[OpenAFS-devel] Selecting a configuration file format for OpenAFS Services

Jeffrey Altman jaltman@secure-endpoints.com
Sat, 16 May 2009 00:33:07 -0400


This is a cryptographically signed message in MIME format.

--------------ms030806090108090307030707
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

I am intentionally cross-posting this e-mail in order to obtain feedback
from the OpenAFS user and developer communities.

OpenAFS does not have a configuration file for use by administrators to
configure the various services.  As a result, each time a new
configuration option is created it has been implemented either as a
compile time option or a run time option controlled by a command-line
switch.  The gatekeepers are opposed to the addition of new compile time
options because it puts packagers in the position of determining what
features administrators and end users are able to deploy without
building from source.  However, additional command-line parameters have
their own complexity issues.  For example, the current fileserver
command line has approximate forty options; many of which are no longer
optional for reasonable deployment configurations.

*fileserver* [*-auditlog* </path to log file/>] [*-d* </debug level/>]
[*-p* </number of processes/>] [*-spare* </number of spare blocks/>]
[*-pctspare* </percentage spare/>] [*-b* </buffers/>]
[*-l* </large vnodes/>] [*-s* </small vnodes/>]
[*-vc* </volume cachesize/>] [*-w* </call back wait interval/>]
[*-cb* </number of call backs/>] [*-banner*] [*-novbc*]
[*-implicit* </admin mode bits: rlidwka/>] [*-readonly*]
[*-hr* </number of hours between refreshing the host cps/>]
[*-busyat* </redirect clients when queue > n/>] [*-nobusy*]
[*-rxpck* </number of rx extra packets/>] [*-rxdbg*] [*-rxdbge*]
[*-rxmaxmtu* </bytes/>] [*-nojumbo* [*-jumbo* [*-rxbind*
[*-allow-dotted-principals*] [*-L*] [*-S*] [*-k* </stack size/>]
[*-realm* </Kerberos realm name/>]
[*-udpsize* </size of socket buffer in bytes/>]
[*-sendsize* </size of send buffer in bytes/>]
[*-abortthreshold* </abort threshold/>] [*-enable_peer_stats*]
[*-enable_process_stats*] [*-syslog* [</ loglevel />]] [*-mrafslogs*]
[*-saneacls*] [*-help*] [*-fs-state-dont-save*]
[*-fs-state-dont-restore*]
[*-fs-state-verify*] (none | save | restore | both)]
[*-vhashsize* </log(2) of number of volume hash buckets/>]
[*-vlrudisable*]
[*-vlruthresh* </minutes before eligibility for soft detach/>]
[*-vlruinterval* </seconds between VLRU scans/>]
[*-vlrumax* </max volumes to soft detach in one VLRU scan/>]
[*-vattachpar* </number of volume attach threads/>]
[*-m* </min percentage spare in partition/>] [*-lock*]

There are several proposals on the table for additional features that
require new configuration capabilities.  I believe that it is time that
OpenAFS adopt a configuration file format and library.

One proposal on the table is to adopt the Kerberos Profile Library.  The
benefits are that the file format is human modifiable; is familiar to
just about all OpenAFS administrators since everyone has converted to
Kerberos v5 :-); is machine readable and writable; and there are library
implementations that are license compatible with OpenAFS.  One unique
feature of the Kerberos Profile library is the ability to merge multiple
files into a single profile.

A second proposal is to use the Windows INI file format.  There are
similar benefits to that of the Kerberos Profile Library.  The primary
difference between the Windows INI file format and the Kerberos Profile
format is that the Kerberos Profile format supports a multiple level
hierarchy of configuration whereas the Windows INI file format is just a
single level.   There are open source implementations of parsers that
are available under the MIT license.

The door is certainly open to other proposals.  Whatever is selected I
would like there to be library support not only for reading the
configuration files but for writing them as well.  Currently,
configuration of OpenAFS Services can be done remotely via the bos
command.  I would like to ensure the possibility that we can add support
for remotely manipulating the contents of the configuration files in the
future.

Please comment.

Jeffrey Altman


--------------ms030806090108090307030707
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJeTCC
AxcwggKAoAMCAQICEDsE+kRcmomW1hYG6BoqhGEwDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UE
BhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMT
I1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA4MDUzMDE5MTUyOVoX
DTA5MDUzMDE5MTUyOVowczEPMA0GA1UEBBMGQWx0bWFuMRUwEwYDVQQqEwxKZWZmcmV5IEVy
aWMxHDAaBgNVBAMTE0plZmZyZXkgRXJpYyBBbHRtYW4xKzApBgkqhkiG9w0BCQEWHGphbHRt
YW5Ac2VjdXJlLWVuZHBvaW50cy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCtf5bVJdYFtHIrV2XALpA5oaMu7FPYU7RP7vJhd8Cu9Kd9ud2crX2pHK4avuPaYb4Vg9qI
zPrPadePhJ3OWwNt1ZlUlpc5URnOfpg/I9iymZBUSnCFVLuIvoncacqyUlzqdYEF8XGEoEL6
6bj8uoCSX0D7ZjZiAS8993NvgiPYpf10acMyWQ4max+P7Wg9T03Nw2F6EsmP6gWxBRsekTXe
N6QjJdvaK0846lDqeBFoCEzIUMQXj2kiXVPCPEdxPc/L1sDMYf0GLaDIg8qyThpGd0X6DwfK
3RWcMy8DV7Q5Z+jSEdPn5X0l4anOTrjr3IwE57MC3bVs0EEpUODTzftnAgMBAAGjOTA3MCcG
A1UdEQQgMB6BHGphbHRtYW5Ac2VjdXJlLWVuZHBvaW50cy5jb20wDAYDVR0TAQH/BAIwADAN
BgkqhkiG9w0BAQUFAAOBgQA9kndmeLrdQOUbhNGGms/FnfDyraH4OjA4PIIMOCbGWK0YXczs
/Fqn4XkT70SG4s8v4Zg6TaAcJrZBVcZQXyzrhlF2Zev/g69zZMHQe+2r4i/3FBVKAtFCoea1
vgwJ5TfZYlKvt4D0Z4zexu9Y0VwCIR4plWjVD76zC2CGB/2fhjCCAxcwggKAoAMCAQICEDsE
+kRcmomW1hYG6BoqhGEwDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoT
HFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25h
bCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA4MDUzMDE5MTUyOVoXDTA5MDUzMDE5MTUyOVow
czEPMA0GA1UEBBMGQWx0bWFuMRUwEwYDVQQqEwxKZWZmcmV5IEVyaWMxHDAaBgNVBAMTE0pl
ZmZyZXkgRXJpYyBBbHRtYW4xKzApBgkqhkiG9w0BCQEWHGphbHRtYW5Ac2VjdXJlLWVuZHBv
aW50cy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtf5bVJdYFtHIrV2XA
LpA5oaMu7FPYU7RP7vJhd8Cu9Kd9ud2crX2pHK4avuPaYb4Vg9qIzPrPadePhJ3OWwNt1ZlU
lpc5URnOfpg/I9iymZBUSnCFVLuIvoncacqyUlzqdYEF8XGEoEL66bj8uoCSX0D7ZjZiAS89
93NvgiPYpf10acMyWQ4max+P7Wg9T03Nw2F6EsmP6gWxBRsekTXeN6QjJdvaK0846lDqeBFo
CEzIUMQXj2kiXVPCPEdxPc/L1sDMYf0GLaDIg8qyThpGd0X6DwfK3RWcMy8DV7Q5Z+jSEdPn
5X0l4anOTrjr3IwE57MC3bVs0EEpUODTzftnAgMBAAGjOTA3MCcGA1UdEQQgMB6BHGphbHRt
YW5Ac2VjdXJlLWVuZHBvaW50cy5jb20wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOB
gQA9kndmeLrdQOUbhNGGms/FnfDyraH4OjA4PIIMOCbGWK0YXczs/Fqn4XkT70SG4s8v4Zg6
TaAcJrZBVcZQXyzrhlF2Zev/g69zZMHQe+2r4i/3FBVKAtFCoea1vgwJ5TfZYlKvt4D0Z4ze
xu9Y0VwCIR4plWjVD76zC2CGB/2fhjCCAz8wggKooAMCAQICAQ0wDQYJKoZIhvcNAQEFBQAw
gdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUg
VG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRp
b24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFp
bCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0w
MzA3MTcwMDAwMDBaFw0xMzA3MTYyMzU5NTlaMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxU
aGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwg
RnJlZW1haWwgSXNzdWluZyBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxKY8VXNV
+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDXAmNaLIkVcI7dyfAr
hVqqP3FWy688Cwfn8R+RNiQqE88r1fOCdz0Dviv+uxg+B79AgAJk16emu59l0cUqVIUPSAR/
p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1UdHwQ8
MDowOKA2oDSGMmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQZXJzb25hbEZyZWVtYWls
Q0EuY3JsMAsGA1UdDwQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxh
YmVsMi0xMzgwDQYJKoZIhvcNAQEFBQADgYEASIzRUIPqCy7MDaNmrGcPf6+svsIXoUOWlJ1/
TCG4+DYfqi2fNi/A9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH2ydxVyWN3amc
OY6MIE9lX5Xa9/eH1sYITq726jTlEBpbNU1341YheILcIRk13iSx0x1G/11fZU8xggNkMIID
YAIBATB2MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5
KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQ
OwT6RFyaiZbWFgboGiqEYTAJBgUrDgMCGgUAoIIBwzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcN
AQcBMBwGCSqGSIb3DQEJBTEPFw0wOTA1MTYwNDMzMDdaMCMGCSqGSIb3DQEJBDEWBBSwIxQx
P1h9f6l6s6Ssvu7wcljdtzBSBgkqhkiG9w0BCQ8xRTBDMAoGCCqGSIb3DQMHMA4GCCqGSIb3
DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDCBhQYJKwYB
BAGCNxAEMXgwdjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcg
KFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3Vpbmcg
Q0ECEDsE+kRcmomW1hYG6BoqhGEwgYcGCyqGSIb3DQEJEAILMXigdjBiMQswCQYDVQQGEwJa
QTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhh
d3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECEDsE+kRcmomW1hYG6BoqhGEwDQYJ
KoZIhvcNAQEBBQAEggEANivZNnJwYocbq3HqssAgcXzW4BQOKTbCY8phP+KUTFSDlh1i4f55
Eg/b0EoEqAh3k49NxLTanTE1PALmNdWiUZG1zBt3mEYFgxHuKy6AKco0Ut+7UDuaHEjpjI48
x0gOxmTnxmVyNMFnvnKXC7rJ2qdtbFxyXAivL5Y9nM5i+t7Cj4WxQD1l2MhENfJxiD77aeK+
RE7V8+bBPEq9WBZ4m/Axp3uzdVXdSC4cs5ONefIM3QYcYEnMHhj8y/NrPi20s6MJidJjINN0
DW2TsPFoky7DrBSxAIJYIpID3XGSvuZbSPVyWQhEpMiLQYW8XUEnR+ASpmlkfGHo+UoP78dZ
lAAAAAAAAA==
--------------ms030806090108090307030707--