FedFsInstallationGuide0.9

From Linux NFS

(Difference between revisions)
Jump to: navigation, search
(What you need for a minimal FedFS file-access server)
(Add new page for EPEL6 installation instructions)
 
(54 intermediate revisions not shown)
Line 11: Line 11:
----
----
-
=== Introduction ===
+
== Introduction ==
-
The purpose of fedfs-utils is to manage a network file namespace (a FedFS domain) that consists of multiple exports on one or more file serversThere are three roles a host can play in a FedFS domainA host can play one or more of these roles.
+
'''Special Note:''' ''This is alpha quality software based on draft standards.  fedfs-utils-0.9 is not compatible with previous releases of fedfs-utilsAdministrative protocols, commands, and data types stored in LDAP may change with the next release of fedfs-utilsThis software is provided for testing only.''
-
; File-access client
+
This series of articles will help you prepare for and set up a working FedFS domain using Linux and the fedfs-utils-0.9 package.  The examples in these articles are not meant to provide an exhaustive description of all fedfs-utils features.  They should provide coverage of common use cases and give you an idea of how to explore further.
-
: This is a network file system client that communicates with fileservers using a standard file-access protocol (such as NFS).
+
 
-
; File-access server
+
fedfs-utils allows you to manage a [[FedFsGlossary#FedFS_Domain|FedFS domain]], a single file namespace that consists of multiple filesystems residing on separate fileservers.  A host can play one or more of these roles in a FedFS domain:
-
: This is a server that stores data or refers file-access clients to other file-access servers
+
 
-
; Namespace Database (NSDB)
+
; [[FedFsGlossary#File-access_client|File-access client]]
-
: An NSDB node stores location information about data on file-access servers.  LDAP is used to access and manage this information.
+
: This is a network file system client that communicates with fileservers using a standard file-access protocol (such as NFSv4).
 +
; [[FedFsGlossary#Fileserver|Fileserver]]
 +
: This is a server that stores data or refers file-access clients to other file-access servers.
 +
; [[FedFsGlossary#Namespace_Database|Namespace Database (NSDB)]]
 +
: An NSDB node stores information about the location of filesets stored on file-access servers in a FedFS domain.  LDAP is used to access and manage this information.  An NSDB is optional.  If an NSDB is employed, an administrative entity that has write access to FedFS records on the NSDB is required to create, modify and delete the entries that describe filesets residing in the FedFS domain.
 +
; [[FedFsGlossary#Administrative_Client|Administrative Client]]
 +
: This is a network host where NSDB and FedFS ADMIN administrative tools are installed.  These tools contact file servers and NSDBs to perform administrative tasks such as creating junctions.
A DNS SRV record refers file-access clients to the top-most directory in a FedFS domain, which is stored in a special export on a file server.
A DNS SRV record refers file-access clients to the top-most directory in a FedFS domain, which is stored in a special export on a file server.
-
The NSDB is optional.  If an NSDB is employed, an administrative entity that has write access to the NSDB is required to create, modify and delete the entries describing FedFS filesets.
+
== Building fedfs-utils 0.9 ==
-
=== Road map for setting up a simple FedFS domain ===
+
You must install fedfs-utils on each host that participates in a FedFS domain.  Choose one of the following tasks:
-
A "simple" FedFS domain does not use a separate LDAP server to keep track of fileset locations.  Only NFS basic junctions (where fileset locations are stored directly on file servers) are used.
+
* [[FedFsUtilsInstallFedora19|Installing fedfs-utils-0.9 on Fedora 19]]
 +
* [[FedFsUtilsInstallEL6|Installing fedfs-utils-0.9 on Enterprise Linux 6]]
 +
* [[FedFsUtilsBuild0.9|Building fedfs-utils-0.9]]
 +
 
 +
The remaining sections of the Installation Guide assume you have already performed any necessary fedfs-utils installation steps, except where noted.
 +
 
 +
== Clients accessing an existing FedFS domain ==
 +
 
 +
If the storage servers in your environment already support a FedFS domain, it's easy to allow your Linux NFS client(s) to participate in the domain.
 +
 
 +
==== What you need for a minimal FedFS file-access client ====
 +
 
 +
If an NFSv4 client is to use Globally Useful Names (pathnames that appear the same on all FedFS clients), some additional set up is required.  Here are the administrative steps that configure your Linux NFS client to participate in a FedFS domain.
 +
 
 +
* [[FedFsNfsReferrals|Setting up client-side NFSv4 referral support]]
 +
* [[FedFsNfsAutomounter0.9|Setting up the FedFS automounter map]]
 +
 
 +
== Setting up a simple FedFS domain ==
 +
 
 +
Once you have FedFS-enabled clients, you can set up your own FedFS domain.  A "simple" FedFS domain does not use a separate LDAP server to keep track of fileset locations.  Only NFS basic junctions (which store fileset locations directly on file servers) are used.
==== What you need for a minimal FedFS file-access server ====
==== What you need for a minimal FedFS file-access server ====
-
* Linux NFS server that supports NFSv4 or later (any recent Linux distribution)
+
Any NFSv4 server can participate in a FedFS domain.  However, an NFS server which will contain junctions must support new-style NFS referrals.
-
* rpc.mountd updated with junction support (nfs-utils 1.2.6 or later, built with the nfs-plugin.h header present)
+
-
* nfsref program installed (fedfs-utils package install, or built from source)
+
-
* libnfsjunct.so installed (fedfs-utils package install, or built from source)
+
-
==== What you need to define a FedFS domain ====
+
Use these steps when starting your own FedFS domain, or when adding a new Linux NFS server to an existing FedFS domain.
-
* Define a domain root directory on a FedFS-enabled NFS server, then export it
+
* [[FedFsNfsServer0.9|Setting up junction resolution support on your Linux NFS server]]
-
** [[FedFsNfsDomainRoot0.9|Setting up a FedFS domain root server]]
+
-
* Define a DNS SRV record that points to that export
+
-
* Create NFS referrals in the root directory to other NFS servers that participate in this domain
+
-
==== What you need for a minimal FedFS file-access client ====
+
==== What you need to define a FedFS domain ====
-
* Linux NFS client that supports NFSv4 or later
+
Once you have prepared your NFS clients and servers, these steps create the FedFS name space and allow it to be discovered by FedFS-enabled clients.
-
* Kernel DNS resolver upcall working
+
-
* Automounter installed and enabled
+
-
* fedfs-nfs4-map program installed
+
-
=== Road map for setting up a complete FedFS domain ===
+
* [[FedFsNfsDomainRoot0.9|Setting up a FedFS domain root server]]
 +
* [[FedFsDnsSrv0.9|Setting up a FedFS DNS SRV record]]
 +
* [[FedFsNfsRefGuide0.9|Managing junctions with the nfsref command]]
-
A "complete" FedFS domain stores fileset location information in an LDAP server known as the domain's Namespace Database (or NSDB).  Both NFS basic junctions and FedFS junctions can be used in this type of domain.  All the items in the "simple" FedFS domain set up above, and:
+
== Setting up a complete FedFS domain ==
 +
 
 +
A "complete" FedFS domain stores fileset location information in an LDAP server known as the domain's Namespace Database (or NSDB).  Both NFS basic junctions and FedFS junctions can be used in this type of domain.  A complete domain requires all the items in the "simple" FedFS domain set up above, and:
==== What you need for a minimal FedFS NSDB ====
==== What you need for a minimal FedFS NSDB ====
-
* An installed and configured LDAP server
+
To install and configured an LDAP server for use as an NSDB, choose one below:
-
* Backing database set up for the DIT that hosts FedFS entries
+
-
* The FedFS schema installed on the server
+
-
* Administrative access to the DIT that hosts FedFS entries
+
-
* [[FedFsOpenLdapServerRecipe|Setting up an OpenLDAP server for use as an NSDB]]
+
* [[FedFsOpenLdapServer0.9|Setting up an OpenLDAP server for use as an NSDB]]
-
* [[FedFs389DsServerRecipe|Setting up a 389-ds server for use as an NSDB]]
+
* [[FedFs389DsServer0.9|Setting up a 389-ds server for use as an NSDB]]
 +
 
 +
==== What you need to administer your NSDB ====
 +
 
 +
NSDB administration tools must be installed and configured on at least one host.
 +
 
 +
* [[FedFsInstallNsdbConnParams0.9|Setting up NSDB connection parameters]]
 +
* [[FedFsInstallNsdbAdministrator0.9|Setting up NSDB administrative tools]]
 +
* [[FedFsInstallNsdbCertificates0.9|Distributing x.509 certificates for your NSDBs]]
==== What you need to allow file servers to access the NSDB ====
==== What you need to allow file servers to access the NSDB ====
-
* Install nsdbparams program on file servers that participate in your FedFS domain
+
Along with the modified mountd and junction resolution library you installed above, fileservers that contain FedFS junctions also need to know how to contact their domain's NSDB.
 +
 
 +
* [[FedFsInstallNsdbConnParams0.9|Setting up NSDB connection parameters]]
==== What you need to administer junctions and NSDB connection parameters remotely ====
==== What you need to administer junctions and NSDB connection parameters remotely ====
-
* Install rpc.fedfsd program (this is optional)
+
FedFS specifies an administrative network protocol that allows domain administrators to manage FedFS junctions and NSDB connection parameters remotely.
 +
 
 +
Installing this daemon is optional, since these operations can also be done by command line tools on the fileservers.
 +
 
 +
''For fedfs-utils-0.9, running the administrative daemon on open networks is discouraged, since the daemon currently does not support any form of security.  Future releases of fedfs-utils may include daemon support for RPCSEC GSSAPI flavors such as Kerberos.''
 +
 
 +
* [[FedFsInstallFedfsd0.9|Setting up the rpc.fedfsd daemon]]

Latest revision as of 21:07, 3 March 2014

Contents

Project: fedfs-utils

[ Project Home | News | Downloads | Docs | Mailing Lists | Source Control | Issues ]


Introduction

Special Note: This is alpha quality software based on draft standards. fedfs-utils-0.9 is not compatible with previous releases of fedfs-utils. Administrative protocols, commands, and data types stored in LDAP may change with the next release of fedfs-utils. This software is provided for testing only.

This series of articles will help you prepare for and set up a working FedFS domain using Linux and the fedfs-utils-0.9 package. The examples in these articles are not meant to provide an exhaustive description of all fedfs-utils features. They should provide coverage of common use cases and give you an idea of how to explore further.

fedfs-utils allows you to manage a FedFS domain, a single file namespace that consists of multiple filesystems residing on separate fileservers. A host can play one or more of these roles in a FedFS domain:

File-access client
This is a network file system client that communicates with fileservers using a standard file-access protocol (such as NFSv4).
Fileserver
This is a server that stores data or refers file-access clients to other file-access servers.
Namespace Database (NSDB)
An NSDB node stores information about the location of filesets stored on file-access servers in a FedFS domain. LDAP is used to access and manage this information. An NSDB is optional. If an NSDB is employed, an administrative entity that has write access to FedFS records on the NSDB is required to create, modify and delete the entries that describe filesets residing in the FedFS domain.
Administrative Client
This is a network host where NSDB and FedFS ADMIN administrative tools are installed. These tools contact file servers and NSDBs to perform administrative tasks such as creating junctions.

A DNS SRV record refers file-access clients to the top-most directory in a FedFS domain, which is stored in a special export on a file server.

Building fedfs-utils 0.9

You must install fedfs-utils on each host that participates in a FedFS domain. Choose one of the following tasks:

The remaining sections of the Installation Guide assume you have already performed any necessary fedfs-utils installation steps, except where noted.

Clients accessing an existing FedFS domain

If the storage servers in your environment already support a FedFS domain, it's easy to allow your Linux NFS client(s) to participate in the domain.

What you need for a minimal FedFS file-access client

If an NFSv4 client is to use Globally Useful Names (pathnames that appear the same on all FedFS clients), some additional set up is required. Here are the administrative steps that configure your Linux NFS client to participate in a FedFS domain.

Setting up a simple FedFS domain

Once you have FedFS-enabled clients, you can set up your own FedFS domain. A "simple" FedFS domain does not use a separate LDAP server to keep track of fileset locations. Only NFS basic junctions (which store fileset locations directly on file servers) are used.

What you need for a minimal FedFS file-access server

Any NFSv4 server can participate in a FedFS domain. However, an NFS server which will contain junctions must support new-style NFS referrals.

Use these steps when starting your own FedFS domain, or when adding a new Linux NFS server to an existing FedFS domain.

What you need to define a FedFS domain

Once you have prepared your NFS clients and servers, these steps create the FedFS name space and allow it to be discovered by FedFS-enabled clients.

Setting up a complete FedFS domain

A "complete" FedFS domain stores fileset location information in an LDAP server known as the domain's Namespace Database (or NSDB). Both NFS basic junctions and FedFS junctions can be used in this type of domain. A complete domain requires all the items in the "simple" FedFS domain set up above, and:

What you need for a minimal FedFS NSDB

To install and configured an LDAP server for use as an NSDB, choose one below:

What you need to administer your NSDB

NSDB administration tools must be installed and configured on at least one host.

What you need to allow file servers to access the NSDB

Along with the modified mountd and junction resolution library you installed above, fileservers that contain FedFS junctions also need to know how to contact their domain's NSDB.

What you need to administer junctions and NSDB connection parameters remotely

FedFS specifies an administrative network protocol that allows domain administrators to manage FedFS junctions and NSDB connection parameters remotely.

Installing this daemon is optional, since these operations can also be done by command line tools on the fileservers.

For fedfs-utils-0.9, running the administrative daemon on open networks is discouraged, since the daemon currently does not support any form of security. Future releases of fedfs-utils may include daemon support for RPCSEC GSSAPI flavors such as Kerberos.

Personal tools