AFS Distributed Filesystem
What is AFS ?
-
AFS is a distributed filesystem that enables co-operating hosts (clients
and servers) to efficiently share filesystem resources across both local
area and wide area networks.
-
AFS is marketed, maintained, and extended by Transarc Corporation.
-
AFS is based on a distributed file system originally developed at the Information
Technology Center at Carnegie-Mellon University that was called the "Andrew
File System".
-
An AFS cell is a collection of servers grouped together administratively
and presenting a single, cohesive filesystem. Typically, an AFS cell
is a set of hosts that use the same Internet domain name.
-
Users log into AFS client workstations which request information and files
from the cell's servers on behalf of the users.
-
The main strengths of AFS are its:
-
caching facility
-
security features
-
simplicity of addressing
-
scalability
-
communications protocol
-
Cache Manager
-
AFS client machines run a Cache Manager process. The Cache Manager maintains
information about the identities of the users logged into the machine,
finds and requests data on their behalf, and keeps chunks of retrieved
files on local disk.
-
The effect of this is that as soon as a remote file is accessed a chunk
of that file gets copied to local disk and so subsequent accesses (warm
reads) are almost as fast as to local disk and considerably faster than
a cold read (across the network).
-
Location independence
-
Unlike NFS, which makes use of /etc/filesystems (on a client) to map (mount)
between a local directory name and a remote filesystem, AFS does its mapping
(filename to location) at the server. This has the advantage of making
the served filespace location independent.
-
Location independence means that a user does not need to know which fileserver
holds the file, the user only needs to know the pathname of a file - the
user does need to know the name of the AFS cell to which the file belongs.
-
Scalability
-
An architectural goal of the AFS designers was client/server ratios of
200:1 - recommend 50:1
-
AFS cells can range from the small (1 server/client) to the massive (with
tens of servers and thousands of clients).
-
Cells can be dynamic: it is simple to add new fileservers or clients and
grow the computing resources to meet new user requirements.
-
Security
-
AFS makes use of Kerberos to authenticate users. This improves security
for several reasons:
- Passwords do not pass across the network in plaintext
- Encrypted passwords no longer need to be visible
- No need NIS, to distribute /etc/passwd - thus "ypcat passwd" can
be eliminated.
- AFS uses mutual authentication - both the service provider and service
requester prove their identities
-
AFS uses access control lists (ACLs) to enable users to restrict access
to their own directories.
-
Single systems image (SSI) - establishing the same view of filestore from
each client and server in a network of systems (that comprise an AFS cell).
-
Replicated AFS volumes - AFS files are stored in structures called Volumes.
These volumes reside on the disks of the AFS file server machines.
Volumes containing frequently accessed data can be read-only replicated
on several servers.
Last Updated: 5th September 1997 by Mark
Baker