Service Processes and Threads: execution of applications or services Communication: information exchange for coordination of processes But: how can client processes (or human users) find the right server processes for communication? Naming and related concepts Service, Naming (e.g. DNS, GNS) Central concept in distributed systems Mapping of logical names to the addresses of resources (objects, files, services, hosts,...) Directory Service / Discovery Service / Trading Service (e.g. X.500, LDAP / Jini Discovery Service / CORBA Trading Service) Mapping of service attributes to resource addresses ('yellow pages') The client don't need to know the resource name, only a description of its characteristics 1 2 Why Services? Mappings Resources are accessed using identifiers or references An identifier can be stored in variables and retrieved from tables quickly Identifier includes or can be transformed into an address for an object E.g. NFS file handle, CORBA remote object reference A name is a human-readable value (usually a string) that can be resolved to an identifier or address Internet domain name, file pathname, process number E.g../etc/passwd, http://www-i4.informatik.rwth-aachen.de/ For many purposes, names are preferable to identifiers because the binding of the named resource to a physical location can be changed because they are more meaningful to users Resource names are resolved by name services to give identifiers and other useful attributes Internet DNS (Domain System) Mapping of domain names to host attributes: IP address Type of entry (host, name server, email,...) Period of validity, Directory service X.500 Originally: Mapping of person names to the person's attributes: Email address Phone number,... Middleware platform CORBA Mapping of an object name onto an object reference The given address possibly is one more logical name which has to be mapped onto a resource address, e.g. in case of an IP address 3 4
Resolution: URLs URL http://www-i4.informatik.rwth-aachen.de:8888/content/teaching/lectures/sub/vs/vsss06/ ARP lookup DNS lookup Resource ID (IP number, port number, pathname) 137.226.12.8 8888 content/teaching/lectures/sub/vs/vsss06/ Organisation of Naming Information In large systems like the Internet: Large number of entities to be named Distribution of naming information to several hosts Structuring of naming data Management by local organisations Better performance by holding less data Hierarchical structure allows sub-names without name clashes (Ethernet) network address Spaces 2:60:8c:2:b0:5a file Represented by a labelled, directed graph Socket Web server Leaf nodes represent a named entity (contains e.g. address) Directory node has several outgoing, labelled edges Root node mostly is the unique start node of the graph 5 6 Spaces Linking and Mounting (1) Naming of entities by path names to leaf nodes Separation of edge labels by special characters like '/' or '.' Similar concept like in many file systems Distinction between absolute and relative path names Very often, the graph is organised as a tree resolution: looking up information stored in the node identified by a path name 7 Often required: aliases Another name for the same entity Usage of symbolic links: no address is stored in the leaf node, but another path name Merge name spaces: mounting 8
Linking and Mounting: NFS NFS Architecture for UNIX Systems Directory for mount points required information: name of access protocol name of server name of mounting point mount point mounting point Mounting by setting an alias into a different name space: Network File System (NFS) 9 Virtual file system (VFS) replaces local file system interface and forwards remote file operation via RPC VFS hides differences between access implementations on different platforms 10 Mounting in NFS Alternative Approach to Merge different Spaces home Possible to mount nested directories from multiple servers Exported directories can include imported subdirectories No transparent import of such subdirectories by third party Alternative approach for merging name spaces: Global Service (GNS) Add a new root node and add existing root nodes as children Problem: new root node has to maintain a mapping for old root nodes 11 12
Space Distribution (1) Space Distribution (2) The name space is the core of a naming service Operations for adding, removing and looking up names Item Global Administrational Managerial Implemented by name servers Geographical scale of network Worldwide Organization Department Structuring of naming information Total number of nodes Responsiveness to lookups Few Seconds Many Milliseconds Vast numbers Immediate root node and its children: stable nodes Update propagation Lazy Immediate Immediate Nodes that are managed within a single organisation: administrative units Number of replicas Is client-side caching applied? Many Yes None or few Yes None Sometimes Host in local networks, shared files, userdefined directories,...: typically frequently changing nodes A comparison between name servers for implementing nodes from a large-scale name space partitioned into a global layer, an administrational layer, and a managerial layer. 13 14 Implementation of Resolution (1) Implementation of Resolution (2) Iterative name resolution A client's name resolver contacts a name server. This name server passes back a reference to the next responsible name server. The resolver contacts this server,... Recursive name resolution A client's name resolver only contacts the next name server. Finding the responsible name server and thus the address now is made by the involved name servers. request address 15 16
Implementation of Resolution (3) Implementation of Resolution (4) for node Should resolve Looks up Passes to child Receives and caches Returns to requester cs <ftp> #<ftp> -- -- #<ftp> vu <cs,ftp> #<cs> <ftp> #<ftp> #<cs> #<cs, ftp> nl <vu,cs,ftp> #<vu> <cs,ftp> #<cs> #<cs,ftp> #<vu> #<vu,cs> #<vu,cs,ftp> root <nl,vu,cs,ftp> #<nl> <vu,cs,ftp> #<vu> #<vu,cs> #<vu,cs,ftp> #<nl> #<nl,vu> #<nl,vu,cs> #<nl,vu,cs,ftp> Recursive name resolution of <nl, vu, cs, ftp>. servers cache intermediate results for subsequent lookups (performance improvement). Recursive resolution often helps to decrease communication costs 17 18 DNS Service for the Internet DNS Space A distributed naming database structure reflects administrative structure of the Internet Rapidly resolves domain names to IP addresses exploits caching heavily typical query time ~100 milliseconds Scales to millions of computers partitioned database caching Resilient to failure of a server replication com edu gov mil cs Oxford Generic se de rwth-aachen informatik Countries Basic DNS algorithm for name resolution (domain name IP number) Look for the name in the local cache Try a superior DNS server, which responds with: another recommended DNS server the IP address (which may not be entirely up to date) The domain is given by the sequence of labels, beginning with the root of the target domain, ending with the root of the whole tree. The labels are separated by '.' winnie com hp corp winnie.corp.hp.com (would be: winnie.corp.hp.com.) 19 20
Domains and Zones com berkeley berkeley.edu Zone edu nwu Domains are divided in Zones edu Domain manages a zone Less information overhead for s edu Zone org purdue purdue.edu Zone Delegation 21 DNS Functions Main function is to resolve domain names for computers, i.e. to get their IP addresses Caches the results of previous searches until they pass their 'time to live' Other functions: Get mail host for a domain Reverse resolution - get domain name from IP address Host information - type of hardware and OS Well-known services - a list of well-known services offered by a host Other attributes can be included (optional) tables change infrequently, but when they do, caching can result in the delivery of stale data. Clients are responsible for detecting this and for recovering Its design makes changes to the structure of the name space difficult. For example: merging previously separate domain trees under a new root moving sub-trees to a different part of the structure 22 DNS Resource Records Naming information are stored in the leafs in so-called Resource Records Type of record SOA A MX SRV NS CNAME PTR HINFO TXT Associated entity Zone Host Domain Domain Zone Node Host Host Any kind Description Holds information on the represented zone Contains an IP address of the host this node represents Refers to a mail server to handle mail addressed to this node Refers to a server handling a specific service Refers to a name server that implements the represented zone Symbolic link with the primary name of the represented node Contains the canonical name of a host Holds information on the host this node represents Contains any entity-specific information considered useful Example of Content 23 24
Resolution in DNS Resolution in DNS DNS supports iterative and recursive name resolution Iterative resolution is the standard technique Recursive resolution is needed when the client only has limited access in a domain (security reasons) Iterative resolution can be made by a name server instead of the client's name resolver: client 1 4 A name server NS 1 communicates with other name servers on behalf of a client NS 1 2 NS 2 3 NS 3 Non-recursive server-controlled client 1 5 NS 1 2 4 NS 2 3 NS 3 Recursive server-controlled 25 request reply Resolver Resolver request for address of girigiri.gbrmpa.gov.au reference to au request for address of girigiri.gbrmpa.gov.au reference to gov.au request for address of girigiri.gbrmpa.gov.au reference to gbrmpa.gov.au request for address of girigiri.gbrmpa.gov.au address of girigiri.gbrmpa.gov.au au au gov.au gov.au gbrmpa.gov.au gbrmpa.gov.au au gov nz edu sg sa ips gbrmpa 26 Global Service (GNS) GNS has more flexibility than DNS DNS was originally not designed for that large data volumes an early research project (1985) developed solutions for the problems of resource location, mail addresses and authentication: GNS consideration of large name spaces restructuring name spaces home Problem: scalability and performance of root node after merging several sub-trees 27 Directory and Discovery Service Directory service: 'yellow pages' for the resources in a network Retrieves the set of names that satisfy a given description E.g. X.500, LDAP, MS Active Directory Services (DNS holds some descriptive data, but the data is very incomplete and additionally DNS isn't organised to search it) Discovery service: a directory service that also: Is automatically updated as the network configuration changes Meets the needs of clients in spontaneous networks Discovers services e.g. required by a client (who may be mobile) within the current scope, for example, to find the most suitable printing service for image files after arriving at a hotel. Examples of discovery services: Jini discovery service, the 'service location protocol', the 'simple service discovery protocol', the 'secure discovery service'. Automatic registration of new services and automatic connection of new clients to the discovery service 28
X.500 X.500 Database Entries OSI X.500 - Directory Service (by ITU/ISO) Abbr. Value a hierarchically-structured standard directory service designed for world-wide use Accommodates resource descriptions in a standardised form and their retrieval for any resource Never fully deployed, but the standard forms the basis for LDAP, the Lightweight Directory Access Protocol, which is widely used Originally designed for descriptions of human beings, but can be applied to any type of 'resource' Country Locality Organization OrganizationalUnit Common Mail_s C L O OU CN -- NL Amsterdam Vrije Universiteit Math. & Comp. Sc. Main server 130.37.24.6, 192.31.231,192.31.231.66 Lightweight Directory Access Protocol, LDAP FTP_ -- 130.37.21.11 X.500 uses higher OSI layers for access operations, LDAP defines a simpler approach: direct access by using TCP/IP X.500 uses ASN.1 to describe resources, LDAP only needs a textual description (ASCII) LDAP not depends on X.500, each directory service can be used 29 WWW_ A X.500 directory entry using X.500 naming conventions. Similar to DNS resource records Collection of (attribute, value) pairs Collection of all directory entries: Directory Information Base Globally unique name for each entry -- 130.37.21.11 30 X.500 Directory Information Tree X.500 Architecture Unique names by hierarchical structure Implemented similar to name services like DNS DUA Globally unique name is sequence of identifiers in directory entry, e.g. /C=NL/O=Vrije Universiteit/OU=Math. & Comp. Sc. /CN=Main server Resulting tree: Directory Information Tree Country Value NL Provides more lookup operations (advanced search operations) Two different components: Directory User Agent (DUA) Directory Service Agent () DUA DUA Locality Amsterdam Organization Vrije Universiteit OrganizationalUnit Math. & Comp. Sc. Common Host_ Host_Address Main server star 192.31.231.42 Naming information are distributed over several s (like zones in DNS) DUAs are representing clients (like name resolver in DNS) 31 32
X.500 Search Operations Adding functionality to a simple name service: more lookup operations Facilities are given for searching an entry by its attributes Example: list all main servers at Vrije Universiteit: answer=search("&(c=nl)(o=vrije Universiteit)(OU=*)(CN=Main )") Searching generally is an expensive operation: access several leaf nodes to get an answer, several s have to be accessed Result: never really implemented, only LDAP as simpler version becomes a defacto standard in the Internet (e.g. Windows 2000) 33 LDAP Developed in the 90ies at University of Michigan as a lightweight version of an access protocol to X.500 directories Managed by the Internet Engineering Task Force (IETF) Goal: central information service for the administration of users and services in networked environments Integration of information form various resources Concepts adopted from X.500: Directory Information Tree Directory Information Base Directory service agents Format of database entries (attribute/value pairs) Standardisation of entry types, e.g.: person user security information IP host 34 LDAP and X.500 Disadvantages of LDAP Less access operations than X.500 Performance aspects: load sharing, redundant servers Advantages of LDAP Communication uses the standard protocols TCP/IP Simpler model, easier to implement Encoding of information using textual description: usage of data by several applications Application areas for LDAP Information service for contact data User management in heterogeneous networks Authentication services Resource management Certification service for public key infrastructures Discovery Services - Jini Discovery services require more than search facilities: Discovery Clients in most cases find the Jini lookup services in their scope by IP multicast/broadcast Multicast UDP for nearby Lookup services Unicast TCP for known Lookup services Join Used by services to register with a Lookup Service Lookup Clients and services use to request a service type from a Lookup service Search by type, not by name Closer to a directory service than to a naming service 35 36
Organisation of Service Descriptions The lookup service maps interfaces indicating the functionality provided by a service to sets of objects that implement the service Object Hierarchical organization of services by type hierarchy Leaf nodes store service descriptions including proxies to access services Printer Print Fax Copier Store Discovery Canon HP p1 p2 BJ-100 p3 BJC-70 37 38 Join Code Code 39 40
Lookup Jini Client PDA 41 42 Code Code Jini Client Jini Client PDA PDA 43 44