FedFsNfsRefGuide0.8

From Linux NFS

(Difference between revisions)
Jump to: navigation, search
(FedFS junctions)
 
(9 intermediate revisions not shown)
Line 13: Line 13:
== Introduction ==
== Introduction ==
-
A ''[[FedFsGlossary#FedFS_Domain|FedFS domain]]'' is a file namespace composed of individual shared filesystems that are joined together by ''[[FedFsGlossary#Junction|junctions]]''A junction is a physical object stored on a fileserver that triggers a ''[[FedFsGlossary#Referral|referral]]'' when a file-access client attempts to access it.  A referral contains information that a client uses to find and mount the referred-to fileserver.
+
A [[FedFsGlossary#FedFS_Domain|FedFS domain]] is a file namespace composed of individual shared filesystems that are joined together by [[FedFsGlossary#Junction|junctions]].  When a file-access client attempts to access a junction, the fileserver converts the junction's contents to a [[FedFsGlossary#Referral|referral]] that refers the client to the correct [[FedFsGlossary#Location|location]].
This article describes how to create and manage junctions on Linux NFS servers.
This article describes how to create and manage junctions on Linux NFS servers.
-
 
-
== Installing or Building fedfs-utils ==
 
-
 
-
On Fedora 18, the nfsref command is installed with:
 
-
 
-
# yum install fedfs-utils-server
 
-
 
-
If your distribution does not provide a fedfs-utils package, you need to build fedfs-utils-0.8 yourself:
 
-
 
-
* [[FedFsUtilsBuild0.8#Build_from_scratch|Installing or Building fedfs-utils-0.8]]
 
-
 
-
=== Additional info ===
 
-
 
-
Instead of installing the whole package, you may choose to install just the nfsref command:
 
-
 
-
# cd fedfs-utils-0.8/src/nfsref ; make install
 
== The nfsref command ==
== The nfsref command ==
-
On Linux, the nfsref command creates and removes junctions recognized by the NFS server.  The arguments are the local pathname of the junction, and a list of NFS server and export pathname pairs.  We call these pairs "fileset locations," or simply "locations" for short.
+
On Linux, the nfsref command creates and removes junctions.  The arguments are the ''pathname'' of the junction, and the junction's ''target''.  The target is a list of locations where clients can find the fileset's data.
=== Adding a junction ===
=== Adding a junction ===
Line 51: Line 35:
=== Viewing a junction's locations ===
=== Viewing a junction's locations ===
-
On the server, it's easy to see what locations are contained in /export/junction:
+
On the server, it's easy to see the target of /export/junction:
  # nfsref lookup /export/junction
  # nfsref lookup /export/junction
Line 65: Line 49:
== Junctions in a domain root directory ==
== Junctions in a domain root directory ==
-
A FedFS domain's top-level directory is known as its domain root directory.  This directory typically contains nothing but junctions that point to other exports that contain more interesting data.
+
A FedFS domain's top-level directory is known as its [[FedFsGlossary#Domain_Root_Directory|domain root directory]].  This directory typically contains nothing but junctions that point to other exports that contain more interesting data.
-
Let's assume you've already set up a domain root export and domain root directory, say for the example.net domain.  On the domain root fileserver, cd into the domain root directory, and create some junctions.
+
Let's assume you've already set up a domain root export and domain root directory, say for the example.net domain.  See [[FedFsNfsDomainRoot0.8|Setting up a FedFS domain root server]] for details.
 +
 
 +
On the domain root fileserver, cd into the domain root directory, and create some junctions.
  # cd /.domainroot-example.net
  # cd /.domainroot-example.net
Line 88: Line 74:
== FedFS junctions ==
== FedFS junctions ==
-
In the above examples, we created "NFS basic" junctions.  That simply means that locations are stored right in the junction itself on the fileserver.  This is the default type of junction created by the nfsref command.
+
In the above examples, we created "NFS basic" junctions.  That simply means that the target is stored in the junction itself on the fileserver.  This is the default type of junction created by the nfsref command.
-
However, the nfsref command can also create "FedFS" junctions.  In this type of junction, locations are stored remotely on an LDAP server.  This becomes interesting when junctions on several fileservers refer to the same location.
+
However, the nfsref command can also create "FedFS" junctions.  In this type of junction, target information is stored remotely on an LDAP server.  This becomes interesting when junctions on several fileservers refer to the same target.
-
In other words, suppose you have four fileservers: A, B, C, and D.  Suppose further that D has an interesting export called /x/y/z.  You'd like to create junctions on A, B, and C that refer to D:/x/y/z.  If you store that location information on a remote LDAP server, then you can change the location these junctions refer to simply by updating the location information on that LDAP server.  In fact, you don't even need to know how many junctions on which fileservers use that location information: they will all be updated automatically when you update the location on the LDAP server.
+
In other words, suppose you have four fileservers: A, B, C, and D.  Suppose further that D has an interesting export called /x/y/z.  You'd like to create junctions on A, B, and C that target D:/x/y/z.  If you store that target information on a remote LDAP server, then you can update the target information simply by updating the information on that LDAP server.  In fact, you don't even need to know how many junctions on which fileservers use that target information: they will all be updated automatically when you update the information on the LDAP server.
-
A FedFS junction simply refers the fileserver to an entry on the LDAP server which contains the relevant location information for that junction.  In the next section, we'll describe how to manage FedFS junctions using the nfsref command.
+
A FedFS junction simply refers the fileserver to an entry on the LDAP server which contains the relevant target information for that junction.  In the next section, we'll describe how to manage FedFS junctions using the nfsref command.
In order to enable automatic resolution of a FedFS junction (that is, to allow fileservers to find the LDAP server with the right location information), some set up is needed first.
In order to enable automatic resolution of a FedFS junction (that is, to allow fileservers to find the LDAP server with the right location information), some set up is needed first.
Line 100: Line 86:
=== Set up an LDAP server and turn it into an NSDB ===
=== Set up an LDAP server and turn it into an NSDB ===
-
Find instructions and recipes on how to do this elsewhere in the Installation Guide.
+
See the following articles describing how to install and configure an NSDB:
-
=== Installing or Building the nsdbparams command ===
+
* [[FedFsOpenLdapServer0.8|Setting up an OpenLDAP server for use as an NSDB]]
-
 
+
* [[FedFs389DsServer0.8|Setting up a 389-ds server for use as an NSDB]]
-
Before proceeding, make sure you have the nsdbparams command installed on your fileserver.  On Fedora 18, the nfsref command is installed with:
+
-
 
+
-
# yum install fedfs-utils-nsdbparams
+
-
 
+
-
If your distribution does not provide a fedfs-utils package, you need to build fedfs-utils-0.8 yourself:
+
-
 
+
-
* [[FedFsUtilsBuild0.8#Build_from_scratch|Installing or Building fedfs-utils-0.8]]
+
-
 
+
-
==== Additional info ====
+
-
 
+
-
Instead of installing the whole package, you may choose to install just the nfsref command:
+
-
 
+
-
# cd fedfs-utils-0.8/src/nsdbparams ; make install
+
=== Use the nsdbparams command to tell the fileserver how to contact the NSDB ===
=== Use the nsdbparams command to tell the fileserver how to contact the NSDB ===
Line 127: Line 100:
If nsdb.example.net requires TLS, you can use the nsdbparams command to add a certificate that the fileserver will use every time it needs to contact the NSDB.  You will need to do this for all NSDBs the fileserver is allowed to contact, including NSDBs not in your FedFS domain.
If nsdb.example.net requires TLS, you can use the nsdbparams command to add a certificate that the fileserver will use every time it needs to contact the NSDB.  You will need to do this for all NSDBs the fileserver is allowed to contact, including NSDBs not in your FedFS domain.
 +
 +
For more information on the nsdbparams command, see [[FedFsInstallNsdbConnParams0.8|Setting up NSDB connection parameters]].
=== Set up environment variables ===
=== Set up environment variables ===
Line 147: Line 122:
When a user on an NFSv4 client cd's into /nfs4/example.net/sales, it contacts the domain root NFS server for example.net.  The domain root NFS server automatically finds the location sales.example.net:/ by contacting the NSDB nsdb.example.net and querying it for the location of that fileset.  The server provides that location to the NFSv4 client, which automatically mounts sales.example.net:/ and allows the user to cd into the freshly mounted directory.
When a user on an NFSv4 client cd's into /nfs4/example.net/sales, it contacts the domain root NFS server for example.net.  The domain root NFS server automatically finds the location sales.example.net:/ by contacting the NSDB nsdb.example.net and querying it for the location of that fileset.  The server provides that location to the NFSv4 client, which automatically mounts sales.example.net:/ and allows the user to cd into the freshly mounted directory.
-
In theory, FedFS junctions can share the same location information.  However, the nfsref command always creates a unique set of entries on an NSDB for each junction.  It does not allow location sharing.  In the future, new administrative interfaces will be developed that can share location information between junctions.
+
In theory, FedFS junctions can share the same target information.  However, the nfsref command always creates a unique set of entries on an NSDB for each junction.  It does not allow sharing the information.  In the future, new administrative interfaces will be developed that can share target information between junctions.

Latest revision as of 16:52, 27 November 2012

Contents

Project: fedfs-utils

[ Project Home | News | Downloads | Docs | Mailing Lists | Source Control | Issues ]


Introduction

A FedFS domain is a file namespace composed of individual shared filesystems that are joined together by junctions. When a file-access client attempts to access a junction, the fileserver converts the junction's contents to a referral that refers the client to the correct location.

This article describes how to create and manage junctions on Linux NFS servers.

The nfsref command

On Linux, the nfsref command creates and removes junctions. The arguments are the pathname of the junction, and the junction's target. The target is a list of locations where clients can find the fileset's data.

Adding a junction

Suppose you'd like to create a junction called "junction" in a fileserver's /export directory that refers clients to the export /foo/bar on the NFS server server.example.net. The nfsref command to do this looks like this:

# nfsref add /export/junction server.example.net /foo/bar

Now, when an NFS client mounts /export and tries to "cd" into /export/junction, it will mount server.example.net:/foo/bar and cd into it.

You can list more than one location when creating a junction. Clients will each choose to mount one of these locations. This makes sense only if all the listed locations have precisely the same data.

A junction can be created on any export on a fileserver, in any directory. In this way, a hierarchy of filesystems can be defined, linked together by junctions.

Viewing a junction's locations

On the server, it's easy to see the target of /export/junction:

# nfsref lookup /export/junction

Removing a junction

When you no longer want the junction, use:

# nfsref remove /export/junction

In order to alter location information stored in a junction, the junction must be removed and created again.

Junctions in a domain root directory

A FedFS domain's top-level directory is known as its domain root directory. This directory typically contains nothing but junctions that point to other exports that contain more interesting data.

Let's assume you've already set up a domain root export and domain root directory, say for the example.net domain. See Setting up a FedFS domain root server for details.

On the domain root fileserver, cd into the domain root directory, and create some junctions.

# cd /.domainroot-example.net
# nfsref add sales sales.example.net /
# nfsref add marketing marketing.example.net /public
# nfsref add engineering engr.example.net /source

The following junctions are created:

  • A junction called "sales" which refers to sales.example.net:/
  • A junction called "marketing" which refers to marketing.example.net:/public
  • A junction called "engineering" which refers to engr.example.net:/source

Now, when a shell user on a FedFS-enabled NFS client changes to /nfs4/example.net, she will see these directories:

sales  marketing  engineering

Changing into any of these directories will take her directly to the server and export listed in that junction.

FedFS junctions

In the above examples, we created "NFS basic" junctions. That simply means that the target is stored in the junction itself on the fileserver. This is the default type of junction created by the nfsref command.

However, the nfsref command can also create "FedFS" junctions. In this type of junction, target information is stored remotely on an LDAP server. This becomes interesting when junctions on several fileservers refer to the same target.

In other words, suppose you have four fileservers: A, B, C, and D. Suppose further that D has an interesting export called /x/y/z. You'd like to create junctions on A, B, and C that target D:/x/y/z. If you store that target information on a remote LDAP server, then you can update the target information simply by updating the information on that LDAP server. In fact, you don't even need to know how many junctions on which fileservers use that target information: they will all be updated automatically when you update the information on the LDAP server.

A FedFS junction simply refers the fileserver to an entry on the LDAP server which contains the relevant target information for that junction. In the next section, we'll describe how to manage FedFS junctions using the nfsref command.

In order to enable automatic resolution of a FedFS junction (that is, to allow fileservers to find the LDAP server with the right location information), some set up is needed first.

Set up an LDAP server and turn it into an NSDB

See the following articles describing how to install and configure an NSDB:

Use the nsdbparams command to tell the fileserver how to contact the NSDB

Before a fileserver may contact an NSDB, the NSDB must be registered in the fileserver's NSDB connection paramters database. To do this, use the nsdbparams command.

Suppose your NSDB was at nsdb.example.net. On your fileservers, start with this command:

# nsdbparams update nsdb.example.net

If nsdb.example.net requires TLS, you can use the nsdbparams command to add a certificate that the fileserver will use every time it needs to contact the NSDB. You will need to do this for all NSDBs the fileserver is allowed to contact, including NSDBs not in your FedFS domain.

For more information on the nsdbparams command, see Setting up NSDB connection parameters.

Set up environment variables

The environment variables FEDFS_NSDB_HOST, FEDFS_NSDB_PORT, FEDFS_NSDB_ADMIN, and FEDFS_NSDB_NCE specify what NSDB to use when creating junctions in your FedFS domain. For convenience, the nfsref command uses the values contained in these variables rather than requiring extra command line options. Creating your NSDB will generate these values.

# export FEDFS_NSDB_HOST="nsdb.example.net"
# export FEDFS_NSDB_ADMIN="cn=Directory Manager"
# export FEDFS_NSDB_NCE="ou=fedfs,dc=example,dc=net"

You can also use nsdbparams to store some of these. See nsdbparams(8) for details.

Create your FedFS junctions

This works just like creating an NFS basic junction, except that you specify "-t nfs-fedfs" on the "nfsref add" command. After setting up the NSDB and environment variables:

# cd /.domainroot-example.net
# nfsref  -t nfs-fedfs  add  sales  sales.example.net  /

When a user on an NFSv4 client cd's into /nfs4/example.net/sales, it contacts the domain root NFS server for example.net. The domain root NFS server automatically finds the location sales.example.net:/ by contacting the NSDB nsdb.example.net and querying it for the location of that fileset. The server provides that location to the NFSv4 client, which automatically mounts sales.example.net:/ and allows the user to cd into the freshly mounted directory.

In theory, FedFS junctions can share the same target information. However, the nfsref command always creates a unique set of entries on an NSDB for each junction. It does not allow sharing the information. In the future, new administrative interfaces will be developed that can share target information between junctions.

Personal tools