OpenAFS Platform Independent Distributed File System Project

From Kathmann Labs

This page also has the following alternate URL: http://tinyurl.com/2y4un8

Contents 1 Introduction 1.1 Goals 1.2 Ancillary Skills To Develop 2 Project Progress 2.1 Done 2.2 To Do 2.2.1 Debian 2.2.2 Fedora Core 2.2.3 Kerberos & AFS 2.2.4 AFS Contribution 3 AFS 3.1 Information Sources 3.2 Lessons From Workshop 3.3 Ideas From Workshop 4 Server Operating Systems 4.1 Fedora Core 5 4.2 Fedora Core 6 4.3 Debian 5 Domain Name Service Interaction and OpenVPN Bypass

[edit] Introduction

I'm Doug Hirsch, a BBLISA acquaintance of our wiki host, Nick Kathmann. I spent a few months, over a decade ago, as an AFS administrator. I've been wanting to try out OpenAFS for a while, and Nick encouraged me to use this wiki as part of the process. I've got a few computers set aside. I've got lots to read to reacquaint myself with the system. I've got tons to learn. So, here we go...

[edit] Goals

• Get familiar with installation, set up and maintenance of an AFS cell
• Make my own cell for archiving and distributing my data
• Set up a cell for my department at work
• Create a storage cooperative among my friends
• Create or contribute to a book about AFS

[edit] Ancillary Skills To Develop

• Configuration and use of Parallels virtual machines (future replacement: Xen)
• Installation and maintenance of host operating systems
• Installation and maintenance of Kerberos 5
• SSH configuration for pre-AFS installation access to remote servers
• Firewall configuration to enable SSH, Kerberos and AFS ports
• OpenVPN for AFS server distribution across NATs

[edit] Project Progress

[edit] Done

• Installed AFS client on my PPC Mac
• Attended AFS/Kerberos Best Practices Workshop
• Introduced myself to AFS gatekeepers and fellow AFS keepers
• Got an Intel Mac to serve as test cell laboratory using Parallels virtual machines
• Installed Parallels
• Installed FC6 in vm Moe

[edit] To Do

[edit] Debian

• Install Debian Linux in a VM for initial test cell
• Try to find Kerberos and AFS packages for Debian
• Cajole Russ to provide further directions

[edit] Fedora Core

• Learn how to handle RPMs
• Learn how to select RPMs for Kerberos and AFS for this architecture
• Download and install them

[edit] Kerberos & AFS

• Configure Kerberos on a server
• Configure AFS on a server using established Kerberos

[edit] AFS Contribution

• Draft book outline
• Send draft to Alf to wake him up
• Introduce myself to wiki-master of AFS Lore wiki
• Start tracking details of this work there
• Index presentations from AFS workshops
• Work on man pages, supervised by Russ

[edit] AFS

[edit] Information Sources

• The OpenAFS web site and also the mailing lists there
• The AFSLore twiki
• AFS & Kerberos Best Practices Workshop, 7-11 May 2007 at Stanford
• Numerous helpful articles on Wikipedia
• Helpful articles at the CMU Software Engineering Institute

[edit] Lessons From Workshop

• Do not use KAserver; use Kerberos 5 instead
• Mailing lists are the best way to get OpenAFS help: see The OpenAFS mailing lists
• If installed base does not determine operating system, choose based upon favorite AFS support person

[edit] Ideas From Workshop

• Use built-in Kerberos 5 on Mac OS X (thanks Jeffrey)
• AFS test cell on Mac running Parallels (thanks Troy)
• Use multiple cells (thanks Mike)
• "Cell in a box" using personal disk servers (thanks Troy)
• Use Open VPN to cross NATs (thanks Andrew)
• Support cell with network management server / DDNS manager
• Get AFS keepers Alf and friends to write the modern AFS book; contribute introductory material

<a name="serverOS">

[edit] Server Operating Systems

• Fedora Core 5: ubiquitous, but past end of product life
• Fedora Core 6: current FC release, should work for OpenAFS, less mature product
• Debian: favorite of Gatekeeper Russ
• Mac OS X: Jeffrey says the Kerberos just works right out of the box; I can't simulate it on Parallels
• FreeBSD: simpler packaging, with alleged AFS bugs

[edit] Fedora Core 5

• Why? Already installed on department server
• Why not? Past end of product life

[edit] Fedora Core 6

• Current version, now supported by OpenAFS
• Issue: need to learn to install RPMs
• Issue: need to pick pertinent RPMs

[edit] Debian

• Not listed as supported OpenAFS platform
• Favorite of OpenAFS gatekeeper Russ, who promised installation guidance

<a name="dns">

[edit] Domain Name Service Interaction and OpenVPN Bypass

• Goal: provide resilient routes across dynamic IP links to AFS servers behind home routers
• Strategy: use Open VPN between server locations

--Doug link title