1 / 62

AFS

AFS. -- Andrew File System. 中科院高能物理研究所计算中心 范 勇 2002.11.11. 内容安排. AFS 概述 AFS 的组成与功能 AFS 管理 AFS 应用. ===================. AFS 概述. AFS is an enterprise file system designed for use in a distributed environment on multiple computing platforms. AFS 的发展历史. AFS 分布式文件系统计算环境.

les
Download Presentation

AFS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. AFS -- Andrew File System 中科院高能物理研究所计算中心 范 勇 2002.11.11

  2. 内容安排 • AFS概述 • AFS的组成与功能 • AFS管理 • AFS应用

  3. ===================

  4. AFS概述 • AFS is an enterprise file system designed for use in a distributed environment on multiple computing platforms.

  5. AFS的发展历史

  6. AFS分布式文件系统计算环境

  7. AFS分布式文件系统计算环境

  8. AFS的特性 • A single, shared name space for all users, from all machines. • Location-independent file sharing. • Client caching and efficient wide-area protocols for excellent performance • Extended security through Kerberos authentication and Access Control Lists • Replication techniques for file system reliability

  9. AFS中的几个基本概念 • Cell • Volumes • Mount Points • Replication • Caching and Callbacks • Tokens • Access Control List

  10. Cell • A cell is an independently administered site running AFS. • A machine can only belong to one cell at a time. • Users also belong to a cell in the sense of having an account in it, but unlike machines can belong to (have an account in) multiple cells. • /usr/vice/etc/CellDB • /usr/afs/etc/CellDB

  11. Volumes • An AFS volume is a logical unit of disk space that functions like a container for the files in an AFS directory, keeping them all together on one partition of a file server machine. • Make administrative tasks easier and help improve overall system performance. • Three types of volumes in AFS: • single read/write version • read-only volume • backup volume

  12. Mount Points • Mechanism that associates the directory and volume is called a mount point. • Mount Points < ========== > Volumes

  13. Replication • Replication refers to making a copy, or clone, of a source read/write volume and then placing the copy on one or more additional file server machines in a cell. • Increases the availability of the contents. • Most appropriate for volumes that contain popular files that do not change very often.

  14. Caching& Callbacks • The problem of maintaining consistency among the many cached copies of a file and the source version of a file. • A callback is a promise by a File Server to a Cache Manager to inform the latter when a change is made to any of the data delivered by the File Server. • Two types of Callbacks: • a callback with a writable copy of file. • a callback associated with the entire read-only volume

  15. Tokens • The token is a small collection of data that certifies that the user has correctly provided the password associated with a particular AFS identity. • When a user successfully authenticates, the AFS authentication service passes a token to the user’s Cache Manager. • The Cache Manager presents the token to AFS server processes along with service requests, as proof that the user is genuine. • The Cache Manager stores tokens in the user’s credential structure in kernel memory. • A user can have only one token per cell

  16. ACL (Access Control List) • AFS ACLs provide more refined access control on a directory and all of the files in it. • seven access permissions: • a (administer) • d (delete) • i (insert) • k (lock) • l (lookup) • r (read) • w (write) • Three system groups: • system: anyuser • system: authuser • system:administrators

  17. AFS Vs UFS

  18. AFS vs. NFS (I) • AFS,Andrew File System; Fermilab Final Evaluation Report and Implementation Recommendations, Farhad Abar, Gary Roedigers, Joseph Stith2, Matt Wicks. May 12, 1992.

  19. AFS vs. NFS (II)

  20. AFS vs. NFS: Architecture • Transarc Corporation, The AFS File System in Distributed Computing Environment, 1996

  21. AFS vs. NFS: Performance

  22. AFS vs. NFS: Availability

  23. AFS vs. NFS: Management

  24. AFS vs. NFS: Security

  25. ===================

  26. AFS的体系结构

  27. AFS的组成 • File Server • BOS Server • Protection Server • Volume Server • Volume Location Server • Update Server • Backup Server • Salvager • Cache Manager • NTPD

  28. File Server • Provides the same services across the network that the UNIX file system provides on the local disk. • Delivering programs and data files to client workstations as requested and storing them again when the client workstation finishes with them. • Maintaining the hierarchical directory structure that users create to organize their files. • Handling requests for copying, moving, creating, and deleting files and directories. • Keeping track of status information about each file and directory • Making sure that users are authorized to perform the actions they request on particular files or directories. • Creating symbolic links between files.

  29. Bos (Basic OverSeer Server) • Constantly monitors the other server processes (local) to make sure they are running correctly. • Automatically restarts failed processes. • Accepts requests from the system administrator. • Helps system administrators to manage system configuration information.

  30. BOS Server和其他进程的关系

  31. Authentication Server • Verifying the identity of users as they log into the system by requiring that they provide a password. • Providing the means through which server and client processes prove their identities to each other. • Maintains the Authentication Database, stores user passwords converted into encryption key form as well as the AFS server encryption key.

  32. Authentication Server和其他Server的关系

  33. Protection Server • The Protection Server’s main duty is to help the File Server determine if a user is authorized to access a file in the requested manner. • Defining seven access permissions with access control list (ACL) for each directory. • Enabling users to grant permissions to numerous individual users. • Enabling users to define their own groups of users, recorded in the Protection Database maintained by the Protection Server. • Enabling system administrators to create groups containing client machine IP addresses to permit access.

  34. File Server和Protection Server的关系

  35. Volume Server • The Volume Server provides the interface through which you create, delete, move, and replicate volumes, as well as prepare them for archiving to tape or other media (backing up).

  36. Volume Location Server • The VL Server maintains a complete list of volume locations in the Volume Location Database (VLDB). • The VLDB and VL Server make it possible for AFS to take advantage of the increased system availability gained by using multiple file server machines, because the Cache Manager knows where to find a particular file.

  37. Volume Server和Volume Location Server的关系

  38. Update Server • The Update Server helps guarantee that all file server machines are running the same version of a server process. • In cells that run the United States edition of AFS, the Update Server also distributes configuration files that all file server machines need to store on their local disks.

  39. Backup Server • The Backup Server maintains the information in the Backup Database. • Enable administrators to back up data from AFS volumes to tape and restore it from tape to the file system if necessary.

  40. Salvager • The Salvager attempts to repair disk corruption that can result from a failure. • The BOS Server invokes the Salvager when the File Server, Volume Server, or both fail.

  41. Cache Manager • A set of extensions or modifications in the client machine’s kernel that enable communication with the server processes running on server machines. • Translate file requests into remote procedure calls (RPCs) to the File Server. • Tracks the state of files in its cache.

  42. File Server、Cache Manager和Volume Location Server之间的关系

  43. Network Time Protocol Daemon • It helps guarantee that all of the file server machines agree on the time. • Keeping clocks synchronized coordinates the copies of the Authentication, Backup, Protection, and Volume Location Databases.

  44. AFS 布署的实例

  45. =====================

  46. AFS的管理 • Monitoring and Controlling Server Processes • Managing Volumes • Administering User Accounts • uss Command Suite • AFS Security Management • Managing Server Encryption Keys • Managing Access Control Lists • Managing Administrative Privilege • AFS Backup System • Configuring the AFS Backup System • Backing Up and Restoring AFS Data • Administering Client Machines and the Cache Manager • Monitoring and Auditing AFS Performance

  47. 常用的AFS系统管理命令

  48. 常用的AFS监控命令

  49. AFS服务器管理: BOS Command Suits

  50. AFS卷管理: VOS Command Suits

More Related