dcache nfsv4 1
play

dCache NFSv4.1 Tigran Mkrtchyan Zeuthen, 13.04.12 dCache NFSv4.1 | - PowerPoint PPT Presentation

Nov 21, 2022 •665 likes •1.14k views

dCache NFSv4.1 Tigran Mkrtchyan Zeuthen, 13.04.12 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 1 Outline NFSv41 basics NFSv4.1 concepts PNFS Id mapping Industry standard dCache implementation dCache NFSv4.1 |

  1. dCache NFSv4.1 Tigran Mkrtchyan Zeuthen, 13.04.12 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 1

  2. Outline ● NFSv41 basics ● NFSv4.1 concepts ● PNFS ● Id mapping ● Industry standard ● dCache implementation dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 2

  3. Classic NFS ● BigData never fits into a single server. ● Big administrative overhead to keep data on multiple servers ● Single NFS server becomes bottleneck dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 3

  4. NFSv4.1 ● Provides access to files and directories ● Stateful ● Keeps track of OPEN/CLOSE ( LOCK/UNLOCK ) ● Detects client/server reboot ● Client controlled reply cache and EOS ● Aware of multihomed servers ● Detects retransmits ● Recovery from network disconnect dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 4

  5. Classic NFS DISK DISK NFS DISK DISK dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 5

  6. DISK DISK NFS DISK DISK dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 6

  7. DISK CPU or network become a bottleneck with growing number of clients DISK NFS DISK DISK dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 7

  8. Parallel NFS NFS DS NFS DS NFS MDS NFS DS NFS DS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 8

  9. Parallel + Striping read(block1-block4) Read block1 DS b1 Read block2 DS b2 NFS Read block3 DS b3 Read block4 DS b4 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 9

  10. Parallel NFS ● Single Namespace, distributed data ● Client talks to Meta Data Server for metadata only ● Bandwidth and performance grow with number of Data Server nodes ● File striping ( like raid0 ) ● Enforces the same security on DS (pools) as on MDS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 10

  11. Security ● To verify client credentials RPCSEC_GSS is used ● Krb5 implementation supported by all clients/server ● Three type of Quality of Protection (QOP): ● NONE – Auth only. Checksum protection of RPC header ● INTEGRITY – Checksum protection of RPC messages ● PRIVACY – full encryption of RPC messages ● Security flavor used on mount enforced to IO traffic as well dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 11

  12. Security 'sec=krb5i' NFS server NFS client (MDS) NFS server (DS) Client always will use the same security flavor and Quality of Protection for all RPC traffic to MDS and DS. dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 12

  13. ID mapping ● All principals are utf-8 strings ● No UID, no GID ● To resolve conflict NFSDOMAIN used: ● “tigran@desy.de” vs. “tigran@cern.ch” ● E.g. talk to corresponding mapping service ● Mapping delegated to client and server ● Client and server may use different mapping services/sources ● Windows client and server do not need numeric ID ● Best with ldap or nis ● Linux client can use numeric strings ● “124” => 124 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 13

  14. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 14

  15. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 15

  16. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 16

  17. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 17

  18. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 18

  19. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 19

  20. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 20

  21. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 21

  22. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 22

  23. idmapping App. euid 3750 Chimera 3750 3750 NFS server 'owner : tigran' NFS client dCache 3750 tigran 3750 tigran idmapd gPlazma LDAP/NIS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 23

  24. Why so complicated? ● Your favorite OS may not use numeric id ● MS Windows uses principals ● Your numeric ID on client and server may be different ● My ID on laptop 500 , NIS 3750 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 24

  25. Existing servers ● NETAPP (ONTAP 8.1 cluster mode, running at DESY) ● dCache ● Production ready 1.9.12 ● In production since XXX ● SONAS (IBM), Panasas, EMC, LinuxBox will be ready by 2Q 2013 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 25

  26. Existing clients ● Linux ● 2.6.39 first usable kernel ● Part of RHEL 6 (SL6), Fedora >= 15, Debian- unstable ● Oracle UEK2 for RHEL5 (sl5) + updates! ● No AFS and some other kernel modules ● Windows 7 64 bit ● Opensource client from CITI ● VMware ESX (pNFS client in VMware hypervisor) dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 26

  27. dCache implementation dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 27

  28. dCache NFS in one slide JVM JVM JVM Message passing layer Door Pools Pool Manager PnfsManager (MDS) Pools (DSs) Pools (Data Server) (Data Server) DBMS dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 28

  29. Implementation Status ● No file striping yet ● Supports RPCGSS_SEC (kerberos5 only) ● Krb5, krb5i and krb5p ● Even with Windows AD as KDC ● Supports IPv6 ● Can be integrated with NIS and/or local passwd file ● Implemented as gPlazma plugins. dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 29

  30. Still Missing ● Extended attribute support ● Will provide native access (setfattr/getfattr) to checksum, AL and RP ● Only unix permission bits are supported ● ACL expected by dcache-2.4, set/getfacl works today. ● No striping ● “Striping on read” will come soon. ● No IO through Meta Data Server (door) ● A problem if pool crashed/restarted dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 30

  31. Limitations ● dCache files are immutable ● No support of byte range locks ● No support of multiple writers dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 31

  32. ACLs with NFSv4.1 in dCache ● Will be available in dcache 2.4 (or 2.3) ● Main focus on predictable semantic ● Unix mode and ACL coexistence ● NFSv3, FTP and NFS4 coexistence dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 32

  33. Prerequisites for NFSv4.1 1.Configured gPlazma 2.Kerberos5 keytab with nfs principals for NFS door and all pools. 3.Open TCP port 2049 in NFS door 4.Open TCP range 'net.lan.port.min:net.lan.port.max' on pools ● Default is 33115:33145 (shared with dcap and xrootd) 5.Client with pNFS aware kernel (SL6.2 and FC16 recommended) 6.Configured rpc.idmapd to match NFS DOMAIN with server 7.Kerberos5 keytab with host principal 8.Start dCache, mount on client and access the data. dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 33

  34. Terminology dCache equivalent MDS Meta Data Server dCache NFSv4.1 door DS Data server dCache pool QOP Quality Of Protection dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 34

  35. Typical IO scenario ● Open ● Read/write ● close dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 35

  36. OPEN+READ/WRITE+CLOSE ● Open ● Open/Create a file ● Find appropriate pool ● Start a mover ● Read/write ● READ/WRITE ● Close ● Release mover ● Close the file dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 36

  37. OPEN+READ/WRITE+CLOSE App NFS Door PnfsManager PoolManager Pool OPEN GET STORAGE INFO STORAGE INFO OPEN ID GET POOL SELECT POOL POOL START MOVER MOVER ID POOL/MOVER ID READ/WRITE CLOSE STOP MOVER dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 37

  38. Setup: enable door # layout file # nfs-4.1 section [nfsdoorDomain/nfsv41] nfs.domain=desy.de nfsIoQueue=nfs # NFS uses direct access to Chimera database chimera.db.name = chimera chimera.db.host = localhost chimera.db.user = chimera chimera.db.password = # dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 38

  39. Setup: tweak rpcbind # /etc/sysconfig/rpcbind # enable insecure mode RPCBIND_ARGS="-i" # dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 39

Recommend

NFSv4.1, ACL and Co. Tigran Mkrtchyan For dCache Team ACL basics (for file system) ACLs is a

NFSv4.1, ACL and Co. Tigran Mkrtchyan For dCache Team ACL basics (for file system) ACLs is a

NFSv4.1, ACL and Co. Tigran Mkrtchyan For dCache Team ACL basics (for file system) ACLs is a list of Access Control Entries attached to a file or a directory ACEs grant or deny a principal an action on a file or a directory ACL basics

379 views • 34 slides
dCache dCache seminar at FERMIlab dCache.ORG Patrick Fuhrmann et al. dCache.ORG and slides

dCache dCache seminar at FERMIlab dCache.ORG Patrick Fuhrmann et al. dCache.ORG and slides

dCache dCache seminar at FERMIlab dCache.ORG Patrick Fuhrmann et al. dCache.ORG and slides stolen from nearly everywhere additional funding, support or contributions by d-grid DGI II P. Fuhrmann Sep 26, 2008 dCache seminar, FERMIlab

375 views • 34 slides
dCache Beginners Course Introducing dCache An overview to dCache and how it is deployed in grid

dCache Beginners Course Introducing dCache An overview to dCache and how it is deployed in grid

dCache Beginners Course Introducing dCache An overview to dCache and how it is deployed in grid environments. Karlsruhe Institute of Technology (KIT), Steinbuchcentre for Computing (SCC) KIT University of the State of Baden-Wuerttemberg and

297 views • 12 slides
dCache in Use at DESY dCache in Use DESY DV/IT 5.7.2010 Overview grid gridFTP, (gsi)dcap,

dCache in Use at DESY dCache in Use DESY DV/IT 5.7.2010 Overview grid gridFTP, (gsi)dcap,

Andreas Haupt, Birgit Lewendel dCache in Use at DESY dCache in Use DESY DV/IT 5.7.2010 Overview grid gridFTP, (gsi)dcap, SRM dcache-se-desy dcache-se-cms dcache-se-atlas lcg-se1 lcg-se0 Calice, CFEL, GKSS, ILC, Olympus, Petra3,

417 views • 7 slides
NFSv4 Beyond v4.2 Part 2 of Road Map of the features in NFS v4.1, v4.2, and beyond Dave Noveck

NFSv4 Beyond v4.2 Part 2 of Road Map of the features in NFS v4.1, v4.2, and beyond Dave Noveck

NFSv4 Beyond v4.2 Part 2 of Road Map of the features in NFS v4.1, v4.2, and beyond Dave Noveck Netapp Vault Conference March 2017 Contents A tiny bit about the NFSv4 Working group and the IETF process NFSv4 beyond v4.2 as approved

750 views • 16 slides
dCache for Photon Science Outline: Overview and Resources Photon dCache Monitoring Birgit

dCache for Photon Science Outline: Overview and Resources Photon dCache Monitoring Birgit

dCache for Photon Science Outline: Overview and Resources Photon dCache Monitoring Birgit Lewendel for the dCache operations team Summary DESY IT 6th dCache Workshop dCache at DESY DESY National Analysis Facility Zeuthen 0.7 PB CTA

100 views • 7 slides
Whats new since 2016 Tigran Mkrtchyan for dCache Team dCache User Workshop, Ume, Sweden

Whats new since 2016 Tigran Mkrtchyan for dCache Team dCache User Workshop, Ume, Sweden

Whats new since 2016 Tigran Mkrtchyan for dCache Team dCache User Workshop, Ume, Sweden What will be NOT covered with talks Changes in REST API New functionality in dCache-view CEPH HA-dCache Macaroons and OpenID-connect

267 views • 25 slides
NFSv4.1/pNFS Ready for Prime Time Deployment February 15, 2012 FAST 2012 San Jose NFSv4.1

NFSv4.1/pNFS Ready for Prime Time Deployment February 15, 2012 FAST 2012 San Jose NFSv4.1

NFSv4.1/pNFS Ready for Prime Time Deployment February 15, 2012 FAST 2012 San Jose NFSv4.1 pNFS product community Value of NFSv4.1 / pNFS Industry Standard Secure Performance and Scale Throughput Increased Storage Capacity

368 views • 24 slides
dCache - delegated storage solutions Tigran Mkrtchyan for dCache Team ISGC 2016, Taiwan dCache

dCache - delegated storage solutions Tigran Mkrtchyan for dCache Team ISGC 2016, Taiwan dCache

dCache - delegated storage solutions Tigran Mkrtchyan for dCache Team ISGC 2016, Taiwan dCache on one slide JVM JVM JVM Message passing layer Door(s) Pool Manager Name Space Pools (clients entry point) Door Pools (requests scheduler)

254 views • 21 slides
CMS Subgroups in dCache 2.2 CMS T3 requirements for dCache We manage a CMS T3 cluster financed

CMS Subgroups in dCache 2.2 CMS T3 requirements for dCache We manage a CMS T3 cluster financed

CMS Subgroups in dCache 2.2 CMS T3 requirements for dCache We manage a CMS T3 cluster financed by 3 Swiss Institutes: PSI , UniZ , ETHZ ; during 2013 we will run 700TB net based on 2*NetApp E5400 + 4*Sun X4500 + 5*Sun X4540 ; Our user

210 views • 10 slides
Effjcient Message Serialization for Inter-Service Communication in dCache Evaluating a Replacement

Effjcient Message Serialization for Inter-Service Communication in dCache Evaluating a Replacement

Effjcient Message Serialization for Inter-Service Communication in dCache Evaluating a Replacement for Java Serialization in dCache Lea Morschel for dCache Team, November 7 2019 About dCache A distributed petabyte-scale storage system for

713 views • 42 slides
dCache: Powerful Storage Made Easy Paul l Milla illar (on behalf of the dCache.org team)

dCache: Powerful Storage Made Easy Paul l Milla illar (on behalf of the dCache.org team)

dCache: Powerful Storage Made Easy Paul l Milla illar (on behalf of the dCache.org team) dCache dCache is powerful storage system, providing what people need, now. We're also pushing the envelope of what storage systems can do.

1.04k views • 25 slides
dCache dCache in the in the NDGF Distributed Tier 1 NDGF Distributed Tier 1 Gerd Behrmann

dCache dCache in the in the NDGF Distributed Tier 1 NDGF Distributed Tier 1 Gerd Behrmann

dCache dCache in the in the NDGF Distributed Tier 1 NDGF Distributed Tier 1 Gerd Behrmann Second dCache Workshop Hamburg, 18 th of January 2007 NORDUnet A/S NORDUnet A/S The Nordic Regional Research and Educational Network (RREN)

520 views • 18 slides
IETF-64 2005-11-08 Mike Eisler email2mre-ietf@yahoo.com draft-eisler-nfsv4-impid-00.txt

IETF-64 2005-11-08 Mike Eisler email2mre-ietf@yahoo.com draft-eisler-nfsv4-impid-00.txt

draft-eisler-nfsv4-impid-00.txt draft-adamson-nfsv4-spkm3-00.txt IETF-64 2005-11-08 Mike Eisler email2mre-ietf@yahoo.com draft-eisler-nfsv4-impid-00.txt Problem: NFSv4.0 has no method for allowing clients and servers to provide to each

487 views • 7 slides
dCache, selected topics (LCG MB) Patrick Fuhrmann dCache.ORG additional funding, support or

dCache, selected topics (LCG MB) Patrick Fuhrmann dCache.ORG additional funding, support or

dCache.ORG dCache, selected topics (LCG MB) Patrick Fuhrmann dCache.ORG additional funding, support or contributions by d-grid DGI II Phone Meeting 4.8.2009 LCG MB Patrick Fuhrmann Content Chimera and the Pnfs to Chimera Migration

176 views • 15 slides
Integra(on of Billing (Accoun(ng) Plots ( dCache 2.1+) Albert L.

Integra(on of Billing (Accoun(ng) Plots ( dCache 2.1+) Albert L.

Integra(on of Billing (Accoun(ng) Plots ( dCache 2.1+) Albert L. Rossi Fermi Na(onal Accelerator Laboratory Accoun(ng ( dCache Book , Chpt. 24) For dCache

401 views • 10 slides
GANESHA, a multi-usage with large cache NFSv4 server Philippe Deniel Thomas Leibovici

GANESHA, a multi-usage with large cache NFSv4 server Philippe Deniel Thomas Leibovici

GANESHA, a multi-usage with large cache NFSv4 server Philippe Deniel Thomas Leibovici Jacques-Charles Lafoucrire FAST07 / Work in Progress Session 1 GANESHA and NFSv4 NFSv4 is a complex and generic protocol. It can be used to

441 views • 5 slides
US CMS Tier 1 dCache Timur Perelmutov, Fermilab dCache Workshop, DESY, January 19, 2007 1

US CMS Tier 1 dCache Timur Perelmutov, Fermilab dCache Workshop, DESY, January 19, 2007 1

US CMS Tier 1 dCache Timur Perelmutov, Fermilab dCache Workshop, DESY, January 19, 2007 1 Stage Area Stage Area -11 nodes-10TB Pools for staging files from tapes managed by dCache File Hopping Pool-to-Pool copy to read pools

407 views • 13 slides
The ! !dCache ! !labs 7 th !International !dCache !Workshop Patrick !Fuhrmann Welcome !to !7 th

The ! !dCache ! !labs 7 th !International !dCache !Workshop Patrick !Fuhrmann Welcome !to !7 th

The ! !dCache ! !labs 7 th !International !dCache !Workshop Patrick !Fuhrmann Welcome !to !7 th !International !dCache !Workshop !| !HTW !Berlin, !Berlin !| !Patrick !Fuhrmann !| !27 !May !2013 !| !1 Content CMS Disk / Tape separation

551 views • 27 slides
NFSv4 Strawman Spencer Shepler spencer.shepler@eng.sun.com draft-shepler-nfsv4-02.txt Spencer

NFSv4 Strawman Spencer Shepler spencer.shepler@eng.sun.com draft-shepler-nfsv4-02.txt Spencer

42nd IETF NFSv4 Strawman Slide 1 of 19 42nd IETF NFSv4 Strawman Spencer Shepler spencer.shepler@eng.sun.com draft-shepler-nfsv4-02.txt Spencer Shepler 42nd IETF NFSv4 Strawman Slide 2 of 19 Charter Goals for V4 Improved access and

481 views • 19 slides
Chimera and NFS 4.1 in dCache dCache.ORG Patrick Fuhrmann Tigran Mkrtchyan presented by Peter

Chimera and NFS 4.1 in dCache dCache.ORG Patrick Fuhrmann Tigran Mkrtchyan presented by Peter

Chimera and NFS 4.1 in dCache dCache.ORG Patrick Fuhrmann Tigran Mkrtchyan presented by Peter van der Reest, DESY at HEPiX, Fall 2007 dCache.ORG Fuhrmann, Mkrtchyan, v.d.Reest HEPiX, Fall 2007 Nov 6, 2007 Content Motivation dCache.ORG

621 views • 16 slides
SRM Dmitry Litvintsev 7th international dCache workshop, May 27-29,2013 dCache Team Dmitry

SRM Dmitry Litvintsev 7th international dCache workshop, May 27-29,2013 dCache Team Dmitry

SRM Dmitry Litvintsev 7th international dCache workshop, May 27-29,2013 dCache Team Dmitry Litvintsev Wednesday, May 29, 13 Plan SRM, a reminder SRM parameters SRM troubleshooting dCache Team 2 Dmitry Litvintsev

827 views • 34 slides
The Tivoli Storage Manager in the Large Hardron Patrick Collider Grid world Fuhrmann for the

The Tivoli Storage Manager in the Large Hardron Patrick Collider Grid world Fuhrmann for the

dCache.ORG dCache.ORG The Tivoli Storage Manager in the Large Hardron Patrick Collider Grid world Fuhrmann for the dCache people TSM Symposium, Oxford Sep 27, 2005 Patrick Fuhrmann dCache.ORG dCache.ORG LCG Tier Center Mechanism Tier

573 views • 20 slides
7th International dCache Workshop Berlin Bits and Pieces 2013 Christian Bernardt (at DESY)

7th International dCache Workshop Berlin Bits and Pieces 2013 Christian Bernardt (at DESY)

7th International dCache Workshop Berlin Bits and Pieces 2013 Christian Bernardt (at DESY) Berlin, 28.05.2013 dCache Team dCache Team Chris&an Bernardt Content New webpage IPv6 (OS, JVM, dCache) No PinManager for Tier 2

503 views • 33 slides

More recommend