[Infrastructures] AFS in an infrastructure

Steve Traugott stevegt@TerraLuna.Org
Tue, 15 Mar 2005 11:46:59 -0800 

--8NvZYKFJsRX2Djef
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Mar 14, 2005 at 10:36:15AM -0600, Sean Kelly wrote:
> Now I'm trying to vision how all the pieces mentioned on
> Infrastructures.Org fit into an AFS world.
>=20
> * Version Control could be done over AFS. You could store the
>   CVS (or Subversion fsfs) repository on AFS.
> * Host install images could be stored on AFS and thus be made available t=
hrough=20
>   many different machines running BOOTP/DHCP/whatever.
> * Directory Services could be done using LDAP or Hesiod, depending on whi=
ch=20
>   route you went down.
> * Authentication would be done through Kerberos.
> * Network File Servers are AFS file servers
> * File Replication Servers are just copying things off AFS
> * Client File Access is AFS
> * Client O/S Update could be done with tools pulling patches off AFS
> ...
>=20
> Am I going overboard with the AFS thing here? Where does the "Gold Server"
> fit in when you have AFS and can just store everything in a
> replicated/backed up distributed common namespace?

You're not going overboard -- the work that we were doing in the early
90's that led eventually to the "bootstrapping" paper and
Infrastructures.Org would have taken a very different tack if OpenAFS
had been available back then.  As it was, we evaluated AFS and found it
lacking in terms of popularity, manageability, compatibility, and just
didn't get a warm fuzzy feeling from it.  And it was expensive.  And
then there was the 2G filesize limit... =20

Since the gold server is just a passive thing that serves files via
CVS/SVN, rsync/SUP, and NFS, a lot of that can be replaced.  The trick
is avoiding the circular dependencies so you can manage the AFS servers
themselves, and getting the client authenticated to Kerberos in early
boot so you can do pulls at that time.

The main reason we need to write ISFS is because we still can't count on
AFS being in very many infrastructures, and to prevent circular
dependencies for those shops that do have AFS servers and want to use
ISconf4 to manage them.

Steve
--=20
Stephen G. Traugott  (KG6HDQ)
UNIX/Linux Infrastructure Architect, TerraLuna LLC
stevegt@TerraLuna.Org=20
http://www.stevegt.com -- http://Infrastructures.Org

--8NvZYKFJsRX2Djef
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCNzuz8rKIxO1Fc9MRAjBLAJ960VN90WRQvm5hWUsJtNt3NLx3TACfUH2T
gDdKFrylt4z2d1TCnPOC7Mo=
=G0x2
-----END PGP SIGNATURE-----

--8NvZYKFJsRX2Djef--