samba s cloudy future
play

Samba's Cloudy Future Wider World Opening Windows to a Jeremy - PowerPoint PPT Presentation

Oct 03, 2022 •130 likes •317 views

Samba's Cloudy Future Wider World Opening Windows to a Jeremy Allison Samba Team jra@samba.org Isn't cloud storage the future ? Wider World Opening Windows to a Yes, but not usable for many existing apps. Cloud Storage is a blob store

  1. Samba's Cloudy Future Wider World Opening Windows to a Jeremy Allison Samba Team jra@samba.org

  2. Isn't cloud storage the future ? Wider World Opening Windows to a Yes, but not usable for many existing apps.

  3. Cloud Storage is a blob store Wider World Opening Windows to a ● Blob stores don't map very well onto the open/read/write/close random access semantics of most applications. ● Apps are changing to cope with no random access semantics of cloud stores, but this will take time.

  4. Doesn't FUSE solve this ? ● Mostly, for Linux and MacOS X Wider World Opening Windows to a applications. ● No FUSE on Windows clients. – So can't Windows clients access via Samba running on top of a FUSE filesystem ? – No, because FUSE system calls can block for an awfully long time.. – In theory Samba can cope with this by making all syscalls async. – Might we become a FUSE host ?

  5. Enter flexible Samba ● The VFS can save us ! Wider World Opening Windows to a ● Stackable, modular, easily modifiable user-space code. ● Already contains code to cache all reads/writes onto local files. – We just :-) need a way to ensure we sync to the remote cloud on metadata update – File/directory creation/deletion, . ● What should we do with the extra metadata (ACLs etc.) ?

  6. Possible Architecture To client Wider World Opening Windows to a (SMB2) smbd Metadata sync protocol Cloud gateway Cloud daemon VFS To cloud Pluggable (https) Regular cloud VFS provider backend Local file access Into Disk Cache Local disk cache (shared amongst smbds)

  7. What level of coherence can we provide ? Wider World Opening Windows to a ● NOT full Windows semantics. – Latency going to the the cloud would make this unusable. – Only clients going to the same on-premises Samba- Cloud gateway provide Windows semantics. ● Coherence on close/unlink/mkdir/create only. – If a client writes then closes, they are guaranteed to have that version uploaded to cloud storage. – Open files not synced. ● “Good-enough” semantics for many apps.

  8. Under the covers Wider World Opening Windows to a ● Cloud services daemon reads/writes into private namespace hidden from smbd, but on the same physical device. ● On sync use atomic file operations (rename, unlink) to move to/from private namespace into smbd-exported namespace. ● If we have a underlying btrfs copy-on-write filesystem, use file cloning on close to create instant copies that can be synchronized out to cloud storage. – On non COW filesystems, physical copies of files needed.

  9. Operations – Open/Create/Mkdir ● Create operations must sync with cloud daemon. Wider World Opening Windows to a – Requires synchronous call to cloud backend. – On create success local file/directory created. – For files marked TMP, ignore cloud operations ? ● For open existing, open operation must trigger read from cloud. – At least fetching file metadata (size etc.) must be synchronous. – File data access operations (read/write) can then be forced to go async until the data is synchronized from the cloud. – FILE_ATTRIBUTE_OFFLINE can help here.

  10. Operations – Read/Write/Truncate/Unlink/Rename Wider World Opening Windows to a ● Once the on-disk file is known to be in a valid state, reads, writes and truncates can proceed as normal. – No cloud communication needed. ● Unlink and rename need synchronous operation to the cloud, but should be a reasonably quick operation (just round-trip latency).

  11. Operations - Close Wider World Opening Windows to a ● Reference count open files – on last close then expensive synchronous operations need to happen. ● If file modified then make a sync call to the cloud sync daemon to make a copy of this file. – Use COW if available. – Once copy is complete, smbd can reply to the close request. ● Cloud sync daemon then pushes changed file up to the cloud. – Should we add a delay time here ? Only guarantee coherence after 5 minutes ?

  12. The cloud sync daemon ● Using existing Samba technologies talloc, Wider World Opening Windows to a asynchronous tevent, with backing threadpool. – All smbd's will need to talk to it. – Use tdb transactions for crash recovery. ● Create plugable back-ends to allow choice of cloud storage providers. ● Ignore key management/credentials issues. – Just expect credentials file to have been magically placed locally by an administrator. ● Many possible tunables – number of simultaneous connections, bandwidth limits etc.

  13. Error recovery Wider World Opening Windows to a ● Shock, horror. Cloud file operations can fail, right in the middle of uploading via https. – Do we allow client access to continue whilst there is a cloud outage ? – If so, how do we queue operations that occur during cloud outage ? – How much queuing do we allow in order to replay operations later before stopping client access ? ● I don't currently have good answers to these problems.

  14. Privacy: " We have secured ourselves from the NSA, except for the parts that we either don't know about or can't talk about. ” - Bruce Wider World Opening Windows to a Schneier ● Data stored in the cloud unencrypted, or remotely encrypted with keys held by the cloud storage provider can be compromised. ● Local encryption before uploading to the cloud is the only way to reduce this risk. ● Getting this right is hard. Two options I can see: – vfs_encfs – Samba VFS module that emulates encfs fuse module. – Copy to encfs filesystem before uploading to cloud.

  15. Create backends that target the Big Three Cloud Store Vendors Wider World Opening Windows to a

  16. Existing vendors ● There are many existing cloud-gateway companies, Wider World Opening Windows to a some of which are already using Samba for this purpose. ● Are we trying to compete with them ? – No – In doing this I'm trying to raise the bar on what are the “basic” services provided with Samba. – Proprietary cloud-gateways provide more complete service guarantees. ● Are you reinventing the wheel ? – Yes. Loughborough University in the UK has this code already. Unfortunately they're not releasing it back to the community (so far, I've asked).

  17. Questions and Comments ? Wider World Opening Windows to a Email: jra@samba.org Slides available at: ftp://samba.org/pub/samba/slides/sambaxp-2015-cloudy- future.odp

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Samba in the Enterprise : Samba 3.0 and beyond By Jeremy Allison jra@samba.org

Samba in the Enterprise : Samba 3.0 and beyond By Jeremy Allison jra@samba.org

Samba in the Enterprise : Samba 3.0 and beyond By Jeremy Allison jra@samba.org jeremy.allison@hp.com Where we are now : Samba 2.2 The current Samba is a credible replacement for a Windows server providing file and

529 views • 19 slides
Present And Future File Serving With Samba LinuxCon Europe 2014 Michael Adam Samba Team / SerNet

Present And Future File Serving With Samba LinuxCon Europe 2014 Michael Adam Samba Team / SerNet

Present And Future File Serving With Samba LinuxCon Europe 2014 Michael Adam Samba Team / SerNet October 14, 2014 Samba... Michael Adam SambaFS (2/40) Short History 1.9.17: 1996/08 2.0: 1999/01: domain-member, +SWAT 2.2: 2001/04:

553 views • 40 slides
Implementing the Witness protocol in Samba Gnther Deschner <gd@samba.org> (Red Hat /

Implementing the Witness protocol in Samba Gnther Deschner <gd@samba.org> (Red Hat /

Implementing the Witness protocol in Samba Gnther Deschner <gd@samba.org> (Red Hat / Samba Team) About Samba and RedHat Currently 7 Samba Team members inside RedHat Creators and users of Samba technology for authentication

836 views • 45 slides
Functional Encryptions and Cloudy Applications Function on a Cloudy Day Giuseppe Persiano

Functional Encryptions and Cloudy Applications Function on a Cloudy Day Giuseppe Persiano

Functional Encryptions and Cloudy Applications Function on a Cloudy Day Giuseppe Persiano Dipartimento di Informatica Universit` a di Salerno giuper@dia.unisa.it Crypto for 2020 January, 23 2013 Tenerife, Spain Giuseppe Persiano (UNISA)

1.35k views • 95 slides
Samba Witness Protection Programming Samuel Cabrero scabrero@suse.com David Disseldorp

Samba Witness Protection Programming Samuel Cabrero scabrero@suse.com David Disseldorp

Samba Witness Protection Programming Samuel Cabrero scabrero@suse.com David Disseldorp ddiss@samba.org Agenda Clustered Samba Witness Protocol Demo Outlook Clustered Samba Samba File and print server SMB / CIFS, SMB2

428 views • 40 slides
ASL Cloudy RTA L. Strow Cloudy Radiative Transfer for AIRS Overview RTA Codes Comparisons to

ASL Cloudy RTA L. Strow Cloudy Radiative Transfer for AIRS Overview RTA Codes Comparisons to

ASL Cloudy RTA L. Strow Cloudy Radiative Transfer for AIRS Overview RTA Codes Comparisons to CM2 (GFDL) and ECMWF Closure with L2 Clouds ECMWF Comparisons L. Larrabee Strow 1 , Sergio DeSouza-Machado 1 , H. H. Cirrus Aumann 2 , Yi Huang 3

528 views • 36 slides
CS5412: SHEDDING LIGHT ON THE CLOUDY FUTURE Lecture XXV Ken Birman Weve come a long way! 2

CS5412: SHEDDING LIGHT ON THE CLOUDY FUTURE Lecture XXV Ken Birman Weve come a long way! 2

1 CS5412: SHEDDING LIGHT ON THE CLOUDY FUTURE Lecture XXV Ken Birman Weve come a long way! 2 In 12 weeks weve looked at The client side of cloud computing The impact the cloud is having on the Internet Issues associated

476 views • 11 slides
Samba and the road to Python3 Noel Power SUSE/Samba team noel.power@suse.com npower@samba.org

Samba and the road to Python3 Noel Power SUSE/Samba team noel.power@suse.com npower@samba.org

Samba and the road to Python3 Noel Power SUSE/Samba team noel.power@suse.com npower@samba.org Agenda Reasons to move to Python3 What is supported in what release Some history of the porting effort Challenges Lessons learned

815 views • 19 slides
The Important Details Of Windows Authentication Stefan Metzmacher <metze@samba.org> Samba

The Important Details Of Windows Authentication Stefan Metzmacher <metze@samba.org> Samba

The Important Details Of Windows Authentication Stefan Metzmacher <metze@samba.org> Samba Team / SerNet 2017-05-04 https://samba.org/~metze/presentations/2017/SambaXP/ Topics Windows Domains, Forests and Trusts Netlogon Secure

497 views • 34 slides
SMB3 Multi-Channel in Samba ... Now Really! Michael Adam Red Hat / samba.org sambaXP -

SMB3 Multi-Channel in Samba ... Now Really! Michael Adam Red Hat / samba.org sambaXP -

SMB3 Multi-Channel in Samba ... Now Really! Michael Adam Red Hat / samba.org sambaXP - 2016-05-11 Introduction SMB - mini history SMB: created around 1983 by Barry Feigenbaum, IBM SMB in Lan Manager: around 1990 SMB in Windows for

1.29k views • 58 slides
Tools for the Vagabonding Samba Developer sambaXP 2015 Michael Adam Samba Team / Red Hat May

Tools for the Vagabonding Samba Developer sambaXP 2015 Michael Adam Samba Team / Red Hat May

Tools for the Vagabonding Samba Developer sambaXP 2015 Michael Adam Samba Team / Red Hat May 21, 2015 We use a lot of VMs and containers for testing and building Samba. The setup and maintenance of these machines requires a lot of work. How

351 views • 20 slides
Samba's AD DC: Samba 4.2 and Beyond Presented by Andrew Bartlett of Catalyst // 2014-09 About me

Samba's AD DC: Samba 4.2 and Beyond Presented by Andrew Bartlett of Catalyst // 2014-09 About me

Samba's AD DC: Samba 4.2 and Beyond Presented by Andrew Bartlett of Catalyst // 2014-09 About me Andrew Bartlett Samba T eam member since 2001 Working on the AD DC since 2006 These views are my own, but I do with to thank:

856 views • 36 slides
Faking a Failover Over the Top With Samba Clusters Christopher R. Hertel Samba Team May 2017

Faking a Failover Over the Top With Samba Clusters Christopher R. Hertel Samba Team May 2017

Faking a Failover Over the Top With Samba Clusters Christopher R. Hertel Samba Team May 2017 Introductions Introductor a t i o n a r y e s q u e n e s s e si s m Me: Samba Team Elder SMB Wizard with: The opinions expressed are my

874 views • 21 slides
Status report WP1: User needs and possibilities SAMBA - Smarter Assets Management with Big Data

Status report WP1: User needs and possibilities SAMBA - Smarter Assets Management with Big Data

Status report WP1: User needs and possibilities SAMBA - Smarter Assets Management with Big Data Contents Introduction to SAMBA About Work Package 1 (WP1) Main findings Future work Fremtiden er elektrisk The Challenges

494 views • 14 slides
Status of SMB2 and SMB3 development in Samba SDC 2012 Michael Adam obnox@samba.org Samba Team /

Status of SMB2 and SMB3 development in Samba SDC 2012 Michael Adam obnox@samba.org Samba Team /

Status of SMB2 and SMB3 development in Samba SDC 2012 Michael Adam obnox@samba.org Samba Team / SerNet 2012-09-17 Hi there! Oh ... ... please interrupt with questions! Michael Adam SMB2+ in Samba (3 / 20) SMB2 in Samba Only SMB 2.0

1.35k views • 75 slides
Samba and the road to 100,000 users Presented by Andrew Bartlet Samba Team - Catalyst / / SambaXP

Samba and the road to 100,000 users Presented by Andrew Bartlet Samba Team - Catalyst / / SambaXP

Samba and the road to 100,000 users Presented by Andrew Bartlet Samba Team - Catalyst / / SambaXP 2017 Andrew Bartlet Samba developer since 2001 Working on the AD DC since soon afuer the start of the 4.0 branch, since 2004! Driven to

664 views • 44 slides
Downgrade Attacks by Example How Compatibility breaks Security Michael Rodler (@f0rki)

Downgrade Attacks by Example How Compatibility breaks Security Michael Rodler (@f0rki)

Downgrade Attacks by Example How Compatibility breaks Security Michael Rodler (@f0rki) 2012-01-21 Michael Rodler Downgrade Attacks 1 / 39 About me about me @f0rki, http://f0rki.at Student Sichere Informationssysteme Bachelor at

820 views • 51 slides
Interdomain Routing and Games Hagay Levin Michael Schapira Aviv Zohar Abstract We

Interdomain Routing and Games Hagay Levin Michael Schapira Aviv Zohar Abstract We

Interdomain Routing and Games Hagay Levin Michael Schapira Aviv Zohar Abstract We present a game-theoretic model that captures many of the intricacies of interdomain routing in todays Internet. In this model, the strategic agents are

429 views • 17 slides
VISA: Netstations Virtual Internet SCSI Adapter Rodney Van Meter USC/Information Sciences

VISA: Netstations Virtual Internet SCSI Adapter Rodney Van Meter USC/Information Sciences

VISA: Netstations Virtual Internet SCSI Adapter Rodney Van Meter USC/Information Sciences Institute rdv@isi.edu http://www.isi.edu/netstation/ July 15, 1997 1 Talk Outline Netstation STORM & Derived Virtual Devices IP

653 views • 29 slides
Network Redesign at Bates College MTUG 2018 If the network is supposed to be up all of the

Network Redesign at Bates College MTUG 2018 If the network is supposed to be up all of the

Network Redesign at Bates College MTUG 2018 If the network is supposed to be up all of the time, then how do you maintain and upgrade it? Bates College A private, highly selective, residential college devoted to undergraduate study in

903 views • 35 slides
Eric Prebys Fermilab APC Program Director, LARP November 1, 2010 Highlights since last

Eric Prebys Fermilab APC Program Director, LARP November 1, 2010 Highlights since last

Eric Prebys Fermilab APC Program Director, LARP November 1, 2010 Highlights since last meeting DOE Review The high luminosity LHC (HL-LHC) project 2 LARP CM15 Introduction - Prebys November 1, 2010 LHC Performance CM14:

220 views • 21 slides
ADVANCED INTERNET SERVICES (COMS 6181) Henning Schulzrinne Dept. of Computer Science Columbia

ADVANCED INTERNET SERVICES (COMS 6181) Henning Schulzrinne Dept. of Computer Science Columbia

1 2/9/15 AIS ADVANCED INTERNET SERVICES (COMS 6181) Henning Schulzrinne Dept. of Computer Science Columbia University Spring 2015 2 2/9/15 AIS Course overview Review of Internet technology wireline and wireless transmission

671 views • 15 slides
Designing Extensible IP Router Software Mark Handley Department of Computer Science UCL

Designing Extensible IP Router Software Mark Handley Department of Computer Science UCL

Designing Extensible IP Router Software Mark Handley Department of Computer Science UCL Networking research: divorced from reality? Gap between research and practice in routing and forwarding. Most of the important Internet protocols

703 views • 57 slides
NetFlow These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0

NetFlow These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0

Advanced Registry Operations Curriculum NetFlow These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/) as part of the ICANN, ISOC and NSRC

1.04k views • 63 slides

More recommend