1 / 29

Andrew File System

Andrew File System. Vishal Patel, George Blank. Agenda. What is AFS? History of AFS Basics of AFS Benefits of AFS Drawbacks of AFS Versions of AFS References. What is AFS?.

lotus
Télécharger la présentation

Andrew File System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Andrew File System Vishal Patel, George Blank

  2. Agenda • What is AFS? • History of AFS • Basics of AFS • Benefits of AFS • Drawbacks of AFS • Versions of AFS • References

  3. What is AFS? • AFS is distributed file system that enables co-operating hosts (clients and servers) to efficiently share file system resources across both local area and wide area networks • provides transparent file access between systems running AFS • Software available for most UNIX platforms and Window and Mac. You can install an AFS client on your system. • AFS runs on systems from: HP, Next, DEC, IBM, SUN, and SGI.

  4. History of AFS • AFS is based on a distributed file system originally developed at the Information Technology Center at Carnegie-Mellon University in 1984. • The idea was to provide a campus-wide file system for home directories which would run effectively using a limited bandwidth campus backbone network. • IBM released AFS as an Open Systems Platform at http://www.openafs.org/ and it is now called OpenAFS.

  5. Basics of AFS • Cells • Volumes • Tokens • Cache Manager • File Protection • File Space Design

  6. Cells • An AFS cell is a collection of servers grouped together administratively and presenting a single, cohesive file system. • Typically, an AFS cell is a set of hosts that use the same Internet domain name. • Normally, a variation of the domain name is used as the cell name. Users log into AFS client workstations which request information and files from the cell's servers on behalf of the users.

  7. Volumes • The storage disks in a computer are divided into sections called partitions. AFS further divides partitions into units called volumes. • The volumes provide a convenient container for storing related files and directories. • System administrator can move volumes from one file server to another without noticing, because AFS automatically tracks a volume’s location

  8. Tokens • AFS does not use UNIX user IDs for authentication. In order to access files which are not world accessible using AFS, you must have a valid AFS token. You may see what tokens you currently hold using the tokens command.

  9. Cache Manager • Cache Manager maintains information about the identities of the users logged into the machine, finds and requests data on their behalf, and keeps chunks of retrieved files on local disk. • The effect of this is that as soon as a remote file is accessed a chunk of that file gets copied to local disk and so subsequent accesses (warm reads) are almost as fast as to local disk and considerably faster than a cold read (across the network).

  10. File Protection • File protections do not work the same way in AFS as they do in UNIX. • AFS augments the standard UNIX file protection mechanism, using a more precise mechanism for controlling access to files: an access control list (ACL).

  11. File Space Design

  12. File Space Design (Cont’d) • Hierarchical file structure like the UNIX file system • AFS root is generally named /afs and next level is called a cell - administrative domain — a defined set of AFS servers within a company, university, lab, etc. - local cell — the default cell associated with your workstation - foreign cell — other cells in the AFS file space • Subsequent levels are UNIX files • Some facilities use AFS for users’ login directory

  13. File Sharing • AFS enables users to share remote files as easily as local files. To access a file on a remote machine in AFS, you simply specify the file's pathname. In contrast, to access a file in a remote machine's UNIX file system, you must log into the remote machine or create a mount point on the local machine that points to a directory in the remote machine's UNIX file system • AFS users can see and share all the files under the /afs root directory, given the appropriate privileges. An AFS user who has the necessary privileges can access a file in any AFS cell, simply by specifying the file's pathname. File sharing in AFS is not restricted by geographical distances or operating system differences

  14. Figure 8.12 File name space seen by clients of AFS

  15. Login and Authentication To become an authenticated AFS user, you need to provide a password to AFS • On machines that use an AFS-modified login utility, logging in is a one-step process; your initial login automatically authenticates you with AFS. • On machines that do not use an AFS-modified login utility, you must perform two steps. • Log in to your local machine. • Issue the klog command with the -setpag argument to authenticate with AFS and get your token. • Your system administrator can tell you whether your machine uses an AFS-modified login utility or not

  16. AFS Commands AFS commands are grouped into three categories: • File server commands (fs) - lists AFS server information - set and list ACLs (access control list) • Protection commands (pts) - create and manage (ACL) groups • Authentication commands - klog, unlog, kpasswd, tokens

  17. Benefits of AFS • Caching facility: Caching significantly reduces the amount of network traffic, improving performance when a cold read is necessary • Location Independence: AFS does its mapping (filename to location) at the server. This has the tremendous advantage of making the served file space location independent

  18. Benefits of AFS (Cont’d) • Scalability: An architectural goal of the AFS designers was client/server ratios of 200:1 which has been successfully exceeded at some sites. • Single systems image (SSI): Establishing the same view of file store from each client and server in a network of systems (that comprise an AFS cell) is an order of magnitude simpler with AFS than it is with, say, NFS.

  19. Benefits of AFS (Cont’d) • Improved security: Firstly, AFS makes use of Kerberos to authenticate users. This improves security Secondly, AFS uses access control lists (ACLs) to enable users to restrict access to their own directories.

  20. Benefits of AFS (Cont’d) • "Easy to use" networking Accessing remote file resources via the network becomes much simpler when using AFS • Improved system management capability Systems administrators are able to make configuration changes from any client in the AFS cell • Improved robustness to server crash • Replicated AFS volumes

  21. Drawbacks of AFS • Invasive install • Complexity of backend server function • Authentication issues with applications (e.g. ticket expiration)

  22. Some useful Open AFS commands • sar 2 10 ( to check the CPU idle) • top ( will give which process was taking the highest CPU) • /usr/bin/lsof (give the open ports and open files that are not closed) • netstat -an | grep will give you whether the port you were going to use for the server /client program is being utilized.

  23. The fs command • Thefs(filesystem) command allows you to do many things in OpenAFS. Some examples: • fs listaclFind what Access Control List permissions have been granted in your account. • fs sa ~/project gblanklGrant user gblank permission to look up (read) the directory project. • fs sysnameFind the system name, for which you can substitute @sys in AFS pathnames.

  24. The fs sa Access Control List permissions • lookup – List contents of directory • insert – Add files or directories • delete – Delete entries in directory • administer – Change ACL rights in directory • read – Read file content, query file status • write – Read file content, change permissions • lock – Full file advisory lock

  25. AFS Access Control and Unix file permissions • Unix file permissions (chmod) are used by AFS, but in a way that may be difficult to understand. • Group g and Other o permissions are ignored. Rights are based on rights granted to a user u. • Any authorized user (system:authusers) can execute a file with these rights: -rwx------ if they have lookup permission in that directory. They need read and write permissions for full access.

  26. AFS man pages and Wiki • The traditional Unix manual format man is available for Open AFS, listing all AFS commands in alphabetical order with their options, at http://www.openafs.org/manpages/ • There is also an OpenAFS Wiki at http://www.dementia.org/twiki/bin/view/AFSLore/

  27. Scripting in OpenAFS • Probably the best scripting language for AFS is AFS Perl. • There are Perl functions for all AFS command line functions. • There is a scripting tool that comes with AFS called uss, but AFS Perl is more flexible, more robust and is easy for Perl users to comprehend.

  28. Controlling AFS from Java • There is a Java API for AFS. • See http://www.dementia.org/twiki/bin/view/AFSLore/JavaAdminAPIfor more information.

  29. References • Full documentation for OpenAFS is available online at http://www.openafs.org/ Significant material for this lecture came from Alf Wachsmann’s lecture there: “Introduction to AFS and its Best Practices” • Also see left hand menu at http://web.njit.edu/

More Related