[OpenAFS] new infrastructure-afs home and backup questions

Klaas Hagemann kerberos@northsailor.de
Wed, 11 May 2005 14:24:04 +0200 

Hi Lars,

i just set up an enviroment with 11.000 Clients and user-homes in afs,=20
where i made some experiences:

I would recommend to leave the user-home on the local file system and to=20
link all the very important directories into it after login. We suffered=20
under performance-problems, because some applications do save temporary=20
files under users home-directory. With this symlink-solution, you can=20
decide for every application where to store its files and keep=20
afs-volumes smaller.

Another point is, that many login-managers (like kdm or gdm) require=20
access to the users-home directory, for which no ticket is available at=20
this point.

For the location of  the home-directories i implementet rules where this=20
directories are mountet, eg:
/afs/cell.name/usr/<first letter of login-name>/login-name
If you have lots of users, you can devide them into more subdirectories.=20
Then you can find this directories script-based and symlink them under=20
/home/

For backup, 2 solutions can  be combined:
1. user backup-volumes and mount them seperately for the user. So every=20
user can access his backup under a subdirectory.
A  backup-volume is a logical snapshot of a volume, which needs only=20
very little space on the file-system. You can mount this volume with fs=20
mkmount <volumename>.backup anywehre in afs-space.
A backup-volumes does not cover hardware-failures...

2. I did the backup with vos dump and saved the dump-files on a=20
third-party backup-system. Here you have many possibilities to restore=20
older configurations. Read-Only Clones are not useful, because the=20
client will access read-only clones by default and so the home-directory=20
will not work.

Have fun,
Klaas


Lars Schimmer schrieb:

>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Hi!
>
>I'm in to setup a complete new infrastructure with new PCs, new users,etc.=
pp.
>
>Now I've got two questions.
>1.
>I want to setup OpenAFS and krb5 for filesystem and authentication.
>Is it wise to use linux-user-homes on AFS? And how to let all the PCs know,
>where to find the homes?
>E.g. 40 users and 20 workstations. Every user should be able to login to e=
very
>workstation and get his home. I thought about NIS, krb5 and OpenAFS. Any t=
ips
>for me?
>And is it possible to setup Windows-documents&Settings (windows home) to A=
FS?
>I want to setup a domain with a win2003 server and clients. Under NT I can=
 setup
>the windows-homes to a samba drive. If I can do that with win2003 server, =
I can
>set windows & linux home in ONE home-volume.
>Any hints, tips, donots?
>
>2. Backup - neverending story...
>Til yet we use RO copies of the volumes to do a 1-day-go-back-backup.
>Therefore I will setup the new cell with 160 or 250 GB HDs and partitions =
in
>that size, i don't want to backup THIS big partitions to streamer or else.
>It is a pain in the ass if only a 2 MB file is missing and I have to get t=
hat
>250 gig backup back and so on...
>Is there a more nicely way to do it?
>I thought about a big fileserver in a different location with RO copies of=
 all
>volumes I setup, but thats only 1 step back, and I want to get 3 days up t=
o 1
>week...
>I haven't tested the backup volume yet, neither understood it, if I find t=
ime, I
>have to read on...
>
>
>Cya
>Lars Schimmer
>- --
>- -----------------------------------------------------------------
>Technische Universit=E4t Braunschweig, Institut f=FCr Computergraphik
>Tel.: +49 531 391-2109            E-Mail: schimmer@cg.cs.tu-bs.de
>PGP-Key-ID: 0xB87A0E03
>
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.5 (GNU/Linux)
>Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
>
>iD8DBQFCgeb4VguzrLh6DgMRAsUqAKDSJlD4UlcJNIdnTdUvtRNXyIn5SACgrBJ1
>JNQEpuYT+A9GcjJ4hblmWZo=3D
>=3DtdLA
>-----END PGP SIGNATURE-----
>=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=
=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F
>OpenAFS-info mailing list
>OpenAFS-info@openafs.org
>https://lists.openafs.org/mailman/listinfo/openafs-info
>
>
> =20
>