[wplug] wplug openafs cell?

James O'Kane jo2y at midnightlinux.com
Sun Dec 8 16:52:45 EST 2002 

On Sun, 1 Dec 2002, Edward Walter wrote:

> What kind of capabilities does OpenAFS have?  I read the success stories
> and they talk about things like redundancy and automatic backups.  How do
> these things happen?  Also, what kind of protocols does OpenAFS rely on or
> more importantly, tunnel over.  For example, can I mount an OpenAFS volume
> locally over an SSH tunnel without having to wave a dead chicken over my
> pc, or do I need to do more traditional vpn stuff for that to happen. 
> Also, I'm looking at ways to distribute redundant storage across multiple
> machines.  How well does OpenAFS do this?  Is it reasonable to setup, or
> am I better off looking at something like the clustered filesystem that
> oracle just GPLed for this purpose.  Sorry for all the questions, but your
> post got me reading and brainstorming a little.

Lots of questions...

AFS does redunancy by allowing one read/write (RW) copy and N real-only 
(RO) copies. For example:

root.cell 
    RWrite: 536870915     ROnly: 536870916     Backup: 536870998 
    number of sites -> 3
       server uhura.midnightlinux.com partition /vicepb RW Site 
       server yar.midnightlinux.com partition /vicepb RO Site 
       server uhura.midnightlinux.com partition /vicepb RO Site 


root.cell is the volume that holds the contents of /afs/midnightlinux.com/
The RW copy lives on uhura on the partition mounted under /vicepb. There 
are two RO copies. One on uhura and one on yar. Those machines are 
directly next to each other, so I'm not sure how much this helps, but if 
one of them were to be rebooted, afs clients would use the remaining 
machine.

AFS does online backups by making a snapshot of the volume. Think of these 
as hardlinks to the original volume, but the link is broken when new data 
is written to the original volume. The advantage of this is that you don't 
use any extra space except for files that were deleted or changed in the 
original volume for example.

As for protocols, it uses several ports in the 7000-7010 udp port range. 
I'm still researching about the chicken part. It would be easiest if you 
had a VPN setup. You might want to look at CIPE, that's what I'm thinking 
about because it is fairly simple to use. You don't need to tunnel these 
if the data can be transmitted in the clear. AFS uses kerberos for 
authentication which has encryption of passwords by nature.

I found setting up openafs was much easier and better documented than 
coda. I think it only took me an evening to do.

Another feature that you didn't mention, but it's what brought me to afs, 
was the ability to move volumes without people noticing. For example, if I 
wanted to move the root.cell RW volume from uhura to a new machine jadiza 
for example. I could run:

vos move root.cell -fromserver uhura -frompartition /vicepb -toserver jadzia -topartition /vicepa

And it would clone the volume, move the clone, then reclone the volume and 
update the database entries. I've done a few tests where I would start 
compiling something in a volume, then move the volume, and the compile 
didn't have a problem. The only thing I noticed was a pause when the 
volume was locked for the cloning process. The length of the pause depends 
on the amount of changes done since the last clone.

-james

More information about the wplug mailing list