Introducing FedFS On Linux Chuck Lever Oracle Corporation

Similar documents
Federated Cloud File System Framework

DFS Namespaces. Virtualization for Remote File Systems. Dan Lovinger DFSN Development Lead Microsoft

Global Filesystems in the Real World: Comparing Experiences with AFS and NFS. Phillip Moore

Cisco TelePresence Authenticating Cisco VCS Accounts Using LDAP

Outline. Definition. Name spaces Name resolution Example: The Domain Name System Example: X.500, LDAP. Names, Identifiers and Addresses

FreeIPA 3.3 Trust features

Fedora Directory Server FUDCon III London, 2005

FreeIPA Client and Server

Mac OS X Directory Services

The Data Grid: Towards an Architecture for Distributed Management and Analysis of Large Scientific Datasets

Clustered Data ONTAP 8.2

Red Hat Identity Management

Setup Guide Access Manager 3.2 SP3

Oracle Net Service Name Resolution

Novell Distributed File Services Administration Guide

Data Management in an International Data Grid Project. Timur Chabuk 04/09/2007

SO114 - Solaris 10 OE Network Administration

An Introduction To Gluster. Ryan Matteson

RSA Authentication Manager 7.1 Microsoft Active Directory Integration Guide

FileBench's Multi-Client feature

Creating an LDAP Directory

Red Hat Enterprise ipa

OVERVIEW OF TYPICAL WINDOWS SERVER ROLES

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

ACE Names and UID/GID/SIDs

Distributed File Systems. Chapter 10

Implementing Domain Name Service (DNS)

IBM Cloud Manager with OpenStack

Active Directory. By: Kishor Datar 10/25/2007

VMware Identity Manager Connector Installation and Configuration

How To Manage File Access On Data Ontap On A Pc Or Mac Or Mac (For A Mac) On A Network (For Mac) With A Network Or Ipad (For An Ipad) On An Ipa (For Pc Or

Setting Up Resources in VMware Identity Manager

Course 20533: Implementing Microsoft Azure Infrastructure Solutions

Univention Corporate Server. Operation of a Samba domain based on Windows NT domain services

GL-275: Red Hat Linux Network Services. Course Outline. Course Length: 5 days

Planning Domain Controller Capacity

High Availability and Load Balancing Cluster for Linux Terminal Services

Distributed File Systems

How To Install Storegrid Server On Linux On A Microsoft Ubuntu 7.5 (Amd64) Or Ubuntu (Amd86) (Amd77) (Orchestra) (For Ubuntu) (Permanent) (Powerpoint

Introduction to Highly Available NFS Server on scale out storage systems based on GlusterFS

CA ARCserve Replication and High Availability

Install and Configure an Open Source Identity Server Lab

CONFIGURING ACTIVE DIRECTORY IN LIFELINE

Creating a Domain Tree

Optimization in a Secure Windows Environment

AD Integration options for Linux Systems

ACE Management Server Deployment Guide VMware ACE 2.0

Skyward LDAP Launch Kit Table of Contents

CN=Monitor Installation and Configuration v2.0

Implementing Microsoft Azure Infrastructure Solutions

Implementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led

Lesson Plans Managing a Windows 2003 Network Infrastructure

SolarWinds Log & Event Manager

VMware Identity Manager Administration

Websense Support Webinar: Questions and Answers

SUSE Manager in the Public Cloud. SUSE Manager Server in the Public Cloud

Course 20533B: Implementing Microsoft Azure Infrastructure Solutions

Unified Communications in RealPresence Access Director System Environments

Driver for Sentinel. Implementation Guide. June 2013

Analisi di un servizio SRM: StoRM

Novell LDAP Proxy Server

Configuring Windows Server Clusters

How To Set Up A Webmin Account On A Libc (Libc) On A Linux Server On A Windows 7.5 (Amd) With A Password Protected Password Protected (Windows) On An Ubuntu (Amd

Sun ZFS Storage Appliance Rule-Based Identity Mapping Between Active Directory and Network Information Services Implementation Guide

Using SUSE Linux Enterprise Desktop with Microsoft * Active Directory Infrastructure

Acronis Backup & Recovery 10 Server for Linux. Installation Guide

Setting Up a CLucene and PostgreSQL Federation

NetIQ Identity Manager Setup Guide

Configure Directory Integration

External Data Connector (EMC Networker)

IDENTITIES, ACCESS TOKENS, AND THE ISILON ONEFS USER MAPPING SERVICE

How To Configure Multiburb Smt On A Sidewinder G2 In A Load Sharing Environment

DNS: How it works. DNS: How it works (more or less ) DNS: How it Works. Technical Seminars Spring Paul Semple psemple@rm.

VMware vcenter Log Insight Getting Started Guide

Centralized Mac Home Directories On Windows Servers: Using Windows To Serve The Mac

RSA Authentication Manager 7.1 to 8.1 Migration Guide: Upgrading RSA SecurID Appliance 3.0 On Existing Hardware

Implementing Active Directory Hurdles, Obstacles, and the Finish Line. Jim McDonough Samba Team IBM Linux Technology Center April 6, 2004

Panasas at the RCF. Fall 2005 Robert Petkus RHIC/USATLAS Computing Facility Brookhaven National Laboratory. Robert Petkus Panasas at the RCF

Samba as an Active Directory Domain Controller

Click Studios. Passwordstate. Installation Instructions

CDAT Overview. Remote Managing and Monitoring of SESM Applications. Remote Managing CHAPTER

Advancements in Linux Authentication and Authorisation using SSSD

Migrating from NFSv3 to NFSv4. Migrating from NFSv3 to NFSv4. March of STORAGE NETWORKING INDUSTRY ASSOCIATION

Integrating Linux systems with Active Directory

OnCommand Performance Manager 1.1

SUSE LINUX School Server

Red Hat Certifications: Red Hat Certified System Administrator (RHCSA)

Formation NetApp Accelerated NCDA

Acronis Backup & Recovery 10 Server for Linux. Update 5. Installation Guide

Introduction to Mobile Access Gateway Installation

Microsoft Active Directory Authentication with SonicOS 3.0 Enhanced and SonicOS SC 1.0 (CSM 2100CF)

ENTERPRISE LINUX NETWORKING SERVICES

Transcription:

Introducing FedFS On Linux Chuck Lever Oracle Corporation

In Brief FedFS problem statement Overview of protocols DNS, NFS/SMB, NSDB, ADMIN The fedfs-utils command set Next steps 2

Open Source Bona Fides FedFS is a proposed Internet Standard fedfs-utils is a GPL implementation of FedFS for Linux No Oracle products were harmed in the making of FedFS or fedfs-utils 3

FedFS Problem Statement Name file resources globally File names not based on storage location Enable client self-configuration Scale-up number of file-access clients Enable advanced storage administration tools Enable fileset migration, replication Distribute administration authority Anyone can deploy a namespace securely No changes to existing file access protocols 4

FedFS Encapsulated A federated filesystem enables file access and namespace traversal in a uniform, secure and consistent manner across multiple independent fileservers within an enterprise or across multiple enterprises

Familiar Terminology File-access protocol / server / client Standard network file protocol Share Basic unit of data administration on a fileserver Namespace How applications locate files (e.g., POSIX pathname) 6

File System Referrals A referral is a file-access protocol action where a fileserver redirects file-access clients to another fileserver and share Referrals enable power features Hide physical location of shared data Migration: moving filesets Replication: load balancing, fault tolerance Multi-server namespace 7

FedFS Terms FedFS Fileset A share that has unique Name and Location attributes FedFS Junction A non-protocol specific link between filesets Contains a FedFS Fileset Name FedFS Domain An independently administered file namespace and fileset namespace Globally Useful Name File pathname that is the same on all file-access clients 8

FedFS Client-side Globally Useful Name is a file pathname that always refers to the same file A Globally Useful Name hides details of underlying storage Fileserver hostname and export path are not exposed Fileset replicas are transparent /nfs4/example.net/users/cel/.vimrc Protocol Domain Directories and files 9

FedFS Server-side Junction Resolution File-access client comes across a FedFS junction on a fileserver Fileserver reads contents of junction (FSN, NSDB) Fileserver converts these to a native referral by contacting the NSDB contained in the junction Namespace Database (NSDB) Database mapping fileset Names to fileset Locations 10

FedFS Protocol Overview DNS protocol A DNS SRV record advertises the root directory of each FedFS domain File-access protocol File-access clients use this protocol to access files on fileservers NSDB protocol Fileservers use this LDAP protocol to resolve FedFS junctions ADMIN protocol Administrators use this ONCRPC protocol to manage FedFS junctions and provision NSDB connection parameters on fileservers 11

FedFS Operation: Mount $ cd /nfs4/example.net FedFS-enabled NFS client NFS file servers 12

FedFS Operation: Mount DNS SRV query NFS client DNS server NFS file servers 13

FedFS Operation: Mount NFS client NFS mount NFS file servers 14

FedFS Operation: Mount NFS client NFS referrals NFS file servers 15

FedFS Operation: Mount NFS client Normal NFS traffic NFS file servers 16

FedFS Operation: Junction Resolution NFS LOOKUP request NFS client FedFS-enabled fileservers 17

FedFS Operation: Junction Resolution NFS client NFS4ERR_MOVED FedFS-enabled fileservers 18

FedFS Operation: Junction Resolution NFS GETATTR(fs_locations) request NFS client FedFS-enabled fileservers 19

FedFS Operation: Junction Resolution NFS client FedFS-enabled fileservers LDAP queries NSDB 20

FedFS Operation: Junction Resolution NFS client Location list FedFS-enabled fileservers 21

Overview Of Linux fedfs-utils Not an in-kernel filesystem Set of user space tools, plus an LDAP schema Relies on automounter on file-access clients Does not store files, but rather locates them Relies on standard network filesystem for data storage Non-FedFS clients can mount and access shares normally Constructs enterprise-wide file namespaces Scalable referral manager 22

The fedfs-utils Client Command Set fedfs-map-nfs4 automounter program map mount.fedfs For static mounts (rarely used) 23

The fedfs-utils Fileserver Command Set nfsref Command line management of basic NFS referrals and FedFS junctions rpc.fedfsd Remote management of FedFS junctions Remote provisioning of NSDB connection parameters Secured via RPCSEC GSSAPI Entirely optional fedfs-domainroot Command line provisioning of FedFS domain root directories 24

Sidebar: Basic NFS Junctions FedFS junction Referral target locations stored on NSDB Location metadata managed remotely via FedFS Basic NFS junction Referral target locations stored directly on fileserver No NSDB or other FedFS infrastructure required nfsref command handles both types 25

The fedfs-utils Admin Command Set nsdbparams nsdb-* fedfs-* Command line management of local NSDB connection parameters Remote management of NSDB content Can use TLS for security Remote management of FedFS junctions and NSDB connection parms Can use RPCSEC GSSAPI for security nsdb-jumpstart Command line provisioning of local NSDB based on OpenLDAP Can create self-signed certificate to enable TLS-only access 26

Next Steps Ratification of pending FedFS standards Multi-realm file-access security SASL GSSAPI for NSDB access GUI administrative tools Enable NFSv4.1 features Client and server support for GETATTR(fs_locations_info) 27

Where To Get fedfs-utils Source code http://git.linux-nfs.org/?p=cel/fedfs-utils.git;a=summary http://git.linux-nfs.org/?p=cel/fedfs-releases.git;a=summary Linux distributions Fedora and Enterprise Linux 7: yum list fedfs-utils* Enterprise Linux 6: EPEL 6 SuSE: coming soon 28

Thanks for your interest!

Appendix

Linux On-Disk Junction Format Directory with special mode bits On server, mode looks like d - - - - - - - - - t Trusted xattr contains junction data NFS basic: XML containing location list FedFS junction: XML containing FSN UUID and NSDB hostname 31

Linux On-Disk Junction Format NFS basic junctions Replaces refer=location_list in /etc/exports Location list stored in junction on fileserver Only NFS locations can be specified FedFS junctions Location list stored in an NSDB, accessed via LDAP Locations can be on any supported network filesystem 32

Client-side Junction Behavior On referral-enable file-access clients, junction object is automatically replaced by root directory of referred-to fileset On incapable file-access clients, junction object looks like an inaccessible directory 33

NSDB Schema NSDB Container Entry (NCE) record Root of DIT containing FedFS information DN: ou=fedfs,dc=example,dc=net Fileset Name (FSN) record One per FedFS fileset DN: fedfsfsnuuid=${fsnuuid},${nce} Fileset Location (FSL) record One for each physical instance of a FedFS fileset Stores fileserver hostname and export path attributes DN: fedfsfsluuid=${fsluuid},fedfsfsnuuid=${fsnuuid},${nce} 34

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information