/[gentoo]/xml/htdocs/doc/en/openafs.xml

Diff of /xml/htdocs/doc/en/openafs.xml

Parent Directory | Revision Log | View Patch Patch

Revision 1.23		Revision 1.24
1	<?xml version='1.0' encoding="UTF-8"?>	1	<?xml version='1.0' encoding="UTF-8"?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/openafs.xml,v 1.23 2005/11/09 20:58:07 fox2mike Exp $ -->	2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/openafs.xml,v 1.24 2007/06/29 08:33:12 neysx Exp $ -->
3		3
4	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">	4	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
5		5
6	<guide link="/doc/en/openafs.xml">	6	<guide link="/doc/en/openafs.xml">
7	<title>Gentoo Linux OpenAFS Guide</title>	7	<title>Gentoo Linux OpenAFS Guide</title>
8		8
		9	<author title="Editor">
		10	<mail link="stefaan@gentoo.org">Stefaan De Roeck</mail>
		11	</author>
9	<author title="Editor">	12	<author title="Editor">
10	<mail link="darks@gentoo.org">Holger Brueckner</mail>	13	<mail link="darks@gentoo.org">Holger Brueckner</mail>
11	</author>	14	</author>
12	<author title="Editor">	15	<author title="Editor">
13	<mail link="bennyc@gentoo.org">Benny Chuang</mail>	16	<mail link="bennyc@gentoo.org">Benny Chuang</mail>
…		…
17	</author>	20	</author>
18	<author title="Editor">	21	<author title="Editor">
19	<mail link="fnjordy@gmail.com">Steven McCoy</mail>	22	<mail link="fnjordy@gmail.com">Steven McCoy</mail>
20	</author>	23	</author>
21	<author title="Editor">	24	<author title="Editor">
22	<mail link="stefaan@gentoo.org">Stefaan De Roeck</mail>
23	</author>
24	<author title="Editor">
25	<mail link="fox2mike@gentoo.org">Shyam Mani</mail>	25	<mail link="fox2mike@gentoo.org">Shyam Mani</mail>
26	</author>	26	</author>
27		27
28	<abstract>	28	<abstract>
29	This guide shows you how to install an OpenAFS server and client on Gentoo	29	This guide shows you how to install an OpenAFS server and client on Gentoo
…		…
32		32
33	<!-- The content of this document is licensed under the CC-BY-SA license -->	33	<!-- The content of this document is licensed under the CC-BY-SA license -->
34	<!-- See http://creativecommons.org/licenses/by-sa/2.5 -->	34	<!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
35	<license/>	35	<license/>
36		36
37	<version>1.1</version>	37	<version>1.2</version>
38	<date>2005-11-10</date>	38	<date>2007-06-29</date>
39		39
40	<chapter>	40	<chapter>
41	<title>Overview</title>	41	<title>Overview</title>
42	<section>	42	<section>
43	<title>About this Document</title>	43	<title>About this Document</title>
44	<body>	44	<body>
45		45
46	<p>	46	<p>
47	This document provides you with all neccessary steps to install an OpenAFS	47	This document provides you with all necessary steps to install an OpenAFS
48	server on Gentoo Linux. Parts of this document are taken from the AFS FAQ and	48	server on Gentoo Linux. Parts of this document are taken from the AFS FAQ and
49	IBM's Quick Beginnings guide on AFS. Well, never reinvent the wheel. :)	49	IBM's Quick Beginnings guide on AFS. Well, never reinvent the wheel. :)
50	</p>	50	</p>
51		51
52	</body>	52	</body>
…		…
76	early AFS sites from having to rename their filesystem, AFS remained as the	76	early AFS sites from having to rename their filesystem, AFS remained as the
77	name and filesystem root.	77	name and filesystem root.
78	</p>	78	</p>
79		79
80	</body>	80	</body>
81	</section>	81	</section>
82	<section>	82	<section>
83	<title>What is an AFS cell?</title>	83	<title>What is an AFS cell?</title>
84	<body>	84	<body>
85		85
86	<p>	86	<p>
…		…
90	log into AFS client workstations which request information and files from the	90	log into AFS client workstations which request information and files from the
91	cell's servers on behalf of the users. Users won't know on which server a	91	cell's servers on behalf of the users. Users won't know on which server a
92	file which they are accessing, is located. They even won't notice if a server	92	file which they are accessing, is located. They even won't notice if a server
93	will be located to another room, since every volume can be replicated and	93	will be located to another room, since every volume can be replicated and
94	moved to another server without any user noticing. The files are always	94	moved to another server without any user noticing. The files are always
95	accessible. Well, it's like NFS on steroids :)	95	accessible. Well, it's like NFS on steroids :)
96	</p>	96	</p>
97		97
98	</body>	98	</body>
99	</section>	99	</section>
100	<section>	100	<section>
101	<title>What are the benefits of using AFS?</title>	101	<title>What are the benefits of using AFS?</title>
102	<body>	102	<body>
103		103
104	<p>	104	<p>
…		…
109	scalability (add further servers to your cell as needed),	109	scalability (add further servers to your cell as needed),
110	communications protocol.	110	communications protocol.
111	</p>	111	</p>
112		112
113	</body>	113	</body>
114	</section>	114	</section>
115	<section>	115	<section>
116	<title>Where can I get more information?</title>	116	<title>Where can I get more information?</title>
117	<body>	117	<body>
118		118
119	<p>	119	<p>
…		…
132	<uri link="http://www.transarc.ibm.com/Product/EFS/AFS/index.html">Transarc's	132	<uri link="http://www.transarc.ibm.com/Product/EFS/AFS/index.html">Transarc's
133	Webpage</uri>.	133	Webpage</uri>.
134	</p>	134	</p>
135		135
136	</body>	136	</body>
137	</section>	137	</section>
138	<section>	138	<section>
139	<title>How Can I Debug Problems?</title>	139	<title>How Can I Debug Problems?</title>
140	<body>	140	<body>
141		141
142	<p>	142	<p>
…		…
158		158
159	<p>	159	<p>
160	This section aims to help you through the process of upgrading an existing	160	This section aims to help you through the process of upgrading an existing
161	OpenAFS installation to OpenAFS version 1.4.0 or higher (or 1.2.x starting from	161	OpenAFS installation to OpenAFS version 1.4.0 or higher (or 1.2.x starting from
162	1.2.13. The latter will not be handled specifically, as most people will want	162	1.2.13. The latter will not be handled specifically, as most people will want
163	1.4 for a.o.linux-2.6 support, large file support and bug fixes).	163	1.4 for a.o. linux-2.6 support, large file support and bug fixes).
164	</p>	164	</p>
165		165
166	<p>	166	<p>
167	If you're dealing with a clean install of a 1.4 version of OpenAFS, then you can	167	If you're dealing with a clean install of a 1.4 version of OpenAFS, then you can
168	safely skip this chapter. However, if you're upgrading from a previous version,	168	safely skip this chapter. However, if you're upgrading from a previous version,
169	we strongly urge you to follow the guidelines in the next sections. The	169	we strongly urge you to follow the guidelines in the next sections. The
170	transition script in the ebuild is designed to assist you in quickly upgrading	170	transition script in the ebuild is designed to assist you in quickly upgrading
171	and restarting. Please not that it will (for safety reasons) not delete	171	and restarting. Please note that it will (for safety reasons) not delete
172	configuration files and startup scripts in old places, not automatically change	172	configuration files and startup scripts in old places, not automatically change
173	your boot configuration to use the new scripts, etc. If you need further	173	your boot configuration to use the new scripts, etc. If you need further
174	convincing, using an old OpenAFS kernel module together with the updated system	174	convincing, using an old OpenAFS kernel module together with the updated system
175	binaries, may very well cause your kernel to freak out. So, let's read on for a	175	binaries, may very well cause your kernel to freak out. So, let's read on for a
176	clean and easy transition, shall we?	176	clean and easy transition, shall we?
…		…
287	<path>/etc/init.d/openafs-server</path>.	287	<path>/etc/init.d/openafs-server</path>.
288	Consequently, the configuration file <path>/etc/conf.d/afs</path> has been split	288	Consequently, the configuration file <path>/etc/conf.d/afs</path> has been split
289	into <path>/etc/conf.d/openafs-client</path> and	289	into <path>/etc/conf.d/openafs-client</path> and
290	<path>/etc/conf.d/openafs-server</path>. Also, options in	290	<path>/etc/conf.d/openafs-server</path>. Also, options in
291	<path>/etc/conf.d/afs</path> to turn either client or server on or off have	291	<path>/etc/conf.d/afs</path> to turn either client or server on or off have
292	been obsoleted.	292	been obsoleted.
293	</p>	293	</p>
294		294
295	<p>	295	<p>
296	Another change to the init script is that it doesn't check your disk cache	296	Another change to the init script is that it doesn't check your disk cache
297	setup anymore. The old code required that a separate ext2 partition be	297	setup anymore. The old code required that a separate ext2 partition be
…		…
307	having the cache on your root partition.	307	having the cache on your root partition.
308	</li>	308	</li>
309	<li>	309	<li>
310	Some people use soft-links to point to the real disk cache location.	310	Some people use soft-links to point to the real disk cache location.
311	The init script didn't like this, because then this cache location	311	The init script didn't like this, because then this cache location
312	didn't turn up in <path>/proc/mounts</path>.	312	didn't turn up in <path>/proc/mounts</path>.
313	</li>	313	</li>
314	<li>	314	<li>
315	Many prefer ext3 over ext2 nowadays. Both filesystems are valid for	315	Many prefer ext3 over ext2 nowadays. Both filesystems are valid for
316	usage as a disk cache. Any other filesystem is unsupported	316	usage as a disk cache. Any other filesystem is unsupported
317	(like: don't try reiserfs, you'll get a huge warning, expect failure	317	(like: don't try reiserfs, you'll get a huge warning, expect failure
…		…
340	ebuilds have never been distributed by Gentoo. You might want to check the	340	ebuilds have never been distributed by Gentoo. You might want to check the
341	<c>CONFIG_PROTECT_MASK</c> variable in the output of the following command:	341	<c>CONFIG_PROTECT_MASK</c> variable in the output of the following command:
342	</p>	342	</p>
343		343
344	<pre caption="Checking your CONFIG_PROTECT_MASK">	344	<pre caption="Checking your CONFIG_PROTECT_MASK">
345	# <i>emerge info \| grep "CONFIG_PROTECT_MASK</i>	345	# <i>emerge info \| grep "CONFIG_PROTECT_MASK"</i>
346	CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/texmf/web2c /etc/env.d"	346	CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/texmf/web2c /etc/env.d"
347	</pre>	347	</pre>
348		348
349	<p>	349	<p>
350	Though nothing in this ebuild would touch the files in <path>/etc/afs</path>,	350	Though nothing in this ebuild would touch the files in <path>/etc/afs</path>,
…		…
365	Now that you know what doesn't happen, you may want to know what does:	365	Now that you know what doesn't happen, you may want to know what does:
366	</p>	366	</p>
367		367
368	<ul>	368	<ul>
369	<li>	369	<li>
370	<path>/usr/afs/etc</path> is copied to<path>/etc/openafs/server</path>	370	<path>/usr/afs/etc</path> is copied to <path>/etc/openafs/server</path>
371	</li>	371	</li>
372	<li>	372	<li>
373	<path>/usr/vice/etc</path> is copied to <path>/etc/openafs</path>	373	<path>/usr/vice/etc</path> is copied to <path>/etc/openafs</path>
374	</li>	374	</li>
375	<li>	375	<li>
376	<path>/usr/afs/local</path> is copied to <path>/var/lib/openafs</path>	376	<path>/usr/afs/local</path> is copied to <path>/var/lib/openafs</path>
377	</li>	377	</li>
378	<li>	378	<li>
379	<path>/usr/afs/local/BosConfig</path> is copied to	379	<path>/usr/afs/local/BosConfig</path> is copied to
380	<path>/etc/openafs/BosConfig</path>, while replacing occurrences of	380	<path>/etc/openafs/BosConfig</path>, while replacing occurrences of
381	<path>/usr/afs/bin/</path> with <path>/usr/libexec/openafs</path>,	381	<path>/usr/afs/bin/</path> with <path>/usr/libexec/openafs</path>,
382	<path>/usr/afs/etc</path> with <path>/etc/openafs/server</path>	382	<path>/usr/afs/etc</path> with <path>/etc/openafs/server</path>
383	and <path>/usr/afs/bin</path> (without the / as previously) with	383	and <path>/usr/afs/bin</path> (without the / as previously) with
384	<path>/usr/bin</path>	384	<path>/usr/bin</path>
385	</li>	385	</li>
386	<li>	386	<li>
…		…
457	# <i>/usr/bin/bos status localhost -localauth</i>	457	# <i>/usr/bin/bos status localhost -localauth</i>
458	</pre>	458	</pre>
459		459
460	<p>	460	<p>
461	Before starting the OpenAFS client again, please take time to check your	461	Before starting the OpenAFS client again, please take time to check your
462	cache settings. They are determined by <path>/etc/openafs/cacheinfo</path>.	462	cache settings. They are determined by <path>/etc/openafs/cacheinfo</path>.
463	To restart your OpenAFS client installation, please type the following:	463	To restart your OpenAFS client installation, please type the following:
464	</p>	464	</p>
465		465
466	<pre caption="Restarting OpenAFS client after upgrade">	466	<pre caption="Restarting OpenAFS client after upgrade">
467	# <i>/etc/init.d/openafs-client start</i>	467	# <i>/etc/init.d/openafs-client start</i>
…		…
531	<p>	531	<p>
532	Now most people would have their systems configured to automatically start	532	Now most people would have their systems configured to automatically start
533	the OpenAFS client and server on startup. Those who don't can safely skip	533	the OpenAFS client and server on startup. Those who don't can safely skip
534	this section. If you had your system configured to start them automatically,	534	this section. If you had your system configured to start them automatically,
535	you will need to re-enable this, because the names of the init scripts have	535	you will need to re-enable this, because the names of the init scripts have
536	changed.	536	changed.
537	</p>	537	</p>
538		538
539	<pre caption="Re-enabling OpenAFS startup at boot time">	539	<pre caption="Re-enabling OpenAFS startup at boot time">
540	# <i>rc-update del afs default</i>	540	# <i>rc-update del afs default</i>
541	# <i>rc-update add openafs-client default</i>	541	# <i>rc-update add openafs-client default</i>
…		…
553	<section>	553	<section>
554	<title>Troubleshooting: what if the automatic upgrade fails</title>	554	<title>Troubleshooting: what if the automatic upgrade fails</title>
555	<body>	555	<body>
556		556
557	<p>	557	<p>
558	Don't panic. You shouldn't have lost any data or configuration files. So	558	Don't panic. You shouldn't have lost any data or configuration files. So let's
559	let's analyze the situation. Please file a bug at	559	analyze the situation. Please file a bug at <uri
560	<uri link="http://bugs.gentoo.org">bugs.gentoo.org</uri> in any case,	560	link="http://bugs.gentoo.org">bugs.gentoo.org</uri> in any case, preferably
561	preferably with as much information as possible.	561	with as much information as possible.
562	</p>	562	</p>
563		563
564	<p>	564	<p>
565	If you're having problems starting the client, this should help you diagnosing	565	If you're having problems starting the client, this should help you diagnosing
566	the problem:	566	the problem:
…		…
570	<li>	570	<li>
571	Run <c>dmesg</c>. The client normally sends error messages there.	571	Run <c>dmesg</c>. The client normally sends error messages there.
572	</li>	572	</li>
573	<li>	573	<li>
574	Check <path>/etc/openafs/cacheinfo</path>. It should be of the form:	574	Check <path>/etc/openafs/cacheinfo</path>. It should be of the form:
575	/afs:{path to disk cache}:{number of blocks for disk cache}.	575	/afs:{path to disk cache}:{number of blocks for disk cache}.
576	Normally, your disk cache will be located at	576	Normally, your disk cache will be located at
577	<path>/var/cache/openafs</path>.	577	<path>/var/cache/openafs</path>.
578	</li>	578	</li>
579	<li>	579	<li>
580	Check the output of <c>lsmod</c>. You will want to see a line beginning	580	Check the output of <c>lsmod</c>. You will want to see a line beginning
…		…
636	of writing, this documentation was a work in progress. It may however document	636	of writing, this documentation was a work in progress. It may however document
637	newer features in OpenAFS that aren't described in the original IBM AFS	637	newer features in OpenAFS that aren't described in the original IBM AFS
638	Documentation.	638	Documentation.
639	</p>	639	</p>
640		640
641	</body>	641	</body>
642	</section>	642	</section>
643	</chapter>	643	</chapter>
644		644
645	<chapter>	645	<chapter>
646	<title>Client Installation</title>	646	<title>Client Installation</title>
647	<section>	647	<section>
648	<title>Building the Client</title>	648	<title>Building the Client</title>
649	<body>	649	<body>
650
651	<note>
652	All commands should be written in one line!! In this document they are
653	sometimes wrapped to two lines to make them easier to read.
654	</note>
655		650
656	<pre caption="Installing openafs">	651	<pre caption="Installing openafs">
657	# <i>emerge net-fs/openafs</i>	652	# <i>emerge net-fs/openafs</i>
658	</pre>	653	</pre>
659		654
…		…
700	CellServDB:	695	CellServDB:
701	>netlabs #Cell name	696	>netlabs #Cell name
702	10.0.0.1 #storage	697	10.0.0.1 #storage
703		698
704	ThisCell:	699	ThisCell:
705	netlabs	700	netlabs
706	</pre>	701	</pre>
707		702
708	<warn>	703	<warn>
709	Only use spaces inside the <path>CellServDB</path> file. The client will most	704	Only use spaces inside the <path>CellServDB</path> file. The client will most
710	likely fail if you use TABs.	705	likely fail if you use TABs.
711	</warn>	706	</warn>
712		707
713	<p>	708	<p>
714	For a quick start, you can now start <path>/etc/init.d/openafs/client</path> and
715	use <c>klog</c> to authenticate yourself and start using your access to the
716	cell. For automatic logons to you cell, you want to consult the appropriate
717	section below.
718	</p>
719
720	</body>
721	</section>
722	<section>
723	<title>Adjusting the cache</title>
724	<body>
725
726	<note>
727	Unfortunately the AFS Client needs a ext2/3 filesystem for its cache to run
728	correctly, because there are some issues with reiserfs.
729	</note>
730
731	<p>
732	You can house your cache on an existing filesystem (if it's ext2/3), but some
733	may want to create a separate partition for that. The default location of the
734	cache is <path>/var/cache/openafs</path>, but you can change that by editing
735	<path>/etc/openafs/cacheinfo</path>. A standard size for your cache is
736	200MB, but more won't hurt.
737	</p>
738
739	</body>
740	</section>
741	<section>
742	<title>Adjusting the cell access configuration</title>
743	<body>
744
745	<p>
746	In case you want to do more than just read-only browsing of globally available
747	AFS cells, you need to adjust the two files CellServDB and ThisCell. These
748	are located in <path>/etc/openafs</path>.
749	</p>
750
751	<pre caption="Adjusting CellServDB and ThisCell">
752	CellServDB:
753	>netlabs #Cell name
754	10.0.0.1 #storage
755
756	ThisCell:
757	netlabs
758	</pre>
759
760	<warn>
761	Only use spaces inside the <path>CellServDB</path> file. The client will most
762	likely fail if you use TABs.
763	</warn>
764
765	<p>
766	CellServDB tells your client which server(s) it needs to contact for a	709	CellServDB tells your client which server(s) it needs to contact for a
767	specific cell. ThisCell should be quite obvious. Normally you use a name	710	specific cell. ThisCell should be quite obvious. Normally you use a name
768	which is unique for your organisation. Your (official) domain might be a	711	which is unique for your organisation. Your (official) domain might be a
769	good choice.	712	good choice.
		713	</p>
		714
		715	<p>
		716	For a quick start, you can now start <path>/etc/init.d/openafs-client</path> and
		717	use <c>klog</c> to authenticate yourself and start using your access to the
		718	cell. For automatic logons to you cell, you want to consult the appropriate
		719	section below.
		720	</p>
		721
		722	</body>
		723	</section>
		724	<section>
		725	<title>Adjusting the cache</title>
		726	<body>
		727
		728	<note>
		729	Unfortunately the AFS Client needs a ext2/3 filesystem for its cache to run
		730	correctly. There are some issues when using other filesystems (using e.g.
		731	reiserfs is not a good idea).
		732	</note>
		733
		734	<p>
		735	You can house your cache on an existing filesystem (if it's ext2/3), or you
		736	may want to have a separate partition for that. The default location of the
		737	cache is <path>/var/cache/openafs</path>, but you can change that by editing
		738	<path>/etc/openafs/cacheinfo</path>. A standard size for your cache is
		739	200MB, but more won't hurt.
770	</p>	740	</p>
771		741
772	</body>	742	</body>
773	</section>	743	</section>
774	<section>	744	<section>
…		…
784	You should always have a running afs server in your domain when trying to	754	You should always have a running afs server in your domain when trying to
785	start the afs client. You're system won't boot until it gets some timeout	755	start the afs client. You're system won't boot until it gets some timeout
786	if your AFS server is down. (And this is quite a long long time)	756	if your AFS server is down. (And this is quite a long long time)
787	</warn>	757	</warn>
788		758
789	<pre caption="Adding AFS server to the default runlevel">	759	<pre caption="Adding AFS client to the default runlevel">
790	# <i>rc-update add openafs-server default</i>	760	# <i>rc-update add openafs-client default</i>
791	</pre>	761	</pre>
792		762
793	</body>	763	</body>
794	</section>	764	</section>
795	</chapter>	765	</chapter>
…		…
798	<title>Server Installation</title>	768	<title>Server Installation</title>
799	<section>	769	<section>
800	<title>Building the Server</title>	770	<title>Building the Server</title>
801	<body>	771	<body>
802		772
		773	<note>
		774	All commands should be written in one line!! In this document they are
		775	sometimes wrapped to two lines to make them easier to read.
		776	</note>
		777
803	<p>	778	<p>
804	The following command will install all necessary binaries for setting up an AFS	779	If you haven't already done so, the following command will install all
805	Server <e>and</e> Client.	780	necessary binaries for setting up an AFS Server <e>and</e> Client.
806	</p>	781	</p>
807		782
808	<pre caption="Installing openafs">	783	<pre caption="Installing openafs">
809	# <i>emerge net-fs/openafs</i>	784	# <i>emerge net-fs/openafs</i>
810	</pre>	785	</pre>
811		786
812	</body>	787	</body>
813	</section>	788	</section>
814	<section>	789	<section>
815	<title>Starting AFS Server</title>	790	<title>Starting AFS Server</title>
816	<body>	791	<body>
817		792
818	<p>
819	You need to remove the sample CellServDB and ThisCell file first.
820	</p>	793	<p>
821
822	<pre caption="Remove sample files">
823	# <i>rm /usr/vice/etc/ThisCell</i>
824	# <i>rm /usr/vice/etc/CellServDB</i>
825	</pre>
826
827	<p>
828	Next you will run the <c>bosserver</c> command to initialize the Basic OverSeer	794	You need to run the <c>bosserver</c> command to initialize the Basic OverSeer
829	(BOS) Server, which monitors and controls other AFS server processes on its	795	(BOS) Server, which monitors and controls other AFS server processes on its
830	server machine. Think of it as init for the system. Include the <c>-noauth</c>	796	server machine. Think of it as init for the system. Include the <c>-noauth</c>
831	flag to disable authorization checking, since you haven't added the admin user	797	flag to disable authorization checking, since you haven't added the admin user
832	yet.	798	yet.
833	</p>	799	</p>
…		…
842	<pre caption="Initialize the Basic OverSeer Server">	808	<pre caption="Initialize the Basic OverSeer Server">
843	# <i>bosserver -noauth &</i>	809	# <i>bosserver -noauth &</i>
844	</pre>	810	</pre>
845		811
846	<p>	812	<p>
847	Verify that the BOS Server created <path>/usr/vice/etc/CellServDB</path>	813	Verify that the BOS Server created <path>/etc/openafs/server/CellServDB</path>
848	and <path>/usr/vice/etc/ThisCell</path>	814	and <path>/etc/openafs/server/ThisCell</path>
849	</p>	815	</p>
850		816
851	<pre caption="Check if CellServDB and ThisCell are created">	817	<pre caption="Check if CellServDB and ThisCell are created">
852	# <i>ls -al /usr/vice/etc/</i>	818	# <i>ls -al /etc/openafs/server/</i>
853	-rw-r--r-- 1 root root 41 Jun 4 22:21 CellServDB	819	-rw-r--r-- 1 root root 41 Jun 4 22:21 CellServDB
854	-rw-r--r-- 1 root root 7 Jun 4 22:21 ThisCell	820	-rw-r--r-- 1 root root 7 Jun 4 22:21 ThisCell
855	</pre>	821	</pre>
856		822
857	</body>	823	</body>
858	</section>	824	</section>
859	<section>	825	<section>
860	<title>Defining Cell Name and Membership for Server Process</title>	826	<title>Defining Cell Name and Membership for Server Process</title>
861	<body>	827	<body>
862		828
…		…
892	<section>	858	<section>
893	<title>Starting the Database Server Process</title>	859	<title>Starting the Database Server Process</title>
894	<body>	860	<body>
895		861
896	<p>	862	<p>
897	Next use the <c>bos create</c> command to create entries for the four database	863	Next use the <c>bos create</c> command to create entries for the four database
898	server processes in the <path>/etc/openafs/BosConfig</path> file. The four	864	server processes in the <path>/etc/openafs/BosConfig</path> file. The four
899	processes run on database server machines only.	865	processes run on database server machines only.
900	</p>	866	</p>
901		867
902	<table>	868	<table>
903	<tr>	869	<tr>
…		…
921	<ti>	887	<ti>
922	The Volume Location Server maintains the Volume Location Database (VLDB).	888	The Volume Location Server maintains the Volume Location Database (VLDB).
923	Very important :)	889	Very important :)
924	</ti>	890	</ti>
925	</tr>	891	</tr>
926	</table>	892	</table>
927		893
928	<pre caption="Create entries for the database processes">	894	<pre caption="Create entries for the database processes">
929	# <i>bos create <server name> kaserver simple /usr/libexec/openafs/kaserver -cell <cell name> -noauth</i>	895	# <i>bos create <server name> kaserver \
930	# <i>bos create <server name> buserver simple /usr/libexec/openafs/buserver -cell <cell name> -noauth</i>	896	simple /usr/libexec/openafs/kaserver \
931	# <i>bos create <server name> ptserver simple /usr/libexec/openafs/ptserver -cell <cell name> -noauth</i>	897	-cell <cell name> -noauth</i>
932	# <i>bos create <server name> vlserver simple /usr/libexec/openafs/vlserver -cell <cell name> -noauth</i>	898	# <i>bos create <server name> buserver \
		899	simple /usr/libexec/openafs/buserver \
		900	-cell <cell name> -noauth</i>
		901	# <i>bos create <server name> ptserver \
		902	simple /usr/libexec/openafs/ptserver \
		903	-cell <cell name> -noauth</i>
		904	# <i>bos create <server name> \
		905	vlserver simple /usr/libexec/openafs/vlserver \
		906	-cell <cell name> -noauth</i>
933	</pre>	907	</pre>
934		908
935	<p>	909	<p>
936	You can verify that all servers are running with the <c>bos status</c> command:	910	You can verify that all servers are running with the <c>bos status</c> command:
937	</p>	911	</p>
…		…
993	permit password reuse	967	permit password reuse
994	ka>	968	ka>
995	</pre>	969	</pre>
996		970
997	<p>	971	<p>
998	Run the <c>bos adduser</c> command, to add the <b>admin</b> user to	972	Run the <c>bos adduser</c> command, to add the <b>admin</b> user to
999	the <path>/etc/openafs/server/UserList</path>.	973	the <path>/etc/openafs/server/UserList</path>.
1000	</p>	974	</p>
1001		975
1002	<pre caption="Add the admin user to the UserList">	976	<pre caption="Add the admin user to the UserList">
1003	# <i>bos adduser <server name> admin -cell <cell name> -noauth</i>	977	# <i>bos adduser <server name> admin -cell <cell name> -noauth</i>
1004	</pre>	978	</pre>
1005		979
1006	<p>	980	<p>
1007	Issue the <c>bos addkey</c> command to define the AFS Server	981	Issue the <c>bos addkey</c> command to define the AFS Server
1008	encryption key in <path>/etc/openafs/server/KeyFile</path>	982	encryption key in <path>/etc/openafs/server/KeyFile</path>
1009	</p>	983	</p>
1010		984
1011	<note>	985	<note>
1012	If asked for the input key, give the password you entered when creating	986	If asked for the input key, give the password you entered when creating
…		…
1047	# <i>pts membership admin -cell <cell name> -noauth</i>	1021	# <i>pts membership admin -cell <cell name> -noauth</i>
1048	Groups admin (id: 1) is a member of:	1022	Groups admin (id: 1) is a member of:
1049	system:administrators	1023	system:administrators
1050	</pre>	1024	</pre>
1051		1025
		1026	</body>
		1027	</section>
		1028	<section>
		1029	<title>Properly (re-)starting the AFS server</title>
		1030	<body>
		1031
		1032	<p>
		1033	At this moment, proper authentication is possible, and the OpenAFS server can
		1034	be started in a normal fashion. Note that authentication also requires a
		1035	running OpenAFS client (set it up is described in the previous chapter).
		1036	<!-- Left out because deemed confusing>
		1037	Continuing without this step is possible, but in that case a quick restart of
		1038	the server is required, as demonstrated at the end of this section.
		1039	<-->
1052	<p>	1040	</p>
1053	Restart all AFS Server processes	1041
		1042	<pre caption="Shutdown bosserver">
		1043	# <i>bos shutdown <server name> -wait -noauth</i>
		1044	# <i>killall bosserver</i>
		1045	</pre>
		1046
		1047	<pre caption="Normal OpenAFS server (and client) startup">
		1048	# <i>/etc/init.d/openafs-server start</i>
		1049	# <i>/etc/init.d/openafs-client start</i>
		1050	</pre>
		1051
		1052	<pre caption="Adding AFS server to the default runlevel">
		1053	# <i>rc-update add openafs-server default</i>
		1054	</pre>
		1055
		1056	<pre caption="Getting a token as the admin user">
		1057	# <i>klog admin</i>
		1058	</pre>
		1059
		1060	<!-- Left out because deemed confusing>
		1061	<p>
		1062	If you chose not to restart OpenAFS without the -noauth flag, you can simply
		1063	perform the following procedure instead:
1054	</p>	1064	</p>
1055		1065
1056	<pre caption="Restart all AFS server processes">	1066	<pre caption="Restart all AFS server processes">
1057	# <i>bos restart <server name> -all -cell <cell name> -noauth</i>	1067	# <i>bos restart <server name> -all -cell <cell name> -noauth</i>
1058	</pre>	1068	</pre>
		1069	<-->
1059		1070
1060	</body>	1071	</body>
1061	</section>	1072	</section>
1062	<section>	1073	<section>
1063	<title>Starting the File Server, Volume Server and Salvager</title>	1074	<title>Starting the File Server, Volume Server and Salvager</title>
1064	<body>	1075	<body>
1065		1076
1066	<p>	1077	<p>
1067	Start the <c>fs</c> process, which consists of the	1078	Start the <c>fs</c> process, which consists of the File Server, Volume Server
1068	File Server,	1079	and Salvager (fileserver, volserver and salvager processes).
1069	Volume Server and Salvager (fileserver,
1070	volserver and salvager processes).
1071	</p>	1080	</p>
1072		1081
1073	<pre caption="Start the fs process">	1082	<pre caption="Start the fs process">
1074	# <i>bos create <server name> fs fs /usr/libexec/openafs/fileserver /usr/libexec/openafs/volserver /usr/libexec/openafs/salvager -cell <cell name> -noauth</i>	1083	# <i>bos create <server name> fs \
		1084	fs /usr/libexec/openafs/fileserver /usr/libexec/openafs/volserver /usr/libexec/openafs/salvager \
		1085	-cell <cell name> -noauth</i>
1075	</pre>	1086	</pre>
1076		1087
1077	<p>	1088	<p>
1078	Verify that all processes are running	1089	Verify that all processes are running:
1079	</p>	1090	</p>
1080		1091
1081	<pre caption="Check if all processes are running">	1092	<pre caption="Check if all processes are running">
1082	# <i>bos status <server name> -long -noauth</i>	1093	# <i>bos status <server name> -long -noauth</i>
1083	Instance kaserver, (type is simple) currently running normally.	1094	Instance kaserver, (type is simple) currently running normally.
…		…
1112	Your next action depends on whether you have ever run AFS file server machines	1123	Your next action depends on whether you have ever run AFS file server machines
1113	in the cell.	1124	in the cell.
1114	</p>	1125	</p>
1115		1126
1116	<p>	1127	<p>
1117	If you are installing the first AFS Server ever in the cell create the	1128	If you are installing the first AFS Server ever in the cell, create the first
1118	first AFS volume, <b>root.afs</b>	1129	AFS volume, <b>root.afs</b>
1119	</p>	1130	</p>
1120		1131
1121	<note>	1132	<note>
1122	For the partition name argument, substitute the name of one of the machine's	1133	For the partition name argument, substitute the name of one of the machine's
1123	AFS Server partitions. By convention	1134	AFS Server partitions. Any filesystem mounted under a directory called
1124	these partitions are named <path>/vicepx</path>, where x is in the range of a-z.	1135	<path>/vicepx</path>, where x is in the range of a-z, will be considered and
		1136	used as an AFS Server partition. Any unix filesystem will do (as opposed to the
		1137	client's cache, which can only be ext2/3). Tip: the server checks for each
		1138	<path>/vicepx</path> mount point whether a filesystem is mounted there. If not,
		1139	the server will not attempt to use it. This behaviour can be overridden by
		1140	putting a file named <path>AlwaysAttach</path> in this directory.
1125	</note>	1141	</note>
1126		1142
1127	<pre caption="Create the root.afs volume">	1143	<pre caption="Create the root.afs volume">
1128	# <i>vos create <server name> <partition name> root.afs -cell <cell name> -noauth</i>	1144	# <i>vos create <server name> <partition name> root.afs -cell <cell name> -noauth</i>
1129	</pre>	1145	</pre>
…		…
1143	name> -noauth</c>.	1159	name> -noauth</c>.
1144	</p>	1160	</p>
1145		1161
1146	<pre caption="Synchronise the VLDB">	1162	<pre caption="Synchronise the VLDB">
1147	# <i>vos syncvldb <server name> -cell <cell name> -verbose -noauth</i>	1163	# <i>vos syncvldb <server name> -cell <cell name> -verbose -noauth</i>
1148	# <i>vos syncserv <server name> -cell <cell name> -verbose -noauth</i>	1164	# <i>vos syncserv <server name> -cell <cell name> -verbose -noauth</i>
1149	</pre>	1165	</pre>
1150		1166
1151	</body>	1167	</body>
1152	</section>	1168	</section>
1153	<section>	1169	<section>
1154	<title>Starting the Server Portion of the Update Server</title>	1170	<title>Starting the Server Portion of the Update Server</title>
1155	<body>	1171	<body>
1156		1172
1157	<pre caption="Start the update server">	1173	<pre caption="Start the update server">
1158	# <i>bos create <server name>	1174	# <i>bos create <server name> \
1159	upserver simple "/usr/libexec/openafs/upserver	1175	upserver simple "/usr/libexec/openafs/upserver \
1160	-crypt /etc/openafs/server -clear /usr/libexec/openafs"	1176	-crypt /etc/openafs/server -clear /usr/libexec/openafs" \
1161	-cell <cell name> -noauth</i>	1177	-cell <cell name> -noauth</i>
1162	</pre>	1178	</pre>
1163		1179
1164	</body>	1180	</body>
1165	</section>	1181	</section>
…		…
1169		1185
1170	<p>	1186	<p>
1171	First you need to set some ACLs, so that any user can lookup	1187	First you need to set some ACLs, so that any user can lookup
1172	<path>/afs</path>.	1188	<path>/afs</path>.
1173	</p>	1189	</p>
		1190
		1191	<note>
		1192	The default OpenAFS client configuration has <b>dynroot</b> enabled.
		1193	This option turns <path>/afs</path> into a virtual directory composed of the
		1194	contents of your <path>/etc/openafs/CellServDB</path> file. As such, the
		1195	following command will not work, because it requires a real AFS directory.
		1196	You can temporarily switch dynroot off by setting <b>ENABLE_DYNROOT</b> to
		1197	<b>no</b> in <path>/etc/conf.d/openafs-client</path>. Don't forget to issue
		1198	a client after changing parameters.
		1199	</note>
1174		1200
1175	<pre caption="Set access control lists">	1201	<pre caption="Set access control lists">
1176	# <i>fs setacl /afs system:anyuser rl</i>	1202	# <i>fs setacl /afs system:anyuser rl</i>
1177	</pre>	1203	</pre>
1178		1204
…		…
1181	<path>/afs/<cell name></path> and read/write on <path>/afs/.<cell	1207	<path>/afs/<cell name></path> and read/write on <path>/afs/.<cell
1182	name></path>.	1208	name></path>.
1183	</p>	1209	</p>
1184		1210
1185	<pre caption="Prepare the root volume">	1211	<pre caption="Prepare the root volume">
1186	# <i>vos create <server name><partition name> root.cell</i>	1212	# <i>vos create <server name> <partition name> root.cell</i>
1187	# <i>fs mkmount /afs/<cell name> root.cell </i>	1213	# <i>fs mkmount /afs/<cell name> root.cell</i>
1188	# <i>fs setacl /afs/<cell name> system:anyuser rl</i>	1214	# <i>fs setacl /afs/<cell name> system:anyuser rl</i>
1189	# <i>fs mkmount /afs/.<cell name> root.cell -rw</i>	1215	# <i>fs mkmount /afs/.<cell name> root.cell -rw</i>
		1216	</pre>
		1217
		1218	<pre caption="Adding volumes underneath">
		1219	# <i>vos create <server name> <partition name> <myvolume></i>
		1220	# <i>fs mkmount /afs/<cell name>/<mymountpoint> <myvolume></i>
		1221	# <i>fs mkmount /afs/<cell name>/.<mymountpoint> <myvolume> -rw</i>
		1222	# <i>fs setquota /afs/<cell name>/.<mymountpoint> -max <quotum></i>
1190	</pre>	1223	</pre>
1191		1224
1192	<p>	1225	<p>
1193	Finally you're done!!! You should now have a working AFS file server	1226	Finally you're done!!! You should now have a working AFS file server
1194	on your local network. Time to get a big	1227	on your local network. Time to get a big

 Legend:



Removed from v.1.23
 


changed lines


 
Added in v.1.24
 Legend:



Removed from v.1.23
 


changed lines


 
Added in v.1.24
-Removed from v.1.23
+Added in v.1.24

	ViewVC Help
Powered by ViewVC 1.1.13