/[gentoo]/xml/htdocs/doc/en/openafs.xml
Gentoo

Diff of /xml/htdocs/doc/en/openafs.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.23 Revision 1.24
1<?xml version='1.0' encoding="UTF-8"?> 1<?xml version='1.0' encoding="UTF-8"?>
2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/openafs.xml,v 1.23 2005/11/09 20:58:07 fox2mike Exp $ --> 2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/openafs.xml,v 1.24 2007/06/29 08:33:12 neysx Exp $ -->
3 3
4<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> 4<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
5 5
6<guide link="/doc/en/openafs.xml"> 6<guide link="/doc/en/openafs.xml">
7<title>Gentoo Linux OpenAFS Guide</title> 7<title>Gentoo Linux OpenAFS Guide</title>
8 8
9<author title="Editor">
10 <mail link="stefaan@gentoo.org">Stefaan De Roeck</mail>
11</author>
9<author title="Editor"> 12<author title="Editor">
10 <mail link="darks@gentoo.org">Holger Brueckner</mail> 13 <mail link="darks@gentoo.org">Holger Brueckner</mail>
11</author> 14</author>
12<author title="Editor"> 15<author title="Editor">
13 <mail link="bennyc@gentoo.org">Benny Chuang</mail> 16 <mail link="bennyc@gentoo.org">Benny Chuang</mail>
17</author> 20</author>
18<author title="Editor"> 21<author title="Editor">
19 <mail link="fnjordy@gmail.com">Steven McCoy</mail> 22 <mail link="fnjordy@gmail.com">Steven McCoy</mail>
20</author> 23</author>
21<author title="Editor"> 24<author title="Editor">
22 <mail link="stefaan@gentoo.org">Stefaan De Roeck</mail>
23</author>
24<author title="Editor">
25 <mail link="fox2mike@gentoo.org">Shyam Mani</mail> 25 <mail link="fox2mike@gentoo.org">Shyam Mani</mail>
26</author> 26</author>
27 27
28<abstract> 28<abstract>
29This guide shows you how to install an OpenAFS server and client on Gentoo 29This guide shows you how to install an OpenAFS server and client on Gentoo
32 32
33<!-- The content of this document is licensed under the CC-BY-SA license --> 33<!-- The content of this document is licensed under the CC-BY-SA license -->
34<!-- See http://creativecommons.org/licenses/by-sa/2.5 --> 34<!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
35<license/> 35<license/>
36 36
37<version>1.1</version> 37<version>1.2</version>
38<date>2005-11-10</date> 38<date>2007-06-29</date>
39 39
40<chapter> 40<chapter>
41<title>Overview</title> 41<title>Overview</title>
42<section> 42<section>
43<title>About this Document</title> 43<title>About this Document</title>
44<body> 44<body>
45 45
46<p> 46<p>
47This document provides you with all neccessary steps to install an OpenAFS 47This document provides you with all necessary steps to install an OpenAFS
48server on Gentoo Linux. Parts of this document are taken from the AFS FAQ and 48server on Gentoo Linux. Parts of this document are taken from the AFS FAQ and
49IBM's Quick Beginnings guide on AFS. Well, never reinvent the wheel. :) 49IBM's Quick Beginnings guide on AFS. Well, never reinvent the wheel. :)
50</p> 50</p>
51 51
52</body> 52</body>
76early AFS sites from having to rename their filesystem, AFS remained as the 76early AFS sites from having to rename their filesystem, AFS remained as the
77name and filesystem root. 77name and filesystem root.
78</p> 78</p>
79 79
80</body> 80</body>
81</section> 81</section>
82<section> 82<section>
83<title>What is an AFS cell?</title> 83<title>What is an AFS cell?</title>
84<body> 84<body>
85 85
86<p> 86<p>
90log into AFS client workstations which request information and files from the 90log into AFS client workstations which request information and files from the
91cell's servers on behalf of the users. Users won't know on which server a 91cell's servers on behalf of the users. Users won't know on which server a
92file which they are accessing, is located. They even won't notice if a server 92file which they are accessing, is located. They even won't notice if a server
93will be located to another room, since every volume can be replicated and 93will be located to another room, since every volume can be replicated and
94moved to another server without any user noticing. The files are always 94moved to another server without any user noticing. The files are always
95accessible. Well, it's like NFS on steroids :) 95accessible. Well, it's like NFS on steroids :)
96</p> 96</p>
97 97
98</body> 98</body>
99</section> 99</section>
100<section> 100<section>
101<title>What are the benefits of using AFS?</title> 101<title>What are the benefits of using AFS?</title>
102<body> 102<body>
103 103
104<p> 104<p>
109scalability (add further servers to your cell as needed), 109scalability (add further servers to your cell as needed),
110communications protocol. 110communications protocol.
111</p> 111</p>
112 112
113</body> 113</body>
114</section> 114</section>
115<section> 115<section>
116<title>Where can I get more information?</title> 116<title>Where can I get more information?</title>
117<body> 117<body>
118 118
119<p> 119<p>
132<uri link="http://www.transarc.ibm.com/Product/EFS/AFS/index.html">Transarc's 132<uri link="http://www.transarc.ibm.com/Product/EFS/AFS/index.html">Transarc's
133Webpage</uri>. 133Webpage</uri>.
134</p> 134</p>
135 135
136</body> 136</body>
137</section> 137</section>
138<section> 138<section>
139<title>How Can I Debug Problems?</title> 139<title>How Can I Debug Problems?</title>
140<body> 140<body>
141 141
142<p> 142<p>
158 158
159<p> 159<p>
160This section aims to help you through the process of upgrading an existing 160This section aims to help you through the process of upgrading an existing
161OpenAFS installation to OpenAFS version 1.4.0 or higher (or 1.2.x starting from 161OpenAFS installation to OpenAFS version 1.4.0 or higher (or 1.2.x starting from
1621.2.13. The latter will not be handled specifically, as most people will want 1621.2.13. The latter will not be handled specifically, as most people will want
1631.4 for a.o.linux-2.6 support, large file support and bug fixes). 1631.4 for a.o. linux-2.6 support, large file support and bug fixes).
164</p> 164</p>
165 165
166<p> 166<p>
167If you're dealing with a clean install of a 1.4 version of OpenAFS, then you can 167If you're dealing with a clean install of a 1.4 version of OpenAFS, then you can
168safely skip this chapter. However, if you're upgrading from a previous version, 168safely skip this chapter. However, if you're upgrading from a previous version,
169we strongly urge you to follow the guidelines in the next sections. The 169we strongly urge you to follow the guidelines in the next sections. The
170transition script in the ebuild is designed to assist you in quickly upgrading 170transition script in the ebuild is designed to assist you in quickly upgrading
171and restarting. Please not that it will (for safety reasons) not delete 171and restarting. Please note that it will (for safety reasons) not delete
172configuration files and startup scripts in old places, not automatically change 172configuration files and startup scripts in old places, not automatically change
173your boot configuration to use the new scripts, etc. If you need further 173your boot configuration to use the new scripts, etc. If you need further
174convincing, using an old OpenAFS kernel module together with the updated system 174convincing, using an old OpenAFS kernel module together with the updated system
175binaries, may very well cause your kernel to freak out. So, let's read on for a 175binaries, may very well cause your kernel to freak out. So, let's read on for a
176clean and easy transition, shall we? 176clean and easy transition, shall we?
287<path>/etc/init.d/openafs-server</path>. 287<path>/etc/init.d/openafs-server</path>.
288Consequently, the configuration file <path>/etc/conf.d/afs</path> has been split 288Consequently, the configuration file <path>/etc/conf.d/afs</path> has been split
289into <path>/etc/conf.d/openafs-client</path> and 289into <path>/etc/conf.d/openafs-client</path> and
290<path>/etc/conf.d/openafs-server</path>. Also, options in 290<path>/etc/conf.d/openafs-server</path>. Also, options in
291<path>/etc/conf.d/afs</path> to turn either client or server on or off have 291<path>/etc/conf.d/afs</path> to turn either client or server on or off have
292been obsoleted. 292been obsoleted.
293</p> 293</p>
294 294
295<p> 295<p>
296Another change to the init script is that it doesn't check your disk cache 296Another change to the init script is that it doesn't check your disk cache
297setup anymore. The old code required that a separate ext2 partition be 297setup anymore. The old code required that a separate ext2 partition be
307 having the cache on your root partition. 307 having the cache on your root partition.
308 </li> 308 </li>
309 <li> 309 <li>
310 Some people use soft-links to point to the real disk cache location. 310 Some people use soft-links to point to the real disk cache location.
311 The init script didn't like this, because then this cache location 311 The init script didn't like this, because then this cache location
312 didn't turn up in <path>/proc/mounts</path>. 312 didn't turn up in <path>/proc/mounts</path>.
313 </li> 313 </li>
314 <li> 314 <li>
315 Many prefer ext3 over ext2 nowadays. Both filesystems are valid for 315 Many prefer ext3 over ext2 nowadays. Both filesystems are valid for
316 usage as a disk cache. Any other filesystem is unsupported 316 usage as a disk cache. Any other filesystem is unsupported
317 (like: don't try reiserfs, you'll get a huge warning, expect failure 317 (like: don't try reiserfs, you'll get a huge warning, expect failure
340ebuilds have never been distributed by Gentoo. You might want to check the 340ebuilds have never been distributed by Gentoo. You might want to check the
341<c>CONFIG_PROTECT_MASK</c> variable in the output of the following command: 341<c>CONFIG_PROTECT_MASK</c> variable in the output of the following command:
342</p> 342</p>
343 343
344<pre caption="Checking your CONFIG_PROTECT_MASK"> 344<pre caption="Checking your CONFIG_PROTECT_MASK">
345# <i>emerge info | grep "CONFIG_PROTECT_MASK</i> 345# <i>emerge info | grep "CONFIG_PROTECT_MASK"</i>
346CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/texmf/web2c /etc/env.d" 346CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/texmf/web2c /etc/env.d"
347</pre> 347</pre>
348 348
349<p> 349<p>
350Though nothing in this ebuild would touch the files in <path>/etc/afs</path>, 350Though nothing in this ebuild would touch the files in <path>/etc/afs</path>,
365Now that you know what doesn't happen, you may want to know what does: 365Now that you know what doesn't happen, you may want to know what does:
366</p> 366</p>
367 367
368<ul> 368<ul>
369 <li> 369 <li>
370 <path>/usr/afs/etc</path> is copied to<path>/etc/openafs/server</path> 370 <path>/usr/afs/etc</path> is copied to <path>/etc/openafs/server</path>
371 </li> 371 </li>
372 <li> 372 <li>
373 <path>/usr/vice/etc</path> is copied to <path>/etc/openafs</path> 373 <path>/usr/vice/etc</path> is copied to <path>/etc/openafs</path>
374 </li> 374 </li>
375 <li> 375 <li>
376 <path>/usr/afs/local</path> is copied to <path>/var/lib/openafs</path> 376 <path>/usr/afs/local</path> is copied to <path>/var/lib/openafs</path>
377 </li> 377 </li>
378 <li> 378 <li>
379 <path>/usr/afs/local/BosConfig</path> is copied to 379 <path>/usr/afs/local/BosConfig</path> is copied to
380 <path>/etc/openafs/BosConfig</path>, while replacing occurrences of 380 <path>/etc/openafs/BosConfig</path>, while replacing occurrences of
381 <path>/usr/afs/bin/</path> with <path>/usr/libexec/openafs</path>, 381 <path>/usr/afs/bin/</path> with <path>/usr/libexec/openafs</path>,
382 <path>/usr/afs/etc</path> with <path>/etc/openafs/server</path> 382 <path>/usr/afs/etc</path> with <path>/etc/openafs/server</path>
383 and <path>/usr/afs/bin</path> (without the / as previously) with 383 and <path>/usr/afs/bin</path> (without the / as previously) with
384 <path>/usr/bin</path> 384 <path>/usr/bin</path>
385 </li> 385 </li>
386 <li> 386 <li>
457# <i>/usr/bin/bos status localhost -localauth</i> 457# <i>/usr/bin/bos status localhost -localauth</i>
458</pre> 458</pre>
459 459
460<p> 460<p>
461Before starting the OpenAFS client again, please take time to check your 461Before starting the OpenAFS client again, please take time to check your
462cache settings. They are determined by <path>/etc/openafs/cacheinfo</path>. 462cache settings. They are determined by <path>/etc/openafs/cacheinfo</path>.
463To restart your OpenAFS client installation, please type the following: 463To restart your OpenAFS client installation, please type the following:
464</p> 464</p>
465 465
466<pre caption="Restarting OpenAFS client after upgrade"> 466<pre caption="Restarting OpenAFS client after upgrade">
467# <i>/etc/init.d/openafs-client start</i> 467# <i>/etc/init.d/openafs-client start</i>
531<p> 531<p>
532Now most people would have their systems configured to automatically start 532Now most people would have their systems configured to automatically start
533the OpenAFS client and server on startup. Those who don't can safely skip 533the OpenAFS client and server on startup. Those who don't can safely skip
534this section. If you had your system configured to start them automatically, 534this section. If you had your system configured to start them automatically,
535you will need to re-enable this, because the names of the init scripts have 535you will need to re-enable this, because the names of the init scripts have
536changed. 536changed.
537</p> 537</p>
538 538
539<pre caption="Re-enabling OpenAFS startup at boot time"> 539<pre caption="Re-enabling OpenAFS startup at boot time">
540# <i>rc-update del afs default</i> 540# <i>rc-update del afs default</i>
541# <i>rc-update add openafs-client default</i> 541# <i>rc-update add openafs-client default</i>
553<section> 553<section>
554<title>Troubleshooting: what if the automatic upgrade fails</title> 554<title>Troubleshooting: what if the automatic upgrade fails</title>
555<body> 555<body>
556 556
557<p> 557<p>
558Don't panic. You shouldn't have lost any data or configuration files. So 558Don't panic. You shouldn't have lost any data or configuration files. So let's
559let's analyze the situation. Please file a bug at 559analyze the situation. Please file a bug at <uri
560<uri link="http://bugs.gentoo.org">bugs.gentoo.org</uri> in any case, 560link="http://bugs.gentoo.org">bugs.gentoo.org</uri> in any case, preferably
561preferably with as much information as possible. 561with as much information as possible.
562</p> 562</p>
563 563
564<p> 564<p>
565If you're having problems starting the client, this should help you diagnosing 565If you're having problems starting the client, this should help you diagnosing
566the problem: 566the problem:
570 <li> 570 <li>
571 Run <c>dmesg</c>. The client normally sends error messages there. 571 Run <c>dmesg</c>. The client normally sends error messages there.
572 </li> 572 </li>
573 <li> 573 <li>
574 Check <path>/etc/openafs/cacheinfo</path>. It should be of the form: 574 Check <path>/etc/openafs/cacheinfo</path>. It should be of the form:
575 /afs:{path to disk cache}:{number of blocks for disk cache}. 575 /afs:{path to disk cache}:{number of blocks for disk cache}.
576 Normally, your disk cache will be located at 576 Normally, your disk cache will be located at
577 <path>/var/cache/openafs</path>. 577 <path>/var/cache/openafs</path>.
578 </li> 578 </li>
579 <li> 579 <li>
580 Check the output of <c>lsmod</c>. You will want to see a line beginning 580 Check the output of <c>lsmod</c>. You will want to see a line beginning
636of writing, this documentation was a work in progress. It may however document 636of writing, this documentation was a work in progress. It may however document
637newer features in OpenAFS that aren't described in the original IBM AFS 637newer features in OpenAFS that aren't described in the original IBM AFS
638Documentation. 638Documentation.
639</p> 639</p>
640 640
641</body> 641</body>
642</section> 642</section>
643</chapter> 643</chapter>
644 644
645<chapter> 645<chapter>
646<title>Client Installation</title> 646<title>Client Installation</title>
647<section> 647<section>
648<title>Building the Client</title> 648<title>Building the Client</title>
649<body> 649<body>
650
651<note>
652All commands should be written in one line!! In this document they are
653sometimes wrapped to two lines to make them easier to read.
654</note>
655 650
656<pre caption="Installing openafs"> 651<pre caption="Installing openafs">
657# <i>emerge net-fs/openafs</i> 652# <i>emerge net-fs/openafs</i>
658</pre> 653</pre>
659 654
700CellServDB: 695CellServDB:
701>netlabs #Cell name 696>netlabs #Cell name
70210.0.0.1 #storage 69710.0.0.1 #storage
703 698
704ThisCell: 699ThisCell:
705netlabs 700netlabs
706</pre> 701</pre>
707 702
708<warn> 703<warn>
709Only use spaces inside the <path>CellServDB</path> file. The client will most 704Only use spaces inside the <path>CellServDB</path> file. The client will most
710likely fail if you use TABs. 705likely fail if you use TABs.
711</warn> 706</warn>
712 707
713<p> 708<p>
714For a quick start, you can now start <path>/etc/init.d/openafs/client</path> and
715use <c>klog</c> to authenticate yourself and start using your access to the
716cell. For automatic logons to you cell, you want to consult the appropriate
717section below.
718</p>
719
720</body>
721</section>
722<section>
723<title>Adjusting the cache</title>
724<body>
725
726<note>
727Unfortunately the AFS Client needs a ext2/3 filesystem for its cache to run
728correctly, because there are some issues with reiserfs.
729</note>
730
731<p>
732You can house your cache on an existing filesystem (if it's ext2/3), but some
733may want to create a separate partition for that. The default location of the
734cache is <path>/var/cache/openafs</path>, but you can change that by editing
735<path>/etc/openafs/cacheinfo</path>. A standard size for your cache is
736200MB, but more won't hurt.
737</p>
738
739</body>
740</section>
741<section>
742<title>Adjusting the cell access configuration</title>
743<body>
744
745<p>
746In case you want to do more than just read-only browsing of globally available
747AFS cells, you need to adjust the two files CellServDB and ThisCell. These
748are located in <path>/etc/openafs</path>.
749</p>
750
751<pre caption="Adjusting CellServDB and ThisCell">
752CellServDB:
753>netlabs #Cell name
75410.0.0.1 #storage
755
756ThisCell:
757netlabs
758</pre>
759
760<warn>
761Only use spaces inside the <path>CellServDB</path> file. The client will most
762likely fail if you use TABs.
763</warn>
764
765<p>
766CellServDB tells your client which server(s) it needs to contact for a 709CellServDB tells your client which server(s) it needs to contact for a
767specific cell. ThisCell should be quite obvious. Normally you use a name 710specific cell. ThisCell should be quite obvious. Normally you use a name
768which is unique for your organisation. Your (official) domain might be a 711which is unique for your organisation. Your (official) domain might be a
769good choice. 712good choice.
713</p>
714
715<p>
716For a quick start, you can now start <path>/etc/init.d/openafs-client</path> and
717use <c>klog</c> to authenticate yourself and start using your access to the
718cell. For automatic logons to you cell, you want to consult the appropriate
719section below.
720</p>
721
722</body>
723</section>
724<section>
725<title>Adjusting the cache</title>
726<body>
727
728<note>
729Unfortunately the AFS Client needs a ext2/3 filesystem for its cache to run
730correctly. There are some issues when using other filesystems (using e.g.
731reiserfs is not a good idea).
732</note>
733
734<p>
735You can house your cache on an existing filesystem (if it's ext2/3), or you
736may want to have a separate partition for that. The default location of the
737cache is <path>/var/cache/openafs</path>, but you can change that by editing
738<path>/etc/openafs/cacheinfo</path>. A standard size for your cache is
739200MB, but more won't hurt.
770</p> 740</p>
771 741
772</body> 742</body>
773</section> 743</section>
774<section> 744<section>
784You should always have a running afs server in your domain when trying to 754You should always have a running afs server in your domain when trying to
785start the afs client. You're system won't boot until it gets some timeout 755start the afs client. You're system won't boot until it gets some timeout
786if your AFS server is down. (And this is quite a long long time) 756if your AFS server is down. (And this is quite a long long time)
787</warn> 757</warn>
788 758
789<pre caption="Adding AFS server to the default runlevel"> 759<pre caption="Adding AFS client to the default runlevel">
790# <i>rc-update add openafs-server default</i> 760# <i>rc-update add openafs-client default</i>
791</pre> 761</pre>
792 762
793</body> 763</body>
794</section> 764</section>
795</chapter> 765</chapter>
798<title>Server Installation</title> 768<title>Server Installation</title>
799<section> 769<section>
800<title>Building the Server</title> 770<title>Building the Server</title>
801<body> 771<body>
802 772
773<note>
774All commands should be written in one line!! In this document they are
775sometimes wrapped to two lines to make them easier to read.
776</note>
777
803<p> 778<p>
804The following command will install all necessary binaries for setting up an AFS 779If you haven't already done so, the following command will install all
805Server <e>and</e> Client. 780necessary binaries for setting up an AFS Server <e>and</e> Client.
806</p> 781</p>
807 782
808<pre caption="Installing openafs"> 783<pre caption="Installing openafs">
809# <i>emerge net-fs/openafs</i> 784# <i>emerge net-fs/openafs</i>
810</pre> 785</pre>
811 786
812</body> 787</body>
813</section> 788</section>
814<section> 789<section>
815<title>Starting AFS Server</title> 790<title>Starting AFS Server</title>
816<body> 791<body>
817 792
818<p>
819You need to remove the sample CellServDB and ThisCell file first.
820</p> 793<p>
821
822<pre caption="Remove sample files">
823# <i>rm /usr/vice/etc/ThisCell</i>
824# <i>rm /usr/vice/etc/CellServDB</i>
825</pre>
826
827<p>
828Next you will run the <c>bosserver</c> command to initialize the Basic OverSeer 794You need to run the <c>bosserver</c> command to initialize the Basic OverSeer
829(BOS) Server, which monitors and controls other AFS server processes on its 795(BOS) Server, which monitors and controls other AFS server processes on its
830server machine. Think of it as init for the system. Include the <c>-noauth</c> 796server machine. Think of it as init for the system. Include the <c>-noauth</c>
831flag to disable authorization checking, since you haven't added the admin user 797flag to disable authorization checking, since you haven't added the admin user
832yet. 798yet.
833</p> 799</p>
842<pre caption="Initialize the Basic OverSeer Server"> 808<pre caption="Initialize the Basic OverSeer Server">
843# <i>bosserver -noauth &amp;</i> 809# <i>bosserver -noauth &amp;</i>
844</pre> 810</pre>
845 811
846<p> 812<p>
847Verify that the BOS Server created <path>/usr/vice/etc/CellServDB</path> 813Verify that the BOS Server created <path>/etc/openafs/server/CellServDB</path>
848and <path>/usr/vice/etc/ThisCell</path> 814and <path>/etc/openafs/server/ThisCell</path>
849</p> 815</p>
850 816
851<pre caption="Check if CellServDB and ThisCell are created"> 817<pre caption="Check if CellServDB and ThisCell are created">
852# <i>ls -al /usr/vice/etc/</i> 818# <i>ls -al /etc/openafs/server/</i>
853-rw-r--r-- 1 root root 41 Jun 4 22:21 CellServDB 819-rw-r--r-- 1 root root 41 Jun 4 22:21 CellServDB
854-rw-r--r-- 1 root root 7 Jun 4 22:21 ThisCell 820-rw-r--r-- 1 root root 7 Jun 4 22:21 ThisCell
855</pre> 821</pre>
856 822
857</body> 823</body>
858</section> 824</section>
859<section> 825<section>
860<title>Defining Cell Name and Membership for Server Process</title> 826<title>Defining Cell Name and Membership for Server Process</title>
861<body> 827<body>
862 828
892<section> 858<section>
893<title>Starting the Database Server Process</title> 859<title>Starting the Database Server Process</title>
894<body> 860<body>
895 861
896<p> 862<p>
897Next use the <c>bos create</c> command to create entries for the four database 863Next use the <c>bos create</c> command to create entries for the four database
898server processes in the <path>/etc/openafs/BosConfig</path> file. The four 864server processes in the <path>/etc/openafs/BosConfig</path> file. The four
899processes run on database server machines only. 865processes run on database server machines only.
900</p> 866</p>
901 867
902<table> 868<table>
903<tr> 869<tr>
921 <ti> 887 <ti>
922 The Volume Location Server maintains the Volume Location Database (VLDB). 888 The Volume Location Server maintains the Volume Location Database (VLDB).
923 Very important :) 889 Very important :)
924 </ti> 890 </ti>
925</tr> 891</tr>
926</table> 892</table>
927 893
928<pre caption="Create entries for the database processes"> 894<pre caption="Create entries for the database processes">
929# <i>bos create &lt;server name&gt; kaserver simple /usr/libexec/openafs/kaserver -cell &lt;cell name&gt; -noauth</i> 895# <i>bos create &lt;server name&gt; kaserver \
930# <i>bos create &lt;server name&gt; buserver simple /usr/libexec/openafs/buserver -cell &lt;cell name&gt; -noauth</i> 896simple /usr/libexec/openafs/kaserver \
931# <i>bos create &lt;server name&gt; ptserver simple /usr/libexec/openafs/ptserver -cell &lt;cell name&gt; -noauth</i> 897-cell &lt;cell name&gt; -noauth</i>
932# <i>bos create &lt;server name&gt; vlserver simple /usr/libexec/openafs/vlserver -cell &lt;cell name&gt; -noauth</i> 898# <i>bos create &lt;server name&gt; buserver \
899simple /usr/libexec/openafs/buserver \
900-cell &lt;cell name&gt; -noauth</i>
901# <i>bos create &lt;server name&gt; ptserver \
902simple /usr/libexec/openafs/ptserver \
903-cell &lt;cell name&gt; -noauth</i>
904# <i>bos create &lt;server name&gt; \
905vlserver simple /usr/libexec/openafs/vlserver \
906-cell &lt;cell name&gt; -noauth</i>
933</pre> 907</pre>
934 908
935<p> 909<p>
936You can verify that all servers are running with the <c>bos status</c> command: 910You can verify that all servers are running with the <c>bos status</c> command:
937</p> 911</p>
993permit password reuse 967permit password reuse
994ka&gt; 968ka&gt;
995</pre> 969</pre>
996 970
997<p> 971<p>
998Run the <c>bos adduser</c> command, to add the <b>admin</b> user to 972Run the <c>bos adduser</c> command, to add the <b>admin</b> user to
999the <path>/etc/openafs/server/UserList</path>. 973the <path>/etc/openafs/server/UserList</path>.
1000</p> 974</p>
1001 975
1002<pre caption="Add the admin user to the UserList"> 976<pre caption="Add the admin user to the UserList">
1003# <i>bos adduser &lt;server name&gt; admin -cell &lt;cell name&gt; -noauth</i> 977# <i>bos adduser &lt;server name&gt; admin -cell &lt;cell name&gt; -noauth</i>
1004</pre> 978</pre>
1005 979
1006<p> 980<p>
1007Issue the <c>bos addkey</c> command to define the AFS Server 981Issue the <c>bos addkey</c> command to define the AFS Server
1008encryption key in <path>/etc/openafs/server/KeyFile</path> 982encryption key in <path>/etc/openafs/server/KeyFile</path>
1009</p> 983</p>
1010 984
1011<note> 985<note>
1012If asked for the input key, give the password you entered when creating 986If asked for the input key, give the password you entered when creating
1047# <i>pts membership admin -cell &lt;cell name&gt; -noauth</i> 1021# <i>pts membership admin -cell &lt;cell name&gt; -noauth</i>
1048Groups admin (id: 1) is a member of: 1022Groups admin (id: 1) is a member of:
1049system:administrators 1023system:administrators
1050</pre> 1024</pre>
1051 1025
1026</body>
1027</section>
1028<section>
1029<title>Properly (re-)starting the AFS server</title>
1030<body>
1031
1032<p>
1033At this moment, proper authentication is possible, and the OpenAFS server can
1034be started in a normal fashion. Note that authentication also requires a
1035running OpenAFS client (set it up is described in the previous chapter).
1036<!-- Left out because deemed confusing>
1037Continuing without this step is possible, but in that case a quick restart of
1038the server is required, as demonstrated at the end of this section.
1039<-->
1052<p> 1040</p>
1053Restart all AFS Server processes 1041
1042<pre caption="Shutdown bosserver">
1043# <i>bos shutdown &lt;server name&gt; -wait -noauth</i>
1044# <i>killall bosserver</i>
1045</pre>
1046
1047<pre caption="Normal OpenAFS server (and client) startup">
1048# <i>/etc/init.d/openafs-server start</i>
1049# <i>/etc/init.d/openafs-client start</i>
1050</pre>
1051
1052<pre caption="Adding AFS server to the default runlevel">
1053# <i>rc-update add openafs-server default</i>
1054</pre>
1055
1056<pre caption="Getting a token as the admin user">
1057# <i>klog admin</i>
1058</pre>
1059
1060<!-- Left out because deemed confusing>
1061<p>
1062If you chose not to restart OpenAFS without the -noauth flag, you can simply
1063perform the following procedure instead:
1054</p> 1064</p>
1055 1065
1056<pre caption="Restart all AFS server processes"> 1066<pre caption="Restart all AFS server processes">
1057# <i>bos restart &lt;server name&gt; -all -cell &lt;cell name&gt; -noauth</i> 1067# <i>bos restart &lt;server name&gt; -all -cell &lt;cell name&gt; -noauth</i>
1058</pre> 1068</pre>
1069<-->
1059 1070
1060</body> 1071</body>
1061</section> 1072</section>
1062<section> 1073<section>
1063<title>Starting the File Server, Volume Server and Salvager</title> 1074<title>Starting the File Server, Volume Server and Salvager</title>
1064<body> 1075<body>
1065 1076
1066<p> 1077<p>
1067Start the <c>fs</c> process, which consists of the 1078Start the <c>fs</c> process, which consists of the File Server, Volume Server
1068File Server, 1079and Salvager (fileserver, volserver and salvager processes).
1069Volume Server and Salvager (fileserver,
1070volserver and salvager processes).
1071</p> 1080</p>
1072 1081
1073<pre caption="Start the fs process"> 1082<pre caption="Start the fs process">
1074# <i>bos create &lt;server name&gt; fs fs /usr/libexec/openafs/fileserver /usr/libexec/openafs/volserver /usr/libexec/openafs/salvager -cell &lt;cell name&gt; -noauth</i> 1083# <i>bos create &lt;server name&gt; fs \
1084fs /usr/libexec/openafs/fileserver /usr/libexec/openafs/volserver /usr/libexec/openafs/salvager \
1085-cell &lt;cell name&gt; -noauth</i>
1075</pre> 1086</pre>
1076 1087
1077<p> 1088<p>
1078Verify that all processes are running 1089Verify that all processes are running:
1079</p> 1090</p>
1080 1091
1081<pre caption="Check if all processes are running"> 1092<pre caption="Check if all processes are running">
1082# <i>bos status &lt;server name&gt; -long -noauth</i> 1093# <i>bos status &lt;server name&gt; -long -noauth</i>
1083Instance kaserver, (type is simple) currently running normally. 1094Instance kaserver, (type is simple) currently running normally.
1112Your next action depends on whether you have ever run AFS file server machines 1123Your next action depends on whether you have ever run AFS file server machines
1113in the cell. 1124in the cell.
1114</p> 1125</p>
1115 1126
1116<p> 1127<p>
1117If you are installing the first AFS Server ever in the cell create the 1128If you are installing the first AFS Server ever in the cell, create the first
1118first AFS volume, <b>root.afs</b> 1129AFS volume, <b>root.afs</b>
1119</p> 1130</p>
1120 1131
1121<note> 1132<note>
1122For the partition name argument, substitute the name of one of the machine's 1133For the partition name argument, substitute the name of one of the machine's
1123AFS Server partitions. By convention 1134AFS Server partitions. Any filesystem mounted under a directory called
1124these partitions are named <path>/vicepx</path>, where x is in the range of a-z. 1135<path>/vicepx</path>, where x is in the range of a-z, will be considered and
1136used as an AFS Server partition. Any unix filesystem will do (as opposed to the
1137client's cache, which can only be ext2/3). Tip: the server checks for each
1138<path>/vicepx</path> mount point whether a filesystem is mounted there. If not,
1139the server will not attempt to use it. This behaviour can be overridden by
1140putting a file named <path>AlwaysAttach</path> in this directory.
1125</note> 1141</note>
1126 1142
1127<pre caption="Create the root.afs volume"> 1143<pre caption="Create the root.afs volume">
1128# <i>vos create &lt;server name&gt; &lt;partition name&gt; root.afs -cell &lt;cell name&gt; -noauth</i> 1144# <i>vos create &lt;server name&gt; &lt;partition name&gt; root.afs -cell &lt;cell name&gt; -noauth</i>
1129</pre> 1145</pre>
1143name&gt; -noauth</c>. 1159name&gt; -noauth</c>.
1144</p> 1160</p>
1145 1161
1146<pre caption="Synchronise the VLDB"> 1162<pre caption="Synchronise the VLDB">
1147# <i>vos syncvldb &lt;server name&gt; -cell &lt;cell name&gt; -verbose -noauth</i> 1163# <i>vos syncvldb &lt;server name&gt; -cell &lt;cell name&gt; -verbose -noauth</i>
1148# <i>vos syncserv &lt;server name&gt; -cell &lt;cell name&gt; -verbose -noauth</i> 1164# <i>vos syncserv &lt;server name&gt; -cell &lt;cell name&gt; -verbose -noauth</i>
1149</pre> 1165</pre>
1150 1166
1151</body> 1167</body>
1152</section> 1168</section>
1153<section> 1169<section>
1154<title>Starting the Server Portion of the Update Server</title> 1170<title>Starting the Server Portion of the Update Server</title>
1155<body> 1171<body>
1156 1172
1157<pre caption="Start the update server"> 1173<pre caption="Start the update server">
1158# <i>bos create &lt;server name&gt; 1174# <i>bos create &lt;server name&gt; \
1159upserver simple "/usr/libexec/openafs/upserver 1175upserver simple "/usr/libexec/openafs/upserver \
1160-crypt /etc/openafs/server -clear /usr/libexec/openafs" 1176-crypt /etc/openafs/server -clear /usr/libexec/openafs" \
1161-cell &lt;cell name&gt; -noauth</i> 1177-cell &lt;cell name&gt; -noauth</i>
1162</pre> 1178</pre>
1163 1179
1164</body> 1180</body>
1165</section> 1181</section>
1169 1185
1170<p> 1186<p>
1171First you need to set some ACLs, so that any user can lookup 1187First you need to set some ACLs, so that any user can lookup
1172<path>/afs</path>. 1188<path>/afs</path>.
1173</p> 1189</p>
1190
1191<note>
1192The default OpenAFS client configuration has <b>dynroot</b> enabled.
1193This option turns <path>/afs</path> into a virtual directory composed of the
1194contents of your <path>/etc/openafs/CellServDB</path> file. As such, the
1195following command will not work, because it requires a real AFS directory.
1196You can temporarily switch dynroot off by setting <b>ENABLE_DYNROOT</b> to
1197<b>no</b> in <path>/etc/conf.d/openafs-client</path>. Don't forget to issue
1198a client after changing parameters.
1199</note>
1174 1200
1175<pre caption="Set access control lists"> 1201<pre caption="Set access control lists">
1176# <i>fs setacl /afs system:anyuser rl</i> 1202# <i>fs setacl /afs system:anyuser rl</i>
1177</pre> 1203</pre>
1178 1204
1181<path>/afs/&lt;cell name&gt;</path> and read/write on <path>/afs/.&lt;cell 1207<path>/afs/&lt;cell name&gt;</path> and read/write on <path>/afs/.&lt;cell
1182name&gt;</path>. 1208name&gt;</path>.
1183</p> 1209</p>
1184 1210
1185<pre caption="Prepare the root volume"> 1211<pre caption="Prepare the root volume">
1186# <i>vos create &lt;server name&gt;&lt;partition name&gt; root.cell</i> 1212# <i>vos create &lt;server name&gt; &lt;partition name&gt; root.cell</i>
1187# <i>fs mkmount /afs/&lt;cell name&gt; root.cell </i> 1213# <i>fs mkmount /afs/&lt;cell name&gt; root.cell</i>
1188# <i>fs setacl /afs/&lt;cell name&gt; system:anyuser rl</i> 1214# <i>fs setacl /afs/&lt;cell name&gt; system:anyuser rl</i>
1189# <i>fs mkmount /afs/.&lt;cell name&gt; root.cell -rw</i> 1215# <i>fs mkmount /afs/.&lt;cell name&gt; root.cell -rw</i>
1216</pre>
1217
1218<pre caption="Adding volumes underneath">
1219# <i>vos create &lt;server name&gt; &lt;partition name&gt; &lt;myvolume&gt;</i>
1220# <i>fs mkmount /afs/&lt;cell name&gt;/&lt;mymountpoint&gt; &lt;myvolume&gt;</i>
1221# <i>fs mkmount /afs/&lt;cell name&gt;/.&lt;mymountpoint&gt; &lt;myvolume&gt; -rw</i>
1222# <i>fs setquota /afs/&lt;cell name&gt;/.&lt;mymountpoint&gt; -max &lt;quotum&gt;</i>
1190</pre> 1223</pre>
1191 1224
1192<p> 1225<p>
1193Finally you're done!!! You should now have a working AFS file server 1226Finally you're done!!! You should now have a working AFS file server
1194on your local network. Time to get a big 1227on your local network. Time to get a big

Legend:
Removed from v.1.23  
changed lines
  Added in v.1.24

  ViewVC Help
Powered by ViewVC 1.1.20