Notes from OpenAFS deployment meeting 21/07/05

These are my jottings from the OpenAFS deployment meeting on 21/07. They've been rearranged to make more logical sense, and so aren't in the order we discussed things. Decisions are in bold and come first in each section. Actions come second, and third are items we discussed and either deferred, or didn't come to any conclusion on

Servers

  • Fileservers will not be AFS clients
  • har will be the main fileserver for the pilot program
  • For the pilot, Ubik databases will reside on the fileservers

  • Neil will check to see if har has a serial console bug_small.png Bug #1636
  • Simon will move all r/w volumes off symplegades bug_small.png Bug #1637
  • Someone will move Ubik databases to a different host bug_small.png Bug #1638
  • Craig will reinstall symplegades with LCFG managed FC3 bug_small.png Bug #1639
  • Roger and Bill will install a machine at BP as an AFS database server bug_small.png Bug #1640

  • Everyone will look at the Stanford AFS management database tools, and see if we should run them.
  • We'll continue to use scp to copy the AFS keytab between servers until we come up with something better
  • har needs to be converted into an AFS server

Clients

  • Simon will deploy Russ Allbery's kstart utility, and produce some documentation on using it to handle long running daemons bug_small.png Bug #1641

  • We will use the pilot as an opportunity to examine the performance of different cache settings, rather than making a decision now.

Software Packaging

  • We're going to use 1.3.85 for the pilot, but will upgrade if significant issues appear. We'll move to 1.4.x once it becomes available.
  • Server binaries will be distributed via Solaris packages (Linux binaries are already distributed via RPM)
  • We will distribute kernel modules by RPM. The rebuild process will be integrated with the release management system. The linux-team will inform the fileservers-team when a new Linux kernel is being shipped. The fileservers-team will then build, test, and ship a kernel module for that kernel. All of this will happen within one release window.
  • We will use 'modern', rather than Transarc, paths for all packages

  • Simon will look for bug in supergroups code bug_small.png Bug #1635
  • Craig will package up 1.3.85 for Solaris bug_small.png Bug #1642
  • Simon will upgrade Linux RPMS to 1.3.85 and enable supergroups bug_small.png Bug #1643
  • Neil will back port the FC3 AFS client stuff to run under RH9. We may delay this, and check whether its needed just before the pilot service goes live. bug_small.png Bug #1644

Backups

  • We will continue to use EBU for backups, and accept not backing up ACLs
  • We will create shadow volumes of all AFS r/w volumes at remote sites

  • Bill will speak to Teradctyl about pricing for their commercial system bug_small.png Bug #1645
  • Simon and Bill will look at getting EBU AFS backups going %BUG{1646}

  • We may look at a script to preserve ACLs when time allows
  • We need to look at how to backup Ubik databases

Filesystem Layout

  • We'll put /afs/inf.ed.ac.uk/user/<initial>/<username> as the primary home directory location in LDAP
  • We're going to use /afs/inf.ed.ac.uk/user for home directories
  • We'll arrange by initial letter, or by s<digit><digit> for students
  • Projects will live under /afs/inf.ed.ac.uk/project
  • We'll use a dynamic root volume

  • Simon will add code to the LCFG AFS component to stat /afs/inf.ed.ac.uk so its present in /afs at restart time. bug_small.png Bug #1647

  • We'll investigate creating a programatic mapping for /home/ to the appropriate AFS location using the machine's own automator

Cell visibility

  • We'll make AFS available beyond the firewall unless a political decision is made not to. Craig notes the user education issues of this, and we'll need to make very clear to users the implications of global visibility and permissive ACLs

  • Simon will speak to George about generating AFSDB records in the DNS from LCFG information bug_small.png Bug #1648

  • At some point we'll investigate the creation of a script to check for minimum ACLs on homedirs.

Authorization issues

  • We'll manage the UserList file manually for the pilot
  • System administrators, and UserList will use /admin principals

  • Neil will find 50 or so spare userIDs that we can have for .admin AFS accounts bug_small.png Bug #1649
  • Simon will create the appropriate AFS accounts, and move the system:administrators group over to use the new accounts. bug_small.png Bug #1650

  • In the long term, we'll investigate managing UserList via LCFG, or LDAP, or something similar

Documentation

  • We will produce a general purpose AFS talk which can be given to COs and groups of users

-- SimonWilkinson - 21 Jul 2005

Topic revision: r6 - 28 Jul 2005 - 15:26:57 - SimonWilkinson
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
This Wiki uses Cookies