dcache nfsv4 1
play

dCache NFSv4.1 Tigran Mkrtchyan Zeuthen, 13.04.12 dCache NFSv4.1 | - PowerPoint PPT Presentation

Nov 21, 2022 •665 likes •1.14k views

dCache NFSv4.1 Tigran Mkrtchyan Zeuthen, 13.04.12 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 1 Outline NFSv41 basics NFSv4.1 concepts PNFS Id mapping Industry standard dCache implementation dCache NFSv4.1 |

  1. dCache NFSv4.1 Tigran Mkrtchyan Zeuthen, 13.04.12 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 1

  2. Outline ● NFSv41 basics ● NFSv4.1 concepts ● PNFS ● Id mapping ● Industry standard ● dCache implementation dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 2

  3. Classic NFS ● BigData never fits into a single server. ● Big administrative overhead to keep data on multiple servers ● Single NFS server becomes bottleneck dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 3

  4. NFSv4.1 ● Provides access to files and directories ● Stateful ● Keeps track of OPEN/CLOSE ( LOCK/UNLOCK ) ● Detects client/server reboot ● Client controlled reply cache and EOS ● Aware of multihomed servers ● Detects retransmits ● Recovery from network disconnect dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 4

  5. Classic NFS DISK DISK NFS DISK DISK dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 5

  6. DISK DISK NFS DISK DISK dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 6

  7. DISK CPU or network become a bottleneck with growing number of clients DISK NFS DISK DISK dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 7

  8. Parallel NFS NFS DS NFS DS NFS MDS NFS DS NFS DS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 8

  9. Parallel + Striping read(block1-block4) Read block1 DS b1 Read block2 DS b2 NFS Read block3 DS b3 Read block4 DS b4 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 9

  10. Parallel NFS ● Single Namespace, distributed data ● Client talks to Meta Data Server for metadata only ● Bandwidth and performance grow with number of Data Server nodes ● File striping ( like raid0 ) ● Enforces the same security on DS (pools) as on MDS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 10

  11. Security ● To verify client credentials RPCSEC_GSS is used ● Krb5 implementation supported by all clients/server ● Three type of Quality of Protection (QOP): ● NONE – Auth only. Checksum protection of RPC header ● INTEGRITY – Checksum protection of RPC messages ● PRIVACY – full encryption of RPC messages ● Security flavor used on mount enforced to IO traffic as well dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 11

  12. Security 'sec=krb5i' NFS server NFS client (MDS) NFS server (DS) Client always will use the same security flavor and Quality of Protection for all RPC traffic to MDS and DS. dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 12

  13. ID mapping ● All principals are utf-8 strings ● No UID, no GID ● To resolve conflict NFSDOMAIN used: ● “tigran@desy.de” vs. “tigran@cern.ch” ● E.g. talk to corresponding mapping service ● Mapping delegated to client and server ● Client and server may use different mapping services/sources ● Windows client and server do not need numeric ID ● Best with ldap or nis ● Linux client can use numeric strings ● “124” => 124 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 13

  14. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 14

  15. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 15

  16. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 16

  17. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 17

  18. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 18

  19. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 19

  20. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 20

  21. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 21

  22. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 22

  23. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 23

  24. Why so complicated? ● Your favorite OS may not use numeric id ● MS Windows uses principals ● Your numeric ID on client and server may be different ● My ID on laptop 500 , NIS 3750 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 24

  25. Existing servers ● NETAPP (ONTAP 8.1 cluster mode, running at DESY) ● dCache ● Production ready 1.9.12 ● In production since XXX ● SONAS (IBM), Panasas, EMC, LinuxBox will be ready by 2Q 2013 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 25

  26. Existing clients ● Linux ● 2.6.39 first usable kernel ● Part of RHEL 6 (SL6), Fedora >= 15, Debian- unstable ● Oracle UEK2 for RHEL5 (sl5) + updates! ● No AFS and some other kernel modules ● Windows 7 64 bit ● Opensource client from CITI ● VMware ESX (pNFS client in VMware hypervisor) dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 26

  27. dCache implementation dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 27

  28. dCache NFS in one slide JVM JVM JVM Message passing layer Door Pools Pool Manager PnfsManager (MDS) Pools (DSs) Pools (Data Server) (Data Server) DBMS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 28

  29. Implementation Status ● No file striping yet ● Supports RPCGSS_SEC (kerberos5 only) ● Krb5, krb5i and krb5p ● Even with Windows AD as KDC ● Supports IPv6 ● Can be integrated with NIS and/or local passwd file ● Implemented as gPlazma plugins. dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 29

  30. Still Missing ● Extended attribute support ● Will provide native access (setfattr/getfattr) to checksum, AL and RP ● Only unix permission bits are supported ● ACL expected by dcache-2.4, set/getfacl works today. ● No striping ● “Striping on read” will come soon. ● No IO through Meta Data Server (door) ● A problem if pool crashed/restarted dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 30

  31. Limitations ● dCache files are immutable ● No support of byte range locks ● No support of multiple writers dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 31

  32. ACLs with NFSv4.1 in dCache ● Will be available in dcache 2.4 (or 2.3) ● Main focus on predictable semantic ● Unix mode and ACL coexistence ● NFSv3, FTP and NFS4 coexistence dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 32

  33. Prerequisites for NFSv4.1 1.Configured gPlazma 2.Kerberos5 keytab with nfs principals for NFS door and all pools. 3.Open TCP port 2049 in NFS door 4.Open TCP range 'net.lan.port.min:net.lan.port.max' on pools ● Default is 33115:33145 (shared with dcap and xrootd) 5.Client with pNFS aware kernel (SL6.2 and FC16 recommended) 6.Configured rpc.idmapd to match NFS DOMAIN with server 7.Kerberos5 keytab with host principal 8.Start dCache, mount on client and access the data. dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 33

  34. Terminology dCache equivalent MDS Meta Data Server dCache NFSv4.1 door DS Data server dCache pool QOP Quality Of Protection dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 34

  35. Typical IO scenario ● Open ● Read/write ● close dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 35

  36. OPEN+READ/WRITE+CLOSE ● Open ● Open/Create a file ● Find appropriate pool ● Start a mover ● Read/write ● READ/WRITE ● Close ● Release mover ● Close the file dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 36

  37. OPEN+READ/WRITE+CLOSE App NFS Door PnfsManager PoolManager Pool OPEN GET STORAGE INFO STORAGE INFO OPEN ID GET POOL SELECT POOL POOL START MOVER MOVER ID POOL/MOVER ID READ/WRITE CLOSE STOP MOVER dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 37

  38. Setup: enable door # layout file # nfs-4.1 section [nfsdoorDomain/nfsv41] nfs.domain=desy.de nfsIoQueue=nfs # NFS uses direct access to Chimera database chimera.db.name = chimera chimera.db.host = localhost chimera.db.user = chimera chimera.db.password = # dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 38

  39. Setup: tweak rpcbind # /etc/sysconfig/rpcbind # enable insecure mode RPCBIND_ARGS="-i" # dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 39

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

NFSv4.1, ACL and Co. Tigran Mkrtchyan For dCache Team ACL basics (for file system) ACLs is a

NFSv4.1, ACL and Co. Tigran Mkrtchyan For dCache Team ACL basics (for file system) ACLs is a

NFSv4.1, ACL and Co. Tigran Mkrtchyan For dCache Team ACL basics (for file system) ACLs is a list of Access Control Entries attached to a file or a directory ACEs grant or deny a principal an action on a file or a directory ACL basics

379 views • 34 slides
dCache dCache seminar at FERMIlab dCache.ORG Patrick Fuhrmann et al. dCache.ORG and slides

dCache dCache seminar at FERMIlab dCache.ORG Patrick Fuhrmann et al. dCache.ORG and slides

dCache dCache seminar at FERMIlab dCache.ORG Patrick Fuhrmann et al. dCache.ORG and slides stolen from nearly everywhere additional funding, support or contributions by d-grid DGI II P. Fuhrmann Sep 26, 2008 dCache seminar, FERMIlab

375 views • 34 slides
dCache Beginners Course Introducing dCache An overview to dCache and how it is deployed in grid

dCache Beginners Course Introducing dCache An overview to dCache and how it is deployed in grid

dCache Beginners Course Introducing dCache An overview to dCache and how it is deployed in grid environments. Karlsruhe Institute of Technology (KIT), Steinbuchcentre for Computing (SCC) KIT University of the State of Baden-Wuerttemberg and

297 views • 12 slides
dCache in Use at DESY dCache in Use DESY DV/IT 5.7.2010 Overview grid gridFTP, (gsi)dcap,

dCache in Use at DESY dCache in Use DESY DV/IT 5.7.2010 Overview grid gridFTP, (gsi)dcap,

Andreas Haupt, Birgit Lewendel dCache in Use at DESY dCache in Use DESY DV/IT 5.7.2010 Overview grid gridFTP, (gsi)dcap, SRM dcache-se-desy dcache-se-cms dcache-se-atlas lcg-se1 lcg-se0 Calice, CFEL, GKSS, ILC, Olympus, Petra3,

417 views • 7 slides
NFSv4 Beyond v4.2 Part 2 of Road Map of the features in NFS v4.1, v4.2, and beyond Dave Noveck

NFSv4 Beyond v4.2 Part 2 of Road Map of the features in NFS v4.1, v4.2, and beyond Dave Noveck

NFSv4 Beyond v4.2 Part 2 of Road Map of the features in NFS v4.1, v4.2, and beyond Dave Noveck Netapp Vault Conference March 2017 Contents A tiny bit about the NFSv4 Working group and the IETF process NFSv4 beyond v4.2 as approved

750 views • 16 slides
dCache for Photon Science Outline: Overview and Resources Photon dCache Monitoring Birgit

dCache for Photon Science Outline: Overview and Resources Photon dCache Monitoring Birgit

dCache for Photon Science Outline: Overview and Resources Photon dCache Monitoring Birgit Lewendel for the dCache operations team Summary DESY IT 6th dCache Workshop dCache at DESY DESY National Analysis Facility Zeuthen 0.7 PB CTA

100 views • 7 slides
Whats new since 2016 Tigran Mkrtchyan for dCache Team dCache User Workshop, Ume, Sweden

Whats new since 2016 Tigran Mkrtchyan for dCache Team dCache User Workshop, Ume, Sweden

Whats new since 2016 Tigran Mkrtchyan for dCache Team dCache User Workshop, Ume, Sweden What will be NOT covered with talks Changes in REST API New functionality in dCache-view CEPH HA-dCache Macaroons and OpenID-connect

267 views • 25 slides
NFSv4.1/pNFS Ready for Prime Time Deployment February 15, 2012 FAST 2012 San Jose NFSv4.1

NFSv4.1/pNFS Ready for Prime Time Deployment February 15, 2012 FAST 2012 San Jose NFSv4.1

NFSv4.1/pNFS Ready for Prime Time Deployment February 15, 2012 FAST 2012 San Jose NFSv4.1 pNFS product community Value of NFSv4.1 / pNFS Industry Standard Secure Performance and Scale Throughput Increased Storage Capacity

368 views • 24 slides
dCache - delegated storage solutions Tigran Mkrtchyan for dCache Team ISGC 2016, Taiwan dCache

dCache - delegated storage solutions Tigran Mkrtchyan for dCache Team ISGC 2016, Taiwan dCache

dCache - delegated storage solutions Tigran Mkrtchyan for dCache Team ISGC 2016, Taiwan dCache on one slide JVM JVM JVM Message passing layer Door(s) Pool Manager Name Space Pools (clients entry point) Door Pools (requests scheduler)

254 views • 21 slides
CMS Subgroups in dCache 2.2 CMS T3 requirements for dCache We manage a CMS T3 cluster financed

CMS Subgroups in dCache 2.2 CMS T3 requirements for dCache We manage a CMS T3 cluster financed

CMS Subgroups in dCache 2.2 CMS T3 requirements for dCache We manage a CMS T3 cluster financed by 3 Swiss Institutes: PSI , UniZ , ETHZ ; during 2013 we will run 700TB net based on 2*NetApp E5400 + 4*Sun X4500 + 5*Sun X4540 ; Our user

210 views • 10 slides
Effjcient Message Serialization for Inter-Service Communication in dCache Evaluating a Replacement

Effjcient Message Serialization for Inter-Service Communication in dCache Evaluating a Replacement

Effjcient Message Serialization for Inter-Service Communication in dCache Evaluating a Replacement for Java Serialization in dCache Lea Morschel for dCache Team, November 7 2019 About dCache A distributed petabyte-scale storage system for

713 views • 42 slides
dCache: Powerful Storage Made Easy Paul l Milla illar (on behalf of the dCache.org team)

dCache: Powerful Storage Made Easy Paul l Milla illar (on behalf of the dCache.org team)

dCache: Powerful Storage Made Easy Paul l Milla illar (on behalf of the dCache.org team) dCache dCache is powerful storage system, providing what people need, now. We're also pushing the envelope of what storage systems can do.

1.04k views • 25 slides
dCache dCache in the in the NDGF Distributed Tier 1 NDGF Distributed Tier 1 Gerd Behrmann

dCache dCache in the in the NDGF Distributed Tier 1 NDGF Distributed Tier 1 Gerd Behrmann

dCache dCache in the in the NDGF Distributed Tier 1 NDGF Distributed Tier 1 Gerd Behrmann Second dCache Workshop Hamburg, 18 th of January 2007 NORDUnet A/S NORDUnet A/S The Nordic Regional Research and Educational Network (RREN)

520 views • 18 slides
IETF-64 2005-11-08 Mike Eisler email2mre-ietf@yahoo.com draft-eisler-nfsv4-impid-00.txt

IETF-64 2005-11-08 Mike Eisler email2mre-ietf@yahoo.com draft-eisler-nfsv4-impid-00.txt

draft-eisler-nfsv4-impid-00.txt draft-adamson-nfsv4-spkm3-00.txt IETF-64 2005-11-08 Mike Eisler email2mre-ietf@yahoo.com draft-eisler-nfsv4-impid-00.txt Problem: NFSv4.0 has no method for allowing clients and servers to provide to each

487 views • 7 slides
dCache, selected topics (LCG MB) Patrick Fuhrmann dCache.ORG additional funding, support or

dCache, selected topics (LCG MB) Patrick Fuhrmann dCache.ORG additional funding, support or

dCache.ORG dCache, selected topics (LCG MB) Patrick Fuhrmann dCache.ORG additional funding, support or contributions by d-grid DGI II Phone Meeting 4.8.2009 LCG MB Patrick Fuhrmann Content Chimera and the Pnfs to Chimera Migration

176 views • 15 slides
Integra(on of Billing (Accoun(ng) Plots ( dCache 2.1+) Albert L.

Integra(on of Billing (Accoun(ng) Plots ( dCache 2.1+) Albert L.

Integra(on of Billing (Accoun(ng) Plots ( dCache 2.1+) Albert L. Rossi Fermi Na(onal Accelerator Laboratory Accoun(ng ( dCache Book , Chpt. 24) For dCache

401 views • 10 slides
1 Interplay between routing and forwarding routing algorithm local forwarding table header

1 Interplay between routing and forwarding routing algorithm local forwarding table header

Transport layer: Summary Application principles behind transport layer services: multiplexing/demultiplexing UDP TCP reliable data transfer flow control IP congestion control instantiation and implementation in the

440 views • 17 slides
Roadmap for Section A.2 General Concepts - Berkeley Sockets Creating a socket Binding an address

Roadmap for Section A.2 General Concepts - Berkeley Sockets Creating a socket Binding an address

Unit OS A: Windows Networking A.2. Windows Sockets Programming Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section A.2 General Concepts - Berkeley Sockets Creating a socket

140 views • 12 slides
Mobility Activity in WIDE Keio University/WIDE Ryuji Wakikawa ryuji@sfc.wide.ad.jp Goal of

Mobility Activity in WIDE Keio University/WIDE Ryuji Wakikawa ryuji@sfc.wide.ad.jp Goal of

Mobility Activity in WIDE Keio University/WIDE Ryuji Wakikawa ryuji@sfc.wide.ad.jp Goal of Mobility Society IPv6 AAA IP dynamic network: MANET Internet Technology IP Telephony: VoIP, SIP, ENUM IP Mobility: MIP, NEMO Cell Phone: W-CDMA,

328 views • 17 slides
Improving Network Mobility with Multipath-TCP Richard Withnell Introduction Network

Improving Network Mobility with Multipath-TCP Richard Withnell Introduction Network

Improving Network Mobility with Multipath-TCP Richard Withnell Introduction Network Mobility Resource Pooling The Future Introduction Satellite WiFi LTE 3G Bluetooth Introduction Introduction Internet MIP / NEMO

694 views • 22 slides
Metro-Based Addressing a proposed addressing scheme for the IPv6 Internet Steve Deering Xerox

Metro-Based Addressing a proposed addressing scheme for the IPv6 Internet Steve Deering Xerox

Metro-Based Addressing a proposed addressing scheme for the IPv6 Internet Steve Deering Xerox Palo Alto Research Center deering@parc.xerox.com http://sandbox.xerox.com/deering July 1995 1 Design Goals scalable routing no more than a

310 views • 16 slides
Exploring Alternative Routes Using Multipath TCP Stephen Brennan Case Western Reserve University

Exploring Alternative Routes Using Multipath TCP Stephen Brennan Case Western Reserve University

Exploring Alternative Routes Using Multipath TCP 1/51 Exploring Alternative Routes Using Multipath TCP Stephen Brennan Case Western Reserve University June 5, 2017 Exploring Alternative Routes Using Multipath TCP 2/51 Introduction Overview

889 views • 66 slides
Todays Topic This lecture is about control plane of Service(s) & Internet routers

Todays Topic This lecture is about control plane of Service(s) & Internet routers

Lic.(Tech.) Marko Luoma (1/23) Lic.(Tech.) Marko Luoma (2/23) Todays Topic This lecture is about control plane of Service(s) & Internet routers and especially Customers Service Level Agreement S38.180 Palvelunlaatu

238 views • 6 slides
L3 Driven Fast Handover Using L2 Triggers in Mobile Internet Fumio Teraoka Department of

L3 Driven Fast Handover Using L2 Triggers in Mobile Internet Fumio Teraoka Department of

L3 Driven Fast Handover Using L2 Triggers in Mobile Internet Fumio Teraoka Department of Information and Computer Science, Keio University tera@ics.keio.ac.jp EU Cluster Day 3 June 2004 Research Activities in Teraoka Lab. Internet &

216 views • 21 slides

More recommend