endpoint, run the globus-connect-server endpoint setup command.

Example
globus-connect-server endpoint setup "My GCSv5.4 Endpoint" \
    --organization "Example Organization" \
    --owner admin@example.edu \
    --contact-email support@example.edu

The command returns information about the endpoint that may be useful for additional configuration later, including the domain name of the endpoint, a link to send to subscription managers to set the endpoint as managed, and the redirect URI needed if Google Drive or Cloud connectors will be used with this endpoint.

1.3. Set up services on the Data Transfer Node

Run the globus-connect-server node setup command to configure and start the Globus services on the Data Transfer Node. This command must be done as the root user, as it enables and starts systemd services. The deployment-key.json file from the previous step will be used by this command.

Example
sudo globus-connect-server node setup

1.4. Log into the endpoint

Login Command Example
globus-connect-server login localhost

This creates local authentication tokens that can be used by the Globus Connect Server command-line interface to interact with the endpoint. Log in with the identity you chose as the endpoint owner in Create the Endpoint.

1.5. Set the endpoint as managed

Endpoints that require premium functionality—​such as guest collections for data sharing and premium connectors—​must be managed under a Globus subscription. If your organization has a subscription, and your Globus account has the subscription manager role, you may set the endpoint as managed using the globus-connect-server command as follows.

Set the Endpoint as Managed
globus-connect-server endpoint set-subscription-id DEFAULT

1.6. Create OIDC Server (optional)

If your site does not have a identity provider available for logging in to Globus, you can use a Globus provided OIDC provider that uses PAM to authenticate users with local accounts. This is documented in the Globus OIDC Installation Guide. For this quickstart, we’ll use the --quickstart-server-name option to register the identity provider using the identity subdomain of the endpoint’s domain. The guide contains information about how to use a site-specific DNS name and certificate for this service.

sudo globus-connect-server oidc create \
    --display-name "OIDC Server for example.edu" \
    --support-contact "Joe Admin"\
    --support-email "support@example.edu" \
    --quickstart-server-name identity

sudo globus-connect-server oidc show

This script will print out a line indicating the domain that is being used for the OIDC server. Use this in place of example.edu when creating the storage gateway in the next step to use this service for authentication.

1.7. Create the Storage Gateway

globus-connect-server storage-gateway create posix \
     "Example Gateway" \
    --domain example.edu

This creates a Storage Gateway named Posix Gateway that restricts access to identities that have an example.edu domain. Copy the Storage Gateway ID in the output to use in the next step in place of STORAGE_GATEWAY_ID.

For more information on other policies that can be set on a Storage Gateway see The Storage Gateway section of the Data Access Guide. For instructions on creating Storage Gateways for Connectors other that POSIX see GCS Premium Connectors

1.8. Create a Mapped Collection

globus-connect-server collection create \
    STORAGE_GATEWAY_ID \
    /home/ \
    "Example Collection"

This creates a Mapped Collection named Example Collection rooted on the path /home/ using the Storage Gateway created in Create the Storage Gateway. This Collection will be visible to users through the Globus Web App, who will be able to access data in /home/ if they have an account from example.edu. The Globus accounts USER@example.edu will be granted access if there is a corresponding local account for USER.

2. Additional Reading

Globus Connect Server Installation Guide

This guide contains information about the features of Globus Connect Server, complete steps for endpoint configuration, as well as links to reference material about the Globus Connect Server command line tool. Using this document, you can learn how to set up multiple Data Transfer Nodes to provide service for a single endpoint.

Globus Connect Server Data Access Guide

This guide contains describes how to configure data access policies for your endpoint and its collections.

Globus Connect Server Identity Mapping Guide

This guide contains details about how to configure a Globus Connect Server endpoint to support Globus users from different identity providers.

Premium Storage Connectors

This section of the website contains information about how to configure a Globus Connect Server endpoint to use a premium storage connector.

  • Quickstart Guide
  • Installation Guide
  • Data Access Admin Guide
  • Domain Guide
  • HTTPS Access to Collections
  • Identity Mapping Admin Guide
  • Globus OIDC Installation Guide
  • Troubleshooting Guide
  • Command-Line Reference
    • Command summary
    • Audit
      • Load
      • Query
      • Dump
    • Endpoint
      • Setup
      • Show
      • Update
      • Reset Advertised Owner String
      • Set Advertised Owner String
      • Set Owner
      • Set Subscription ID
      • Cleanup
      • Key Convert
      • Domain
      • Role
      • Upgrade
    • OIDC
      • Create
      • Delete
      • Register
      • Show
      • Update
    • Node
      • Create
      • Disable
      • Enable
      • New Secret
      • Setup
      • List
      • Show
      • Update
      • Cleanup
      • Delete
    • Login
    • Session
      • Consent
      • Show
      • Update
    • Whoami
    • Logout
    • Storage Gateway
      • Create
      • List
      • Show
      • Update
      • Delete
    • Collection
      • Create
      • List
      • Show
      • Batch Delete
      • Reset Advertised Owner String
      • Set Advertised Owner String
      • Set Owner
      • Set Subscription Admin Verified Collection Property
      • Update
      • Delete
      • Domain
      • Check
      • Role
    • Auth Policy
      • Create
      • List
      • Show
      • Update
      • Delete
    • Sharing Policy
      • Create
      • List
      • Show
      • Delete
    • User Credentials
      • Activescale Create
      • OAuth Create
      • Delete
      • List
      • S3 Create
      • S3 Keys Add
      • S3 Keys Delete
      • S3 Keys Update
    • Self Diagnostic
  • Globus Connect Server Manager API
    • Authorization
    • Versioning
    • Endpoint
    • Roles
    • Nodes
    • Storage Gateways
    • Collections
    • User Credentials
    • Domains
    • Sharing Policies
  • API Access for Portals
  • Automated Endpoint Deployment
  • Data Access Application Guide
  • Application Migration Guide
  • Change Log
© 2010- The University of Chicago Legal Privacy Accessibility