Introduction to AFS Administration

1
Introduction to AFS Administration

• Presentation for ITPartners
• 10/24/02
• Garry Zacheiss ltzacheiss_at_mit.edugt

2
A Brief History of AFS

• 1984 - Developed at CMU as part of Project
  Andrew.
• 1989 - Transarc Corportation founded to
  commercialize AFS.
• 1998 - Transarc acquired by IBM.
• 2000 - IBM releases OpenAFS under the
• IBM Public License (IPL).

3
Why AFS?

• Security authentication via Kerberos 4.
• Scalability transparent data relocation.
• Reduce administrative workload unassisted user
  recovery from rm accidents.

4
Why not AFS?

• Requires more specialized administrator knowledge
  than NFS or SMB.
• 2 GB file size limitation.
• Doesnt scale down to high performance file
  sharing between a small number of clients.

5
Why are you here?

• AFS traditional uses have been
• Centrally maintained OS images and application
  software.
• User home directories in large, heterogeneous
  environments.
• Web content served by multiple machines.
• What do you want to do with AFS?

6
Supported Server Oses

• Solaris 2.6 - 9
• Linux (2.2.x, 2.4.x)
• Digital UNIX 4.0
• Tru64 5.0
• Tru64 5.1
• Irix 6.5
• AIX 4.3

• (Best support)
• (Redhat, Debian)
• (partial support)

Windows and MacOS X clients
exist.
7
Hardware Requirements

• Performance requirements arent excessive.
• sipb.mit.edu uses 2 Sun Ultra 5s, 1 Ultra 60.
• Spend for fault tolerance, not high performance.

8
Setting up a cell

• Not supported by Information Systems at this
  time.
• Community support is available via the
  openafs.org mailing lists.
• openafs.org provides binary distributions for
  many UNIX flavors.
• Documentation available at
• http//www.openafs.org/pages/doc/index.htm

9
Authentication Options

• Option 1 Run your own KDCs.
• - This is a BAD CHOICE for MIT.
• Option 2 Use ATHENA.MIT.EDU realm.
• - Need afs/ltcellnamegt keytab for this.
• - asetkey converts krb5 keytab to AFS
• Keyfile.
• - /usr/afs/etc/krb.conf contains realm to use.

10
AFS Server Architecture

• bosserver - starts and manages all other AFS
  server processes.
• Incorporates some rcp/rsh-like functionality.

11
(No Transcript)
12
AFS Server Architecture, cont.

• AFS databases
• ptserver - users and groups.
• vlserver - volume location database.
• buserver - backup database (optional).
• kaserver - authentication server (optional,
  deprecated).
• Ubik protocol keeps databases in sync between
  servers.

13
AFS Server Architecture, cont.

• Fileservers run two processes fileserver and
  volserver.
• salvager is fsck-like program for AFS data.
• All AFS server state stored under /usr/afs.
• - /usr/afs/bin for binaries
• - /usr/afs/etc for keys, config files.

14
How AFS Data is Stored

• Data served via AFS is stored in partitions named
  /vicepXX.
• AFS doesnt just export UFS filesystems like NFS
  does.
• Data stored on these partitions cannot be
  accessed without going through an AFS client.

15
(No Transcript)
16
How AFS Data is Stored, cont.

• Fileserver is sensitive to underlying filesystem.
• UFS journaling on Solaris will corrupt data.
• ext3 vice partitions on Linux fileservers work,
  though.
• iname() based fileservers need special fsck
  program for vice partitions (all platforms but
  Linux).

17
AFS Backups

• Backup tools designed for UFS wont back up AFS
  metadata
• ACLs
• Volume names
• Volume quotas

18
Backup Options 10 minutes of a 3 day talk

• Native AFS backup software
• ADSM/TSM.
• Amanda
• vos dump current UFS backup solution.

19
Native AFS backup software

• Consists of three parts
• backup - user client.
• butc - runs on backup server, writes to tapes.
• buserver - ubik database, dump/tape information.
• Used to back up Athenas production cells.
• Requires some scripting to automate for
  unattended backups.

20
ADSM/TSM

• IBM supports using TSM to back up AFS.
• MITs central TSM service isnt set up to handle
  this right now.
• You probably dont want to run your own TSM
  server.
• TSM isnt currently a realistic solution for
  private AFS cells at MIT.

21
Amanda

• A very common open source backup management tool.
• Work underway at Cornell to extend Amanda to
  manage AFS backups.
• Contact mitch_at_ccmr.cornell.edu for more
  information.

22
vos dump UFS backups

• Strategy vos dump volumes to files on a UFS
  partition somewhere, back it up like you normally
  would.
• Minimal implementation script run from cron.
• Leverages existing UFS backup infrastructure.
• Good choice if youre just startng out or
  experimenting with AFS.

23
Questions for You

• Do you want to see Information Systems support
  private AFS cells?
• Do you want to see AFS training available outside
  of MIT? (Usenix, LISA, etc.)

24
For Further Infomation

• openafs.org documentation.
• http//www.openafs.org/pages/doc/index.htm
• Managing AFS The Andrew File System, by
• Richard Campbell - slightly dated, but still
  useful.
• openafs.org mailing lists.
• openafs-info_at_openafs.org
• Send me mail! I cant promise fast turnaround
  times.
• zacheiss_at_mit.edu