[openafs.git] / doc / man-pages / pod8 / vlserver.pod

=head1 NAME

vlserver - Initializes the Volume Location Server

=head1 SYNOPSIS

=for html
<div class="synopsis">

vlserver [B<-noauth>] [B<-smallmem>]
    S<<< [B<-p> <I<number of threads>>] >>> [B<-nojumbo>]
    [B<-jumbo>] [B<-rxbind>]
    S<<< [B<-d> <I<debug level>>] >>>
    S<<< [B<-rxmaxmtu> <I<bytes>>] >>>
    S<<< [B<-trace> <I<trace file>>] >>>
    [B<-allow-dotted-principals>]
    S<<< [B<-database> | B<-db> <I<database path>>] >>>
    S<<< [B<-logfile> <I<log file>>] >>>
    [B<-transarc-logs>]
    S<<< [B<-config> <I<configuration path>>] >>>
    S<<< [B<-syslog>[=<I<facility>>]>] >>>
    [B<-enable_peer_stats>] [B<-enable_process_stats>]
    S<<< [B<-auditlog> <I<log path>>] >>>
    S<<< [B<-audit-interface> (file | sysvmq)] >>>
    S<<< [B<-restricted_query> (anyuser | admin)] >>>
    S<< [B<-s2scrypt> (rxgk-crypt | never)] >>
    [B<-help>]

=for html
</div>

=head1 DESCRIPTION

The B<vlserver> command initializes the Volume Location (VL) Server, which
runs on every database server machine. In the conventional configuration,
its binary file is located in the F</usr/afs/bin> directory on a file
server machine.

The B<vlserver> command is not normally issued at the command shell prompt
but rather placed into a file server machine's F</usr/afs/local/BosConfig>
file with the B<bos create> command. If it is ever issued at the command
shell prompt, the issuer must be logged onto a database server machine as
the local superuser C<root>.

As it initializes, the VL Server process creates the two files that
constitute the Volume Location Database (VLDB), F<vldb.DB0> and
F<vldb.DBSYS1>, in the F</usr/afs/db> directory if they do not already
exist. Use the commands in the B<vos> suite to administer the database.

The VL Server maintains the record of volume locations in the Volume
Location Database (VLDB). When the Cache Manager fills a file request from
an application program, it first contacts the VL Server to learn which
file server machine currently houses the volume that contains the file.
The Cache Manager then requests the file from the File Server process
running on that file server machine.

The VL Server records a trace of its activity in the
F</usr/afs/logs/VLLog> file. Use the B<bos getlog> command to display the
contents of the file. By default, it records on a minimal number of
messages. For instructions on increasing the amount of logging, see
L<VLLog(5)>.

By default, the VL Server runs nine lightweight processes (LWPs). To
change the number, use the B<-p> argument.

This command does not use the syntax conventions of the AFS command
suites. Provide the command name and all option names in full.

=head1 OPTIONS

=over 4

=item B<-d> <I<debug level>>

Sets the detail level for the debugging trace written to the
F</usr/afs/logs/VLLog> file. Provide one of the following values, each
of which produces an increasingly detailed trace: C<0>, C<1>, C<5>, C<25>,
and C<125>. 

=item B<-p> <I<number of threads>>

Sets the number of server lightweight processes (LWPs or pthreads) to run.
Provide an integer between C<3> and C<64>. The default is C<9>.

=item B<-jumbo>

Allows the server to send and receive jumbograms. A jumbogram is
a large-size packet composed of 2 to 4 normal Rx data packets that share
the same header. The VL Server does not use jumbograms by default, as some
routers are not capable of properly breaking the jumbogram into smaller
packets and reassembling them.

=item B<-nojumbo>

Deprecated; Jumbograms are disabled by default. 

=item B<-enable_peer_stats>

Activates the collection of Rx statistics and allocates memory for their
storage. For each connection with a specific UDP port on another machine,
a separate record is kept for each type of RPC (FetchFile, GetStatus, and
so on) sent or received. To display or otherwise access the records, use
the Rx Monitoring API.

=item B<-enable_process_stats>

Activates the collection of Rx statistics and allocates memory for their
storage. A separate record is kept for each type of RPC (FetchFile,
GetStatus, and so on) sent or received, aggregated over all connections to
other machines. To display or otherwise access the records, use the Rx
Monitoring API.

=item B<-allow-dotted-principals>

By default, the RXKAD security layer will disallow access by Kerberos
principals with a dot in the first component of their name. This is to avoid
the confusion where principals user/admin and user.admin are both mapped to the
user.admin PTS entry. Sites whose Kerberos realms don't have these collisions 
between principal names may disable this check by starting the server
with this option.

=item B<-auditlog> <I<log path>>

Turns on audit logging, and sets the path for the audit log.  The audit
log records information about RPC calls, including the name of the RPC
call, the host that submitted the call, the authenticated entity (user)
that issued the call, the parameters for the call, and if the call
succeeded or failed.

=item B<-audit-interface> (file | sysvmq)

Specifies what audit interface to use. Defaults to C<file>. See
L<fileserver(8)> for an explanation of each interface.

=item B<-rxbind>

Bind the Rx socket to the primary interface only.  (If not specified, the
Rx socket will listen on all interfaces.)

=item B<-syslog>[=<I<syslog facility>>]

Specifies that logging output should go to syslog instead of the normal log
file. B<-syslog>=I<FACILITY> can be used to specify to which facility the log
message should be sent. Logging message sent to syslog are tagged with the
string "vlserver".

=item B<-noauth>

Turns off all authorization checks, and allows all connecting users to act as
administrators, even unauthenticated users. The use of this option is
inherently insecure, and should only be used in controlled environments for
experimental or debug purposes. See L<NoAuth(5)>.

=item B<-smallmem>

Specifies that the vlserver should limit its memory usage during certain
operations, and return an error to the calling client instead of allocating
more memory. This option is only useful on systems where memory is severely
limited, and should not be needed on any remotely modern system.

=item B<-rxmaxmtu> <I<bytes>>

Sets the maximum transmission unit for the RX protocol.

=item B<-trace> <I<trace file>>

Turns on low-level Rx packet tracing, and logs the trace information to the
specified file. The trace file can be later dumped into a human-readable form
with a tool called B<dumptrace>.

It is not recommended to turn on this option during normal operation, since the
detailed tracing may cause performance issues and use up a lot of disk space.

=item B<-logfile> <I<log file>>

Sets the file to use for server logging. If logfile is not specified, and
no other logging options are supplied, this will be F</usr/afs/logs/VLLog>.
Note that this option is intended for debugging and testing purposes.
Changing the location of the log file from the command line may result
in undesirable interactions with tools such as B<bos>.

=item B<-transarc-logs>

Use Transarc style logging features. Rename the log file
F</usr/afs/logs/VLLog> to F</usr/afs/logs/VLLog.old> when the VL Server is
restarted.  This option is provided for compatibility with older versions.

=item B<-database> | B<-db> <I<database path>>

Set the location of the database used by this program. This option is
intended primarily for testing purposes.

=item B<-config> <I<configuration directory>>

Set the location of the configuration directory used to configure this
service. In a typical configuration this will be F</usr/afs/etc> - this
option allows the use of alternative configuration locations for testing
purposes.

=item B<-restricted_query> (anyuser | admin)

Restrict RPCs that query information about volumes to a specific group
of users. Only the RPCs that are not used by cache managers will be
restricted, since cache manager connections to the Volume Server are
always unauthenticated. You can use C<admin> to restrict to AFS
administrators.  The C<anyuser> option doesn't restrict the RPCs and
leaves it open for all users including unauthenticated users, this is
the default.

=item B<-s2scrypt> (rxgk-crypt | never)

Specify C<rxgk-crypt> to use rxgk connections with per-packet encryption for
server-to-server (s2s) communication. Specify C<never> to use rxkad connections
instead, without per-packet encryption ("rxkad_clear").

The default is currently C<never>.

=item B<-help>

Prints the online help for this command. All other valid options are
ignored.

=back

=head1 EXAMPLES

The following B<bos create> command creates a vlserver process on the
machine C<fs2.example.com> that uses six lightweight processes. Type the
command on a single line:

   % bos create -server fs2.example.com -instance vlserver -type simple \
                -cmd "/usr/afs/bin/vlserver -p 6"

=head1 PRIVILEGE REQUIRED

The issuer must be logged in as the superuser C<root> on a file server
machine to issue the command at a command shell prompt. It is conventional
instead to create and start the process by issuing the B<bos create>
command.

=head1 SEE ALSO

L<BosConfig(5)>,
L<VLLog(5)>,
L<vldb.DB0(5)>,
L<bos_create(8)>,
L<bos_getlog(8)>

=head1 COPYRIGHT

IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

This documentation is covered by the IBM Public License Version 1.0.  It was
converted from HTML to POD by software written by Chas Williams and Russ
Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.