|o||Fetching files. The Cache Manager contacts the VL Server to learn the location of the volume containing a requested file or directory.|
|o||Creating, viewing, and manipulating protection groups. The pts command interpreter contacts the Protection Server when users create protection groups or request information from the Protection Database.|
|o||Populating the contents of the fake root.afs volume mounted at /afs (or the alternative mount point specified in cacheinfo) when afsd is run in -dynroot mode. The default contents of this directory will match the cells listed in the client CellServDB file.|
|o||Authenticating users. Client-side authentication programs (such as an AFS-modified login utility or the klog command interpreter) contact the Authentication Server to obtain a server ticket, which the AFS server processes accept as proof that the user is authenticated. This only applies to AFS cells using the deprecated Authentication Server instead of Kerberos v5 and aklog.|
If the client attempts to access an AFS cell not listed in CellServDB and afsd was started with the -afsdb option, the Cache Manager will attempt a DNS SRV or AFSDB record lookup and dynamically add the database server locations for that cell based on the result of the DNS query. If the -afsdb option was not used, all AFS cells that will be accessed by a client machine must either be listed in CellServDB or added with the fs newcell command.
The CellServDB file is in ASCII format and must reside in the /usr/local/etc/openafs directory on each AFS client machine. Use a text editor to create and maintain it.
The client version of the CellServDB file is distinct from the server version, which resides in the /usr/local/etc/openafs/server directory on each AFS server machine. The client version lists the database server machines in every AFS cell that the cell administrator wants the machines users to be able to access, whereas the server version lists only the local cells database server machines.
The server version of the CellServDB file lists the local cells database server machines. These machines run the Authentication Server (optional), Backup Server (optional), Protection Server, and Volume Location (VL) Server (the kaserver, buserver, ptserver, and vlserver) processes, which maintain the cells administrative AFS databases. The initial version of the file is created with the bos setcellname command during the installation of the cells server machine, which is automatically recorded as the cells first database server machine. When adding or removing database server machines, be sure to update this file appropriately. It must reside in the /usr/local/etc/openafs/server directory on each AFS server machine. The database server processes, in addition to the usual configuration allowing each to be elected synchronization site and coordinate updates, can be set up as readonly database clone servers. Such servers can never be elected as the synchronization site.
The database server processes consult the CellServDB file to learn about their peers, with which they must maintain constant connections in order to coordinate replication of changes across the multiple copies of each database. The other AFS server processes consult the file to learn which machines to contact for information from the databases when they need it.
Although the server CellServDB file is in ASCII format, do not use a text editor to alter it. Instead always use the appropriate commands from the bos command suite:
In cells that use the Update Server to distribute the contents of the /usr/local/etc/openafs/server directory, it is customary to edit only the copy of the file stored on the system control machine. Otherwise, edit the file on each server machine individually. For instructions on adding and removing database server machine, see the OpenAFS Quick Start chapter on installing additional server machines. Updates to the server CellServDB will trigger reloading the cell server configurations automatically in the AFS server processes.
o The bos addhost command to add a machine to the file. o The bos listhosts command to display the list of machines from the file. o The bos removehost command to remove a machine from the file.
Both CellServDB files have the same format:
No extra blank lines or newline characters are allowed in the file, even after the last entry. Their presence can prevent the Cache Manager from reading the file into kernel memory, resulting in an error message.
o The first line begins at the left margin with the greater-than character (>), followed immediately by the cells name without an intervening space. Optionally, a comment can follow any number of spaces and a octothorpe (#), perhaps to identify the organization associated with the cell. A variant of this allows the definition of a linked cell: after the leading (>) and cell name, a space and a second cell name may be listed before the optional spaces, octothorpe and comment. o Each subsequent line in the entry identifies one of the cells database server machines, with the indicated information in order:
o The database server machines IP address in dotted-decimal format, optionally enclosed in square braces ([)(]) to define a non-voting clone. o One or more spaces. o An octothorpe (#), followed by the machines fully qualified hostname without an intervening space. This number sign does not indicate that the hostname is a comment. It is a required field.
For the client CellServDB, it may be desirable to make the client aware of a cell (so that its listed by default in /afs when the -dynroot flag to afsd is in use, for instance) without specifying the database server machines for that cell. This can be done by including only the cell line (starting with >) and omitting any following database server machine lines. afsd must be configured with the -afsdb option to use DNS SRV or AFSDB record lookups to locate database server machines. If the cell has such records and the client is configured to use them, this configuration wont require updates to the client CellServDB file when the IP addresses of the database server machines change.
grand.central.org maintains a list of the database server machines in all cells that have registered themselves as receptive to access from foreign cells. When a cells administrators change its database server machines, it is customary to register the change with grand.central.org for inclusion in this file. The file conforms to the required CellServDB format, and so is a suitable basis for the CellServDB file on a client machine. You can download this file from <http://grand.central.org/>.
The following example shows entries for two cells in a client CellServDB file and illustrates the required format.
>abc.com # ABC Corporation 220.127.116.11 #db1.abc.com 18.104.22.168 #db2.abc.com [22.214.171.124] #db3.abc.com >test.abc.com abc.com # ABC Corporation Test Cell 126.96.36.199 #testdb1.abc.com 188.8.131.52 #testdb2.abc.com
afsd(8), bos_addhost(8), bos_listhosts(8), bos_removehost(8), bos_setcellname(8), buserver(8), fs_newcell(1), kaserver(8), klog(1), ptserver(8), vlserver(8), upclient(8), upserver(8)
OpenAFS Quick Start
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.