dcache NFSv4.1 Tigran Mkrtchyan Zeuthen, dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 1

Similar documents
NFS around the world Tigran Mkrtchyan for dcache Team dcache User Workshop, Umeå, Sweden

NFSv4.1 Plan for a Smooth Migration

NFSv4.1 Using pnfs PRESENTATION TITLE GOES HERE. Presented by: Alex McDonald CTO Office, NetApp

GridNFS: Scaling to Petabyte Grid File Systems. Andy Adamson Center For Information Technology Integration University of Michigan

February 15, 2012 FAST 2012 San Jose NFSv4.1 pnfs product community

Nicolas Williams Staff Engineer Sun Microsystems, Inc.

Dell EMC Unity Family

The Parallel NFS Bugaboo. Andy Adamson Center For Information Technology Integration University of Michigan

NFS version 4 LISA `05. Mike Eisler Network Appliance, Inc.

Kerberized NFS 2010 Kerberos Conference

dcache Introduction Course

NFS Version 4 17/06/05. Thimo Langbehn

NFS Version 4.1. Spencer Shepler, Storspeed Mike Eisler, NetApp Dave Noveck, NetApp

and NFSv4.1 Alex McDonald, NetApp

pnfs, NFSv4.1, FedFS and Future NFS Developments Alex McDonald NetApp

Chapter 11: File-System Interface

Configuring NFSv4 on SUSE Linux Enterprise 10

pnfs: Blending Performance and Manageability

The Evolution of the NFS Protocol:

4. Note: This example has NFS version 3, but other settings such as NFS version 4 may also work better in some environments.

pnfs, parallel storage for grid and enterprise computing Joshua Konkle, NetApp, Inc.

Distributed Systems. Hajussüsteemid MTAT Distributed File Systems. (slides: adopted from Meelis Roos DS12 course) 1/25

What is a file system

CS 470 Spring Distributed Web and File Systems. Mike Lam, Professor. Content taken from the following:

Advanced Network and System Administration

Clustered Data ONTAP 8.2 File Access Management Guide for NFS

CS 470 Spring Distributed Web and File Systems. Mike Lam, Professor. Content taken from the following:

Distributed File Systems

Dell Fluid File System Version 6.0 Support Matrix

Distributed File Systems: Design Comparisons

NFS Version 4 Open Source Project. William A.(Andy) Adamson Center for Information Technology Integration University of Michigan

SDC EMEA 2019 Tel Aviv

NFS: The Next Generation. Steve Dickson Kernel Engineer, Red Hat Wednesday, May 4, 2011

Chapter 11: File-System Interface

COS 318: Operating Systems. File Systems. Topics. Evolved Data Center Storage Hierarchy. Traditional Data Center Storage Hierarchy

Advanced Operating Systems

The New World of NFS. Steve Dickson Consulting Software Engineer, Red Hat Tuesday, April 15

Chapter 11: File-System Interface. Operating System Concepts 9 th Edition

Chapter 10: File System. Operating System Concepts 9 th Edition

NFSv4 Open Source Project Update

Lecture 10 File Systems - Interface (chapter 10)

ONTAP 9. SMB/CIFS Reference. December _H0 Updated for ONTAP 9.3

Clustered Data ONTAP NFS Best Practice and Implementation Guide

EI 338: Computer Systems Engineering (Operating Systems & Computer Architecture)

Linux Support of NFS v4.1 and v4.2. Steve Dickson Mar Thu 23, 2017

pnfs & NFSv4.2; a filesystem for grid, virtualization and database David Dale, Director Industry Standards, Netapp Author: Joshua Konkle, DCIG

pnfs support for ONTAP Unstriped file systems (WIP) Pranoop Erasani Connectathon Feb 22, 2010

dcache Ceph Integration

CSE325 Principles of Operating Systems. File Systems. David P. Duggan. March 21, 2013

The Last Bottleneck: How Parallel I/O can attenuate Amdahl's Law

NFS on the Fast track - fine tuning and futures

EMC Celerra CNS with CLARiiON Storage

Storage and File System

The CephFS Gateways Samba and NFS-Ganesha. David Disseldorp Supriti Singh

NFSv4 and rpcsec_gss for linux

The Last Bottleneck: How Parallel I/O can improve application performance

NFS on Steroids: Building Worldwide Distributed File System Gregory Touretsky Intel IT

Research on Implement Snapshot of pnfs Distributed File System

pnfs, parallel storage for grid, virtualization and database computing Joshua Konkle, Chair NFS SIG

NFS Configuration Power Guide

File Locking in NFS. File Locking: Share Reservations

System that permanently stores data Usually layered on top of a lower-level physical storage medium Divided into logical units called files

2 SCANNING, PROBING, AND MAPPING VULNERABILITIES

COSC 6374 Parallel Computation. Parallel I/O (I) I/O basics. Concept of a clusters

File Concept Access Methods Directory and Disk Structure File-System Mounting File Sharing Protection

Distributed Systems. Hajussüsteemid MTAT Distributed File Systems. (slides: adopted from Meelis Roos DS12 course) 1/15

Lecture 19. NFS: Big Picture. File Lookup. File Positioning. Stateful Approach. Version 4. NFS March 4, 2005

CIT 470: Advanced Network and System Administration. Topics. Filesystems and Namespaces. Filesystems

Dell Fluid File System. Version 6.0 Support Matrix

Storage and File Hierarchy

NFS-Ganesha w/gpfs FSAL And Other Use Cases

COS 318: Operating Systems

CS 111. Operating Systems Peter Reiher

Status of the Linux NFS client

Distributed File Systems. Distributed Systems IT332

Metadaten Workshop 26./27. März 2007 Göttingen. Chimera. a new grid enabled name-space service. Martin Radicke. Tigran Mkrtchyan

NFSv4 Enhancements and Best Practices Guide: Data ONTAP Implementation

Kerberos and NFS4 on Linux. isginf Workshop

EI 338: Computer Systems Engineering (Operating Systems & Computer Architecture)

Synopsys VCS Performance Validation with NetApp Clustered Data ONTAP 8.2 and NFSv4.1/pNFS

Distributed File Systems II

ò Server can crash or be disconnected ò Client can crash or be disconnected ò How to coordinate multiple clients accessing same file?

Distributed File Systems. Security: Anonymous access. Peer-to-Peer Security. Server Authenticated Sessions

NFSv4 extensions for performance and interoperability

NFS. Don Porter CSE 506

NFS with Linux: Current and Future Efforts. Chuck Lever, Network Appliance, Inc Steve Dickson, Red Hat Red Hat Summit 2006

Sun Certified System Administrator for the Solaris 10 OS Bootcamp

Reasons to Migrate from NFS v3 to v4/ v4.1. Manisha Saini QE Engineer, Red Hat IRC #msaini

HPC File Systems and Storage. Irena Johnson University of Notre Dame Center for Research Computing

Dell Fluid File System Version 5.0 Support Matrix

Backup Solution Testing on UCS for Small-Medium Range Customers (Disk to Tape Library)

Network File System (NFS)

Chapter 7: File-System

CS370 Operating Systems

State of the Linux Kernel

Distributed File Systems Part II. Distributed File System Implementation

DESY Registry. an approach to implement an authorisation management system for the EPICS environment.

416 Distributed Systems. Distributed File Systems 1: NFS Sep 18, 2018

dcache: challenges and opportunities when growing into new communities Paul Millar on behalf of the dcache team

Network Working Group. Category: Standards Track June 1999

Transcription:

dcache NFSv4.1 Tigran Mkrtchyan Zeuthen, 13.04.12 dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 1

Outline NFSv41 basics NFSv4.1 concepts PNFS Id mapping Industry standard dcache implementation dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 2

Classic NFS BigData never fits into a single server. Big administrative overhead to keep data on multiple servers Single NFS server becomes bottleneck dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 3

NFSv4.1 Provides access to files and directories Stateful Keeps track of OPEN/CLOSE ( LOCK/UNLOCK ) Detects client/server reboot Client controlled reply cache and EOS Aware of multihomed servers Detects retransmits Recovery from network disconnect dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 4

Classic NFS DISK DISK NFS DISK DISK dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 5

DISK DISK NFS DISK DISK dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 6

CPU or network become a bottleneck with growing number of clients DISK DISK NFS DISK DISK dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 7

Parallel NFS NFS DS NFS DS NFS MDS NFS DS NFS DS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 8

Parallel + Striping read(block1-block4) Read block1 DS b1 Read block2 DS b2 NFS Read block3 DS b3 Read block4 DS b4 dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 9

Parallel NFS Single Namespace, distributed data Client talks to Meta Data Server for metadata only Bandwidth and performance grow with number of Data Server nodes File striping ( like raid0 ) Enforces the same security on DS (pools) as on MDS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 10

Security To verify client credentials RPCSEC_GSS is used Krb5 implementation supported by all clients/server Three type of Quality of Protection (QOP): NONE Auth only. Checksum protection of RPC header INTEGRITY Checksum protection of RPC messages PRIVACY full encryption of RPC messages Security flavor used on mount enforced to IO traffic as well dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 11

Security NFS client 'sec=krb5i' NFS server (MDS) NFS server (DS) Client always will use the same security flavor and Quality of Protection for all RPC traffic to MDS and DS. dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 12

ID mapping All principals are utf 8 strings No UID, no GID To resolve conflict NFSDOMAIN used: tigran@desy.de vs. tigran@cern.ch E.g. talk to corresponding mapping service Mapping delegated to client and server Client and server may use different mapping services/sources Windows client and server do not need numeric ID Best with ldap or nis Linux client can use numeric strings 124 => 124 dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 13

idmapping App. euid Chimera NFS client 'owner : tigran' NFS server dcache tigran tigran idmapd gplazma LDAP/NIS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 14

idmapping App. euid Chimera NFS client 'owner : tigran' NFS server dcache tigran tigran idmapd gplazma LDAP/NIS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 15

idmapping App. euid Chimera NFS client 'owner : tigran' NFS server dcache tigran tigran idmapd gplazma LDAP/NIS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 16

idmapping App. euid Chimera NFS client 'owner : tigran' NFS server dcache tigran tigran idmapd gplazma LDAP/NIS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 17

idmapping App. euid Chimera NFS client 'owner : tigran' NFS server dcache tigran tigran idmapd gplazma LDAP/NIS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 18

idmapping App. euid Chimera NFS client 'owner : tigran' NFS server dcache tigran tigran idmapd gplazma LDAP/NIS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 19

idmapping App. euid Chimera NFS client 'owner : tigran' NFS server dcache tigran tigran idmapd gplazma LDAP/NIS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 20

idmapping App. euid Chimera NFS client 'owner : tigran' NFS server dcache tigran tigran idmapd gplazma LDAP/NIS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 21

idmapping App. euid Chimera NFS client 'owner : tigran' NFS server dcache tigran tigran idmapd gplazma LDAP/NIS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 22

idmapping App. euid Chimera NFS client 'owner : tigran' NFS server dcache tigran tigran idmapd gplazma LDAP/NIS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 23

Why so complicated? Your favorite OS may not use numeric id MS Windows uses principals Your numeric ID on client and server may be different My ID on laptop 500, NIS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 24

Existing servers NETAPP (ONTAP 8.1 cluster mode, running at DESY) dcache Production ready 1.9.12 In production since XXX SONAS (IBM), Panasas, EMC, LinuxBox will be ready by 2Q 2013 dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 25

Existing clients Linux 2.6.39 first usable kernel Part of RHEL 6 (SL6), Fedora >= 15, Debianunstable Oracle UEK2 for RHEL5 (sl5) + updates! No AFS and some other kernel modules Windows 7 64 bit Opensource client from CITI VMware ESX (pnfs client in VMware hypervisor) dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 26

dcache implementation dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 27

dcache NFS in one slide JVM JVM JVM Message passing layer Door (MDS) Pool Manager PnfsManager Pools (DSs) Pools Pools DBMS (Data Server) (Data Server) dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 28

Implementation Status No file striping yet Supports RPCGSS_SEC (kerberos5 only) Krb5, krb5i and krb5p Even with Windows AD as KDC Supports IPv6 Can be integrated with NIS and/or local passwd file Implemented as gplazma plugins. dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 29

Still Missing Extended attribute support Will provide native access (setfattr/getfattr) to checksum, AL and RP Only unix permission bits are supported ACL expected by dcache 2.4, set/getfacl works today. No striping Striping on read will come soon. No IO through Meta Data Server (door) A problem if pool crashed/restarted dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 30

Limitations dcache files are immutable No support of byte range locks No support of multiple writers dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 31

ACLs with NFSv4.1 in dcache Will be available in dcache 2.4 (or 2.3) Main focus on predictable semantic Unix mode and ACL coexistence NFSv3, FTP and NFS4 coexistence dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 32

Prerequisites for NFSv4.1 1.Configured gplazma 2.Kerberos5 keytab with nfs principals for NFS door and all pools. 3.Open TCP port 2049 in NFS door 4.Open TCP range 'net.lan.port.min:net.lan.port.max' on pools Default is 33115:33145 (shared with dcap and xrootd) 5.Client with pnfs aware kernel (SL6.2 and FC16 recommended) 6.Configured rpc.idmapd to match NFS DOMAIN with server 7.Kerberos5 keytab with host principal 8.Start dcache, mount on client and access the data. dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 33

Terminology dcache equivalent MDS Meta Data Server dcache NFSv4.1 door DS Data server dcache pool QOP Quality Of Protection dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 34

Typical IO scenario Open Read/write close dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 35

OPEN+READ/WRITE+CLOSE Open Open/Create a file Find appropriate pool Start a mover Read/write READ/WRITE Close Release mover Close the file dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 36

OPEN+READ/WRITE+CLOSE App NFS Door PnfsManager PoolManager Pool OPEN OPEN ID GET STORAGE INFO STORAGE INFO GET POOL SELECT POOL POOL POOL/MOVER ID START MOVER MOVER ID READ/WRITE CLOSE STOP MOVER dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 37

Setup: enable door # layout file # nfs 4.1 section [nfsdoordomain/nfsv41] nfs.domain=desy.de nfsioqueue=nfs # NFS uses direct access to Chimera database chimera.db.name = chimera chimera.db.host = localhost chimera.db.user = chimera chimera.db.password = # dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 38

Setup: tweak rpcbind # /etc/sysconfig/rpcbind # enable insecure mode RPCBIND_ARGS=" i" # dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 39

Setup: start door/pool # layout file [pooldomain/pool] name=pool xxx... poolioqueue=nfs # # use one of the ports from range for movers. # only single port used per pool net.lan.port.min=33115 net.lan.port.max=33145 # dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 40

Setup: tweak pool # layout file [pooldomain/pool] name=pool xxx... poolioqueue=nfs # # use one of the prots from range for movers. # only single port used per pool net.lan.port.min=33115 net.lan.port.max=33145 # dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 41

Setup: gplazma Identity plugin required Nsswitch uses local accounts, based on /etc/nsswitch.conf Uses accounts from gplazma host! Nis uses site NIS server nfs.domain on door MUST match with 'Domain' on client Linux conf at /etc/idmapd.conf dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 42

Setup: gplazma # layout file [gplazmadomain/gplazma] gplazma.nis.server = nisserv6.desy.de gplazma.nis.domain = desy.de # # gplazma.conf identity requisite nis dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 43

Setup: tweak idmap # dcache.conf # maximal number of entries in the cache nfs.idmap.cache.size = 512 # cache entry maximal lifetime nfs.idmap.cache.timeout = 30 # Time unit used for timeout. # SECONDS MINUTES HOURS DAYS) nfs.idmap.cache.timeout.unit = SECONDS dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 44

Setup: read to go dcache start dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 45

Anatomy of NFS package NFSv41 (rfc 5661) RPC (rfc 1831) RPCCES_GSS (rfc 2203) XDR (rfc 1832) dcache NFSv4.1 Tigran Mkrtchyan 4/13/12 Page 46

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback