[OpenAFS] OpenAFS speed - some benchmarks

[Russ Allbery]

Paul Blackburn <mpb@est.ibm.com> writes:

>  It sounds like you are prepared to accept that that, say, the Chemistry
>  faculty may budget and pay for their own hardware, support, and
>  administrators for their NFSv4 server

I don't have a lot of choice in accepting that.  That's reality; it
happens.  I don't get to tell them not to do that; I don't have (or want)
that sort of university administrative power.  :)

>  (to heck with the other departments :-)

Other departments get their own file servers.  :)  Other departments may
want CIFS, or Novell, or who knows what.  Universities tend to be rather
decentralized in that way.

>  AND you are prepared for them to establish such a service in a
>  not-secure way because you don't care if their NFSv4 server is
>  compromised.

>  Hey, it's the chemistry faculty's problem!

There's secure and there's secure.  Security is not a binary issue.

There's "secure enough that I'm not really worried about people breaking
into the server" and there's "secure enough that I'm willing to trust that
server with a copy of the AFS master key for our entire cell."  I think it
should be pretty obvious that those are different standards of secure.  I
would prefer not to have to hold all file servers to the latter standard.
Right now, I believe that NFSv4 gives me that and AFS doesn't.

AFS gives me a lot of other stuff that I like, not to mention that we have
a huge investment in AFS already.  But that's one NFSv4 feature that looks
rather appealing.

>  I have to point out that a "favorite game" of the folks who are trying
>  to compromise your systems is to "own" whatever machines they can in
>  order for these to be used for whatever whim they have.

Yes, I do know how computer security works.  :)

>  So you see, it is a good idea to care what the faculties are doing when
>  they "throw up their own NFSv4 server".

There is a difference between caring and sucking into the central
infrastructure and administering ourselves.  I'm not sure if this is easy
to understand if you've not worked in a decentralized environment, but
believe me, the gap between those two things is rather large.

>   It is probably an even better idea to pool your resources and skills
>   to securing servers for your whole site.

I'm sure that makes perfect sense for a corporation, and it may even make
practical sense for a university, but it frequently doesn't make political
sense for a university.  The departments already have their own IT staff.
I don't get to make the central IT organization hire them all and make the
departments close down their own IT.  :)

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>