Transcript OpenAFS Status

OpenAFS
Status Report
AFS & Kerberos
Best Practice Workshop
2008
Starting with Microsoft
Windows

1.5.36 is the recommended release
• 17 releases since Workshop 2007
Major New Features since
Workshop 2007


Vista SP1 and Server 2008 Certification
Performance Improvements
• Hash tables, Lock management redesign,
•
Interlocked operations for reference counts
The client service has been profiled and
bottlenecks removed. Up to 63 MB/sec on 64-bit
Vista SP1

Failover Improvements

Directory Searchs
• RXKAD errors and Idle Data
• B+ trees and local directory modifications
More Improvements

Token management improvements

Volume Status Tracking

Rx multi Server Probes
Volume Group Management

• Try home realm first
• No longer destroy token after RXKAD errors
• Volume Notification Plug-in Interface
Even More Improvements







FollowBackupPath registry option
.readonly Volume CB Optimizations
Data Version optimizations
cmdebug –cellservdb
Out of Quota error reporting
fs –literal
Rx Hot Threads
2008-2009 Plans






Internationalization (Unicode)
Native File System Client
Support for DOS and Extended
Attributes
New user interfaces
• Explorer Shell Extensions
• Management Console plug-ins
• Control Panel replacement
AFS Servers
http://www.secure-
Got Questions About
OpenAFS on Windows?

OpenAFS for Windows Status Reports
available at
• http://www.secure-endpoints.com/

Mailing List
• [email protected]
MacOS X
Most of the issues with 10.4 resolved
for 10.5 with help from Apple.
However, getting tokens at login is
(now) “hard”.
AFSCommander tool available,
integration coming.


Linux
iget() is dead.
•
Cache manager opens files by path, as in
OSX, to deal.
ARM port.
Usual AFS write-on-close semantics
restored in 1.4.7, where possible.
ARM Linux
Actually been kicking around for years.
empeg (RioCar) is ARM Linux 2.4.
•
AFS in your car is sometimes useful.
Nokia n810 was impetus for updating
and integrating changes.
AIX
A LAM plugin for Kerberos 5 based
aklog is now available and works with
CDE Screenlock.
The client properly supports AFSDB.

Clients
Actually not much exciting on clients.
Numerous interaction issues with GUI
environments have been addressed.
When shutting down, the client now
tries much harder to deallocate
resources.

Fileserver
To constrain clients from tying up too
many fileserver resources, a quota is
enforced during
TellMeAboutYourself/WhoAreYou calls
to the client.
The spunky child nature of the
fileserver is gone. No more assert()s
when a volume is found in an
unexpected state.

Other things
The policy which precluded you from
having a period (“.”) in your Kerberos
v5 principal names when using AFS
can be overriden in servers in
OpenAFS 1.4.7 and later.
And the code has been cleaned up. A
lot.

And who were you, again?
Client tracking turns out to be hard
when clients lie (unbeknownst to
themselves).
Just because an address is reused, it
may not be the same client.
The fileserver now takes client address
information with a grain of salt.


And then there’s test releases
We want to issue 1.6. Help us test!
Split cache (dedicated portion for readwrite data) has had issues addressed.
Linux NFS translator has received
several updates.
Mountpointless volume addressing
(/afs/.:mount/cell:volumeid/)


But wait, there’s more
Address any vnode directly.
(/afs/.:mountcell:volumeid:vnodeid:uniq
uifier/)
•
Logical follow-on will fix the MacOS “Finder
cross-volume drag” issue.
Multiple (more than 2) local realms.
Oh yeah, and you can have large (>2TB)
partitions.
Ice cream for your fileserver
Rx modifications to avoid “server
meltdowns” in servers, and to avoid
hanging waiting for them in clients.
Rx also tweaked to deal better with
high latency WANs.

And more pending
Rx connection “bundling” to allow more
than 4 in-flight RPCs on a connection.
Cache read-ahead to improve read
performance.
Cache bypass when you’ll never read it
again.


And more coming
Extended callback messages to
optimize away unneeded traffic.
•
Both change “ranges” when data is stored,
and metadata bundling when other things
cause the callback.
Locking enhancements for Unix clients
(finally).
Placeholder slide
In the unlikely event the git repository
is online by the time I’m talking to you
I’ll replace this with a slide about it.
Otherwise, hey, we’re migrating
OpenAFS CVS to Git! If you want to
use third-party distributed branches for
development, you’ll be happy.
Otherwise, you don’t care.

Issues of source code
management
CVS doesn’t support distributed
branches.
•
I had a plan to add it but it’s not worth the effort.
OpenAFS deltas are mostly analogous to
Transarc (IBM) deltas but I wrote most of
the tools myself.
cvsps (“Patchsets for CVS”) is used by
many tools for conversion to other
repositories, but its assumptions didn’t
hold for us.

Migrating to git
git cvsimport uses discrete file
revisions.
OpenAFS deltas assume patches.
tailor only converts one branch, the
head.
OpenAFS uses branches heavily.



When it’s all done
It should be much easier to track
upstream while you’re waiting for us to
integrate your changes.
And it should be easier for us to merge
them.

Stop me if you’ve heard this one before
Other performance optimization
(though much of this is coming fairly
near-term).
RxTCP.
Directory object changes (Unicode,
typed streams, more files).
Kerberos 5.



(No) excuses
This would normally be where I tell you
we have no resources, I can’t help you,
etc., etc.
This year it’s a little different.

Fresh blood
Google Summer of Code accepted us.
•
•
And we got more projects than usual for first-timers.
More on that shortly.
Rebuilding to serve you better
Many of you have probably seen the
Elders’ open letter regarding a
foundation.
There will be NO CHANGES that affect
our code. What’s free today will be free
tomorrow.
The goal is to incorporate the Elders
such that the project can have assets.


Equity minus liabilities
Among these would be:
•
•
Being able to have an independent bank account
Being able to hold intellectual property, like trademarks
We’re working on some of this now.
Please grab an elder to share your
comments and concerns.
Documentation

Thanks to Jason Edgecombe for all the
work on the man pages
All man pages are written in POD format

Other documentation is in DocBook

• Simple to edit
• http://www.openafs.org/manpages/
• Still needs a lot of work
• All contributions are welcome, please dive in
Introducing...
Our New Mascot
Andy, the OpenAFS Orca
In other news
A lot of other exciting things going on.
Stick around for the roadmap and
futures discussions on Friday.
Google Summer of Code
Projects
Mentors






Asanka Herath
Christopher Clausen
David Howells
Derrick Brashear
Jeffrey Altman
Luke Howard





Matt Benjamin
Neill Jordan
Simon Wilkinson
Tom Keiser
Tracy Di Marco White
Students and Projects




Andreas Matsikaris
•
•
Project: Per-File Access Control List Extensions
Mentor: Matt Benjamin
Dragos Tatulea
•
•
Project: OpenAFS Disconnected Operation Improvements
Mentor: Simon Wilkinson
Jacob Thebault-Spieker
•
•
Project: kAFS Enhancements
Mentor: David Howells
Matam Kiran Kumar
•
•
Project: OpenAFS Server Manager and OpenAFS Server Installer on Windows
Mentors: Jeffrey Altman & Asanka Herath
Students and Projects




Sheung Hei Joseph Yeung
•
•
Project: Microsoft Management Console for OpenAFS Cache
Manager
Mentors: Asanka Herath & Jeffrey Altman
Vamshi Velagapuri
•
•
Project: Readying OpenAFS Servers for Production Use on
Windows
Mentors: Jeffrey Altman & Christopher Clausen
Vishal Powar
•
•
Project: Read/Write Volume Replication for OpenAFS
Mentors: Derrick Brashear & Tom Keiser
Yatin Deshpande
•
•
Project: Explorer Shell Extension Improvements for OpenAFS
Mentors: Asanka Herath & Jeffrey Altman
OpenAFS Status
If your cell phone rang,
you owe me a beer.
Fermented bubbly rice-water doesn’t count.