1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 3//EN">
3
<TITLE>Administration Guide</TITLE>
4
<!-- Begin Header Records ========================================== -->
5
<!-- /tmp/idwt3191/auagd000.scr converted by idb2h R4.2 (359) ID -->
6
<!-- Workbench Version (AIX) on 5 Nov 1999 at 14:06:34 -->
7
<META HTTP-EQUIV="updated" CONTENT="Fri, 05 Nov 1999 14:06:34">
8
<META HTTP-EQUIV="review" CONTENT="Sun, 05 Nov 2000 14:06:34">
9
<META HTTP-EQUIV="expires" CONTENT="Mon, 05 Nov 2001 14:06:34">
11
<!-- (C) IBM Corporation 2000. All Rights Reserved -->
12
<BODY bgcolor="ffffff">
13
<!-- End Header Records ============================================ -->
14
<A NAME="Top_Of_Page"></A>
15
<H1>Administration Guide</H1>
16
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auagd002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auagd005.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Bot_Of_Page"><IMG SRC="../bot.gif" BORDER="0" ALT="[Bottom of Topic]"></A> <A HREF="auagd007.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auagd026.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
17
<HR><H1><A NAME="HDRWQ5" HREF="auagd002.htm#ToC_9">An Overview of AFS Administration</A></H1>
18
<P>This chapter provides a broad overview of the concepts and
19
organization of AFS. It is strongly recommended that anyone involved in
20
administering an AFS cell read this chapter before beginning to issue
22
<HR><H2><A NAME="HDRWQ6" HREF="auagd002.htm#ToC_10">A Broad Overview of AFS</A></H2>
23
<P>This section introduces most of the key terms and concepts
24
necessary for a basic understanding of AFS. For a more detailed
25
discussion, see <A HREF="#HDRWQ7">More Detailed Discussions of Some Basic Concepts</A>.
26
<P><B>AFS: A Distributed File System</B>
27
<P>AFS is a <I>distributed file system</I> that enables users to share and
28
access all of the files stored in a network of computers as easily as they
29
access the files stored on their local machines. The file system is
30
called distributed for this exact reason: files can reside on many
31
different machines (be distributed across them), but are available to users on
33
<P><B>Servers and Clients</B>
34
<P>In fact, AFS stores files on a subset of the machines in a network, called
35
<I>file server machines</I>. File server machines provide file
36
storage and delivery service, along with other specialized services, to the
37
other subset of machines in the network, the <I>client
38
machines</I>. These machines are called clients because they make use
39
of the servers' services while doing their own work. In a standard
40
AFS configuration, clients provide computational power, access to the files in
41
AFS and other "general purpose" tools to the users seated at their
42
consoles. There are generally many more client workstations than file
44
<P>AFS file server machines run a number of <I>server processes</I>, so
45
called because each provides a distinct specialized service: one handles
46
file requests, another tracks file location, a third manages security, and so
47
on. To avoid confusion, AFS documentation always refers to <I>server
48
machines</I> and <I>server processes</I>, not simply to
49
<I>servers</I>. For a more detailed description of the server
50
processes, see <A HREF="#HDRWQ17">AFS Server Processes and the Cache Manager</A>.
52
<P>A <I>cell</I> is an administratively independent site running
53
AFS. As a cell's system administrator, you make many decisions
54
about configuring and maintaining your cell in the way that best serves its
55
users, without having to consult the administrators in other cells. For
56
example, you determine how many clients and servers to have, where to put
57
files, and how to allocate client machines to users.
58
<P><B>Transparent Access and the Uniform Namespace</B>
59
<P>Although your AFS cell is administratively independent, you probably want
60
to organize the local collection of files (your <I>filespace</I> or
61
<I>tree</I>) so that users from other cells can also access the
62
information in it. AFS enables cells to combine their local filespaces
63
into a <I>global filespace</I>, and does so in such a way that file access
64
is <I>transparent</I>--users do not need to know anything about a
65
file's location in order to access it. All they need to know is
66
the pathname of the file, which looks the same in every cell. Thus
67
every user at every machine sees the collection of files in the same way,
68
meaning that AFS provides a <I>uniform namespace</I> to its users.
70
<P>AFS groups files into <I>volumes</I>, making it possible to distribute
71
files across many machines and yet maintain a uniform namespace. A
72
volume is a unit of disk space that functions like a container for a set of
73
related files, keeping them all together on one partition. Volumes can
74
vary in size, but are (by definition) smaller than a partition.
75
<P>Volumes are important to system administrators and users for several
76
reasons. Their small size makes them easy to move from one partition to
77
another, or even between machines. The system administrator can
78
maintain maximum efficiency by moving volumes to keep the load balanced
79
evenly. In addition, volumes correspond to directories in the
80
filespace--most cells store the contents of each user home directory in a
81
separate volume. Thus the complete contents of the directory move
82
together when the volume moves, making it easy for AFS to keep track of where
83
a file is at a certain time. Volume moves are recorded automatically,
84
so users do not have to keep track of file locations.
85
<P><B>Efficiency Boosters: Replication and Caching</B>
86
<P>AFS incorporates special features on server machines and client machines
87
that help make it efficient and reliable.
88
<P>On server machines, AFS enables administrators to <I>replicate</I>
89
commonly-used volumes, such as those containing binaries for popular
90
programs. Replication means putting an identical read-only copy
91
(sometimes called a <I>clone</I>) of a volume on more than one file server
92
machine. The failure of one file server machine housing the volume does
93
not interrupt users' work, because the volume's contents are still
94
available from other machines. Replication also means that one machine
95
does not become overburdened with requests for files from a popular
97
<P>On client machines, AFS uses <I>caching</I> to improve
98
efficiency. When a user on a client workstation requests a file, the
99
<I>Cache Manager</I> on the client sends a request for the data to the
100
File Server process running on the proper file server machine. The user
101
does not need to know which machine this is; the Cache Manager determines
102
file location automatically. The Cache Manager receives the file from
103
the File Server process and puts it into the <I>cache</I>, an area of the
104
client machine's local disk or memory dedicated to temporary file
105
storage. Caching improves efficiency because the client does not need
106
to send a request across the network every time the user wants the same
107
file. Network traffic is minimized, and subsequent access to the file
108
is especially fast because the file is stored locally. AFS has a way of
109
ensuring that the cached file stays up-to-date, called a
111
<P><B>Security: Mutual Authentication and Access Control Lists</B>
112
<P>Even in a cell where file sharing is especially frequent and widespread, it
113
is not desirable that every user have equal access to every file. One
114
way AFS provides adequate security is by requiring that servers and clients
115
prove their identities to one another before they exchange information.
116
This procedure, called <I>mutual authentication</I>, requires that both
117
server and client demonstrate knowledge of a "shared secret" (like a password)
118
known only to the two of them. Mutual authentication guarantees that
119
servers provide information only to authorized clients and that clients
120
receive information only from legitimate servers.
121
<P>Users themselves control another aspect of AFS security, by determining who
122
has access to the directories they own. For any directory a user owns,
123
he or she can build an <I>access control list</I> (ACL) that grants or
124
denies access to the contents of the directory. An access control list
125
pairs specific users with specific types of access privileges. There
126
are seven separate permissions and up to twenty different people or groups of
127
people can appear on an access control list.
128
<P>For a more detailed description of AFS's mutual authentication
129
procedure, see <A HREF="auagd007.htm#HDRWQ90">A More Detailed Look at Mutual Authentication</A>. For further discussion of ACLs, see <A HREF="auagd020.htm#HDRWQ772">Managing Access Control Lists</A>.
130
<HR><H2><A NAME="HDRWQ7" HREF="auagd002.htm#ToC_11">More Detailed Discussions of Some Basic Concepts</A></H2>
131
<P>The previous section offered a brief overview of the many
132
concepts that an AFS system administrator needs to understand. The
133
following sections examine some important concepts in more detail.
134
Although not all concepts are new to an experienced administrator, reading
135
this section helps ensure a common understanding of term and concepts.
136
<P><H3><A NAME="HDRWQ8" HREF="auagd002.htm#ToC_12">Networks</A></H3>
137
<A NAME="IDX5538"></A>
138
<P>A <I>network</I> is a collection of interconnected computers able to
139
communicate with each other and transfer information back and forth.
140
<P>A networked computing environment contrasts with two types of computing
141
environments: <I>mainframe</I> and <I>personal</I>.
142
<A NAME="IDX5539"></A>
143
<A NAME="IDX5540"></A>
145
<P><LI>A <I>mainframe</I> computing environment is the most
146
traditional. It uses a single powerful computer (the mainframe) to do
147
the majority of the work in the system, both file storage and
148
computation. It serves many users, who access their files and issue
149
commands to the mainframe via <I>terminals</I>, which generally have only
150
enough computing power to accept input from a keyboard and to display data on
152
<A NAME="IDX5541"></A>
153
<P><LI>A <I>personal</I> computing environment is a single small computer
154
that serves one (or, at the most, a few) users. Like a mainframe
155
computer, the single computer stores all the files and performs all
156
computation. Like a terminal, the personal computer provides access to
157
the computer through a keyboard and screen.
158
<A NAME="IDX5542"></A>
160
<P>A network can connect computers of any kind, but the typical network
161
running AFS connects high-function personal workstations. Each
162
workstation has some computing power and local disk space, usually more than a
163
personal computer or terminal, but less than a mainframe. For more
164
about the classes of machines used in an AFS environment, see <A HREF="#HDRWQ10">Servers and Clients</A>.
165
<P><H3><A NAME="HDRWQ9" HREF="auagd002.htm#ToC_13">Distributed File Systems</A></H3>
166
<A NAME="IDX5543"></A>
167
<A NAME="IDX5544"></A>
168
<P>A <I>file system</I> is a collection of files and the facilities
169
(programs and commands) that enable users to access the information in the
170
files. All computing environments have file systems. In a
171
mainframe environment, the file system consists of all the files on the
172
mainframe's storage disks, whereas in a personal computing environment it
173
consists of the files on the computer's local disk.
174
<P>Networked computing environments often use <I>distributed file
175
systems</I> like AFS. A distributed file system takes advantage of
176
the interconnected nature of the network by storing files on more than one
177
computer in the network and making them accessible to all of them. In
178
other words, the responsibility for file storage and delivery is "distributed"
179
among multiple machines instead of relying on only one. Despite the
180
distribution of responsibility, a distributed file system like AFS creates the
181
illusion that there is a single filespace.
182
<P><H3><A NAME="HDRWQ10" HREF="auagd002.htm#ToC_14">Servers and Clients</A></H3>
183
<A NAME="IDX5545"></A>
184
<A NAME="IDX5546"></A>
185
<A NAME="IDX5547"></A>
186
<P>AFS uses a server/client model. In general, a <I>server</I> is a
187
machine, or a process running on a machine, that provides specialized services
188
to other machines. A <I>client</I> is a machine or process that
189
makes use of a server's specialized service during the course of its own
190
work, which is often of a more general nature than the server's.
191
The functional distinction between clients and server is not always strict,
192
however--a server can be considered the client of another server whose
194
<P>AFS divides the machines on a network into two basic classes, <I>file
195
server machines</I> and <I>client machines</I>, and assigns different
196
tasks and responsibilities to each.
197
<P><B>File Server Machines</B>
198
<A NAME="IDX5548"></A>
199
<A NAME="IDX5549"></A>
200
<P><I>File server machines</I> store the files in the distributed file
201
system, and a <I>server process</I> running on the file server machine
202
delivers and receives files. AFS file server machines run a number of
203
<I>server processes</I>. Each process has a special function, such
204
as maintaining databases important to AFS administration, managing security or
205
handling volumes. This modular design enables each server process to
206
specialize in one area, and thus perform more efficiently. For a
207
description of the function of each AFS server process, see <A HREF="#HDRWQ17">AFS Server Processes and the Cache Manager</A>.
208
<P>Not all AFS server machines must run all of the server processes.
209
Some processes run on only a few machines because the demand for their
210
services is low. Other processes run on only one machine in order to
211
act as a synchronization site. See <A HREF="auagd008.htm#HDRWQ124">The Four Roles for File Server Machines</A>.
212
<P><B>Client Machines</B>
213
<A NAME="IDX5550"></A>
214
<P>The other class of machines are the <I>client machines</I>, which
215
generally work directly for users, providing computational power and other
216
general purpose tools. Clients also provide users with access to the
217
files stored on the file server machines. Clients do not run any
218
special processes per se, but do use a modified kernel that enables them to
219
communicate with the AFS server processes running on the file server machines
220
and to cache files. This collection of kernel modifications is referred
221
to as the <I>Cache Manager</I>; see <A HREF="#HDRWQ28">The Cache Manager</A>. There are usually many more client machines in a
222
cell than file server machines.
223
<P><B>Client and Server Configuration</B>
224
<P>In the most typical AFS configuration, both file server machines and client
225
machines are high-function workstations with disk drives. While this
226
configuration is not required, it does have some advantages.
227
<A NAME="IDX5551"></A>
228
<P>There are several advantages to using personal workstations as file server
229
machines. One is that it is easy to expand the network by adding
230
another file server machine. It is also easy to increase storage space
231
by adding disks to existing machines. Using workstations rather than
232
more powerful mainframes makes it more economical to use multiple file server
233
machines rather than one. Multiple file server machines provide an
234
increase in system availability and reliability if popular files are available
235
on more than one machine.
236
<P>The advantage of using workstations as clients is that <I>caching</I>
237
on the local disk speeds the delivery of files to application programs.
238
(For an explanation of caching, see <A HREF="#HDRWQ16">Caching and Callbacks</A>.) Diskless machines can access AFS if they are
239
running NFS(R) and the NFS/AFS Translator, an optional component of the
241
<P><H3><A NAME="HDRWQ11" HREF="auagd002.htm#ToC_15">Cells</A></H3>
242
<A NAME="IDX5552"></A>
243
<P>A <I>cell</I> is an independently administered site running AFS.
244
In terms of hardware, it consists of a collection of file server machines and
245
client machines defined as belonging to the cell; a machine can only
246
belong to one cell at a time. Users also belong to a cell in the sense
247
of having an account in it, but unlike machines can belong to (have an account
248
in) multiple cells. To say that a cell is administratively independent
249
means that its administrators determine many details of its configuration
250
without having to consult administrators in other cells or a central
251
authority. For example, a cell administrator determines how many
252
machines of different types to run, where to put files in the local tree, how
253
to associate volumes and directories, and how much space to allocate to each
255
<P>The terms <I>local cell</I> and <I>home cell</I> are equivalent,
256
and refer to the cell in which a user has initially authenticated during a
257
session, by logging onto a machine that belongs to that cell. All other
258
cells are referred to as <I>foreign</I> from the user's
259
perspective. In other words, throughout a login session, a user is
260
accessing the filespace through a single Cache Manager--the one on the
261
machine to which he or she initially logged in--whose cell membership
262
defines the local cell. All other cells are considered foreign during
263
that login session, even if the user authenticates in additional cells or uses
264
the <B>cd</B> command to change directories into their file trees.
265
<A NAME="IDX5553"></A>
266
<A NAME="IDX5554"></A>
267
<A NAME="IDX5555"></A>
268
<A NAME="IDX5556"></A>
269
<P>It is possible to maintain more than one cell at a single geographical
270
location. For instance, separate departments on a university campus or
271
in a corporation can choose to administer their own cells. It is also
272
possible to have machines at geographically distant sites belong to the same
273
cell; only limits on the speed of network communication determine how
275
<P>Despite their independence, AFS cells generally agree to make their local
276
filespace visible to other AFS cells, so that users in different cells can
277
share files if they choose. If your cell is to participate in the
278
"global" AFS namespace, it must comply with a few basic conventions governing
279
how the local filespace is configured and how the addresses of certain file
280
server machines are advertised to the outside world.
281
<P><H3><A NAME="HDRWQ12" HREF="auagd002.htm#ToC_16">The Uniform Namespace and Transparent Access</A></H3>
282
<A NAME="IDX5557"></A>
283
<A NAME="IDX5558"></A>
284
<P>One of the features that makes AFS easy to use is that it provides
285
<I>transparent access</I> to the files in a cell's filespace.
286
Users do not have to know which file server machine stores a file in order to
287
access it; they simply provide the file's pathname, which AFS
288
automatically translates into a machine location.
289
<P>In addition to transparent access, AFS also creates a <I>uniform
290
namespace</I>--a file's pathname is identical regardless of which
291
client machine the user is working on. The cell's file tree looks
292
the same when viewed from any client because the cell's file server
293
machines store all the files centrally and present them in an identical manner
295
<P>To enable the transparent access and the uniform namespace features, the
296
system administrator must follow a few simple conventions in configuring
297
client machines and file trees. For details, see <A HREF="auagd007.htm#HDRWQ39">Making Other Cells Visible in Your Cell</A>.
298
<P><H3><A NAME="HDRWQ13" HREF="auagd002.htm#ToC_17">Volumes</A></H3>
299
<A NAME="IDX5559"></A>
300
<P>A <I>volume</I> is a conceptual container for a set of related files
301
that keeps them all together on one file server machine partition.
302
Volumes can vary in size, but are (by definition) smaller than a
303
partition. Volumes are the main administrative unit in AFS, and have
304
several characteristics that make administrative tasks easier and help improve
305
overall system performance.
307
<P><LI>The relatively small size of volumes makes them easy to move from one
308
partition to another, or even between machines.
309
<P><LI>You can maintain maximum system efficiency by moving volumes to keep the
310
load balanced evenly among the different machines. If a partition
311
becomes full, the small size of individual volumes makes it easy to find
312
enough room on other machines for them.
313
<A NAME="IDX5560"></A>
314
<P><LI>Each volume corresponds logically to a directory in the file tree and
315
keeps together, on a single partition, all the data that makes up the files in
316
the directory. By maintaining (for example) a separate volume for each
317
user's home directory, you keep all of the user's files together,
318
but separate from those of other users. This is an administrative
319
convenience that is impossible if the partition is the smallest unit of
321
<A NAME="IDX5561"></A>
323
<A NAME="IDX5562"></A>
325
<A NAME="IDX5563"></A>
326
<P><LI>The directory/volume correspondence also makes transparent file access
327
possible, because it simplifies the process of file location. All files
328
in a directory reside together in one volume and in order to find a file, a
329
file server process need only know the name of the file's parent
330
directory, information which is included in the file's pathname.
331
AFS knows how to translate the directory name into a volume name, and
332
automatically tracks every volume's location, even when a volume is moved
333
from machine to machine. For more about the directory/volume
334
correspondence, see <A HREF="#HDRWQ14">Mount Points</A>.
335
<P><LI>Volumes increase file availability through replication and backup.
336
<A NAME="IDX5564"></A>
338
<A NAME="IDX5565"></A>
339
<P><LI>Replication (placing copies of a volume on more than one file server
340
machine) makes the contents more reliably available; for details, see <A HREF="#HDRWQ15">Replication</A>. Entire sets of volumes can be backed up to tape and
341
restored to the file system; see <A HREF="auagd011.htm#HDRWQ333">Configuring the AFS Backup System</A> and <A HREF="auagd012.htm#HDRWQ382">Backing Up and Restoring AFS Data</A>. In AFS, backup also refers to
342
recording the state of a volume at a certain time and then storing it (either
343
on tape or elsewhere in the file system) for recovery in the event files in it
344
are accidentally deleted or changed. See <A HREF="auagd010.htm#HDRWQ286">Creating Backup Volumes</A>.
345
<P><LI>Volumes are the unit of resource management. A space quota
346
associated with each volume sets a limit on the maximum volume size.
347
See <A HREF="auagd010.htm#HDRWQ319">Setting and Displaying Volume Quota and Current Size</A>.
348
<A NAME="IDX5566"></A>
350
<P><H3><A NAME="HDRWQ14" HREF="auagd002.htm#ToC_18">Mount Points</A></H3>
351
<A NAME="IDX5567"></A>
352
<P>The previous section discussed how each volume corresponds logically to a
353
directory in the file system: the volume keeps together on one partition
354
all the data in the files residing in the directory. The directory that
355
corresponds to a volume is called its <I>root directory</I>, and the
356
mechanism that associates the directory and volume is called a <I>mount
357
point</I>. A mount point is similar to a symbolic link in the file
358
tree that specifies which volume contains the files kept in a
359
directory. A mount point is not an actual symbolic link; its
360
internal structure is different.
361
<TABLE><TR><TD ALIGN="LEFT" VALIGN="TOP"><B>Note:</B></TD><TD ALIGN="LEFT" VALIGN="TOP">You must not create a symbolic link to a file whose name begins with the
362
number sign (#) or the percent sign (%), because the Cache Manager interprets
363
such a link as a mount point to a regular or read/write volume,
367
<A NAME="IDX5568"></A>
368
<A NAME="IDX5569"></A>
369
<A NAME="IDX5570"></A>
370
<A NAME="IDX5571"></A>
371
<P>The use of mount points means that many of the elements in an AFS file tree
372
that look and function just like standard UNIX file system directories are
373
actually mount points. In form, a mount point is a one-line file that
374
names the volume containing the data for files in the directory. When
375
the Cache Manager (see <A HREF="#HDRWQ28">The Cache Manager</A>) encounters a mount point--for example, in the course
376
of interpreting a pathname--it looks in the volume named in the mount
377
point. In the volume the Cache Manager finds an actual UNIX-style
378
directory element--the volume's root directory--that lists the
379
files contained in the directory/volume. The next element in the
380
pathname appears in that list.
381
<P>A volume is said to be <I>mounted</I> at the point in the file tree
382
where there is a mount point pointing to the volume. A volume's
383
contents are not visible or accessible unless it is mounted.
384
<P><H3><A NAME="HDRWQ15" HREF="auagd002.htm#ToC_19">Replication</A></H3>
385
<A NAME="IDX5572"></A>
386
<A NAME="IDX5573"></A>
387
<P><I>Replication</I> refers to making a copy, or <I>clone</I>, of a
388
source read/write volume and then placing the copy on one or more additional
389
file server machines in a cell. One benefit of replicating a volume is
390
that it increases the availability of the contents. If one file server
391
machine housing the volume fails, users can still access the volume on a
392
different machine. No one machine need become overburdened with
393
requests for a popular file, either, because the file is available from
395
<P>Replication is not necessarily appropriate for cells with limited disk
396
space, nor are all types of volumes equally suitable for replication
397
(replication is most appropriate for volumes that contain popular files that
398
do not change very often). For more details, see <A HREF="auagd007.htm#HDRWQ65">When to Replicate Volumes</A>.
399
<P><H3><A NAME="HDRWQ16" HREF="auagd002.htm#ToC_20">Caching and Callbacks</A></H3>
400
<A NAME="IDX5574"></A>
401
<P>Just as replication increases system availability, <I>caching</I>
402
increases the speed and efficiency of file access in AFS. Each AFS
403
client machine dedicates a portion of its local disk or memory to a
404
<I>cache</I> where it stores data temporarily. Whenever an
405
application program (such as a text editor) running on a client machine
406
requests data from an AFS file, the request passes through the Cache
407
Manager. The Cache Manager is a portion of the client machine's
408
kernel that translates file requests from local application programs into
409
cross-network requests to the <I>File Server process</I> running on the
410
file server machine storing the file. When the Cache Manager receives
411
the requested data from the File Server, it stores it in the cache and then
412
passes it on to the application program.
413
<P>Caching improves the speed of data delivery to application programs in the
416
<P><LI>When the application program repeatedly asks for data from the same file,
417
it is already on the local disk. The application does not have to wait
418
for the Cache Manager to request and receive the data from the File
420
<P><LI>Caching data eliminates the need for repeated request and transfer of the
421
same data, so network traffic is reduced. Thus, initial requests and
422
other traffic can get through more quickly.
423
<A NAME="IDX5575"></A>
424
<A NAME="IDX5576"></A>
426
<A NAME="IDX5577"></A>
429
<A NAME="IDX5578"></A>
431
<A NAME="IDX5579"></A>
432
While caching provides many advantages, it also creates the problem of
433
maintaining consistency among the many cached copies of a file and the source
434
version of a file. This problem is solved using a mechanism referred to
435
as a <I>callback</I>.
436
<P>A callback is a promise by a File Server to a Cache Manager to inform the
437
latter when a change is made to any of the data delivered by the File
438
Server. Callbacks are used differently based on the type of file
439
delivered by the File Server:
441
<P><LI>When a File Server delivers a writable copy of a file (from a read/write
442
volume) to the Cache Manager, the File Server sends along a callback with that
443
file. If the source version of the file is changed by another user, the
444
File Server breaks the callback associated with the cached version of that
445
file--indicating to the Cache Manager that it needs to update the cached
447
<P><LI>When a File Server delivers a file from a read-only volume to the Cache
448
Manager, the File Server sends along a callback associated with the entire
449
volume (so it does not need to send any more callbacks when it delivers
450
additional files from the volume). Only a single callback is required
451
per accessed read-only volume because files in a read-only volume can change
452
only when a new version of the complete volume is released. All
453
callbacks associated with the old version of the volume are broken at release
456
<P>The callback mechanism ensures that the Cache Manager always requests the
457
most up-to-date version of a file. However, it does not ensure that the
458
user necessarily notices the most current version as soon as the Cache Manager
459
has it. That depends on how often the application program requests
460
additional data from the File System or how often it checks with the Cache
462
<HR><H2><A NAME="HDRWQ17" HREF="auagd002.htm#ToC_21">AFS Server Processes and the Cache Manager</A></H2>
463
<A NAME="IDX5580"></A>
464
<A NAME="IDX5581"></A>
465
<P>As mentioned in <A HREF="#HDRWQ10">Servers and Clients</A>, AFS file server machines run a number of processes, each
466
with a specialized function. One of the main responsibilities of a
467
system administrator is to make sure that processes are running correctly as
468
much of the time as possible, using the administrative services that the
469
server processes provide.
470
<P>The following list briefly describes the function of each server process
471
and the Cache Manager; the following sections then discuss the important
472
features in more detail.
473
<P>The <I>File Server</I>, the most fundamental of the servers, delivers
474
data files from the file server machine to local workstations as requested,
475
and stores the files again when the user saves any changes to the
477
<P>The <I>Basic OverSeer Server (BOS Server)</I> ensures that the other
478
server processes on its server machine are running correctly as much of the
479
time as possible, since a server is useful only if it is available. The
480
BOS Server relieves system administrators of much of the responsibility for
481
overseeing system operations.
482
<P>The <I>Authentication Server</I> helps ensure that communications on
483
the network are secure. It verifies user identities at login and
484
provides the facilities through which participants in transactions prove their
485
identities to one another (mutually authenticate). It maintains the
486
Authentication Database.
487
<P>The <I>Protection Server</I> helps users control who has access to
488
their files and directories. Users can grant access to several other
489
users at once by putting them all in a group entry in the Protection Database
490
maintained by the Protection Server.
491
<P>The <I>Volume Server</I> performs all types of volume
492
manipulation. It helps the administrator move volumes from one server
493
machine to another to balance the workload among the various machines.
494
<P>The <I>Volume Location Server (VL Server)</I> maintains the Volume
495
Location Database (VLDB), in which it records the location of volumes as they
496
move from file server machine to file server machine. This service is
497
the key to transparent file access for users.
498
<P>The <I>Update Server</I> distributes new versions of AFS server process
499
software and configuration information to all file server machines. It
500
is crucial to stable system performance that all server machines run the same
502
<P>The <I>Backup Server</I> maintains the Backup Database, in which it
503
stores information related to the Backup System. It enables the
504
administrator to back up data from volumes to tape. The data can then
505
be restored from tape in the event that it is lost from the file
507
<P>The <I>Salvager</I> is not a server in the sense that others
508
are. It runs only after the File Server or Volume Server fails; it
509
repairs any inconsistencies caused by the failure. The system
510
administrator can invoke it directly if necessary.
511
<P>The <I>Network Time Protocol Daemon (NTPD)</I> is not an AFS server
512
process per se, but plays a vital role nonetheless. It synchronizes the
513
internal clock on a file server machine with those on other machines.
514
Synchronized clocks are particularly important for correct functioning of the
515
AFS distributed database technology (known as <I>Ubik</I>); see <A HREF="auagd008.htm#HDRWQ137">Configuring the Cell for Proper Ubik Operation</A>. The NTPD is controlled by the <B>runntp</B>
517
<P>The <I>Cache Manager</I> is the one component in this list that resides
518
on AFS client rather than file server machines. It not a process per
519
se, but rather a part of the kernel on AFS client machines that communicates
520
with AFS server processes. Its main responsibilities are to retrieve
521
files for application programs running on the client and to maintain the files
523
<P><H3><A NAME="HDRWQ18" HREF="auagd002.htm#ToC_22">The File Server</A></H3>
524
<A NAME="IDX5582"></A>
525
<P>The <I>File Server</I> is the most fundamental of the AFS server
526
processes and runs on each file server machine. It provides the same
527
services across the network that the UNIX file system provides on the local
530
<P><LI>Delivering programs and data files to client workstations as requested and
531
storing them again when the client workstation finishes with them.
532
<P><LI>Maintaining the hierarchical directory structure that users create to
533
organize their files.
534
<P><LI>Handling requests for copying, moving, creating, and deleting files and
536
<P><LI>Keeping track of status information about each file and directory
537
(including its size and latest modification time).
538
<P><LI>Making sure that users are authorized to perform the actions they request
539
on particular files or directories.
540
<P><LI>Creating symbolic and hard links between files.
541
<P><LI>Granting advisory locks (corresponding to UNIX locks) on request.
543
<P><H3><A NAME="HDRWQ19" HREF="auagd002.htm#ToC_23">The Basic OverSeer Server</A></H3>
544
<A NAME="IDX5583"></A>
545
<P>The <I>Basic OverSeer Server (BOS Server)</I> reduces the demands on
546
system administrators by constantly monitoring the processes running on its
547
file server machine. It can restart failed processes automatically and
548
provides a convenient interface for administrative tasks.
549
<P>The BOS Server runs on every file server machine. Its primary
550
function is to minimize system outages. It also
552
<P><LI>Constantly monitors the other server processes (on the local machine) to
553
make sure they are running correctly.
554
<P><LI>Automatically restarts failed processes, without contacting a human
555
operator. When restarting multiple server processes simultaneously, the
556
BOS server takes interdependencies into account and initiates restarts in the
558
<A NAME="IDX5584"></A>
560
<A NAME="IDX5585"></A>
561
<P><LI>Accepts requests from the system administrator. Common reasons to
562
contact BOS are to verify the status of server processes on file server
563
machines, install and start new processes, stop processes either temporarily
564
or permanently, and restart dead processes manually.
565
<P><LI>Helps system administrators to manage system configuration
566
information. The BOS server automates the process of adding and
567
changing <I>server encryption keys</I>, which are important in mutual
568
authentication. The BOS Server also provides a simple interface for
569
modifying two files that contain information about privileged users and
570
certain special file server machines. For more details about these
571
configuration files, see <A HREF="auagd008.htm#HDRWQ119">Common Configuration Files in the /usr/afs/etc Directory</A>.
573
<P><H3><A NAME="HDRWQ20" HREF="auagd002.htm#ToC_24">The Authentication Server</A></H3>
574
<A NAME="IDX5586"></A>
575
<P>The <I>Authentication Server</I> performs two main functions related to
576
network security:
578
<P><LI>Verifying the identity of users as they log into the system by requiring
579
that they provide a password. The Authentication Server grants the user
580
a <I>token</I> as proof to AFS server processes that the user has
581
authenticated. For more on tokens, see <A HREF="auagd007.htm#HDRWQ91">Complex Mutual Authentication</A>.
582
<P><LI>Providing the means through which server and client processes prove their
583
identities to each other (mutually authenticate). This helps to create
584
a secure environment in which to send cross-network messages.
586
<P>In fulfilling these duties, the Authentication Server utilizes algorithms
587
and other procedures known as <I>Kerberos</I> (which is why many commands
588
used to contact the Authentication Server begin with the letter
589
<B>k</B>). This technology was originally developed by the
590
Massachusetts Institute of Technology's Project Athena.
591
<P>The Authentication Server also maintains the <I>Authentication
592
Database</I>, in which it stores user passwords converted into encryption
593
key form as well as the AFS server encryption key. To learn more about
594
the procedures AFS uses to verify user identity and during mutual
595
authentication, see <A HREF="auagd007.htm#HDRWQ90">A More Detailed Look at Mutual Authentication</A>.
596
<A NAME="IDX5587"></A>
597
<A NAME="IDX5588"></A>
598
<A NAME="IDX5589"></A>
599
<A NAME="IDX5590"></A>
600
<P><H3><A NAME="HDRWQ21" HREF="auagd002.htm#ToC_25">The Protection Server</A></H3>
601
<A NAME="IDX5591"></A>
602
<A NAME="IDX5592"></A>
603
<A NAME="IDX5593"></A>
604
<P>The <I>Protection Server</I> is the key to AFS's refinement of the
605
normal UNIX methods for protecting files and directories from unauthorized
606
use. The refinements include the following:
608
<P><LI>Defining seven access permissions rather than the standard UNIX file
609
system's three. In conjunction with the UNIX mode bits associated
610
with each file and directory element, AFS associates an <I>access control
611
list (ACL)</I> with each directory. The ACL specifies which users
612
have which of the seven specific permissions for the directory and all the
613
files it contains. For a definition of AFS's seven access
614
permissions and how users can set them on access control lists, see <A HREF="auagd020.htm#HDRWQ772">Managing Access Control Lists</A>.
615
<A NAME="IDX5594"></A>
616
<P><LI>Enabling users to grant permissions to numerous individual users--a
617
different combination to each individual if desired. UNIX protection
618
distinguishes only between three user or groups: the owner of the file,
619
members of a single specified group, and everyone who can access the local
621
<P><LI>Enabling users to define their own groups of users, recorded in the
622
<I>Protection Database</I> maintained by the Protection Server. The
623
groups then appear on directories' access control lists as though they
624
were individuals, which enables the granting of permissions to many users
626
<P><LI>Enabling system administrators to create groups containing client machine
627
IP addresses to permit access when it originates from the specified client
628
machines. These types of groups are useful when it is necessary to
629
adhere to machine-based licensing restrictions.
631
<A NAME="IDX5595"></A>
632
<A NAME="IDX5596"></A>
633
<P>The Protection Server's main duty is to help the File Server determine
634
if a user is authorized to access a file in the requested manner. The
635
Protection Server creates a list of all the groups to which the user
636
belongs. The File Server then compares this list to the ACL associated
637
with the file's parent directory. A user thus acquires access both
638
as an individual and as a member of any groups.
639
<P>The Protection Server also maps <I>usernames</I> (the name typed at the
640
login prompt) to <I>AFS user ID</I> numbers (<I>AFS UIDs</I>).
641
These UIDs are functionally equivalent to UNIX UIDs, but operate in the domain
642
of AFS rather than in the UNIX file system on a machine's local
643
disk. This conversion service is essential because the tokens that the
644
Authentication Server grants to authenticated users are stamped with usernames
645
(to comply with Kerberos standards). The AFS server processes identify
646
users by AFS UID, not by username. Before they can understand whom the
647
token represents, they need the Protection Server to translate the username
648
into an AFS UID. For further discussion of tokens, see <A HREF="auagd007.htm#HDRWQ90">A More Detailed Look at Mutual Authentication</A>.
649
<P><H3><A NAME="HDRWQ22" HREF="auagd002.htm#ToC_26">The Volume Server</A></H3>
650
<A NAME="IDX5597"></A>
651
<P>The <I>Volume Server</I> provides the interface through which you
652
create, delete, move, and replicate volumes, as well as prepare them for
653
archiving to tape or other media (backing up). <A HREF="#HDRWQ13">Volumes</A> explained the advantages gained by storing files in
654
volumes. Creating and deleting volumes are necessary when adding and
655
removing users from the system; volume moves are done for load
656
balancing; and replication enables volume placement on multiple file
657
server machines (for more on replication, see <A HREF="#HDRWQ15">Replication</A>).
658
<P><H3><A NAME="HDRWQ23" HREF="auagd002.htm#ToC_27">The Volume Location (VL) Server</A></H3>
659
<A NAME="IDX5598"></A>
660
<A NAME="IDX5599"></A>
661
<P>The <I>VL Server</I> maintains a complete list of volume locations in
662
the <I>Volume Location Database (VLDB)</I>. When the Cache Manager
663
(see <A HREF="#HDRWQ28">The Cache Manager</A>) begins to fill a file request from an application program,
664
it first contacts the VL Server in order to learn which file server machine
665
currently houses the volume containing the file. The Cache Manager then
666
requests the file from the File Server process running on that file server
668
<P>The VLDB and VL Server make it possible for AFS to take advantage of the
669
increased system availability gained by using multiple file server machines,
670
because the Cache Manager knows where to find a particular file.
671
Indeed, in a certain sense the VL Server is the keystone of the entire file
672
system--when the information in the VLDB is inaccessible, the Cache
673
Manager cannot retrieve files, even if the File Server processes are working
674
properly. A list of the information stored in the VLDB about each
675
volume is provided in <A HREF="auagd010.htm#HDRWQ265">Volume Information in the VLDB</A>.
676
<A NAME="IDX5600"></A>
677
<P><H3><A NAME="HDRWQ24" HREF="auagd002.htm#ToC_28">The Update Server</A></H3>
678
<A NAME="IDX5601"></A>
679
<P>The <I>Update Server</I> helps guarantee that all file server machines
680
are running the same version of a server process. System performance
681
can be inconsistent if some machines are running one version of the BOS Server
682
(for example) and other machines were running another version.
683
<P>To ensure that all machines run the same version of a process, install new
684
software on a single file server machine of each system type, called the
685
<I>binary distribution machine</I> for that type. The binary
686
distribution machine runs the <I>server portion</I> of the Update Server,
687
whereas all the other machines of that type run the <I>client portion</I>
688
of the Update Server. The client portions check frequently with the
689
server portion to see if they are running the right version of every
690
process; if not, the client portion retrieves the right version from the
691
binary distribution machine and installs it locally. The system
692
administrator does not need to remember to install new software individually
693
on all the file server machines: the Update Server does it
694
automatically. For more on binary distribution machines, see <A HREF="auagd008.htm#HDRWQ127">Binary Distribution Machines</A>.
695
<A NAME="IDX5602"></A>
697
<A NAME="IDX5603"></A>
698
<P>In cells that run the United States edition of AFS, the Update Server also
699
distributes configuration files that all file server machines need to store on
700
their local disks (for a description of the contents and purpose of these
701
files, see <A HREF="auagd008.htm#HDRWQ119">Common Configuration Files in the /usr/afs/etc Directory</A>). As with server process software, the need for
702
consistent system performance demands that all the machines have the same
703
version of these files. With the United States edition, the system
704
administrator needs to make changes to these files on one machine only, the
705
cell's <I>system control machine</I>, which runs a server portion of
706
the Update Server. All other machines in the cell run a client portion
707
that accesses the correct versions of these configuration files from the
708
system control machine. Cells running the international edition of AFS
709
do not use a system control machine to distribute configuration files.
710
For more information, see <A HREF="auagd008.htm#HDRWQ128">The System Control Machine</A>.
711
<P><H3><A NAME="HDRWQ25" HREF="auagd002.htm#ToC_29">The Backup Server</A></H3>
712
<A NAME="IDX5604"></A>
713
<A NAME="IDX5605"></A>
714
<P>The <I>Backup Server</I> maintains the information in the <I>Backup
715
Database</I>. The Backup Server and the Backup Database enable
716
administrators to back up data from AFS volumes to tape and restore it from
717
tape to the file system if necessary. The server and database together
718
are referred to as the <I>Backup System</I>.
719
<P>Administrators initially configure the Backup System by defining sets of
720
volumes to be dumped together and the schedule by which the sets are to be
721
dumped. They also install the system's tape drives and define the
722
drives' <I>Tape Coordinators</I>, which are the processes that
723
control the tape drives.
724
<P>Once the Backup System is configured, user and system data can be dumped
725
from volumes to tape. In the event that data is ever lost from the
726
system (for example, if a system or disk failure causes data to be lost),
727
administrators can restore the data from tape. If tapes are
728
periodically archived, or saved, data can also be restored to its state at a
729
specific time. Additionally, because Backup System data is difficult to
730
reproduce, the Backup Database itself can be backed up to tape and restored if
731
it ever becomes corrupted. For more information on configuring and
732
using the Backup System, see <A HREF="auagd011.htm#HDRWQ333">Configuring the AFS Backup System</A> and <A HREF="auagd012.htm#HDRWQ382">Backing Up and Restoring AFS Data</A>.
733
<P><H3><A NAME="HDRWQ26" HREF="auagd002.htm#ToC_30">The Salvager</A></H3>
734
<A NAME="IDX5606"></A>
735
<P>The <I>Salvager</I> differs from other AFS Servers in that it runs only
736
at selected times. The BOS Server invokes the Salvager when the File
737
Server, Volume Server, or both fail. The Salvager attempts to repair
738
disk corruption that can result from a failure.
739
<P>As a system administrator, you can also invoke the Salvager as necessary,
740
even if the File Server or Volume Server has not failed. See <A HREF="auagd010.htm#HDRWQ317">Salvaging Volumes</A>.
741
<P><H3><A NAME="HDRWQ27" HREF="auagd002.htm#ToC_31">The Network Time Protocol Daemon</A></H3>
742
<A NAME="IDX5607"></A>
743
<P>The <I>Network Time Protocol Daemon (NTPD)</I> is not an AFS server
744
process per se, but plays an important role. It helps guarantee that
745
all of the file server machines agree on the time. The NTPD on one file
746
server machine acts as a synchronization site, generally learning the correct
747
time from a source outside the cell. The NTPDs on the other file server
748
machines refer to the synchronization site to set the internal clocks on their
750
<P>Keeping clocks synchronized is particularly important to the correct
751
operation of AFS's distributed database technology, which coordinates the
752
copies of the Authentication, Backup, Protection, and Volume Location
753
Databases; see <A HREF="auagd007.htm#HDRWQ67">Replicating the AFS Administrative Databases</A>. Client machines also refer to these clocks for the
754
correct time; therefore, it is less confusing if all file server machines
755
have the same time. For more technical detail about the NTPD, see <A HREF="auagd009.htm#HDRWQ197">The runntp Process</A>.
756
<P><H3><A NAME="HDRWQ28" HREF="auagd002.htm#ToC_32">The Cache Manager</A></H3>
757
<A NAME="IDX5608"></A>
758
<P>As already mentioned in <A HREF="#HDRWQ16">Caching and Callbacks</A>, the <I>Cache Manager</I> is the one component in this
759
section that resides on client machines rather than on file server
760
machines. It is not technically a stand-alone process, but rather a set
761
of extensions or modifications in the client machine's kernel that enable
762
communication with the server processes running on server machines. Its
763
main duty is to translate file requests (made by application programs on
764
client machines) into remote procedure calls (RPCs) to the File Server.
765
(The Cache Manager first contacts the VL Server to find out which File Server
766
currently houses the volume that contains a requested file, as mentioned in <A HREF="#HDRWQ23">The Volume Location (VL) Server</A>). When the Cache Manager receives the requested file,
767
it caches it before passing data on to the application program.
768
<P>The Cache Manager also tracks the state of files in its cache compared to
769
the version at the File Server by storing the callbacks sent by the File
770
Server. When the File Server breaks a callback, indicating that a file
771
or volume changed, the Cache Manager requests a copy of the new version before
772
providing more data to application programs.
773
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auagd002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auagd005.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Top_Of_Page"><IMG SRC="../top.gif" BORDER="0" ALT="[Top of Topic]"></A> <A HREF="auagd007.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auagd026.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
774
<!-- Begin Footer Records ========================================== -->
776
<br>© <A HREF="http://www.ibm.com/">IBM Corporation 2000.</A> All Rights Reserved
778
<!-- End Footer Records ============================================ -->
779
<A NAME="Bot_Of_Page"></A>