These are files that were compiled during training at SNA.
+++ /dev/null
-Guides and information about setting up and using OpenAFS.
-
-## Installation
-
-*Guides for Linux*
-
-* [[Server and client installation on RHEL|InstallingOpenAFSonRHEL]]
-* [[Client installation notes for Linux|InstallOpenAFSClient]]
-* [[Installing the OpenAFS kernel module with DKMS|RpmClientInstallationWithDKMS]]
-* [[Installing OpenAFS in Lightweight LXC containers|InstallingOpenAFSinLXC]]
-* [[Notes on Linux's built-in kAFS support|LinuxKAFSNotes]]
-
-*Guides for Windows*
-
-* [[Windows quick start guide|WindowsEndUserQuickStartGuide]]
-* [[Windows kerberos 5 AFS service principal|WindowsK5AfsServicePrincipal]]
-* [[How to setup OpenAFS with Windows 2008 R2 AD server|Win2008R2ADasKDC]]
-
-*Guides for Solaris*
-
-* [[Solaris and OpenIndiana quick start guide|SolarisQuickStart]]
-
-*Additional information*
-
-* [[Backup methods|BackupMethods]]
-* [[Ports used by OpenAFS|AFSServicePorts]]
-
-## External Documents
-
-Guides on creating a new AFS cell on various platforms can be found in these
-external documents:
-
-* [An OpenAFS Tutorial for Debian](http://openafs.dk/doku.php?id=server:start)
-* [The Gentoo OpenAFS Guide](http://www.gentoo.org/doc/en/openafs.xml)
-* [Using NetBSD to provide AFS and Kerberos services](http://kula.tproa.net/talks/afsbpw2005)
-* [Using OS X to provide AFS and Kerberos services](http://kula.tproa.net/talks/afsbpw2006)
-
-General information about AFS and OpenAFS can be found in the following external documents.
-
-* [Stanford AFS Introduction](http://www.stanford.edu/services/afs/intro/)
-* [IBM Developerworks AFS Introduction](http://www.ibm.com/developerworks/opensource/library/os-openafs-kerberos5/index.html)
-
--- /dev/null
+In this section we will cover adding more database
+servers so afsdb1 is not a single point of failure.
+
+
+First, add the new hosts to afsdb1:
+ ssh afsdb1
+
+ bos listhosts afsdb1
+ bos addhost afsdb1 afsdb2.classroom.sinenomine.net -localauth
+ bos addhost afsdb1 afsdb3.classroom.sinenomine.net -localauth
+ bos listhosts afsdb1
+ cat /usr/afs/etc/CellServDB
+
+Then, restart the server and then check the logs:
+ service openafs-server restart
+
+ cat /usr/afs/logs/PtLog
+ cat /usr/afs/logs/VLLog
+ cat /usr/afs/logs/BosLog
+
+Now configure the new hosts, afsdb2 and afsdb3 using the steps :
+ ssh afsdb2
+
+ scp afsdb1:/usr/afs/etc/* /usr/afs/etc/
+ ls /usr/afs/etc/
+ cat /usr/afs/etc/CellServDB
+
+ service openafs-server start
+
+ bos create afsdb2 ptserver simple /usr/afs/bin/ptserver -localauth
+ bos create afsdb2 vlserver simple /usr/afs/bin/vlserver -localauth
+ bos status afsdb2 -long
+
+ cat /usr/afs/logs/BosLog
+ cat /usr/afs/logs/VLLog
+ cat /usr/afs/logs/PtLog
+
+As the name says, udebug returns information important to finding and debugging an error. Now run the udebug command for each of the hosts:
+ udebug -server afsdb1 -port 7003
+ udebug afsdb2 7003
+ udebug afsdb3 7003
+
+A command used to find a client or server over a network is rxdebug:
+ rxdebug <hostname> <port>
+
+Sine Nomine Associates Nov 2017
--- /dev/null
+In this section we will be adding more files servers
+to our OpenAFS plant.
+
+
+First add the new file servers to the first file servers:
+ ssh afs01
+
+ service openafs-server stop
+ scp afsdb1:/usr/afs/etc/CellServDB /usr/afs/etc/CellServDB
+ cat /usr/afs/etc/CellServDB
+
+ service openafs-server start
+
+Check all of the logs:
+ cat /usr/afs/logs/FileLog
+
+Now add afs02:
+ ssh afs02
+
+ scp afsdb1:/usr/afs/etc/* /usr/afs/etc/
+
+ service openafs-server start
+ bos listhosts afs02
+
+ bos create afs01 dafs dafs /usr/afs/bin/dafileserver /usr/afs/bin/davolserver /usr/afs/bin/salvageserver /usr/afs/bin/dasalvager -localauth
+
+ cat /usr/afs/logs/VolserLog
+ cat /usr/afs/logs/SalsrvLog
+ cat /usr/afs/logs/BosLog
+ cat /usr/afs/logs/FileLog
+
+ vos listaddrs -printuuid
+
+Sine Nomine Associates Nov 2017
--- /dev/null
+In this section we will add read-only volume support to our OpenAFS cell.
+
+At this point we should have the top-level directory structure:
+
+ /afs/ -> root.afs
+ yoyodyne.com/ -> root.cell
+ project/
+ mayhem -> project.mayhem
+ user/
+ alice -> user.alice
+ bob -> user.bob
+
+== About volume groups ==
+
+TODO: discussion about volume groups?
+
+== Creating top level read-only volumes ==
+
+Obtain admin credentials.
+
+ kinit admin
+ aklog
+
+The <code>vos addsite</code> tool is used to declare read-only sites in
+the VLDB. The first read-only site should match the location of the
+read-only volume, i.e., the same fileserver and same partition on the
+fileserver. Additional read-only sites should be declared on other
+fileservers. Then, use <code>vos release</code> to distribute the files.
+
+First, we create read-only volumes for the top level volumes.
+
+ vos addsite afs01 a root.afs
+ vos addsite afs02 a root.afs
+
+ vos release root.afs
+
+ vos addsite afs01 a root.cell
+ vos addsite afs02 a root.cell
+
+ vos release root.cell
+
+Refresh your client's cache to be sure the paths are re-evaluated.
+
+ fs checkvolumes
+ fs flushall
+
+Now, the cache manager should resolve paths to the top level cell directory to
+be served out of the read-only root.cell volume.
+
+ fs examine /afs/yoyodyne.com/
+
+== Creating a read-only volume ==
+
+Let's create read-only volumes for a volume in our cell.
+
+ vos addsite afs01 a project.mayhem
+ vos addsite afs02 a project.mayhem
+ vos release project.mayhem
+
+ fs examine /afs/yoyodyne.com/project/mayhem/
+
+This path should now be served by the read-only copy of the volume. The files
+reside on both fileservers, and clients may use either one. If one file server
+is down, clients should automatically fail over to the other server.
+
+== Accessing read-write data ==
+
+In order to access the read-write volume we must use a path that has
+a read-write mount point.
+
+ fs example /afs/.yoyodyne.com/project/mayhem/
+
+Sine Nomine Associates Nov 2017
--- /dev/null
+= Basic AFS cell setup =
+
+In this section we will setup the most basic configuration, consisting of
+a single AFS database service, a single AFS fileserver, and one AFS client.
+Only read-write volumes will be setup at this time.
+
+We assume the Kerberos realm is setup and ready before doing any of the
+steps in this section.
+
+This tutorial assumes the client is configured to start with the Dynamic
+Root (-dynroot) enabled. This is the default on modern systems.
+
+== Creating the service key ==
+
+How do we create the afs service key?
+
+1, Login as '''root''' to the Kerberos server; <code>root@afsdb1</code>.
+
+2. Add a service principal for our new AFS cell using
+<code>kadmin.local</code>. The format of an AFS service principal name is:
+
+ afs/<cellname>@<REALMNAME>
+
+For this example, YOYODYNE.COM is the realm name, yoyodyne.com is the instance
+name, and afs is the name. We want to add a principal that does not require a
+password so we also must use the -randkey option to generate a random set of
+keys. The following shows how the information should be organized on the kadmin
+command line.
+
+ kadmin.local
+ ank -randkey afs/yoyodyne.com@YOYODYNE.COM
+
+3. In order to use the newly generated keys, they must be moved to a secure
+location on the AFS servers. Export the keys into a keytab file to be installed
+on the AFS servers. To continue the above example:
+
+ ktadd -k /root/rxkad.keytab -e aes256-cts:normal,aes128-cts:normal afs/yoyodyne.com@YOYODYNE.COM
+
+'''NOTE''': Do not add a space after the comma separating the encryption types.
+
+4. Check that the correct keys are now in the file by quitting kadmin.local and
+entering the next command:
+
+ klist -e -k -t /root/rxkad.keytab
+
+This list should only contain keys with aes at the beginning. The principal
+should also match the principal that was entered in the previous step.
+
+5. Now the keys need to be copied to the AFS database and file servers. To do
+that securely, use the <code>scp</code> command:
+
+ scp /root/rxkad.keytab afsdb1:/usr/afs/etc/rxkad.keytab
+ scp /root/rxkad.keytab afs01:/usr/afs/etc/rxkad.keytab
+
+6. Finally, remove our temporary keytab file.
+
+ rm /root/rxkad.keytab
+
+== Creating the database server ==
+
+How do we setup the single database server?
+
+1. First the BOS server needs to be started which will oversee other AFS server processes. To do that issue the following command:
+ service openafs-server start
+
+To check that the server is running issue the next command:
+ bos listhosts afsdb1
+
+ The output should include 'bos: running ...' which tells you that the command was correct and started running the bos server.
+
+2. Next the bos server needs a cell name that matches the cell name where the keys were stored. The next command names the bos cell:
+ bos setcellname afsdb1 yoyodyne.com -localauth
+
+*Remember to include the -localauth command.
+
+3. Check that the cell name is correct after doing the previous step. To do that, enter the next command:
+ bos listhosts afsdb1
+
+4. Now the PT Server and the VL Server need to be created on the BOS server. To do that, use this command for the PT Server:
+ bos create afsdb1 ptserver simple /usr/afs/bin/ptserver -localauth
+
+Enter the same command for the VL Server, but replace ptserver with vlserver.
+
+5. Check the logs for each server to make sure they are running. Enter this command for PT Server:
+ bos getlog afsdb1 PtLog -localauth
+
+Enter this command for the VL Server:
+ bos getlog afsdb1 VLLog -localauth
+
+Caution: '''Do not''' use this command to try to check the logs: '''bos getlog afsdb1 /usr/afs/bin/ptserver -localauth'''. Bad idea.
+
+== Creating the file server ==
+
+How do we setup the first file server?
+
+1. First the BOS server needs to be started which will oversee other AFS server processes. To do that issue the following command:
+ service openafs-server start
+
+To check that the server is running issue the next command:
+ bos listhosts afs01
+
+The output should include 'bos: running ...' which tells you that the command was correct and started running the bos server.
+
+2. Next the bos server needs a cell name that matches the cell name where the keys were stored. The next command names the bos cell:
+ bos setcellname afs01 yoyodyne.com -localauth
+
+*Remember to include the -localauth command.
+
+3. Check that the cell name is correct after doing the previous step. To do that, enter the next command:
+ bos listhosts afsdb1
+
+Notice that the host is afs01.classroom.sinenomine.net. That needs to be changed because the original BOS server setup was on afsdb1.classroom.sinenomine.net.
+
+a. First add the afsdb1 as a host by using this command:
+ bos addhost afs01.classroom.sinenomine.net afsdb1.classroom.sinenomine.net -localauth
+
+Check that afsdb1 was added to the list correctly:
+ bos listhosts afs01
+
+b. Next remove the afs01 as a host by using this command:
+ bos removehost afs01.classroom.sinenomine.net afs01.classroom.sinenomine.net -localauth
+
+Again, check that afs01 was removed from the list correctly:
+ bos listhosts afs01
+
+4. Now the DAFS need to be created on the BOS server. To do that, use this really long command for the DAFS server:
+ bos create afs01 dafs dafs /usr/afs/bin/dafileserver /usr/afs/bin/davolserver /usr/afs/bin/salvageserver /usr/afs/bin/dasalvager -localauth
+
+5. Now check all four of the logs. The largest log file will be "FileLog" so save the best for last. The command to check each file is:
+ cat /usr/afs/logs/<filename>
+
+*The file names are: FileLog, BosLog, SalsrvLog, and VolserLog.
+
+6. The next step is to create the root volumes. There are two important volumes. First is the root.afs volume which is the very first volume to create. This command will create the volume:
+ vos create afs01 a root.afs -localauth
+
+Next the root cell volume needs to be created. This will match the cell that was created in previous steps. The command for this is:
+ vos create afs01 a root.cell -localauth
+
+== Creating the workstation ==
+
+1. First, check that rpms is installed:
+ rpm -qa | grep afs
+
+2. Check that afs is not already running on the machine:
+
+ service openafs-client status
+
+3. We can double check by verifying afs is not mounted, the kernel module is
+not loaded, and n there are no userspace AFS processes running:
+
+ mount | grep /afs
+ ...
+ lsmod | grep afs
+ ...
+ ps -ef | grep afs | grep -v grep
+
+
+5. Now change directory:
+ cd /usr/vice/
+
+See that there are two folders. "Cache" stores the afs cache files. "Etc" stores the configuration files.
+
+Enter into the "Etc" directory:
+ cd etc
+
+See all of the files that this directory has. The client can have lots of entries for other sites, unlike the
+server. They are called foreign sites.
+
+6. Now secure copy CellServDB.local and ThisCell into the workstation files:
+
+
+ scp afsdb1:/usr/afs/etc/CellServDB /usr/vice/etc/CellServDB.local
+ scp afsdb1:/usr/afs/etc/ThisCell /usr/vice/etc/ThisCell
+
+Look at the new files.
+ cat /usr/vice/etc/ThisCell
+ cat /usr/vice/etc/CellServDB
+ cat /usr/vice/etc/cacheinfo
+
+7. Let us setup the foreign cells which will be accessible to the client:
+
+ mv /usr/vice/etc/CellServDB.dist /usr/vice/etc/CellServDB.saved
+ scp afsdb1:/root/CellServDB.dist /usr/vice/etc/CellServDB.dist
+
+8. Check the AFS client startup options:
+
+ cat /etc/sysconfig/openafs
+
+This should show "-dynroot -fakestat -afsdb" for the client start up options.
+
+9. Now is the time to start the client:
+
+ service openafs-client start
+
+Check that the client is now running using steps 2 and 3 above, and try:
+
+ ls /afs
+
+This should show the list of cells accessible.
+
+== Creating the admin user ==
+
+Now we create the first user account and grant admin privileges to that
+account. The account will be used for Kerberos as well as AFS administration.
+Later, we will create regular user accounts
+
+We will need to go back to the database server to create the '''first'''
+account.
+
+1. First add a new principal to Kerberos called 'admin'. First login as
+'''root''' on to the Kerberos server: <code>ssh root@afsdb1</code>.
+
+2. Run use the kadmin.local command to create the kerberos principal.
+
+ kadmin.local
+ ank admin
+ Enter password for principal "admin@YOYODYNE.COM": **********
+ Re-enter password for principal "admin@YOYODYNE.COM": **********
+ exit
+
+3. The next step is to create a user on the PT server, where usernames and ids
+are stored in AFS. Use this command to create the user:
+
+ pts createuser admin -localauth
+
+4. Now add the new user to a group:
+
+ pts adduser admin system:administrators -localauth
+
+Check that the user was successfully added to the group:
+
+ pts membership admin -localauth
+
+5. Next add the name to the super user list on the servers. To do that use this
+command for both afs01 and afsdb1:
+
+ bos adduser afs01 admin -localauth
+ bos adduser afsdb1 admin -localauth
+
+6. Check that admin was added to the super user list through this command for
+both afs01 and afsdb1:
+
+ bos listusers afs01 -localauth
+ bos listusers afsdb1 -localauth
+
+== Check ==
+
+At this point, you should be able to acquire an admin token and create files and directories
+in the afs filesystem of your basic cell. Use a regular user from here on out. You should
+no longer use the Linux '''root''' account or sudo for the rest of this tutorial.
+
+1. Log into the workstation as a regular user, <code>ssh <user>@workstation1</code>.
+
+2. Acquire the AFS administrator token:
+
+ kinit admin
+ aklog
+ tokens
+
+The tokens command should show AFS User 1, which is the id of the admin in our tutorial
+cell.
+
+3. Verify we can access the afs name space. we should be able to create files under
+our cell directory.
+
+ ls /afs/yoyodyne.com
+ touch /afs/yoyodyne.com/testfile
+ rm /afs/yoyodyne.com/testfile
+
+= Namespace setup =
+
+Before users can use our site, we need to setup the root volume for the AFS
+namespace (root.afs), the root volume for our cell (root.cell), and any top
+level volumes for our new site (e.g. users, projects, etc).
+
+Log in as a normal user (not root) on the workstation and then acquire an token
+for the AFS administrator.
+
+ kinit admin
+ aklog
+ tokens
+
+The <code>tokens</code> output should show the AFS id of 1, which is the
+Administrator's id in this tutorial.
+
+== Setting up root.afs ==
+
+The <code>root.afs</code> volume should contain the mount points of the cells
+to be accessed. This is needed for clients which are running without the
+'''dynroot''' mode enabled. The client we are using in this tutorial is
+running in '''dynroot''' mode. See [[OpenAFS root setup without dynroot]] for
+the setup steps when the client is not running in '''dynroot''' mode.
+
+Mount the <code>root.afs</code> volume with a temporary mount point.
+
+ fs mkmount -dir /afs/yoyodyne.com/temp -vol root.afs
+
+Mount the local cell.
+
+ fs mkmount -dir /afs/yoyodyne.com/temp/yoyodyne.com -vol root.cell -cell yoyodyne.com
+
+Mount each of the foreign cells we would like to access:
+
+ fs mkmount -dir /afs/yoyodyne.com/temp/acme.com -vol root.cell -cell acme.com
+
+Grant read access to the AFS root directory to anonymous users.
+
+ fs setacl /afs/yoyodyne.com/temp system:anyuser read
+
+Finally, remove the temporary mount point.
+
+ fs rmmount -dir /afs/yoyodyne.com/temp
+
+Test on a system that does not have <code>-dynroot</code>.
+
+== Setting up root.cell ==
+
+The <code>root.cell</code> holds the top level directory for our cell. Typically,
+this will have mount points to the top level volumes for our cell.
+
+Grant read access to the cell root directory to anonymous users.
+
+ fs setacl /afs/yoyodyne.com/ system:anyuser read
+
+== Setting up our cell top level volumes ==
+
+Create a projects volume to use later, make a mount point in our root.cell to the
+new volume, and give the anonymous users read rights to the root directory of
+the new volume.
+
+ vos create afs01 a projects
+ fs mkmount /afs/yoyodyne.com/projects projects
+ fs setacl /afs/yoyodyne.com/projects system:anyuser read
+
+Do the same for a top level volume for our users.
+
+ vos create afs01 a user
+ fs mkmount /afs/yoyodyne.com/user user
+ fs setacl /afs/yoyodyne.com/user system:anyuser read
+
+= Creating regular users =
+
+Now we can create regular users for our site. We give each user a dedicated
+volume to share files.
+
+Every user requires a Kerberos principal and an AFS user name/number. We use
+the <code>kadmin</code> command to create the kerberos principal, and the AFS
+<code>pts</code> command to create the AFS user name/number pair.
+
+You should be logged on to the workstation as a regular user (not root). The
+commands will contact the database servers over the network.
+
+1. Be sure you have an '''admin''' token.
+
+ kinit admin
+ aklog
+ tokens
+
+2. Create the Kerberos principal for the new user:
+
+ kadmin -p admin
+ ank <newuser>
+ Enter password: *******
+ Re-enter password: ******
+ exit
+
+3. Create the AFS user name/number:
+
+ pts createuser <newuser>
+
+4 Create a volume for the new user, mount it under the top level user
+directory, and give the user write permisssions in their new volume.
+
+ vos create afs01 a user.<newuser>
+ fs mkmount /afs/yoyodyne.com/user/<newuser> user.<newuser>
+ fs sa /afs/yoyodyne.com/user/<newuser> <newuser> write
+
+5. Check by getting a token for the user.
+
+ unlog
+ kdestroy
+
+ kinit <newuser>
+ aklog
+ tokens
+
+ fs listacl /afs/yoyodyne.com/user/<newuser>
+ touch /afs/yoyodyne.com/user/<newuser>/testfile
+ rm /afs/yoyodyne.com/user/<newuser>/testfile
+
+ unlog
+ kdestroy
+
+Sine Nomine Associates Nov 2017
--- /dev/null
+In this section we will create a shared project work space and give multiple
+users read and write access to it.
+
+1. As admin, create the users (kerberos and pts): follow the steps from [[OpenAFS Tutorial Setup]] under the Creating regular users section.
+
+2. As admin, create a new prefix-less group and add members to it. First check the existing groups. Then create the group and add members.
+ kinit admin
+ aklog
+ pts listentries -g
+ pts creategroup -name <new group>
+ pts adduser <user> <new group>
+ pts membership <new group>
+
+3. As admin, create a shared "project" volume. Mount the volume, and grant the group access rights.
+ vos create afs01 a project.<new group> -m 0
+ fs mkmount /afs/yoyodyne.com/<new group> project.<new group>
+ fs sa /afs/yoyodyne.com/<new group>/ <new group> write
+ touch /afs/yoyodyne.com/<new group>/<file>
+ echo "Cleveland Rocks" > /afs/yoyodyne.com/<new group>/<file>
+ cat /afs/yoyodyne.com/<new group>/<file>
+
+Sine Nomine Associates Nov 2017
--- /dev/null
+= About volumes =
+
+AFS uses a service to lookup IP addresses of file servers using the volume name or the volume number. The volume location database is in charge of looking up the file server IP addresses. The command 'vos listvldb' acts like the 'dig' or 'nslookup' command in DNS.
+
+
+Mount points are actually link files that point to the original location of a file.
+
+
+If the cache manager starts with read only data it sticks with read only data. If the cache manager starts with read write data it sticks with read write data.
+
+= How does the client find volumes? =
+
+Show how the client finds volumes by walking each path component
+using fs examine, fs lsmount, and vos listvldb.
+
+Example: To show the volumes and locations of those volumes to reach
+<code>/afs/acme.com/user/lily</code>
+
+Beginning with showing volume id of root.cell
+
+ $ fs examine /afs/acme.com
+ File /afs/acme.com (536870915.1.1) contained in volume 536870915
+ Volume status for vid = 536870915 named root.cell
+ Current disk quota is 5000
+ Current blocks used are 4
+ The partition has 945244 blocks available out of 946892
+
+Finding the location of root.cell: Use the $ vos listvldb -name <name-or-number> command
+
+ $ vos listvldb -name root.cell
+ root.cell
+ RWrite: 536870915
+ number of sites -> 1
+ server afs02.classroom.sinenomine.net partition /vicepa RW Site
+
+Next go down the path to /afs/acme.com/user to find the volume name/number
+using the fs examine /afs/acme.com/user command
+
+ $fs examine /afs/acme.com/user
+ File /afs/acme.com/user (536870921.1.1) contained in volume 536870921
+ Volume status for vid = 536870921 named user
+ Current disk quota is 5000
+ Current blocks used are 4
+ The partition has 945244 blocks available out of 946892
+
+To find the location of the volume for /afs/acme.com/user (name = user and
+536870921 is the volume number) use vos listvldb -name <name-or-number> command
+
+ $ vos listvldb -name user
+ user
+ RWrite: 536870921
+ number of sites -> 1
+ server afs02.classroom.sinenomine.net partition /vicepa RW Site
+
+For the last path for this example use the fs examine /afs/acme.com/user/lily
+command to find the volume name/number
+
+ $ fs examine /afs/acme.com/user/lily
+ File /afs/acme.com/user/lily (536870927.1.1) contained in volume 536870927
+ Volume status for vid = 536870927 named user.lily
+ Current disk quota is 5000
+ Current blocks used are 2
+ The partition has 945244 blocks available out of 946892
+
+To find the location of user.lily volume use the following command:
+
+ $ vos listvldb -name user.lily
+ user.lily
+ RWrite: 536870927
+ number of sites -> 1
+ server afs02.classroom.sinenomine.net partition /vicepa RW Site
+
+
+Summary:
+
+ /afs ---> root.afs generated by -dynroot
+ /acme.com ---> root.cell on afs02 /vicepa
+ /user ---> user on afs02 /vicepa
+ /lily ---> user.lily on afs02 /vicepa
+
+
+Use the following command to show the mount points under /afs/acme.com/user/
+
+ $ fs lsmount /afs/acme.com/user/*
+ '/afs/acme.com/user/goose' is a mount point for volume '#user.goose'
+ '/afs/acme.com/user/lily' is a mount point for volume '#user.lily'
+
+
+
+
+All files have a three part number called an FID, pronounced like 'kid', that the cache manager uses to find the location.
+
+== Reading Data ==
+
+Assume that the client knows the number for a file called "myfile". The number is 536870930.2.2. The client knows that "myfile" is located on the volume numbered 536870930 which is the first part of the FID. The volume is located at network address 10.0.10.21. That network address is really afs01, but the file is actually under /vicepa.
+
+The client will send a "FetchData" request with the FID, 536870930.2.2, to the file server running on 10.0.10.21. The file server will take in that request, read it at /vicepa, and then return the data in the file.
+
+== Writing Data ==
+
+Writing data is similar to the reading data process except the data flows the other way and the "FetchData" command becomes "StoreData".
+
+== Cache Manager knows FID ==
+
+1. The cache manager looks in the CellServDB to find the address(s) of the Volume Location Database server(s), VLDB.
+
+2. The cache manager requests the IP addresses for the volume numbered 536870930.
+
+3. The VLDB returns the location: 10.0.10.21
+
+4. The cache manager requests the data from server 10.0.10.21
+
+5. The file server process reads the file in /vicepa and sends the data to the cache manager.
+
+6. The cache manager has the data and stores it in a local file. It then hands the data over to the operating system.
+
+== Cache Manager learns FID using the Directory Number ==
+
+In this case the cache manager has the FID for the directory where the file is stored, 536870930.1.1.
+
+1. Cache manager checks CellServDB for the address(es) of the VLDB.
+
+2. Cache manager sends a request to the VLDB for the IP address for volume 536870930.
+
+3. VLDB says its on 10.0.10.21
+
+4. Cache manager requests the data from 10.0.10.21
+
+5. The file server process on 10.0.10.21 reads the file in /vicepa and returns the data to the cache manager. The data says that it contains my file at .2.2.
+
+6. Cache manager now has the data and saves it to a local file in the cache.
+
+= About volume quotas =
+
+Default volume quotas are tiny, 5MB. Use the fs command to change the
+quota (requires admin access rights).
+
+== Viewing quotas ==
+
+Use <code>fs listquota /afs/<cellname>/<path></code> to view volume quotas.
+
+Example:
+
+ fs listquota /afs/acme.com/user/lily
+ Volume Name Quota Used %Used Partition
+ user.lily 20000 6146 31% 1%
+
+== Setting quotas ==
+
+Use <code>fs setquota /afs/<cellname>/<path> -m <nmber kb block></code> to set volume quotas.
+
+Example:
+
+ fs setquota /afs/<cellname>/<path> -m 20000
+
+Go back and check that the setquota worked by using the fs listquota above.
+
+= How to make new volumes =
+
+Use vos create and fs mkmount to create new volumes. Use
+the vos create -m option to set the initial quota.
+
+First get a token.
+
+Below is an example that sets the quota to 0 which will disable the quota:
+ vos create afs01 a project.mayhem -m 0
+ fs mkmount /afs/yoyodyne.com/mayhem project.mayhem
+
+Then set the access rights:
+ fs sa /afs/yoyodyne.com/mayhem/ mayhem write
+
+= How to remove volumes =
+
+fs rmmount to remove mount points.
+
+vos remove to delete the volume data. (With caution!)
+
+1. First remove the mount points:
+
+ fs lsmount /afs/yoyodyne.com/mayhem
+ fs rmmount /afs/yoyodyne.com/mayhem
+ ls /afs/yoyodyne.com/
+
+2. Now delete the data:
+ vos remove -id project.mayhem
+ vos listvol afs01
+
+= How to move volumes =
+
+Use vos move to move the volume to anther fileserver or partition.
+
+1. Check the volumes on each partition on the fileserver. Then move a volume from partition a to partition b::
+
+ vos listvol afs01
+ vos move -id user -fromserver afs01 -frompartition a -toserver afs01 -topartition b
+ vos listvol afs01
+
+2. The backup was removed, so create a new one:
+
+ vos backup project
+ vos listvol afs01
+
+= How to dump volumes =
+
+Use vos backup to make a snapshot, and then vos dump to dump an "archive" of
+the volume.
+
+'''Note''': the file name for this lab is 'project.mayhem'
+
+
+1. Log in as admin and collect a token. Next create a backup volume:
+ kinit admin && aklog && tokens
+ vos backup -id project.mayhem
+ vos listvldb -name project.mayhem
+
+
+2. Then dump the whole volume:
+ vos dump -id project.mayhem -file /tmp/project.mayhem.dump
+
+ file /tmp/project.mayhem.dump
+
+3. Now restore the the volume:
+ vos restore -server afs01 -partition b -name project.mayhem.2 -file /tmp/project.mayhem.dump
+ vos listvldb -name project.mayhem.2
+ fs mkmount /afs/yoyodyne.com/mayhem2 project.mayhem.2
+
+4. Remove the old dump and create a new one:
+ rm /tmp/project.mayhem.dump
+ vos dump -id project.mayhem.backup -file /tmp/project.mayhem.dump
+ file /tmp/project.mayhem.dump
+
+Sine Nomine Associates Nov 2017
git://git.openafs.org / openafs-wiki.git / commitdiff